PcPrimiPassi.it - informatica facile per tutti, home page
PcPrimiPassi.it - informatica facile per tutti, home page


  Topic AttiviTopic Attivi  Visualizza lista dei Membri del ForumLista Membri  CalendarioCalendario  Ricerca nel ForumCerca  AiutoAiuto    RegistratiRegistrati  LoginLogin

Infezioni informatiche e Sicurezza informatica in generale

 PcPrimiPassi.it FORUMSICUREZZA INFORMATICAInfezioni informatiche e Sicurezza informatica in generale


Icona di Messaggio

Topic: altro PC INFETTO....




maui852000
Principiante Principiante
maui852000
Principiante Principiante
maui852000
Principiante
Principiante

Avatar generico


Iscritto dal : 28/Marzo/2005
Status: Offline
Posts: 19
Riporta il testo di: maui852000 Rispondibullet Topic: Post n° 61.783 - Postato: 25/Ottobre/2006 alle 20:38


vi posto il log di hijackthis...vi prego dateci no sguardo che è un periodo che con MSN girano solo Virus..

Logfile of HijackThis v1.99.1
Scan saved at 20.37.26, on 25/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Programmi\ewido anti-malware\ewidoctrl.exe
C:\Programmi\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\Programmi\UltraVNC\winvnc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
D:\scaricati MSN\MsgPlus.exe
C:\WINDOWS\vsnpstd.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\Winamp\winampa.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\Creative\ShareDLL\CtNotify.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\Creative\ShareDLL\MediaDet.Exe
C:\Programmi\Creative\SBLive\AudioHQ\AHQTB.EXE
C:\Programmi\Creative\SBLive\Program\CTAvTray.EXE
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmi\iTunes\iTunesHelper.exe
D:\Programmi\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\iPod\bin\iPodService.exe
D:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\Marco\IMPOST~1\Temp\Rar$EX01.890\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {7104484C-4E95-FD90-B587-8B64FFA047EF} - C:\WINDOWS\lycpt1.dll (file missing)
O4 - HKLM\..\Run: [MessengerPlus3] "D:\scaricati MSN\MsgPlus.exe"
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [nod32kui] C:\Programmi\Eset\nod32kui.exe /WAITSERVICE
O4 - HKLM\..\Run: [Disc Detector] C:\Programmi\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [AHQInit] C:\Programmi\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [AudioHQ] C:\Programmi\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [CTAvTray] C:\Programmi\Creative\SBLive\Program\CTAvTray.EXE
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [CTAVTray] C:\Programmi\Creative\SBLive\Program\CTAvStub.EXE EAX.AVI
O4 - HKCU\..\Run: [Skype] "D:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "C:\Programmi\CCleaner\ccleaner.exe" /AUTO
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: www.hastalavista.it
O15 - Trusted Zone: www.pornoaccesso.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient. cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.ca b
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSn iff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://marcolino1985roma.spaces.live.com//PhotoUpload/MsnPUp ld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/ en/x86/client/wuweb_site.cab?1116011443485
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/ cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.tren dmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.ca b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloade r.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31 267.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Programmi\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Programmi\Eset\nod32krn.exe
O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - D:\Programmi\UltraVNC\winvnc.exe" -service (file missing)




maui852000
Principiante Principiante
maui852000
Principiante Principiante
maui852000
Principiante
Principiante

Avatar generico


Iscritto dal : 28/Marzo/2005
Status: Offline
Posts: 19
Riporta il testo di: maui852000 Rispondibullet Topic: Post n° 61.815 - Postato: 26/Ottobre/2006 alle 13:58


vi prego aiutatemi....


lucas
Esperto Esperto
lucas
Esperto Esperto
lucas
Esperto
Esperto

Avatar

Security Advisor

Iscritto dal : 14/Aprile/2005
Da: Italy
Status: Offline
Posts: 6.715
Riporta il testo di: lucas Rispondibullet Topic: Post n° 61.819 - Postato: 26/Ottobre/2006 alle 15:35


Esegui le stesse operazioni che ti ho indicato nel topic che hai precedentemente aperto,ciao


maui852000
Principiante Principiante
maui852000
Principiante Principiante
maui852000
Principiante
Principiante

Avatar generico


Iscritto dal : 28/Marzo/2005
Status: Offline
Posts: 19
Riporta il testo di: maui852000 Rispondibullet Topic: Post n° 61.820 - Postato: 26/Ottobre/2006 alle 15:56


questo è il log di combofix:

Marco - 06-10-25 20:25:15.82    Service Pack 2

ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Marco\Desktop"

 

((((((((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

 

 

C:\Programmi\File comuni\Yazzle1122OinAdmin.exe

C:\Programmi\File comuni\Yazzle1122OinUninstaller.exe

C:\Programmi\PrintView

C:\Programmi\File comuni\{3068AF3A-0AF0-1040-0430-040501110 027}

C:\Programmi\File comuni\{C068AF3A-0AF0-1040-0430-040501110 027}

 

 ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~    Purity    ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

 

Folders Quarantined:

 

C:\QooBox\Purity\Documents and Settings\Marco\Documenti\RACLE~1

C:\QooBox\Purity\Documents and Settings\Marco\Documenti\YSTEM~1

C:\QooBox\Purity\Documents and Settings\Marco\Documenti\YSTEM~1\explorer.exe

C:\QooBox\Purity\Documents and Settings\Marco\Documenti\YSTEM~1\?ystem

C:\QooBox\Purity\Programmi\ICROSO~1.NET

C:\QooBox\Purity\WINDOWS\DOBE~1

 

 

(((((((((((((((((((((((((((((((   Files Created from 2006-09-25 to 2006-10-25  ))))))))))))))))))))))))))))))))))

 

 

2006-10-25     19:56   3,968   --a------          C:\WINDOWS\system32\drivers\AvgAsCln.sys

2006-10-21     10:07   178,408           --a------          C:\WINDOWS\system32\muweb.dll

2006-10-21     10:07   128,744           --a------          C:\WINDOWS\system32\mucltui.dll

2006-10-20     18:54   28,672 --a------          C:\WINDOWS\system32\drivers\CO_Mon.sys

2006-10-20     18:33   2          --a------          C:\WINDOWS\system32\wnstsit.exe

2006-10-20     18:22   107,747           --a------          C:\WINDOWS\system32\drv.exe

2006-10-20     18:21   155,267           --a------          C:\WINDOWS\system32\two.exe

2006-09-25     17:22   306,688           --a------          C:\WINDOWS\IsUninst.exe

2006-09-25     17:21   212,480           --a------          C:\WINDOWS\system32\PCDLIB32.DLL

2006-09-25     17:19   115,790           --a------          C:\WINDOWS\system32\drivers\MR97310v.sys

2006-09-25     16:24   5,504   --a------          C:\WINDOWS\system32\drivers\MSTEE.sys

2006-09-25     16:24   19,328 --a------          C:\WINDOWS\system32\drivers\WSTCODEC.SYS

2006-09-25     16:24   15,360 --a------          C:\WINDOWS\system32\drivers\StreamIP.sys

2006-09-25     16:24   11,136 --a------          C:\WINDOWS\system32\drivers\SLIP.sys

2006-09-25     16:24   10,880 --a------          C:\WINDOWS\system32\drivers\NdisIP.sys

2006-09-25     16:23   85,376 --a------          C:\WINDOWS\system32\drivers\NABTSFEC.sys

2006-09-25     16:23   54,784 --a------          C:\WINDOWS\system32\vfwwdm32.dll

2006-09-25     16:23   17,024 --a------          C:\WINDOWS\system32\drivers\CCDECODE.sys

2006-09-25     16:13   61,440 --a------          C:\WINDOWS\system32\mr310ifv.dll

2006-09-25     16:13   49,152 --a------          C:\WINDOWS\system32\mr310exv.dll

2006-09-25     16:13   352,256           --a------          C:\WINDOWS\system32\ijl15.dll

2006-09-25     16:13   28,672 --a------          C:\WINDOWS\system32\mr310exd.dll

2006-09-25     16:13   205,824           --a------          C:\WINDOWS\system32\Vic32.dll

2006-09-25     16:13   135,168           --a------          C:\WINDOWS\system32\mr310ipv.dll

2006-09-25     15:26   516,096           ---------          C:\WINDOWS\system32\ati2sgag.exe

2006-09-25     15:22   307,200           -ra------          C:\WINDOWS\system32\atiiiexx.dll

 

 

((((((((((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))))        

 

 

2006-10-25 20:28       --------              d--------          C:\Programmi\File comuni

2006-10-25 19:56       --------              d--------          C:\Programmi\Grisoft

2006-10-25 19:30       --------              d--------          C:\Programmi\Mozilla Firefox

2006-10-25 18:24       --------              d--------          C:\Programmi\eMule

2006-10-23 14:50       --------              d--------          C:\Programmi\SpywareBlaster

2006-10-21 18:15       11214  --ahs----          C:\WINDOWS\system32\KGyGaAvL.sys

2006-10-21 11:42       --------              d--------          C:\Programmi\MSXML 4.0

2006-10-20 20:49       --------              d--------          C:\Documents and Settings\Marco\Dati applicazioni\Sun

2006-10-20 20:47       --------              d--------          C:\Programmi\Java

2006-10-20 20:45       --------              d--------          C:\Programmi\File comuni\Java

2006-10-20 20:39       --------              d--------          C:\Documents and Settings\Marco\Dati applicazioni\Talkback

2006-10-20 20:38       --------              d--------          C:\Documents and Settings\Marco\Dati applicazioni\Mozilla

2006-10-20 20:35       --------              d--------          C:\Programmi\Google

2006-10-20 19:04       --------              d--------          C:\Programmi\Lavasoft

2006-10-20 19:04       --------              d--------          C:\Documents and Settings\Marco\Dati applicazioni\Lavasoft

2006-10-20 18:28       --------              d--------          C:\Programmi\MSN Messenger

2006-10-17 19:09       --------              d--------          C:\Documents and Settings\Marco\Dati applicazioni\AdobeUM

2006-10-15 14:50       --------              d--------          C:\Documents and Settings\Marco\Dati applicazioni\Google

2006-10-11 15:31       1002    --a------          C:\Documents and Settings\Marco\Dati applicazioni\AdobeDLM.log

2006-10-11 15:31       0          --a------          C:\Documents and Settings\Marco\Dati applicazioni\dm.ini

2006-10-11 15:31       --------              d--------          C:\Programmi\Adobe

2006-10-11 15:24       --------              d--------          C:\Programmi\File comuni\Adobe

2006-10-11 15:24       --------              d--------          C:\Documents and Settings\Marco\Dati applicazioni\Adobe

2006-09-25 17:22       --------              d--------          C:\Programmi\MGI

2006-09-25 17:19       --------              d--------          C:\Programmi\DC505

2006-09-25 15:27       --------              d--------          C:\Programmi\Internet Explorer

2006-09-25 15:26       --------              d--h-----         C:\Programmi\InstallShield Installation Information

2006-09-25 15:26       --------              d--------          C:\Programmi\ATI Technologies

2006-09-13 07:03       1084416          --a------          C:\WINDOWS\system32\msxml3.dll

2006-09-12 17:51       1245184          --a------          C:\WINDOWS\system32\msxml4.dll

2006-08-25 17:51       617472              --a------          C:\WINDOWS\system32\comctl32.dll

2006-08-21 14:26       16896  --a------          C:\WINDOWS\system32\fltlib.dll

2006-08-21 11:14       23040  --a------          C:\WINDOWS\system32\fltmc.exe

2006-08-16 13:59       100352              --a------          C:\WINDOWS\system32\6to4svc.dll

2006-07-29 19:32       48936  --a------          C:\WINDOWS\system32\sirenacm.dll

2006-07-27 15:25       679424              --a------          C:\WINDOWS\system32\inetcomm.dll

 

 

((((((((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))

 

*Note* empty entries are not shown

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"

"LDM"="C:\\Programmi\\Logitech\\Desktop Messenger\\8876480\ \Program\\LogitechDesktopMessenger.exe"

"MsnMsgr"="\"C:\\Programmi\\MSN Messenger\\MsnMsgr.Exe\" /background"

"Aid"="C:\\Documents and Settings\\Marco\\Documenti\\?racle\\w?wexec.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"SiS Windows KeyHook"="C:\\WINDOWS\\system32\\keyhook.exe"

"SiSUSBRG"="C:\\WINDOWS\\SiSUSBrg.exe"

"Smapp"="C:\\Programmi\\Analog Devices\\SoundMAX\\SMTray.ex e"

"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"

"nod32kui"="\"C:\\Programmi\\Eset\\nod32kui.exe\" /WAITSERV ICE"

"CnxDslTaskBar"="C:\\Programmi\\Conexant\\AccessRunner ADSL \\CnxDslTb.exe"

"zBrowser Launcher"="C:\\Programmi\\Logitech\\iTouch\\iTouc h.exe"

"Logitech Utility"="Logi_MwX.Exe"

"Ulead AutoDetector"="C:\\Programmi\\Ulead Systems\\Ulead Photo Explorer 8.0 SE Basic\\Monitor.exe"

"PinnacleDriverCheck"="C:\\WINDOWS\\system32\\PSDrvCheck.exe -CheckReg"

"WinampAgent"="C:\\Programmi\\Winamp\\winampa.exe"

"DAEMON Tools-1033"="\"C:\\Programmi\\D-Tools\\daemon.exe\"  -lang 1033"

"awxDTools"="rundll32 C:\\PROGRA~1\\arniWORX\\AWXDTO~1\\awx DTools.dll,awxRegisterDll /r /s"

"SunJavaUpdateSched"="C:\\Programmi\\Java\\jre1.5.0_06\\bin\ \jusched.exe"

"!AVG Anti-Spyware"="\"C:\\Programmi\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]

"Installed"="1"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]

"Installed"="1"

"NoChange"="1"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]

"Installed"="1"

 

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]

"DeskHtmlVersion"=dword:00000110

"DeskHtmlMinorVersion"=dword:00000005

"Settings"=dword:00000001

"GeneralFlags"=dword:00000001

 

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="Pagina iniziale corrente"

"Flags"=dword:00000002

"Position"=hex:2c,00,00,00,a0,00,00,00,00,00,00,00,80,02,00, 00,3a,02,00,00,00,\

  00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00, 00,00,00

"CurrentState"=hex:04,00,00,40

"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00, ff,ff,ff,ff,ff,ff,\

  ff,ff,04,00,00,00

"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00, a4,00,00,00,9a,00,\

  00,00,01,00,00,00

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

 

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]

"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Precaricatore Bro wseui"

"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Daemon di cache delle categorie di componenti"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"dontdisplaylastusername"=dword:00000000

"legalnoticecaption"=""

"legalnoticetext"=""

"shutdownwithoutlogon"=dword:00000001

"undockwithoutlogon"=dword:00000001

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]

"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"

"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"

"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"

"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]    

"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

 

 

Contents of the 'Scheduled Tasks' folder

C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job

 

Completion time: 06-10-25 20:31:29.29

C:\ComboFix.txt ... 06-10-25 20:31

C:\ComboFix2.txt ... 06-10-25 20:23




maui852000
Principiante Principiante
maui852000
Principiante Principiante
maui852000
Principiante
Principiante

Avatar generico


Iscritto dal : 28/Marzo/2005
Status: Offline
Posts: 19
Riporta il testo di: maui852000 Rispondibullet Topic: Post n° 61.821 - Postato: 26/Ottobre/2006 alle 15:56


[è dell'altra discussione scusaaaa


lucas
Esperto Esperto
lucas
Esperto Esperto
lucas
Esperto
Esperto

Avatar

Security Advisor

Iscritto dal : 14/Aprile/2005
Da: Italy
Status: Offline
Posts: 6.715
Riporta il testo di: lucas Rispondibullet Topic: Post n° 61.825 - Postato: 26/Ottobre/2006 alle 16:31


i log è ugualr all'altro non potevi continuare su 1 solo?ciao


maui852000
Principiante Principiante
maui852000
Principiante Principiante
maui852000
Principiante
Principiante

Avatar generico


Iscritto dal : 28/Marzo/2005
Status: Offline
Posts: 19
Riporta il testo di: maui852000 Rispondibullet Topic: Post n° 61.826 - Postato: 26/Ottobre/2006 alle 16:35


questo log è dell'altra discussione ho sbagliato a postarlo anzi se puoi cancellarlo fallo...questo log appartiene al'altra discussione a breve ti posto il log di questa...e grazie ancora!




Rispondi con Editor completo Nuova Discussione

Versione stampabile Versione stampabile


TI E' PIACIUTO QUESTO CONTENUTO ?
Suggerisci questa pagina
Suggerisci questa pagina
Supporta il nostro lavoro
Supporta il nostro lavoro
<b>Non perderti nessuno dei nostri contenuti!</b><br><br>Iscriviti alle Newsletters di aggiornamento periodico.
Iscriviti ora alla newsletter!


Vai al Forum
Non puoi postare nuovi topic in questo forum
Non puoi rispondere ai topic in questo forum
Non puoi cancellare i tuoi post in questo forum
Non puoi modificare i tuoi post in questo forum
Non puoi creare sondaggi in questo forum
Non puoi votare i sondaggi in questo forum

Bulletin Board Software by Web Wiz Forums version PcPrimiPassi
Copyright ©2001-2006 Web Wiz Guide

Questa pagina è stata generata in 0,066 secondi.

Sostienici

Versione 5.7 Sviluppata da Stefano Ravagni