Olimpo Informatico

jackpazzow · Mortale devoto Registrato: 19/10/07 10:54 Messaggi: 5

ciao ragazzi purtroppo mi sono beccato un malware,o spyware

usando Hijackthis mi appare questo log:

Development Company, L.P. - D:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - D:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - D:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Programmi\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Programmi\CyberLink\Shared files\RichVideo.exe

--
End of file - 8574 bytes

qualivoci devo spuntare per poi fare fix cheched?
vi sarò tanto grato,vi prego,aiutatemi
grazie

bdoriano

Ciao jackpazzow, Ciao

Il log che hai postato è incompleto, impossibile da interpretare. Rolling Eyes

Segui le istruzioni di questo topic per postare il log di hijackthis.

PS: se vuoi, puoi presentarti qui

jackpazzow · Mortale devoto Registrato: 19/10/07 10:54 Messaggi: 5

ops
credo di non aver incollato tutto
riguarda qui e fammi sapere
grazie mille sei gentilissimo

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11.57.30, on 19/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
D:\Programmi\Eset\nod32krn.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Programmi\CyberLink\Shared files\RichVideo.exe
D:\WINDOWS\system32\svchost.exe
D:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
D:\WINDOWS\Explorer.EXE
D:\Programmi\Video Add-on\icthis.exe
D:\Programmi\Video Add-on\isfmntr.exe
D:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
D:\Programmi\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
D:\Programmi\Synaptics\SynTP\SynTPEnh.exe
D:\Programmi\Eset\nod32kui.exe
D:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
D:\Programmi\iTunes\iTunesHelper.exe
D:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
D:\Programmi\Macrogaming\SweetIM\SweetIM.exe
D:\Programmi\Video Add-on\icmntr.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Programmi\Video Add-on\isfmm.exe
D:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
D:\Programmi\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
D:\Programmi\iPod\bin\iPodService.exe
D:\PROGRA~1\WIDCOMM\SOFTWA~1\BTSTAC~1.EXE
D:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
D:\WINDOWS\system32\wuauclt.exe
D:\Programmi\MSN Messenger\usnsvc.exe
D:\Programmi\Internet Explorer\iexplore.exe
D:\Documents and Settings\JackPazzow\Desktop\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - D:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - D:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {CFE15135-C591-4000-A55E-A50E5F9F82BC} - D:\Programmi\Video Add-on\isfmdl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmi\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - D:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O3 - Toolbar: IE Custom Tools - {23ED2206-856D-461A-BBCF-1C2466AC5AE3} - D:\Programmi\Video Add-on\ictmdl.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SynTPEnh] D:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [nod32kui] "D:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [RemoteControl] D:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] D:\Programmi\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SweetIM] D:\Programmi\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] ~"D:\Programmi\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SweetIM] D:\Programmi\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] D:\Programmi\Video Add-on\icthis.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] D:\Programmi\Video Add-on\isfmntr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = D:\Programmi\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - D:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: celtiberi - {7999c5e2-b500-4ba5-8e9a-99639eca65fc} - D:\WINDOWS\system32\mxhfjy.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - D:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - D:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - D:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Programmi\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Programmi\CyberLink\Shared files\RichVideo.exe

--
End of file - 8777 bytes

bdoriano

Scarica ComboFix e salvalo sul desktop
avvialo e segui le istruzioni a video.
durante la scansione non usare il PC, altrimenti c'è il rischio di blocco.
finita la scansione, il tool aprirà il blocco note con dentro il logfile. copia il suo contenuto e mettilo qui.

jackpazzow · Mortale devoto Registrato: 19/10/07 10:54 Messaggi: 5

ComboFix 07-10-19.1 - JackPazzow 2007-10-19 12.24.46.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.526 [GMT 2:00]
Running from: D:\Documents and Settings\JackPazzow\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\Programmi\AntiVirGear 3.8
D:\Programmi\AntiVirGear 3.8\vpp.ini
D:\WINDOWS\system32\mxhfjy.dll

.
((((((((((((((((((((((((( Files Created from 2007-09-19 to 2007-10-19 )))))))))))))))))))))))))))))))
.

2007-10-19 12:23 51,200 --a------ D:\WINDOWS\NirCmd.exe
2007-10-19 09:21 <DIR> d-a------ D:\Documents and Settings\All Users\Dati applicazioni\TEMP
2007-10-19 09:20 <DIR> d-------- D:\Programmi\Video Add-on
2007-10-13 19:28 <DIR> d-------- D:\Programmi\Riva
2007-10-06 10:06 <DIR> d-------- D:\Programmi\Dofus
2007-09-29 11:54 12,160 --a------ D:\WINDOWS\system32\drivers\mouhid.sys
2007-09-29 11:54 12,160 --a--c--- D:\WINDOWS\system32\dllcache\mouhid.sys
2007-09-29 11:53 9,600 --a------ D:\WINDOWS\system32\drivers\hidusb.sys
2007-09-29 11:53 9,600 --a--c--- D:\WINDOWS\system32\dllcache\hidusb.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-19 09:38 --------- d-----w D:\Programmi\eMule
2007-10-13 16:39 92,728 ----a-w D:\WINDOWS\system32\bass.dll
2007-10-13 16:39 --------- d-----w D:\Programmi\You Ripper
2007-10-07 09:41 --------- d-----w D:\Programmi\mIRC
2007-09-15 21:01 --------- d-----w D:\Documents and Settings\JackPazzow\Dati applicazioni\U3
2007-09-15 15:31 --------- d-----w D:\Documents and Settings\JackPazzow\Dati applicazioni\VoipStunt
2007-09-08 18:19 --------- d-----w D:\Programmi\File comuni\Adobe
2007-08-25 13:16 --------- d-----w D:\Programmi\VoipStunt.com
2007-07-30 17:19 92,504 ----a-w D:\WINDOWS\system32\cdm.dll
2007-07-30 17:19 549,720 ----a-w D:\WINDOWS\system32\wuapi.dll
2007-07-30 17:19 53,080 ----a-w D:\WINDOWS\system32\wuauclt.exe
2007-07-30 17:19 43,352 ----a-w D:\WINDOWS\system32\wups2.dll
2007-07-30 17:19 325,976 ----a-w D:\WINDOWS\system32\wucltui.dll
2007-07-30 17:19 203,096 ----a-w D:\WINDOWS\system32\wuweb.dll
2007-07-30 17:19 1,712,984 ----a-w D:\WINDOWS\system32\wuaueng.dll
2007-07-30 17:18 33,624 ----a-w D:\WINDOWS\system32\wups.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{23ED2206-856D-461A-BBCF-1C2466AC5AE3}"= D:\Programmi\Video Add-on\ictmdl.dll [2007-10-19 09:20 78336]

[HKEY_CLASSES_ROOT\CLSID\{23ED2206-856D-461A-BBCF-1C2466AC5AE3}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{23ED2206-856D-461A-BBCF-1C2466AC5AE3}"= D:\Programmi\Video Add-on\ictmdl.dll [2007-10-19 09:20 78336]

[HKEY_CLASSES_ROOT\CLSID\{23ED2206-856D-461A-BBCF-1C2466AC5AE3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="D:\WINDOWS\system32\NvCpl.dll" [2006-04-26 19:48]
"QlbCtrl"="D:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 10:58]
"hpWirelessAssistant"="D:\Programmi\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-01-10 15:13]
"SynTPEnh"="D:\Programmi\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 14:36]
"nod32kui"="D:\Programmi\Eset\nod32kui.exe" [2007-06-27 10:22]
"RemoteControl"="D:\Programmi\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 21:01]
"LanguageShortcut"="D:\Programmi\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 16:21]
"QuickTime Task"="D:\Programmi\QuickTime\qttask.exe" [2007-04-27 09:41]
"iTunesHelper"="D:\Programmi\iTunes\iTunesHelper.exe" [2007-06-01 16:51]
"Adobe Photo Downloader"="D:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-07 18:41]
"SweetIM"="D:\Programmi\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 16:53]
"Adobe Reader Speed Launcher"="D:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-30 22:00]
"swg"="D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-24 20:44]
"Yahoo! Pager"="~D:\Programmi\Yahoo!\Messenger\YahooMessenger.exe" []
"SweetIM"="D:\Programmi\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 16:53]

D:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
BTTray.lnk - D:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe [2006-05-12 13:33:22]
HP Pavilion Webcam Tray Icon.lnk - D:\Programmi\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe [2007-06-27 09:54:38]

R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};\??\D:\Programmi\CyberLink\PowerDVD\000.fcl
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC);D:\WINDOWS\system32\DRIVERS\snp2uvc.sys

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f780d6b-2533-11dc-93b3-0016d31c5fc3}]
AutoRun\command - F:\LaunchU3.exe -a

.
Contents of the 'Scheduled Tasks' folder
"2007-10-12 19:52:00 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-19 12:27:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-19 12:29:08 - machine was rebooted
.
--- E O F ---

bdoriano

Scarica SmitfraudFix.exe sul desktop (forse dovrai disabilitare il tuo antivirus per poterlo fare).
Disabilita il ripristino di sistema e avvia il pc in modalità provvisoria
Chiudi tutte le eventuali applicazioni aperte
Doppio click sull'icona di SmitfraudFix.exe che hai salvato sul desktop
Comparirà una schermata con i credits, premi un tasto qualsiasi per andare avanti.
A questo punto, comparirà un menù, premi il tasto 2 e invio per scegliere l'opzione Clean (safe mode recommended)
Al termine dell'operazione (ci vorrà del tempo, rilassati), partirà in automatico la procedura per la pulizia dei files temporanei.
Subito dopo, ti verrà chiesto se vuoi procedere con la pulizia del registro Do you want to clean the registry ? (y/n), ovviamente, premi Y e invio.
Alla fine ti viene chiesto di riavviare il pc.
Posta un log aggiornato di hijackthis.

jackpazzow · Mortale devoto Registrato: 19/10/07 10:54 Messaggi: 5

scusa se ti rispondo tardi ma sono dovuto uscire
cmq è strano,da quando ho usato combofix i problemi sono spariti
anche dopo avver riavviato il pc
ke faccio?
lascio così o secondo te è meglio continuare perchè magari in futuro rispunteranno dal nulla li effetti del malware?

bdoriano

Combofix ha sistemato qualcosa, ma è meglio continuare perché mi sembra ci siano altre presenze. Wink

jackpazzow · Mortale devoto Registrato: 19/10/07 10:54 Messaggi: 5

bene
in effetti per due volte in circa 3 ore mi è apparso l'avviso di avast ke c'avevo un virus
ok continuiamo,però domani perchè ora son stanco
dopo ke faccio tutto quello ke mi hai spiegato qui su ti farò sapere
grazie mille,a poi