<BLOCKQUOTE id=quote><font size=1 face="Sans Serif, Arial, Helvetica" id=quote>quote:<hr height=1 noshade id=quote>
Ciao ,
esegui queste operazioni
Disattiva il ripristino di configurazione, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=257&SH=NRiavvia in modalità provvisoria, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=344&SH=Napri HIJAC THIS ed elimina come indicato in questo articolo
http://www.aiutamici.com/software/descrizione.asp?CodSw=1175le righe che seguono.
==================================
O2 - BHO: WindowsIE.clsIS - {2E12B523-3D4C-4FAC-9B04-0376A8F5E879} - c:\windows\WindowsIE.dll
-
O4 - HKLM\..\Run: [2kadiras] 2kadiras Disabled.exe
O4 - HKLM\..\Run: [9xadiras] 9xadiras Disabled.exe
-
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck Disabled.exe
-
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1 DISABILITATO.EXE
O4 - HKLM\..\Run: [InstantAccess] C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1 DISABILITATO.EXE /h
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmi\Elaborate Bytes\CloneCD\CloneCDTray DISABILITATO.exe" /s
O4 - HKLM\..\Run: [MOD] C:\Programmi\Microangelo\muamgr DISABILITATO.exe
-
O4 - HKLM\..\Run: [ASUS Probe] c:\programmi\ASUS\Probe\AsusProb DISABILITATO.exe
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP DISABILITATO.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP. DISABILITATOEXE /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG DISABILITATO.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1 DISABILITATO.EXE
==================================
Con la funzione CERCA di Windows, cerca ed elimina questi file,
==================================
WindowsIE.dll
==================================
Vai a PANNELLO DI CONTROLLO e clicca su OPZIONI INTERNET
nella finestra che si apre clicca i tre pulsanti
ELIMINA COOKIES - ELIMINA FILE - CANCELLA CRONOOLOGIA
al termine utilizza i programmi AD-AWARE e SPYBOT indicati in questo articolo
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=388&SH=Nsempre in modalità provvisoria fai una scansione Antivirus
quindi riavvia il computer e controlla se il problema e risolto, se e tutto OK riattiva il ripristino configurazione disattivato all'inizio di questa procedura e crea un nuovo punto di ripristino, leggi qui alla voce 8
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=170&SH=NFai una scansione antivirus on line da questo indirizzo
http://it.mcafee.com/root/mfs/default.aspUtilizza questo programma
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=1041<hr height=1 noshade id=quote></BLOCKQUOTE id=quote></font id=quote><font face="Sans Serif, Arial, Helvetica" size=2 id=quote>
Ciao Alfonso, grazie per il tuo aiuto. Credo comunque che non sia riuscita a ripulire il sistema nonostante abbia avviato svariate volte sia in modalità provvisoria sia non, Adware-se Search and Destroy e Antivirus e tutto ciò che mi hai suggerito.
Questo è il responso di Adware
Ad-Aware SE Build 1.06r1
Logfile Created on:giovedì 4 maggio 2006 14.25.35
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R106 02.05.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
04-05-2006 14.25.35 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32 ProcessID : 816
ThreadCreationTime : 04-05-2006 11.46.53
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32 ProcessID : 876
ThreadCreationTime : 04-05-2006 11.46.58
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32 ProcessID : 908
ThreadCreationTime : 04-05-2006 11.47.01
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32 ProcessID : 952
ThreadCreationTime : 04-05-2006 11.47.03
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applicazione Servizi e Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tutti i diritti riservati.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32 ProcessID : 964
ThreadCreationTime : 04-05-2006 11.47.03
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32 ProcessID : 1108
ThreadCreationTime : 04-05-2006 11.47.06
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32 ProcessID : 1184
ThreadCreationTime : 04-05-2006 11.47.08
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32 ProcessID : 1244
ThreadCreationTime : 04-05-2006 11.47.08
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [incdsrv.exe]
FilePath : C:\Programmi\Ahead\InCD ProcessID : 1272
ThreadCreationTime : 04-05-2006 11.47.08
BasePriority : Normal
FileVersion : 4, 3, 0, 5
ProductVersion : 4, 3, 0, 5
ProductName : Ahead Software AG incdsrv
CompanyName : Ahead Software AG
FileDescription : incdsrv
InternalName : incdsrv
LegalCopyright : Copyright 1995-2004 Ahead Software AG and its licensors. All Rights Reserved.
LegalTrademarks : InCD is a trademark of Ahead Software AG
OriginalFilename : incdsrv.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32 ProcessID : 1396
ThreadCreationTime : 04-05-2006 11.47.10
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [svchost.exe]
FilePath : C:\WINDOWS\system32 ProcessID : 1456
ThreadCreationTime : 04-05-2006 11.47.11
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:12 [spoolsv.exe]
FilePath : C:\WINDOWS\system32 ProcessID : 1580
ThreadCreationTime : 04-05-2006 11.47.11
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:13 [cisvc.exe]
FilePath : C:\WINDOWS\system32 ProcessID : 1736
ThreadCreationTime : 04-05-2006 11.47.13
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Content Index service
InternalName : cisvc.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : cisvc.exe
#:14 [mcdetect.exe]
FilePath : c:\programmi\mcafee.com\agent ProcessID : 1780
ThreadCreationTime : 04-05-2006 11.47.14
BasePriority : Normal
FileVersion : 6, 0, 0, 19
ProductVersion : 6, 0, 0, 0
ProductName : McAfee SecurityCenter
CompanyName : McAfee, Inc
FileDescription : McAfee WSC Integration Service
InternalName : McDetect
LegalCopyright : Copyright © 2005 McAfee, Inc.
OriginalFilename : McDetect.exe
Comments : McAfee WSC Integration Service
#:15 [mctskshd.exe]
FilePath : c:\PROGRA~1\mcafee.com\agent ProcessID : 1808
ThreadCreationTime : 04-05-2006 11.47.14
BasePriority : Normal
FileVersion : 6, 0, 0, 13
ProductVersion : 6, 0, 0, 0
ProductName : McAfee SecurityCenter
CompanyName : McAfee, Inc
FileDescription : McAfee Task Scheduler
InternalName : McTskshd
LegalCopyright : Copyright © 2005 McAfee, Inc.
OriginalFilename : McTskshd.exe
#:16 [mcvsrte.exe]
FilePath : c:\PROGRA~1\mcafee.com\vso ProcessID : 1820
ThreadCreationTime : 04-05-2006 11.47.14
BasePriority : Normal
FileVersion : 9, 1, 0, 8
ProductVersion : 9, 1, 0, 0
ProductName : McAfee VirusScan
CompanyName : McAfee, Inc
FileDescription : McAfee VirusScan Real-time Engine
InternalName : mcvsrte
LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved.
OriginalFilename : mcvsrte.exe
Comments : McAfee VirusScan Real-time Engine
#:17 [mpfservice.exe]
FilePath : C:\PROGRA~1\McAfee.com\PERSON~1 ProcessID : 1840
ThreadCreationTime : 04-05-2006 11.47.14
BasePriority : Normal
FileVersion : 4.1.0.1
ProductVersion : 4.1.0.1
ProductName : McAfee Personal Firewall
CompanyName : McAfee Corporation
FileDescription : McAfee Personal Firewall Service
InternalName : MPFService
LegalCopyright : Copyright © 2000,2001
OriginalFilename : MpfService.exe
Comments : McAfee Personal Firewall Service
#:18 [msksrvr.exe]
FilePath : C:\PROGRA~1\McAfee\SPAMKI~1 ProcessID : 1900
ThreadCreationTime : 04-05-2006 11.47.14
BasePriority : Normal
FileVersion : 5.0.0.71
ProductVersion : 5.0
ProductName : McAfee SpamKiller
CompanyName : Networks Associates Technology. Inc.
FileDescription : McAfee SpamKiller Server
InternalName : MSKSRVR
LegalCopyright : Copyright © 1998-2003, Networks Associates Technology, Inc.
OriginalFilename : MSKSRVR.EXE
#:19 [pqv2isvc.exe]
FilePath : C:\Programmi\Symantec\Norton Ghost\Agent ProcessID : 1948
ThreadCreationTime : 04-05-2006 11.47.17
BasePriority : Normal
FileVersion : 9.0.0.2583
ProductVersion : 9.0.0.2583
ProductName : Norton Ghost
CompanyName : Symantec Corporation
FileDescription : Service Module
InternalName : PQV2iSvc
LegalCopyright : Copyright © 1994-2004 Symantec Corporation. All rights reserved.
OriginalFilename : PQV2iSvc.exe
#:20 [tcpsvcs.exe]
FilePath : C:\WINDOWS\system32 ProcessID : 2008
ThreadCreationTime : 04-05-2006 11.47.18
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : TCP/IP Services Application
InternalName : TCPSVCS.EXE
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : TCPSVCS.EXE
#:21 [snmp.exe]
FilePath : C:\WINDOWS\System32 ProcessID : 2028
ThreadCreationTime : 04-05-2006 11.47.18
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Servizio SNMP
InternalName : snmp.exe
LegalCopyright : © Microsoft Corporation. Tutti i diritti riservati.
OriginalFilename : snmp.exe
#:22 [smagent.exe]
FilePath : C:\Programmi\Analog Devices\SoundMAX ProcessID : 268
ThreadCreationTime : 04-05-2006 11.47.19
BasePriority : Normal
FileVersion : 3, 2, 6, 0
ProductVersion : 3, 2, 6, 0
ProductName : SoundMAX service agent
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX service agent component
InternalName : SMAgent
LegalCopyright : Copyright © 2002
OriginalFilename : SMAgent.exe
#:23 [svchost.exe]
FilePath : C:\WINDOWS\system32 ProcessID : 284
ThreadCreationTime : 04-05-2006 11.47.19
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:24 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32 ProcessID : 304
ThreadCreationTime : 04-05-2006 11.47.19
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:25 [mcshield.exe]
FilePath : c:\PROGRA~1\mcafee.com\vso ProcessID : 1648
ThreadCreationTime : 04-05-2006 11.47.26
BasePriority : High
#:26 [explorer.exe]
FilePath : C:\WINDOWS ProcessID : 2080
ThreadCreationTime : 04-05-2006 11.47.28
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Esplora risorse
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tutti i diritti riservati.
OriginalFilename : EXPLORER.EXE
#:27 [alg.exe]
FilePath : C:\WINDOWS\System32 ProcessID : 2428
ThreadCreationTime : 04-05-2006 11.47.38
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:28 [mpfagent.exe]
FilePath : C:\PROGRA~1\McAfee.com\PERSON~1 ProcessID : 2480
ThreadCreationTime : 04-05-2006 11.47.41
BasePriority : Normal
FileVersion : 4.1.0.1
ProductVersion : 4.1.0.1
ProductName : McAfee Personal Firewall (MPF)
CompanyName : McAfee Security
FileDescription : McAfee Personal Firewall Agent Interface
InternalName : MpfAgent
LegalCopyright : Copyright © 2000-2003 Networks Associates Technologies, Inc.
OriginalFilename : MPFAGENT.EXE
Comments : McAfee Personal Firewall Security Center Module
#:29 [mcagent.exe]
FilePath : c:\programmi\mcafee.com\agent ProcessID : 2612
ThreadCreationTime : 04-05-2006 11.47.51
BasePriority : Normal
FileVersion : 6, 0, 0, 16
ProductVersion : 6, 0, 0, 0
ProductName : McAfee SecurityCenter
CompanyName : McAfee, Inc
FileDescription : McAfee SecurityCenter Agent
InternalName : mcagent
LegalCopyright : Copyright © 2005 McAfee, Inc.
OriginalFilename : mcagent.exe
#:30 [amoumain.exe]
FilePath : C:\Programmi\Trust\Ami Mouse 300 Cordless Dual Scroll ProcessID : 2792
ThreadCreationTime : 04-05-2006 11.48.13
BasePriority : Normal
#:31 [hpgs2wnd.exe]
FilePath : C:\Programmi\Hewlett-Packard\HP Share-to-Web ProcessID : 2808
ThreadCreationTime : 04-05-2006 11.48.14
BasePriority : Normal
FileVersion : 2,3,0,0\ 162
ProductVersion : 2,3,0,0\ 162
ProductName : Hewlett-Packard hpgs2wnd
CompanyName : Hewlett-Packard
FileDescription : hpgs2wnd
InternalName : hpgs2wnd
LegalCopyright : Copyright © 2001
OriginalFilename : hpgs2wnd.exe
#:32 [hpotdd01.exe]
FilePath : C:\Programmi\Hewlett-Packard\Digital Imaging\bin ProcessID : 2848
ThreadCreationTime : 04-05-2006 11.48.18
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Hewlett-Packard hpotdd01
CompanyName : Hewlett-Packard
FileDescription : hpotdd01
InternalName : hpotdd01
LegalCopyright : Copyright © 2002
OriginalFilename : hpotdd01.exe
#:33 [hpztsb08.exe]
FilePath : C:\WINDOWS\system32\spool\drivers\w32x86\3 ProcessID : 2856
ThreadCreationTime : 04-05-2006 11.48.18
BasePriority : Normal
FileVersion : 2,223,0,0
ProductVersion : 2,223,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright (c) Hewlett-Packard Company 1999-2003
#:34 [incd.exe]
FilePath : C:\Programmi\Ahead\InCD ProcessID : 2980
ThreadCreationTime : 04-05-2006 11.48.21
BasePriority : Normal
FileVersion : 4, 3, 0, 5
ProductVersion : 4, 3, 0, 5
ProductName : Ahead Software AG InCD
CompanyName : Ahead Software AG
FileDescription : InCD
InternalName : InCD
LegalCopyright : Copyright 1995-2004 Ahead Software AG and its licensors. All Rights Reserved.
LegalTrademarks : InCD is a trademark of Ahead Software AG
OriginalFilename : InCD.exe
#:35 [mpftray.exe]
FilePath : C:\PROGRA~1\McAfee.com\PERSON~1 ProcessID : 3016
ThreadCreationTime : 04-05-2006 11.48.24
BasePriority : Normal
FileVersion : 5.0.1.5
ProductVersion : 5.0.1.5
ProductName : McAfee Personal Firewall (MPF)
CompanyName : McAfee Security
FileDescription : McAfee Personal Firewall Tray Monitor
InternalName : MpfTray
LegalCopyright : Copyright © 2000-2003 Networks Associates Technologies, Inc.
OriginalFilename : MPFTRAY.EXE
Comments : Tray Icon for McAfee Personal Firewall
#:36 [hpgs2wnf.exe]
FilePath : C:\Programmi\Hewlett-Packard\HP Share-to-Web ProcessID : 3040
ThreadCreationTime : 04-05-2006 11.48.26
BasePriority : Normal
FileVersion : 2, 6, 0, 162
ProductVersion : 2, 6, 0, 162
ProductName : hpgs2wnf Module
FileDescription : hpgs2wnf Module
InternalName : hpgs2wnf
LegalCopyright : Copyright 2001
OriginalFilename : hpgs2wnf.EXE
#:37 [mcvsshld.exe]
FilePath : C:\PROGRA~1\mcafee.com\vso ProcessID : 3084
ThreadCreationTime : 04-05-2006 11.48.28
BasePriority : Normal
FileVersion : 9, 1, 0, 6
ProductVersion : 9, 1, 0, 0
ProductName : McAfee VirusScan
CompanyName : McAfee, Inc.
FileDescription : McAfee VirusScan ActiveShield Resource
InternalName : msvcshld
LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved.
OriginalFilename : mcvsshld.exe
Comments : McAfee VirusScan ActiveShield Resource
#:38 [cmgrdian.exe]
FilePath : C:\Programmi\McAfee\McAfee Shared Components\Guardian ProcessID : 3140
ThreadCreationTime : 04-05-2006 11.48.30
BasePriority : Normal
FileVersion : 3.01.1028.0
ProductVersion : 3.01.1028.0
ProductName : McAfee Windows Guardian
CompanyName : Network Associates, Inc.
FileDescription : McAfee Guardian Agent
InternalName : CMGrdian
LegalCopyright : Copyright © 1997-2001 Network Associates, Inc. All rights reserved
OriginalFilename : CMGrdian.exe
#:39 [mcvsescn.exe]
FilePath : c:\progra~1\mcafee.com\vso ProcessID : 3148
ThreadCreationTime : 04-05-2006 11.48.31
BasePriority : Normal
FileVersion : 9, 1, 0, 4
ProductVersion : 9, 1, 0, 0
ProductName : McAfee VirusScan
CompanyName : McAfee, Inc.
FileDescription : McAfee VirusScan E-mail Scan Module
InternalName : mcvsescn
LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved.
OriginalFilename : mcvsescn.EXE
Comments : McAfee VirusScan E-mail Scan Module
#:40 [mskagent.exe]
FilePath : C:\PROGRA~1\McAfee\SPAMKI~1 ProcessID : 3176
ThreadCreationTime : 04-05-2006 11.48.33
BasePriority : Normal
FileVersion : 5, 0, 0, 3
ProductVersion : 5, 0, 0, 0
ProductName : McAfee SpamKiller
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee SpamKiller Agent Interface module
InternalName : MskAgent
LegalCopyright : Copyright © 1998-2003 Networks Associates Technology, Inc
OriginalFilename : MskAgent.exe
#:41 [ghosttray.exe]
FilePath : C:\Programmi\Symantec\Norton Ghost\Agent ProcessID : 3216
ThreadCreationTime : 04-05-2006 11.48.38
BasePriority : Normal
FileVersion : 9.0.0.2583
ProductVersion : 9.0.0.2583
ProductName : Norton Ghost
CompanyName : Symantec Corporation
FileDescription : Tray Application
InternalName : V2iTray
LegalCopyright : Copyright © 1994-2004 Symantec Corporation. All rights reserved.
OriginalFilename : V2iTray.exe
#:42 [pdvdserv.exe]
FilePath : C:\Programmi\CyberLink\PowerDVD ProcessID : 3248
ThreadCreationTime : 04-05-2006 11.48.40
BasePriority : Normal
FileVersion : 6.00.1027
ProductVersion : 6.00.1027
ProductName : PowerDVD
CompanyName : Cyberlink Corp.
FileDescription : PowerDVD RC Service
InternalName : PowerDVD RC Service
LegalCopyright : Copyright (c) CyberLink Corp. 1997-2004
OriginalFilename : PDVDSERV.EXE
#:43 [vcddaemon.exe]
FilePath : C:\Programmi\Elaborate Bytes\VirtualCloneDrive ProcessID : 3268
ThreadCreationTime : 04-05-2006 11.48.42
BasePriority : Normal
#:44 [msmsgs.exe]
FilePath : C:\Programmi\Messenger ProcessID : 3280
ThreadCreationTime : 04-05-2006 11.48.45
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright (c) Microsoft Corporation 2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:45 [dslmon.exe]
FilePath : C:\Programmi\ADSL\StarModem ADSL USB MODEM ProcessID : 3468
ThreadCreationTime : 04-05-2006 11.49.09
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : DSLMON Application
FileDescription : ADIMON MFC Application
InternalName : DSLMON
LegalCopyright : Copyright (C) 2000
OriginalFilename : ADIMON.EXE
#:46 [pgptray.exe]
FilePath : C:\Programmi\Network Associates\PGPNT ProcessID : 3488
ThreadCreationTime : 04-05-2006 11.49.20
BasePriority : Normal
FileVersion : 6.5.8
ProductVersion : 6.5.8
ProductName : PGP Personal Privacy
CompanyName : Network Associates Technology, Inc.
FileDescription : PGP System Tray Application
InternalName : PGPtray
LegalCopyright : Copyright © 1997-1999 Network Associates Technology, Inc. All Rights Reserved.
LegalTrademarks : Network Associates, Pretty Good Privacy, PGP, PGPplugin
OriginalFilename : PGPtray.exe
#:47 [olfsnt40.exe]
FilePath : C:\Programmi\Microsoft Office\Office\1040 ProcessID : 3500
ThreadCreationTime : 04-05-2006 11.49.23
BasePriority : Normal
FileVersion : 9.0.98.0105
ProductVersion : 9.0.98.0105
ProductName : Symantec Fax Starter Edition Printer Driver
CompanyName : Microsoft Corporation
FileDescription : Symantec Fax Starter Edition Port Launcher
InternalName : OLFSNT40.DLL
LegalCopyright : Copyright (C) Symantec Corp. 1990-1998
OriginalFilename : OLFSNT40.DLL
#:48 [mcvsftsn.exe]
FilePath : c:\progra~1\mcafee.com\vso ProcessID : 3652
ThreadCreationTime : 04-05-2006 11.50.10
BasePriority : Normal
FileVersion : 9, 1, 0, 4
ProductVersion : 9, 1, 0, 0
ProductName : McAfee VirusScan
CompanyName : McAfee, Inc.
FileDescription : McAfee VirusScan Instant Messenger Scan Module
InternalName : mcvsftsn
LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved.
OriginalFilename : mcvsftsn.EXE
Comments : McAfee VirusScan Instant Messenger Scan Module
#:49 [cidaemon.exe]
FilePath : C:\WINDOWS\system32 ProcessID : 888
ThreadCreationTime : 04-05-2006 11.54.51
BasePriority : Idle
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Indexing Service filter daemon
InternalName : cidaemon.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : cidaemon.exe
#:50 [ad-aware.exe]
FilePath : C:\Programmi\Lavasoft\Ad-Aware SE Personal ProcessID : 3388
ThreadCreationTime : 04-05-2006 12.25.26
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 1
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1
14.41.03 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00.15.28.406
Objects scanned:233227
Objects identified:0
Objects ignored:0
New critical objects:0
io cancello sempre tutti i file sospetti e loro tornano!!
Non c'è un 'altro modo per debellare Bonzi Buddy, cat. Data Miner, Location C:\..|RP241|A0072122.exe?? Considerato da Adware un new critical object?
Grazie e a presto!!