Olimpo Informatico

cettyprinci

qesto è il risultato di una scansione online, premesso che non riesco a caricare antivirus..... Crying or Very sad

KASPERSKY ONLINE SCANNER REPORT
Thursday, January 31, 2008 6:44:29 AM
Operating System: Microsoft Windows Vista Home Edition, (Build 6000)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 30/01/2008
Kaspersky Anti-Virus database records: 537894

Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
C:\
D:\
E:\
F:\
G:\

Scan Statistics
Total number of scanned objects 96313
Number of viruses found 4
Number of infected objects 7
Number of suspicious objects 0
Duration of the scan process 08:36:08

Infected Object Name Virus Name Last Action
C:\boot\bcd Object is locked skipped

C:\boot\BCD.LOG Object is locked skipped

C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe -startup Infected: Trojan-Downloader.Win32.Bagle.ik skipped

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bbb78300220bcb9b83c3dbaf43e6cd3b_3c1659c2-0f4e-42b8-b8cf-581af98a19d1 Object is locked skipped

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bbb78300220bcb9b83c3dbaf43e6cd3b_aec67b79-327d-4daf-ac20-61505f803475 Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\tracking.log Object is locked skipped

C:\System.sav\Util\App.Evt Object is locked skipped

C:\System.sav\Util\CMa.Evt Object is locked skipped

C:\System.sav\Util\Sec.Evt Object is locked skipped

C:\System.sav\Util\Sys.Evt Object is locked skipped

C:\Users\Sampognaro\AppData\Local\Microsoft\Feeds Cache\index.dat Object is locked skipped

C:\Users\Sampognaro\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped

C:\Users\Sampognaro\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped

C:\Users\Sampognaro\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012008013020080131\index.dat Object is locked skipped

C:\Users\Sampognaro\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat Object is locked skipped

C:\Users\Sampognaro\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012008013020080131\index.dat Object is locked skipped

C:\Users\Sampognaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Users\Sampognaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat Object is locked skipped

C:\Users\Sampognaro\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Users\Sampognaro\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped

C:\Users\Sampognaro\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped

C:\Users\Sampognaro\AppData\Local\Microsoft\Windows\UsrClass.dat{e14bd90d-72a3-11dc-8509-001a4b5961d8}.TM.blf Object is locked skipped

C:\Users\Sampognaro\AppData\Local\Microsoft\Windows\UsrClass.dat{e14bd90d-72a3-11dc-8509-001a4b5961d8}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped

C:\Users\Sampognaro\AppData\Local\Microsoft\Windows\UsrClass.dat{e14bd90d-72a3-11dc-8509-001a4b5961d8}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped

C:\Users\Sampognaro\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\6415b513-6dc9174d/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped

C:\Users\Sampognaro\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\6415b513-6dc9174d ZIP: infected - 1 skipped

C:\Users\Sampognaro\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\60b721a5-1e21c59e/NewSecurityClassLoader.class Infected: Exploit.Java.ByteVerify skipped

C:\Users\Sampognaro\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\60b721a5-1e21c59e/NewURLClassLoader.class Infected: Exploit.Java.ByteVerify skipped

C:\Users\Sampognaro\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\60b721a5-1e21c59e ZIP: infected - 2 skipped

C:\Users\Sampognaro\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped

C:\Users\Sampognaro\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat Object is locked skipped

C:\Users\Sampognaro\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is locked skipped

C:\Users\Sampognaro\ntuser.dat Object is locked skipped

C:\Users\Sampognaro\ntuser.dat.LOG1 Object is locked skipped

C:\Users\Sampognaro\ntuser.dat.LOG2 Object is locked skipped

C:\Users\Sampognaro\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf Object is locked skipped

C:\Users\Sampognaro\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped

C:\Users\Sampognaro\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped

C:\Windows\bthservsdp.dat Object is locked skipped

C:\Windows\Debug\PASSWD.LOG Object is locked skipped

C:\Windows\Debug\sam.log Object is locked skipped

C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped

C:\Windows\Installer\MSI1019.tmp Object is locked skipped

C:\Windows\Logs\CBS\CBS.log Object is locked skipped

C:\Windows\Logs\CBS\CBS.persist.log Object is locked skipped

C:\Windows\Logs\DPX\setupact.log Object is locked skipped

C:\Windows\Logs\DPX\setuperr.log Object is locked skipped

C:\Windows\MEMORY.DMP Object is locked skipped

C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config Object is locked skipped

C:\Windows\Panther\UnattendGC\diagerr.xml Object is locked skipped

C:\Windows\Panther\UnattendGC\diagwrn.xml Object is locked skipped

C:\Windows\Panther\UnattendGC\setupact.log Object is locked skipped

C:\Windows\Panther\UnattendGC\setuperr.log Object is locked skipped

C:\Windows\security\database\secedit.sdb Object is locked skipped

C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped

C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped

C:\Windows\System32\catroot2\edb.log Object is locked skipped

C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped

C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped

C:\Windows\System32\config\components Object is locked skipped

C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped

C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped

C:\Windows\System32\config\default Object is locked skipped

C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped

C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped

C:\Windows\System32\config\sam Object is locked skipped

C:\Windows\System32\config\SAM.LOG1 Object is locked skipped

C:\Windows\System32\config\SAM.LOG2 Object is locked skipped

C:\Windows\System32\config\security Object is locked skipped

C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped

C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped

C:\Windows\System32\config\software Object is locked skipped

C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped

C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped

C:\Windows\System32\config\system Object is locked skipped

C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped

C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped

C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped

C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped

C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped

C:\Windows\System32\LogFiles\Firewall\pfirewall.log Object is locked skipped

C:\Windows\System32\LogFiles\Firewall\pfirewall.log.old Object is locked skipped

C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped

C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped

C:\Windows\System32\mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped

C:\Windows\System32\ntkrnlpa.exe Object is locked skipped

C:\Windows\System32\restore\MachineGuid.txt Object is locked skipped

C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped

C:\Windows\System32\sysprep\Panther\diagerr.xml Object is locked skipped

C:\Windows\System32\sysprep\Panther\diagwrn.xml Object is locked skipped

C:\Windows\System32\sysprep\Panther\setupact.log Object is locked skipped

C:\Windows\System32\sysprep\Panther\setuperr.log Object is locked skipped

C:\Windows\System32\wbem\AutoRecover\2B8B1A8B0ACD3EE28B421D3918DC1F29.mof Object is locked skipped

C:\Windows\System32\wbem\AutoRecover\3460B7617E0429A960E481B197F238A3.mof Object is locked skipped

C:\Windows\System32\wbem\AutoRecover\E478A5DB75C9721E744C05D78DBACFD3.mof Object is locked skipped

C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped

C:\Windows\System32\wbem\repository\INDEX.BTR Object is locked skipped

C:\Windows\System32\wbem\repository\MAPPING1.MAP Object is locked skipped

C:\Windows\System32\wbem\repository\MAPPING2.MAP Object is locked skipped

C:\Windows\System32\wbem\repository\OBJECTS.DATA Object is locked skipped

C:\Windows\System32\winevt\Logs\Antivirus.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Credential Manager.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-CorruptedFileRecovery-Client%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-CorruptedFileRecovery-Server%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-DateTimeControlPanel%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-MSDT%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-PLA%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnostic%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticResolver%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Forwarding%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Help%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WDI%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-MeetingSpace%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-MemoryDiagnostics-Results%4Debug.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteAssistance%4Admin.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteAssistance%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winlogon%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Wired-AutoConfig%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\ODiag.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\OSession.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\Setup.evtx Object is locked skipped

C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped

C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped

C:\Windows\Tasks\Verifica aggiornamenti per Windows Live Toolbar.job Object is locked skipped

C:\Windows\WindowsUpdate.log Object is locked skipped

C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16386_none_cef7ceb03914a67f\dnary.xsd Object is locked skipped

C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16386_none_69f99fa4b7380194\ntkrnlpa.exe Object is locked skipped

C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16514_none_6a435250b701059d\ntkrnlpa.exe Object is locked skipped

C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16551_none_6a1511c2b724295c\ntkrnlpa.exe Object is locked skipped

C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16575_none_6a037312b730c69a\ntkrnlpa.exe Object is locked skipped

C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20629_none_6ac720a1d022400b\ntkrnlpa.exe Object is locked skipped

C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20670_none_6a880e6bd052e7b1\ntkrnlpa.exe Object is locked skipped

C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20697_none_6a797099d05cd0f4\ntkrnlpa.exe Object is locked skipped

F:\Windows\System32\ntkrnlpa.exe Object is locked skipped

F:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16386_none_69f99fa4b7380194\ntkrnlpa.exe Object is locked skipped

Scan process completed.

Sante62 · Dio maturo Registrato: 27/06/07 17:55 Messaggi: 3477 Residenza: Floridia

Ciao cettyprinci Ciao

e benvenuta..
Guarda
questa discussione scarica e fai la scansione con Elibagla.
Posta quì il risultato. Guarda anche questa discussione
relativa a Combofix, e fai la scansione del PC postando il risultato come indicato, con un log aggiornato di Hijackthis. Per scaricarlo guarda questa discussione

cettyprinci · Inviato: 01 Feb 2008 08:27 Oggetto:

Questo è ciò che è uscito fori dopo aver letto le discussioni che mi avevi indicato, ancora non ho fatto le altre perchè con il mio lavoro ho poco tempo grazie invierò gli altri risultati Crying or Very sad

SmitFraudFix v2.277

Scan done at 22.57.37,15, 31/01/2008
Run from C:\Windows\System32\SmitfraudFix
OS: Microsoft Windows [Versione 6.0.6000] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

Sante62 · Inviato: 01 Feb 2008 13:33 Oggetto:

Adesso fai le scansioni con ElibAgla e Combofix..

cettyprinci · Inviato: 06 Feb 2008 08:04 Oggetto: mi avete abbandonata....

qesto è il risultato dopo che ho cercato di fare qello che mi avete consigliato ma ci sono programmi come vg che non riesco afar funzionare mi dà sempre errore questa è l'ultima scansione con hijiakthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7.00.30, on 06/02/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
c:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Sampognaro\Desktop\HiJackThis.exe

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BDWizReg] "C:\Program Files\BitDefender\BitDefender 2008\bdwizreg.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpyClean] C:\Program Files\Netcom3 Cleaner\SpyClean.exe
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\Program Files\a-squared Free\a2service.exe (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NetCom3 Service (Netcom3) - Unknown owner - C:\Program Files\Netcom3 Cleaner\PSCMonitor.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 4000 bytes

bdoriano · Inviato: 06 Feb 2008 09:37 Oggetto:

cettyprinci · Inviato: 07 Feb 2008 08:16 Oggetto: virus

questo è il log uscito fuori dalla scansione con combofix per favore aiutatemi:
ComboFix 08-02.05.3 - Sampognaro 2008-02-06 23.38.18.1 - NTFSx86
Microsoft® Windows Vista? Home Basic 6.0.6000.0.1252.1.1040.18.370 [GMT 1:00]
Eseguito da: C:\Users\Sampognaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HBRP7V9L\ComboFix[1].exe
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\drivers\srosa.sys
C:\Windows\system32\koos.exe
C:\Windows\system32\kprof
C:\Windows\system32\mdelk.exe
C:\Windows\system32\poof
C:\PROGRA~2\Microsoft\Network\Downloader\qmgr0.dat
C:\PROGRA~2\Microsoft\Network\Downloader\qmgr1.dat
C:\Program Files\Temporary
C:\Program Files\WinAble
C:\Windows\system32\c3
C:\Windows\system32\drivers\down
C:\Windows\system32\drivers\down\116220.exe
C:\Windows\system32\drivers\down\117531.exe
C:\Windows\system32\drivers\down\118747.exe
C:\Windows\system32\drivers\down\121087.exe
C:\Windows\system32\drivers\down\122803.exe
C:\Windows\system32\drivers\down\122850.exe
C:\Windows\system32\drivers\down\124036.exe
C:\Windows\system32\drivers\down\126282.exe
C:\Windows\system32\drivers\down\129761.exe
C:\Windows\system32\drivers\down\137405.exe
C:\Windows\system32\drivers\down\143864.exe
C:\Windows\system32\drivers\down\14840515.exe
C:\Windows\system32\drivers\down\14872027.exe
C:\Windows\system32\drivers\down\14872823.exe
C:\Windows\system32\drivers\down\14874414.exe
C:\Windows\system32\drivers\down\14885162.exe
C:\Windows\system32\drivers\down\14900232.exe
C:\Windows\system32\drivers\down\14916878.exe
C:\Windows\system32\drivers\down\14936378.exe
C:\Windows\system32\drivers\down\14936471.exe
C:\Windows\system32\drivers\down\14954099.exe
C:\Windows\system32\drivers\down\14974083.exe
C:\Windows\system32\drivers\down\14992959.exe
C:\Windows\system32\drivers\down\14993100.exe
C:\Windows\system32\drivers\down\14994098.exe
C:\Windows\system32\drivers\down\15004472.exe
C:\Windows\system32\drivers\down\15005080.exe
C:\Windows\system32\drivers\down\15008887.exe
C:\Windows\system32\drivers\down\15017139.exe
C:\Windows\system32\drivers\down\15022521.exe
C:\Windows\system32\drivers\down\15029885.exe
C:\Windows\system32\drivers\down\15032942.exe
C:\Windows\system32\drivers\down\15033114.exe
C:\Windows\system32\drivers\down\15035828.exe
C:\Windows\system32\drivers\down\15037404.exe
C:\Windows\system32\drivers\down\15041819.exe
C:\Windows\system32\drivers\down\15043675.exe
C:\Windows\system32\drivers\down\15049993.exe
C:\Windows\system32\drivers\down\15053566.exe
C:\Windows\system32\drivers\down\15054018.exe
C:\Windows\system32\drivers\down\15054408.exe
C:\Windows\system32\drivers\down\15055032.exe
C:\Windows\system32\drivers\down\15058745.exe
C:\Windows\system32\drivers\down\15060383.exe
C:\Windows\system32\drivers\down\15064096.exe
C:\Windows\system32\drivers\down\15074548.exe
C:\Windows\system32\drivers\down\15076482.exe
C:\Windows\system32\drivers\down\15077761.exe
C:\Windows\system32\drivers\down\15083081.exe
C:\Windows\system32\drivers\down\15089493.exe
C:\Windows\system32\drivers\down\15092488.exe
C:\Windows\system32\drivers\down\15095998.exe
C:\Windows\system32\drivers\down\15098946.exe
C:\Windows\system32\drivers\down\15108509.exe
C:\Windows\system32\drivers\down\15136792.exe
C:\Windows\system32\drivers\down\15143797.exe
C:\Windows\system32\drivers\down\15153188.exe
C:\Windows\system32\drivers\down\152849.exe
C:\Windows\system32\drivers\down\156983.exe
C:\Windows\system32\drivers\down\163262674.exe
C:\Windows\system32\drivers\down\163272580.exe
C:\Windows\system32\drivers\down\163273828.exe
C:\Windows\system32\drivers\down\163284889.exe
C:\Windows\system32\drivers\down\163289569.exe
C:\Windows\system32\drivers\down\163295294.exe
C:\Windows\system32\drivers\down\163315278.exe
C:\Windows\system32\drivers\down\163319412.exe
C:\Windows\system32\drivers\down\163320129.exe
C:\Windows\system32\drivers\down\163330410.exe
C:\Windows\system32\drivers\down\163334528.exe
C:\Windows\system32\drivers\down\163337461.exe
C:\Windows\system32\drivers\down\163341112.exe
C:\Windows\system32\drivers\down\163344247.exe
C:\Windows\system32\drivers\down\168683.exe
C:\Windows\system32\drivers\down\170618.exe
C:\Windows\system32\drivers\down\171055.exe
C:\Windows\system32\drivers\down\174377.exe
C:\Windows\system32\drivers\down\174643.exe
C:\Windows\system32\drivers\down\178231.exe
C:\Windows\system32\drivers\down\181803.exe
C:\Windows\system32\drivers\down\182895.exe
C:\Windows\system32\drivers\down\186046.exe
C:\Windows\system32\drivers\down\194080.exe
C:\Windows\system32\drivers\down\199119.exe
C:\Windows\system32\drivers\down\204267.exe
C:\Windows\system32\drivers\down\207387.exe
C:\Windows\system32\drivers\down\212691.exe
C:\Windows\system32\drivers\down\217012.exe
C:\Windows\system32\drivers\down\221989.exe
C:\Windows\system32\drivers\down\224235.exe
C:\Windows\system32\drivers\down\224891.exe
C:\Windows\system32\drivers\down\227371.exe
C:\Windows\system32\drivers\down\231443.exe
C:\Windows\system32\drivers\down\234001.exe
C:\Windows\system32\drivers\down\234251.exe
C:\Windows\system32\drivers\down\240085.exe
C:\Windows\system32\drivers\down\241349.exe
C:\Windows\system32\drivers\down\242129.exe
C:\Windows\system32\drivers\down\243564.exe
C:\Windows\system32\drivers\down\254172.exe
C:\Windows\system32\drivers\down\255248.exe
C:\Windows\system32\drivers\down\258103.exe
C:\Windows\system32\drivers\down\265201.exe
C:\Windows\system32\drivers\down\266231.exe
C:\Windows\system32\drivers\down\267338.exe
C:\Windows\system32\drivers\down\268384.exe
C:\Windows\system32\drivers\down\269834.exe
C:\Windows\system32\drivers\down\272892.exe
C:\Windows\system32\drivers\down\280723.exe
C:\Windows\system32\drivers\down\283219.exe
C:\Windows\system32\drivers\down\283641.exe
C:\Windows\system32\drivers\down\284608.exe
C:\Windows\system32\drivers\down\287088.exe
C:\Windows\system32\drivers\down\288211.exe
C:\Windows\system32\drivers\down\293453.exe
C:\Windows\system32\drivers\down\295200.exe
C:\Windows\system32\drivers\down\295372.exe
C:\Windows\system32\drivers\down\29542346.exe
C:\Windows\system32\drivers\down\295528.exe
C:\Windows\system32\drivers\down\29554545.exe
C:\Windows\system32\drivers\down\29559022.exe
C:\Windows\system32\drivers\down\29561362.exe
C:\Windows\system32\drivers\down\29578273.exe
C:\Windows\system32\drivers\down\29580316.exe
C:\Windows\system32\drivers\down\29616571.exe
C:\Windows\system32\drivers\down\29638161.exe
C:\Windows\system32\drivers\down\29639753.exe
C:\Windows\system32\drivers\down\296635.exe
C:\Windows\system32\drivers\down\29668722.exe
C:\Windows\system32\drivers\down\29677833.exe
C:\Windows\system32\drivers\down\29685227.exe
C:\Windows\system32\drivers\down\29691966.exe
C:\Windows\system32\drivers\down\29692247.exe
C:\Windows\system32\drivers\down\29696787.exe
C:\Windows\system32\drivers\down\29721903.exe
C:\Windows\system32\drivers\down\29733447.exe
C:\Windows\system32\drivers\down\29741465.exe
C:\Windows\system32\drivers\down\29745131.exe
C:\Windows\system32\drivers\down\29748111.exe
C:\Windows\system32\drivers\down\29756629.exe
C:\Windows\system32\drivers\down\29779873.exe
C:\Windows\system32\drivers\down\29780310.exe
C:\Windows\system32\drivers\down\29785161.exe
C:\Windows\system32\drivers\down\29791432.exe
C:\Windows\system32\drivers\down\29795613.exe
C:\Windows\system32\drivers\down\29797251.exe
C:\Windows\system32\drivers\down\29799030.exe
C:\Windows\system32\drivers\down\29800028.exe
C:\Windows\system32\drivers\down\29801292.exe
C:\Windows\system32\drivers\down\29807251.exe
C:\Windows\system32\drivers\down\29809731.exe
C:\Windows\system32\drivers\down\29810589.exe
C:\Windows\system32\drivers\down\29814146.exe
C:\Windows\system32\drivers\down\29823179.exe
C:\Windows\system32\drivers\down\29852881.exe
C:\Windows\system32\drivers\down\29853521.exe
C:\Windows\system32\drivers\down\298554.exe
C:\Windows\system32\drivers\down\29861118.exe
C:\Windows\system32\drivers\down\29862070.exe
C:\Windows\system32\drivers\down\29865861.exe
C:\Windows\system32\drivers\down\29866578.exe
C:\Windows\system32\drivers\down\29871882.exe
C:\Windows\system32\drivers\down\29873988.exe
C:\Windows\system32\drivers\down\29882412.exe
C:\Windows\system32\drivers\down\29886531.exe
C:\Windows\system32\drivers\down\29935109.exe
C:\Windows\system32\drivers\down\29941693.exe
C:\Windows\system32\drivers\down\29948198.exe
C:\Windows\system32\drivers\down\301019.exe
C:\Windows\system32\drivers\down\301097.exe
C:\Windows\system32\drivers\down\304747.exe
C:\Windows\system32\drivers\down\304857.exe
C:\Windows\system32\drivers\down\305059.exe
C:\Windows\system32\drivers\down\310909.exe
C:\Windows\system32\drivers\down\315558.exe
C:\Windows\system32\drivers\down\315683.exe
C:\Windows\system32\drivers\down\316260.exe
C:\Windows\system32\drivers\down\316276.exe
C:\Windows\system32\drivers\down\317259.exe
C:\Windows\system32\drivers\down\324700.exe
C:\Windows\system32\drivers\down\326463.exe
C:\Windows\system32\drivers\down\328226.exe
C:\Windows\system32\drivers\down\331923.exe
C:\Windows\system32\drivers\down\333124.exe
C:\Windows\system32\drivers\down\334762.exe
C:\Windows\system32\drivers\down\335979.exe
C:\Windows\system32\drivers\down\337102.exe
C:\Windows\system32\drivers\down\345464.exe
C:\Windows\system32\drivers\down\349395.exe
C:\Windows\system32\drivers\down\350409.exe
C:\Windows\system32\drivers\down\351329.exe
C:\Windows\system32\drivers\down\352780.exe
C:\Windows\system32\drivers\down\355869.exe
C:\Windows\system32\drivers\down\364075.exe
C:\Windows\system32\drivers\down\365463.exe
C:\Windows\system32\drivers\down\367631.exe
C:\Windows\system32\drivers\down\368318.exe
C:\Windows\system32\drivers\down\370471.exe
C:\Windows\system32\drivers\down\372187.exe
C:\Windows\system32\drivers\down\374714.exe
C:\Windows\system32\drivers\down\374917.exe
C:\Windows\system32\drivers\down\380065.exe
C:\Windows\system32\drivers\down\382561.exe
C:\Windows\system32\drivers\down\388099.exe
C:\Windows\system32\drivers\down\391266.exe
C:\Windows\system32\drivers\down\393060.exe
C:\Windows\system32\drivers\down\394308.exe
C:\Windows\system32\drivers\down\397100.exe
C:\Windows\system32\drivers\down\400033.exe
C:\Windows\system32\drivers\down\400969.exe
C:\Windows\system32\drivers\down\404058.exe
C:\Windows\system32\drivers\down\405680.exe
C:\Windows\system32\drivers\down\406179.exe
C:\Windows\system32\drivers\down\415383.exe
C:\Windows\system32\drivers\down\416600.exe
C:\Windows\system32\drivers\down\417224.exe
C:\Windows\system32\drivers\down\422653.exe
C:\Windows\system32\drivers\down\424119.exe
C:\Windows\system32\drivers\down\424369.exe
C:\Windows\system32\drivers\down\430796.exe
C:\Windows\system32\drivers\down\433214.exe
C:\Windows\system32\drivers\down\437926.exe
C:\Windows\system32\drivers\down\441264.exe
C:\Windows\system32\drivers\down\444743.exe
C:\Windows\system32\drivers\down\447988.exe
C:\Windows\system32\drivers\down\456926.exe
C:\Windows\system32\drivers\down\465631.exe
C:\Windows\system32\drivers\down\469516.exe
C:\Windows\system32\drivers\down\470920.exe
C:\Windows\system32\drivers\down\471965.exe
C:\Windows\system32\drivers\down\473291.exe
C:\Windows\system32\drivers\down\473665.exe
C:\Windows\system32\drivers\down\477035.exe
C:\Windows\system32\drivers\down\480576.exe
C:\Windows\system32\drivers\down\491356.exe
C:\Windows\system32\drivers\down\492526.exe
C:\Windows\system32\drivers\down\502276.exe
C:\Windows\system32\drivers\down\506301.exe
C:\Windows\system32\drivers\down\534740.exe
C:\Windows\system32\drivers\down\563865.exe
C:\Windows\system32\drivers\down\573880.exe
C:\Windows\system32\drivers\down\77626.exe
C:\Windows\system32\drivers\down\82742.exe
C:\Windows\system32\drivers\down\83351.exe
C:\Windows\system32\drivers\down\86018.exe
C:\Windows\system32\drivers\down\87032.exe
C:\Windows\system32\drivers\down\88218.exe
C:\Windows\system32\drivers\down\92836.exe
C:\Windows\system32\drivers\down\94536.exe
C:\Windows\system32\drivers\down\95909.exe
C:\Windows\system32\drivers\srosa.sys
C:\Windows\system32\m4
C:\Windows\system32\mdelk.exe
C:\Windows\system32\pac.txt
C:\Windows\system32\rMa05yy
C:\Windows\system32\x64
F:\Autorun.inf

----- BITS: Possible infected sites -----

hxxp://www.download.windowsupdate.com
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_IDSVIX86
-------\LEGACY_SROSA
-------\srosa

((((((((((((((((((((((((( Files Creati Da 2008-01-06 al 2008-02-06 )))))))))))))))))))))))))))))))))))
.

2008-02-03 13:04 . 2008-02-03 13:04 <DIR> d-------- C:\Program Files\Eset
2008-02-03 12:18 . 2008-02-03 12:44 <DIR> d-------- C:\Users\All Users\Grisoft
2008-02-03 12:18 . 2008-02-03 12:44 <DIR> d-------- C:\PROGRA~2\Grisoft
2008-02-03 12:18 . 2007-05-30 13:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
2008-02-03 12:00 . 2008-02-03 12:17 <DIR> d-------- C:\Program Files\Eusing Free Registry Cleaner
2008-02-03 11:55 . 2008-02-03 11:55 <DIR> d-------- C:\Users\Sampognaro\AppData\Roaming\Bitdefender
2008-02-03 11:55 . 2008-02-03 11:55 <DIR> d-------- C:\Users\SAMPOG~1\AppData\Roaming\Bitdefender
2008-02-03 11:47 . 2008-02-03 11:47 <DIR> d-------- C:\Users\All Users\BitDefender
2008-02-03 11:47 . 2008-02-03 11:47 <DIR> d-------- C:\Program Files\BitDefender
2008-02-03 11:47 . 2008-02-03 11:47 <DIR> d-------- C:\PROGRA~2\BitDefender
2008-02-03 11:45 . 2008-02-03 11:47 <DIR> d-------- C:\Program Files\Common Files\BitDefender
2008-02-03 10:41 . 2008-02-03 10:42 <DIR> d-------- C:\Users\All Users\Lavasoft
2008-02-03 10:41 . 2008-02-03 10:41 <DIR> d-------- C:\Program Files\Lavasoft
2008-02-03 10:41 . 2008-02-03 10:42 <DIR> d-------- C:\PROGRA~2\Lavasoft
2008-02-03 10:26 . 2008-02-03 10:26 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-03 10:19 . 2008-02-03 10:19 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-02-01 07:32 . 2007-10-18 08:55 188,416 --a------ C:\Windows\System32\igfxres.dll
2008-01-31 22:58 . 2008-01-31 22:58 1,710 --a------ C:\Windows\System32\tmp.reg
2008-01-31 22:55 . 2008-02-03 10:51 <DIR> d-------- C:\Windows\System32\SmitfraudFix
2008-01-31 22:55 . 2007-09-05 23:22 289,144 --a------ C:\Windows\System32\VCCLSID.exe
2008-01-31 22:55 . 2006-04-27 16:49 288,417 --a------ C:\Windows\System32\SrchSTS.exe
2008-01-31 22:55 . 2008-01-27 14:37 81,920 --a------ C:\Windows\System32\IEDFix.exe
2008-01-31 22:55 . 2004-07-31 17:50 51,200 --a------ C:\Windows\System32\dumphive.exe
2008-01-31 22:55 . 2007-10-03 23:36 25,600 --a------ C:\Windows\System32\WS2Fix.exe
2008-01-31 22:45 . 2008-01-31 22:45 <DIR> d-------- C:\Program Files\RogueRemover FREE
2008-01-30 08:19 . 2008-01-30 08:19 <DIR> d-------- C:\KAV
2008-01-29 23:32 . 2008-01-29 23:35 <DIR> d-------- C:\VEXPLITE
2008-01-29 22:05 . 2008-01-31 21:50 <DIR> d-------- C:\Program Files\NoAdware5.0
2008-01-29 22:05 . 2008-01-29 22:05 229,888 --a------ C:\Windows\System32\msshsq.dll
2008-01-29 07:23 . 2008-01-30 14:21 292,896 --ahs---- C:\Windows\System32\drivers\fidbox.dat
2008-01-29 07:23 . 2008-01-30 14:21 2,684 --ahs---- C:\Windows\System32\drivers\fidbox.idx
2008-01-28 23:51 . 2008-01-30 08:26 <DIR> d-------- C:\Users\All Users\Kaspersky Lab
2008-01-28 23:51 . 2008-01-30 08:26 <DIR> d-------- C:\PROGRA~2\Kaspersky Lab
2008-01-28 21:16 . 2008-02-06 23:49 <DIR> d-a------ C:\Users\All Users\TEMP
2008-01-28 21:16 . 2008-02-06 23:49 <DIR> d-a------ C:\PROGRA~2\TEMP
2008-01-28 21:13 . 2008-01-28 21:13 <DIR> d-------- C:\Users\Sampognaro\AppData\Roaming\PC Tools
2008-01-28 21:13 . 2008-01-28 21:13 <DIR> d-------- C:\Users\SAMPOG~1\AppData\Roaming\PC Tools
2008-01-28 21:13 . 2008-01-31 21:59 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-01-28 21:13 . 2007-12-10 14:53 81,288 --a------ C:\Windows\System32\drivers\iksyssec.sys
2008-01-28 21:13 . 2007-12-10 14:53 66,952 --a------ C:\Windows\System32\drivers\iksysflt.sys
2008-01-28 21:13 . 2007-12-10 14:53 41,864 --a------ C:\Windows\System32\drivers\ikfilesec.sys
2008-01-28 21:13 . 2007-12-10 14:53 29,576 --a------ C:\Windows\System32\drivers\kcom.sys
2008-01-27 11:25 . 2008-01-27 11:25 <DIR> d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-01-27 11:25 . 2008-01-27 11:25 <DIR> d-------- C:\PROGRA~2\SUPERAntiSpyware.com
2008-01-27 11:24 . 2008-01-31 21:53 <DIR> d-------- C:\Users\Sampognaro\AppData\Roaming\SUPERAntiSpyware.com
2008-01-27 11:24 . 2008-01-31 21:53 <DIR> d-------- C:\Users\SAMPOG~1\AppData\Roaming\SUPERAntiSpyware.com
2008-01-27 09:09 . 2008-01-27 09:09 <DIR> d-------- C:\Windows\System32\Kaspersky Lab
2008-01-26 08:55 . 2008-02-03 10:33 <DIR> d--h----- C:\Windows\msdownld.tmp
2008-01-26 07:57 . 2008-01-26 07:57 <DIR> dr------- C:\Windows\System32\config\systemprofile\Documents
2008-01-26 07:56 . 2008-01-28 21:53 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-25 23:02 . 2008-01-25 23:02 <DIR> d-------- C:\Users\Sampognaro\AppData\Roaming\Uniblue
2008-01-25 23:02 . 2008-01-25 23:02 <DIR> d-------- C:\Users\SAMPOG~1\AppData\Roaming\Uniblue
2008-01-24 08:50 . 2008-01-24 08:51 <DIR> d-------- C:\Program Files\Symantec
2008-01-24 08:32 . 2008-01-24 08:32 <DIR> d-------- C:\Users\Sampognaro\AppData\Roaming\InstallShield
2008-01-24 08:32 . 2008-01-24 08:32 <DIR> d-------- C:\Users\SAMPOG~1\AppData\Roaming\InstallShield
2008-01-24 08:28 . 2008-01-24 08:28 <DIR> d-------- C:\Users\Sampognaro\AppData\Roaming\Hewlett Packard
2008-01-24 08:28 . 2008-01-24 08:28 <DIR> d-------- C:\Users\SAMPOG~1\AppData\Roaming\Hewlett Packard
2008-01-24 08:03 . 2008-01-24 08:03 31,074 --a------ C:\Windows\System32\drivers\Partizan.sys
2008-01-24 08:03 . 2008-01-24 08:03 25,600 --a------ C:\Windows\System32\Partizan.exe
2008-01-24 07:57 . C:\Windows\(2) C:\ComboFix[1]\winstart.bat
2008-01-23 23:01 . 2008-02-03 12:45 <DIR> d-------- C:\Users\All Users\Avg7
2008-01-23 23:01 . 2008-02-03 12:45 <DIR> d-------- C:\PROGRA~2\Avg7
2008-01-23 03:41 . 2008-01-23 03:41 8,888 --a------ C:\Windows\System32\RacUR.xml
2008-01-23 03:41 . 2008-01-23 03:41 150 --a------ C:\Windows\System32\RacUREx.xml
2008-01-22 07:10 . 2008-01-25 16:24 <DIR> d-------- C:\Program Files\CCleaner
2008-01-22 06:42 . 2008-01-22 06:44 69 --a------ C:\Windows\NeroDigital.ini
2008-01-20 21:25 . 2008-01-20 21:38 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2008-01-20 20:33 . 2008-01-22 20:50 89 --a------ C:\Windows\ULead32.ini
2008-01-10 03:06 . 2008-01-10 03:06 802,816 --a------ C:\Windows\System32\drivers\tcpip.sys
2008-01-10 03:06 . 2008-01-10 03:06 216,760 --a------ C:\Windows\System32\drivers\netio.sys
2008-01-10 03:06 . 2008-01-10 03:06 167,424 --a------ C:\Windows\System32\tcpipcfg.dll
2008-01-10 03:06 . 2008-01-10 03:06 24,064 --a------ C:\Windows\System32\netcfg.exe
2008-01-10 03:06 . 2008-01-10 03:06 22,016 --a------ C:\Windows\System32\netiougc.exe
2008-01-10 03:04 . 2008-01-10 03:04 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-01-10 03:04 . 2008-01-10 03:04 1,686,016 --a------ C:\Windows\System32\gameux.dll
2008-01-10 03:03 . 2008-01-10 03:03 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
2008-01-10 03:03 . 2008-01-10 03:03 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys
2008-01-10 03:03 . 2008-01-10 03:03 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-01-10 03:03 . 2008-01-10 03:03 109,624 --a------ C:\Windows\System32\drivers\ataport.sys
2008-01-10 03:03 . 2008-01-10 03:03 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
2008-01-10 03:03 . 2008-01-10 03:03 25,656 --a------ C:\Windows\System32\drivers\msahci.sys
2008-01-10 03:03 . 2008-01-10 03:03 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
2008-01-10 03:03 . 2008-01-10 03:03 17,464 --a------ C:\Windows\System32\drivers\intelide.sys
2008-01-10 03:03 . 2008-01-10 03:03 11,776 --a------ C:\Windows\System32\sbunattend.exe
2008-01-09 15:14 . 2008-01-09 15:14 <DIR> d-------- C:\Users\All Users\Yahoo! Companion
2008-01-09 15:14 . 2008-01-09 15:14 <DIR> d-------- C:\PROGRA~2\Yahoo! Companion
2008-01-08 20:55 . 2008-01-08 20:55 <DIR> d-------- C:\Program Files\Yahoo!

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-27 10:38 --------- d-----w C:\Program Files\Google
2008-01-25 15:24 --------- d-----w C:\Program Files\InterVideo
2008-01-25 06:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-24 08:11 --------- d-----w C:\Users\Sampognaro\AppData\Roaming\Hewlett-Packard
2008-01-24 08:11 --------- d-----w C:\Users\SAMPOG~1\AppData\Roaming\Hewlett-Packard
2008-01-24 07:51 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-01-24 07:51 --------- d-----w C:\PROGRA~2\Symantec
2008-01-23 06:05 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-01-23 02:42 --------- d-----w C:\PROGRA~2\Microsoft Help
2008-01-23 01:49 --------- d-----w C:\Program Files\eMule
2008-01-13 09:00 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-01-10 02:13 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-10 02:13 --------- d-----w C:\Program Files\Windows Mail
2008-01-10 02:04 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-01-10 02:04 449,024 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-01-10 02:04 2,143,744 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-01-10 02:04 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2007-12-28 21:51 --------- d-----w C:\Program Files\VistaCodecPack
2007-12-22 19:36 --------- d-----w C:\Users\Sampognaro\AppData\Roaming\Media Player Classic
2007-12-22 19:36 --------- d-----w C:\Users\SAMPOG~1\AppData\Roaming\Media Player Classic
2007-12-13 02:08 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-12-13 02:07 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys
2007-12-13 02:07 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys
2007-12-13 02:07 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys
2007-12-13 02:07 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys
2007-11-16 05:50 2,923,520 ----a-w C:\Windows\explorer.exe
2007-10-07 07:40 174 --sha-w C:\Program Files\desktop.ini
2007-10-06 05:57 87,608 ----a-w C:\Users\Sampognaro\AppData\Roaming\ezpinst.exe
2007-10-06 05:57 87,608 ----a-w C:\Users\SAMPOG~1\AppData\Roaming\ezpinst.exe
2007-10-06 05:57 47,360 ----a-w C:\Users\Sampognaro\AppData\Roaming\pcouffin.sys
2007-10-06 05:57 47,360 ----a-w C:\Users\SAMPOG~1\AppData\Roaming\pcouffin.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11D4-9B18-009027A5CD4F}
{381FFDE8-2394-4F90-B10D-FC6124A40F8C}

[HKEY_CLASSES_ROOT\clsid\{381ffde8-2394-4f90-b10d-fc6124a40f8c}]
[HKEY_CLASSES_ROOT\BitDefender Toolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-01-27 08:29 171448]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]
"SpyClean"="C:\Program Files\Netcom3 Cleaner\SpyClean.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2007-12-10 14:53 1103752]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-10-18 09:19 141848]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-10-18 09:18 166424]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-10-18 09:18 133656]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 02:29 102400]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-02-06 23:45 319488]
"BDWizReg"="C:\Program Files\BitDefender\BitDefender 2008\bdwizreg.exe" [2008-02-06 23:42 385024]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2007-10-07 08:28 1006264 C:\Program Files\Windows Defender\MSASCui.exe

R1 bdftdif;bdftdif;C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2007-11-12 16:28]
R1 PersonalSecureDrive;PersonalSecureDrive;C:\Windows\system32\drivers\psd.sys [2006-09-28 01:03]
R2 ASBroker;Operatore della sessione di accesso;C:\Windows\System32\svchost.exe [2006-11-02 10:45]
R2 ASChannel;Canale di comunicazione locale;C:\Windows\System32\svchost.exe [2006-11-02 10:45]
R3 BCM43XV;Driver della scheda di rete Broadcom Extensible 802.11;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 08:30]
R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-10-18 09:05]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 08:30]
S3 bdfsfltr;bdfsfltr;C:\Windows\system32\DRIVERS\bdfsfltr.sys [2007-08-02 16:03]
S3 Netcom3;NetCom3 Service;C:\Program Files\Netcom3 Cleaner\PSCMonitor.exe []
S3 NETw3v32;Driver per scheda di rete Intel(R) PRO/Wireless 3945ABG per Windows Vista a 32 bit;C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-13 18:03]
S3 Partizan;Partizan;C:\Windows\system32\drivers\Partizan.sys [2008-01-24 08:03]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 08:36]
S3 scan;BitDefender Threat Scanner;C:\Windows\System32\svchost.exe [2006-11-02 10:45]
S3 TBS;Servizi di base TPM;C:\Windows\System32\svchost.exe [2006-11-02 10:45]
S3 TPM;TPM;C:\Windows\system32\drivers\tpm.sys [2006-11-02 10:50]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
GPSvcGroup REG_MULTI_SZ GPSvc
bdx REG_MULTI_SZ scan

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-06 23:49:43
Windows 6.0.6000 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
.
**************************************************************************
.
Ora fine scansione: 2008-02-06 23:52:05 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-06 22:52:01
.
2008-01-29 21:07:14 --- E O F ---

bdoriano · Inviato: 07 Feb 2008 10:34 Oggetto:

Ciao cettyprinci,
per cortesia, non continuare ad aprire nuovi thread, usa il tasto

anziché

.
Così facendo, rendi più difficoltoso aiutarti. Grazie mille per la collaborazione.

Dovresti postare anche il log creato da EliBaglA, per vedere che cosa ha trovato.

Adesso, fai queste scansioni con GMER (sono 2 e servono entrambe: rootkit e autostart) e posta i logs su FreeFileHosting come indicato qui.

Poi, collegati a Kaspersky on-line scanner e fai la scansione estesa, come indicato qui.
Salva il risultato della scansione in un file (in formato HTML), carica il file su Freefilehosting e posta qui il link che ti viene assegnato.

cettyprinci · Inviato: 07 Feb 2008 11:19 Oggetto: Aiuto

Scusa ma sono n pò inesperta ecco il log di Eligabla, grazie di tutto:

Fri Feb 01 07:29:31 2008
EliBagle v10.95 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.

Fri Feb 01 07:29:40 2008
EliBagle v10.95 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 12088
Nº Total de Ficheros: 88398
Nº de Ficheros Analizados: 13811
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 0

Fri Feb 01 07:42:10 2008
EliBagle v10.95 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.

Fri Feb 01 07:42:34 2008
EliBagle v10.95 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 12089
Nº Total de Ficheros: 88419
Nº de Ficheros Analizados: 13812
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 0

Fri Feb 01 14:47:09 2008
EliBagle v10.95 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.

Fri Feb 01 21:20:29 2008
EliBagle v10.95 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.

Fri Feb 01 21:21:02 2008
EliBagle v10.95 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 12097
Nº Total de Ficheros: 89487
Nº de Ficheros Analizados: 13816
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 0

bdoriano · Inviato: 07 Feb 2008 11:52 Oggetto:

Ok, fai gli altri passaggi che ti ho indicato.

cettyprinci · Inviato: 08 Feb 2008 01:46 Oggetto: scansione con gmer

questi sono i due link:
1
rotokit1.txt
2
rotokit 21.txt ora inizio con la scansione grazie

cettyprinci · Inviato: 08 Feb 2008 08:10 Oggetto: Aiuto i virus aumentano

questo è il link dopo la scansione fatta con kasperky aiutami x favore
kasperky 08 02.html

bdoriano · Inviato: 08 Feb 2008 09:51 Oggetto:

Non sta andando male, anzi... Smile

Disabilita il tuo antivirus
Collegati a BitDefender (con IE) e fai la scansione completa, Così verranno eliminate altre schifezze.

Puoi cancellare completamente la cartella c:\qoobox (è il backup di combofix).

cettyprinci · Inviato: 08 Feb 2008 15:36 Oggetto: virus

Non riesco a fare la scansione online con bit defender si blocca continuamente la barra anche se ho disattivato i controlli activex non riesco che faccio

Sante62 · Inviato: 08 Feb 2008 20:49 Oggetto:

Ciao cettyprinci..
Ma l'antivirus Bitdefender ce l'hai già installato nel tuo PC?; perchè vedo alcuni moduli caricati inmemoria. Se è così fai la scansione col tuo antivirus...

cettyprinci · Inviato: 08 Feb 2008 22:21 Oggetto:

ma il mio problema è iniziato anche con il fatto che l'antivirs non fnzionava più e quindi n antivirs buono nn c'è diciamo che c'è ad-adware 2007, ma nn mi sembra buono io prima dell'invasione avevo avast che devo fare?

Sante62 · Inviato: 09 Feb 2008 00:05 Oggetto:

Adesso l'antivirus dovrebbe funzionare se non hai provato a disinstallarlo; a te la scelta su quale tenere; Adware 2007 non è un antivirus vero e proprio ma un antispyware, lo puoi comunque lasciare....

cettyprinci · Inviato: 09 Feb 2008 08:31 Oggetto:

ho installato in versione prova x 30 g a-squared e fnziona e facendo la scansione mi ha trovato questi virus che ho messo in quarantena o devo eliminarli che devo fare?

sono 6 virus ma non sò come prendere il log per mostrarteli

cettyprinci · Inviato: 09 Feb 2008 08:34 Oggetto:

ho fatto la scansione con hijackthis e questo è il risultato, tutti mi dicono di formattare ma io nn voglio aiutatemi:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7.32.25, on 09/02/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
c:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Sampognaro\Desktop\HiJackThis.exe

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpyClean] C:\Program Files\Netcom3 Cleaner\SpyClean.exe
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\Program Files\a-squared Free\a2service.exe (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NetCom3 Service (Netcom3) - Unknown owner - C:\Program Files\Netcom3 Cleaner\PSCMonitor.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

--
End of file - 3201 bytes

bdoriano · Inviato: 09 Feb 2008 10:08 Oggetto:

Perché formattare?
Ti ho detto che stai andando bene. Wink

Il problema è che, con Vista, alcuni tools (tipo Avenger) non funzionano... se no, avremmo già terminato. Razz

a-squared è più un antispyware che un antivirus.

Scarica VirIt, installalo, aggiornalo (importante) e fai lo scan completo. Posta il log che verrà generato. Pur essendo una trial, la puoi usare appieno per 30gg.