birbantella
WinGirls-
Numero contenuti
25 -
Iscritto
-
Ultima visita
Su birbantella
-
Livello
Novizio
- Compleanno 04/03/1984
-
grazie ancora di tutto!!!!
-
ragazzi...nn so proprio come ringraziarvi...credetemi...avete fatto un lavoro di quelli mai visti...GRAZIE GRAZIE GRAZIE A TUTTI COLORO che SONO INTERVENUTI IN QUESTA DISCUSSIONE E CHE MI HANNO AIUTATO A RISOLVERE IL PROBLEMA!!!! :omaggi: PS: un'ultima cosa...adesso l'antivirus migliore che io possa avere sul mio pc qual'è???
-
Ciao ragà...forse ce l'abbiamo fatta...forse... Questo è il rapporto di HJT...se gentilmente lo controllate...thanks Logfile of HijackThis v1.99.1 Scan saved at 13:30, on 2007-07-20 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Programmi\Norton AntiVirus\navapsvc.exe C:\Programmi\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\VEXPLITE\viritsvc.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\VEXPLITE\MONLITE.EXE C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Programmi\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\File comuni\Teleca Shared\CapabilityManager.exe C:\Programmi\Alice ti aiuta\bin\mpbtn.exe C:\Programmi\File comuni\Teleca Shared\Generic.exe C:\Programmi\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\wuauclt.exe C:\Programmi\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programmi\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programmi\Macrogaming\SweetIMBarForIE\toolbar.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Collegamento alla pagina delle proprietà di High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [intelliPoint] "C:\Programmi\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Programmi\Aethra\ADSL EB1070 USB\CnxTrApp.dll",AppEntry -REG "Aethra\ADSL EB1070 USB" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE O4 - HKLM\..\Run: [ccApp] - O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programmi\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] ~"C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [sweetIM] C:\Programmi\Macrogaming\SweetIM\SweetIM.exe O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZCxdm451YYIT O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programmi\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
-
sono riuscita ad aggiungere old...adesso che devo fare?
-
sdfix SDFix: Version 1.92 Run by Ale on 2007-07-17 at 15:43 Microsoft Windows XP [Versione 5.1.2600] Running From: C:\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Missing Security Center Service Restoring Missing SharedAccess Service Rebooting... Normal Mode: Checking Files: No Trojan Files Found Removing Temp Files... ADS Check: C:\WINDOWS No streams found. C:\WINDOWS\system32 No streams found. C:\WINDOWS\system32\svchost.exe No streams found. C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" Remaining Files: --------------- Files with Hidden Attributes: C:\WINDOWS\system32\config\default.tmp.LOG C:\WINDOWS\system32\config\SAM.tmp.LOG C:\WINDOWS\system32\config\SECURITY.tmp.LOG C:\WINDOWS\system32\config\software.tmp.LOG C:\WINDOWS\system32\config\system.tmp.LOG Finished
-
combofix "Ale" - 2007-07-17 15.26.39 - ComboFix 07-07-17.3 - Service Pack 2 NTFS [sAFE MODE] Command switches used :: /wow /wow section - STAGE #6I ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\DOCUME~1\Ale\DATIAP~1\Install.dat C:\WINDOWS\144.exe C:\WINDOWS\system32\6_exception.nls ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) -------\LEGACY_BCRSVDMI -------\LEGACY_OKLPTZZP -------\LEGACY_RUNTIME -------\bcrsvdmi -------\oklptzzp ((((((((((((((((((((((((( Files Created from 2007-06-17 to 2007-07-17 ))))))))))))))))))))))))))))))) 2007-07-17 15:25 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-17 14:32 28,672 --a------ C:\WINDOWS\system32\f3PSSavr.scr 2007-07-17 14:32 <DIR> d-------- C:\Programmi\MyWebSearch 2007-07-17 14:32 <DIR> d-------- C:\Programmi\FunWebProducts 2007-07-16 13:19 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-07-16 13:19 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-07-16 13:19 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-07-16 13:19 2,090 --a------ C:\WINDOWS\system32\tmp.reg 2007-07-12 17:57 <DIR> d-------- C:\Programmi\MSXML 4.0 2007-07-12 17:35 <DIR> d-------- C:\DOCUME~1\Enzo\DATIAP~1\Help 2007-07-12 17:16 <DIR> d-------- C:\DOCUME~1\Enzo\DATIAP~1\Teleca 2007-07-12 13:39 <DIR> d-------- C:\DOCUME~1\Ale\DATIAP~1\Sony Ericsson 2007-07-12 13:38 <DIR> d-------- C:\DOCUME~1\Ale\DATIAP~1\Teleca 2007-07-12 13:36 <DIR> d-------- C:\Programmi\Sony Ericsson 2007-07-12 13:36 <DIR> d-------- C:\Programmi\File comuni\Teleca Shared 2007-07-12 13:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Documents 2007-07-12 13:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATIAP~1\Teleca 2007-07-12 13:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATIAP~1\Sony Ericsson 2007-07-12 13:35 <DIR> d-------- C:\DOCUME~1\Ale\DATIAP~1\AdobeAUM 2007-07-12 13:30 61,600 -ra------ C:\WINDOWS\system32\drivers\SE2Dbus.sys 2007-07-12 13:30 5,872 -ra------ C:\WINDOWS\system32\drivers\SE2Dwhnt.sys 2007-07-12 13:30 5,872 -ra------ C:\WINDOWS\system32\drivers\SE2Dwh.sys 2007-07-11 19:26 <DIR> d-------- C:\DOCUME~1\Enzo\DATIAP~1\uTorrent 2007-07-11 19:21 <DIR> d-------- C:\DOCUME~1\Enzo\Phone Browser 2007-07-10 16:08 <DIR> d-------- C:\DOCUME~1\Ale\Phone Browser 2007-07-09 20:58 150 --a------ C:\DOCUME~1\Ale\echo.reg 2007-07-09 20:54 <DIR> d-------- C:\DOCUME~1\Ale\dlls 2007-07-09 20:54 <DIR> d-------- C:\DOCUME~1\Ale\backregs 2007-07-09 17:47 <DIR> d---s---- C:\WINDOWS\Tasks 2007-07-09 17:37 <DIR> d-------- C:\Programmi\HJT 2007-07-09 17:35 <DIR> d-------- C:\DOCUME~1\Ale\.SunDownloadManager 2007-07-09 16:13 <DIR> d-------- C:\VundoFix Backups 2007-07-09 15:59 <DIR> d-------- C:\QUARANTENA_VIRIT 2007-07-09 15:37 36,096 --a------ C:\WINDOWS\system32\drivers\VIRAGTLT.SYS 2007-07-09 15:37 <DIR> d-------- C:\VEXPLITE 2007-07-09 15:30 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2007-07-09 15:30 <DIR> dr-h----- C:\DOCUME~1\ADMINI~1\Dati applicazioni 2007-07-09 15:30 <DIR> dr------- C:\DOCUME~1\ADMINI~1\Menu Avvio 2007-07-09 15:30 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Risorse di stampa 2007-07-09 15:30 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Risorse di rete 2007-07-09 15:30 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Modelli 2007-07-09 15:30 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Impostazioni locali 2007-07-09 15:30 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Preferiti 2007-07-09 15:30 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Documenti 2007-07-09 15:19 <DIR> d--hs---- C:\WINDOWS\CSC 2007-07-09 10:09 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2007-07-09 10:09 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2007-07-09 10:09 <DIR> d-------- C:\WINDOWS\system32\PreInstall 2007-07-09 10:09 <DIR> d-------- C:\DOCUME~1\NETWOR~1\Menu Avvio 2007-07-08 17:04 <DIR> d-------- C:\DOCUME~1\Ale\DATIAP~1\Lavasoft 2007-07-07 10:41 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution 2007-07-05 13:56 684,567 --a------ C:\WINDOWS\system32\libeay32.dll 2007-07-05 13:56 147,729 --a------ C:\WINDOWS\system32\libssl32.dll 2007-07-05 13:53 751,616 --a------ C:\WINDOWS\system32\yaviwndb.dll 2007-07-05 13:53 62,464 --a------ C:\WINDOWS\system32\qacyvvgf.dll 2007-07-05 13:52 93,696 --a------ C:\WINDOWS\system32\swjvmdwo.dll 2007-07-05 13:52 41,472 --a------ C:\WINDOWS\system32\sddrjlez.dll 2007-07-05 13:52 121,856 --a------ C:\WINDOWS\system32\souvhkzj.dll 2007-07-05 13:32 74,752 --a------ C:\WINDOWS\system32\gmjagmj.dll 2007-07-05 13:32 12,416 --a------ C:\WINDOWS\system32\drivers\eygxdvwp.sys 2007-07-02 23:31 <DIR> dr------- C:\DOCUME~1\LOCALS~1\Documenti 2007-06-23 02:45 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATIAP~1\TomTom 2007-06-23 02:40 <DIR> d-------- C:\Programmi\TomTom DesktopSuite 2007-06-20 19:01 <DIR> d-------- C:\DOCUME~1\Ale\DATIAP~1\Canon (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-17 12:44:36 -------- d-----w C:\Programmi\eMule 2007-07-17 12:32:54 -------- d-----w C:\Programmi\MSN Messenger 2007-07-15 13:15:36 359,808 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2007-07-11 14:49:12 1,324 ----a-w C:\WINDOWS\system32\d3d9caps.dat 2007-07-11 11:50:30 -------- d-----w C:\Programmi\File comuni\Symantec Shared 2007-07-10 19:15:16 -------- d-----w C:\Programmi\Messenger 2007-07-10 08:26:32 54,946 ----a-w C:\WINDOWS\system32\perfc010.dat 2007-07-10 08:26:32 409,152 ----a-w C:\WINDOWS\system32\perfh010.dat 2007-07-09 14:30:55 -------- d-----w C:\Programmi\Microsoft IntelliPoint 2007-07-09 13:59:01 -------- d-----w C:\Programmi\Microsoft IntelliType Pro 2007-07-06 17:33:20 -------- d-----w C:\DOCUME~1\Ale\DATIAP~1\uTorrent 2007-06-23 00:44:03 -------- d--h--w C:\Programmi\InstallShield Installation Information 2007-06-16 19:11:58 -------- d-----w C:\DOCUME~1\Ale\DATIAP~1\PC Suite 2007-06-16 12:48:20 -------- d-----w C:\Programmi\DIFX 2007-06-16 12:48:01 -------- d-----w C:\Programmi\File comuni\PCSuite 2007-06-16 12:48:01 -------- d-----w C:\Programmi\File comuni\Nokia 2007-06-16 12:47:58 -------- d-----w C:\Programmi\Nokia 2007-06-11 08:31:30 -------- d-----w C:\Programmi\Windows Live 2007-06-11 08:31:30 -------- d-----w C:\Programmi\Messenger Plus! Live 2007-06-08 13:06:10 304,160 ----a-w C:\StiImg.dat 2007-05-16 15:12:56 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-04-25 14:21:04 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2007-04-18 16:14:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] 2006-01-12 20:38 63128 --a------ C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] 2006-10-27 01:48 2210608 --a------ C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{78358DD4-1F1E-4A84-88E4-D75CC5C30C59}] 2007-07-15 14:53 74752 --a------ c:\windows\system32\gmjagmj.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] 2006-07-07 13:29 324416 --a------ C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] 2006-09-27 18:45 544032 --a------ C:\Programmi\Windows Live Toolbar\msntb.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}] 2005-07-15 16:26 218736 --a------ C:\Programmi\Norton AntiVirus\NavShExt.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F6A2E74A-E729-4FF4-8E8B-7D22BF0A8793}] 2007-07-14 14:08 62464 --a------ c:\windows\system32\qacyvvgf.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nwiz"="nwiz.exe" [2005-06-15 11:20 C:\WINDOWS\system32\nwiz.exe] "Collegamento alla pagina delle proprietà di High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 16:10 C:\WINDOWS\system32\Hdaudpropshortcut.exe] "SoundMan"="SOUNDMAN.EXE" [2004-09-23 21:27 C:\WINDOWS\SOUNDMAN.EXE] "IntelliPoint"="C:\Programmi\Microsoft IntelliPoint\point32.exe" [] "CnxTrApp"="C:\Programmi\Aethra\ADSL EB1070 USB\CnxTrApp.dll" [2004-04-20 17:24] "PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-06-15 12:36] "VIRIT LITE MONITOR"="C:\VEXPLITE\MONLITE.EXE" [2007-07-14 14:04] "ccApp"="-" [] "Adobe Photo Downloader"="C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46] "@"="" [] "Sony Ericsson PC Suite"="C:\Programmi\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 17:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-07 14:00] "msnmsgr"="~C:\Programmi\MSN Messenger\MsnMsgr.exe" [] "SweetIM"="C:\Programmi\Macrogaming\SweetIM\SweetIM.exe" [] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL" [2006-10-27 01:48] ************************************************************************** catchme 0.3.1017 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-17 15:32:15 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-07-17 15:33:00 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-07-17 15:33 --- E O F ---
-
:sigh: :sigh: :sigh: niente da fare non me la fa cancellare.....
-
per eliminare il file uso hijack this?
-
nada....non se ne vuole andare proprio...
-
ehi ciao... nn va SmitfraudFix...appena lo apro premo invio e poi mi esce una schermata rossa che mi dice che è impossibile continuare....
-
mi sa che sono rimaste le 2 voci............ Logfile of HijackThis v1.99.1 Scan saved at 17.55.50, on 11/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Programmi\Norton AntiVirus\navapsvc.exe C:\Programmi\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\VEXPLITE\viritsvc.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\VEXPLITE\MONLITE.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe C:\Programmi\Alice ti aiuta\bin\mpbtn.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\wuauclt.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\Programmi\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\cidaemon.exe C:\Programmi\WinRAR\WinRAR.exe C:\DOCUME~1\Ale\IMPOST~1\Temp\Rar$EX00.438\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programmi\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL O2 - BHO: (no name) - {78358DD4-1F1E-4A84-88E4-D75CC5C30C59} - c:\windows\system32\gmjagmj.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programmi\Macrogaming\SweetIMBarForIE\toolbar.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Collegamento alla pagina delle proprietà di High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [intelliPoint] "C:\Programmi\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Programmi\Aethra\ADSL EB1070 USB\CnxTrApp.dll",AppEntry -REG "Aethra\ADSL EB1070 USB" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE O4 - HKLM\..\Run: [ccApp] - O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] ~"C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [sweetIM] C:\Programmi\Macrogaming\SweetIM\SweetIM.exe O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: htefcacp - C:\WINDOWS\SYSTEM32\gmjagmj.dll O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programmi\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
-
steve...........sembra che sia andato via...........nn mi esce + l'errore...
-
Si è verificato un errore in GENERIC HOST PROCESS FOR WIN32 SERVICES...questo è l'errore....
-
allora steve......qui nulla ho effettuato le ultime operazioni che mi hai consigliato...ma l'errore è rimasto...nn so...........ma se formatto il pc sto virus se ne va???
-
non me la fa eliminare nemmeno se do le autorizzazioni che faccio?