Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » mi controllate il log di hijack

mi controllate il log di hijack Opzioni
Topic Precedente · Topic Sucessivo
maxmixx1970
Inviato: Wednesday, November 25, 2009 11:19:37 PM
Rank: Member

Iscritto dal : 10/13/2009
Posts: 10
salve a tutti, da qualche giorno mi si aprono dei popup e la navigazione internet ed anche outlook si sono rallentati....questo è il mio log :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23.12.36, on 25/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Programmi\D-Link\AirPlus G\AirGCFG.exe
C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\File comuni\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
C:\WINDOWS\ATKKBService.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Programmi\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmi\AVG\AVG8\avgcsrvx.exe
C:\Programmi\internet explorer\iexplore.exe
C:\Programmi\Windows Live\Toolbar\wltuser.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmi\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Programmi\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Ad-Watch] C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iso data fast cast] C:\Documents and Settings\All Users\Dati applicazioni\save time iso data\phone two.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Programmi\File comuni\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [browse admin] C:\DOCUME~1\ADMINI~1\DATIAP~1\EGGSHO~1\Window Jugs.exe
O4 - HKUS\S-1-5-21-1960408961-1682526488-725345543-500\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User '?')
O4 - HKUS\S-1-5-21-1960408961-1682526488-725345543-500\..\Run: [ISUSPM] "C:\Programmi\File comuni\InstallShield\UpdateService\isuspm.exe" -scheduler (User '?')
O4 - HKUS\S-1-5-21-1960408961-1682526488-725345543-500\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1960408961-1682526488-725345543-500\..\Run: [browse admin] C:\DOCUME~1\ADMINI~1\DATIAP~1\EGGSHO~1\Window Jugs.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Aggiungi all'elenco di stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Anteprima Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Stampa ad alta velocità Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.12print.it/cab/ImageUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1233787494546
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://sicurezza.libero.it/ols/fscax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Update Service (gupdate1c987dc797e78ba) (gupdate1c987dc797e78ba) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 11345 bytes

grazie in anticipo a tutti voi.....ciao
Torna in alto
 
Sponsor
Inviato: Wednesday, November 25, 2009 11:19:37 PM

 
Torna in alto
 
r16
Inviato: Wednesday, November 25, 2009 11:34:20 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.aiutamici.com/software?id=80346
Prima di fare la scansione AGGIORNALO. (è molto importante)
Esegui una scansione completa del sistema.
Posta il log.

Scarica Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe


Salvalo sul desktop.

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (comparirà una videata.)
Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.
E' probabile che ti siano inviati messaggi dall'antivirus, tu ignorali.
Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.

Disinstalla combofix in questo modo: (dopo che avrò visto il log)
Start
Esegui
nella finestra di dialogo, copia ed incolla questo comando: Combofix /u e premi Invio poi cancella le cartelle in "C" di Combofix e (qoobox)
Torna in alto
 
maxmixx1970
Inviato: Thursday, November 26, 2009 7:40:35 PM
Rank: Member

Iscritto dal : 10/13/2009
Posts: 10
log di MalwareBytes :
Malwarebytes' Anti-Malware 1.41
Versione del database: 3237
Windows 5.1.2600 Service Pack 2

26/11/2009 19.15.21
mbam-log-2009-11-26 (19-15-14).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 214973
Tempo trascorso: 56 minute(s), 26 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 3
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)
Torna in alto
 
maxmixx1970
Inviato: Thursday, November 26, 2009 7:41:39 PM
Rank: Member

Iscritto dal : 10/13/2009
Posts: 10
log di combofix :
ComboFix 09-11-25.05 - Administrator 26/11/2009 19.23.48.2.4 - x86
Eseguito da: c:\documents and settings\Administrator\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Dati applicazioni\Desktopicon
c:\documents and settings\Administrator\Dati applicazioni\Desktopicon\eBay.ico
c:\documents and settings\Administrator\Dati applicazioni\Desktopicon\uninst.exe
c:\windows\system32\vbzlib1.dll

.
((((((((((((((((((((((((( Files Creati Da 2009-10-26 al 2009-11-26 )))))))))))))))))))))))))))))))))))
.

2009-11-25 19:03 . 2009-11-06 15:58 2064152 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgcorex.dll
2009-11-25 19:03 . 2009-11-03 17:17 3513624 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgui.exe
2009-11-25 19:03 . 2009-11-03 17:17 2028312 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgtray.exe
2009-11-23 19:04 . 2009-11-23 19:04 152576 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-23 19:03 . 2009-11-23 19:03 79488 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-18 22:33 . 2009-11-18 22:33 -------- d-----w- c:\programmi\Photo to Sketch
2009-11-18 22:14 . 2009-11-18 22:14 -------- d-----w- c:\programmi\2 Pic
2009-11-16 21:06 . 2009-11-16 21:06 -------- d-----w- c:\programmi\Caricature Software
2009-11-14 20:25 . 2009-11-14 20:25 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2009-11-14 20:24 . 2009-11-14 20:24 401408 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Eggs hope sect\Ref Byte Flaw.exe
2009-11-14 20:23 . 2009-11-14 20:23 282624 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Eggs hope sect\Mix Does For Glue.exe
2009-11-14 20:23 . 2009-11-26 13:27 745472 ----a-w- c:\documents and settings\All Users\Dati applicazioni\save time iso data\phone two.exe
2009-11-14 20:23 . 2009-11-14 20:23 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\save time iso data
2009-11-14 20:23 . 2009-11-14 20:23 745472 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Eggs hope sect\blzwkvse.exe
2009-11-14 20:23 . 2009-11-14 20:23 -------- d-----w- c:\programmi\Eggs hope sect
2009-11-14 20:23 . 2009-11-14 20:24 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Eggs hope sect
2009-11-14 20:23 . 2009-11-14 20:23 499712 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Eggs hope sect\Window Jugs.exe
2009-11-14 20:23 . 2009-11-14 20:23 -------- d-----w- c:\programmi\Circle Develpement
2009-11-14 20:23 . 2009-11-14 20:23 -------- d-----w- c:\programmi\Messenger Plus! Live
2009-11-12 19:48 . 2009-11-12 19:48 921632 ----a-w- C:\PA7302.DAT
2009-11-10 20:25 . 2009-11-10 20:25 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Help
2009-11-08 23:32 . 2009-11-08 23:32 -------- d-----w- c:\programmi\Microsoft Silverlight
2009-11-08 23:32 . 2009-08-05 21:48 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2009-11-08 23:32 . 2009-11-08 23:32 -------- d-----w- c:\programmi\Microsoft Sync Framework
2009-11-08 23:20 . 2009-11-24 18:23 -------- d-----w- c:\documents and settings\Administrator\Tracing
2009-11-08 23:20 . 2009-11-08 23:20 -------- d-----w- c:\programmi\Microsoft
2009-11-08 23:19 . 2009-11-08 23:19 -------- d-----w- c:\programmi\Windows Live SkyDrive
2009-11-08 18:57 . 2009-11-08 18:57 -------- d-----w- c:\programmi\File comuni\Windows Live
2009-11-04 18:44 . 2009-11-04 18:44 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Palmlex
2009-11-04 18:44 . 2009-11-04 18:48 -------- d-----w- c:\programmi\Codice Fiscale
2009-11-01 19:03 . 2009-11-01 19:03 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Temp
2009-10-31 09:44 . 2009-10-31 09:44 54 ----a-w- c:\windows\system32\rp_stats.dat
2009-10-31 09:44 . 2009-10-31 09:44 39 ----a-w- c:\windows\system32\rp_rules.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-25 22:34 . 2009-09-22 19:58 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\vlc
2009-11-25 22:34 . 2009-02-04 21:40 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2009-11-25 21:28 . 2009-03-22 23:26 1 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-11-23 19:04 . 2009-02-04 21:29 -------- d-----w- c:\programmi\Java
2009-11-22 10:17 . 2009-02-27 18:43 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-11-21 16:18 . 2009-02-27 18:43 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2009-11-19 23:29 . 2009-02-05 21:54 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Google Updater
2009-11-19 20:00 . 2009-10-04 08:53 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\FrostWire
2009-11-18 22:24 . 2009-02-04 21:53 -------- d-----w- c:\programmi\ArcSoft
2009-11-18 13:42 . 2009-07-11 17:22 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\dvdcss
2009-11-16 21:05 . 2009-02-04 23:01 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\uTorrent
2009-11-10 20:27 . 2009-03-27 20:05 256 ----a-w- c:\windows\system32\pool.bin
2009-11-08 23:32 . 2009-02-04 22:46 -------- d-----w- c:\programmi\Windows Live
2009-11-08 23:14 . 2009-02-04 21:31 55744 ----a-w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-11-08 23:08 . 2009-02-04 22:49 -------- d-----w- c:\programmi\Windows Live Toolbar
2009-11-08 22:16 . 2009-02-17 20:35 -------- d-----w- c:\programmi\MSECache
2009-11-08 11:51 . 2009-02-04 22:57 -------- d-----w- c:\programmi\Google
2009-11-01 23:16 . 2009-03-14 17:20 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Canon
2009-10-20 21:39 . 2009-10-20 21:06 -------- d-----w- c:\programmi\StreamerOne
2009-10-19 21:28 . 2009-10-19 21:28 -------- d-----w- c:\programmi\Zeallsoft
2009-10-17 11:57 . 2009-10-17 11:57 -------- d-----w- c:\programmi\XRECODE
2009-10-17 08:01 . 2009-10-05 08:01 3695616 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2009-10-17 08:01 . 2009-07-11 08:02 2353992 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-10-16 21:10 . 2009-02-07 12:54 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\mIRC
2009-10-16 20:49 . 2009-09-04 21:38 -------- d-----w- c:\programmi\mIRC
2009-10-13 20:50 . 2009-02-15 13:50 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-10-13 20:50 . 2009-10-13 20:50 4045527 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-10-13 18:37 . 2009-10-13 18:37 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Convivea
2009-10-13 18:37 . 2009-10-13 18:37 -------- d-----w- c:\programmi\Bit Che
2009-10-13 17:23 . 2009-10-13 17:23 -------- d-----w- c:\programmi\Trend Micro
2009-10-12 21:14 . 2009-10-12 21:14 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\.clamwin
2009-10-12 21:14 . 2009-10-12 21:14 -------- d-----w- c:\programmi\ClamWin
2009-10-12 18:15 . 2009-10-12 18:15 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\KC Softwares
2009-10-12 18:14 . 2009-10-12 18:14 -------- d-----w- c:\programmi\KC Softwares
2009-10-11 03:17 . 2009-02-17 20:36 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-10 15:24 . 2009-10-10 15:24 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\GlarySoft
2009-10-10 15:19 . 2009-10-10 15:19 -------- d-----w- c:\programmi\Glary Utilities
2009-10-05 08:02 . 2009-06-01 08:00 104448 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\ToolBox\AutoStart Manager\SO.dll
2009-10-05 08:02 . 2009-07-11 08:02 427520 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\ToolBox\AutoStart Manager\AutoStart Manager.exe
2009-10-05 08:02 . 2009-07-11 08:02 314712 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\threatwork.exe
2009-10-05 08:02 . 2009-07-11 08:02 25440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\savapibridge.dll
2009-10-05 08:02 . 2009-06-01 08:00 15688 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\lsdelete.exe
2009-10-05 08:02 . 2009-05-23 08:37 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-10-05 08:02 . 2009-07-11 08:02 168800 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\lavamessage.dll
2009-10-05 08:02 . 2009-07-11 08:02 349008 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\lavalicense.dll
2009-10-05 08:02 . 2009-10-05 08:02 17632 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\WSCUpdate.dll
2009-10-05 08:02 . 2009-07-11 08:02 298336 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2009-10-05 08:02 . 2009-07-11 08:02 84320 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\ShellExt.dll
2009-10-05 08:02 . 2009-07-11 08:02 1630560 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Resources.dll
2009-10-05 08:01 . 2009-07-11 08:02 246640 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\RPAPI.dll
2009-10-05 08:01 . 2009-07-11 08:02 40288 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2009-10-05 08:01 . 2009-10-05 08:01 68640 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Drivers\64\lbd.sys
2009-10-05 08:01 . 2009-10-05 08:01 303976 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Drivers\64\AAWDriverTool.exe
2009-10-05 08:01 . 2009-07-11 08:02 664936 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\CEAPI.dll
2009-10-05 08:01 . 2009-07-11 08:02 562552 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-10-05 08:01 . 2009-07-11 08:02 566632 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-10-05 08:01 . 2009-07-11 08:02 640760 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\AAWWSC.exe
2009-10-05 08:01 . 2009-07-11 08:02 520024 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-10-05 08:01 . 2009-07-11 08:02 1028432 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-10-04 09:10 . 2009-10-04 09:10 0 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\FrostWire\.NetworkShare\Incomplete\T-4506256-LimeWireWin4.16.6.exe
2009-10-04 08:53 . 2009-10-04 08:53 -------- d-----w- c:\programmi\FrostWire
2009-09-29 17:54 . 2009-04-14 13:28 -------- d-----w- c:\programmi\GameTop.com
2009-09-12 12:21 . 2004-08-19 16:39 219648 ----a-w- c:\windows\system32\uxtheme.dll
2009-09-10 12:54 . 2009-02-15 13:50 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-02-15 13:50 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-30 09:29 . 2009-08-30 09:29 152576 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\jre1.6.0_15\lzma.dll
2009-08-29 16:05 . 2009-06-21 10:12 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-29 16:05 . 2009-06-21 10:12 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-29 16:05 . 2009-06-21 10:12 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-01-27 01:34 . 2009-01-27 01:34 1044480 -c--a-w- c:\programmi\mozilla firefox\plugins\libdivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 200704 -c--a-w- c:\programmi\mozilla firefox\plugins\ssldivx.dll
2006-05-03 10:06 . 2009-02-27 16:43 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 . 2009-02-27 16:43 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 . 2009-02-27 16:43 216064 --sh--r- c:\windows\system32\nbDX.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-05 39408]
"ISUSPM"="c:\programmi\File comuni\InstallShield\UpdateService\isuspm.exe" [2006-09-11 218032]
"browse admin"="c:\docume~1\ADMINI~1\DATIAP~1\EGGSHO~1\Window Jugs.exe" [2009-11-14 499712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"D-Link AirPlus G"="c:\programmi\D-Link\AirPlus G\AirGCFG.exe" [2007-08-03 1552384]
"ISUSPM Startup"="c:\progra~1\FILECO~1\INSTAL~1\UPDATE~1\isuspm.exe" [2006-09-11 218032]
"ANIWZCS2Service"="c:\programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"Ad-Watch"="c:\programmi\Lavasoft\Ad-Aware\AAWTray.exe" [2009-10-05 520024]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-25 2029336]
"Malwarebytes Anti-Malware (reboot)"="c:\programmi\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"iso data fast cast"="c:\documents and settings\All Users\Dati applicazioni\save time iso data\phone two.exe" [2009-11-26 745472]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-06-28 1626112]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-11-14 16270848]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-29 16:05 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Avvio^Programmi^Esecuzione automatica^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^BlackBerry Desktop Redirector.lnk]
backup=c:\windows\pss\BlackBerry Desktop Redirector.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Nokia Nseries PC Suite.lnk]
backup=c:\windows\pss\Nokia Nseries PC Suite.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\mIRC\\mirc.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\SopCast\\adv\\SopAdver.exe"=
"c:\\Programmi\\SopCast\\SopCast.exe"=
"c:\\Programmi\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Documents and Settings\\Administrator\\Desktop\\GIOCHI\\Flash\\Preferiti\\blobby volley\\volley.exe"=
"c:\\Programmi\\Shareaza\\Shareaza.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgemc.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Documents and Settings\\Administrator\\Desktop\\P 2 P\\xdccMule\\mIRC.exe"=
"c:\\Programmi\\StreamerOne\\StreamerOne.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-04-09 717296]
R2 gupdate1c987dc797e78ba;Google Update Service (gupdate1c987dc797e78ba);c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-05 133104]
R2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2001-08-31 3584]
R3 fsssvc;Servizio Windows Live Family Safety;c:\programmi\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-05-23 64160]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-08-29 335240]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-06-21 108552]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-08-29 908056]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-08-29 297752]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmi\Lavasoft\Ad-Aware\AAWService.exe [2009-10-05 1028432]
S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-05-13 603904]
S3 PAC7302;PAC7302 VGA USB Camera;c:\windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]


--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - JGOGO

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenuto della cartella 'Scheduled Tasks'

2009-11-26 c:\windows\Tasks\AB339E8891C414AC.job
- c:\docume~1\admini~1\datiap~1\eggsho~1\Ref Byte Flaw.exe [2009-11-14 20:24]

2009-11-21 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 08:01]

2009-11-26 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary Utilities\initialize.exe [2009-10-10 17:27]

2009-11-26 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-04 18:41]

2009-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-05 21:55]

2009-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-05 21:55]

2009-11-26 c:\windows\Tasks\Manutenzione in 1 clic.job
- c:\programmi\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 14:20]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Aggiungi all'elenco di stampa Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Anteprima Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Stampa ad alta velocità Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Stampa Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
FF - ProfilePath - c:\documents and settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\wrxrvs9r.default\
FF - component: c:\programmi\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\programmi\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\programmi\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\programmi\Windows Live\Photo Gallery\NPWLPG.dll
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

AddRemove-Ad-Aware - c:\documents and settings\All Users\Dati applicazioni\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe REMOVE=TRUE MODIFY=FALSE
AddRemove-eBay Icon - c:\documents and settings\Administrator\Dati applicazioni\Desktopicon\uninst.exe
AddRemove-mIRC - c:\programmi\mIRC\uninstall.exe _?=c:\programmi\mIRC
AddRemove-NVIDIA Drivers - c:\windows\system32\nvuide.exe UninstallGUI
AddRemove-xdccMule - c:\documents and settings\Administrator\Desktop\xdccMule\Uninstal.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-26 19:29
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2009-11-26 19:31
ComboFix-quarantined-files.txt 2009-11-26 18:31
ComboFix2.txt 2009-10-13 19:10

Pre-Run: 157.265.006.592 byte disponibili
Post-Run: 157.239.476.224 byte disponibili

- - End Of File - - 02B879E8F6AE8263FE9A4CF301FE9B86
Torna in alto
 
maxmixx1970
Inviato: Thursday, November 26, 2009 7:42:33 PM
Rank: Member

Iscritto dal : 10/13/2009
Posts: 10
grazie in anticipo x l'aiuto.....
Torna in alto
 
r16
Inviato: Thursday, November 26, 2009 11:13:49 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Elimina quello che ha trovato Malwarebytes.
Disistalla Ad-Aware.
E al posto suo, tieni Malwarebytes, che è molto più valido.
Fai una scansione on-line con questo http://housecall.trendmicro.com/it/
Riscontri ancora problemi?
Torna in alto
 
maxmixx1970
Inviato: Friday, November 27, 2009 2:54:29 PM
Rank: Member

Iscritto dal : 10/13/2009
Posts: 10
forse ho risolto ma non riesco a disinstallare combofix....???start-esegui-Combofix /u.....ma si avvia il programma e non disinstalla nulla....help me please
Torna in alto
 
r16
Inviato: Friday, November 27, 2009 3:08:18 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Vai in C: ed eliminala cartella Combofix.
Elimina anche la cartella Qoobox.
Elimina l'icona di Combofix sul desktop.
Con la funzione "Cerca" digita Combofix ed elimina quello che trova.

Dai una pulita (registro compreso)con CCleaner http://www.aiutaamici.com/software?ID=11223
Nella schermata iniziale di CCleaner, clicca su Opzioni e poi Avanzate, togli il segno di spunta a: Cancella i file in Windows Temp solo se più vecchi di 48 ore. (poi esegui le pulizie)

Aggiorna il Sistema Operativo:
http://www.microsoft.com/downloads/details.aspx?FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4&DisplayLang=it

Aggiorna l'antivirus alla nuova versione : AVG9 (disistalla prima AVG8)
http://www.aiutamici.com/software?ID=11537
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » mi controllate il log di hijack


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.