aklak
Utenti-
Numero contenuti
98 -
Iscritto
-
Ultima visita
Tutti i contenuti di aklak
-
ho un pc nuovo...con internet e' lento...sto provando di tutto...non capisco piu' se eì lento lui o la linea...(alice 7mb).. il pc e' questo http://www.amazon.it/Samsung-NP305U1A-A02IT-Notebook-Processore-E/dp/B0068ZOQZG questi alcuni commenti negativi.. Ci sono un mucchio di programmi spazzatura da rimuovere, all'inizio non riuscivo a vedere i film 1080p, erano scattosissimi, dopo l'aggiornamento di Windows e la rimozione della spazzatura inutile, funziona ora perfettamente anche con i 1080p. Per i miei gusti è un pò troppo pieno di software preinstallato - ma per avere pc "puliti" ormai bisogna costruirseli, perlomeno i fissi, lo schermo è senza trattamento glare, per fortuna, l'audio è forse un pò basso. come dotazione software word ed excel senza scadenza peccato per l'audio, quasi inesistente anche con volume al massimo, la poca durata delle batterie (ma e' accettabile visto il peso ridotto del pc) e i vari programmi samsung che disturbano in continuazione, da eleminare; peccato anche che non si possa spegnere il wi-fi quando non serve a meno di essere connesso come amministratore (ma sapete tutti benissimo come questo sia in generale sconsigliabile) grazie Andrea
-
-
nel mio pc ho il tasto stamp.assieme a Ins in azzurro(per attivarlo devo premere anche il tasto Fn)....non si riesce..
-
come devo fare a postare la schermata in allegato?? grazie
-
Ciao....ho un problema che non riesco a risolvere... quendo scarico dal mulo dei giochi oltre i 4 gb mi da il solito messaggio: Non è possibile scaricare questo File perchè il tuo filesystem non supporta File di dimensioni maggiori di 4GB ho un ACER portatile con l'HD in 2 partizioni C e D... per convertire scrivo su esegui CMD poi al prompt di windows CONVERT D: /FS:NTFS mi viene scritto :il file system e' di tipo FAT 32 inserire l'etichetta di volue corrente per l'unita' D: : cosa devo scrivere??? se premo invio mi dice:e'stata specificat un etichetta di volume ecc.... qualsiasi cosa scrivo mi dice:e' stata specificata un'etichetta di volume non valida per questa unita'... grazie ancora... Andrea
-
risolto.. grazie..
-
Ciao,vi chiedo un'aiuto da un paio di giorni ogni qualvolta mi connetto ad internet ho il segno di spunta NON IN LINEA in strumenti attivo,così non riesco ad aprire le pagine,cioe' quando clikko per l'apertura di una nuova pagina mi appare il quadratino di Connessione rempta ,poi l'altro a forma rettangolare sempre chiedendomi "connetti"... cioe' anche se tolgo la spunta a NON IN LINEA automaticamente poi riappare...perche???? cosa e' successo??? grazie Andrea
-
hai ragione...ma era perlopiu' rivolto a me stesso.... sono quelle cose che mi rendono nervoso.... ciao
-
Ecco ha ricominciato.... ma perche??
-
Risolto.... resettato il Router... cmq grazie.. ciao
-
Si, Avast sembrava una palla al piede più che un antivirus. pure io ho lo stesso problema!!! come si deve fare???? devi disintallare avast e poi installare antivir ma va?????
-
Si, Avast sembrava una palla al piede più che un antivirus. pure io ho lo stesso problema!!! come si deve fare????
-
Dopo aver tentato l'aggiornamento(quanto ci mette a collergarsi con il server???!!!!) ,non e' riuscito ad aggiornare il database...perche?? riporto quanto scritto nel reports: 15.04.2008 15:17:05 - Installation Directory: C:\Programmi\Avira\AntiVir PersonalEdition Classic\ 15.04.2008 15:17:05 - Backup Directory: C:\Documents and Settings\All Users\Dati applicazioni\Avira\AntiVir PersonalEdition Classic\BACKUP\ 15.04.2008 15:17:05 - Temp Directory: C:\Documents and Settings\All Users\Dati applicazioni\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_4804aad1\ 15.04.2008 15:17:06 - Start the Update GUI... Displaymode: 0 15.04.2008 15:17:05 - Installation Directory: C:\Programmi\Avira\AntiVir PersonalEdition Classic\ 15.04.2008 15:17:05 - Backup Directory: C:\Documents and Settings\All Users\Dati applicazioni\Avira\AntiVir PersonalEdition Classic\BACKUP\ 15.04.2008 15:17:05 - Temp Directory: C:\Documents and Settings\All Users\Dati applicazioni\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_4804aad1\ 15.04.2008 15:17:06 - Start the Update GUI... Displaymode: 0 15.04.2008 15:17:08 - Keyfile: OK [FULL Mode] 15.04.2008 15:17:08 - Avira AntiVir PersonalEdition Classic 15.04.2008 15:17:35 - Connection failed while downloading the file http://dl6.avgate.net/upd/idx/master.idx. 15.04.2008 15:17:35 - Switching to next update server 15.04.2008 15:17:56 - Connection failed while downloading the file http://dl3.avgate.net/upd/idx/master.idx. 15.04.2008 15:17:56 - Switching to next update server 15.04.2008 15:18:17 - Connection failed while downloading the file http://dl1.avgate.net/upd/idx/master.idx. 15.04.2008 15:18:17 - Switching to next update server 15.04.2008 15:18:22 - Master IDX file has changed 15.04.2008 15:18:28 - Keyfile: OK [FULL Mode] 15.04.2008 15:18:50 - There was a problem updating from the specified server: Connection failed while downloading the file http://dl2.avgate.net/upd/idx/classic-nt-en.idx. 15.04.2008 15:18:50 - Switching to next update server 15.04.2008 15:19:16 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |UpdateInProgress 15.04.2008 15:19:16 - Critical error: Connection failed while downloading the file http://dl5.avgate.net/upd/idx/master.idx. grazie... p.s l'ho appena istallato e nn sono molto pratico di questo antivirus... Ciao
-
fatto.... ma non si aggiorna!!! possibile 2 min. per collegarsi al server.... mi sa che mi tocca riinstallare avast...
-
O.k,provero' si ho alice adsl 7 mega...
-
Da un paio di giorni mi appare durante la connessione il messaggio di Avast in basso a dx che c'e un attacco al pc con questa scritta???..."COM Exploit attack from 79.0.211.30:135".... Cos'E'??? Grazie Ciao
-
Grazie.... fatttto.... Ciao
-
Nelle Risorse del Computer mi sono trovato un'icona (2 monitorini con un telefonino+modem) con scritto Internet per Adulti :o .... Non riesco a toglierla!!!! Se clicco sopra co il tasto DX appare la scritta:Open My Menu e Crea Collegamento se clicco sopra Open My Menu per aprirlo mi appare il pannello Apri con... cosa devo fare???? Cosa puo' essere??? Grazie per l'attenzione..... Ciao
-
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17.03.29, on 04/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\PC Tools Firewall Plus\FWService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Programmi\Synaptics\SynTP\SynTPLpr.exe C:\Programmi\Synaptics\SynTP\SynTPEnh.exe C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe C:\acer\epm\epm-dm.exe C:\Programmi\Launch Manager\QtZgAcer.EXE C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\QuickTime\qttask.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe C:\PROGRA~1\MICROS~3\wcescomm.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Acer\eManager\anbmServ.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Programmi\acer\eRecovery\Monitor.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\Programmi\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://virgilio.alice.it/index.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://it.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programmi\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [synTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot O4 - HKLM\..\Run: [LManager] C:\Programmi\Launch Manager\QtZgAcer.EXE O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [00PCTFW] "C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe" -s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Crea preferito portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1196236404062 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BE883DFA-3F90-4295-B725-A5FB17FFC08A}: NameServer = 85.37.17.52 85.38.28.92 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Programmi\PC Tools Firewall Plus\FWService.exe -- End of file - 8763 bytes
-
Ho fatto una scansione e mi sono trivato questo sito,non riesco ad eliminarlo....non so cosa sia....come posso fare... Grazie Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18.01.39, on 01/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Programmi\Synaptics\SynTP\SynTPLpr.exe C:\Programmi\Synaptics\SynTP\SynTPEnh.exe C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe C:\acer\epm\epm-dm.exe C:\Programmi\Launch Manager\QtZgAcer.EXE C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe C:\Programmi\Windows Defender\MSASCui.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\QuickTime\qttask.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe C:\PROGRA~1\MICROS~3\wcescomm.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Acer\eManager\anbmServ.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Programmi\acer\eRecovery\Monitor.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Mozilla Firefox\firefox.exe C:\Programmi\Skype\Phone\Skype.exe C:\Programmi\Skype\Plugin Manager\skypePM.exe C:\Programmi\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.qoogler.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://it.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programmi\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [synTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot O4 - HKLM\..\Run: [LManager] C:\Programmi\Launch Manager\QtZgAcer.EXE O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Crea preferito portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O15 - Trusted Zone: www.www.sessosubito.net O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase4009.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1196236404062 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BE883DFA-3F90-4295-B725-A5FB17FFC08A}: NameServer = 85.37.17.52 85.38.28.92 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe -- End of file - 8895 bytes
-
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17.46.57, on 02/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Programmi\Synaptics\SynTP\SynTPLpr.exe C:\Programmi\Synaptics\SynTP\SynTPEnh.exe C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe C:\acer\epm\epm-dm.exe C:\Programmi\Launch Manager\QtZgAcer.EXE C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\QuickTime\qttask.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe C:\PROGRA~1\MICROS~3\wcescomm.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Acer\eManager\anbmServ.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\acer\eRecovery\Monitor.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Internet Explorer\iexplore.exe C:\WINDOWS\explorer.exe C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\Programmi\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://virgilio.alice.it/index.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://it.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programmi\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [synTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot O4 - HKLM\..\Run: [LManager] C:\Programmi\Launch Manager\QtZgAcer.EXE O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Crea preferito portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1196236404062 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BE883DFA-3F90-4295-B725-A5FB17FFC08A}: NameServer = 85.37.17.52 85.38.28.92 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe -- End of file - 8539 bytes
-
ComboFix 08-03-01.3 - Andrea 2008-03-02 17.40.14.1 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.532 [GMT 1:00] Eseguito da: C:\Documents and Settings\Andrea\Desktop\ComboFix.exe * Creato nuovo punto di ripristino WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Creati Da 2008-02-02 al 2008-03-02 ))))))))))))))))))))))))))))))))))) . 2008-03-02 10:40 . 2008-02-14 21:04 39,808 --a------ C:\WINDOWS\system32\drivers\VIRAGTLT.SYS 2008-03-02 10:39 . 2008-03-02 10:39 <DIR> d-------- C:\VEXPLITE 2008-03-02 08:51 . 2008-03-02 08:51 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-03-02 08:51 . 2008-03-02 08:51 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab 2008-03-02 08:31 . 2008-03-02 08:31 <DIR> d-------- C:\Programmi\Lavasoft 2008-03-02 08:31 . 2008-03-02 08:31 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft 2008-03-02 08:18 . 2008-03-02 08:18 0 --a------ C:\WINDOWS\system32\slkgq.pbk 2008-03-02 08:18 . 2008-03-02 08:18 0 --a------ C:\WINDOWS\system32\sgff.pbk 2008-03-02 08:18 . 2008-03-02 08:18 0 --a------ C:\WINDOWS\system32\nqjtqlfirn.pbk 2008-03-02 08:18 . 2008-03-02 08:18 0 --a------ C:\WINDOWS\system32\emkhgno.pbk 2008-03-02 08:17 . 2008-03-02 08:17 0 --a------ C:\WINDOWS\system32\rtnssbpb.pbk 2008-03-02 08:16 . 2008-03-02 08:16 0 --a------ C:\WINDOWS\system32\lokmblnnq.pbk 2008-03-01 19:34 . 2008-03-01 19:34 0 --a------ C:\WINDOWS\system32\j.pbk 2008-03-01 19:34 . 2008-03-01 19:34 0 --a------ C:\WINDOWS\system32\atlmdrk.pbk 2008-03-01 19:33 . 2008-03-01 19:33 0 --a------ C:\WINDOWS\system32\iddjdifrgshd.pbk 2008-03-01 19:32 . 2008-03-01 19:32 0 --a------ C:\WINDOWS\system32\g.pbk 2008-03-01 19:31 . 2008-03-01 19:31 0 --a------ C:\WINDOWS\system32\rigifchjkqj.pbk 2008-03-01 19:31 . 2008-03-01 19:31 0 --a------ C:\WINDOWS\system32\ekp.pbk 2008-03-01 19:31 . 2008-03-01 19:31 0 --a------ C:\WINDOWS\system32\caqkkestdb.pbk 2008-03-01 19:31 . 2008-03-01 19:31 0 --a------ C:\WINDOWS\system32\btetofbdml.pbk 2008-03-01 19:30 . 2008-03-01 19:30 0 --a------ C:\WINDOWS\system32\jmf.pbk 2008-03-01 19:29 . 2008-03-01 19:29 0 --a------ C:\WINDOWS\system32\pqbqq.pbk 2008-03-01 19:29 . 2008-03-01 19:29 0 --a------ C:\WINDOWS\system32\js.pbk 2008-03-01 19:27 . 2008-03-01 19:27 <DIR> dr-hs---- C:\WINDOWS\system32\mswill 2008-03-01 19:27 . 2008-03-01 19:27 0 --a------ C:\WINDOWS\system32\qocqfpfcdahg.pbk 2008-03-01 18:41 . 2008-03-01 18:41 <DIR> d-------- C:\Documents and Settings\Andrea\Dati applicazioni\SUPERAntiSpyware.com 2008-03-01 18:41 . 2008-03-01 18:42 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\SUPERAntiSpyware.com 2008-02-24 09:45 . 2008-02-24 09:45 <DIR> d-------- C:\Programmi\Rinera Networks 2008-02-16 12:44 . 2008-02-16 12:44 <DIR> d-------- C:\Programmi\Telecom Italia 2008-02-13 16:22 . 2008-02-13 16:22 0 --a------ C:\WINDOWS\system32\nag.pbk 2008-02-13 16:22 . 2008-02-13 16:22 0 --a------ C:\WINDOWS\system32\lms.pbk 2008-02-13 16:22 . 2008-02-13 16:22 0 --a------ C:\WINDOWS\system32\fal.pbk 2008-02-13 16:22 . 2008-02-13 16:22 0 --a------ C:\WINDOWS\system32\ehqjdp.pbk 2008-02-13 16:22 . 2008-02-13 16:22 0 --a------ C:\WINDOWS\system32\cbgkihhbtcn.pbk 2008-02-13 16:20 . 2008-02-13 16:20 0 --a------ C:\WINDOWS\system32\tli.pbk 2008-02-12 18:20 . 2008-02-12 18:20 <DIR> d-------- C:\Programmi\File comuni\Wise Installation Wizard 2008-02-11 17:39 . 2008-02-13 18:14 664 --a------ C:\WINDOWS\cdplayer.ini 2008-02-11 17:17 . 2008-02-11 17:17 <DIR> d-------- C:\Programmi\Burrrn . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-22 17:57 --------- d-----w C:\Programmi\File comuni\xing shared 2008-01-22 17:56 --------- d-----w C:\Programmi\Real 2008-01-22 17:56 --------- d-----w C:\Programmi\File comuni\Real 2008-01-13 16:42 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy 2008-01-13 16:29 --------- d-----w C:\Programmi\Trend Micro 2008-01-12 15:31 --------- d-----w C:\Programmi\File comuni\SWF Studio 2008-01-12 15:30 --------- d-----w C:\Programmi\Riva 2008-01-11 21:26 --------- d-----w C:\Programmi\Microsoft ActiveSync 2008-01-11 05:32 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll 2007-12-19 22:50 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll 2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\dllcache\mrxdav.sys 2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2007-12-13 18:33 155,995 ----a-w C:\WINDOWS\java\Packages\2QXVTVR1.ZIP 2007-12-08 05:04 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll 2007-12-06 11:03 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe 2007-12-06 11:03 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe 2007-12-06 11:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-12-06 04:59 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll 2007-12-04 18:40 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll 2007-12-04 18:40 550,912 ----a-w C:\WINDOWS\system32\dllcache\oleaut32.dll 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* i valori vuoti & legittimi/default non sono visualizzati. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 05:00 15360] "MSMSGS"="C:\Programmi\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe" [2006-03-01 19:43 90112] "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-08-30 17:43 4670704] "H/PC Connection Agent"="C:\PROGRA~1\MICROS~3\wcescomm.exe" [2005-11-15 20:35 1204224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LaunchApp"="Alaunch" [] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-02-07 19:36 155648] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-02-07 19:32 126976] "SynTPLpr"="C:\Programmi\Synaptics\SynTP\SynTPLpr.exe" [2004-10-07 23:44 98394] "SynTPEnh"="C:\Programmi\Synaptics\SynTP\SynTPEnh.exe" [2004-10-07 23:43 688218] "RemoteControl"="C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe" [2004-07-15 01:07 32768] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-19 05:00 208952] "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-19 05:00 59392] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-19 05:00 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-19 05:00 455168] "EPM-DM"="c:\acer\epm\epm-dm.exe" [2005-03-28 18:04 188416] "ePowerManagement"="C:\Acer\ePM\ePM.exe" [2005-03-24 09:13 2880512] "LManager"="C:\Programmi\Launch Manager\QtZgAcer.EXE" [2005-03-28 12:20 319488] "eRecoveryService"="C:\Windows\System32\Check.exe" [2005-03-23 10:01 245760] "EPSON Stylus D68 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.exe" [2005-01-25 05:00 98304] "SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "NeroFilterCheck"="C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648] "QuickTime Task"="C:\Programmi\QuickTime\qttask.exe" [2007-12-31 20:08 77824] "Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792] "TkBellExe"="C:\Programmi\File comuni\Real\Update_OB\realsched.exe" [2008-01-22 18:56 185896] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 05:00 15360] "DWQueuedReporting"="C:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 19:29 39264] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Programmi\\Yahoo!\\Messenger\\YahooMessenger.exe"= "C:\\Programmi\\Yahoo!\\Messenger\\YServer.exe"= "C:\\Programmi\\eMule\\emule.exe"= "C:\Programmi\Microsoft ActiveSync\rapimgr.exe"= C:\Programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Programmi\Microsoft ActiveSync\wcescomm.exe"= C:\Programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Programmi\Microsoft ActiveSync\WCESMgr.exe"= C:\Programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Programmi\\Real\\RealPlayer\\realplay.exe"= "C:\\Programmi\\Messenger\\msmsgs.exe"= "C:\\Programmi\\Internet Explorer\\IEXPLORE.EXE"= "C:\\Programmi\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 13:10] R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-03-24 16:54] R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57] R3 int15.sys;int15.sys;C:\Programmi\acer\eRecovery\int15.sys [2005-01-13 14:46] . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-02 17:41:29 Windows 5.1.2600 Service Pack 2 FAT NTAPI scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ************************************************************************** . Ora fine scansione: 2008-03-02 17.41.54 . 2008-02-29 13:19:08 --- E O F ---
-
Ho fatto la scansione on-line con Kaspersky ma nn ha trovato niente,ho salvato il report sul desktop sottoforma di icona internet ma nn so come fare per allegarla... solo che quella specie di icona nel pannello di controllo c'e ancora... :ranting2: Grazie..cmq per l'aiuto...
-
Ora e' partito....non avevo selezionato My Computer... :sonno:
-
Ho fatto,ma dopo che mi ha scaricato gli aggiornamenti,quando devo iniziare la scansione del sistema non parte,dicendomi quelmessaggio....??? Cmq ora ho installato ViriT eXplorer 6.2 e dopo la scansione mi ha trovato questo... VirIT eXplorer Lite Log [sCANSIONE DELLA MEMORIA] OK -------------------------------------------------------- 02/03/2008 - 10:40:38 [sCANSIONE DEL REGISTRO] OK [C:] MASTER BOOT RECORD: OK BOOT SECTOR: OK C:\WINDOWS\system32\winsvc\svc\MMS.exe Infetto da Trojan.Win32.Agent.BKC * * * RIMOSSO * * * C:\WINDOWS\system32\winsvc\svc\qoogler.exe Infetto da Trojan.Win32.Agent.BJO * * * RIMOSSO * * * C:\System Volume Information\_restore{9FDF10CC-C9E9-459E-A5F2-2B5ECF7B5A60}\RP103\A0017257.exe Infetto da Trojan.Win32.Agent.BKC * * * RIMOSSO * * * C:\System Volume Information\_restore{9FDF10CC-C9E9-459E-A5F2-2B5ECF7B5A60}\RP103\A0017258.exe Infetto da Trojan.Win32.Agent.BJO * * * RIMOSSO * * * [D:] MASTER BOOT RECORD: OK BOOT SECTOR: OK [E:] Chiavi Registro infette: 0. Files Infetti: 4. Files Sospetti: 0. Files Analizzati: 38118. Files Totali: 38118. Chiavi Registro rimosse: 0. Virus Rimossi: 4. [sCANSIONE DELLA MEMORIA] OK