|
| Precedente :: Successivo |
| Autore |
Messaggio |
Dink the Boss
Eroe in grazia degli dei
Registrato: 03/07/06 10:33
Messaggi: 136
|
 Inviato: 22 Dic 2007 19:40 Oggetto: Problemi...virus...trojan. |
 |
|
Ciao a tutti, come al solito..siete la mia salvezza ^^
Nella cartella system32 ho i seguenti file che non riesco a cancellare ne con avenger, ne con hijack.
Come posso fare?
Could not open file C:\WINDOWS\system32\atmfdu.dll for deletion
Deletion of file C:\WINDOWS\system32\atmfdu.dll failed!
Could not open file C:\WINDOWS\system32\dlldesktopt.dll for deletion
Deletion of file C:\WINDOWS\system32\dlldesktopt.dll failed!
Could not process line:
C:\WINDOWS\system32\dlldesktopt.dll
Status: 0xc0000022
Could not open file C:\WINDOWS\system32\dlldesktopt.dll.bak for deletion
Deletion of file C:\WINDOWS\system32\dlldesktopt.dll.bak failed!
Could not process line:
C:\WINDOWS\system32\dlldesktopt.dll.bak
Status: 0xc0000022
Could not open file C:\WINDOWS\system32\~.exe for deletion
Deletion of file C:\WINDOWS\system32\~.exe failed!
Could not process line:
C:\WINDOWS\system32\~.exe
Status: 0xc0000022
TROJAN HORSE BHO.CVX e Packed.Morphine.d |
|
| Top |
|
 |
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 22 Dic 2007 19:45 Oggetto: |
|
|
Ciao Dink the Boss, 
Se non riesci a cancellarli, probabilmente c'è qualche processo che blocca l'operazione di eliminazione. Si deve, prima, verificare qual'è il processo, stopparlo/killarlo e eliminare i files suddetti (+ tutti quelli sospetti).
In poche parole, fai questa scansione con SystemScan e posta il log su FreeFileHosting come indicato qui.  |
|
| Top |
|
|
Dink the Boss
Eroe in grazia degli dei
Registrato: 03/07/06 10:33
Messaggi: 136
|
| Inviato: 22 Dic 2007 19:45 Oggetto: |
|
|
questo è il log di hijack.
| Codice: | Logfile of HijackThis v1.99.1
Scan saved at 18.45.27, on 22/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
C:\PROGRA~1\FILECO~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Sony\VAIO Power Management\SPMgr.exe
C:\Programmi\Nortek Mouse Application\MouseDrv.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
D:\Programmi\Microsoft ActiveSync\wcescomm.exe
C:\Programmi\Stardock\ObjectDock\ObjectDock.exe
D:\PROGRA~1\MICROS~1\rapimgr.exe
C:\PROGRA~1\Grisoft\AVG7\avgwb.dat
C:\Programmi\Spybot - Search & Destroy\SpybotSD.exe
C:\Programmi\Winamp\Winamp.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\Laerzio\Documenti\UTILITY CONTRO I VIRUS\HijackThis.exe
C:\Programmi\Spybot - Search & Destroy\SDUpdate.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programmi\MegauploadToolbar\megauploadtoolbar.dll
O2 - BHO: (no name) - {4EED9E93-466A-462E-BFEC-8C97293B4E68} - c:\windows\system32\dlldesktopt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {942484C2-AE64-4CBA-A330-F5A726A0ADEA} - C:\WINDOWS\system32\atmfdu.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: IeMonitorBho Class - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Programmi\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: IEPlugin Class - {CF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Programmi\Advanced System Optimizer\IEHelper.dll
O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programmi\MegauploadToolbar\megauploadtoolbar.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Programmi\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Programmi\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programmi\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [WireLessMouse] C:\Programmi\Nortek Mouse Application\MouseDrv.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [LogonStudio] "C:\Programmi\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [LXDDCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Programmi\Microsoft ActiveSync\wcescomm.exe"
O4 - Startup: Stardock ObjectDock.lnk = C:\Programmi\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: &Download with &DAP - C:\Programmi\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Programmi\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferito portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\programmi\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://d1nkroadcriminal.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{06667EB8-D3CB-4BA4-B07C-B375363A2988}: NameServer = 192.168.1.1,192.168.1.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{06667EB8-D3CB-4BA4-B07C-B375363A2988}: NameServer = 192.168.1.1,192.168.1.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{06667EB8-D3CB-4BA4-B07C-B375363A2988}: NameServer = 192.168.1.1,192.168.1.2
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: hsidcqzb - C:\WINDOWS\SYSTEM32\dlldesktopt.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\FILECO~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WBSrv - C:\Programmi\Stardock\Object Desktop\WindowBlinds\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Programmi\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Programmi\File comuni\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Programmi\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Alias ImageStudio Render Queue (renderqueue) - Unknown owner - C:\Programmi\Alias\ImageStudio3.0\bin\renderqueue.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programmi\Windows Live\installer\WLSetupSvc.exe
|
|
|
| Top |
|
|
Dink the Boss
Eroe in grazia degli dei
Registrato: 03/07/06 10:33
Messaggi: 136
|
| Inviato: 22 Dic 2007 19:46 Oggetto: |
|
|
| bdoriano ha scritto: | Ciao Dink the Boss,
Se non riesci a cancellarli, probabilmente c'è qualche processo che blocca l'operazione di eliminazione. Si deve, prima, verificare qual'è il processo, stopparlo/killarlo e eliminare i files suddetti (+ tutti quelli sospetti).
In poche parole, fai questa scansione con SystemScan e posta il log su FreeFileHosting come indicato qui. |
perfetto faccio subito grazie mille  |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 22 Dic 2007 19:48 Oggetto: |
|
|
Paripost! 
Ciao Dink the Boss,
Se non riesci a cancellarli, probabilmente c'è qualche processo che blocca l'operazione di eliminazione. Si deve, prima, verificare qual'è il processo, stopparlo/killarlo e eliminare i files suddetti (+ tutti quelli sospetti).
aggiunta:
fai prima una passata con ComboFix, come indicato qui.
In poche parole, fai questa scansione con SystemScan e posta il log su FreeFileHosting come indicato qui. |
|
| Top |
|
|
Dink the Boss
Eroe in grazia degli dei
Registrato: 03/07/06 10:33
Messaggi: 136
|
| Inviato: 22 Dic 2007 22:21 Oggetto: |
|
|
Ecco il mio report.
GRAZIE MILLE
http://www.freefilehosting.net/download/39cg1 |
|
| Top |
|
|
Dink the Boss
Eroe in grazia degli dei
Registrato: 03/07/06 10:33
Messaggi: 136
|
| Inviato: 23 Dic 2007 00:17 Oggetto: |
|
|
Questo invece è il logo di COMBOFIX
Ancora grazie mille 
| Codice: | ComboFix 07-12-23.1 - Laerzio 2007-12-22 22.48.49.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.888 [GMT 1:00]
Eseguito da: C:\Documents and Settings\Laerzio\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Programmi\uusee
C:\Programmi\uusee\AD\1\000\index_new.html
C:\Programmi\uusee\AD\1\000\uue_new.jpg
C:\Programmi\uusee\AD\1\001\index_new.html
C:\Programmi\uusee\AD\1\001\uue_new.jpg
C:\Programmi\uusee\AD\1\cy\cy.html
C:\Programmi\uusee\AD\1\dm\dm.html
C:\Programmi\uusee\AD\1\dsj\dsj.html
C:\Programmi\uusee\AD\1\dst\dst.html
C:\Programmi\uusee\AD\1\dy\dy.html
C:\Programmi\uusee\AD\1\jk\jk.html
C:\Programmi\uusee\AD\1\ty\ty.html
C:\Programmi\uusee\AD\1\uu\uu.html
C:\Programmi\uusee\AD\1\yl\yl.html
C:\Programmi\uusee\AD\1\yx\yx1.html
C:\Programmi\uusee\AD\2\200\index.html
C:\Programmi\uusee\AD\UUAD_Banner.gif
C:\Programmi\uusee\AD\UUAD_Banner.html
C:\Programmi\uusee\AD\UUAD_Banner_1.html
C:\Programmi\uusee\AD\UUAD_Banner_3.html
C:\Programmi\uusee\AD\UUAD_Buffering.html
C:\Programmi\uusee\AD\UUAD_Buffering.jpg
C:\Programmi\uusee\AD\UUAD_TextLink_0.xml
C:\Programmi\uusee\ARMP.ocx
C:\Programmi\uusee\ARMPD.dll
C:\Programmi\uusee\check_cmd.exe
C:\Programmi\uusee\flvplayer.swf
C:\Programmi\uusee\in_psp.dll
C:\Programmi\uusee\MultiVMR9.dll
C:\Programmi\uusee\out_mmshttp.dll
C:\Programmi\uusee\rmsp011.ax
C:\Programmi\uusee\skins\UUPlayer\About.bmp
C:\Programmi\uusee\skins\UUPlayer\Control_Button_pause_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Control_Button_pause_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Control_Button_pause_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Control_Button_pause_4.bmp
C:\Programmi\uusee\skins\UUPlayer\Control_Button_Recording_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Control_Button_Recording_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Control_Button_Recording_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_4.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_C1.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_C2.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_C3.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_CheckBox_C4.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_ComboBox_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_ComboBox_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_ComboBox_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_ComboBox_4.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_Edit_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_Edit_4.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_PushButton_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_PushButton_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_PushButton_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_PushButton_4.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_4.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_C1.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_C2.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_C3.bmp
C:\Programmi\uusee\skins\UUPlayer\Ctrl_RadioButton_C4.bmp
C:\Programmi\uusee\skins\UUPlayer\Dlg_Back.bmp
C:\Programmi\uusee\skins\UUPlayer\Dlg_Detect.bmp
C:\Programmi\uusee\skins\UUPlayer\Dlg_Frame_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Dlg_Frame_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Dlg_Frame_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Dlg_Record_Task_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Icon_Information.bmp
C:\Programmi\uusee\skins\UUPlayer\Icon_Question.bmp
C:\Programmi\uusee\skins\UUPlayer\Icon_Stop.bmp
C:\Programmi\uusee\skins\UUPlayer\ListHeader_1.bmp
C:\Programmi\uusee\skins\UUPlayer\ListHeader_2.bmp
C:\Programmi\uusee\skins\UUPlayer\ListHeader_3.bmp
C:\Programmi\uusee\skins\UUPlayer\ListHeader_ArrowD.bmp
C:\Programmi\uusee\skins\UUPlayer\ListHeader_ArrowU.bmp
C:\Programmi\uusee\skins\UUPlayer\ListHeader_SP.bmp
C:\Programmi\uusee\skins\UUPlayer\Play_Window_Rec_icon.bmp
C:\Programmi\uusee\skins\UUPlayer\Progressbar_Block_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Progressbar_Block_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Progressbar_Block_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Progressbar_Block_4.bmp
C:\Programmi\uusee\skins\UUPlayer\Resource.h
C:\Programmi\uusee\skins\UUPlayer\Setting_Group_1_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Setting_Group_1_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Setting_Group_1_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Setting_Group_2_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Setting_Group_2_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Setting_Group_2_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Setting_Group_3_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Setting_Group_3_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Setting_Group_3_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Sidebar_Button_1_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Sidebar_Button_1_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Sidebar_Button_1_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Sidebar_Group_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Sidebar_Group_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Sidebar_Group_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Sidebar_Group_x1.bmp
C:\Programmi\uusee\skins\UUPlayer\Sidebar_Group_x2.bmp
C:\Programmi\uusee\skins\UUPlayer\Sidebar_Group_x3.bmp
C:\Programmi\uusee\skins\UUPlayer\Titlebar_button_Res_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Titlebar_button_Res_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Titlebar_button_Res_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Toolbar_Button_Compact_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Toolbar_Button_Compact_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Toolbar_Button_Compact_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Toolbar_Button_FullScreen_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Toolbar_Button_FullScreen_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Toolbar_Button_FullScreen_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Toolbar_Button_TopMost_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Toolbar_Button_TopMost_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Toolbar_Button_TopMost_3.bmp
C:\Programmi\uusee\skins\UUPlayer\TopTab_Browse.bmp
C:\Programmi\uusee\skins\UUPlayer\TopTab_Browse1.bmp
C:\Programmi\uusee\skins\UUPlayer\TopTab_Play.bmp
C:\Programmi\uusee\skins\UUPlayer\TopTab_Play1.bmp
C:\Programmi\uusee\skins\UUPlayer\TopTab_Record.bmp
C:\Programmi\uusee\skins\UUPlayer\TopTab_Record1.bmp
C:\Programmi\uusee\skins\UUPlayer\Tree_Arrow.bmp
C:\Programmi\uusee\skins\UUPlayer\Tree_Collapse.bmp
C:\Programmi\uusee\skins\UUPlayer\Tree_Expand.bmp
C:\Programmi\uusee\skins\UUPlayer\Tree_Header.bmp
C:\Programmi\uusee\skins\UUPlayer\Tree_ScrollBar_D.bmp
C:\Programmi\uusee\skins\UUPlayer\Tree_ScrollBar_H.bmp
C:\Programmi\uusee\skins\UUPlayer\Tree_ScrollBar_N.bmp
C:\Programmi\uusee\skins\UUPlayer\Tree_ScrollBar_S.bmp
C:\Programmi\uusee\skins\UUPlayer\Tree_ScrollBarThumb_D.bmp
C:\Programmi\uusee\skins\UUPlayer\Tree_ScrollBarThumb_H.bmp
C:\Programmi\uusee\skins\UUPlayer\Tree_ScrollBarThumb_N.bmp
C:\Programmi\uusee\skins\UUPlayer\Tree_ScrollBarThumb_S.bmp
C:\Programmi\uusee\skins\UUPlayer\Tree_SortIconDown.bmp
C:\Programmi\uusee\skins\UUPlayer\Tree_SortIconUp.bmp
C:\Programmi\uusee\skins\UUPlayer\UUSEE.ui
C:\Programmi\uusee\skins\UUPlayer\Volume_Bar_Block_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Volume_Bar_Block_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Volume_Bar_Block_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Volume_Button_2_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Volume_Button_2_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Volume_Button_2_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Browser_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Browser_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Browser_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_ChannelInfo.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_ChannelInfo_5.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Control_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Control_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Control_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Control_4.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Main_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Main_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Main_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Main_5.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Play_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Record_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Record_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Record_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Record_4.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Setting_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Setting_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Setting_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Side_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Side_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Side_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Toolbar_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Toolbar_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Toolbar_3.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Toolbar_4.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Top_1.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Top_2.bmp
C:\Programmi\uusee\skins\UUPlayer\Wnd_Top_3.bmp
C:\Programmi\uusee\u264Dec.ax
C:\Programmi\uusee\UFDeMux.ax
C:\Programmi\uusee\uninst.exe
C:\Programmi\uusee\updateC2.ocx
C:\Programmi\uusee\UUPlayer.dll
C:\Programmi\uusee\UUPlayer.ocx
C:\Programmi\uusee\UUPlayer_update.ini
C:\Programmi\uusee\UUSee.url
C:\Programmi\uusee\uusee_video.dll
C:\Programmi\uusee\UUSEEAudioDec.ax
C:\Programmi\uusee\UUSeePlayer.exe
C:\Programmi\uusee\UUSEETemp\~181014031.tmp
C:\Programmi\uusee\UUSEETemp\~181274500.tmp
C:\Programmi\uusee\UUSEETemp\ARMPD.dll
C:\Programmi\uusee\UUSEETemp\check_cmd.exe
C:\Programmi\uusee\UUSEETemp\Control_Button_Compact_1.bmp
C:\Programmi\uusee\UUSEETemp\Control_Button_Compact_2.bmp
C:\Programmi\uusee\UUSEETemp\Control_Button_Compact_3.bmp
C:\Programmi\uusee\UUSEETemp\Control_Button_FullScreen_1.bmp
C:\Programmi\uusee\UUSEETemp\Control_Button_FullScreen_2.bmp
C:\Programmi\uusee\UUSEETemp\Control_Button_FullScreen_3.bmp
C:\Programmi\uusee\UUSEETemp\in_psp.dll
C:\Programmi\uusee\UUSEETemp\out_mmshttp.dll
C:\Programmi\uusee\UUSEETemp\Progressbar_BM_0.bmp
C:\Programmi\uusee\UUSEETemp\Progressbar_BM_1.bmp
C:\Programmi\uusee\UUSEETemp\Progressbar_BM_2.bmp
C:\Programmi\uusee\UUSEETemp\Progressbar_BM_3.bmp
C:\Programmi\uusee\UUSEETemp\Progressbar_BM_4.bmp
C:\Programmi\uusee\UUSEETemp\Progressbar_BM_5.bmp
C:\Programmi\uusee\UUSEETemp\Progressbar_BM_6.bmp
C:\Programmi\uusee\UUSEETemp\Progressbar_BM_7.bmp
C:\Programmi\uusee\UUSEETemp\Resource.h
C:\Programmi\uusee\UUSEETemp\Tree_Collapse.bmp
C:\Programmi\uusee\UUSEETemp\Tree_Expand.bmp
C:\Programmi\uusee\UUSEETemp\Tree_ScrollBar_D.bmp
C:\Programmi\uusee\UUSEETemp\Tree_ScrollBar_H.bmp
C:\Programmi\uusee\UUSEETemp\Tree_ScrollBar_N.bmp
C:\Programmi\uusee\UUSEETemp\Tree_ScrollBar_S.bmp
C:\Programmi\uusee\UUSEETemp\Tree_ScrollBarThumb_D.bmp
C:\Programmi\uusee\UUSEETemp\Tree_ScrollBarThumb_H.bmp
C:\Programmi\uusee\UUSEETemp\Tree_ScrollBarThumb_N.bmp
C:\Programmi\uusee\UUSEETemp\Tree_ScrollBarThumb_S.bmp
C:\Programmi\uusee\UUSEETemp\UUPlayer.dll
C:\Programmi\uusee\UUSEETemp\UUPlayer.ocx
C:\Programmi\uusee\UUSEETemp\UUSEE.ui
C:\Programmi\uusee\UUSEETemp\What's new.mht
C:\Programmi\uusee\UUSEETemp\Wnd_Control_1.bmp
C:\Programmi\uusee\UUSEETemp\Wnd_Control_2.bmp
C:\Programmi\uusee\UUSEETemp\Wnd_Control_3.bmp
C:\Programmi\uusee\UUSEETemp\Wnd_Control_4.bmp
C:\Programmi\uusee\UUSEETemp\Wnd_Info.bmp
C:\Programmi\uusee\UUSEETemp\Wnd_Play_2.bmp
C:\Programmi\uusee\UUSEETemp\Wnd_Play_5.bmp
C:\Programmi\uusee\UUTV.xml
C:\Programmi\uusee\UUTV_MY.xml
C:\Programmi\uusee\UUUpgrade.exe
C:\Programmi\uusee\UUUpgrade.ini
C:\Programmi\uusee\UUUpgrade.ocx
C:\Programmi\uusee\vermini.ini
C:\Programmi\uusee\vermini_x.ini
C:\Programmi\uusee\vermini_x1.ini
C:\Programmi\uusee\What's new.txt
C:\WINDOWS\recover.reg
C:\WINDOWS\system32\pskill.exe
C:\WINDOWS\system32\~.exe . . . . Eliminazione Fallita
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_IPRIP
-------\Iprip
((((((((((((((((((((((((( Files Creati Da 2007-11-23 al 2007-12-23 )))))))))))))))))))))))))))))))))))
.
2007-12-22 18:14 . 2007-12-22 18:14 629 --a------ C:\WINDOWS\system32\Collegamento a dlldesktopt.dll.bak.lnk
2007-12-22 18:13 . 2007-12-22 18:13 609 --a------ C:\WINDOWS\system32\Collegamento a dlldesktopt.dll.lnk
2007-12-21 18:12 . 2007-12-21 18:12 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\nView_Profiles
2007-12-21 18:00 . 2005-06-12 23:16 176,128 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-12-21 18:00 . 2007-12-23 23:11 27,588 --a------ C:\WINDOWS\system32\nvapps.xml
2007-12-21 18:00 . 2005-06-12 23:16 14,757 --a------ C:\WINDOWS\system32\nvdisp.nvu
2007-12-21 17:25 . 2007-12-21 17:25 <DIR> d-------- C:\Programmi\SystemRequirementsLab
2007-12-21 12:56 . 2007-12-21 12:56 3,072,054 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
2007-12-21 12:56 . 2007-12-21 12:56 52,890 --a------ C:\WINDOWS\BricoPackUninst.cmd
2007-12-21 12:47 . 2007-12-21 12:47 <DIR> d-------- C:\WINDOWS\BricoPacks
2007-12-21 12:47 . 2007-12-21 12:56 6,118 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-12-21 12:42 . 2007-12-21 13:39 <DIR> d-------- C:\Programmi\Styler
2007-12-20 16:34 . 2007-12-20 16:34 <DIR> d-------- C:\Programmi\Winamp Desk Band
2007-12-19 22:29 . 2007-12-19 22:29 <DIR> d-------- C:\Programmi\EA GAMES
2007-12-19 19:53 . 2007-12-19 19:53 <DIR> d-------- C:\CtDriverInstTemp
2007-12-19 19:52 . 2007-12-19 19:53 <DIR> d-------- C:\WebCamGo
2007-12-19 12:58 . 2006-09-28 16:05 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-12-18 01:16 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2007-12-18 01:16 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2007-12-18 01:16 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2007-12-18 01:16 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2007-12-18 01:16 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2007-12-18 01:16 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2007-12-18 01:16 . 2003-11-04 15:11 159,744 --a------ C:\WINDOWS\system32\lfpng13n.dll
2007-12-18 01:16 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2007-12-18 01:16 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2007-12-15 23:27 . 2007-12-15 23:27 19,456 --a------ C:\WINDOWS\system32\drivers\yfyxvpim.dat
2007-12-13 22:43 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2007-12-13 22:39 . 2007-11-11 02:11 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-12-13 22:39 . 2007-11-11 02:11 548,864 --a------ C:\WINDOWS\system32\msvcp80.dll
2007-12-13 22:39 . 2007-11-11 02:11 479,232 --a------ C:\WINDOWS\system32\msvcm80.dll
2007-12-13 22:18 . 2007-12-13 22:18 <DIR> d-------- C:\Programmi\Eidos
2007-12-13 21:39 . 2007-12-13 21:39 <DIR> d-------- C:\WINDOWS\system32\xlive
2007-12-13 21:39 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-12-13 21:39 . 2007-03-12 16:42 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2007-12-13 21:39 . 2007-03-15 16:57 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2007-12-13 21:39 . 2007-04-04 18:53 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-12-13 18:10 . 2007-12-13 18:10 1,188,375 --a------ C:\WINDOWS\system32\libeay32.dll
2007-12-13 18:10 . 2007-12-13 18:10 741,632 --a------ C:\WINDOWS\system32\hiuyyymt.dat
2007-12-13 18:10 . 2007-12-13 18:10 246,545 --a------ C:\WINDOWS\system32\libssl32.dll
2007-12-13 18:10 . 2007-12-18 21:19 42,240 --a------ C:\WINDOWS\system32\hopjeokm.dat
2007-12-13 18:10 . 2007-12-14 20:45 36,096 --a------ C:\WINDOWS\system32\sbphutiz.dat
2007-12-13 18:10 . 2007-12-13 18:10 35,072 --a------ C:\WINDOWS\system32\tvcwqilp.dat
2007-12-13 01:03 . 2007-12-13 01:03 5,120 --ahs---- C:\WINDOWS\system32\Thumbs.db
2007-12-13 01:02 . 2007-12-13 01:03 66,048 --ahs---- C:\WINDOWS\Thumbs.db
2007-12-12 18:05 . 2007-12-21 21:46 120,576 --a------ C:\WINDOWS\system32\ddahhgoy.dat
2007-12-12 17:59 . 2007-12-14 20:45 82,944 --a------ C:\WINDOWS\system32\dlldesktopt.dll.bak
2007-12-12 17:59 . 2007-12-22 16:41 82,944 --a------ C:\WINDOWS\system32\dlldesktopt.dll
2007-12-12 17:58 . 2007-12-12 18:01 <DIR> d-------- C:\WINDOWS\system32\AppCert
2007-12-12 17:58 . 2004-08-19 13:00 84,992 --a------ C:\WINDOWS\system32\atmfdu.dll
2007-12-12 17:58 . 19,584 C:\WINDOWS\system32\drivers\sbwrithc.dat
2007-12-12 17:57 . 2007-12-12 17:57 21,504 --a------ C:\WINDOWS\system32\~.exe
2007-12-08 01:14 . 2007-12-08 01:28 163,712 --a------ C:\WINDOWS\system32\drivers\vidstub.sys
2007-11-30 13:17 . 2006-07-28 09:30 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-11-30 13:17 . 2006-07-28 09:30 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-11-30 13:16 . 2007-11-30 13:16 <DIR> d-------- C:\Programmi\America's Army Server Manager
2007-11-26 17:37 . 2007-11-26 17:37 <DIR> d-------- C:\Fraps
2007-11-26 16:06 . 2007-11-16 04:03 87 --a------ C:\WINDOWS\system32\nvuninst.bat
2007-11-26 15:52 . 2007-07-06 20:58 760,320 --a------ C:\InfoSystem_gadget_by_adni18.exe
2007-11-26 14:46 . 2007-11-26 14:47 <DIR> d-------- C:\Programmi\DAP
2007-11-26 14:46 . 2007-11-26 14:46 479,298 --a------ C:\WINDOWS\system32\wbocx.ocx
2007-11-26 14:46 . 2007-11-26 14:46 172,032 --a------ C:\WINDOWS\system32\AniGIF.ocx
2007-11-26 14:46 . 2007-11-26 14:46 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll
2007-11-24 15:25 . 2005-10-19 21:17 64,000 --a------ C:\VistaRSSv1.exe
2007-11-24 15:05 . 2005-08-11 22:43 78,336 --a------ C:\AeroUptime.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-22 17:37 --------- d-----w C:\Documents and Settings\Laerzio\Dati applicazioni\AVG7
2007-12-22 15:37 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\avg7
2007-12-21 17:14 --------- d---a-w C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2007-12-21 12:04 --------- d-----w C:\Programmi\Lx_cats
2007-12-19 21:28 --------- d-----w C:\Documents and Settings\Laerzio\Dati applicazioni\uTorrent
2007-12-19 00:11 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-12-19 00:04 --------- d-----w C:\Documents and Settings\Laerzio\Dati applicazioni\Skype
2007-12-15 17:08 --------- d--h--w C:\Programmi\InstallShield Installation Information
2007-12-08 00:14 --------- d-----w C:\Programmi\Stardock
2007-11-25 17:00 --------- d-----w C:\Programmi\Google
2007-11-22 13:47 --------- d-----w C:\Programmi\Winamp
2007-11-22 01:29 --------- d-----w C:\Programmi\WinCustomize
2007-11-20 21:36 --------- d-----w C:\Programmi\Free Download Manager
2007-11-20 13:12 --------- d-----w C:\Programmi\Microsoft.NET
2007-11-16 22:08 --------- d-----w C:\Documents and Settings\Laerzio\Dati applicazioni\Homescreen Designer
2007-11-16 22:07 --------- d-----w C:\Programmi\Ruttensoft
2007-11-16 15:01 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\FLEXnet
2007-11-16 14:53 --------- d-----w C:\Programmi\File comuni\Adobe
2007-11-16 14:53 --------- d-----w C:\Programmi\Bonjour
2007-11-16 14:44 --------- d-----w C:\Programmi\File comuni\Macrovision Shared
2007-11-16 14:02 --------- d-----w C:\Programmi\microsoft frontpage
2007-11-16 11:57 --------- d-----w C:\Programmi\PowerISO
2007-11-15 11:38 --------- d-----w C:\Programmi\Windows Mobile
2007-11-11 14:47 --------- d-----w C:\Programmi\ZModeler
2007-11-11 14:47 --------- d-----w C:\Programmi\Xvid
2007-11-11 14:47 --------- d-----w C:\Programmi\WinUHA
2007-11-11 14:46 --------- d-----w C:\Programmi\Truck Dismount
2007-11-11 14:46 --------- d-----w C:\Programmi\SopCast
2007-11-11 14:46 --------- d-----w C:\Programmi\Porrasturvat - Stair Dismount
2007-11-11 14:46 --------- d-----w C:\Programmi\mIRC
2007-11-11 14:46 --------- d-----w C:\Programmi\Microsoft CAPICOM 2.1.0.2
2007-11-11 14:46 --------- d-----w C:\Programmi\MessengerPlus! 3
2007-11-11 14:46 --------- d-----w C:\Programmi\megui
2007-11-11 14:46 --------- d-----w C:\Programmi\Lexmark Fax Solutions
2007-11-11 14:46 --------- d-----w C:\Programmi\ICQLite
2007-11-11 14:46 --------- d-----w C:\Programmi\Directory Lister
2007-11-11 14:46 --------- d-----w C:\Programmi\Car Thief 6 Full
2007-11-11 14:46 --------- d-----w C:\Programmi\Car Thief 5 FULL VERSION
2007-11-11 14:46 --------- d-----w C:\Programmi\Bongo 1.0
2007-11-11 14:46 --------- d-----w C:\Programmi\Audacity
2007-11-11 14:42 --------- d-----w C:\Programmi\QuickTime
2007-11-11 14:38 --------- d-----w C:\Programmi\DustBuster
2007-11-09 06:12 --------- d-----w C:\Programmi\Advanced System Optimizer
2007-11-09 03:49 --------- d-----w C:\Documents and Settings\Laerzio\Dati applicazioni\ViStart
2007-11-09 03:02 --------- d-----w C:\Documents and Settings\Laerzio\Dati applicazioni\Styler
2007-11-09 02:41 --------- d-----w C:\Programmi\ViOrb
2007-11-08 12:58 --------- d-----w C:\Programmi\File comuni\Stardock
2007-11-08 01:58 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2007-11-05 18:14 --------- d-----w C:\Documents and Settings\NetworkService\Dati applicazioni\Intel
2007-11-05 18:14 --------- d-----w C:\Documents and Settings\LocalService\Dati applicazioni\Intel
2007-11-05 18:14 --------- d-----w C:\Documents and Settings\Laerzio\Dati applicazioni\Intel
2007-11-05 18:14 --------- d-----w C:\Documents and Settings\Administrator\Dati applicazioni\Intel
2007-11-05 18:13 --------- d-----w C:\Programmi\Intel
2007-11-05 18:13 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Intel
2007-10-27 23:23 --------- d-----w C:\Documents and Settings\Laerzio\Dati applicazioni\VersionTracker Pro
2007-10-27 01:32 --------- d-----w C:\Programmi\Microsoft ActiveSync
2007-10-26 22:00 --------- d-----w C:\Programmi\Easy Web Cam
2007-10-20 22:14 3,120,640 ----a-w C:\Aero-animation-weather.exe
2007-10-04 22:28 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-03-08 12:21 24 ----a-w C:\Documents and Settings\Laerzio\mylist.dat
2004-10-13 16:24 1,694,208 -csha-w C:\WINDOWS\FlyakiteOSX\Backup\msmsgs.exe
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4EED9E93-466A-462E-BFEC-8C97293B4E68}]
2007-12-22 16:41 82944 --a------ c:\windows\system32\dlldesktopt.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{942484C2-AE64-4CBA-A330-F5A726A0ADEA}]
2004-08-19 13:00 84992 --a------ C:\WINDOWS\system32\atmfdu.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutoCAD Digital Signatures Icon Overlay Handler]
@={36A21736-36C2-4C11-8ACB-D4136F2B57BD}
[HKEY_CLASSES_ROOT\CLSID\{36A21736-36C2-4C11-8ACB-D4136F2B57BD}]
2003-02-14 08:31 136352 --a------ C:\WINDOWS\system32\AcSignIcon.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 13:00]
"H/PC Connection Agent"="D:\Programmi\Microsoft ActiveSync\wcescomm.exe" [2006-06-21 02:52]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SonyPowerCfg"="C:\Programmi\Sony\VAIO Power Management\SPMgr.exe" [2005-05-15 04:51]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Programmi\Google\Gmail Notifier\gnotify.exe" [2005-07-15 22:48]
"WireLessMouse"="C:\Programmi\Nortek Mouse Application\MouseDrv.exe" [2005-09-09 14:41]
"ZoneAlarm Client"="C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-08 23:02]
"Tweak UI"="RUNDLL32.exe" [2004-08-19 13:00 C:\WINDOWS\system32\rundll32.exe]
"LogonStudio"="C:\Programmi\WinCustomize\LogonStudio\logonstudio.exe" [2002-09-03 18:38]
"LXDDCATS"="C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXDDtime.dll" [2007-01-22 23:05]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-19 13:00 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2005-06-12 23:16 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-19 13:00 C:\WINDOWS\system32\rundll32.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-22 18:02]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 13:00]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-12-22 16:39]
C:\Documents and Settings\Laerzio\Menu Avvio\Programmi\Esecuzione automatica\
Stardock ObjectDock.lnk - C:\Programmi\Stardock\ObjectDock\ObjectDock.exe [2007-11-08 13:45:48]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\WINDOWS\\system32\\logonuiX.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hsidcqzb]
dlldesktopt.dll 2007-12-22 16:41 82944 C:\WINDOWS\system32\dlldesktopt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
C:\PROGRA~1\FILECO~1\Stardock\mcpstub.dll 2005-01-31 15:13 49152 C:\PROGRA~1\FILECO~1\Stardock\MCPStub.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2006-06-30 12:12 73728 C:\WINDOWS\system32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\Programmi\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2007-09-23 10:10 229376 C:\Programmi\Stardock\Object Desktop\WindowBlinds\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Adobe Acrobat Speed Launcher.lnk]
backup=C:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Adobe Gamma Loader.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio veloce di Adobe Reader.lnk]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^AWC.lnk]
backup=C:\WINDOWS\pss\AWC.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^iFormat.lnk]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^TabUserW.exe.lnk]
backup=C:\WINDOWS\pss\TabUserW.exe.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^VersionTrackerPro.lnk]
backup=C:\WINDOWS\pss\VersionTrackerPro.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Laerzio^Menu Avvio^Programmi^Esecuzione automatica^Combined II.lnk]
backup=C:\WINDOWS\pss\Combined II.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Laerzio^Menu Avvio^Programmi^Esecuzione automatica^Stardock ObjectDock.lnk]
path=C:\Documents and Settings\Laerzio\Menu Avvio\Programmi\Esecuzione automatica\Stardock ObjectDock.lnk
backup=C:\WINDOWS\pss\Stardock ObjectDock.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Laerzio^Menu Avvio^Programmi^Esecuzione automatica^Stickies.lnk]
backup=C:\WINDOWS\pss\Stickies.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Laerzio^Menu Avvio^Programmi^Esecuzione automatica^Styler.lnk]
path=C:\Documents and Settings\Laerzio\Menu Avvio\Programmi\Esecuzione automatica\Styler.lnk
backup=C:\WINDOWS\pss\Styler.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-05-11 02:06 40048 --a------ C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2003-11-07 09:21 114688 --a--c--- C:\Programmi\Apoint\Apoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BootSkin Startup Jobs]
C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe /StartupJobs
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-19 13:00 15360 --a------ C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Programmi\DAEMON Tools\daemon.exe -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C44 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 EPSON Stylus C44 Series /O6 USB001 /M Stylus C44
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
C:\Programmi\Lexmark Fax Solutions\fm3032.exe /s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-06-21 02:52 1211176 --a------ D:\Programmi\Microsoft ActiveSync\wcescomm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
HDAShCut.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2005-06-29 06:33 77824 --a--c--- C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
C:\Programmi\ICQLite\ICQLite.exe -minimize
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2005-06-29 06:33 94208 --a--c--- C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
2004-02-20 13:12 32768 --a--c--- C:\Programmi\Sony\ISB Utility\ISBMgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kzxnnc.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-05-18 10:29 49152 --a------ d:\Programmi\CyberLink\PowerDVD\Language\Language.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LClock]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxddamon]
2007-02-06 00:32 20480 --a------ C:\Programmi\Lexmark 2500 Series\lxddamon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxddmon.exe]
2007-02-13 00:58 291760 --a------ C:\Programmi\Lexmark 2500 Series\lxddmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\modzhysv]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mouse Suite 98 Daemon]
ICO.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
2005-02-10 16:00 1937408 --a--c--- C:\Programmi\Ahead\Nero BackItUp\NBJ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 --a--c--- C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nzdezb.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDService.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2005-06-29 06:33 114688 --a--c--- C:\WINDOWS\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgr.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Programmi\QuickTime\qttask.exe -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecordPadRun]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
C:\Programmi\REGSHAVE\REGSHAVE.EXE /AUTORUN
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reminder]
2004-11-18 11:05 315392 --a--c--- C:\WINDOWS\reminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2005-12-07 21:57 30208 --a------ d:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2006-10-12 03:10 49263 --a--c--- C:\Programmi\Java\jre1.5.0_09\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\System Files Updater]
C:\WINDOWS\FlyakiteOSX\Tools\System Files Updater.exe /S
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trickler]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tweak UI]
RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 2]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 3]
C:\Programmi\Sony\VAIO Update 3\VAIOUpdt.exe /Stationary
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViOrb]
2007-06-25 23:28 163840 --a------ C:\Programmi\ViOrb\ViOrb.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VisualTooltip]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\viwc]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinRoll]
R0 PenClass;Pen Class;C:\WINDOWS\system32\Drivers\PenClass.sys [2001-04-09 21:45]
R0 sgdwhdml;sgdwhdml;C:\WINDOWS\system32\drivers\sbwrithc.dat []
R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2007-08-09 20:52]
S2 ewjpfjdj;Process Walker Monitor;C:\WINDOWS\System32\svchost.exe -k netsvcs []
S3 CTL518;Video Blaster WebCam (WDM);C:\WINDOWS\system32\DRIVERS\wcvid.sys [2001-11-03 01:00]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Programmi\Sony\Image Converter 2\IcVzMon.exe [2005-04-05 12:06]
S3 lxdd_device;lxdd_device;C:\WINDOWS\system32\lxddcoms.exe -service []
S3 NetFxUpdate_v1.1.4322;Microsoft .NET Framework v1.1.4322 Update;C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [2007-01-15 15:11]
S3 p2pgasvc;Autenticazione gruppo rete peer;C:\WINDOWS\system32\svchost.exe -k p2psvc []
S3 p2pimsvc;Gestione identità rete peer;C:\WINDOWS\system32\svchost.exe -k p2psvc []
S3 p2psvc;Rete peer;C:\WINDOWS\system32\svchost.exe -k p2psvc []
S3 PNRPSvc;Peer Name Resolution Protocol (PNRP);C:\WINDOWS\system32\svchost.exe -k p2psvc []
S3 pwalker;Process Walker Driver;C:\DOCUME~1\Laerzio\IMPOST~1\Temp\nse2.tmp\pwalker.sys []
S3 renderqueue;Alias ImageStudio Render Queue;C:\Programmi\Alias\ImageStudio3.0\bin\renderqueue.exe [2005-11-07 22:34]
S3 S6U12BScanner;MUSTEK 1200 UB Still Image Device Service;C:\WINDOWS\system32\drivers\usbscan.sys [2004-08-03 22:58]
S3 usbscan;Driver scanner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 USBSTOR;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ewjpfjdj
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{40a29a3c-5250-11dc-826e-0013ce760671}]
\Shell\AutoRun\command - H:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd984f0a-99db-11dc-b550-0013ce760671}]
\Shell\auto\command - H:\Knight.exe open
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open
\Shell\explore\command - H:\Knight.exe open
\Shell\find\command - H:\Knight.exe open
\Shell\install\command - H:\Knight.exe open
\Shell\open\command - H:\Knight.exe open
.
|
|
|
| Top |
|
|
Dink the Boss
Eroe in grazia degli dei
Registrato: 03/07/06 10:33
Messaggi: 136
|
| Inviato: 23 Dic 2007 13:45 Oggetto: |
|
|
per favore appena potete ditemi cosa posso fare che ho continui messaggi dell'antivirus di quei maledetti file  |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 23 Dic 2007 13:59 Oggetto: |
|
|
Eccomi qui, c'è voluto un po di tempo...
Scarica avenger e scompattalo in una sua cartella non temporanea e non sul desktop
Avvia AVENGER
Clicca su input script manually
Clicca sulla lente d'ingrandimento
Inserisci queste righe:
| Citazione: | files to delete:
C:\WINDOWS\system32\~.exe
C:\WINDOWS\system32\hiuyyymt.dat
C:\WINDOWS\system32\tvcwqilp.dat
C:\WINDOWS\system32\sbphutiz.dat
C:\WINDOWS\system32\dlldesktopt.dll.bak
C:\WINDOWS\system32\hopjeokm.dat
C:\WINDOWS\system32\ddahhgoy.dat
C:\WINDOWS\system32\dlldesktopt.dll
C:\WINDOWS\system32\Collegamento a dlldesktopt.dll.lnk
C:\WINDOWS\system32\Collegamento a dlldesktopt.dll.bak.lnk
C:\WINDOWS\system32\drivers\yfyxvpim.dat
C:\WINDOWS\system32\drivers\sbwrithc.dat
C:\WINDOWS\system32\atmfdu.dll
C:\WINDOWS\Temp\ZLT0111b.TMP
C:\WINDOWS\Temp\ZLT0111e.TMP
registry keys to delete:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\hsidcqzb
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4EED9E93-466A-462E-BFEC-8C97293B4E68}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{942484C2-AE64-4CBA-A330-F5A726A0ADEA}
HKLM\system\currentcontrolset\services\ewjpfjdj
HKLM\system\currentcontrolset\services\sgdwhdml
drivers to unload:
ewjpfjdj
sgdwhdml |
Clicca su Done
Clicca sul semaforo
Il pc dovrebbe riavviarsi, se così non fosse, riavvialo tu.
Al termine dell'operazione, posta qui il risultato con un log aggiornato di hijackthis. |
|
| Top |
|
|
Dink the Boss
Eroe in grazia degli dei
Registrato: 03/07/06 10:33
Messaggi: 136
|
| Inviato: 23 Dic 2007 15:14 Oggetto: |
|
|
scusami, figurati sei fin troppo puntuale
Ti posto il risultato di avenger e il log di hijack.
Qualcosa penso abbia fatto
LOG AVENGER
| Codice: | Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\tlxaqncg
*******************
Script file located at: \??\C:\Documents and Settings\bdxkwqkb.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Could not open file C:\WINDOWS\system32\~.exe for deletion
Deletion of file C:\WINDOWS\system32\~.exe failed!
Could not process line:
C:\WINDOWS\system32\~.exe
Status: 0xc0000022
File C:\WINDOWS\system32\hiuyyymt.dat deleted successfully.
File C:\WINDOWS\system32\tvcwqilp.dat deleted successfully.
File C:\WINDOWS\system32\sbphutiz.dat deleted successfully.
Could not open file C:\WINDOWS\system32\dlldesktopt.dll.bak for deletion
Deletion of file C:\WINDOWS\system32\dlldesktopt.dll.bak failed!
Could not process line:
C:\WINDOWS\system32\dlldesktopt.dll.bak
Status: 0xc0000022
File C:\WINDOWS\system32\hopjeokm.dat deleted successfully.
File C:\WINDOWS\system32\ddahhgoy.dat deleted successfully.
Could not open file C:\WINDOWS\system32\dlldesktopt.dll for deletion
Deletion of file C:\WINDOWS\system32\dlldesktopt.dll failed!
Could not process line:
C:\WINDOWS\system32\dlldesktopt.dll
Status: 0xc0000022
File C:\WINDOWS\system32\Collegamento a dlldesktopt.dll.lnk deleted successfully.
File C:\WINDOWS\system32\Collegamento a dlldesktopt.dll.bak.lnk deleted successfully.
File C:\WINDOWS\system32\drivers\yfyxvpim.dat deleted successfully.
Could not open file C:\WINDOWS\system32\drivers\sbwrithc.dat for deletion
Deletion of file C:\WINDOWS\system32\drivers\sbwrithc.dat failed!
Could not process line:
C:\WINDOWS\system32\drivers\sbwrithc.dat
Status: 0xc0000022
Could not open file C:\WINDOWS\system32\atmfdu.dll for deletion
Deletion of file C:\WINDOWS\system32\atmfdu.dll failed!
Could not process line:
C:\WINDOWS\system32\atmfdu.dll
Status: 0xc0000022
File C:\WINDOWS\Temp\ZLT0111b.TMP not found!
Deletion of file C:\WINDOWS\Temp\ZLT0111b.TMP failed!
Could not process line:
C:\WINDOWS\Temp\ZLT0111b.TMP
Status: 0xc0000034
File C:\WINDOWS\Temp\ZLT0111e.TMP not found!
Deletion of file C:\WINDOWS\Temp\ZLT0111e.TMP failed!
Could not process line:
C:\WINDOWS\Temp\ZLT0111e.TMP
Status: 0xc0000034
Registry key HKLM\system\currentcontrolset\services\ewjpfjdj deleted successfully.
Could not open registry key HKLM\system\currentcontrolset\services\sgdwhdml for deletion
Deletion of registry key HKLM\system\currentcontrolset\services\sgdwhdml failed!
Could not process line:
HKLM\system\currentcontrolset\services\sgdwhdml
Status: 0xc0000022
Registry key \Registry\Machine\System\CurrentControlSet\Services\ewjpfjdj not found!
Unload of driver ewjpfjdj failed!
Could not process line:
ewjpfjdj
Status: 0xc0000034
Could not open registry key \Registry\Machine\System\CurrentControlSet\Services\sgdwhdml for deletion
Unload of driver sgdwhdml failed!
Could not process line:
sgdwhdml
Status: 0xc0000022
Registry key HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\hsidcqzb not found!
Deletion of registry key HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\hsidcqzb failed!
Status: 0xc0000034
Could not open registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4EED9E93-466A-462E-BFEC-8C97293B4E68} for deletion
Deletion of registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4EED9E93-466A-462E-BFEC-8C97293B4E68} failed!
Status: 0xc0000022
Could not open registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{942484C2-AE64-4CBA-A330-F5A726A0ADEA} for deletion
Deletion of registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{942484C2-AE64-4CBA-A330-F5A726A0ADEA} failed!
Status: 0xc0000022
Completed script processing.
*******************
Finished! Terminate. |
LOG HIJACK
| Codice: | Logfile of HijackThis v1.99.1
Scan saved at 14:12, on 2007-12-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\FILECO~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
C:\Programmi\Sony\VAIO Power Management\SPMgr.exe
C:\Programmi\Google\Gmail Notifier\gnotify.exe
C:\Programmi\Nortek Mouse Application\MouseDrv.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Programmi\Microsoft ActiveSync\wcescomm.exe
C:\Programmi\Stardock\ObjectDock\ObjectDock.exe
D:\PROGRA~1\MICROS~1\rapimgr.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Laerzio\Documenti\UTILITY CONTRO I VIRUS\HijackThis.exe
C:\Programmi\Internet Explorer\iexplore.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programmi\MegauploadToolbar\megauploadtoolbar.dll
O2 - BHO: (no name) - {4EED9E93-466A-462E-BFEC-8C97293B4E68} - c:\windows\system32\dlldesktopt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {942484C2-AE64-4CBA-A330-F5A726A0ADEA} - C:\WINDOWS\system32\atmfdu.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: IeMonitorBho Class - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Programmi\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: IEPlugin Class - {CF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Programmi\Advanced System Optimizer\IEHelper.dll
O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programmi\MegauploadToolbar\megauploadtoolbar.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Programmi\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Programmi\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programmi\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [WireLessMouse] C:\Programmi\Nortek Mouse Application\MouseDrv.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [LogonStudio] "C:\Programmi\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [LXDDCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Programmi\Microsoft ActiveSync\wcescomm.exe"
O4 - Startup: Stardock ObjectDock.lnk = C:\Programmi\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: &Download with &DAP - C:\Programmi\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Programmi\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferito portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\programmi\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://d1nkroadcriminal.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{06667EB8-D3CB-4BA4-B07C-B375363A2988}: NameServer = 192.168.1.1,192.168.1.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{06667EB8-D3CB-4BA4-B07C-B375363A2988}: NameServer = 192.168.1.1,192.168.1.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{06667EB8-D3CB-4BA4-B07C-B375363A2988}: NameServer = 192.168.1.1,192.168.1.2
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: hsidcqzb - C:\WINDOWS\SYSTEM32\dlldesktopt.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\FILECO~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WBSrv - C:\Programmi\Stardock\Object Desktop\WindowBlinds\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Programmi\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Programmi\File comuni\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Programmi\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Alias ImageStudio Render Queue (renderqueue) - Unknown owner - C:\Programmi\Alias\ImageStudio3.0\bin\renderqueue.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programmi\Windows Live\installer\WLSetupSvc.exe
|
|
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
|
| Top |
|
|
Dink the Boss
Eroe in grazia degli dei
Registrato: 03/07/06 10:33
Messaggi: 136
|
| Inviato: 24 Dic 2007 15:35 Oggetto: |
|
|
mentre faccio quello ke mi ha kiesto bdoriano...volevo sapere una cosa 
da quando ho usato ComboFix.... quando passo il mouse sull'orologio di windows...non mi dice più la data con il giorno...
tipo non dice mercoledì 15 dicembre 2006
ma dice 2006-12-15
come posso ripristinare il vecchio orologio? |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 24 Dic 2007 15:56 Oggetto: |
|
|
Non so dirti.
Aspettiamo di avere completato le pulizie e poi vediamo come ripristinare questa funzione. |
|
| Top |
|
|
Dink the Boss
Eroe in grazia degli dei
Registrato: 03/07/06 10:33
Messaggi: 136
|
| Inviato: 24 Dic 2007 19:28 Oggetto: |
|
|
Intanto virit, con pc avviato normalmente.
| Codice: | VirIT eXplorer Lite Log
[SCANSIONE DELLA MEMORIA]
OK
[SCANSIONE DELLA MEMORIA]
[SCANSIONE DELLA MEMORIA]
OK
--------------------------------------------------------
25/12/2007 - 14:46:31
[SCANSIONE DEL REGISTRO]
OK
[D:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK
Chiavi Registro infette: 0.
Files Infetti: 0.
Files Sospetti: 0.
Files Analizzati: 0.
Files Totali: 0.
Chiavi Registro rimosse: 0.
Virus Rimossi: 0.
--------------------------------------------------------
25/12/2007 - 14:47:30
[SCANSIONE DEL REGISTRO]
OK
[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK
C:\Programmi\Lexmark 2500 Series\Drivers\I386\lxdduldr.dll Possibile variante da Trojan.Win32.Zlob.E
C:\WINDOWS\system32\AppCert\wnl32.dll Infetto da Trojan.Win32.Agent.BHY
Il file sarà spostato nella cartella di quarantena.
C:\WINDOWS\system32\atmfdu.dll Infetto da BHO.Agent.GX
Contattare il Supporto Tecnico TG Soft
C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdduldr.dll Possibile variante da Trojan.Win32.Zlob.E
C:\WINDOWS\system32\spool\drivers\w32x86\lexmark_2500_seriesa5fd\lxdduldr.dll Possibile variante da Trojan.Win32.Zlob.E
Chiavi Registro infette: 0.
Files Infetti: 5.
Files Sospetti: 0.
Files Analizzati: 117259.
Files Totali: 117259.
Chiavi Registro rimosse: 0.
Virus Rimossi: 0.
Adesso puoi RIAVVIARE il computer per spostare il file nella cartella di quarantena. |
|
|
| Top |
|
|
Dink the Boss
Eroe in grazia degli dei
Registrato: 03/07/06 10:33
Messaggi: 136
|
| Inviato: 25 Dic 2007 14:39 Oggetto: Problemone. Explorer CPU 100% |
|
|
Ho già un'altro topic aperto, e mi dispiace tantissimo chiedere e disturbarvi il 25 di dicembre.
Ma da ieri explorer.exe occupa il 100% della CPU e di conseguenza è tutto lentissimo...
riesco ad utilizzare 1pò il pc mettendo sul task manager la priorietà di explorer e bassa e di ie ad alta.
come posso risolvere? Vi posto hijack
Il pc mi servirebbe con urgenza per studiare per gli esami di gennaio....sono nelle vostre mani
| Codice: | Logfile of HijackThis v1.99.1
Scan saved at 13:38, on 2007-12-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\FILECO~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Sony\VAIO Power Management\SPMgr.exe
C:\Programmi\Nortek Mouse Application\MouseDrv.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\Laerzio\Documenti\UTILITY CONTRO I VIRUS\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programmi\MegauploadToolbar\megauploadtoolbar.dll
O2 - BHO: (no name) - {4EED9E93-466A-462E-BFEC-8C97293B4E68} - c:\windows\system32\dlldesktopt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {942484C2-AE64-4CBA-A330-F5A726A0ADEA} - C:\WINDOWS\system32\atmfdu.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: IeMonitorBho Class - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Programmi\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: IEPlugin Class - {CF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Programmi\Advanced System Optimizer\IEHelper.dll
O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programmi\MegauploadToolbar\megauploadtoolbar.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Programmi\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Programmi\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [WireLessMouse] C:\Programmi\Nortek Mouse Application\MouseDrv.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Download with &DAP - C:\Programmi\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Programmi\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferito portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\programmi\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://d1nkroadcriminal.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{06667EB8-D3CB-4BA4-B07C-B375363A2988}: NameServer = 192.168.1.1,192.168.1.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{06667EB8-D3CB-4BA4-B07C-B375363A2988}: NameServer = 192.168.1.1,192.168.1.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{06667EB8-D3CB-4BA4-B07C-B375363A2988}: NameServer = 192.168.1.1,192.168.1.2
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: hsidcqzb - C:\WINDOWS\SYSTEM32\dlldesktopt.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\FILECO~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WBSrv - C:\Programmi\Stardock\Object Desktop\WindowBlinds\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Programmi\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Programmi\File comuni\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Programmi\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Alias ImageStudio Render Queue (renderqueue) - Unknown owner - C:\Programmi\Alias\ImageStudio3.0\bin\renderqueue.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programmi\Windows Live\installer\WLSetupSvc.exe
|
Cancellate qualsiasi cosa, purchè posso riavere windows funzionante  |
|
| Top |
|
|
Sante62
Dio maturo
Registrato: 27/06/07 17:55
Messaggi: 3477
Residenza: Floridia
|
| Inviato: 26 Dic 2007 11:04 Oggetto: |
|
|
Qualcosa c'è che non riesco a inquadrare...
Guarda questa discussione relativa a Combofix scaricalo e fai la scansione del PC postando il risultato come indicato. Poi dai una passata anche con Virit
Aggiornalo mediante l'icona della parabola posta nella barra in alto e fagli fare la scansione completa del PC.
Fai in modo che rimuova automaticamente i file infetti trovati.
Non dimenticare di disattivare momentaneamente il tuo antivirus.
Incolla poi quì il risultato. Installati anche un antivirus, mi pare che ne sei sprovvisto. Tra quelli free puoi scegliere Avast o Avira.
PS: Se è la continuazione dell'altro topic che hai aperto, non tenere conto di questo, ma continua li. |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 26 Dic 2007 12:17 Oggetto: |
 |
|
E' la continuazione dell'altro topic, li unisco.
edit:
Scarica Dr.Web CureIt.
Disabilita il ripristino di sistema e avvia il pc in modalità provvisoria.
Avvia DrWeb CureIt e fagli fare la scansione completa.
| Dink the Boss ha scritto: | | Cancellate qualsiasi cosa, purchè posso riavere windows funzionante |
Il problema è cancellare le cose giuste per farti riappropriare del tuo Pc.
Appena fatta quest'ultima operazione, rifai la scansione con SystemScan. Così vediamo come è cambiata la situazione.  |
|
| Top |
|
|
|
|
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi
|
|
FAQ
Cerca
Lista utenti
Gruppi
Registrati
Profilo
Messaggi privati
Log in
