Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » mi controllate il log per favore?

2 pages: [1] 2
mi controllate il log per favore? Opzioni
Topic Precedente · Topic Sucessivo
pokerdassi
Inviato: Tuesday, October 13, 2009 11:30:12 AM

Rank: AiutAmico

Iscritto dal : 8/31/2007
Posts: 3,448
Improvvisamente e' un'uscita una schemata blu' con delle scritte in inglese(non ho letto perche' e' durata poco ma c'era scritto tra l'altro anche CRASH)

posto il log di hijack:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16.16.10, on 08/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Arimondo\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=2&o=vp32&d=0709&m=aspire_5536
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} (Ovi maps browser plugin) - http://static.s2g.gate5.de/ovi_maps/OviMaps_2.2.30.3.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9824 bytes

DATEMI un responso, da stamane combatto con sto' portatile.

CI SONO molti collegamenti con mcafee, vedo, ma l'ho disinstallato e installato AVG, come mai quelle voci?

AVG e PC TOOL FIREWALL PLUS non ci sono eppure li ho sul pc, mentre mcafee l'ho disinstallato, sara' perche' ho fatto il backup di alcune voci di registro cancellate con ccleaner perche' non mi si aprivano piu' i file d'installer in .msi?
Torna in alto
 
Sponsor
Inviato: Tuesday, October 13, 2009 11:30:12 AM

 
Torna in alto
 
shapiro
Inviato: Tuesday, October 13, 2009 11:40:51 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ciao pokedassi

se non ricordi l'errore, vai nel visualizzatore degli eventi

digita start\esegui\eventvwr

clicca su ''sistema'' e vedi se ci sono delle X su fondo rosso riferite all'ora di quando si e' verificato il problema

fatto questo, sul lato destro in alto troverai due frecce con sotto una piccola icona- clicca su di essa una sola volta e posta il risultato in blocco note
Torna in alto
 
pokerdassi
Inviato: Tuesday, October 13, 2009 12:39:06 PM

Rank: AiutAmico

Iscritto dal : 8/31/2007
Posts: 3,448
Bene, adesso non mi trovo col iol mio pc, ma faro' come hai chiesto.
Perche' dal log si vede che ho mcafee, invece l'ho disinstallato e ho avg antivirus.inoltre ho anche pc tools firewall plus che non appare in hijack.
Torna in alto
 
shapiro
Inviato: Tuesday, October 13, 2009 12:55:12 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

scarica questo programmino

http://wikisend.com/download/444964/RegSrch.zip

aprilo e scrivi in alto su ''cerca voci inutili'' McAfee

fai finire la scansione ed elimina le chiavi che trova dopo averle selezionate
Torna in alto
 
pokerdassi
Inviato: Tuesday, October 13, 2009 3:12:15 PM

Rank: AiutAmico

Iscritto dal : 8/31/2007
Posts: 3,448
start/esegui/eventvwr, mi da' un errore ma non riesco a salvarlo correttamnte, mi dice "IL SERVIZIO PARALLEL PORT DRIVER NON E' STATO AVVIATO",cmq e' accaduto quando ho messo la pendrive nella porta usb.

il programmino indicato mi ha trovato numerosi file di reg. con mcafee ma li salva con wordpad, come li cancello?

perche' avg non lo segnala nel log di hijack?
grazie

Cmq e' inaccettabile che un programma tanto lodato come ccleaner mi cancella il file di registro che mi fanno aprire gli installer windows, ho riprovato, mi ha trovato 3600 problemi da riparare, li ho riparati e gli installer non si lanciano piu', ho ripristinato il backup(3,5mega)e gli installer funzionano di nuovo, quindi non posso riparare il registro con ccleaner e il programmino sopra mi salva le voci pero' non so' come cancellarle.
Torna in alto
 
shapiro
Inviato: Tuesday, October 13, 2009 3:47:05 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
riesci a postarmi il risultato del programmino reg seeker? se te li ha salvati in word e' semplice, prova ad allegarli

per il visualizzatore eventi prova in quest'altro modo


Start, scegli Pannello di controllo, Sistema e manutenzione, Strumenti di amministrazione e quindi fai doppio clic su Visualizzatore eventi.
Torna in alto
 
pokerdassi
Inviato: Tuesday, October 13, 2009 4:23:12 PM

Rank: AiutAmico

Iscritto dal : 8/31/2007
Posts: 3,448
SI li ha salvati in word ma son tutti file di reg. con la parola mcafee, per quanto riguarda la schermata blu' e' accaduto di nuovo appena ho messo la pendrive nel pc, mi dice che e' stata estratta senza prima chiuderla( vuol dire che no la usero' piu' su' questo pc, anche perche' il pc e' ntfs la pendrive e' fat32)

ti posto il risultato;

REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "mcafee" 13/10/2009 16.18.37

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB1358E3-48FD-469E-B075-C539955E40C2}\InprocServer32]
@="c:\\PROGRA~1\\mcafee\\msc\\mcndsv.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF0F1C05-6135-424B-8EFD-3DBCDA7063FB}\InprocServer32]
@="c:\\PROGRA~1\\mcafee\\msc\\mcndsv.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{16EC136D-A6F0-4833-8FE1-ECA50DE15F5E}\1.0\0\win32]
@="c:\\PROGRA~1\\mcafee\\msc\\mcndsv.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{19F4CECD-60C0-49D3-86F9-839544C513CF}\1.0\0\win32]
@="c:\\PROGRA~1\\mcafee\\msc\\mcoemmgr.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{50AC6496-E590-48FB-8E3E-8FBA058D2F5D}\1.0\0\win32]
@="C:\\Program Files\\McAfee\\MSM\\mcsmtfwk.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-mcafee.com]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-mcafee.com\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee-antivirus-2007.com]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee-antivirus-2007.com\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com\www]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MFEAVFK\0000]
"DeviceDesc"="McAfee Inc. mfeavfk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MFEBOPK\0000]
"DeviceDesc"="McAfee Inc. mfebopk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MFEHIDK\0000]
"DeviceDesc"="McAfee Inc. mfehidk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MFEHIDK01\0000]
"DeviceDesc"="McAfee Inc."

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MFERKDK\0000]
"DeviceDesc"="McAfee Inc. mferkdk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MFESMFK\0000]
"DeviceDesc"="McAfee Inc. mfesmfk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\McLogEvent]
"EventMessageFile"="C:\\Program Files\\McAfee\\VirusScan\\NAIEvent.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_MFEAVFK\0000]
"DeviceDesc"="McAfee Inc. mfeavfk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_MFEBOPK\0000]
"DeviceDesc"="McAfee Inc. mfebopk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_MFEHIDK\0000]
"DeviceDesc"="McAfee Inc. mfehidk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_MFEHIDK01\0000]
"DeviceDesc"="McAfee Inc."

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_MFERKDK\0000]
"DeviceDesc"="McAfee Inc. mferkdk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_MFESMFK\0000]
"DeviceDesc"="McAfee Inc. mfesmfk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\McLogEvent]
"EventMessageFile"="C:\\Program Files\\McAfee\\VirusScan\\NAIEvent.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MFEAVFK\0000]
"DeviceDesc"="McAfee Inc. mfeavfk"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MFEBOPK\0000]
"DeviceDesc"="McAfee Inc. mfebopk"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MFEHIDK\0000]
"DeviceDesc"="McAfee Inc. mfehidk"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MFEHIDK01\0000]
"DeviceDesc"="McAfee Inc."

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MFERKDK\0000]
"DeviceDesc"="McAfee Inc. mferkdk"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MFESMFK\0000]
"DeviceDesc"="McAfee Inc. mfesmfk"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\McLogEvent]
"EventMessageFile"="C:\\Program Files\\McAfee\\VirusScan\\NAIEvent.dll"

[HKEY_USERS\.DEFAULT\Software\McAfee]

[HKEY_USERS\.DEFAULT\Software\McAfee\VirusScan]

[HKEY_USERS\.DEFAULT\Software\McAfee\VirusScan\FullScan]

[HKEY_USERS\.DEFAULT\Software\McAfee\VirusScan\QuickScan]

[HKEY_USERS\.DEFAULT\Software\McAfee\VirusScan\RightScan]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-mcafee.com]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-mcafee.com\www]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee-antivirus-2007.com]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee-antivirus-2007.com\www]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com\www]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com\www]

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Google\Google Desktop\HistoricalCapture\Crawler]
"blacklist_files"="c:\\progra~1\\mcafee\\msc\\oeminfo\\msk\\cs\\662-15\\mskrgw.inf c:\\acer\\preload\\autorun\\drv\\ativga\\config\\lifdf6~1.txt c:\\book\\modem manual.pdf c:\\program files\\mcafee\\msc\\oeminfo\\mps\\zh-cn\\662-19\\subst.cab c:\\program files\\mcafee\\msc\\oeminfo\\msk\\cs\\662-15\\mskrgw.inf c:\\progra~1\\mcafee\\msc\\oeminfo\\mps\\zh-cn\\662-19\\subst.cab c:\\acer\\preload\\autorun\\drv\\ativga\\config\\licensekor.txt c:\\progra~1\\acer\\wr_popup\\privacy\\estoni~1.pdf c:\\program files\\acer arcade deluxe\\acer arcade deluxe\\customizations\\generic\\style\\cascade\\media\\standard\\toolbar\\favorite_p.png c:\\program files\\acer\\wr_popup\\privacy\\estonianprivacy.pdf c:\\progra~1\\acerar~1\\acerar~1\\koan\\python24.zip c:\\acer\\preload\\autorun\\drv\\ativga\\packages\\drivers\\display\\lh_inf\\b_77887\\atiogl.xml c:\\program files\\acer arcade deluxe\\acer arcade deluxe\\koan\\python24.zip c:\\progra~1\\acerar~1\\acerar~1\\custom~1\\generic\\style\\cascade\\media\\standard\\toolbar\\favori~4.png c:\\book\\modemm~1.pdf"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\106dbd8a_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\Program Files\\McAfee.com\\Agent\\mcagent.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\55717e3e_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\Program Files\\McAfee.com\\Agent\\mcupdate.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\56e6211_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\Program Files\\McAfee\\VirusScan\\mcvsshld.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\575f4708_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\PROGRA~1\\McAfee\\MPF\\MC\\MpfAlert.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5b1193d8_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\PROGRA~1\\McAfee\\MSC\\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\68ceb11d_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\PROGRA~1\\McAfee\\VIRUSS~1\\mcvsshld.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\71eebe89_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\Program Files\\McAfee\\MSC\\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\99446239_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\Program Files\\McAfee\\MPF\\MC\\MpfAlert.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c0d51219_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\PROGRA~1\\McAfee.com\\Agent\\mcagent.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\McAfee]

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com]

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com\www]

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com]

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com\www]

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
"C:\\Program Files\\McAfee.com\\Agent\\mcagent.exe"="WINXPSP2"

[HKEY_USERS\S-1-5-18\Software\McAfee]

[HKEY_USERS\S-1-5-18\Software\McAfee\VirusScan]

[HKEY_USERS\S-1-5-18\Software\McAfee\VirusScan\FullScan]

[HKEY_USERS\S-1-5-18\Software\McAfee\VirusScan\QuickScan]

[HKEY_USERS\S-1-5-18\Software\McAfee\VirusScan\RightScan]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-mcafee.com]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-mcafee.com\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee-antivirus-2007.com]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee-antivirus-2007.com\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com\www]



cmq la cosa piu' importante e'; come faccio a pulire il registro se ccleaner mi spazza via anche i file che servono per lanciare gli installer?
questo e' cio' che mi interesserebbe sapere.
Torna in alto
 
shapiro
Inviato: Tuesday, October 13, 2009 4:29:55 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
pokerdassi fammi una cortesia

scarica quest'altro programma, aprilo, clicca nel file .vbs che trovi e scrivi nuovamente McAfee, cosi' come l'ho scritto io(fai copia\incolla)

dai ok e posta il risultato


http://wikisend.com/download/544962/RegSrch.zip
Torna in alto
 
pokerdassi
Inviato: Tuesday, October 13, 2009 4:47:44 PM

Rank: AiutAmico

Iscritto dal : 8/31/2007
Posts: 3,448
e' esattamente cio' che ho fatto, l'ho rifatto ma a me pare lo stesso e' "scritto case insensitive"


REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "McAfee" 13/10/2009 16.44.16

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB1358E3-48FD-469E-B075-C539955E40C2}\InprocServer32]
@="c:\\PROGRA~1\\mcafee\\msc\\mcndsv.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF0F1C05-6135-424B-8EFD-3DBCDA7063FB}\InprocServer32]
@="c:\\PROGRA~1\\mcafee\\msc\\mcndsv.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{16EC136D-A6F0-4833-8FE1-ECA50DE15F5E}\1.0\0\win32]
@="c:\\PROGRA~1\\mcafee\\msc\\mcndsv.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{19F4CECD-60C0-49D3-86F9-839544C513CF}\1.0\0\win32]
@="c:\\PROGRA~1\\mcafee\\msc\\mcoemmgr.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{50AC6496-E590-48FB-8E3E-8FBA058D2F5D}\1.0\0\win32]
@="C:\\Program Files\\McAfee\\MSM\\mcsmtfwk.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-mcafee.com]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-mcafee.com\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee-antivirus-2007.com]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee-antivirus-2007.com\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com\www]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MFEAVFK\0000]
"DeviceDesc"="McAfee Inc. mfeavfk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MFEBOPK\0000]
"DeviceDesc"="McAfee Inc. mfebopk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MFEHIDK\0000]
"DeviceDesc"="McAfee Inc. mfehidk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MFEHIDK01\0000]
"DeviceDesc"="McAfee Inc."

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MFERKDK\0000]
"DeviceDesc"="McAfee Inc. mferkdk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MFESMFK\0000]
"DeviceDesc"="McAfee Inc. mfesmfk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\McLogEvent]
"EventMessageFile"="C:\\Program Files\\McAfee\\VirusScan\\NAIEvent.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_MFEAVFK\0000]
"DeviceDesc"="McAfee Inc. mfeavfk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_MFEBOPK\0000]
"DeviceDesc"="McAfee Inc. mfebopk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_MFEHIDK\0000]
"DeviceDesc"="McAfee Inc. mfehidk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_MFEHIDK01\0000]
"DeviceDesc"="McAfee Inc."

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_MFERKDK\0000]
"DeviceDesc"="McAfee Inc. mferkdk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_MFESMFK\0000]
"DeviceDesc"="McAfee Inc. mfesmfk"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\McLogEvent]
"EventMessageFile"="C:\\Program Files\\McAfee\\VirusScan\\NAIEvent.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MFEAVFK\0000]
"DeviceDesc"="McAfee Inc. mfeavfk"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MFEBOPK\0000]
"DeviceDesc"="McAfee Inc. mfebopk"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MFEHIDK\0000]
"DeviceDesc"="McAfee Inc. mfehidk"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MFEHIDK01\0000]
"DeviceDesc"="McAfee Inc."

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MFERKDK\0000]
"DeviceDesc"="McAfee Inc. mferkdk"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MFESMFK\0000]
"DeviceDesc"="McAfee Inc. mfesmfk"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\McLogEvent]
"EventMessageFile"="C:\\Program Files\\McAfee\\VirusScan\\NAIEvent.dll"

[HKEY_USERS\.DEFAULT\Software\McAfee]

[HKEY_USERS\.DEFAULT\Software\McAfee\VirusScan]

[HKEY_USERS\.DEFAULT\Software\McAfee\VirusScan\FullScan]

[HKEY_USERS\.DEFAULT\Software\McAfee\VirusScan\QuickScan]

[HKEY_USERS\.DEFAULT\Software\McAfee\VirusScan\RightScan]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-mcafee.com]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-mcafee.com\www]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee-antivirus-2007.com]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee-antivirus-2007.com\www]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com\www]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com\www]

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Google\Google Desktop\HistoricalCapture\Crawler]
"blacklist_files"="c:\\progra~1\\mcafee\\msc\\oeminfo\\msk\\cs\\662-15\\mskrgw.inf c:\\acer\\preload\\autorun\\drv\\ativga\\config\\lifdf6~1.txt c:\\book\\modem manual.pdf c:\\program files\\mcafee\\msc\\oeminfo\\mps\\zh-cn\\662-19\\subst.cab c:\\program files\\mcafee\\msc\\oeminfo\\msk\\cs\\662-15\\mskrgw.inf c:\\progra~1\\mcafee\\msc\\oeminfo\\mps\\zh-cn\\662-19\\subst.cab c:\\acer\\preload\\autorun\\drv\\ativga\\config\\licensekor.txt c:\\progra~1\\acer\\wr_popup\\privacy\\estoni~1.pdf c:\\program files\\acer arcade deluxe\\acer arcade deluxe\\customizations\\generic\\style\\cascade\\media\\standard\\toolbar\\favorite_p.png c:\\program files\\acer\\wr_popup\\privacy\\estonianprivacy.pdf c:\\progra~1\\acerar~1\\acerar~1\\koan\\python24.zip c:\\acer\\preload\\autorun\\drv\\ativga\\packages\\drivers\\display\\lh_inf\\b_77887\\atiogl.xml c:\\program files\\acer arcade deluxe\\acer arcade deluxe\\koan\\python24.zip c:\\progra~1\\acerar~1\\acerar~1\\custom~1\\generic\\style\\cascade\\media\\standard\\toolbar\\favori~4.png c:\\book\\modemm~1.pdf"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\106dbd8a_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\Program Files\\McAfee.com\\Agent\\mcagent.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\55717e3e_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\Program Files\\McAfee.com\\Agent\\mcupdate.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\56e6211_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\Program Files\\McAfee\\VirusScan\\mcvsshld.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\575f4708_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\PROGRA~1\\McAfee\\MPF\\MC\\MpfAlert.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5b1193d8_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\PROGRA~1\\McAfee\\MSC\\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\68ceb11d_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\PROGRA~1\\McAfee\\VIRUSS~1\\mcvsshld.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\71eebe89_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\Program Files\\McAfee\\MSC\\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\99446239_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\Program Files\\McAfee\\MPF\\MC\\MpfAlert.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c0d51219_0]
@="{0.0.0.00000000}.{8b2cbf97-03a1-45e2-87be-c1e4e38acdd1}|\\Device\\HarddiskVolume2\\PROGRA~1\\McAfee.com\\Agent\\mcagent.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\McAfee]

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com]

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com\www]

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com]

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com\www]

[HKEY_USERS\S-1-5-21-966093477-1798243618-2112350761-1000\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
"C:\\Program Files\\McAfee.com\\Agent\\mcagent.exe"="WINXPSP2"

[HKEY_USERS\S-1-5-18\Software\McAfee]

[HKEY_USERS\S-1-5-18\Software\McAfee\VirusScan]

[HKEY_USERS\S-1-5-18\Software\McAfee\VirusScan\FullScan]

[HKEY_USERS\S-1-5-18\Software\McAfee\VirusScan\QuickScan]

[HKEY_USERS\S-1-5-18\Software\McAfee\VirusScan\RightScan]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-mcafee.com]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-mcafee.com\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee-antivirus-2007.com]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee-antivirus-2007.com\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-mcafee.com\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mcafee-antivirus-2007.com\www]



edit, e' incredibile ma ho rifatto una scansione con HIJACK e mi pare diversa da quella al primo post, mcafee non appare (mi sembra) mentre appare AVG come e' normale, non ci capisco piu' nulla.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16.51.31, on 13/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\PLFSetI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Arimondo\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=2&o=vp32&d=0709&m=aspire_5536
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} (Ovi maps browser plugin) - http://static.s2g.gate5.de/ovi_maps/OviMaps_2.2.30.3.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll,avgrsstx.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9704 bytes



INOLTRE ho rifatto una scansione con CCLEANER e in pratica vedendo i file che mi cancella dal registro di sistema c'e' anche ".msi.package", per forza poi non funzionano gli installer con queste estensioni, ma siccome ne trova migliaia di file da cancellare non si puo' toglierne uno per uno, e' un problema.
Torna in alto
 
shapiro
Inviato: Tuesday, October 13, 2009 7:22:58 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
potrei anche prepararti un file .reg per eliminare le chiavi, ma non posso prendermi una responsabilita' cosi' grande, a meno che tu non mi autorizzi a farlo

fai una cosa

disinstalla ccleaner e fai una nuova istallazione


scaricalo da qui e leggi attentamente tutti i passaggi e settalo per bene


http://www.aiutamici.com/software?ID=11223

l'altra soluzione e' quella del programma reg seeker che eliminera' tutte le chiavi, ma a te non funziona(strano)

attendo tue notizie
Torna in alto
 
pokerdassi
Inviato: Wednesday, October 14, 2009 9:38:42 AM

Rank: AiutAmico

Iscritto dal : 8/31/2007
Posts: 3,448
Ciao, per quanto riguarda i file di registro non so' perche' ccleaner mi cancella tutto, cmq ho provato ADVANCED SYSTEM CARE, mi ha fatto una bella pulizia e ora funziona tutto, solo che riprovando con CCLEANER mi trova altri file tra i quali .MSI. PACKAGE( sara' questo che non mi fa' piu' funzionare gli installer in .msi).
ricapitolando, hai fatto caso che i due log di HIJACK sono diversi tra loro? in uno appare mcafee, nell'altro non appare piu' ma appare sia AVG che PC TOOLS FIREWALL PLUS(come deve essere)
Ho riprovato a inserire il pendrive e il pc si e' spento di nuovo dopo una schermata blu', c'ho inserito il cellulare con il cavo usb e va bene( e' un problema di pendrive).

per reg. seeker quale programma intendi? mi hai posto regsrch.zip e mi hai consigliato il visualizzatori di eventi ma non abbiamo mai parlato di reg. seeker.

per ultimo se a ccleaner tolgo la spunta alle ddl condivise non mi cancella il package .msi.


domanda; ma il secondo log di hijack cosa dice? e' a posto?
Torna in alto
 
shapiro
Inviato: Wednesday, October 14, 2009 12:19:50 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
il pc che si spegne lo fa solo con quella pendrive? prova ad inserirne un'altra e vedi se lo fa' ancora

fai questa scansione, al resto pensiamo dopo

Scarica e installa malwarebytes.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completata, posta il rapporto.

per ora non rimuovere niente
Torna in alto
 
pokerdassi
Inviato: Wednesday, October 14, 2009 2:34:38 PM

Rank: AiutAmico

Iscritto dal : 8/31/2007
Posts: 3,448
si lo fa' solo con quella pendrive, ho provato con altri collegamenti nella stessa porta usb e funziona tutto, appena ci metto quella pendrive crasha tutto il sistema, esce scritto che l'ultima volta non l'ho disattivata prima di espellerla, cmq ti postero' il log di malware appena ritorno sull'altro pc.
Torna in alto
 
shapiro
Inviato: Wednesday, October 14, 2009 4:25:50 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
comunque ricorda prima di rimuovere la pendrive di accedere alla ''rimozione sicura dell'hardware'', eviti oltretutto di perdere i dati

aspetto il log di malwarebytes
Torna in alto
 
pokerdassi
Inviato: Wednesday, October 14, 2009 5:19:22 PM

Rank: AiutAmico

Iscritto dal : 8/31/2007
Posts: 3,448
Ho rimesso la pendrive e adesso va' anche con questa, il log di malware non ha rilevato nulla di malevolo, credo che continuero' ad usare ADVANCED SYSTEM per la pulizia dei file di registro, ecco il log.

Malwarebytes' Anti-Malware 1.41
Versione del database: 2959
Windows 6.0.6002 Service Pack 2

14/10/2009 17.14.10
mbam-log-2009-10-14 (17-14-10).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 211255
Tempo trascorso: 1 hour(s), 6 minute(s), 22 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)

PER reg. sekeer intendevi l'utilita' di sistema o il programma?
Torna in alto
 
shapiro
Inviato: Wednesday, October 14, 2009 5:23:23 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
Commenta:
PER reg. sekeer intendevi l'utilita' di sistema o il programma?


il programmino che ti ho fatto usare- provalo se vuoi togliere le chiavi inutili


mi dici quali problemi riscontri al momento?
Torna in alto
 
pokerdassi
Inviato: Thursday, October 15, 2009 9:42:51 AM

Rank: AiutAmico

Iscritto dal : 8/31/2007
Posts: 3,448
Adesso va' tutto bene, ho rifatto una pulizia del reg. con ccleaner togliendo la spunta(estensioni file non usate) mi ha rimosso parecchio materiale ma non i file del'installer di windows( .msi----------.msu), ho usato di nuovo quel programmino "reg. srch" mi trova chiavi di mcafee nel registro ma non te le fa' togliere( almeno io non so' il procedimento), cmq seguendo il percorso del file di log di questo pogramma si trovano i file di mcafee ma credo che non siano dei veri e propri file ma cartelle vuote, come del resto ho trovato parecchie cartelle vuote di programmi che ora non ho piu' sul pc, non credo che siano un problema.


dalla traybar mi e' sparita l'icona di connessione wifi, andando in proprieta' della barra delle applicazioni non c'e' verso di mettere la spunta su' rete nella finestra "area di notifica".
Torna in alto
 
shapiro
Inviato: Thursday, October 15, 2009 9:57:43 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
Commenta:
ho usato di nuovo quel programmino "reg. srch" mi trova chiavi di mcafee nel registro ma non te le fa' togliere( almeno io non so' il procedimento)


guarda e' semplice- quando finisce la scansione, evidenzia quello che vuoi togliere ed elimini le chiavi

per l'icona della wifi, prova in questo modo, non ti assicuro niente perche' tu hai vista


Premi Start -> Impostazioni -> Connessioni di rete e accedi dentro questa cartella dove dovrebbe esserci l'icona chiamata Connessione rete senza fili
Torna in alto
 
pokerdassi
Inviato: Thursday, October 15, 2009 2:23:22 PM

Rank: AiutAmico

Iscritto dal : 8/31/2007
Posts: 3,448
Come posso eliminare i file inutili da word?
forse parliamo di 2 programmi diversi, ti posto la finestra del programma che mi hai postato:



come vedi posso solo fare una ricerca e basta.
Torna in alto
 
Utenti presenti in questo topic
Guest

2 pages: [1] 2

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » mi controllate il log per favore?


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.