|
|
Rank: Member
Iscritto dal : 1/2/2009
Posts: 10
|
Nel frame c'è scritto : (predefinito) REG_SZ (valore non impostato)
|
|
Rank: Member
Iscritto dal : 1/2/2009
Posts: 10
|
Nel frame c'è scritto : (predefinito) RG_SZ (valore non impostato)
|
|
Rank: Member
Iscritto dal : 1/2/2009
Posts: 10
|
nel frame c'è scritto : (predefinito) REG_SZ (valore non impostato)
|
|
Rank: Member
Iscritto dal : 1/2/2009
Posts: 10
|
Nel frame compare la scritta : (predefinito) REG_SZ (valore non impostato)
|
|
Rank: Member
Iscritto dal : 1/2/2009
Posts: 10
|
Scusa le ripetizioni ma mi era comparso un messaggio che indicava un errore e quindi pensavo di non essere riuscito ad inviare la risposta.
|
|
Rank: AiutAmico
Iscritto dal : 8/24/2008
Posts: 4,164
|
scarica questo programmino, semplicissimo da usare http://wikisend.com/download/456568/DeepMonitor.zipdecomprimilo - aprilo - in alto a sinistra clic su monitor\startdimmi se vedi voci in rosso
|
|
Rank: Member
Iscritto dal : 1/2/2009
Posts: 10
|
non sono presenti voci in rosso
|
|
Rank: AiutAmico
Iscritto dal : 8/24/2008
Posts: 4,164
|
in teoria non dovrebbero esserci rootkit nel tuo pc adesso vediamo nella pratica scarica http://wikisend.com/download/178828/avgarkt-setup-1.1.0.42.exesegui le istruzione che ti vengono date e vedi se ti rileva qualcosa
|
|
Rank: Member
Iscritto dal : 1/2/2009
Posts: 10
|
Ho scaricato il programma e fatto la scansione ed è risultato che non ci sono rootkit.
|
|
Rank: AiutAmico
Iscritto dal : 8/24/2008
Posts: 4,164
|
adesso ti chiedo un piccolo sacrificio dovresti disinstallare il tuo antivirus e installare avira free col quale farai una bella scansione avira riconosce anche i rootkit, e non vorrei che il tuo antivirus ti abbia dato un falso allarme scaricalo da qui http://www.free-av.com/en/download/index.html
|
|
Rank: Member
Iscritto dal : 1/2/2009
Posts: 10
|
Ho fatto tutto quello che mi hai detto e allego il rapporto di scansione :
Avira AntiVir Personal
Report file date: sabato 3 gennaio 2009 20:42
Scanning for 1038808 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: 0C6C35B219FB4E6
Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:26
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 09/11/2008 16:57:13
ANTIVIR2.VDF : 7.1.0.89 221184 Bytes 16/11/2008 16:16:47
ANTIVIR3.VDF : 7.1.0.97 45056 Bytes 17/11/2008 16:38:59
Engineversion : 8.2.0.31
AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 10:05:56
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 11/11/2008 14:00:07
AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 15:06:41
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38
AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 09:41:39
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 07/11/2008 15:06:41
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 07/11/2008 15:06:41
AEHELP.DLL : 8.1.1.3 119157 Bytes 07/11/2008 15:06:41
AEGEN.DLL : 8.1.1.0 319859 Bytes 07/11/2008 15:06:41
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
AECORE.DLL : 8.1.4.1 172405 Bytes 07/11/2008 15:06:41
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\programmi\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, Z:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: sabato 3 gennaio 2009 20:42
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'scsiaccess.exe' - '1' Module(s) have been scanned
Scan process 'NBService.exe' - '1' Module(s) have been scanned
Scan process 'fsssvc.exe' - '1' Module(s) have been scanned
Scan process 'WebshotsTray.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'CTSVCCDA.EXE' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'CTSyncU.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'hpcmpmgr.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
43 processes with 43 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'Z:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '63' files ).
|
|
Rank: AiutAmico
Iscritto dal : 8/24/2008
Posts: 4,164
|
non ha trovato minacce, ma c'e' questa segnalazione Commenta:[WARNING] System error [21]: Periferica non pronta onestamente e' la prima volta che mi capita - dammi il tempo per documentarmi
|
|
Rank: Member
Iscritto dal : 1/2/2009
Posts: 10
|
Ho rifatto la scansione e allego il report :
Avira AntiVir Personal
Report file date: sabato 3 gennaio 2009 21:38
Scanning for 1038808 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: 0C6C35B219FB4E6
Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:26
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 09/11/2008 16:57:13
ANTIVIR2.VDF : 7.1.0.89 221184 Bytes 16/11/2008 16:16:47
ANTIVIR3.VDF : 7.1.0.97 45056 Bytes 17/11/2008 16:38:59
Engineversion : 8.2.0.31
AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 10:05:56
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 11/11/2008 14:00:07
AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 15:06:41
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38
AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 09:41:39
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 07/11/2008 15:06:41
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 07/11/2008 15:06:41
AEHELP.DLL : 8.1.1.3 119157 Bytes 07/11/2008 15:06:41
AEGEN.DLL : 8.1.1.0 319859 Bytes 07/11/2008 15:06:41
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
AECORE.DLL : 8.1.4.1 172405 Bytes 07/11/2008 15:06:41
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\programmi\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, Z:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: sabato 3 gennaio 2009 21:38
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'scsiaccess.exe' - '1' Module(s) have been scanned
Scan process 'NBService.exe' - '1' Module(s) have been scanned
Scan process 'fsssvc.exe' - '1' Module(s) have been scanned
Scan process 'WebshotsTray.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'CTSVCCDA.EXE' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'CTSyncU.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'hpcmpmgr.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
42 processes with 42 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'Z:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '63' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Administrator\Impostazioni locali\Temporary Internet Files\Content.IE5\C2NNBK5X\OnlineScanner[1].cab
[0] Archive type: CAB (Microsoft)
--> OnlineScannerLang.dll
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'Z:\' <Volume>
End of the scan: sabato 3 gennaio 2009 22:14
Used time: 36:36 Minute(s)
The scan has been done completely.
8206 Scanning directories
332055 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
332053 Files not concerned
3219 Archives were scanned
5 Warnings
0 Notes
|
|
Rank: Member
Iscritto dal : 1/2/2009
Posts: 10
|
Avendo scaricato Malwarebytes Anti-Malware ho fatto una scansione anche con questo antivirus dopo aver aggiornato il programma e questo è il report :
Malwarebytes' Anti-Malware 1.31
Versione del database: 1604
Windows 5.1.2600 Service Pack 2
03/01/2009 23.26.46
mbam-log-2009-01-03 (23-26-11).txt
Tipo di scansione: Scansione completa (C:\|Z:\|)
Elementi scansionati: 210977
Tempo trascorso: 52 minute(s), 3 second(s)
Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 1
Valori di registro infetti: 4
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 4
Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)
Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)
Chiavi di registro infette:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\asc3550p (Rootkit.Agent) -> No action taken.
Valori di registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> No action taken.
Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)
Cartelle infette:
(Nessun elemento malevolo rilevato)
File infetti:
C:\WINDOWS\system32\ati2dva.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\1.tmp (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\2.tmp (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\autodis.dll (Spyware.BZub) -> No action taken.
|
|
Rank: Member
Iscritto dal : 1/2/2009
Posts: 10
|
Mi sono accorto che nel log che ho salvato non sono riportati altri virus segnalati nei risultati della scansione e cioè :
Troyan.Agent Registryvalue HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserSettings\bf
Troyan.Agent Registryvalue HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserSettings\bk
Troyan.Agent Registryvalue HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserSettings\iu
Troyan.Agent Registryvalue KEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserSettings\mu
Rootkit.Agent Regirty Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\asc3550p
|
|
Rank: AiutAmico
Iscritto dal : 8/24/2008
Posts: 4,164
|
mi hai letto nel pensiero....stavo per farti usare malwarebytes
togli tutto quello che ha trovato ELIMINA SENZA PIETAì
|
|
Rank: Member
Iscritto dal : 1/2/2009
Posts: 10
|
Ho cliccato per l'eliminazione e poi mi è stato chiesto di riavviare il pc per eliminare tutto, cosa che ho fatto.
Ora cosa devo fare ? Mi sono accorto che il sistema non rileva ancora le due unità Cd-Dvd, come faccio a rimettere tutto a posto ?
|
|
Rank: AiutAmico
Iscritto dal : 8/24/2008
Posts: 4,164
|
torna n gestione periferiche e controlla bene- i drivers sono aggiornati?
|
|
Rank: Member
Iscritto dal : 1/2/2009
Posts: 10
|
Ho provato a fare l'aggiornamento ma mi viene segnalato che non esistono drivers più aggiornati di quelli già presenti.
Inoltre nella segnalazione problemi mi segnala "impossibile caricare i driver della periferica per questo hardware il driver potrebbe essere danneggiato o mancante (cod39)"
|
|
Rank: AiutAmico
Iscritto dal : 8/24/2008
Posts: 4,164
|
quel messaggio [WARNING] System error [21]: Periferica non pronta secondo il mio parere si riferisce alle unita' ottiche- purtroppo non posso aiutarti in questo- magari se qualcuno legge questa discussione puo' intervenire per darti una mano
|
|
|
Guest |
