Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Virus Win:32 Vitro...aiuto per Hijack..

4 pages: 1 2 3 [4]
Virus Win:32 Vitro...aiuto per Hijack.. Opzioni
Topic Precedente · Topic Sucessivo
r16
Inviato: Friday, November 13, 2009 4:35:56 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Attenzione che se installi il Firewall, potrebbe esserci un naturale rallentamento, del pc. (è normale).
Poi se le scansioni non rilevano niente, è inutile che le posti.
Per l'icona di Office, non si può fare niente. (ma se Office funziona, che te frega...)
Se il pc non ti dà problemi, direi che abbiamo finito.
Torna in alto
 
vierao
Inviato: Thursday, November 19, 2009 4:23:50 PM
Rank: AiutAmico

Iscritto dal : 10/7/2007
Posts: 63
Ciao,sembrava fosse finita invece lo schifoso è tornato...non sò come Asquared rileva 2 virut,posto un log di hijack......

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16.23.45, on 19/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\Programmi\a-squared Free\a2service.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\ADSL\StarModem ADSL USB MODEM\dslmon.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Windows Live\Contacts\wlcomm.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\Programmi\a-squared Free\a2free.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Skype\Toolbars\Shared\SkypeNames.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [2kadiras] 2kadiras.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min /nosplash
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{983E9F2B-53AD-4BD0-A655-74578DA38B57}: NameServer = 193.70.152.70 193.70.152.15
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programmi\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 6404 bytes






Log Asquared


a-squared Free - Versione 4.5
Ultimo aggiornamento: 19/11/2009 15.47.02

Impostazioni scansione:

Scan type: smart
Oggetti: Memoria, Tracce, Cookies, C:\WINDOWS\, C:\Programmi
Archivio scansioni: On
Scientifico: Off
ADS Scan: On

Scansione avviata: 19/11/2009 15.54.01

Value: HKEY_USERS\S-1-5-21-73586283-1275210071-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Emule --> Order rilevati: Trace.Registry.Emule 5.0!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258499379343000 rilevati: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258499379343002 rilevati: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258542102970000 rilevati: Trace.TrackingCookie.doubleclick.net!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258557106439001 rilevati: Trace.TrackingCookie.ad.zanox.com!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258557403720000 rilevati: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258573488330001 rilevati: Trace.TrackingCookie.ad.zanox.com!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258631222625000 rilevati: Trace.TrackingCookie.statse.webtrendslive!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258636701484001 rilevati: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258636701484002 rilevati: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258640490203000 rilevati: Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258640490203001 rilevati: Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\WINDOWS\$NtServicePackUninstall$\conf.exe rilevati: Virus.Win32.Virut!IK
C:\WINDOWS\RtlUpd.exe rilevati: Virus.Win32.Virut!IK
C:\WINDOWS\SoundMan.exe rilevati: Win32.Virtob!IK
C:\WINDOWS\system32\nwiz.exe rilevati: Virus.Win32.Virut!IK
C:\Programmi\Windows Media Player\wmplayer.exe rilevati: Virus.Win32.Virut!IK
C:\Programmi\Windows Media Player\wmsetsdk.exe rilevati: Virus.Win32.Virut!IK

Scansionati

Files: 69941
Tracce: 648138
Cookies: 298
Processi: 36

Rilevato

Files: 6
Tracce: 1
Cookies: 12
Processi: 0
Chiavi di registro: 0

Fine scansione: 19/11/2009 16.24.39
Tempo scansione: 0:30:38

C:\WINDOWS\$NtServicePackUninstall$\conf.exe Cancellato Virus.Win32.Virut!IK
C:\WINDOWS\RtlUpd.exe Cancellato Virus.Win32.Virut!IK
C:\WINDOWS\system32\nwiz.exe Cancellato Virus.Win32.Virut!IK
C:\Programmi\Windows Media Player\wmplayer.exe Cancellato Virus.Win32.Virut!IK
C:\Programmi\Windows Media Player\wmsetsdk.exe Cancellato Virus.Win32.Virut!IK
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258640490203000 Cancellato Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258640490203001 Cancellato Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258631222625000 Cancellato Trace.TrackingCookie.statse.webtrendslive!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258557106439001 Cancellato Trace.TrackingCookie.ad.zanox.com!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258573488330001 Cancellato Trace.TrackingCookie.ad.zanox.com!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258542102970000 Cancellato Trace.TrackingCookie.doubleclick.net!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258499379343000 Cancellato Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258499379343002 Cancellato Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258557403720000 Cancellato Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258636701484001 Cancellato Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\cookies.sqlite:1258636701484002 Cancellato Trace.TrackingCookie.ad.yieldmanager.com!A2
Value: HKEY_USERS\S-1-5-21-73586283-1275210071-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Emule --> Order Cancellato Trace.Registry.Emule 5.0!A2

Cancellato

Files: 7
Tracce: 1
Cookies: 11


In quarantena

Files: 1
Tracce: 0
Cookies: 0


In quarantena

Files: 2
Tracce: 0
Cookies: 0
Torna in alto
 
r16
Inviato: Thursday, November 19, 2009 4:30:50 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Prova a vedere se lo rileva Combofix.
Stacca TUTTE le periferiche dal pc.

Scarica Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe


Salvalo sul desktop.

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (comparirà una videata.)
Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.
E' probabile che ti siano inviati messaggi dall'antivirus, tu ignorali.
Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.

Disinstalla combofix in questo modo: (dopo che avrò visto il log) Start
Esegui
nella finestra di dialogo, copia ed incolla questo comando: Combofix /u e premi Invio poi cancella le cartelle in "C" di Combofix e (qoobox)
Torna in alto
 
vierao
Inviato: Thursday, November 19, 2009 4:54:30 PM
Rank: AiutAmico

Iscritto dal : 10/7/2007
Posts: 63
Log di combofix


ComboFix 09-11-18.09 - Vieri 19/11/2009 16.43.52.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1022.521 [GMT 1:00]
Eseguito da: c:\documents and settings\Vieri\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00000002-0002-0000-6C25-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-14EF-9D7C08000A00}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((( Files Creati Da 2009-10-19 al 2009-11-19 )))))))))))))))))))))))))))))))))))
.

2009-11-18 17:20 . 2009-11-18 17:20 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2009-11-18 17:15 . 2009-11-18 17:16 -------- d-----w- c:\documents and settings\Vieri\Impostazioni locali\Dati applicazioni\Temp
2009-11-18 17:15 . 2009-11-18 17:15 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Google
2009-11-18 17:15 . 2009-11-18 17:16 -------- d-----w- c:\programmi\Google
2009-11-18 17:13 . 2009-11-18 17:16 -------- d-----w- c:\documents and settings\Vieri\Impostazioni locali\Dati applicazioni\Google
2009-11-18 17:03 . 2009-05-18 13:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-11-18 17:03 . 2008-04-17 12:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-11-18 17:02 . 2009-11-18 17:02 -------- d-----w- c:\programmi\iPod
2009-11-18 17:02 . 2009-11-18 17:03 -------- d-----w- c:\programmi\iTunes
2009-11-18 17:02 . 2009-11-18 17:03 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-18 16:59 . 2009-11-18 17:06 -------- d-----w- c:\documents and settings\Vieri\Dati applicazioni\Apple Computer
2009-11-18 16:58 . 2009-11-18 16:58 -------- d-----w- c:\programmi\QuickTime
2009-11-18 16:58 . 2009-11-18 17:02 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2009-11-18 16:57 . 2009-11-18 17:02 -------- d-----w- c:\programmi\File comuni\Apple
2009-11-18 16:57 . 2009-11-18 16:57 -------- d-----w- c:\documents and settings\Vieri\Impostazioni locali\Dati applicazioni\Apple
2009-11-18 16:57 . 2009-11-18 16:57 -------- d-----w- c:\programmi\Apple Software Update
2009-11-18 16:57 . 2009-11-18 16:57 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple
2009-11-18 16:57 . 2009-11-18 17:07 -------- d-----w- c:\documents and settings\Vieri\Impostazioni locali\Dati applicazioni\Apple Computer
2009-11-17 17:58 . 2009-11-17 18:03 -------- d-----w- c:\documents and settings\Vieri\Dati applicazioni\Smart Panel
2009-11-17 17:56 . 2009-11-17 17:56 -------- d-----w- c:\windows\EPSON CardMonitor Essential
2009-11-17 17:56 . 2009-11-17 17:56 -------- d-----w- c:\windows\EPSON PhotoStarter Essential
2009-11-17 17:55 . 2009-11-17 17:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\UDL
2009-11-17 17:55 . 2003-07-02 00:00 131072 ----a-w- c:\windows\system32\Epcmlib.dll
2009-11-17 17:54 . 1999-12-07 01:03 73216 ----a-w- c:\windows\ADE.DLL
2009-11-17 17:54 . 1999-06-15 10:31 96768 ----a-w- c:\windows\SlantAdj.dll
2009-11-17 17:54 . 1999-04-26 23:17 3136 ----a-w- c:\windows\Ade001.bin
2009-11-17 17:53 . 2009-11-17 17:55 -------- d-----w- c:\programmi\Smart Panel
2009-11-17 17:53 . 2004-02-01 00:00 413696 ----a-w- c:\windows\system32\PICSDK.dll
2009-11-17 17:53 . 2004-02-01 00:00 30605 ----a-w- c:\windows\system32\EPPICPrinterDB.dat
2009-11-17 17:53 . 2004-02-01 00:00 27030 ----a-w- c:\windows\system32\EPPICPattern1.dat
2009-11-17 17:53 . 2002-11-14 23:00 65536 ----a-w- c:\windows\system32\EPPicMgr.dll
2009-11-17 17:53 . 2002-11-14 23:00 114688 ----a-w- c:\windows\system32\EpPicPrt.dll
2009-11-17 17:52 . 2004-02-27 05:01 79654 ----a-w- c:\windows\system32\E_FLM9BE.DLL
2009-11-17 17:52 . 2003-05-21 02:27 64000 ----a-w- c:\windows\system32\E_FBCB9BE.DLL
2009-11-17 17:52 . 2003-04-10 05:40 31744 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-11-17 17:52 . 2000-06-07 01:01 34304 ----a-w- c:\windows\system32\E_FBCH9BE.DLL
2009-11-17 17:52 . 2008-04-13 10:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-11-17 17:52 . 2008-04-13 10:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-11-17 17:52 . 2008-04-13 10:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-11-17 17:52 . 2008-04-13 10:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-11-17 17:52 . 2008-04-13 10:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-11-17 17:52 . 2008-04-13 10:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-11-17 17:50 . 2009-11-17 17:57 -------- d-----w- c:\programmi\epson
2009-11-17 17:50 . 2003-08-05 23:00 29184 ----a-w- c:\windows\system32\escwiadn.dll
2009-11-17 17:50 . 2003-06-30 23:00 46080 ----a-w- c:\windows\system32\escimgd.dll
2009-11-17 17:50 . 2003-06-30 23:00 22528 ----a-w- c:\windows\system32\esccmd.dll
2009-11-16 20:01 . 2009-11-16 20:01 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FLEXnet
2009-11-16 19:57 . 2009-11-18 17:02 -------- d-----w- c:\programmi\Bonjour
2009-11-16 19:49 . 2009-11-16 19:49 -------- d-----w- c:\programmi\File comuni\Macrovision Shared
2009-11-16 16:54 . 2008-04-13 10:39 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2009-11-16 16:54 . 2008-04-13 10:39 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2009-11-16 16:54 . 2008-04-13 10:46 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2009-11-16 16:54 . 2008-04-13 10:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2009-11-16 16:54 . 2008-04-13 10:46 15232 -c--a-w- c:\windows\system32\dllcache\streamip.sys
2009-11-16 16:54 . 2008-04-13 10:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2009-11-16 16:54 . 2008-04-13 10:46 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys
2009-11-16 16:54 . 2008-04-13 10:46 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2009-11-16 16:54 . 2008-04-13 10:46 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
2009-11-16 16:54 . 2008-04-13 10:46 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2009-11-16 16:53 . 2008-04-13 10:46 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2009-11-16 16:53 . 2008-04-13 10:46 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2009-11-16 16:53 . 2008-04-13 10:46 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2009-11-16 16:53 . 2008-04-13 10:46 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2009-11-16 16:53 . 2005-01-14 08:32 53248 ----a-w- c:\windows\system32\PAStiSvc.exe
2009-11-16 16:53 . 2008-04-13 18:13 54784 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-11-16 16:53 . 2008-04-13 18:13 54784 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-11-16 16:50 . 2008-04-13 18:14 152576 -c--a-w- c:\windows\system32\dllcache\irftp.exe
2009-11-16 16:50 . 2008-04-13 18:14 152576 ----a-w- c:\windows\system32\irftp.exe
2009-11-16 16:50 . 2008-04-13 18:13 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2009-11-16 16:50 . 2008-04-13 18:13 8192 ----a-w- c:\windows\system32\wshirda.dll
2009-11-16 16:50 . 2008-04-13 18:13 29696 -c--a-w- c:\windows\system32\dllcache\irmon.dll
2009-11-16 16:50 . 2008-04-13 18:13 29696 ----a-w- c:\windows\system32\irmon.dll
2009-11-16 16:23 . 2009-11-16 16:23 -------- d-----w- c:\programmi\eMule
2009-11-16 15:43 . 2009-11-16 15:43 -------- d-----w- c:\programmi\Microsoft.NET
2009-11-16 15:42 . 2009-11-16 15:43 -------- d-----w- c:\windows\SHELLNEW
2009-11-16 15:41 . 2009-11-16 15:41 -------- d-----r- C:\MSOCache
2009-11-12 22:23 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-11-12 22:23 . 2009-11-12 22:23 -------- d-----w- c:\programmi\K-Lite Codec Pack
2009-11-12 12:51 . 2009-11-12 12:51 -------- d-----w- c:\documents and settings\Vieri\Dati applicazioni\Malwarebytes
2009-11-12 12:51 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-12 12:51 . 2009-11-12 12:51 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-11-12 12:51 . 2009-11-12 12:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-11-12 12:51 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-12 12:07 . 2003-06-25 15:05 266360 ----a-w- c:\windows\system32\TweakUI.exe
2009-11-12 10:03 . 2008-04-13 10:40 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2009-11-11 21:17 . 2009-11-19 15:48 -------- d--h--w- c:\documents and settings\Administrator\Impostazioni locali
2009-11-11 21:17 . 2009-11-11 21:32 -------- d--h--w- c:\documents and settings\Administrator\Modelli
2009-11-11 21:17 . 2009-11-11 21:32 -------- d--h--r- c:\documents and settings\Administrator\Dati applicazioni
2009-11-11 21:17 . 2009-11-11 21:32 -------- d-----r- c:\documents and settings\Administrator\Preferiti
2009-11-11 21:17 . 2009-11-11 21:32 -------- d-----w- c:\documents and settings\Administrator
2009-11-11 21:00 . 2009-11-11 21:00 -------- d-----w- c:\programmi\Trend Micro
2009-11-11 15:59 . 2009-11-06 16:32 586107 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aescript.dll
2009-11-11 15:59 . 2009-10-02 22:15 479604 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aerdl.dll
2009-11-11 15:59 . 2009-09-15 15:58 106867 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aevdf.dll
2009-11-11 15:59 . 2009-09-03 15:24 127346 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aescn.dll
2009-11-11 15:59 . 2009-11-06 16:32 2093432 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aeheur.dll
2009-11-11 15:59 . 2009-11-05 14:21 422261 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aepack.dll
2009-11-11 15:59 . 2009-11-05 14:21 364916 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aegen.dll
2009-11-11 15:59 . 2009-10-02 22:15 393587 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aeemu.dll
2009-11-11 15:59 . 2009-09-03 15:24 237940 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aehelp.dll
2009-11-11 15:59 . 2009-06-17 14:32 196987 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aeoffice.dll
2009-11-11 15:59 . 2009-11-05 14:21 184694 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aecore.dll
2009-11-11 15:59 . 2008-10-15 10:49 53618 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aebb.dll
2009-11-11 15:31 . 2009-07-28 15:34 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-11 15:31 . 2009-03-30 09:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-11-11 15:31 . 2009-02-13 11:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-11-11 15:31 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-11-11 15:31 . 2009-11-11 15:31 -------- d-----w- c:\programmi\Avira
2009-11-11 15:31 . 2009-11-11 15:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2009-11-11 15:26 . 2009-11-16 19:57 -------- d-----w- c:\programmi\File comuni\Adobe
2009-11-11 15:24 . 2009-11-18 12:20 -------- d-----w- c:\documents and settings\Vieri\Impostazioni locali\Dati applicazioni\Adobe
2009-11-11 15:24 . 2009-11-11 15:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NOS
2009-11-11 15:24 . 2009-11-11 15:24 -------- d-----w- c:\programmi\NOS
2009-11-11 15:24 . 2009-11-06 08:20 34112 ----a-w- c:\documents and settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
2009-11-11 15:24 . 2009-11-06 08:20 32448 ----a-w- c:\documents and settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
2009-11-11 15:24 . 2009-11-06 08:20 22352 ----a-w- c:\documents and settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
2009-11-11 13:40 . 2009-11-11 13:40 -------- d-----w- c:\documents and settings\Vieri\Impostazioni locali\Dati applicazioni\PackageAware
2009-11-11 13:04 . 2009-11-11 13:04 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-11 13:04 . 2009-11-19 15:08 -------- d-----w- c:\documents and settings\Vieri\Dati applicazioni\skypePM
2009-11-11 11:56 . 2009-11-11 11:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2009-11-11 11:08 . 2009-11-19 15:38 -------- d-----w- c:\documents and settings\Vieri\Dati applicazioni\Skype
2009-11-11 11:04 . 2009-11-11 11:04 -------- d-----w- c:\programmi\Messenger Plus! Live
2009-11-11 11:03 . 2009-11-11 11:03 -------- d-----w- c:\programmi\File comuni\Skype
2009-11-11 11:03 . 2009-11-11 11:03 -------- d-----r- c:\programmi\Skype
2009-11-11 11:03 . 2009-11-11 11:03 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-17 17:57 . 2009-11-10 19:05 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-11-17 10:15 . 2009-11-10 18:28 43528 ----a-w- c:\documents and settings\Vieri\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-11-16 17:14 . 2001-08-31 08:00 47814 ----a-w- c:\windows\system32\perfc010.dat
2009-11-16 17:14 . 2001-08-31 08:00 345382 ----a-w- c:\windows\system32\perfh010.dat
2009-11-12 10:09 . 2009-11-10 18:09 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-11-11 21:18 . 2009-11-11 21:18 43528 ----a-w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-11-11 10:30 . 2009-11-10 19:03 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-11-10 21:16 . 2009-11-10 21:16 359040 ----a-w- c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
2009-11-10 19:17 . 2009-11-10 19:17 -------- d-----w- c:\programmi\Alwil Software
2009-11-10 19:05 . 2009-11-10 19:05 26 ----a-w- c:\windows\system32\drivers\adidsl.cfg
2009-11-10 19:05 . 2009-11-10 19:05 -------- d-----w- c:\programmi\ADSL
2009-11-10 18:09 . 2009-11-10 18:09 -------- d-----w- c:\programmi\microsoft frontpage
2009-11-10 18:09 . 2009-11-10 18:09 2678 ----a-w- c:\windows\java\Packages\Data\WNTBBL7B.DAT
2009-11-10 18:09 . 2009-11-10 18:09 558142 ----a-w- c:\windows\java\Packages\YTVDB1N1.ZIP
2009-11-10 18:09 . 2009-11-10 18:09 2678 ----a-w- c:\windows\java\Packages\Data\YF1V5BDZ.DAT
2009-11-10 18:09 . 2009-11-10 18:09 2678 ----a-w- c:\windows\java\Packages\Data\WFP7L3H3.DAT
2009-11-10 18:09 . 2009-11-10 18:09 2678 ----a-w- c:\windows\java\Packages\Data\R7XFX7N1.DAT
2009-11-10 18:09 . 2009-11-10 18:09 2678 ----a-w- c:\windows\java\Packages\Data\JTJL3XRZ.DAT
2009-11-10 18:09 . 2009-11-10 18:09 155995 ----a-w- c:\windows\java\Packages\7V7ZZ9Z7.ZIP
2009-11-10 18:07 . 2009-11-10 18:07 21840 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-10 18:07 . 2009-11-10 18:07 -------- d-----w- c:\programmi\Servizi in linea
2009-10-28 19:58 . 2009-10-28 19:58 79144 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-11-17 7700480]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-11-17 86016]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Malwarebytes Anti-Malware (reboot)"="c:\programmi\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"EPSON Stylus CX3600 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE" [2004-03-04 98304]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2009-10-28 141600]
"2kadiras"="2kadiras.exe" - c:\windows\2kadiras.EXE [2003-07-18 32768]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-13 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
DSLMON.lnk - c:\programmi\ADSL\StarModem ADSL USB MODEM\dslmon.exe [2009-11-10 929792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,\

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [18/11/2009 18.15.25 135664]
S3 getPlusHelper;getPlus(R) Helper;c:\windows\System32\svchost.exe -k getPlusHelper [31/08/2001 9.00.00 14336]
S3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.sys [24/02/2005 12.29.14 162176]

--- Altri Servizi/Drivers In Memoria ---

*Deregistered* - mbr
*Deregistered* - PROCEXP113

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contenuto della cartella 'Scheduled Tasks'

2009-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-11-18 17:15]

2009-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-11-18 17:15]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it
FF - component: c:\programmi\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\documents and settings\Vieri\Dati applicazioni\Mozilla\Firefox\Profiles\q95jsqvu.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\programmi\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.13\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKLM-Run-nwiz - nwiz.exe
HKLM-Run-RTHDCPL - RTHDCPL.EXE
AddRemove-Windows Media Format Runtime - c:\programmi\Windows Media Player\wmsetsdk.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-19 16:48
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2009-11-19 16:49
ComboFix-quarantined-files.txt 2009-11-19 15:49
ComboFix2.txt 2009-11-11 11:58

Pre-Run: 143.098.597.376 byte disponibili
Post-Run: 143.075.942.400 byte disponibili

- - End Of File - - 45F571EA4DCEB06C8399B1EB544D188D
Torna in alto
 
r16
Inviato: Thursday, November 19, 2009 10:12:20 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Vai in "Installazione Applicazioni" e rimuovi TUTTE le versioni Java che trovi.
Con la funzione "Cerca" digita Java ed elimina tutto quello che trova.
Pulisci (registro compreso con CCleaner.
Riavvia il pc.
Poi:
Rifai la scansione con Combofix, e posta il log.
Torna in alto
 
vierao
Inviato: Friday, November 20, 2009 10:36:10 AM
Rank: AiutAmico

Iscritto dal : 10/7/2007
Posts: 63
Ciao,in cerca mi trova tanti file java,ma non li cancella tutti....ho provato a riparare il registro di ccleaner lo stesso....
Torna in alto
 
Utenti presenti in questo topic
Guest

4 pages: 1 2 3 [4]

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Virus Win:32 Vitro...aiuto per Hijack..


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.