Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
antispyware chi lo usa ? info
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
ropa
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 11/06/08 09:37
Messaggi: 99
MessaggioInviato: 05 Set 2008 11:04    Oggetto: antispyware chi lo usa ? info Rispondi citando
e queste voci con Superantispyware:

31 unclassified.Oreans32

3 adware tracking.cookie


che le metto in QUARANTENA, ma poi se rifacciio
la scansione me le ritrovo ?

le cancello? ma come si fa? come mai a ogni
nuova scansione le ritrovo ?


aiutoooooo come li cancello ???
Top
Profilo Invia messaggio privato
ropa
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 11/06/08 09:37
Messaggi: 99
MessaggioInviato: 05 Set 2008 11:05    Oggetto: log Rispondi citando
Deckard's System Scanner v20071014.68
Run by Administrator on 2008-09-05 10:26:47
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
8: 2008-09-05 08:26:57 UTC - RP8 - Deckard's System Scanner Restore Point
7: 2008-09-04 15:29:24 UTC - RP7 - Installed SUPERAntiSpyware Free Edition
6: 2008-09-04 15:28:00 UTC - RP6 - Removed SUPERAntiSpyware Free Edition
5: 2008-09-04 10:04:30 UTC - RP5 - Software Distribution Service 3.0
4: 2008-09-03 08:11:05 UTC - RP4 - Installed ImageRescue3


-- First Restore Point --
1: 2008-09-02 07:31:41 UTC - RP1 - Punto di arresto del sistema


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 504 MiB (512 MiB recommended).


-- HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10.31.04, on 05/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\netdde.exe
C:\Programmi\Aclient\AClient.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programmi\PrevxCSI\prevxcsi.exe
C:\Programmi\PrevxCSI\prevxcsi.exe
C:\Programmi\Symantec AntiVirus\DefWatch.exe
C:\Programmi\Executive Software\DiskeeperLite\DKService.exe
C:\WINDOWS\system32\LckFldService.exe
C:\Programmi\Symantec AntiVirus\SavRoam.exe
C:\Programmi\PK\PKLOGO\PKLOGO.exe
C:\Documents and Settings\Administrator\Documenti\JCM archivio-old\wincm\wincmm\MIX\RUDY - Utility\PC problemi\win_care\Sblocco PRG\Unlocker\UnlockerAssistant.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ssoftsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Programmi\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe
C:\Programmi\UPHClean\uphclean.exe
C:\Programmi\Canon\CAL\CALMAIN.exe
C:\Programmi\Brother\ControlCenter2\brctrcen.exe
C:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Programmi\Aclient\AClntUsr.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\ATnotes\ATnotes.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Thoosje Sidebar V2.0\Thoosje Sidebar .exe
C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmi\NetMeter\NetMeter.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\Programmi\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\keepass\KeePass.exe
C:\Programmi\Microsoft Office\Office10\WINWORD.EXE
C:\Documents and Settings\Administrator\Desktop\dss.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\DOCUME~1\ADMINI~1\DOCUME~1\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pchange.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.forospyware.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://server:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Programmi\IE7Pro\IE7Pro.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Programmi\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [PKLOGO] C:\Programmi\PK\PKLOGO\PKLOGO.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Documents and Settings\Administrator\Documenti\JCM archivio-old\wincm\wincmm\MIX\RUDY - Utility\PC problemi\win_care\Sblocco PRG\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PTHOSTTR] C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Collegamento alla pagina delle proprietà di High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Programmi\Brother\Brmfl04g\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programmi\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [AClntUsr] C:\Programmi\Aclient\AClntUsr.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ATnotes.exe] C:\Programmi\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FILECO~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\SSUPDATE.EXE Software\SUPERAntiSpyware.com\SUPERAntiSpyware
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Thoosje Sidebar .lnk = C:\Programmi\Thoosje Sidebar V2.0\Thoosje Sidebar .exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Programmi\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Programmi\IE7Pro\IE7Pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Popup Blocker - {0D555BC6-E331-48b3-A60E-AAC0DF79438A} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Popup Blocker - {0D555BC6-E331-48b3-A60E-AAC0DF79438A} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O12 - Plugin for .spop: C:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1197378717812
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1197378775875
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197378566359
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://iw2bsf.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = change.pchange.com
O17 - HKLM\Software\..\Telephony: DomainName = change.pchange.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = change.pchange.com
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Altiris Client Service (AClient) - Altiris, Inc. - C:\Programmi\Aclient\AClient.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
O23 - Service: BlueSoleil Hid Service - IVT Corporation - (no file)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmi\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: CSIScanner - Prevx - C:\Programmi\PrevxCSI\prevxcsi.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Programmi\Symantec AntiVirus\DefWatch.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Programmi\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmi\HPQ\Shared\hpqwmi.exe
O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDSched.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Programmi\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Programmi\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Programmi\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Cryptainer service (ssoftservice) - Cypherix - C:\WINDOWS\SYSTEM32\ssoftsrv.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Programmi\Symantec AntiVirus\Rtvscan.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/ADMINI~1/IMPOST~1/Temp/msohtml1/01/clip_image002.gif

--
End of file - 11551 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 BootScreen - c:\windows\\systemroot\system32\drivers\vidstub.sys (file missing)
R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil(c)>
R0 giveio - c:\windows\system32\giveio.sys
R0 hotcore2 - c:\windows\system32\drivers\hotcore2.sys <Not Verified; Paragon Software Group; HotBackup>
R0 pxark - c:\windows\system32\drivers\pxark.sys <Not Verified; Prevx; Prevx CSI>
R0 snapman (Acronis Snapshots Manager) - c:\windows\system32\drivers\snapman.sys <Not Verified; Acronis; Acronis Snapshot API>
R0 speedfan - c:\windows\system32\speedfan.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R0 timounter (Acronis TrueImage Backup Archive Explorer) - c:\windows\system32\drivers\timntr.sys <Not Verified; Acronis; Acronis True Image>
R1 oreans32 - c:\windows\system32\drivers\oreans32.sys
R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
R1 VClone - c:\windows\system32\drivers\vclone.sys <Not Verified; Elaborate Bytes AG; Virtual CloneDrive>
R2 cvintdrv - c:\windows\system32\drivers\cvintdrv.sys
R2 PDRJNDL - c:\programmi\dekart\privat~1\pdrjndl.sys <Not Verified; Dekart; Dekart Private Disk>
R2 PRVDISK - c:\programmi\dekart\privat~1\prvdisk.sys <Not Verified; Dekart; Dekart Private Disk>
R2 ssoftnt4 - c:\windows\system32\drivers\ssoftnt4.sys
R2 tifsfilter (Acronis TrueImage FS Filter) - c:\windows\system32\drivers\tifsfilt.sys <Not Verified; Acronis; TrueImage>
R3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows (R) 2000 DDK driver>
R3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil>
R3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys
R3 mbr - c:\docume~1\admini~1\impost~1\temp\mbr.sys (file missing)
R3 Pcouffin (Low level access layer for CD devices) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>
R3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>

S3 ASPI (Advanced SCSI Programming Interface Driver) - c:\windows\system32\drivers\aspi32.sys <Not Verified; Adaptec; Adaptec's ASPI Layer>
S3 aswArKrn - c:\docume~1\admini~1\impost~1\temp\aswarkrn.sys (file missing)
S3 BTCOMM - c:\windows\system32\drivers\btcomm.sys (file missing)
S3 Btcsrusb (Bluetooth USB For Bluetooth Service) - c:\windows\system32\drivers\btcusb.sys <Not Verified; IVT Corporation; Bluetooth USB Device Driver>
S3 BTKRNBDG (Bluetooth COM Bridge) - c:\windows\system32\drivers\btkrnbdg.sys (file missing)
S3 BTNetFilter (Bluetooth Network Filter) - c:\windows\system32\drivers\btnetfilter.sys
S3 CSRBC01 (%CSRBC01.SvcDesc%) - c:\windows\system32\drivers\csrbc01.sys (file missing)
S3 ENTECH - c:\windows\system32\drivers\entech.sys <Not Verified; EnTech Taiwan; PowerStrip>
S3 MEMSWEEP2 - c:\windows\system32\35c.tmp (file missing)
S3 PORTMON - c:\programmi\process xp\prtmon\portmsys.sys (file missing)
S3 TVICHW32 - c:\windows\system32\drivers\tvichw32.sys <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>
S3 TVICPORT - c:\windows\system32\drivers\tvicport.sys
S3 usbser (JCM) - c:\windows\system32\drivers\usbser.sys (file missing)
S3 vad_multi (Windigo Virtual Audio Device (WDM)) - c:\windows\system32\drivers\vadmulti.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AClient (Altiris Client Service) - c:\programmi\aclient\aclient.exe -service <Not Verified; Altiris, Inc.; Altiris Client Agent for Windows>
R2 AcrSch2Svc (Acronis Scheduler2 Service) - "c:\programmi\file comuni\acronis\schedule2\schedul2.exe" <Not Verified; Acronis; Acronis Scheduler 2>
R2 CCALib8 (Canon Camera Access Library 8) - c:\programmi\canon\cal\calmain.exe <Not Verified; Canon Inc.; >
R2 Diskeeper - "c:\programmi\executive software\diskeeperlite\dkservice.exe" <Not Verified; Executive Software International, Inc.; Diskeeper (TM) Disk Defragmenter>
R2 ssoftservice (Cryptainer service) - ssoftsrv.exe <Not Verified; Cypherix; Cryptainer>
R2 UPHClean (User Profile Hive Cleanup) - c:\programmi\uphclean\uphclean.exe <Not Verified; Microsoft Corporation; User Profile Hive Cleanup Service>

S2 BlueSoleil Hid Service -
S2 LckFldService - c:\windows\system32\lckfldservice.exe <Not Verified; ; LckFldService>
S2 PDSched (PDScheduler) - c:\programmi\raxco\perfectdisk\pdsched.exe <Not Verified; Raxco Software, Inc.; PDSched Module>
S3 hpqwmi (HP WMI Interface) - c:\programmi\hpq\shared\hpqwmi.exe <Not Verified; Hewlett-Packard Development Company, L.P.; hpqwmi Module>
S3 NBService - c:\programmi\nero\nero 7\nero backitup\nbservice.exe


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Windigo Virtual Audio Device (WDM)
Device ID: ROOT\MEDIA\0001
Manufacturer: Windigo BT Audio
Name: Windigo Virtual Audio Device (WDM)
PNP Device ID: ROOT\MEDIA\0001
Service: vad_multi


-- Scheduled Tasks -------------------------------------------------------------

2008-09-05 08:51:05 322 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2008-09-04 15:23:00 278 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
2008-09-04 14:09:05 430 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{AE980DC5-9652-47BF-9250-A6E76BE01534}.job
2007-11-09 16:04:20 392 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job


-- Files created between 2008-08-05 and 2008-09-05 -----------------------------

2008-09-04 17:55:52 0 d--hs---- C:\Documents and Settings\Administrator\Recent
2008-09-04 16:05:54 0 d-------- C:\Programmi\RogueRemover FREE
2008-09-04 15:46:52 0 d-------- C:\Documents and Settings\Administrator\DoctorWeb
2008-09-04 11:51:16 0 d-------- C:\gmer-LOG
2008-09-04 11:40:15 17408 --a------ C:\WINDOWS\system32\drivers\pxark.sys <Not Verified; Prevx; Prevx CSI>
2008-09-04 11:40:12 0 d-------- C:\Programmi\PrevxCSI
2008-09-03 10:11:07 0 d-------- C:\Programmi\LexarMedia
2008-09-03 08:53:51 0 d-------- C:\Programmi\URL2JPEG
2008-09-02 17:29:35 0 d-------- C:\Programmi\MP3Gain
2008-09-02 17:22:55 66048 --a------ C:\mbr.exe
2008-09-02 09:43:38 0 d-------- C:\Programmi\SUPERAntiSpyware
2008-09-01 08:55:46 0 d-------- C:\Programmi\keepass


-- Find3M Report ---------------------------------------------------------------

2008-09-05 08:33:38 0 d-------- C:\Programmi\Symantec AntiVirus
2008-09-04 17:57:27 12 --a------ C:\WINDOWS\bthservsdp.dat
2008-09-04 17:28:10 0 d-------- C:\Programmi\File comuni\Wise Installation Wizard
2008-09-02 09:43:38 0 d-------- C:\Documents and Settings\Administrator\Dati applicazioni\SUPERAntiSpyware.com
2008-07-24 15:45:44 0 d-------- C:\Programmi\AxBx
2008-07-23 14:46:05 0 d-------- C:\Documents and Settings\Administrator\Dati applicazioni\Transcend
2008-07-18 10:22:19 0 d-------- C:\Programmi\StorageCrypt v2.0
2008-07-18 08:30:26 0 d-------- C:\Programmi\Aclient
2008-07-16 09:36:23 0 d-------- C:\Documents and Settings\Administrator\Dati applicazioni\TrueCrypt
2008-07-15 17:43:09 0 d-------- C:\Programmi\Dekart
2008-07-15 11:15:43 33 --a------ C:\AClient.dat
2008-07-09 16:26:34 0 d-------- C:\Programmi\SpeedFan
2008-07-09 09:00:26 0 d-------- C:\Programmi\Network Stumbler
2008-06-24 17:31:48 2793566 --a------ C:\WINDOWS\system32\Nastro-saver-cal.scr
2008-06-24 17:31:14 2785136 --a------ C:\WINDOWS\system32\Nastro-saver.scr
2008-06-17 15:12:50 471128 --a------ C:\WINDOWS\system32\perfh010.dat
2008-06-17 15:12:50 82936 --a------ C:\WINDOWS\system32\perfc010.dat
2008-06-10 18:11:25 552 --a------ C:\WINDOWS\system32\d3d8caps.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PKLOGO"="C:\Programmi\PK\PKLOGO\PKLOGO.exe" [07/04/2004 21.25]
"UnlockerAssistant"="C:\Documents and Settings\Administrator\Documenti\JCM archivio-old\wincm\wincmm\MIX\RUDY - Utility\PC problemi\win_care\Sblocco PRG\Unlocker\UnlockerAssistant.exe" [06/05/2006 15.29]
"ccApp"="C:\Programmi\File comuni\Symantec Shared\ccApp.exe" [22/04/2004 13.38]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [22/04/2004 13.46]
"RTHDCPL"="RTHDCPL.EXE" [08/03/2005 14.26 C:\WINDOWS\RTHDCPL.EXE]
"PTHOSTTR"="C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.exe" [04/10/2005 16.23]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [05/04/2005 16.23]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [05/04/2005 16.22]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [05/04/2005 16.19]
"Collegamento alla pagina delle proprietà di High Definition Audio"="HDAShCut.exe" [07/01/2005 19.07 C:\WINDOWS\system32\hdashcut.exe]
"PaperPort PTD"="C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe" [10/03/2004 12.04]
"IndexSearch"="C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe" [10/03/2004 12.19]
"SetDefPrt"="C:\Programmi\Brother\Brmfl04g\BrStDvPt.exe" [11/11/2004 17.14]
"ControlCenter2.0"="C:\Programmi\Brother\ControlCenter2\brctrcen.exe" [07/01/2005 17.30]
"VirtualCloneDrive"="C:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [29/04/2006 15.21]
"AClntUsr"="C:\Programmi\Aclient\AClntUsr.EXE" [05/09/2008 08.30]
"QuickTime Task"="C:\Programmi\QuickTime\qttask.exe" [28/08/2006 10.04]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATnotes.exe"="C:\Programmi\ATnotes\ATnotes.exe" [05/01/2005 15.45]
"Update Service"="C:\PROGRA~1\FILECO~1\TEKNUM~1\update.exe" [16/05/2006 11.58]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [19/08/2004 09.00]
"SUPERAntiSpyware"="C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\SSUPDATE.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" -t

C:\Documents and Settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica\
Thoosje Sidebar .lnk - C:\Programmi\Thoosje Sidebar V2.0\Thoosje Sidebar .exe [19/06/2007 15.24.52]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoBandCustomize"=0 (0x0)
"NoMovingBands"=0 (0x0)
"NoCloseDragDropBands"=0 (0x0)
"NoSetTaskbar"=0 (0x0)
"NoToolbarsOnTaskbar"=0 (0x0)
"NoSaveSettings"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Programmi\Windows Desktop Search\MSNLNamespaceMgr.dll [26/05/2008 22.19 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmi\SUPERAntiSpyware\SASSEH.DLL [13/05/2008 10.13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmi\SUPERAntiSpyware\SASWINLO.dll 23/07/2008 16.28 352256 C:\Programmi\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Microsoft Office.lnk]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Sonic CinePlayer Quick Launch.lnk]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^WinZip Quick Pick.lnk]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetRefresh]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UMWdf"=2 (0x2)
"DcomLaunch"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ

*Newly Created Service* - SASKUTIL



-- End of Deckard's System Scanner: finished at 2008-09-05 10:32:03 ------------
Top
Profilo Invia messaggio privato
Riverside
Ban a tempo indeterminato
Ban a tempo indeterminato


Registrato: 29/02/08 22:32
Messaggi: 4396
Residenza: Riverside House
MessaggioInviato: 05 Set 2008 11:09    Oggetto: Rispondi citando
A parte che non si capisce per quale ragione pubblichi questi log, ti riesce difficile aprire un post e proseguire in quello?? attuamente, hai ben tre discussioni aperte, spiegami a che serve Think
Top
Profilo Invia messaggio privato
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 06 Set 2008 08:07    Oggetto: Rispondi
Concordo con quanto ti ha già fatto notare Riverside.

Giusto per capirci qualcosa:
  • Questa discussione a quale pc si riferisce?
    pc al lavoro o pc di casa?
  • Perché hai postato il log di Deckard SystemScan?

Dovresti, per cortesia, seguire le istruzioni che ti vengono date man mano che si procede e attendere pazientemente l'intervento di un esperto.

Ti ringrazio per la collaborazione.
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 2 ore
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi