minore di capitale

Magazine
Go Back   Computer Juice > Computer Software > Virus, Spyware e sicurezza
Reload this Page

Più lento e più lento

Registrati Sito Spy Elenco membri Donazione Ricerca Today's Posts Mark Forums Read Regole Forum

Register


 Default 

Più lento e più lento




Reply
Pagina 1 di 5 1 2345
 
Thread Tools
  #1  
Old 4. Aprile 2008, 10:57
Membro Gruppo
  
Default Più lento e più lento

Dopo aver scaricato alcune cose il mio computer è sempre più lente con fastidiosi spyware / malware aggiungere popping up che I cant sbarazzarsi. Please help ragazzi ..
  #2  
Old 4. Aprile 2008, 11:02
Amministratore del Gruppo
  
Default Più lento e più lento

Inizia qui: http://www.computer-juice.com/forums...-posting-7476/
__________________

Il mio sistema: Hybr! D

Processor (s):
AMD Turion 64 X2 TL-64 2.2GHz
Motherboard:
HP nForce 560
Memoria RAM:
2GB DDR2 PC2-5300
Schede grafiche (s):
Nvidia 7150M integrata a bordo
Scheda Audio:
5,1 a bordo integrata
Hard Drive (s):
250GB 5400RPM SATA300
Optical Drive (s):
18x CD / DVDRW DL-ATA
Case / alimentatore:
Magazzino HP
Raffreddamento:
Magazzino HP
Rete / Internet:
10/100 Nic / 10MB Vergine cavo
Monitor (s):
17 "WXGA + HD BrightView Widescreen
Operating System (s):
Windows 7 Ultimate 32Bit
  #3  
Old 4. Aprile 2008, 14:51
Membro Gruppo
  
Default Più lento e più lento

ok questo è il primo registro. Colgo che ho appena continuare?

SUPERAntiSpyware Scan Entra
http://www.superantispyware.com
Generata 04/04/2008 alle 10:06 PM
Versione applicazione: 4.0.1154
Core Regole Database Version: 3431
Trace Regole Database Version: 1423
Tipo di scansione: Scansione completa
Totale Scan Time: 01:41:45
Memoria oggetti scanditi: 703
Memoria minacce rilevate: 1
Registro di oggetti scanditi: 5826
Registro di minacce rilevate: 43
File oggetti scanditi: 289779
File minacce rilevate: 158
Adware.Vundo Variante / Resident
C: \ WINDOWS \ SYSTEM32 \ MLJJJ.DLL
C: \ WINDOWS \ SYSTEM32 \ MLJJJ.DLL
Trojan.WinFixer
HKLM \ Software \ Classes \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA)
HKCR \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA)
HKCR \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA) \ InprocServer32
HKCR \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA) \ InprocServer32 # ThreadingModel
HKLM \ Software \ Classes \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B)
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B)
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B) \ InprocServer32
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B) \ InprocServer32 # ThreadingModel
C: \ WINDOWS \ SYSTEM32 \ JKKLL.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (09888678-51D6-42FC-9437-CBBFDA0B86EA)
Adware.Vundo Variante
HKLM \ Software \ Classes \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9) \ InprocServer32
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9) \ InprocServer32 # ThreadingModel
C: \ WINDOWS \ SYSTEM32 \ TUVSQPQ.DLL
HKLM \ Software \ Classes \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2) \ InprocServer32
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2) \ InprocServer32 # ThreadingModel
C: \ WINDOWS \ SYSTEM32 \ YAYWUVW.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (D85530E8-D39D-49D0-9F36-300D594556D2)
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
Unclassified.Unknown di origine
HKLM \ Software \ Classes \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ InprocServer32
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ ProgID
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ programmabili
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ TypeLib
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ VersionIndependentProgID
C: \ PROGRA ~ 1 \ DAP \ SBSEARCH.DLL
HKU \ S-1-5-21-73586283-1326574676-839522115-1004 \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ SearchHook.SrchHook.1
HKCR \ SearchHook.SrchHook
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6)
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1,0
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ 0
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ 0 \ win32
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ FLAGS
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ HELPDIR
Adware.Tracking Cookie
C: \ Documents and Settings \ Danny \ cookies \ danny @ sys-servizio [1]. Txt
C: \ Documents and Settings \ Danny \ cookies \ danny @ tribalfusion [1]. Txt
C: \ Documents and Settings \ Danny \ cookies \ danny @ doppio [1]. Txt
C: \ Documents and Settings \ Danny \ cookies \ danny@bs.serving-sys [1]. Txt
C: \ Documents and Settings \ Danny \ cookies \ danny@bs.serving-sys [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@ad.yieldmanager [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@ad.zanox [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ adnetserver [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@ads.alpharooms [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@ads1.alpharooms [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@ads2.alpharooms [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@ads3.alpharooms [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@ads4.alpharooms [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ adultfriendfinder [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ gostats [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ hornymatches [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ indexstats [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ indexstats [3]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ linksynergy [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@media2.mediafileshost [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ statcounter [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@statse.webtrendslive [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@tracking.summitmedia.co [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@webstats.wthosting.co [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@www.admedia365 [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@www.admedia365 [3]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@www.hxtrack [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
H: \ Documenti e più recenti Imposta \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Documenti e più recenti Imposta \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Documenti e più recenti Imposta \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
H: \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
Trojan.Unknown di origine
C: \ WINDOWS \ system32 \ nGpxx01
HKLM \ Software \ xpre
HKLM \ Software \ xpre # execount
Adware.VXGame-Trace
HKU \ S-1-5-21-73586283-1326574676-839522115-1005 \ Software \ kernelexe
Adware.Vundo Variante / Rel.
C: \ WINDOWS \ SYSTEM32 \ ACCDD.INI
C: \ WINDOWS \ SYSTEM32 \ ACCDD.INI2
C: \ WINDOWS \ SYSTEM32 \ ILKKJ.INI
C: \ WINDOWS \ SYSTEM32 \ ILKKJ.INI2
C: \ WINDOWS \ SYSTEM32 \ JJJLM.INI
C: \ WINDOWS \ SYSTEM32 \ JJJLM.INI2
C: \ WINDOWS \ SYSTEM32 \ LLKKJ.INI
C: \ WINDOWS \ SYSTEM32 \ LLKKJ.INI2
C: \ WINDOWS \ SYSTEM32 \ LNNMP.INI2
C: \ WINDOWS \ SYSTEM32 \ MCRH.TMP
C: \ WINDOWS \ SYSTEM32 \ RRQSS.INI
C: \ WINDOWS \ SYSTEM32 \ VVVWA.INI2
Adware.Vundo-Variante
C: \ WINDOWS \ SYSTEM32 \ DDCCA.DLL
C: \ WINDOWS \ SYSTEM32 \ SSQRR.DLL
Minaccia Trace.Known Fonti
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ index [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ fondo [2]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_t1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ CAXOO75T.htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ xrest [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ ajax [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ verx [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_brd-top-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ manager [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ errorhandler [2]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i701_line2 [1]. Jpg
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_boton1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ errorhandler [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ niz [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ errorhandler [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \-i53b_btn caratteristiche [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_cor-sinistra-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_icon3 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ cripta [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ finestra [1]. Js
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ pulita [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_bg1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ stats [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ top [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ SDWBGNOV \ main_02 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ CASL6F4X.htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_line2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_cor-destra-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ AHGZAXI5 \ consigliamo [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_icon5 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ stili [5]. Css
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ ZLGK0BFB \ off_2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_bg2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ progressi [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_btn-panoramica [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ indice [5]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ stats [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_bg3 [1]. Jpg
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 8NKJEV4R \ bottom_r_2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ urgente [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ errorhandler [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ AC_RunActiveContent [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ midle [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ stili [2]. Css
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_boton4 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_btn-acquisto [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ spacer [4]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ ajax [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ G92ZKB2T \ marchio [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CX8VSB4B \ bottom_r [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ cripta [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ errsnd [1]. Swf
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CX8VSB4B \ bottom_l [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_brd-top-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ cripta [2]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ AHGZAXI5 \ secpan [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_btn-home [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ CAUJABA1.htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ AC_ActiveX [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_line3 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ chec [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_icon1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ ajax [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_btn-download [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ ZLGK0BFB \ x [2]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ CA3MKJZH.htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_BG [1]. Jpg
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_line1 [1]. Jpg
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_brd-bot-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_pc [1]. Jpg
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_boton2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_brd-bot-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_bg4 [1]. Jpg
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ manager [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_btn aggiornamenti [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ manager [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ UR2NQ1UR \ avviso [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ flash [1]. Js
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_spacer [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ AL6HK9M7 \ main_06 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ head_r_back [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ scudo [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_line3 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i701_boton2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ flash_detect [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ svolgere [1]. Js
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ UR2NQ1UR \ main_10 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ main_05 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ croce [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ G92ZKB2T \ main_07 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ EJ23EDUF \ closebutton [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 8NKJEV4R \ main_03 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ ban_2 [1]. Swf
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ logo2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ dati [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ off_back [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ AL6HK9M7 \ download [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ main_04 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ popup [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ left_3 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ bottom_l_2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ Z81HJ8WK \ right_2 [1]. Gif
  #4  
Old 4. Aprile 2008, 19:20
Moderatore del Gruppo
  
Default Più lento e più lento

Si prega di continuare con il resto della procedura. Ogni passo cerca e correzioni varie minacce.
__________________
  #5  
Old 5. Aprile 2008, 00:13
Membro Gruppo
  
Default Più lento e più lento

OK Heres secondo log ..

Malwarebytes' Anti-Malware 1,10
Database versione: 592
Tipo di scansione: Scansione completa (A: \ | C: \ | D: \ | E: \ | H: \ | I: \ | J: \ |)
Oggetti scandita: 336027
Tempo trascorso: 1 ora (s), 8 minuti (s), 1 secondo (s)
Processi di memoria infetti: 5
Moduli di memoria infetti: 0
Chiavi di registro infette: 10
Valori del registro infetti: 7
I dati del Registro di oggetti infetti: 0
Cartelle infette: 0
File infetti: 11
Processi di memoria infetti:
C: \ WINDOWS \ system32 \ drivers \ ctfmon.exe (Trojan.Agent) -> Unloaded processo successo.
C: \ WINDOWS \ system32 \ drivers \ ctfmon.exe (Trojan.Agent) -> Unloaded processo successo.
C: \ Documents and Settings \ Danny \ Impostazioni locali \ Dati applicazioni \ spool.exe (Trojan.Agent) -> Unloaded processo successo.
C: \ Documents and Settings \ Danny \ Impostazioni locali \ Dati applicazioni \ spool.exe (Trojan.Agent) -> Unloaded processo successo.
C: \ Documents and Settings \ Danny \ Impostazioni locali \ Dati applicazioni \ spool.exe (Trojan.Agent) -> Unloaded processo successo.
Moduli di memoria infetti:
(N. oggetti dannosi individuati)
Chiavi di registro infette:
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet001 \ Services \ s chedule (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet002 \ Services \ s chedule (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Accenture es \ calendario (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_CURRENT_USER \ Software \ Microsoft \ affri (Malware.Trace) -> quarantena ed eliminato con successo.
HKEY_CURRENT_USER \ Software \ Microsoft \ affltid (Malware.Trace) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affltid (Malware.Trace) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affri (Malware.Trace) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ MS Juan (Malware.Trace) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> quarantena ed eliminato con successo.
Valori del registro infetti:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ BMafb2445c (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run \ ntuser (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ ntuser (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Run \ ntuser (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Run \ autoload (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run \ autoload (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ autoload (Trojan.Agent) -> quarantena ed eliminato con successo.
I dati del Registro di oggetti infetti:
(N. oggetti dannosi individuati)
Cartelle infette:
(N. oggetti dannosi individuati)
I file infetti:
C: \ Documents and Settings \ LocalService \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ GHIJKLMN \ giri [1]. Jpg (Trojan.Madcode) -> quarantena ed eliminato con successo.
C: \ System Volume Information \ (_Restore B4EDD13F-A6F1-41A1-814E-E5C94DDA45B5) \ RP8 \ A0002994.exe (Trojan.Downloader) -> quarantena ed eliminato con successo.
C: \ WINDOWS \ system32 \ iupdate.exe (Trojan.Madcode) -> quarantena ed eliminato con successo.
C: \ WINDOWS \ system32 \ kchkioor.dll (Trojan.Agent) -> Elimina il riavvio.
C: \ WINDOWS \ system32 \ drivers \ ctfmon.exe (Trojan.Agent) -> quarantena ed eliminato con successo.
C: \ WINDOWS \ system32 \ pac.txt (Malware.Trace) -> quarantena ed eliminato con successo.
C: \ WINDOWS \ system32 \ drivers \ spools.exe (Trojan.Agent) -> quarantena ed eliminato con successo.
C: \ Documents and Settings \ Danny \ cftmon.exe (Trojan.Agent) -> quarantena ed eliminato con successo.
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Dati applicazioni \ spool.exe (Trojan.Agent) -> quarantena ed eliminato con successo.
C: \ Documents and Settings \ LocalService \ Impostazioni locali \ Dati applicazioni \ spool.exe (Trojan.Agent) -> quarantena ed eliminato con successo.
C: \ Documents and Settings \ Danny \ Impostazioni locali \ Dati applicazioni \ spool.exe (Trojan.Agent) -> quarantena ed eliminato con successo.
  #6  
Old 5. Aprile 2008, 00:51
Membro Gruppo
  
Default Più lento e più lento

Oh OK I didnt realizzare ho avuto a pubblicarli tutti insieme. Sorry guys ... Eccoli:

SUPERAntiSpyware Scan Entra
http://www.superantispyware.com
Generata 04/04/2008 alle 10:06 PM
Versione applicazione: 4.0.1154
Core Regole Database Version: 3431
Trace Regole Database Version: 1423
Tipo di scansione: Scansione completa
Totale Scan Time: 01:41:45
Memoria oggetti scanditi: 703
Memoria minacce rilevate: 1
Registro di oggetti scanditi: 5826
Registro di minacce rilevate: 43
File oggetti scanditi: 289779
File minacce rilevate: 158
Adware.Vundo Variante / Resident
C: \ WINDOWS \ SYSTEM32 \ MLJJJ.DLL
C: \ WINDOWS \ SYSTEM32 \ MLJJJ.DLL
Trojan.WinFixer
HKLM \ Software \ Classes \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA)
HKCR \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA)
HKCR \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA) \ InprocServer32
HKCR \ CLSID \ (09888678-51D6-42FC-9437-CBBFDA0B86EA) \ InprocServer32 # ThreadingModel
HKLM \ Software \ Classes \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B)
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B)
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B) \ InprocServer32
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B) \ InprocServer32 # ThreadingModel
C: \ WINDOWS \ SYSTEM32 \ JKKLL.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (09888678-51D6-42FC-9437-CBBFDA0B86EA)
Adware.Vundo Variante
HKLM \ Software \ Classes \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9) \ InprocServer32
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9) \ InprocServer32 # ThreadingModel
C: \ WINDOWS \ SYSTEM32 \ TUVSQPQ.DLL
HKLM \ Software \ Classes \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2) \ InprocServer32
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2) \ InprocServer32 # ThreadingModel
C: \ WINDOWS \ SYSTEM32 \ YAYWUVW.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (D85530E8-D39D-49D0-9F36-300D594556D2)
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
Unclassified.Unknown di origine
HKLM \ Software \ Classes \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ InprocServer32
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ ProgID
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ programmabili
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ TypeLib
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ VersionIndependentProgID
C: \ PROGRA ~ 1 \ DAP \ SBSEARCH.DLL
HKU \ S-1-5-21-73586283-1326574676-839522115-1004 \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ SearchHook.SrchHook.1
HKCR \ SearchHook.SrchHook
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6)
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1,0
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ 0
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ 0 \ win32
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ FLAGS
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ HELPDIR
Adware.Tracking Cookie
C: \ Documents and Settings \ Danny \ cookies \ danny @ sys-servizio [1]. Txt
C: \ Documents and Settings \ Danny \ cookies \ danny @ tribalfusion [1]. Txt
C: \ Documents and Settings \ Danny \ cookies \ danny @ doppio [1]. Txt
C: \ Documents and Settings \ Danny \ cookies \ danny@bs.serving-sys [1]. Txt
C: \ Documents and Settings \ Danny \ cookies \ danny@bs.serving-sys [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@ad.yieldmanager [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@ad.zanox [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ adnetserver [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@ads.alpharooms [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@ads1.alpharooms [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@ads2.alpharooms [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@ads3.alpharooms [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@ads4.alpharooms [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ adultfriendfinder [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ gostats [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ hornymatches [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ indexstats [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ indexstats [3]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ linksynergy [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@media2.mediafileshost [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ Roz @ statcounter [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@statse.webtrendslive [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@tracking.summitmedia.co [1]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@webstats.wthosting.co [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@www.admedia365 [2]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@www.admedia365 [3]. Txt
C: \ Documents and Settings \ Roz \ cookies \ roz@www.hxtrack [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
H: \ Documenti e più recenti Imposta \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Documenti e più recenti Imposta \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Documenti e più recenti Imposta \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
H: \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
Trojan.Unknown di origine
C: \ WINDOWS \ system32 \ nGpxx01
HKLM \ Software \ xpre
HKLM \ Software \ xpre # execount
Adware.VXGame-Trace
HKU \ S-1-5-21-73586283-1326574676-839522115-1005 \ Software \ kernelexe
Adware.Vundo Variante / Rel.
C: \ WINDOWS \ SYSTEM32 \ ACCDD.INI
C: \ WINDOWS \ SYSTEM32 \ ACCDD.INI2
C: \ WINDOWS \ SYSTEM32 \ ILKKJ.INI
C: \ WINDOWS \ SYSTEM32 \ ILKKJ.INI2
C: \ WINDOWS \ SYSTEM32 \ JJJLM.INI
C: \ WINDOWS \ SYSTEM32 \ JJJLM.INI2
C: \ WINDOWS \ SYSTEM32 \ LLKKJ.INI
C: \ WINDOWS \ SYSTEM32 \ LLKKJ.INI2
C: \ WINDOWS \ SYSTEM32 \ LNNMP.INI2
C: \ WINDOWS \ SYSTEM32 \ MCRH.TMP
C: \ WINDOWS \ SYSTEM32 \ RRQSS.INI
C: \ WINDOWS \ SYSTEM32 \ VVVWA.INI2
Adware.Vundo-Variante
C: \ WINDOWS \ SYSTEM32 \ DDCCA.DLL
C: \ WINDOWS \ SYSTEM32 \ SSQRR.DLL
Minaccia Trace.Known Fonti
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ index [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ fondo [2]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_t1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ CAXOO75T.htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ xrest [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ ajax [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ verx [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_brd-top-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ manager [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ errorhandler [2]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i701_line2 [1]. Jpg
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_boton1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ errorhandler [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ niz [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ errorhandler [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \-i53b_btn caratteristiche [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_cor-sinistra-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_icon3 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ cripta [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ finestra [1]. Js
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ pulita [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_bg1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ stats [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ top [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ SDWBGNOV \ main_02 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ CASL6F4X.htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_line2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_cor-destra-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ AHGZAXI5 \ consigliamo [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_icon5 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ stili [5]. Css
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ ZLGK0BFB \ off_2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_bg2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ progressi [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_btn-panoramica [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ indice [5]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ stats [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_bg3 [1]. Jpg
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 8NKJEV4R \ bottom_r_2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ urgente [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ errorhandler [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ AC_RunActiveContent [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ midle [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ stili [2]. Css
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_boton4 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_btn-acquisto [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ spacer [4]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ ajax [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ G92ZKB2T \ marchio [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CX8VSB4B \ bottom_r [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ cripta [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ errsnd [1]. Swf
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CX8VSB4B \ bottom_l [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_brd-top-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ cripta [2]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ AHGZAXI5 \ secpan [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_btn-home [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ CAUJABA1.htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ AC_ActiveX [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_line3 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ chec [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_icon1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ ajax [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_btn-download [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ ZLGK0BFB \ x [2]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ CA3MKJZH.htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_BG [1]. Jpg
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_line1 [1]. Jpg
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_brd-bot-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_pc [1]. Jpg
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_boton2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_brd-bot-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_bg4 [1]. Jpg
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ manager [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_btn aggiornamenti [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ manager [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ UR2NQ1UR \ avviso [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ flash [1]. Js
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_spacer [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ AL6HK9M7 \ main_06 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ head_r_back [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ scudo [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_line3 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i701_boton2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ flash_detect [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ svolgere [1]. Js
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ UR2NQ1UR \ main_10 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ main_05 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ croce [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ G92ZKB2T \ main_07 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ EJ23EDUF \ closebutton [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ 8NKJEV4R \ main_03 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ ban_2 [1]. Swf
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ logo2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ dati [1]. Htm
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ off_back [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ AL6HK9M7 \ download [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ main_04 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ popup [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ left_3 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ bottom_l_2 [1]. Gif
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ Z81HJ8WK \ right_2 [1]. Gif



Malwarebytes' Anti-Malware 1,10
Database versione: 592
Tipo di scansione: Scansione completa (A: \ | C: \ | D: \ | E: \ | H: \ | I: \ | J: \ |)
Oggetti scandita: 336027
Tempo trascorso: 1 ora (s), 8 minuti (s), 1 secondo (s)
Processi di memoria infetti: 5
Moduli di memoria infetti: 0
Chiavi di registro infette: 10
Valori del registro infetti: 7
I dati del Registro di oggetti infetti: 0
Cartelle infette: 0
File infetti: 11
Processi di memoria infetti:
C: \ WINDOWS \ system32 \ drivers \ ctfmon.exe (Trojan.Agent) -> Unloaded processo successo.
C: \ WINDOWS \ system32 \ drivers \ ctfmon.exe (Trojan.Agent) -> Unloaded processo successo.
C: \ Documents and Settings \ Danny \ Impostazioni locali \ Dati applicazioni \ spool.exe (Trojan.Agent) -> Unloaded processo successo.
C: \ Documents and Settings \ Danny \ Impostazioni locali \ Dati applicazioni \ spool.exe (Trojan.Agent) -> Unloaded processo successo.
C: \ Documents and Settings \ Danny \ Impostazioni locali \ Dati applicazioni \ spool.exe (Trojan.Agent) -> Unloaded processo successo.
Moduli di memoria infetti:
(N. oggetti dannosi individuati)
Chiavi di registro infette:
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet001 \ Services \ s chedule (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet002 \ Services \ s chedule (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Accenture es \ calendario (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_CURRENT_USER \ Software \ Microsoft \ affri (Malware.Trace) -> quarantena ed eliminato con successo.
HKEY_CURRENT_USER \ Software \ Microsoft \ affltid (Malware.Trace) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affltid (Malware.Trace) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affri (Malware.Trace) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ MS Juan (Malware.Trace) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> quarantena ed eliminato con successo.
Valori del registro infetti:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ BMafb2445c (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run \ ntuser (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ ntuser (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Run \ ntuser (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Run \ autoload (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run \ autoload (Trojan.Agent) -> quarantena ed eliminato con successo.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ autoload (Trojan.Agent) -> quarantena ed eliminato con successo.
I dati del Registro di oggetti infetti:
(N. oggetti dannosi individuati)
Cartelle infette:
(N. oggetti dannosi individuati)
I file infetti:
C: \ Documents and Settings \ LocalService \ Impostazioni locali \ Temporary Internet Files \ Content.IE5 \ GHIJKLMN \ giri [1]. Jpg (Trojan.Madcode) -> quarantena ed eliminato con successo.
C: \ System Volume Information \ (_Restore B4EDD13F-A6F1-41A1-814E-E5C94DDA45B5) \ RP8 \ A0002994.exe (Trojan.Downloader) -> quarantena ed eliminato con successo.
C: \ WINDOWS \ system32 \ iupdate.exe (Trojan.Madcode) -> quarantena ed eliminato con successo.
C: \ WINDOWS \ system32 \ kchkioor.dll (Trojan.Agent) -> Elimina il riavvio.
C: \ WINDOWS \ system32 \ drivers \ ctfmon.exe (Trojan.Agent) -> quarantena ed eliminato con successo.
C: \ WINDOWS \ system32 \ pac.txt (Malware.Trace) -> quarantena ed eliminato con successo.
C: \ WINDOWS \ system32 \ drivers \ spools.exe (Trojan.Agent) -> quarantena ed eliminato con successo.
C: \ Documents and Settings \ Danny \ cftmon.exe (Trojan.Agent) -> quarantena ed eliminato con successo.
C: \ Documents and Settings \ Roz \ Impostazioni locali \ Dati applicazioni \ spool.exe (Trojan.Agent) -> quarantena ed eliminato con successo.
C: \ Documents and Settings \ LocalService \ Impostazioni locali \ Dati applicazioni \ spool.exe (Trojan.Agent) -> quarantena ed eliminato con successo.
C: \ Documents and Settings \ Danny \ Impostazioni locali \ Dati applicazioni \ spool.exe (Trojan.Agent) -> quarantena ed eliminato con successo.


Logfile di Trend Micro HijackThis v2.0.2
Scan salvato in 08:45:34, a 05/04/2008
Piattaforma: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Processi in esecuzione:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ AMD \ RAIDXpert \ molo \ extra \ win32 \ Wrapper.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
C: \ Program Files \ AMD \ RAIDXpert \ _jvm \ bin \ java.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ WINDOWS \ system32 \ Rundll32.exe
C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe
C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Yop \ yop.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ycommon.exe
C: \ Programmi \ SPAMfighter \ SFAgent.exe
C: \ Program Files \ BT Broadband Desktop Help \ bin \ BTHelpNotifier.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
C: \ Programmi \ SPAMfighter \ sfus.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.EXE
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 4.exe
C: \ WINDOWS \ System32 \ wltrysvc.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ PROGRA ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
C: \ WINDOWS \ System32 \ bcmwltry.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe
C: \ Program Files \ Microsoft IntelliType Pro \ dpupdchk.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ Program Files \ DNA \ btdna.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Yop \ SSDK02.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ WINDOWS \ system32 \ msiexec.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ Program Files \ NETGEAR WG311v2 Adapter \ wlancfg5.exe
C: \ Program Files \ BT Broadband Desktop Help \ bin \ mpbtn.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ javaw.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ ccc.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://news.bbc.co.uk/sport1/hi/football/default.stm
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int Ethernet Impostazioni, ProxyOverride = 127.0.0.1; *. locali
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn0 \ yt.dll
O2 - BHO: (no name) - (3CAB59B4-55A3-4737-9FD5-B93C6430BF75) - C: \ WINDOWS \ system32 \ sjmxcfmu.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn0 \ yt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ Programmi \ Google \ googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ AskSBar \ bar \ 1.bin \ ASKSBAR.DLL
O4 - HKLM \ .. \ Run: [C6501Sound] Rundll32 c6501.cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [btbb_wcm_McciTrayApp] C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
O4 - HKLM \ .. \ Run: [YBrowser] C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe
O4 - HKLM \ .. \ Run: [HPHUPD08] C: \ Program Files \ HP \ Digital Imaging \ (33D6CC28-9F75-4d1b-A11D-98895B3A3729) \ hphupd08.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [MediaLifeService] "C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe"
O4 - HKLM \ .. \ Run: [Samsung LBP SM] "C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe" / autorun
O4 - HKLM \ .. \ Run: [yop] C: \ PROGRA ~ 1 \ Yahoo! \ Yop \ yop.exe / autostart
O4 - HKLM \ .. \ Run: [SPAMfighter Agent] "C: \ Programmi \ SPAMfighter \ SFAgent.exe" aggiornamento ritardo 60
O4 - HKLM \ .. \ Run: [btbb_McciTrayApp] C: \ Program Files \ BT Broadband Desktop Help \ bin \ BTHelpNotifier.exe
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [amd_dc_opt] C: \ Program Files \ AMD \ Dual-Core Optimizer \ amd_dc_opt.exe
O4 - HKLM \ .. \ Run: [HPDJ Taskbar Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 4.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / STARTUP
O4 - HKLM \ .. \ Run: [SideWinderTrayV4] C: \ PROGRA ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / minimizzate
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [swg] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNA \ btdna.exe"
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'SERVIZIO LOCALE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'SERVIZIO LOCALE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'Default user')
O4 - Startup: MP3 Rocket (minima). Lnk = C: \ Program Files \ MP3 Rocket \ MP3Rocket.exe
O4 - Global Startup: BT Broadband Desktop Help.lnk = C: \ Program Files \ BT Broadband Desktop Help \ bin \ matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C: \ Program Files \ NETGEAR WG311v2 Adapter \ wlancfg5.exe
O8 - Extra contesto voce di menu: & Clean Traces - C: \ Program Files \ DAP \ Privacy Package \ dapcleanerie.htm
O8 - Extra contesto voce di menu: & Scarica con & DAP - C: \ Program Files \ DAP \ dapextie.htm
O8 - Extra contesto voce di menu: Scaricare e tutte con DAP - C: \ Program Files \ DAP \ dapextie2.htm
O9 - Extra pulsante: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra pulsante: BT Yahoo! Servizi - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ PROGRA ~ 1 \ Yahoo! \ Common \ yiesrvc.dll
O9 - Extra pulsante: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
Ø16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Program Files \ Yahoo! \ Common \ Yinsthelper20073151.dll
Ø16 - DPF: (6F15128C-E66A-490C-B848-5000B5ABEEAC) (HP Download Manager) -- https: / / h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
Ø16 - DPF: (BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B) (Zylom Games Player) -- http://game07.zylom.com/activex/zylomgamesplayer.cab
Ø16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...nt/swflash.cab
Ø20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
Ø20 - Winlogon Notify: tuvsqpq - tuvsqpq.dll (file mancanti)
Ø20 - Winlogon Notify: yaywuvw - yaywuvw.dll (file mancanti)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Sconosciuto proprietario - C: \ Program Files \ AMD \ RAIDXpert \ molo \ extra \ win32 \ Wrapper.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Ati Hotkey Poller - ATI Technologies Inc. - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown proprietario - C: \ WINDOWS \ system32 \ ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: PML Driver HPZ12 - Sconosciuto proprietario - C: \ WINDOWS \ system32 \ HPZipm12.exe (file mancanti)
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C: \ Programmi \ SPAMfighter \ sfus.exe
O23 - Service: WLTRYSVC - Sconosciuto proprietario - C: \ WINDOWS \ System32 \ wltrysvc.exe
O23 - Service: YPCService - Yahoo! Inc. - C: \ WINDOWS \ system32 \ YPCSER ~ 1.EXE
--
Fine del file - 10856 bytes

Molte grazie
  #7  
Old 5. Aprile 2008, 01:27
Moderatore del Gruppo
  
Default Più lento e più lento

Sembra non vi è stata una partita rimosso, vi sono ancora alcune voci nel discutibile log HijackThis così abbiamo bisogno di eseguire alcuni strumenti diversi.

Scaricare Vundofix.exe sul desktop.
  • Fare doppio clic su VundoFix.exe per eseguirlo.
  • Quando VundoFix si apre, fare clic sul Analisi per l'Vundo pulsante.
  • Una volta fatto la scansione, fare clic sul Rimuovere Vundo pulsante.
  • Si riceverà un prompt che chiede se si desidera rimuovere i file, fare clic su
  • Una volta che si sceglie Sì, il desktop sarà vuoto come inizia la rimozione Vundo.
  • Una volta completato, si chiederà che sarà il vostro computer, fare clic su OK.
  • Trasforma il tuo computer su.
  • Si prega di pubblicare il contenuto di C: \vundofix.txt e un nuovo Log HijackThis.
Nota: E 'possibile che un file VundoFix incontrate non poteva rimuovere. In questo caso, VundoFix si spostano su riavvio, è sufficiente seguire le istruzioni di cui sopra a partire da "Fare clic sul pulsante Scan for Vundo" quando VundoFix apparirà al riavvio.

Si prega di comunicare Vundo finale, a volte si possono prendere più passa

----------

Scaricare SDFix.exe e salvarlo sul desktop.

Fare doppio clic SDFix.exe e si estrarre i file in% systemdrive%
(Unità che contiene la directory di Windows, di solito C: \ SDFix)

Si prega di riavviare il computer in Safe Mode facendo quanto segue:
  • Riavviare il computer
  • Dopo aver sentito il computer una volta durante il segnale acustico di avvio, ma prima di Windows viene visualizzata l'icona, toccare il tasto F8 continuamente;
  • Invece di caricamento di Windows, come normale, il menu Opzioni avanzate dovrebbe apparire;
  • Selezionare la prima opzione, per l'esecuzione di Windows in modalità provvisoria, quindi premere Inserisci.
  • Scegli il tuo conto abituale.
  • Apri la cartella SDFix estratti e fare doppio clic RunThis.bat per avviare lo script.
  • Tipo + + digitare Y per avviare il processo di pulizia.
  • Essa consente di eliminare ogni Servizi di Troia e le voci di registro che si trova quindi richiesto di premere un tasto qualsiasi per riavviare il sistema.
  • Premere un tasto qualsiasi e si riavvia il PC.
  • Quando il PC si riavvia il Fixtool sarà nuovamente e completare il processo di rimozione, quindi, Finito, Premere un tasto qualsiasi per terminare lo script e caricare le icone sul desktop.
  • Una volta che il desktop icone caricare il SDFix relazione si aprirà sullo schermo e salvare nella cartella SDFix Report.txt
    (Report.txt anche essere copiati negli Appunti).
  • Infine aggiungere il contenuto del Report.txt con il prossimo post.
----------

Ora eseguire una nuova scansione HijackThis e post partita di log con gli altri.

Inoltre vorrei sapere come stanno le cose adesso.
__________________
  #8  
Old 5. Aprile 2008, 02:23
Membro Gruppo
  
Default Più lento e più lento

Avanti due OK.

VundoFix V7.0.3
Scan started at 10:07:05 05/04/2008
Elenco dei file trovati durante la scansione ....
C: \ WINDOWS \ system32 \ anthkpru.dll
A partire dal ritiro ...
Il tentativo di eliminare C: \ WINDOWS \ system32 \ anthkpru.dll
C: \ WINDOWS \ system32 \ anthkpru.dll è stato eliminato!
Esecuzione di riparazione per il Registro di sistema.
Fatto!

Logfile di Trend Micro HijackThis v2.0.2
Scan salvato in 10:18:53, a 05/04/2008
Piattaforma: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Processi in esecuzione:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ AMD \ RAIDXpert \ molo \ extra \ win32 \ Wrapper.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
C: \ Program Files \ AMD \ RAIDXpert \ _jvm \ bin \ java.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ WINDOWS \ system32 \ Rundll32.exe
C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ycommon.exe
C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Yop \ yop.exe
C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
C: \ Programmi \ SPAMfighter \ SFAgent.exe
C: \ Programmi \ SPAMfighter \ sfus.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ wltrysvc.exe
C: \ WINDOWS \ System32 \ bcmwltry.exe
C: \ Program Files \ BT Broadband Desktop Help \ bin \ BTHelpNotifier.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.EXE
C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 4.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ PROGRA ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Microsoft IntelliPoint \ dpupdchk.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Yop \ SSDK02.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ Program Files \ DNA \ btdna.exe
C: \ WINDOWS \ system32 \ msiexec.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ ccc.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ BT Broadband Desktop Help \ bin \ mpbtn.exe
C: \ Program Files \ NETGEAR WG311v2 Adapter \ wlancfg5.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ javaw.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://news.bbc.co.uk/sport1/hi/football/default.stm
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int Ethernet Impostazioni, ProxyOverride = 127.0.0.1; *. locali
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn0 \ yt.dll
O2 - BHO: (no name) - (3CAB59B4-55A3-4737-9FD5-B93C6430BF75) - C: \ WINDOWS \ system32 \ sjmxcfmu.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn0 \ yt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ Programmi \ Google \ googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ AskSBar \ bar \ 1.bin \ ASKSBAR.DLL
O4 - HKLM \ .. \ Run: [C6501Sound] Rundll32 c6501.cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [btbb_wcm_McciTrayApp] C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
O4 - HKLM \ .. \ Run: [YBrowser] C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe
O4 - HKLM \ .. \ Run: [HPHUPD08] C: \ Program Files \ HP \ Digital Imaging \ (33D6CC28-9F75-4d1b-A11D-98895B3A3729) \ hphupd08.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [MediaLifeService] "C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe"
O4 - HKLM \ .. \ Run: [Samsung LBP SM] "C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe" / autorun
O4 - HKLM \ .. \ Run: [yop] C: \ PROGRA ~ 1 \ Yahoo! \ Yop \ yop.exe / autostart
O4 - HKLM \ .. \ Run: [SPAMfighter Agent] "C: \ Programmi \ SPAMfighter \ SFAgent.exe" aggiornamento ritardo 60
O4 - HKLM \ .. \ Run: [btbb_McciTrayApp] C: \ Program Files \ BT Broadband Desktop Help \ bin \ BTHelpNotifier.exe
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [amd_dc_opt] C: \ Program Files \ AMD \ Dual-Core Optimizer \ amd_dc_opt.exe
O4 - HKLM \ .. \ Run: [HPDJ Taskbar Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 4.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / STARTUP
O4 - HKLM \ .. \ Run: [SideWinderTrayV4] C: \ PROGRA ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / minimizzate
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [swg] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNA \ btdna.exe"
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'SERVIZIO LOCALE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'SERVIZIO LOCALE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'Default user')
O4 - Startup: MP3 Rocket (minima). Lnk = C: \ Program Files \ MP3 Rocket \ MP3Rocket.exe
O4 - Global Startup: BT Broadband Desktop Help.lnk = C: \ Program Files \ BT Broadband Desktop Help \ bin \ matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C: \ Program Files \ NETGEAR WG311v2 Adapter \ wlancfg5.exe
O8 - Extra contesto voce di menu: & Clean Traces - C: \ Program Files \ DAP \ Privacy Package \ dapcleanerie.htm
O8 - Extra contesto voce di menu: & Scarica con & DAP - C: \ Program Files \ DAP \ dapextie.htm
O8 - Extra contesto voce di menu: Scaricare e tutte con DAP - C: \ Program Files \ DAP \ dapextie2.htm
O9 - Extra pulsante: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra pulsante: BT Yahoo! Servizi - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ PROGRA ~ 1 \ Yahoo! \ Common \ yiesrvc.dll
O9 - Extra pulsante: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
Ø16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Program Files \ Yahoo! \ Common \ Yinsthelper20073151.dll
Ø16 - DPF: (6F15128C-E66A-490C-B848-5000B5ABEEAC) (HP Download Manager) -- https: / / h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
Ø16 - DPF: (BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B) (Zylom Games Player) -- http://game07.zylom.com/activex/zylomgamesplayer.cab
Ø16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...nt/swflash.cab
Ø20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
Ø20 - Winlogon Notify: tuvsqpq - tuvsqpq.dll (file mancanti)
Ø20 - Winlogon Notify: yaywuvw - yaywuvw.dll (file mancanti)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Sconosciuto proprietario - C: \ Program Files \ AMD \ RAIDXpert \ molo \ extra \ win32 \ Wrapper.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Ati Hotkey Poller - ATI Technologies Inc. - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown proprietario - C: \ WINDOWS \ system32 \ ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: PML Driver HPZ12 - Sconosciuto proprietario - C: \ WINDOWS \ system32 \ HPZipm12.exe (file mancanti)
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C: \ Programmi \ SPAMfighter \ sfus.exe
O23 - Service: WLTRYSVC - Sconosciuto proprietario - C: \ WINDOWS \ System32 \ wltrysvc.exe
O23 - Service: YPCService - Yahoo! Inc. - C: \ WINDOWS \ system32 \ YPCSER ~ 1.EXE
--
Fine del file - 10853 bytes
  #9  
Old 5. Aprile 2008, 02:36
Moderatore del Gruppo
  
Default Più lento e più lento

SDFix registro?
__________________
  #10  
Old 5. Aprile 2008, 02:51
Membro Gruppo
  
Default Più lento e più lento

OK SDFix e più tardi da cecchino:

Salute

SDFix: Version 1,166
Gestito da Danny su 05/04/2008 a 10:38
Microsoft Windows XP [Versione 5/1/2600]
Running From: C: \ sdfix \ SDFix
Verifica Servizi :

Ripristino dei Valori del Registro di Windows
Ripristino di file Hosts di Windows di default
Riavvio

Verifica File :
Trojan Files Found:
C: \ WINDOWS \ Temp \ 1852.tmp.lst - Soppresso
C: \ WINDOWS \ Temp \ 2723.tmp.lst - Soppresso
C: \ WINDOWS \ Temp \ 2F76.tmp.lst - Soppresso
C: \ WINDOWS \ Temp \ 541A.tmp.lst - Soppresso
C: \ WINDOWS \ Temp \ 580D.tmp.lst - Soppresso
C: \ WINDOWS \ Temp \ 6E54.tmp.lst - Soppresso
C: \ WINDOWS \ fetchuserid.exe - Soppresso

Cartella C: \ Program Files \ drmupgds - Rimosso

Rimozione di file temporanei
ADS Check :


Verifica finale :
catchme 0.3.1344.2 W2K/XP/Vista - rootkit / stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-05 10:44:19
5/1/2600 Windows Service Pack 2 NTFS
scansione processi nascosti ...
la scansione del sistema e nascosto servizi alveare ...
voci di registro nascosti scansione ...
scansione di file nascosti ...
scansione completata con successo
processi nascosti: 0
hidden services: 0
i file nascosti: 0

Rimanendo Servizi :

Autorizzato Application Key Export:
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servizi es \ sharedaccess \ parameters \ firewallpolicy \ profilo standard \ authorizedapplications \ list]
"C: \ Program Files \ \ BitTorrent \ \ bittorrent.exe" = "C: \ Program Files \ \ BitTorrent \ \ bittorrent.exe: *: Enabled: BitTor affitto"
"C: \ Program Files \ \ DNA \ \ btdna.exe" = "C: \ Program Files \ \ DNA \ \ btdna.exe: *: Enabled: DNA"
"C: \ Program Files \ \ ICQ \ \ Icq.exe" = "C: \ Program Files \ \ ICQ \ \ Icq.exe: *: Enabled: ICQ"
"C: \ Program Files \ \ Yahoo! \ \ Messenger \ \ YahooMessenger.exe" = "C: \ Program Files \ \ Yahoo! \ \ Messenger \ \ YahooMessenger.exe: *: Ena dissanguato: Yahoo! Messenger"
"C: \ Program Files \ \ LimeWire \ \ LimeWire.exe" = "C: \ Program Files \ \ LimeWire \ \ LimeWire.exe: *: Enabled: LimeWire"
"D: \ \ Program Files \ \ Microsoft Games \ Flight Simulator 9 \ \ fs9.exe" = "D: \ \ Program Files \ \ Microsoft Games \ Flight Simulator 9 \ \ fs9.exe: *: Enabled: Microsoft Flight Simulator "
"C: \ WINDOWS \ \ system32 \ \ dpnsvr.exe" = "C: \ WINDOWS \ \ system32 \ \ dpnsvr.exe: *: Enabled: Microsoft DirectPlay8 Server"
"C: \ Program Files \ \ Kontiki \ \ KService.exe" = "C: \ Program Files \ \ Kontiki \ \ KService.exe: *: Enabled: Service Delivery Manager"
"C: \ Program Files \ \ Ubisoft \ \ Gearbox Software \ \ BrothersInArmsEiB \ \ System \ \ EiB.exe" = "C: \ Program Files \ \ Ubisoft \ \ Gearbox Software \ \ BrothersInArmsEiB \ \ System \ \ BEI . exe: *: Ena dissanguato: Brothers In Arms Earned In Blood "
"C: \ \ Valve \ \ Condition Zero \ \ czero.exe" = "C: \ \ Valve \ \ Condition Zero \ \ czero.exe: *: Enabled: Condition Zero Launcher"
"C: \ Program Files \ \ Java \ \ jre1.6.0_04 \ \ bin \ \ javaw.exe" = "C: \ \ Pro gram Files \ \ Java \ \ jre1.6.0_04 \ \ bin \ \ javaw. exe: *: Enabled: Java (TM) Platform SE binario "
"C: \ Program Files \ \ DAP \ \ DAP.exe" = "C: \ Program Files \ \ DAP \ \ DAP.exe: *: Enabled: Download Accelerator Plus (DAP)"
"% windir% \ \ system32 \ \ sessmgr.exe" = "% windir% \ \ sistema m32 \ \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ Program Files \ \ SpeedBit Video Accelerator \ \ VideoAccelerator.exe" = "C: \ Program Files \ \ SpeedBit Video Accelerator \ \ VideoAccelerator.exe: *: Enabled: VideoA ccelerator"
"C: \ Program Files \ \ SpeedBit Video Accelerator \ \ VideoAcceleratorEngine.exe" = "C: \ \ Prog ram Files \ \ SpeedBit Video Accelerator \ \ VideoAcceleratorEngine.exe: *: Enabled: VideoAcceleratorService"
"C: \ Program Files \ \ Java \ \ jre1.6.0_05 \ \ bin \ \ javaw.exe" = "C: \ \ Pro gram Files \ \ Java \ \ jre1.6.0_05 \ \ bin \ \ javaw. exe: *: Enabled: Java (TM) Platform SE binario "
"C: \ Program Files \ \ iTunes \ \ iTunes.exe" = "C: \ Program Files \ \ iTunes \ \ iTunes.exe: *: Enabled: iTunes"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servizi es \ sharedaccess \ parameters \ firewallpolicy \ domainpr ofilo \ authorizedapplications \ list]
"% windir% \ \ system32 \ \ sessmgr.exe" = "% windir% \ \ sistema m32 \ \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
File rimanenti :

Le copie di backup dei file: - C: \ sdfix \ SDFix \ backups \ backups.zip
I file con gli attributi Nascosto :
Martedì 5 febbraio 2008 4.348 A.SH. --- "C: \ Documents and Settings \ All Users \ DRM \ DRMv1.bak"
Lunedì 28 gennaio 2008 0 A.SH. --- "C: \ Documents and Settings \ All Users \ DRM \ Cache \ Indiv01.tmp"
Finito!

e

Logfile di Trend Micro HijackThis v2.0.2
Scan salvato in 10:48:43, a 05/04/2008
Piattaforma: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Processi in esecuzione:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Csrss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ AMD \ RAIDXpert \ molo \ extra \ win32 \ Wrapper.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ Program Files \ AMD \ RAIDXpert \ _jvm \ bin \ java.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
C: \ Programmi \ SPAMfighter \ sfus.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ wltrysvc.exe
C: \ WINDOWS \ System32 \ bcmwltry.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ System32 \ alg.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ WINDOWS \ system32 \ Rundll32.exe
C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ycommon.exe
C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe
C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Yop \ yop.exe
C: \ Programmi \ SPAMfighter \ SFAgent.exe
C: \ Program Files \ BT Broadband Desktop Help \ bin \ BTHelpNotifier.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.EXE
C: \ WINDOWS \ system32 \ msiexec.exe
C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 4.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ PROGRA ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Microsoft IntelliType Pro \ dpupdchk.exe
C: \ PROGRA ~ 1 \ Yahoo! \ Yop \ SSDK02.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ wbem \ wmiprvse.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ DNA \ btdna.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files \ BT Broadband Desktop Help \ bin \ mpbtn.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ Program Files \ NETGEAR WG311v2 Adapter \ wlancfg5.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ javaw.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ ccc.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ WINDOWS \ system32 \ wbem \ wmiprvse.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://news.bbc.co.uk/sport1/hi/football/default.stm
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int Ethernet Impostazioni, ProxyOverride = 127.0.0.1; *. locali
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn0 \ yt.dll
O2 - BHO: (no name) - (3CAB59B4-55A3-4737-9FD5-B93C6430BF75) - C: \ WINDOWS \ system32 \ sjmxcfmu.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn0 \ yt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ Programmi \ Google \ googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ AskSBar \ bar \ 1.bin \ ASKSBAR.DLL
O4 - HKLM \ .. \ Run: [C6501Sound] Rundll32 c6501.cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [btbb_wcm_McciTrayApp] C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
O4 - HKLM \ .. \ Run: [YBrowser] C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe
O4 - HKLM \ .. \ Run: [HPHUPD08] C: \ Program Files \ HP \ Digital Imaging \ (33D6CC28-9F75-4d1b-A11D-98895B3A3729) \ hphupd08.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [MediaLifeService] "C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe"
O4 - HKLM \ .. \ Run: [Samsung LBP SM] "C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe" / autorun
O4 - HKLM \ .. \ Run: [yop] C: \ PROGRA ~ 1 \ Yahoo! \ Yop \ yop.exe / autostart
O4 - HKLM \ .. \ Run: [SPAMfighter Agent] "C: \ Programmi \ SPAMfighter \ SFAgent.exe" aggiornamento ritardo 60
O4 - HKLM \ .. \ Run: [btbb_McciTrayApp] C: \ Program Files \ BT Broadband Desktop Help \ bin \ BTHelpNotifier.exe
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [amd_dc_opt] C: \ Program Files \ AMD \ Dual-Core Optimizer \ amd_dc_opt.exe
O4 - HKLM \ .. \ Run: [HPDJ Taskbar Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 4.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / STARTUP
O4 - HKLM \ .. \ Run: [SideWinderTrayV4] C: \ PROGRA ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / minimizzate
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [swg] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNA \ btdna.exe"
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'SERVIZIO LOCALE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'SERVIZIO LOCALE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'Default user')
O4 - Startup: MP3 Rocket (minima). Lnk = C: \ Program Files \ MP3 Rocket \ MP3Rocket.exe
O4 - Global Startup: BT Broadband Desktop Help.lnk = C: \ Program Files \ BT Broadband Desktop Help \ bin \ matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C: \ Program Files \ NETGEAR WG311v2 Adapter \ wlancfg5.exe
O8 - Extra contesto voce di menu: & Clean Traces - C: \ Program Files \ DAP \ Privacy Package \ dapcleanerie.htm
O8 - Extra contesto voce di menu: & Scarica con & DAP - C: \ Program Files \ DAP \ dapextie.htm
O8 - Extra contesto voce di menu: Scaricare e tutte con DAP - C: \ Program Files \ DAP \ dapextie2.htm
O9 - Extra pulsante: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra pulsante: BT Yahoo! Servizi - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ PROGRA ~ 1 \ Yahoo! \ Common \ yiesrvc.dll
O9 - Extra pulsante: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
Ø16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Program Files \ Yahoo! \ Common \ Yinsthelper20073151.dll
Ø16 - DPF: (6F15128C-E66A-490C-B848-5000B5ABEEAC) (HP Download Manager) -- https: / / h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
Ø16 - DPF: (BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B) (Zylom Games Player) -- http://game07.zylom.com/activex/zylomgamesplayer.cab
Ø16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...nt/swflash.cab
Ø20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
Ø20 - Winlogon Notify: tuvsqpq - tuvsqpq.dll (file mancanti)
Ø20 - Winlogon Notify: yaywuvw - yaywuvw.dll (file mancanti)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Sconosciuto proprietario - C: \ Program Files \ AMD \ RAIDXpert \ molo \ extra \ win32 \ Wrapper.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Ati Hotkey Poller - ATI Technologies Inc. - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown proprietario - C: \ WINDOWS \ system32 \ ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: PML Driver HPZ12 - Sconosciuto proprietario - C: \ WINDOWS \ system32 \ HPZipm12.exe (file mancanti)
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C: \ Programmi \ SPAMfighter \ sfus.exe
O23 - Service: WLTRYSVC - Sconosciuto proprietario - C: \ WINDOWS \ System32 \ wltrysvc.exe
O23 - Service: YPCService - Yahoo! Inc. - C: \ WINDOWS \ system32 \ YPCSER ~ 1.EXE
--
Fine del file - 11044 bytes
Reply
Pagina 1 di 5 1 2345

Register
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Juice.
Contatto -- Privacy -- Mappa del sito -- Superiore

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd. Traduzione italiana SEO by vBSEO © 2009, alla scansione, Inc.