Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

SOPHOS Opzioni
enigmista63
Inviato: Saturday, May 19, 2007 3:18:15 PM

Rank: AiutAmico

Iscritto dal : 4/28/2007
Posts: 1,976
Ciao,volevo solo sapere se e' ok! ho installato sophos anti rootkit ho effettuato la scansione e mi ha rilevato 2 file che trascrivoArea: Windows registry
Description: Hidden registry key
Location: \HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Vax347s\Config\jdgg40
Removable: No
Notes: (no more detail available) Area: Windows registry
Description: Hidden registry value
Location: \HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\OfflineDetectionPending
Removable: No
Notes: DWORD 0x1 = 1

ho riavviato il pc,ma sono ancora presenti,cosa sono?.Grazie
Sponsor
Inviato: Saturday, May 19, 2007 3:18:15 PM

 
a.roselli
Inviato: Sunday, May 20, 2007 10:13:52 AM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,052
Prova a usare CCleaner per eliminare i file inutili dal sistema e ripulire il registro
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=1223

leggi la descrizione.

alfonso_aiutamici@hotmail.it

enigmista63
Inviato: Sunday, May 20, 2007 5:17:50 PM

Rank: AiutAmico

Iscritto dal : 4/28/2007
Posts: 1,976
Si grazie ,io utilizzo gia' ccleaner,ho fatto come mi hai detto,la seconda voce e' scomparsa e' rimasta solo la prima.
a.roselli
Inviato: Monday, May 21, 2007 10:07:27 AM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,052
Scarica questo programma e leggi le istruzioni per inserire il log
http://www.aiutamici.com/software/descrizione.asp?CodSw=1175


alfonso_aiutamici@hotmail.it

lui49
Inviato: Tuesday, May 22, 2007 9:00:24 PM
Rank: AiutAmico

Iscritto dal : 5/4/2003
Posts: 2,845
..dovrebbe trattarsi di residui della disinstallazione di Alcohol...
enigmista63
Inviato: Wednesday, May 23, 2007 12:22:52 AM

Rank: AiutAmico

Iscritto dal : 4/28/2007
Posts: 1,976
<BLOCKQUOTE id=quote><font size=1 face="Sans Serif, Arial, Helvetica" id=quote>quote:<hr height=1 noshade id=quote>
Scarica questo programma e leggi le istruzioni per inserire il log
http://www.aiutamici.com/software/descrizione.asp?CodSw=1175
Logfile of HijackThis v1.99.1
Scan saved at 11.53.32, on 21/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programmi\Analog Devices\SoundMAX\Smax4.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\sm56hlpr.exe
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\SiteAdvisor\6066\SiteAdv.exe
C:\Programmi\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
C:\Programmi\C'è Posta\CPosta.exe
C:\PROGRA~1\Belkin\SOFTWA~1\BTSTAC~1.EXE
C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\Programmi\SiteAdvisor\6066\SAService.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\NclBTHandler.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Enigmista\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fastweb.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Programmi\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programmi\SiteAdvisor\6066\SiteAdv.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programmi\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Programmi\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O5 "LPT1:" /M "Stylus C62"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: C'è Posta.lnk = ?
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\Belkin\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\Belkin\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\Belkin\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Programmi\SiteAdvisor\6066\SiteAdv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Programmi\SiteAdvisor\6066\SAService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

<hr height=1 noshade id=quote></BLOCKQUOTE id=quote></font id=quote><font face="Sans Serif, Arial, Helvetica" size=2 id=quote>
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.