Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
Problemi explore.exe
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
ALEK-J
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 31/05/08 13:52
Messaggi: 142
MessaggioInviato: 03 Ago 2008 23:44    Oggetto: Problemi explore.exe Rispondi citando
Cia ragazzi!!!
In passato ho avuto dei problemi con EXPLORE EXE, garzie a bdoriano che mi ha seguito in tutti i passaggi,ho risolto il problema... Very Happy Very Happy
Ora un mio amico,pare abbia lo stesso problema...credo..
Vi mando i log di hijakthis e combofix del suo computer...


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22.17.28, on 31/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmi\IObit\Advanced WindowsCare V2\Awcl.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\All Users\Dati applicazioni\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Programmi\philips\Philips SNU5600 Wireless USB Adapter Utility\PHUSBBGMonitor.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\DOCUME~1\ANTONE~1\IMPOST~1\Temp\Directory temporanea 1 per HiJackThis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmi\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmi\AVG\AVG8\avgtoolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Advanced WindowsCare V2 Personal] "C:\Programmi\IObit\Advanced WindowsCare V2\Awcl.exe" /startup
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Dati applicazioni\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adattatore USB Wireless Philips SNU5600.lnk = C:\Programmi\philips\Philips SNU5600 Wireless USB Adapter Utility\PHUSBBGMonitor.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 6053 bytes



ComboFix 08-07-31.01 - Antonella 2008-07-31 22.09.22.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.566 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Antonella\Desktop\COMBO-FIX.EXE
* Creato nuovo punto di ripristino

ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\Documents and Settings\Antonella\Impostazioni locali\Dati applicazioni\kgeuaew.dat
C:\Documents and Settings\Antonella\Impostazioni locali\Dati applicazioni\kgeuaew.exe
c:\Documents and Settings\Antonella\Impostazioni locali\Dati applicazioni\kgeuaew_nav.dat
c:\Documents and Settings\Antonella\Impostazioni locali\Dati applicazioni\kgeuaew_navps.dat
C:\Documents and Settings\TURY\Impostazioni locali\Dati applicazioni\Microsoft\Windows Media\10.0\WMSDKNSD.XML

.
((((((((((((((((((((((((( Files Creati Da 2008-06-28 al 2008-07-31 )))))))))))))))))))))))))))))))))))
.

2008-07-31 21:58 . 2008-07-31 21:58 <DIR> d-------- C:\Programmi\CCleaner
2008-07-27 11:22 . 2008-07-27 11:22 <DIR> d-------- C:\Documents and Settings\TURY\Dati applicazioni\Avant Profiles
2008-07-24 19:16 . 2008-07-24 19:16 <DIR> d-------- C:\Programmi\temp
2008-07-18 23:53 . 2008-07-26 22:36 <DIR> d-------- C:\Programmi\eMule
2008-07-18 23:25 . 2008-07-18 23:25 <DIR> d-------- C:\Documents and Settings\TURY\Dati applicazioni\HP
2008-07-06 20:55 . 2008-07-06 20:55 <DIR> d-------- C:\Programmi\Hewlett-Packard
2008-07-06 20:53 . 2006-04-10 14:03 48,128 --a------ C:\WINDOWS\system32\hpzll054.dll
2008-07-06 20:49 . 2008-07-06 21:01 120,117 --a------ C:\WINDOWS\hpoins11.dat
2008-07-06 20:37 . 2008-07-06 20:37 221 --a------ C:\WINDOWS\NCLogConfig.ini
2008-07-06 20:35 . 2008-07-06 20:45 <DIR> d-------- C:\Documents and Settings\Antonella\Dati applicazioni\Image Zone Express
2008-07-06 20:32 . 2008-07-06 20:32 <DIR> d-------- C:\Documents and Settings\Antonella\Dati applicazioni\HP
2008-07-06 20:30 . 2008-07-06 20:58 <DIR> d-------- C:\Programmi\File comuni\HP
2008-07-06 20:30 . 2008-07-06 20:30 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\HP
2008-07-06 20:28 . 2008-07-06 20:28 <DIR> d-------- C:\Programmi\File comuni\Hewlett-Packard
2008-07-06 20:27 . 2005-10-14 22:42 46,592 --a------ C:\WINDOWS\system32\hpzll43a.dll
2008-07-06 20:27 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-07-06 20:27 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-07-06 20:26 . 2008-07-06 20:26 <DIR> d-------- C:\Program Files
2008-07-06 20:26 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-07-06 20:26 . 2006-03-03 21:03 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll
2008-07-06 20:26 . 2006-03-03 21:02 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2008-07-06 20:26 . 2006-03-03 21:02 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2008-07-06 20:26 . 2006-03-03 21:03 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
2008-07-06 20:26 . 2006-03-03 21:03 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe
2008-07-06 20:26 . 2006-03-03 21:02 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2008-07-06 20:25 . 2008-07-06 20:30 <DIR> d-------- C:\Programmi\HP
2008-07-06 20:24 . 2006-04-12 12:02 659,456 --a------ C:\WINDOWS\system32\hpowiax2.dll
2008-07-06 20:24 . 2006-04-12 12:02 598,016 --a------ C:\WINDOWS\system32\hpotscl2.dll
2008-07-06 20:24 . 2005-10-28 03:23 282,624 --a------ C:\WINDOWS\system32\HPZc3212.dll
2008-07-06 20:24 . 2006-04-12 12:02 254,026 --a------ C:\WINDOWS\system32\hpovst09.dll
2008-07-06 20:24 . 2005-09-10 01:28 98,304 --a------ C:\WINDOWS\system32\hpzjsn01.dll
2008-07-06 20:24 . 2005-03-22 14:48 77,824 --a------ C:\WINDOWS\system32\hpzids01.dll
2008-07-06 20:24 . 2005-10-28 03:24 49,664 --a------ C:\WINDOWS\system32\drivers\HPZid412.sys
2008-07-06 20:24 . 2005-10-28 03:24 21,568 --a------ C:\WINDOWS\system32\drivers\HPZius12.sys
2008-07-06 20:24 . 2005-10-28 03:24 16,496 --a------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-07-06 18:47 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-07-06 18:47 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-07-06 18:40 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-07-06 18:40 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-06-29 09:21 . 2008-04-23 06:16 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-06-29 09:21 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-06-29 09:21 . 2007-03-08 07:11 1,032,192 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-06-29 09:21 . 2008-04-23 06:16 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-06-29 09:21 . 2008-04-23 06:16 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-06-29 09:21 . 2008-04-23 06:16 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-06-29 09:21 . 2008-04-23 06:16 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-06-29 09:21 . 2008-04-23 06:16 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-06-29 09:21 . 2008-04-22 09:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-28 22:00 . 2008-06-28 22:00 <DIR> d-------- C:\Documents and Settings\Antonella\Dati applicazioni\TERMINAL Studio
2008-06-28 22:00 . 2008-06-28 22:00 <DIR> d-------- C:\Documents and Settings\Antonella\Dati applicazioni\Astro Gemini Software
2008-06-28 22:00 . 2005-09-21 14:08 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-06-28 22:00 . 2005-09-21 14:08 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-06-28 22:00 . 2007-11-06 17:46 106,496 --a------ C:\WINDOWS\system32\Astro Gemini Screensaver Manager.scr
2008-06-28 21:46 . 2008-06-28 21:46 <DIR> d-------- C:\Programmi\Avant Browser
2008-06-28 21:46 . 2008-06-28 21:46 <DIR> d-------- C:\Documents and Settings\Antonella\Dati applicazioni\Avant Profiles
2008-06-28 21:27 . 2008-06-28 21:27 <DIR> d-------- C:\Documents and Settings\TURY\Dati applicazioni\AVGTOOLBAR
2008-06-28 21:26 . 2008-06-19 18:54 <DIR> d--h----- C:\Documents and Settings\TURY\Risorse di stampa
2008-06-28 21:26 . 2008-06-19 18:54 <DIR> d--h----- C:\Documents and Settings\TURY\Risorse di rete
2008-06-28 21:26 . 2008-06-28 21:27 <DIR> dr------- C:\Documents and Settings\TURY\Preferiti
2008-06-28 21:26 . 2008-06-19 16:59 <DIR> d--h----- C:\Documents and Settings\TURY\Modelli
2008-06-28 21:26 . 2008-06-19 18:54 <DIR> dr------- C:\Documents and Settings\TURY\Menu Avvio
2008-06-28 21:26 . 2008-07-31 22:10 <DIR> d--h----- C:\Documents and Settings\TURY\Impostazioni locali
2008-06-28 21:26 . 2008-06-28 21:27 <DIR> dr------- C:\Documents and Settings\TURY\Documenti
2008-06-28 21:26 . 2008-07-27 11:22 <DIR> dr-h----- C:\Documents and Settings\TURY\Dati applicazioni
2008-06-28 21:26 . 2008-06-28 21:26 <DIR> d-------- C:\Documents and Settings\TURY
2008-06-28 21:12 . 2008-06-28 21:12 <DIR> d-------- C:\Programmi\IObit
2008-06-28 21:03 . 2008-07-26 22:40 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-06-28 20:47 . 2008-06-29 09:31 <DIR> d-------- C:\WINDOWS\system32\it-it
2008-06-28 20:38 . 2008-07-31 21:47 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-06-28 20:38 . 2008-06-28 20:38 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\avg8
2008-06-28 20:38 . 2008-07-27 08:09 97,928 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-06-28 20:38 . 2008-06-28 20:48 76,040 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-06-28 20:38 . 2008-06-28 20:48 12,936 --a------ C:\WINDOWS\system32\drivers\avgrkx86.sys
2008-06-28 20:38 . 2008-07-08 20:58 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-06-28 20:25 . 2008-06-28 20:25 <DIR> d-------- C:\Programmi\MSXML 4.0
2008-06-19 20:08 . 2008-07-03 20:16 <DIR> d-------- C:\Programmi\Google
2008-06-19 20:08 . 2008-07-31 21:50 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Google Updater
2008-06-19 00:17 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-19 00:17 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-19 00:07 . 2008-06-19 00:07 <DIR> d-------- C:\WINDOWS\{9259CB83-6520-4E12-8E71-CB92B0F36259}
2008-06-19 00:07 . 2008-06-19 00:07 <DIR> d-------- C:\Programmi\philips
2008-06-19 00:01 . 2004-08-19 15:39 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2008-06-19 00:01 . 2004-08-19 15:39 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
2008-06-19 00:01 . 2001-08-30 20:41 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-06-19 00:01 . 2001-08-30 20:41 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-06-19 00:01 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-06-19 00:01 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-28 18:42 --------- d-----w C:\Documents and Settings\Antonella\Dati applicazioni\AVGTOOLBAR
2008-06-20 17:39 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-19 16:29 --------- d-----w C:\Programmi\File comuni\Adobe
2008-06-19 16:25 --------- d-----w C:\Programmi\NeroInstall.bak
2008-06-19 16:25 --------- d-----w C:\Documents and Settings\Antonella\Dati applicazioni\Nero
2008-06-19 16:24 --------- d-----w C:\Programmi\File comuni\Nero
2008-06-19 16:22 --------- d-----w C:\Programmi\Nero
2008-06-19 16:22 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Nero
2008-06-19 15:57 --------- d-----w C:\Programmi\AVG
2008-06-19 15:42 --------- d-----w C:\Programmi\Microsoft.NET
2008-06-19 15:41 --------- d-----w C:\Programmi\Microsoft Works
2008-06-19 15:19 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-06-19 15:19 --------- d-----w C:\Programmi\Realtek
2008-06-19 15:15 --------- d-----w C:\Programmi\Intel
2008-06-19 15:03 --------- d-----w C:\Programmi\microsoft frontpage
2008-06-19 15:02 --------- d-----w C:\Programmi\Servizi in linea
2008-05-07 05:14 1,292,800 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:39 15360]
"swg"="C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-19 20:08 68856]
"ISUSPM"="C:\Documents and Settings\All Users\Dati applicazioni\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 16:41 222128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-11-08 09:56 141848]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-11-08 09:56 166424]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-11-08 09:56 137752]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-27 08:09 1235736]
"Advanced WindowsCare V2 Personal"="C:\Programmi\IObit\Advanced WindowsCare V2\Awcl.exe" [2008-04-17 09:33 2669336]
"HP Software Update"="C:\Programmi\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]
"ISUSScheduler"="C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" [2004-08-09 07:03 81920]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-25 05:57 16855552 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2007-10-11 05:04 1826816 C:\WINDOWS\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:39 15360]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adattatore USB Wireless Philips SNU5600.lnk - C:\Programmi\philips\Philips SNU5600 Wireless USB Adapter Utility\PHUSBBGMonitor.exe [2007-07-24 17:38:34 471040]
HP Digital Imaging Monitor.lnk - C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22 288472]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\philips\\Philips SNU5600 Wireless USB Adapter Utility\\PHUSBBGMonitor.exe"=
"C:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"C:\\Programmi\\AVG\\AVG8\\avgnsx.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Programmi\\eMule\\emule.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4662:TCP"= 4662:TCP:EMULE AVVIO
"4672:UDP"= 4672:UDP:EMULE FINE

R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-06-28 20:48]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-07-27 08:09]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-07-27 08:09]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-06-28 20:48]
R3 WN4501HLFZZ;802.11g Wireless USB Adapter;C:\WINDOWS\system32\DRIVERS\O4501U.sys [2005-12-17 20:07]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;C:\WINDOWS\system32\DRIVERS\l151x86.sys [2007-11-01 02:56]
S3 bsusbser;H3G USB Device for Legacy Serial Communication;C:\WINDOWS\system32\DRIVERS\bsusbser.sys [2006-12-20 12:01]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21fe815a-bd40-11dc-a2db-a71115217d85}]
\Shell\AutoRun\command - F:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21fe815b-bd40-11dc-a2db-a71115217d85}]
\Shell\AutoRun\command - F:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21fe815d-bd40-11dc-a2db-a71115217d85}]
\Shell\AutoRun\command - G:\setup.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
- - - - ORFÃOS REMOVIDOS - - - -

HKLM-Run-ISUSPM Startup - C:\PROGRA~1\FILECO~1\INSTAL~1\UpdateService\isuspm.exe


.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.it/
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
O8 -: E&sporta in Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-31 22:10:14
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2008-07-31 22:10:51
ComboFix-quarantined-files.txt 2008-07-31 20:10:47

Pre-Run: 53,655,179,264 byte disponibili
Post-Run: 53,647,581,184 byte disponibili

223 --- E O F --- 2008-07-18 20:15:48


Ringrazio in anticipo chiunque mi dia una mano.... Smile
Top
Profilo Invia messaggio privato
Sante62
Dio maturo
Dio maturo


Registrato: 27/06/07 17:55
Messaggi: 3477
Residenza: Floridia
MessaggioInviato: 04 Ago 2008 09:05    Oggetto: Rispondi
Ciao Ciao
[*]Segui le istruzioni di questo topic per usare MBAM;

Inoltre installate un antivirus ed un firewall
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 2 ore
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi