Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
[RISOLTO] iexplore.exe
Nuovo argomento   Quest'argomento è chiuso: Non puoi inserire, rispondere o modificare i messaggi.    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
lindacattaneo
Mortale devoto
Mortale devoto


Registrato: 12/05/08 17:16
Messaggi: 9
MessaggioInviato: 12 Mag 2008 18:11    Oggetto: [RISOLTO] iexplore.exe Rispondi citando
ciao!
ho 2 problemi che non sono riuscita a risolvere anch se ho letto un sacco di forum..
innanzitutto mi si aprono delle finestre di internet explorer con dei finti siti da cui scaricare varie cose oppure delle finte scansioni del pc che inducon a scaricare degli antivirus fasulli...pensavo fosse nsinet.exe,l'ho eliminato ma è rimasto il problema..ho eliminato anche instant access cn hijackthis da modalità provvisoria e fatto scansioni cn spybot,virit e altri antivirus ma il problema è rimasto..
poi cm già in n altro forum mi si aprono delle finestre di internet explorer vuote e ci sono piu processi di iexplore.exe che si rigenrano e rallentano molto il pc..ho provato con superantispyware e spyhunter ma non è cambiato niente..
ecco il log:
Logfile of HijackThis v1.99.1
Scan saved at 18.14.41, on 12/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Panda Software\Panda Internet Security 2007\PsCtrls.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Programmi\File comuni\Panda Software\PavShld\pavprsrv.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
c:\programmi\panda software\panda internet security 2007\firewall\PSHOST.EXE
C:\Programmi\Panda Software\Panda Internet Security 2007\psimsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\VEXPLITE\viritsvc.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\ApvxdWin.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\WebProxy.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\PavBckPT.exe
C:\Programmi\MSN Messenger\usnsvc.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\WINDOWS\system32\nsinet.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\avciman.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\psimreal.exe
C:\Documents and Settings\Linda\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.alice.it/search/home/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Programmi\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Programmi\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0C2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [memo site kind that] C:\Documents and Settings\All Users\Dati applicazioni\Grid Blue Memo Site\the time.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [sect meow] C:\DOCUME~1\Linda\DATIAP~1\GLUEPH~1\date dog pile.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\nsinet.exe /res
O8 - Extra context menu item: &eBay Search - res://C:\Programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by115fd.bay115.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://es6-scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://telecomit.oberon-media.com/online2/bejeweled2/Oberongamesloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D39B3ADF-5F82-4027-9B3E-E7C115B1759E}: NameServer = 85.37.17.4 85.38.28.70
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Programmi\Panda Software\Panda Internet Security 2007\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Programmi\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Programmi\File comuni\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Programmi\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Programmi\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\programmi\panda software\panda internet security 2007\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Programmi\Panda Software\Panda Internet Security 2007\psimsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Programmi\Panda Software\Panda Internet Security 2007\TPSrv.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe


vi sarei molto grata se mi aiutaste...
mi scuso in anticipo per la mia ignoranza informatica...
grazie!
linda
Top
Profilo Invia messaggio privato
fulmine
Dio maturo
Dio maturo


Registrato: 23/03/08 16:54
Messaggi: 3345
Residenza: olimpio
MessaggioInviato: 12 Mag 2008 19:11    Oggetto: Rispondi citando
Aggiorna Hijackthis e salvalo in una sua cartella non temporanea e non sul desktop. Stai usando una versione vecchia, ora c'è la v. 2.0.2

edit by bdoriano: diamogli anche il link. Wink
Scarica la versione aggiornata di Hijackthis e salvalo in una sua cartella non temporanea e non sul desktop. Old
Top
Profilo Invia messaggio privato
lindacattaneo
Mortale devoto
Mortale devoto


Registrato: 12/05/08 17:16
Messaggi: 9
MessaggioInviato: 12 Mag 2008 20:29    Oggetto: Rispondi citando
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20.28.20, on 12/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Panda Software\Panda Internet Security 2007\PsCtrls.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Programmi\File comuni\Panda Software\PavShld\pavprsrv.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
c:\programmi\panda software\panda internet security 2007\firewall\PSHOST.EXE
C:\Programmi\Panda Software\Panda Internet Security 2007\psimsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\VEXPLITE\viritsvc.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\ApvxdWin.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\WebProxy.exe
C:\Programmi\Panda Software\Panda Internet Security 2007\PavBckPT.exe
C:\Programmi\MSN Messenger\usnsvc.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Windows Media Player\wmplayer.exe
C:\Documenti Linda\Programmi\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.alice.it/search/home/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Programmi\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Programmi\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0C2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [memo site kind that] C:\Documents and Settings\All Users\Dati applicazioni\Grid Blue Memo Site\the time.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [sect meow] C:\DOCUME~1\Linda\DATIAP~1\GLUEPH~1\date dog pile.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &eBay Search - res://C:\Programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by115fd.bay115.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://telecomit.oberon-media.com/online2/bejeweled2/Oberongamesloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D39B3ADF-5F82-4027-9B3E-E7C115B1759E}: NameServer = 85.37.17.4 85.38.28.70
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Programmi\Panda Software\Panda Internet Security 2007\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Programmi\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Programmi\File comuni\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Programmi\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Programmi\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\programmi\panda software\panda internet security 2007\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Programmi\Panda Software\Panda Internet Security 2007\psimsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Programmi\Panda Software\Panda Internet Security 2007\TPSrv.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe

--
End of file - 9885 bytes
Top
Profilo Invia messaggio privato
chemicalbit
Dio maturo
Dio maturo


Registrato: 01/04/05 18:59
Messaggi: 18597
Residenza: Milano
MessaggioInviato: 12 Mag 2008 20:47    Oggetto: Rispondi citando
Giusto per non sbagliare, pulizie generiche:
  • Disabilita il ripristino di sistema.
  • Pulisci i files temporanei con ATF-Cleaner e/o CCleaner
  • Fai una scansione cone Norman Malware Cleaner.
    • Scarica il programma
    • Avvia il pc in modalità provvisoria.
    • Avvia Norman Malware Cleaner e fagli fare la scansione completa.
    • Alla fine della scansione viene generato un log sul desktop chiamato NFix_2008-MM-gg_hh-mm-ss.log.

  • Riavvia il computer in modalità normale
  • Segui le istruzioni di questo topic per eseguire combofix.
  • Riferisci con un nuovo messaggio in questa discussione dell'esito: se ci sono stati problemi particolari, ecc. ecc. E riporta:
    • Carica il log di Norman Malware Cleaner su FreeFileHosting come indicato qui e posta il link che ti viene assegnato
    • Il log di Combofix generalmente non è molto lungo, quindi postalo direttamente nel messaggio



p.s. non ho capito cosa avevi elimininato / disattivato prima.
Top
Profilo Invia messaggio privato
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 12 Mag 2008 21:02    Oggetto: Rispondi citando
E aggiungo, disabilita il VirIT Lite Monitor (vedi questo messaggio per le istruzioni). Razz
Top
Profilo Invia messaggio privato
lindacattaneo
Mortale devoto
Mortale devoto


Registrato: 12/05/08 17:16
Messaggi: 9
MessaggioInviato: 20 Mag 2008 14:29    Oggetto: Rispondi citando
ciao!
questo è il link del log di Norman
NFix_2008-05-20_11-30-53.log

non ci sono stati particolari problemi..

ComboFix 08-05-19.4 - Linda 2008-05-20 11.51.03.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.352 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Linda\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Menu Avvio\Programmi\MessengerSkinner
C:\Documents and Settings\Linda\Dati applicazioni\inst.exe
C:\Documents and Settings\Linda\Impostazioni locali\Dati applicazioni\qqdorvo.dat
c:\documents and settings\linda\impostazioni locali\dati applicazioni\qqdorvo.exe
c:\Documents and Settings\Linda\Impostazioni locali\Dati applicazioni\qqdorvo_nav.dat
c:\Documents and Settings\Linda\Impostazioni locali\Dati applicazioni\qqdorvo_navps.dat
C:\Programmi\instant access
C:\Programmi\instant access\Center\Crazy Girls.upd
C:\Programmi\instant access\Center\Fun-Games.upd
C:\Programmi\instant access\Center\tray1.ico
C:\Programmi\instant access\Dialer\862000548\Crazy Girls.lnk
C:\Programmi\instant access\Dialer\862000548\es6-external-api.dlv4.com\js\7b7d957a75255c4fe944cd5439666fb9
C:\Programmi\instant access\Dialer\862000548\es6-www.0texkax7c6hzuidk.com\Common\267f664ed9588f58b85ca204c2a7390f.html
C:\Programmi\instant access\Dialer\862000548\es6-www.0texkax7c6hzuidk.com\custom\4239\4239_dialer.ico
C:\Programmi\instant access\Dialer\862000548\es6-www.0texkax7c6hzuidk.com\custom\4239\EN\button1.gif
C:\Programmi\instant access\Dialer\862000548\es6-www.0texkax7c6hzuidk.com\custom\4239\EN\button2.gif
C:\Programmi\instant access\Dialer\862000548\es6-www.0texkax7c6hzuidk.com\custom\4239\EN\button3.gif
C:\Programmi\instant access\Dialer\862000548\es6-www.0texkax7c6hzuidk.com\custom\4239\EN\button4.gif
C:\Programmi\instant access\Dialer\862000548\fp.pc-on-internet.com\50280\images\background.gif
C:\Programmi\instant access\Dialer\862000548\fp.pc-on-internet.com\50280\images\index_01.jpg
C:\Programmi\instant access\Dialer\862000548\fp.pc-on-internet.com\50280\images\index_04.jpg
C:\Programmi\instant access\Dialer\862000548\fp.pc-on-internet.com\50280\images\IT\index_02.jpg
C:\Programmi\instant access\Dialer\862000548\fp.pc-on-internet.com\698fd55a546eaf5e7614682cf882ac38.html
C:\Programmi\instant access\Dialer\862000548\fp.pc-on-internet.com\698fd55a546eaf5e7614682cf882ac38.html_0.loginvis
C:\Programmi\instant access\Dialer\862000548\www.rapid-pass.net\f6ba8c189987b9a60520f853d6c3cbc2
C:\Programmi\instant access\Dialer\918485236\es6-external-api.dlv4.com\js\cfead3b4617477d3a9fb1497be2926c9
C:\Programmi\instant access\Dialer\918485236\es6-scripts.nccgateway.com\Common\f760e92c2934a569cb6fd8efe177909c.html
C:\Programmi\instant access\Dialer\918485236\es6-scripts.nccgateway.com\custom\1\dialer.ico
C:\Programmi\instant access\Dialer\918485236\es6-scripts.nccgateway.com\custom\3020\IT\button1.gif
C:\Programmi\instant access\Dialer\918485236\es6-scripts.nccgateway.com\custom\3020\IT\button2.gif
C:\Programmi\instant access\Dialer\918485236\es6-scripts.nccgateway.com\custom\3020\IT\button3.gif
C:\Programmi\instant access\Dialer\918485236\es6-scripts.nccgateway.com\custom\3020\IT\button4.gif
C:\Programmi\instant access\Dialer\918485236\Fun-Games.lnk
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\89010e0af971bad9fc22ff59f3fa4a93.html
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\89010e0af971bad9fc22ff59f3fa4a93.html_0.loginvis
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_01.jpg
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_02.jpg
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_03.gif
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_04.jpg
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_05.jpg
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_06.jpg
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_07.jpg
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_09.jpg
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_10.jpg
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_11.jpg
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_12.jpg
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_13.jpg
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_16.jpg
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_17.jpg
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\emoticonsplanet_18.jpg
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\flash-1.swf
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\flash-2.swf
C:\Programmi\instant access\Dialer\918485236\traffic.waypointcash.com\emoticonsplanet.com\enter\4\en\flash-3.swf
C:\Programmi\instant access\Dialer\918485236\www.rapid-pass.net\eabb4a368a8ca700cee6dfb9b0297a5b
C:\Programmi\instant access\Dialer\918485236\www.waypointcash.com\conversion\ac9bd99bccae02f8a27e66ae9b3f9905

.
((((((((((((((((((((((((( Files Creati Da 2008-04-20 al 2008-05-20 )))))))))))))))))))))))))))))))))))
.

2008-05-17 13:05 . 2008-03-25 06:51 621,344 -----c--- C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-05-16 13:00 . 2008-05-20 11:41 13,880 --a------ C:\WINDOWS\system32\drivers\COMFiltr.sys
2008-05-15 22:50 . 2008-05-15 22:50 <DIR> d-------- C:\Documents and Settings\Silvano\Dati applicazioni\SUPERAntiSpyware.com
2008-05-12 16:25 . 2008-05-15 23:02 <DIR> d-------- C:\Programmi\Enigma Software Group
2008-05-12 16:09 . 2008-05-12 16:09 <DIR> d-------- C:\Programmi\SUPERAntiSpyware
2008-05-12 16:09 . 2008-05-12 16:09 <DIR> d-------- C:\Documents and Settings\Linda\Dati applicazioni\SUPERAntiSpyware.com
2008-05-12 16:09 . 2008-05-12 16:09 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2008-05-12 16:08 . 2008-05-12 16:08 <DIR> d-------- C:\Programmi\File comuni\Wise Installation Wizard
2008-05-12 13:14 . 2008-05-12 15:40 <DIR> d-------- C:\VEXPLITE
2008-05-12 13:14 . 2008-03-17 19:23 39,808 --a------ C:\WINDOWS\system32\drivers\VIRAGTLT.SYS
2008-05-03 20:15 . 2008-05-03 20:15 <DIR> d-------- C:\Programmi\glue phone

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-20 09:48 335,008 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck
2008-05-20 09:48 335,008 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT
2008-05-20 09:48 3,004 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck
2008-05-20 09:48 3,004 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG
2008-05-20 09:43 --------- d-----w C:\Documents and Settings\Linda\Dati applicazioni\uTorrent
2008-05-17 13:04 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Microsoft Help
2008-05-15 21:01 --------- d-----w C:\Programmi\Panda Software
2008-05-15 20:58 --------- d-----w C:\Programmi\Libcassa
2008-05-15 20:56 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-05-12 13:36 --------- d-----w C:\Programmi\a-squared Anti-Malware
2008-05-03 18:17 --------- d-----w C:\Documents and Settings\Silvano\Dati applicazioni\glue phone
2008-05-03 18:16 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Grid Blue Memo Site
2008-05-02 09:09 --------- d-----w C:\Documents and Settings\Linda\Dati applicazioni\glue phone
2008-04-06 13:46 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\SweetIM
2008-04-01 18:34 --------- d-----w C:\Programmi\PopCap Games
2008-03-25 08:20 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 183,072 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-23 14:00 --------- d-----w C:\Programmi\MSN Messenger
2008-03-23 13:55 --------- d-----w C:\Programmi\Messenger Plus! Live(2)
2008-03-23 13:55 --------- d-----w C:\Programmi\Messenger Plus! Live
2008-03-23 13:55 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Messenger Plus!
2008-03-23 11:13 --------- d-----w C:\Programmi\Windows Live
2008-03-21 10:07 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2008-03-20 07:57 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 18:49 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-11-05 18:24 11,127,111 ----a-w C:\Programmi\setup_ca_it.exe
2007-06-02 11:47 47,360 ----a-w C:\Documents and Settings\Linda\Dati applicazioni\pcouffin.sys
2007-03-17 14:03 32,768 -csha-w C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012007031720070318\index.dat
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-30 21:00 15360]
"sect meow"="C:\DOCUME~1\Linda\DATIAP~1\GLUEPH~1\date dog pile.exe" [2008-05-02 11:07 487936]
"msnmsgr"="C:\Programmi\MSN Messenger\msnmsgr.exe" [2008-04-04 15:56 5674352]
"uTorrent"="C:\Programmi\uTorrent\uTorrent.exe" [2007-08-20 12:15 224048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="cmicnfg.cpl" []
"GrooveMonitor"="C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 01:47 31016]
"APVXDWIN"="C:\Programmi\Panda Software\Panda Internet Security 2007\APVXDWIN.exe" [2007-07-23 19:30 406832]
"SCANINICIO"="C:\Programmi\Panda Software\Panda Internet Security 2007\Inicio.exe" [2007-07-11 16:17 27952]
"EPSON Stylus C64 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0C2.exe" [2003-09-12 05:00 99840]
"NeroFilterCheck"="C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-30 21:00 110592 C:\WINDOWS\system32\bthprops.cpl]
"memo site kind that"="C:\Documents and Settings\All Users\Dati applicazioni\Grid Blue Memo Site\the time.exe" [2008-05-20 11:41 3166720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-30 21:00 15360]

C:\Documents and Settings\Silvano\Menu Avvio\Programmi\Esecuzione automatica\
Ritaglio schermata e avvio di OneNote 2007.lnk - C:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 21:24:54 98632]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmi\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmi\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programmi\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 2007-02-15 21:02 50736 C:\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll
"VIDC.3iv2"= 3ivxVfWCodec.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Programmi\\Emule v0.47C Applejuice v1.0.2\\eMule Applejuice\\emule.exe"=
"C:\\Programmi\\uTorrent\\uTorrent.exe"=
"C:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"C:\\Programmi\\MSN Messenger\\livecall.exe"=

R0 VIRAGTLT;VIRAGTLT;C:\WINDOWS\system32\drivers\VIRAGTLT.SYS [2008-03-17 19:23]
R1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2007-05-11 10:33]
R1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\system32\Drivers\DSAFLT.SYS [2007-05-11 10:33]
R1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\system32\Drivers\fnetmon.SYS [2007-05-11 10:33]
R1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\system32\Drivers\IDSFLT.SYS [2007-07-11 12:39]
R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2007-05-11 10:33]
R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\Drivers\ShlDrv51.sys [2007-05-23 16:40]
R1 SMSFLT;SMS Filter Plugin;C:\WINDOWS\system32\Drivers\SMSFLT.SYS [2007-05-11 10:33]
R1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\system32\Drivers\WNMFLT.SYS [2007-05-11 10:33]
R2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\drivers\cpoint.sys [2007-06-08 09:44]
R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-07-12 14:49]
R2 viritsvclite;Virit eXplorer Lite;C:\VEXPLITE\viritsvc.exe [2007-10-10 12:12]
R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys []
R3 axsaki;axsaki;C:\WINDOWS\system32\DRIVERS\axsaki.sys [2003-03-30 22:38]
R3 axskbus;axskbus;C:\WINDOWS\system32\DRIVERS\axskbus.sys [2003-03-28 12:58]
R3 NETIMFLT;PANDA NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\netimflt.sys [2007-04-24 16:43]
R3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys []
R3 usb_rndis;Pirelli Alice Gate W2+ USB;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-30 21:00]
S3 AEXPAM;Philips SmartManage Service;C:\WINDOWS\system32\Drivers\aexpamdrv.sys [2005-12-20 10:57]
S3 usb2vcom;Nokia CA-42 USB;C:\WINDOWS\system32\DRIVERS\usb2vcom.sys [2006-04-03 09:41]
S3 usbscan;Driver scanner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 USBSTOR;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\Setup.exe

*Newly Created Service* - CATCHME
.
Contenuto della cartella 'Scheduled Tasks'
"2008-05-20 09:00:00 C:\WINDOWS\Tasks\A8ECF392918B67E2.job"
- c:\docume~1\linda\datiap~1\glueph~1\amok mfcd that.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-20 11:53:47
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr = "C:\Programmi\MSN Messenger\msnmsgr.exe" /background?r

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2008-05-20 11.55.59
ComboFix-quarantined-files.txt 2008-05-20 09:55:32

21 Directory 17,684,230,144 byte disponibili
25 Directory 18,008,289,280 byte disponibili

204 --- E O F --- 2008-05-17 13:04:55
Top
Profilo Invia messaggio privato
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 20 Mag 2008 14:40    Oggetto: Rispondi citando
Combofix ha eliminato parecchie schifezzuole.

Crea un file di testo con le seguenti istruzioni:
Codice:
File::
C:\Documents and Settings\All Users\Dati applicazioni\Grid Blue Memo Site\the time.exe
C:\DOCUME~1\Linda\DATIAP~1\GLUEPH~1\date dog pile.exe
c:\docume~1\linda\datiap~1\glueph~1\amok mfcd that.exe
C:\WINDOWS\Tasks\A8ECF392918B67E2.job

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"memo site kind that"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"sect meow"=-

Salva il file sul desktop con il nome CFScript.txt e trascinalo sull'icona di ComboFix, come indicato in seguito:

Attendi pazientemente la fine dei lavori senza toccare tastiera, mouse o altro. Wink
Posta il log aggiornato di combofix.

Rifai la scansione con Norman (la precedente è incompleta).
Top
Profilo Invia messaggio privato
lindacattaneo
Mortale devoto
Mortale devoto


Registrato: 12/05/08 17:16
Messaggi: 9
MessaggioInviato: 20 Mag 2008 15:01    Oggetto: Rispondi citando
scusa ma la scansione con norma devo sempre farla in modalità provvisoria e disattivando il ripristino d sistema?
grazie
Top
Profilo Invia messaggio privato
lindacattaneo
Mortale devoto
Mortale devoto


Registrato: 12/05/08 17:16
Messaggi: 9
MessaggioInviato: 20 Mag 2008 18:01    Oggetto: Rispondi citando
NFix_2008-05-20_16-47-34_1211299636042.log
Top
Profilo Invia messaggio privato
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 20 Mag 2008 18:50    Oggetto: Rispondi citando
Ok, molto meglio. Smile
Manca il log della seconda operazione con combofix.

Dopo che l'hai postato, fai questa scansione con Kaspersky
Top
Profilo Invia messaggio privato
lindacattaneo
Mortale devoto
Mortale devoto


Registrato: 12/05/08 17:16
Messaggi: 9
MessaggioInviato: 20 Mag 2008 20:39    Oggetto: Rispondi citando
ComboFix 08-05-19.4 - Linda 2008-05-20 14.49.39.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.361 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Linda\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Linda\Desktop\CFScript.txt
* Creato nuovo punto di ripristino

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
c:\docume~1\linda\datiap~1\glueph~1\amok mfcd that.exe
C:\DOCUME~1\Linda\DATIAP~1\GLUEPH~1\date dog pile.exe
C:\Documents and Settings\All Users\Dati applicazioni\Grid Blue Memo Site\the time.exe
C:\WINDOWS\Tasks\A8ECF392918B67E2.job
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\linda\datiap~1\glueph~1\amok mfcd that.exe
C:\DOCUME~1\Linda\DATIAP~1\GLUEPH~1\date dog pile.exe
C:\Documents and Settings\All Users\Dati applicazioni\Grid Blue Memo Site\the time.exe
C:\WINDOWS\Tasks\A8ECF392918B67E2.job

.
((((((((((((((((((((((((( Files Creati Da 2008-04-20 al 2008-05-20 )))))))))))))))))))))))))))))))))))
.

2008-05-20 14:53 . 2007-06-20 16:48 18,224 --a------ C:\WINDOWS\system32\pfdnnt.exe
2008-05-17 13:05 . 2008-03-25 06:51 621,344 -----c--- C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-05-16 13:00 . 2008-05-20 14:10 13,880 --a------ C:\WINDOWS\system32\drivers\COMFiltr.sys
2008-05-15 22:50 . 2008-05-15 22:50 <DIR> d-------- C:\Documents and Settings\Silvano\Dati applicazioni\SUPERAntiSpyware.com
2008-05-12 16:25 . 2008-05-15 23:02 <DIR> d-------- C:\Programmi\Enigma Software Group
2008-05-12 16:09 . 2008-05-12 16:09 <DIR> d-------- C:\Programmi\SUPERAntiSpyware
2008-05-12 16:09 . 2008-05-12 16:09 <DIR> d-------- C:\Documents and Settings\Linda\Dati applicazioni\SUPERAntiSpyware.com
2008-05-12 16:09 . 2008-05-12 16:09 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2008-05-12 16:08 . 2008-05-12 16:08 <DIR> d-------- C:\Programmi\File comuni\Wise Installation Wizard
2008-05-12 13:14 . 2008-05-12 15:40 <DIR> d-------- C:\VEXPLITE
2008-05-12 13:14 . 2008-03-17 19:23 39,808 --a------ C:\WINDOWS\system32\drivers\VIRAGTLT.SYS
2008-05-03 20:15 . 2008-05-03 20:15 <DIR> d-------- C:\Programmi\glue phone

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-20 12:50 --------- d-----w C:\Documents and Settings\Linda\Dati applicazioni\glue phone
2008-05-20 12:50 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Grid Blue Memo Site
2008-05-20 12:14 --------- d-----w C:\Documents and Settings\Linda\Dati applicazioni\uTorrent
2008-05-20 12:11 335,008 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck
2008-05-20 12:11 335,008 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT
2008-05-20 12:11 3,004 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck
2008-05-20 12:11 3,004 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG
2008-05-17 13:04 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Microsoft Help
2008-05-15 21:01 --------- d-----w C:\Programmi\Panda Software
2008-05-15 20:58 --------- d-----w C:\Programmi\Libcassa
2008-05-15 20:56 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-05-12 13:36 --------- d-----w C:\Programmi\a-squared Anti-Malware
2008-05-03 18:17 --------- d-----w C:\Documents and Settings\Silvano\Dati applicazioni\glue phone
2008-04-06 13:46 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\SweetIM
2008-04-01 18:34 --------- d-----w C:\Programmi\PopCap Games
2008-03-25 08:20 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 183,072 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-23 14:00 --------- d-----w C:\Programmi\MSN Messenger
2008-03-23 13:55 --------- d-----w C:\Programmi\Messenger Plus! Live(2)
2008-03-23 13:55 --------- d-----w C:\Programmi\Messenger Plus! Live
2008-03-23 13:55 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Messenger Plus!
2008-03-23 11:13 --------- d-----w C:\Programmi\Windows Live
2008-03-21 10:07 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2008-03-20 07:57 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 18:49 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-11-05 18:24 11,127,111 ----a-w C:\Programmi\setup_ca_it.exe
2007-06-02 11:47 47,360 ----a-w C:\Documents and Settings\Linda\Dati applicazioni\pcouffin.sys
2007-03-17 14:03 32,768 -csha-w C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012007031720070318\index.dat
.

((((((((((((((((((((((((((((( snapshot@2008-05-20_11.55.15,43 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-20 09:38:44 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-20 12:06:04 2,048 --s-a-w C:\WINDOWS\bootstat.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-30 21:00 15360]
"msnmsgr"="C:\Programmi\MSN Messenger\msnmsgr.exe" [2008-04-04 15:56 5674352]
"uTorrent"="C:\Programmi\uTorrent\uTorrent.exe" [2007-08-20 12:15 224048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="cmicnfg.cpl" []
"GrooveMonitor"="C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 01:47 31016]
"APVXDWIN"="C:\Programmi\Panda Software\Panda Internet Security 2007\APVXDWIN.exe" [2007-07-23 19:30 406832]
"SCANINICIO"="C:\Programmi\Panda Software\Panda Internet Security 2007\Inicio.exe" [2007-07-11 16:17 27952]
"EPSON Stylus C64 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0C2.exe" [2003-09-12 05:00 99840]
"NeroFilterCheck"="C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-30 21:00 110592 C:\WINDOWS\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-30 21:00 15360]

C:\Documents and Settings\Silvano\Menu Avvio\Programmi\Esecuzione automatica\
Ritaglio schermata e avvio di OneNote 2007.lnk - C:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 21:24:54 98632]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmi\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmi\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programmi\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 2007-02-15 21:02 50736 C:\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll
"VIDC.3iv2"= 3ivxVfWCodec.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Programmi\\Emule v0.47C Applejuice v1.0.2\\eMule Applejuice\\emule.exe"=
"C:\\Programmi\\uTorrent\\uTorrent.exe"=
"C:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"C:\\Programmi\\MSN Messenger\\livecall.exe"=

R0 VIRAGTLT;VIRAGTLT;C:\WINDOWS\system32\drivers\VIRAGTLT.SYS [2008-03-17 19:23]
R1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2007-05-11 10:33]
R1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\system32\Drivers\DSAFLT.SYS [2007-05-11 10:33]
R1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\system32\Drivers\fnetmon.SYS [2007-05-11 10:33]
R1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\system32\Drivers\IDSFLT.SYS [2007-07-11 12:39]
R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2007-05-11 10:33]
R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\Drivers\ShlDrv51.sys [2007-05-23 16:40]
R1 SMSFLT;SMS Filter Plugin;C:\WINDOWS\system32\Drivers\SMSFLT.SYS [2007-05-11 10:33]
R1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\system32\Drivers\WNMFLT.SYS [2007-05-11 10:33]
R2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\drivers\cpoint.sys [2007-06-08 09:44]
R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-07-12 14:49]
R2 viritsvclite;Virit eXplorer Lite;C:\VEXPLITE\viritsvc.exe [2007-10-10 12:12]
R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys []
R3 axsaki;axsaki;C:\WINDOWS\system32\DRIVERS\axsaki.sys [2003-03-30 22:38]
R3 axskbus;axskbus;C:\WINDOWS\system32\DRIVERS\axskbus.sys [2003-03-28 12:58]
R3 ComFiltr;Panda Anti-Dialer;C:\WINDOWS\system32\DRIVERS\COMFiltr.sys [2008-05-20 14:10]
R3 NETIMFLT;PANDA NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\netimflt.sys [2007-04-24 16:43]
R3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys []
R3 usb_rndis;Pirelli Alice Gate W2+ USB;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-30 21:00]
S3 AEXPAM;Philips SmartManage Service;C:\WINDOWS\system32\Drivers\aexpamdrv.sys [2005-12-20 10:57]
S3 usb2vcom;Nokia CA-42 USB;C:\WINDOWS\system32\DRIVERS\usb2vcom.sys [2006-04-03 09:41]
S3 usbscan;Driver scanner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 USBSTOR;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\Setup.exe

*Newly Created Service* - COMFILTR
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-20 14:53:52
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile

scansione processi nascosti ...

scansione entrate autostart nascoste ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr = "C:\Programmi\MSN Messenger\msnmsgr.exe" /background?r

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2008-05-20 14.57.04
ComboFix-quarantined-files.txt 2008-05-20 12:56:30
ComboFix2.txt 2008-05-20 09:56:00

21 Directory 17,984,753,664 byte disponibili
25 Directory 17,974,521,856 byte disponibili

163 --- E O F --- 2008-05-17 13:04:55
Top
Profilo Invia messaggio privato
lindacattaneo
Mortale devoto
Mortale devoto


Registrato: 12/05/08 17:16
Messaggi: 9
MessaggioInviato: 22 Mag 2008 19:05    Oggetto: Rispondi citando
ciao..ho fatto la scnsione con kaspersky e non ha trovato nulla da eliminare..
il file report è troppo grosso per postarlo(50MB)...
quando ho avviato in modalità normale pero dopo la pagina web non mi è uscito nulla che mi chiedesse di riavviare,io ho riavviato lo stesso ed infatti il progr è ripartito ancora...
fatemi sapere cosa devo fare..
grazie
Top
Profilo Invia messaggio privato
grifone1900
Dio maturo
Dio maturo


Registrato: 21/05/08 14:50
Messaggi: 1397
Residenza: roma
MessaggioInviato: 22 Mag 2008 19:10    Oggetto: Rispondi citando
controlla i componenti aggiuntivi girano delle specie di publicità che dicono di scaricare illoro antivirus perche hai un problema di protezione invece è solo un componente aggiuntivi del cavolo se riesci postaci tutti i componenti che hai
Top
Profilo Invia messaggio privato MSN
lindacattaneo
Mortale devoto
Mortale devoto


Registrato: 12/05/08 17:16
Messaggi: 9
MessaggioInviato: 22 Mag 2008 19:24    Oggetto: Rispondi citando
come faccio a controllare i componenti aggiuntivi?
Top
Profilo Invia messaggio privato
grifone1900
Dio maturo
Dio maturo


Registrato: 21/05/08 14:50
Messaggi: 1397
Residenza: roma
MessaggioInviato: 22 Mag 2008 19:28    Oggetto: Rispondi citando
apri internet explorer clicca su strumenti e vai sotto gestione componenti aggiuntivi come primo tentativo ti consiglio di disabilitare tutti quelli che non hanno un'autore
Top
Profilo Invia messaggio privato MSN
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 23 Mag 2008 09:42    Oggetto: Rispondi citando
Per disinstallare Kaspersky, guarda le istruzioni postate in fondo a questo messaggio.
Top
Profilo Invia messaggio privato
lindacattaneo
Mortale devoto
Mortale devoto


Registrato: 12/05/08 17:16
Messaggi: 9
MessaggioInviato: 26 Mag 2008 20:40    Oggetto: Rispondi
ciao.
ora sembrerebbe tutto a posto..sono riuscita a disinstallare kaspersky e non ci sono piu i problemi di prima..
grazie mille!!
visto che ho scaricato un sacco di anti virus malware etc mi sapreste dire quali conviene che tenga e usi ogni tanto?
grazie ancora!
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Quest'argomento è chiuso: Non puoi inserire, rispondere o modificare i messaggi.    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 2 ore
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi