Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

problemi aggiornamenti di tutto Opzioni
mammetta
Inviato: Wednesday, March 18, 2009 9:49:29 AM
Rank: AiutAmico

Iscritto dal : 6/28/2004
Posts: 80
in un altro pc con xp ho bloccati tutti gli aggiornamenti. in pratica sia windows, che l'antivirus che i vari programmi tipo adware, clam, antimalware, spyboot, etc. non si aggiornano. ho provato a riavviare i servizi manualmente ma niente. nella prima scansione di hijack ho trovato ed eliminato un explorer.exe che non mi ha ricreato all'avvio, ma niente. le patch scaricate per vari virus non me le fa lanciare. antimalware pur non aggiornato ha trovato tre tipi di malware eliminandoli ma senza risultati. lo stesso dicasi lanciandoli dalla modalità provvisoria. che fare? grazie
Sponsor
Inviato: Wednesday, March 18, 2009 9:49:29 AM

 
shapiro
Inviato: Wednesday, March 18, 2009 9:55:47 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ciao

hai provato a lanciare hijackthis? vedi se ti funziona e controlla anche se adesso ti parte l'antivirus
mammetta
Inviato: Wednesday, March 18, 2009 10:21:37 AM
Rank: AiutAmico

Iscritto dal : 6/28/2004
Posts: 80
HIJACKTHIS è L'UNICO CHE FUNZIONA MA GLI AGGIORNAMENTI ANCORA NON LI ESEGUE. HO SCARICATO ALCUNI .EXE PER LA RIMOZIONE DI VIRUS DA UN POST DEL VOSTRO FORUM DOVE SI PARLAVA DI UN PROBLEMA SIMILE AL MIO, MA NON ME LI FA ESEGUIRE. CHE FARE ? SOS
mammetta
Inviato: Wednesday, March 18, 2009 10:24:54 AM
Rank: AiutAmico

Iscritto dal : 6/28/2004
Posts: 80
il programma scarica è findykill (e non me lo fa eseguire) mentre elibagla adesso è partito. poi provo avenger. che ne dici di provare con combofix?
mammetta
Inviato: Wednesday, March 18, 2009 10:26:17 AM
Rank: AiutAmico

Iscritto dal : 6/28/2004
Posts: 80
ok, elibagla non ha trovato niente e avenger non parte.
maopapof
Inviato: Wednesday, March 18, 2009 10:36:28 AM

Rank: AiutAmico

Iscritto dal : 10/31/2004
Posts: 7,185
con le scuse

hijackthis .... è un programma che và usato ... ma le modifiche da fare, dovranno esclusivamente essere fornite da esperti ! cancellare con questo programma è letale se fatto da persone inesperte

la modalità provvisoria non serve se si vogliono aggiornare dei programmi, eventualmente prova a disinstallare spybot a pc normale e poi prova a reinstallare e vedere se può essere aggiornato :O) .... ciao e buon lavoro




shapiro
Inviato: Wednesday, March 18, 2009 11:09:48 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
puoi postare un log di hijackthis?
mammetta
Inviato: Wednesday, March 18, 2009 11:10:37 AM
Rank: AiutAmico

Iscritto dal : 6/28/2004
Posts: 80
il problema è che non fa gli aggiornamenti di niente. i programmi li ho installato normalmente solo che non li fa aggiornare. il clamwin non aggiornato ha eseguito la scansione ma non ha trovato niente. aiuto non so più che fare. adesso provo a installare adware che si aggiorna copiando un file e vediamo.
shapiro
Inviato: Wednesday, March 18, 2009 11:12:17 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
mammetta puoi postare un log di hjt?
mammetta
Inviato: Wednesday, March 18, 2009 11:19:56 AM
Rank: AiutAmico

Iscritto dal : 6/28/2004
Posts: 80
ecco il log

Logfile of HijackThis v1.99.0
Scan saved at 11.15.46, on 18/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programmi\ClamWin\bin\ClamTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\DOCUME~1\utente08\IMPOST~1\Temp\Directory temporanea 1 per 02hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: CittàInTV Player.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {051D0E35-F4E3-4C8D-B411-AB0875F4C683} (Anark Client 4.0 ActiveX Control) - http://install.anark.com/client/version4/windows-ie/en/AMClient.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230708766906
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab?e=1231365755755&h=5a7e324fd8178a052db130f8a0ae6040/&filename=jinstall-6u11-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Java Quick Starter - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
shapiro
Inviato: Wednesday, March 18, 2009 11:39:28 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
dal log non si vede niente

vediamo se c'e' qualcosa che blocca gli aggiornamenti

scarica Malwarebytes http://www.malwarebytes.org/mbam/program/mbam-setup.exe
1) lo installi
2) lo aggiorni
3) fai una scansione scegliendo la modalità completa
4) NON eliminare per ora le ventuali minacce che rileva
5) finita la scansione seleziona il tabellino log, apri il file di testo e postalo sul forum



Scarica Lop S&D | http://eric.71.mespages.googlepages.com/LopSD.exe
con tutte le applicazioni chiuse e disconnesso
doppio click su LopSD
scegli la lingua E (invio)
1 (ricerca) invio

al termine dello scan riavvia LopSD
questa volta scegli l'opzione 2 (invio)
mammetta
Inviato: Wednesday, March 18, 2009 12:30:57 PM
Rank: AiutAmico

Iscritto dal : 6/28/2004
Posts: 80
TI INVIO IL LOG DI MALWAREBYTES

Malwarebytes' Anti-Malware 1.33
Versione del database: 1654
Windows 5.1.2600 Service Pack 3

18/03/2009 12.19.26
mbam-log-2009-03-18 (12-19-26).txt

Tipo di scansione: Scansione rapida
Elementi scansionati: 47229
Tempo trascorso: 1 minute(s), 22 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)
mammetta
Inviato: Wednesday, March 18, 2009 12:38:10 PM
Rank: AiutAmico

Iscritto dal : 6/28/2004
Posts: 80
eco l'altro log di s&d

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2140 @ 1.60GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : utente08 ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:68 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 18/03/2009|12.32 )

--------------------\\ Listing folders in DATIAP~1

[21/01/2008|17.56] C:\DOCUME~1\ADMINI~1\DATIAP~1\Identities
[21/01/2008|18.17] C:\DOCUME~1\ADMINI~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\ADMINI~1\DATIAP~1\byte
[4|Directory] C:\DOCUME~1\ADMINI~1\DATIAP~1\byte disponibili

[09/11/2008|22.41] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe
[20/06/2008|20.22] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Apple
[12/10/2008|23.10] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Apple Computer
[17/03/2009|16.26] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Avira
[17/03/2009|16.17] C:\DOCUME~1\ALLUSE~1\DATIAP~1\F-Secure
[17/03/2009|15.55] C:\DOCUME~1\ALLUSE~1\DATIAP~1\fssg
[20/10/2008|23.17] C:\DOCUME~1\ALLUSE~1\DATIAP~1\GiocoDigitale
[07/01/2009|23.54] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Google
[18/03/2009|09.32] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Malwarebytes
[08/01/2009|00.01] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft
[17/03/2009|16.18] C:\DOCUME~1\ALLUSE~1\DATIAP~1\TEMP
[08/06/2008|16.35] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Windows Genuine Advantage
[0|File] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte
[14|Directory] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte disponibili

[21/01/2008|17.56] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Identities
[21/01/2008|18.17] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte
[4|Directory] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte disponibili

[21/01/2008|17.53] C:\DOCUME~1\LOCALS~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte disponibili

[21/01/2008|17.53] C:\DOCUME~1\NETWOR~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte disponibili

[18/03/2009|09.25] C:\DOCUME~1\utente08\DATIAP~1\.clamwin
[08/06/2008|16.40] C:\DOCUME~1\utente08\DATIAP~1\Adobe
[12/10/2008|22.16] C:\DOCUME~1\utente08\DATIAP~1\Apple Computer
[03/08/2008|17.16] C:\DOCUME~1\utente08\DATIAP~1\Google
[21/01/2008|17.56] C:\DOCUME~1\utente08\DATIAP~1\Identities
[26/05/2008|15.25] C:\DOCUME~1\utente08\DATIAP~1\Macromedia
[18/03/2009|09.32] C:\DOCUME~1\utente08\DATIAP~1\Malwarebytes
[05/06/2008|04.17] C:\DOCUME~1\utente08\DATIAP~1\Microsoft
[18/03/2009|08.51] C:\DOCUME~1\utente08\DATIAP~1\OpenOffice.org2
[25/01/2009|15.54] C:\DOCUME~1\utente08\DATIAP~1\PenProtect
[09/06/2008|08.36] C:\DOCUME~1\utente08\DATIAP~1\Sun
[28/01/2008|12.36] C:\DOCUME~1\utente08\DATIAP~1\U3
[0|File] C:\DOCUME~1\utente08\DATIAP~1\byte
[14|Directory] C:\DOCUME~1\utente08\DATIAP~1\byte disponibili

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[14/03/2009 18.59][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[18/03/2009 09.37][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/08/2007 13.00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Programmi

[09/11/2008|22.40] C:\Programmi\Adobe
[24/07/2008|18.15] C:\Programmi\Anark
[17/03/2009|16.26] C:\Programmi\Avira
[17/03/2009|16.08] C:\Programmi\CCleaner
[18/03/2009|09.25] C:\Programmi\ClamWin
[21/01/2008|17.51] C:\Programmi\ComPlus Applications
[12/10/2008|23.15] C:\Programmi\File comuni
[18/03/2009|08.54] C:\Programmi\Google
[21/01/2008|18.17] C:\Programmi\InstallShield Installation Information
[21/01/2008|18.04] C:\Programmi\Intel
[31/12/2008|08.45] C:\Programmi\Internet Explorer
[07/01/2009|22.55] C:\Programmi\Java
[18/03/2009|09.32] C:\Programmi\Malwarebytes' Anti-Malware
[31/12/2008|08.42] C:\Programmi\Messenger
[21/01/2008|17.54] C:\Programmi\microsoft frontpage
[10/08/2008|14.28] C:\Programmi\Microsoft Silverlight
[08/06/2008|17.34] C:\Programmi\Movie Maker
[21/01/2008|17.50] C:\Programmi\MSN Gaming Zone
[28/01/2008|12.41] C:\Programmi\NETGEAR
[08/06/2008|17.33] C:\Programmi\NetMeeting
[12/10/2008|23.26] C:\Programmi\OpenOffice.org 2.4
[08/06/2008|17.33] C:\Programmi\Outlook Express
[21/01/2008|18.17] C:\Programmi\Realtek
[18/03/2009|09.00] C:\Programmi\RealVNC
[21/01/2008|17.52] C:\Programmi\Servizi in linea
[14/08/2008|15.09] C:\Programmi\Tepui Products
[21/01/2008|17.56] C:\Programmi\Uninstall Information
[08/06/2008|16.42] C:\Programmi\Windows Media Connect 2
[08/06/2008|17.33] C:\Programmi\Windows Media Player
[08/06/2008|17.33] C:\Programmi\Windows NT
[21/01/2008|17.52] C:\Programmi\WindowsUpdate
[21/01/2008|17.54] C:\Programmi\xerox
[18/03/2009|08.54] C:\Programmi\Yahoo!
[0|File] C:\Programmi\byte
[36|Directory] C:\Programmi\byte disponibili

--------------------\\ Listing Folders in C:\Programmi\File comuni

[09/11/2008|22.41] C:\Programmi\File comuni\Adobe
[30/09/2008|22.12] C:\Programmi\File comuni\InstallShield
[09/06/2008|08.33] C:\Programmi\File comuni\Java
[21/01/2008|17.56] C:\Programmi\File comuni\Microsoft Shared
[21/01/2008|17.51] C:\Programmi\File comuni\MSSoap
[21/01/2008|18.47] C:\Programmi\File comuni\ODBC
[21/01/2008|17.52] C:\Programmi\File comuni\Services
[21/01/2008|18.47] C:\Programmi\File comuni\SpeechEngines
[08/06/2008|17.33] C:\Programmi\File comuni\System
[0|File] C:\Programmi\File comuni\byte
[11|Directory] C:\Programmi\File comuni\byte disponibili

--------------------\\ Process

( 32 Processes )

iexplore.exe ~ [PID:2908]

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-18 12:33:04
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections


No other infections found !

[F:3][D:0]-> C:\DOCUME~1\utente08\IMPOST~1\Temp
[F:103][D:0]-> C:\DOCUME~1\utente08\Cookies
[F:4352][D:8]-> C:\DOCUME~1\utente08\IMPOST~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 18/03/2009|12.33 - Option : [1]

--------------------\\ Scan completed at 12.33.37
mammetta
Inviato: Wednesday, March 18, 2009 12:42:31 PM
Rank: AiutAmico

Iscritto dal : 6/28/2004
Posts: 80
QUESTO E' IL LOG DOPO L'OPZIONE 2.


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2140 @ 1.60GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : utente08 ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:68 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 18/03/2009|12.34 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing folders in DATIAP~1

[21/01/2008|17.56] C:\DOCUME~1\ADMINI~1\DATIAP~1\Identities
[21/01/2008|18.17] C:\DOCUME~1\ADMINI~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\ADMINI~1\DATIAP~1\byte
[4|Directory] C:\DOCUME~1\ADMINI~1\DATIAP~1\byte disponibili

[09/11/2008|22.41] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe
[20/06/2008|20.22] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Apple
[12/10/2008|23.10] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Apple Computer
[17/03/2009|16.26] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Avira
[17/03/2009|16.17] C:\DOCUME~1\ALLUSE~1\DATIAP~1\F-Secure
[17/03/2009|15.55] C:\DOCUME~1\ALLUSE~1\DATIAP~1\fssg
[20/10/2008|23.17] C:\DOCUME~1\ALLUSE~1\DATIAP~1\GiocoDigitale
[07/01/2009|23.54] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Google
[18/03/2009|09.32] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Malwarebytes
[08/01/2009|00.01] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft
[17/03/2009|16.18] C:\DOCUME~1\ALLUSE~1\DATIAP~1\TEMP
[08/06/2008|16.35] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Windows Genuine Advantage
[0|File] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte
[14|Directory] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte disponibili

[21/01/2008|17.56] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Identities
[21/01/2008|18.17] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte
[4|Directory] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte disponibili

[21/01/2008|17.53] C:\DOCUME~1\LOCALS~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte disponibili

[21/01/2008|17.53] C:\DOCUME~1\NETWOR~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte disponibili

[18/03/2009|09.25] C:\DOCUME~1\utente08\DATIAP~1\.clamwin
[08/06/2008|16.40] C:\DOCUME~1\utente08\DATIAP~1\Adobe
[12/10/2008|22.16] C:\DOCUME~1\utente08\DATIAP~1\Apple Computer
[03/08/2008|17.16] C:\DOCUME~1\utente08\DATIAP~1\Google
[21/01/2008|17.56] C:\DOCUME~1\utente08\DATIAP~1\Identities
[26/05/2008|15.25] C:\DOCUME~1\utente08\DATIAP~1\Macromedia
[18/03/2009|09.32] C:\DOCUME~1\utente08\DATIAP~1\Malwarebytes
[05/06/2008|04.17] C:\DOCUME~1\utente08\DATIAP~1\Microsoft
[18/03/2009|08.51] C:\DOCUME~1\utente08\DATIAP~1\OpenOffice.org2
[25/01/2009|15.54] C:\DOCUME~1\utente08\DATIAP~1\PenProtect
[09/06/2008|08.36] C:\DOCUME~1\utente08\DATIAP~1\Sun
[28/01/2008|12.36] C:\DOCUME~1\utente08\DATIAP~1\U3
[0|File] C:\DOCUME~1\utente08\DATIAP~1\byte
[14|Directory] C:\DOCUME~1\utente08\DATIAP~1\byte disponibili

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[14/03/2009 18.59][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[18/03/2009 09.37][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/08/2007 13.00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Programmi

[09/11/2008|22.40] C:\Programmi\Adobe
[24/07/2008|18.15] C:\Programmi\Anark
[17/03/2009|16.26] C:\Programmi\Avira
[17/03/2009|16.08] C:\Programmi\CCleaner
[18/03/2009|09.25] C:\Programmi\ClamWin
[21/01/2008|17.51] C:\Programmi\ComPlus Applications
[12/10/2008|23.15] C:\Programmi\File comuni
[18/03/2009|08.54] C:\Programmi\Google
[21/01/2008|18.17] C:\Programmi\InstallShield Installation Information
[21/01/2008|18.04] C:\Programmi\Intel
[31/12/2008|08.45] C:\Programmi\Internet Explorer
[07/01/2009|22.55] C:\Programmi\Java
[18/03/2009|09.32] C:\Programmi\Malwarebytes' Anti-Malware
[31/12/2008|08.42] C:\Programmi\Messenger
[21/01/2008|17.54] C:\Programmi\microsoft frontpage
[10/08/2008|14.28] C:\Programmi\Microsoft Silverlight
[08/06/2008|17.34] C:\Programmi\Movie Maker
[21/01/2008|17.50] C:\Programmi\MSN Gaming Zone
[28/01/2008|12.41] C:\Programmi\NETGEAR
[08/06/2008|17.33] C:\Programmi\NetMeeting
[12/10/2008|23.26] C:\Programmi\OpenOffice.org 2.4
[08/06/2008|17.33] C:\Programmi\Outlook Express
[21/01/2008|18.17] C:\Programmi\Realtek
[18/03/2009|09.00] C:\Programmi\RealVNC
[21/01/2008|17.52] C:\Programmi\Servizi in linea
[14/08/2008|15.09] C:\Programmi\Tepui Products
[21/01/2008|17.56] C:\Programmi\Uninstall Information
[08/06/2008|16.42] C:\Programmi\Windows Media Connect 2
[08/06/2008|17.33] C:\Programmi\Windows Media Player
[08/06/2008|17.33] C:\Programmi\Windows NT
[21/01/2008|17.52] C:\Programmi\WindowsUpdate
[21/01/2008|17.54] C:\Programmi\xerox
[18/03/2009|08.54] C:\Programmi\Yahoo!
[0|File] C:\Programmi\byte
[36|Directory] C:\Programmi\byte disponibili

--------------------\\ Listing Folders in C:\Programmi\File comuni

[09/11/2008|22.41] C:\Programmi\File comuni\Adobe
[30/09/2008|22.12] C:\Programmi\File comuni\InstallShield
[09/06/2008|08.33] C:\Programmi\File comuni\Java
[21/01/2008|17.56] C:\Programmi\File comuni\Microsoft Shared
[21/01/2008|17.51] C:\Programmi\File comuni\MSSoap
[21/01/2008|18.47] C:\Programmi\File comuni\ODBC
[21/01/2008|17.52] C:\Programmi\File comuni\Services
[21/01/2008|18.47] C:\Programmi\File comuni\SpeechEngines
[08/06/2008|17.33] C:\Programmi\File comuni\System
[0|File] C:\Programmi\File comuni\byte
[11|Directory] C:\Programmi\File comuni\byte disponibili

--------------------\\ Process

( 30 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-18 12:35:47
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections


No other infections found !

[F:3][D:0]-> C:\DOCUME~1\utente08\IMPOST~1\Temp
[F:103][D:0]-> C:\DOCUME~1\utente08\Cookies
[F:4352][D:8]-> C:\DOCUME~1\utente08\IMPOST~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 18/03/2009|12.33 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 18/03/2009|12.36 - Option : [2]

--------------------\\ Scan completed at 12.36.17
mammetta
Inviato: Wednesday, March 18, 2009 12:44:03 PM
Rank: AiutAmico

Iscritto dal : 6/28/2004
Posts: 80
ANCORA GLI AGGIORNAMENTI NON FUNZIONANO !!!
mammetta
Inviato: Wednesday, March 18, 2009 1:04:50 PM
Rank: AiutAmico

Iscritto dal : 6/28/2004
Posts: 80
QUESTO E' IL POST DI AVIRA



Avira AntiVir Personal
Report file date: martedì 17 marzo 2009 16:29

Scanning for 1369550 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PERSONALCIC

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 11:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 14:54:15
ANTIVIR2.VDF : 7.0.5.20 142336 Bytes 30/06/2008 06:20:53
ANTIVIR3.VDF : 7.0.5.23 17408 Bytes 30/06/2008 10:24:47
Engineversion : 8.1.1.19
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 10:58:21
AESCRIPT.DLL : 8.1.0.63 311673 Bytes 06/08/2008 14:13:47
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 13:44:49
AERDL.DLL : 8.1.0.20 418165 Bytes 24/04/2008 13:37:48
AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 13:58:35
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 18/07/2008 07:35:21
AEHEUR.DLL : 8.1.0.47 1368437 Bytes 06/08/2008 14:13:47
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 13:44:48
AEGEN.DLL : 8.1.0.35 315764 Bytes 06/08/2008 15:38:47
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 09:33:21
AECORE.DLL : 8.1.1.8 172406 Bytes 31/07/2008 09:33:21
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 13:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
AVREP.DLL : 7.0.0.1 155688 Bytes 30/06/2008 15:35:20
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\programmi\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: martedì 17 marzo 2009 16:29

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'Servizio.exe' - '1' Module(s) have been scanned
Scan process 'Start.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'Monitor.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Module is infected -> 'C:\WINDOWS\system32\dllcache\iexplore.exe'
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Module is infected -> 'C:\WINDOWS\system32\dllcache\iexplore.exe'
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Module is infected -> 'C:\WINDOWS\system32\EXPLORER.EXE'
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
Process 'iexplore.exe' has been terminated
Process 'iexplore.exe' has been terminated
Process 'EXPLORER.EXE' has been terminated
C:\WINDOWS\system32\dllcache\iexplore.exe
[DETECTION] Contains recognition pattern of the WORM/IrcBot.708608.5 worm
[NOTE] The file was deleted!
C:\WINDOWS\system32\EXPLORER.EXE
[DETECTION] Is the TR/Agent.VB.H.1 Trojan
[NOTE] The file was deleted!

38 processes with 35 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.

The registry was scanned ( '53' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\utente08\fyybophq.exe
[DETECTION] Is the TR/Dialer.bqi Trojan
[NOTE] The file was deleted!
C:\System Volume Information\_restore{1E8A66C8-EA5C-47BA-8D13-197EF99776E4}\RP4\A0000710.exe
[DETECTION] Contains recognition pattern of the WORM/IrcBot.708608.5 worm
[NOTE] The file was deleted!
C:\System Volume Information\_restore{1E8A66C8-EA5C-47BA-8D13-197EF99776E4}\RP4\A0000711.EXE
[DETECTION] Is the TR/Agent.VB.H.1 Trojan
[NOTE] The file was deleted!
C:\System Volume Information\_restore{1E8A66C8-EA5C-47BA-8D13-197EF99776E4}\RP4\A0000712.exe
[DETECTION] Is the TR/Dialer.bqi Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\utuwkc.dll
[WARNING] The file could not be opened!


End of the scan: martedì 17 marzo 2009 16:42
Used time: 13:01 Minute(s)

The scan has been done completely.

2917 Scanning directories
194749 Files were scanned
9 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
6 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
194738 Files not concerned
1001 Archives were scanned
2 Warnings
6 Notes
shapiro
Inviato: Wednesday, March 18, 2009 4:34:30 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ciao mammetta scusa il ritardo nella risposta, ma come diceva qualcuno, il tempo non basta mai.....avira ti ha tolto qualche infezione.....riesci a fare qualche aggiornamento? e' cambiato qualcosa rispetto a prima?
mammetta
Inviato: Thursday, March 19, 2009 8:01:27 AM
Rank: AiutAmico

Iscritto dal : 6/28/2004
Posts: 80
no ancora niente. formatto ?
steven75
Inviato: Thursday, March 19, 2009 9:44:15 AM
Rank: Member

Iscritto dal : 5/8/2006
Posts: 0
mammetta stai portando avanti due post per lo stesso problema, o sono due pc diversi?
http://forum.aiutamici.com/Default.aspx?g=posts&t=58735





Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.