Accedi per seguire   
Seguaci 0
joga113

Disconnessione Continua Ogni 5 Minuti

4 messaggi in questa discussione

Spero possiate aiutarmi, ormai è impossibile navigare su internet :)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17.16.17, on 21/03/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programmi\AntiVir PersonalEdition Premium\avguard.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\D-Link\DSL-200\dslstat.exe

C:\Program Files\D-Link\DSL-200\dslagent.exe

C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe

C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe

C:\Programmi\Mediafour\MacDrive\MDDiskProtect.exe

C:\Programmi\Mediafour\XPlay\XPTRYICN.EXE

C:\Programmi\File comuni\Mediafour\MACVNTFY.EXE

C:\Programmi\AntiVir PersonalEdition Premium\avgnt.exe

C:\Programmi\MessengerPlus! 3\MsgPlus.exe

C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe

C:\Programmi\Musicmatch\Musicmatch Jukebox\mim.exe

C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Programmi\AntiVir PersonalEdition Premium\sched.exe

C:\Programmi\AntiVir PersonalEdition Premium\avesvc.exe

C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Programmi\CyberLink\Shared files\RichVideo.exe

C:\Programmi\Spyware Terminator\sp_rsser.exe

C:\WINDOWS\system32\svchost.exe

C:\Programmi\Messenger\msmsgs.exe

C:\Programmi\AntiVir PersonalEdition Premium\avmailc.exe

C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe

C:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe

C:\Programmi\PC Connectivity Solution\ServiceLayer.exe

C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Programmi\MSN Messenger\usnsvc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Programmi\Java\jre1.6.0_03\bin\jucheck.exe

C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti

O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programmi\Crawler\Toolbar\ctbr.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: Toolbar &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programmi\Crawler\Toolbar\ctbr.dll

O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\D-Link\DSL-200\dslstat.exe icon

O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\D-Link\DSL-200\dslagent.exe

O4 - HKLM\..\Run: [startCCC] C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKLM\..\Run: [spywareTerminator] "C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe"

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe

O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmi\CyberLink\PowerDVD\Language\Language.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [MDDiskProtect.exe] C:\Programmi\Mediafour\MacDrive\MDDiskProtect.exe

O4 - HKLM\..\Run: [Mediafour XPlay Tray Notification Icon] C:\Programmi\Mediafour\XPlay\XPTRYICN.EXE

O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Programmi\File comuni\Mediafour\MACVNTFY.EXE" /auto

O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition Premium\avgnt.exe" /min

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe

O4 - HKLM\..\Run: [MMTray] "C:\Programmi\Musicmatch\Musicmatch Jukebox\mm_tray.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Vidalia] "C:\Programmi\Vidalia Bundle\Vidalia\vidalia.exe"

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKCU\..\Run: [AnyDVD] C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe

O4 - HKCU\..\Run: [Veoh] "C:\Programmi\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: MSN Pictures Displayer.lnk = C:\Programmi\MSN Pictures Displayer\MSN Pictures Displayer.exe

O4 - Global Startup: Privoxy.lnk = C:\Programmi\Vidalia Bundle\Privoxy\privoxy.exe

O8 - Extra context menu item: Crawler Search - tbr:iemenu

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Programmi\Crawler\Toolbar\ctbr.dll

O23 - Service: AntiVir PersonalEdition Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Premium\avmailc.exe

O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Premium\sched.exe

O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Premium\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Premium\avesvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared files\RichVideo.exe

O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe

--

End of file - 9087 bytes

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Ciao joga113,

dal log di Hijackthis non si vede nulla di strano...

Disabilita il tuo antivirus.

Scarica Combofix da uno dei seguenti links:

Bleeping Computer, TechSupport Forum, Foro Spyware, Geeks to go.

Salvalo sul desktop.

(se il file salvato dal primo link non dovesse funzionare, prova a scaricarlo da uno dei successivi)

1. Doppio click su combofix.exe, comparirà la seguente videata:

combofix01fn6.jpg

2. Digita 1, premi Invio e segui le indicazioni.

3. Al termine, verrà creato un file log chiamato C:\ComboFix.txt.

Nota: Durante l'operazione di scansione è importante non usare il PC e attendere pazientemente la fine delle operazioni.

Nota: ComboFix non funziona in modalità provvisoria.

Esegui una scansione online con Kaspersky (su "my computer")ed allega il report in formato HTML

http://forum.wininizio.it/index.php?showtopic=36981&hl=

Se non riesci ad allegare il report,

carica il file su http://www.wikifortio.com/

e poi copia il link per poterlo scaricare.

:P:)

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

ComboFix 08-03-20.5 - Fede 2008-03-21 17.43.29.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.417 [GMT 1:00]

Eseguito da: C:\Documents and Settings\Fede\Desktop\ComboFix.exe

* Creato nuovo punto di ripristino

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\Fede\Dati applicazioni\inst.exe

.

((((((((((((((((((((((((( Files Creati Da 2008-02-21 al 2008-03-21 )))))))))))))))))))))))))))))))))))

.

2008-03-21 17:02 . 2008-03-21 17:02 <DIR> d-------- C:\Programmi\Trend Micro

2008-03-10 19:09 . 2006-01-19 11:05 108,544 --------- C:\WINDOWS\system32\pxcpyi64.exe

2008-03-10 19:09 . 2006-01-19 11:05 104,960 --------- C:\WINDOWS\system32\pxinsi64.exe

2008-03-10 19:08 . 2008-03-10 19:09 <DIR> d-------- C:\Programmi\Musicmatch

2008-03-10 19:08 . 2008-03-10 19:08 <DIR> d-------- C:\Documents and Settings\Fede\Dati applicazioni\Musicmatch

2008-03-09 08:59 . 2008-03-21 16:57 <DIR> d-------- C:\Documents and Settings\Fede\Dati applicazioni\Spyware Terminator

2008-03-07 10:53 . 2008-03-09 04:31 <DIR> d-------- C:\Programmi\Free Download Manager

2008-03-07 10:42 . 2008-03-07 10:42 <DIR> d-------- C:\WINDOWS\system32\Plugins

2008-03-07 10:42 . 2008-03-07 10:42 1,068 --a------ C:\WINDOWS\unins000.dat

2008-03-05 14:50 . 2008-03-05 14:58 <DIR> d-------- C:\Downloads

2008-03-05 14:49 . 2008-03-05 15:27 <DIR> d-------- C:\Documents and Settings\Fede\Dati applicazioni\Orbit

2008-03-04 08:29 . 2008-03-04 08:29 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_motccgpfl_01005.Wdf

2008-03-04 08:29 . 2008-03-04 08:29 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_motccgp_01005.Wdf

2008-03-04 07:32 . 2008-03-04 07:34 <DIR> d-------- C:\Programmi\Motorola Phone Tools

2008-03-04 07:15 . 2008-03-04 07:15 <DIR> d-------- C:\Programmi\QuickTime

2008-03-04 07:15 . 2008-03-04 07:15 <DIR> d-------- C:\Programmi\ImTOO

2008-02-29 02:39 . 2008-03-13 12:15 182 --a------ C:\WINDOWS\ScreenHunter.INI

2008-02-28 20:44 . 2008-02-28 20:44 <DIR> d-------- C:\Programmi\FM Modifier 2.2

2008-02-28 14:21 . 2008-02-28 14:21 <DIR> d-------- C:\Programmi\Wisdom-soft ScreenHunter 5 Free

2008-02-24 17:26 . 2008-02-24 17:26 <DIR> dr-h----- C:\Documents and Settings\Fede\Dati applicazioni\SecuROM

2008-02-24 17:26 . 2008-02-24 17:26 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll

2008-02-24 17:20 . 2008-02-24 17:20 <DIR> d--h----- C:\Documents and Settings\Fede\InstallAnywhere

2008-02-24 04:34 . 2008-02-24 04:34 <DIR> d-------- C:\Documents and Settings\Fede\Dati applicazioni\Sports Interactive

2008-02-24 04:15 . 2008-02-24 04:17 <DIR> d-------- C:\Programmi\Zero G Registry

2008-02-24 04:15 . 2008-02-24 04:15 <DIR> d-------- C:\Programmi\Sports Interactive

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-03-21 16:10 --------- d-----w C:\Documents and Settings\Fede\Dati applicazioni\Vidalia

2008-03-21 15:57 --------- d-----w C:\Programmi\Spyware Terminator

2008-03-21 15:57 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spyware Terminator

2008-03-21 15:09 --------- d-----w C:\Documents and Settings\Fede\Dati applicazioni\tor

2008-03-20 16:49 --------- d-----w C:\Programmi\AntiVir PersonalEdition Premium

2008-03-20 02:08 --------- d-----w C:\Programmi\eMule

2008-03-10 18:09 --------- d--h--w C:\Programmi\InstallShield Installation Information

2008-03-10 17:51 --------- d-----w C:\Programmi\Winamp

2008-03-08 04:24 138,752 ----a-w C:\WINDOWS\system32\drivers\sp_rsdrv2.sys

2008-03-04 06:34 --------- d-----w C:\Programmi\Avanquest update

2008-02-28 02:01 --------- d-----w C:\Programmi\Windows Live

2008-02-17 16:45 --------- d-----w C:\Programmi\MSN Messenger

2008-02-17 16:20 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Messenger Plus!

2008-02-17 16:19 --------- d-----w C:\Programmi\MessengerPlus! 3

2008-02-17 12:15 --------- d-----w C:\Programmi\Windows Live Toolbar

2008-02-17 12:14 --------- dcsh--w C:\Programmi\File comuni\WindowsLiveInstaller

2008-02-17 11:50 --------- d-----w C:\Programmi\MessengerDiscovery

2008-02-16 14:39 --------- d-----w C:\Programmi\Microsoft SQL Server Compact Edition

2008-02-16 14:29 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller

2008-02-11 22:51 --------- d-----w C:\Programmi\Codice Fiscale 4

2008-02-11 18:22 --------- d-----w C:\Programmi\Messenger Plus! Live

2008-02-04 23:55 --------- d-----w C:\Documents and Settings\Fede\Dati applicazioni\dvdcss

2008-02-01 10:17 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR

2008-01-31 16:45 --------- d-----w C:\Documents and Settings\Fede\Dati applicazioni\Nokia Multimedia Player

2008-01-28 15:55 --------- d-----w C:\Documents and Settings\Fede\Dati applicazioni\MSN Pictures Displayer

2008-01-22 00:40 446,976 ----a-w C:\WINDOWS\system32\ShellMPD.dll

2008-01-22 00:40 --------- d-----w C:\Programmi\MSN Pictures Displayer

2008-01-10 03:23 102,352 ----a-w C:\Documents and Settings\All Users\Dati applicazioni\firstlsp.reg.dat

2008-01-07 13:55 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe

2008-01-01 10:28 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe

2007-09-21 11:05 47,360 ----a-w C:\Documents and Settings\Fede\Dati applicazioni\pcouffin.sys

.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{A08FB30D-51C4-4E54-AA5E-FF18739802EA}]

@=Mediafour Mac Volume Icons

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 04:39 15360]

"Vidalia"="C:\Programmi\Vidalia Bundle\Vidalia\vidalia.exe" [2007-08-26 07:02 11852288]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe" [2007-09-20 14:35 202024]

"DAEMON Tools"="C:\Programmi\DAEMON Tools\daemon.exe" [2007-09-18 15:16 171464]

"AnyDVD"="C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe" [2007-10-27 13:40 1600448]

"Veoh"="C:\Programmi\Veoh Networks\Veoh\VeohClient.exe" [2008-01-30 13:11 3497984]

"MessengerPlus3"="C:\Programmi\MessengerPlus! 3\MsgPlus.exe" [2008-02-17 17:19 190024]

"msnmsgr"="C:\Programmi\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]

"PC Suite Tray"="C:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 10:12 695808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DSLSTATEXE"="C:\Program Files\D-Link\DSL-200\dslstat.exe" [2004-11-26 05:05 356352]

"DSLAGENTEXE"="C:\Program Files\D-Link\DSL-200\dslagent.exe" [2004-11-26 05:05 16384]

"StartCCC"="C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35 90112]

"SpywareTerminator"="C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2008-03-08 05:24 2957824]

"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 16:07 61952 C:\WINDOWS\system32\HdAShCut.exe]

"RemoteControl"="C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe" [2007-02-07 15:24 71216]

"LanguageShortcut"="C:\Programmi\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 15:21 54832]

"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06 40048]

"NeroFilterCheck"="C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]

"NBKeyScan"="C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51 1836328]

"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]

"MDDiskProtect.exe"="C:\Programmi\Mediafour\MacDrive\MDDiskProtect.exe" [2005-04-15 22:54 106496]

"Mediafour XPlay Tray Notification Icon"="C:\Programmi\Mediafour\XPlay\XPTRYICN.EXE" [2004-09-27 14:11 94208]

"Mediafour Mac Volume Notifications"="C:\Programmi\File comuni\Mediafour\MACVNTFY.exe" [2002-12-17 15:43 61440]

"avgnt"="C:\Programmi\AntiVir PersonalEdition Premium\avgnt.exe" [2008-01-10 04:28 249896]

"MessengerPlus3"="C:\Programmi\MessengerPlus! 3\MsgPlus.exe" [2008-02-17 17:19 190024]

"MimBoot"="C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe" [2006-01-19 11:06 11776]

"MMTray"="C:\Programmi\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2006-01-19 11:06 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-20 04:39 15360]

"Nokia.PCSync"="C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]

C:\Documents and Settings\Fede\Menu Avvio\Programmi\Esecuzione automatica\

MSN Pictures Displayer.lnk - C:\Programmi\MSN Pictures Displayer\MSN Pictures Displayer.exe [2008-01-22 01:40:19 4571136]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\

Privoxy.lnk - C:\Programmi\Vidalia Bundle\Privoxy\privoxy.exe [2006-11-20 15:30:54 250368]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"C:\\Programmi\\MSN Messenger\\msnmsgr.exe"=

R0 MDPMGRNT;MDPMGRNT;C:\WINDOWS\system32\drivers\MDPMGRNT.sys [2005-07-20 23:35]

R1 MDFSYSNT;MDFSYSNT;C:\WINDOWS\system32\drivers\MDFSYSNT.sys [2006-09-13 19:53]

R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-03-08 05:24]

R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};C:\Programmi\CyberLink\PowerDVD\000.fcl [2006-11-02 15:51]

R2 AntiVirMailService;AntiVir PersonalEdition Premium MailGuard;"C:\Programmi\AntiVir PersonalEdition Premium\avmailc.exe" [2008-01-10 04:28]

R2 AVEService;AntiVir PersonalEdition Premium MailGuard helper service;"C:\Programmi\AntiVir PersonalEdition Premium\avesvc.exe" [2008-01-10 04:28]

S3 DADriv1;DADriv1;C:\Documents and Settings\Fede\Desktop\DAEngine\DAK32.sys []

S3 ESISTEMA53;ESISTEMA53;C:\Programmi\RuanEngine\sistema32.sys []

S3 motccgp;Motorola USB Composite Device Driver;C:\WINDOWS\system32\DRIVERS\motccgp.sys [2007-04-02 22:13]

S3 motccgpfl;MotCcgpFlService;C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2007-01-23 20:03]

S3 MotDev;Motorola Inc. USB Device;C:\WINDOWS\system32\DRIVERS\motodrv.sys [2006-12-14 11:27]

S3 Sex1;Sex1;C:\Documents and Settings\Fede\Documenti\injection wolf\Sex.sys [2007-10-05 21:25]

S3 XDva042;XDva042;C:\WINDOWS\system32\XDva042.sys []

S3 XDva068;XDva068;C:\WINDOWS\system32\XDva068.sys []

S3 XDva072;XDva072;C:\WINDOWS\system32\XDva072.sys []

S3 XDva074;XDva074;C:\WINDOWS\system32\XDva074.sys []

S3 XDva078;XDva078;C:\WINDOWS\system32\XDva078.sys []

S3 XDva092;XDva092;C:\WINDOWS\system32\XDva092.sys []

S3 XDva093;XDva093;C:\WINDOWS\system32\XDva093.sys []

S3 XDva104;XDva104;C:\WINDOWS\system32\XDva104.sys []

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-21 17:46:19

Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo

Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]

"ImagePath"="\??\C:\Programmi\CyberLink\PowerDVD\000.fcl"

.

Ora fine scansione: 2008-03-21 17.46.44

ComboFix-quarantined-files.txt 2008-03-21 16:46:42

.

2008-03-11 12:39:29 --- E O F ---

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Crea un account o accedi per lasciare un commento

Devi essere un utente registrato per partecipare

Crea un account

Iscriviti per un nuovo account nella nostra community. È facile!


Registra un nuovo account

Accedi

Sei già registrato? Accedi qui.


Accedi Ora
Accedi per seguire   
Seguaci 0