Radmaster
20-04-2007, 15:57
ragazzi come faccio a liberarmi di sto adware o quello ke è...nn so esattamente cosa sia,ma si ricrea!
View Full Version : inetget2
Bugs Bunny
20-04-2007, 16:01
:mbe:
fai una scansione con avg antispyware dopo aver disabilitato ripristino conf di sys
fai una scansione con avg antispyware dopo aver disabilitato ripristino conf di sys
Radmaster
20-04-2007, 17:11
:mbe:
fai una scansione con avg antispyware dopo aver disabilitato ripristino conf di sys
bugs sono un niubbo in questo campo...maledetti virus...mi dici dove posso disabilitare il ripristino?
fai una scansione con avg antispyware dopo aver disabilitato ripristino conf di sys
bugs sono un niubbo in questo campo...maledetti virus...mi dici dove posso disabilitare il ripristino?
Tidus Strife
20-04-2007, 17:37
bugs sono un niubbo in questo campo...maledetti virus...mi dici dove posso disabilitare il ripristino?
Tasto destro su risorse del computer - Proprietà
Tab "Ripristino configurazione di sistema"
Spunta "Disattiva ripristino configurazione di sistema su tutte le unità"
OK
Tasto destro su risorse del computer - Proprietà
Tab "Ripristino configurazione di sistema"
Spunta "Disattiva ripristino configurazione di sistema su tutte le unità"
OK
wizard1993
20-04-2007, 18:09
e poi usa questo fix altrimenti non fai un tubo
http://www.techsupportforum.com/sectools/combofix.exe
http://www.techsupportforum.com/sectools/combofix.exe
Radmaster
20-04-2007, 19:06
cosa serve combofix???
ho lasciato scannare e mi ha aperto un log...
ma qual'è il suo compito precisamente?
ho lasciato scannare e mi ha aperto un log...
ma qual'è il suo compito precisamente?
wizard1993
21-04-2007, 19:07
togliere il tuo virus
Radmaster
21-04-2007, 20:13
fa tutto da solo???
io l'ho lasciato fare ma sembrava troppo facile xkè avesse quarantenato il "maledetto"!
io l'ho lasciato fare ma sembrava troppo facile xkè avesse quarantenato il "maledetto"!
wizard1993
22-04-2007, 09:34
te posta il log che ti ha dato; e ti dico subito se ha fatto
Radmaster
22-04-2007, 11:09
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\qoobox\purity\C\DOCUME~1
C:\qoobox\purity\C\DOCUME~1\bb
C:\qoobox\purity\C\DOCUME~1\bb\DATIAP~1
C:\qoobox\purity\C\DOCUME~1\bb\DATIAP~1\SSTEM~1
C:\qoobox\purity\C\WINDOWS\system32\CURITY~1
C:\qoobox\purity\C\WINDOWS\system32\CURITY~1\??curity
((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\nm
-------\Windows Log
-------\LEGACY_WINDOWS_LOG
((((((((((((((((((((((((((((((( Files Created from 2007-03-20 to 2007-04-20 ))))))))))))))))))))))))))))))))))
2007-04-20 17:00 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-04-16 19:08 <DIR> d-------- C:\Programmi\iTunes
2007-04-16 19:06 <DIR> d-------- C:\Programmi\QuickTime
2007-04-15 14:11 <DIR> d-------- C:\Programmi\Windows Defender
2007-04-15 11:14 <DIR> d-------- C:\Programmi\Windows Live Safety Center
2007-04-06 14:05 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-04-06 14:05 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2007-04-06 14:05 66,560 --a------ C:\WINDOWS\MOTA113.exe
2007-04-06 14:05 502,784 --a------ C:\WINDOWS\x2.64.exe
2007-04-06 14:05 471,552 --a------ C:\WINDOWS\system32\Smab.dll
2007-04-06 14:05 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2007-04-06 14:05 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2007-04-06 14:05 217,073 --a------ C:\WINDOWS\meta4.exe
2007-04-06 14:04 31,232 -r-hs---- C:\WINDOWS\system32\msfDX.dll
2007-04-06 14:04 163,328 -r-hs---- C:\WINDOWS\system32\flvDX.dll
2007-04-06 14:04 <DIR> d-------- C:\Programmi\eRightSoft
2007-03-30 13:25 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2007-03-30 12:59 <DIR> d-------- C:\DOCUME~1\bb\DATIAP~1\Screenshot Sender
2007-03-22 16:36 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-03-22 14:05 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE
2007-03-22 13:57 <DIR> d-------- C:\Programmi\SUPERAntiSpyware
2007-03-22 13:57 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATIAP~1\SUPERAntiSpyware.com
2007-03-22 13:57 <DIR> d-------- C:\DOCUME~1\bb\DATIAP~1\SUPERAntiSpyware.com
2007-03-22 13:56 <DIR> d-------- C:\Programmi\File comuni\Wise Installation Wizard
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-04-20 14:46 718602 --a------ C:\WINDOWS\system32\perfh010.dat
2007-04-20 14:46 160754 --a------ C:\WINDOWS\system32\perfc010.dat
2007-04-18 21:22 -------- d-------- C:\Programmi\emule
2007-04-16 19:08 -------- d-------- C:\Programmi\ipod
2007-03-30 13:31 -------- d-------- C:\Programmi\msn messenger
2007-03-30 12:59 -------- d-------- C:\Programmi\messenger plus! live
2007-03-22 17:11 -------- d-------- C:\Programmi\multimedia card reader
2007-03-22 17:07 -------- d-------- C:\Programmi\google
2007-03-19 16:13 -------- d-------- C:\Programmi\red kawa
2007-03-17 15:44 293376 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-08 17:37 578560 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 17:37 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 17:37 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 17:33 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-02-05 22:19 185344 --a------ C:\WINDOWS\system32\upnphost.dll
2007-01-22 18:08 532 --a------ C:\WINDOWS\ereg.dat
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Programmi\Java\jre1.6.0\bin\ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} c:\programmi\google\googletoolbar2.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Smapp"="C:\\Programmi\\Analog Devices\\SoundMAX\\SMTray.exe"
"InCD"="C:\\Programmi\\Ahead\\InCD\\InCD.exe"
"HP Software Update"="\"C:\\Programmi\\HP\\HP Software Update\\HPWuSchd2.exe\""
"SsAAD.exe"="C:\\PROGRA~1\\Sony\\SONICS~1\\SsAAD.exe"
"SMSERIAL"="sm56hlpr.exe"
"DataLayer"="C:\\Programmi\\File comuni\\PCSuite\\DataLayer\\DataLayer.exe"
"PCSuiteTrayApplication"="C:\\Programmi\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -onlytray"
"Sunkist2k"="C:\\Programmi\\Multimedia Card Reader\\shwicon2k.exe"
"ATICCC"="\"C:\\Programmi\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
"SunJavaUpdateSched"="\"C:\\Programmi\\Java\\jre1.6.0\\bin\\jusched.exe\""
"Motive SmartBridge"="C:\\PROGRA~1\\ALICET~1\\SMARTB~1\\MotiveSB.exe"
"Windows Defender"="\"C:\\Programmi\\Windows Defender\\MSASCui.exe\" -hide"
"QuickTime Task"="\"C:\\Programmi\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Programmi\\iTunes\\iTunesHelper.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"!AVG Anti-Spyware"="\"C:\\Programmi\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Programmi\\MSN Messenger\\MsnMsgr.Exe\" /background"
"swg"="C:\\Programmi\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
"SUPERAntiSpyware"="C:\\Programmi\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"
"Raps"="\"C:\\WINDOWS\\system32\\CURITY~1\\attrib.exe\" -vt ndrv"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="\"C:\\PROGRA~1\\FILECO~1\\MICROS~1\\DW\\dwtrig20.exe\" -t"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="ShellExecuteHook antimalware di Microsoft"
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Programmi\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Programmi\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDVDServ"
"hkey"="HKLM"
"command"="\"C:\\Programmi\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_AVG_ANTI-SPYWARE_DRIVER
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_AVG_ANTI-SPYWARE_GUARD
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Quick Scan.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
********************************************************************
catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
********************************************************************
Completion time: 07-04-20 19.03.32
C:\ComboFix-quarantined-files.txt ... 07-04-20 19:03
Folders Quarantined:
C:\qoobox\purity\C\DOCUME~1
C:\qoobox\purity\C\DOCUME~1\bb
C:\qoobox\purity\C\DOCUME~1\bb\DATIAP~1
C:\qoobox\purity\C\DOCUME~1\bb\DATIAP~1\SSTEM~1
C:\qoobox\purity\C\WINDOWS\system32\CURITY~1
C:\qoobox\purity\C\WINDOWS\system32\CURITY~1\??curity
((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\nm
-------\Windows Log
-------\LEGACY_WINDOWS_LOG
((((((((((((((((((((((((((((((( Files Created from 2007-03-20 to 2007-04-20 ))))))))))))))))))))))))))))))))))
2007-04-20 17:00 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-04-16 19:08 <DIR> d-------- C:\Programmi\iTunes
2007-04-16 19:06 <DIR> d-------- C:\Programmi\QuickTime
2007-04-15 14:11 <DIR> d-------- C:\Programmi\Windows Defender
2007-04-15 11:14 <DIR> d-------- C:\Programmi\Windows Live Safety Center
2007-04-06 14:05 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-04-06 14:05 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2007-04-06 14:05 66,560 --a------ C:\WINDOWS\MOTA113.exe
2007-04-06 14:05 502,784 --a------ C:\WINDOWS\x2.64.exe
2007-04-06 14:05 471,552 --a------ C:\WINDOWS\system32\Smab.dll
2007-04-06 14:05 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2007-04-06 14:05 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2007-04-06 14:05 217,073 --a------ C:\WINDOWS\meta4.exe
2007-04-06 14:04 31,232 -r-hs---- C:\WINDOWS\system32\msfDX.dll
2007-04-06 14:04 163,328 -r-hs---- C:\WINDOWS\system32\flvDX.dll
2007-04-06 14:04 <DIR> d-------- C:\Programmi\eRightSoft
2007-03-30 13:25 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2007-03-30 12:59 <DIR> d-------- C:\DOCUME~1\bb\DATIAP~1\Screenshot Sender
2007-03-22 16:36 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-03-22 14:05 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE
2007-03-22 13:57 <DIR> d-------- C:\Programmi\SUPERAntiSpyware
2007-03-22 13:57 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATIAP~1\SUPERAntiSpyware.com
2007-03-22 13:57 <DIR> d-------- C:\DOCUME~1\bb\DATIAP~1\SUPERAntiSpyware.com
2007-03-22 13:56 <DIR> d-------- C:\Programmi\File comuni\Wise Installation Wizard
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-04-20 14:46 718602 --a------ C:\WINDOWS\system32\perfh010.dat
2007-04-20 14:46 160754 --a------ C:\WINDOWS\system32\perfc010.dat
2007-04-18 21:22 -------- d-------- C:\Programmi\emule
2007-04-16 19:08 -------- d-------- C:\Programmi\ipod
2007-03-30 13:31 -------- d-------- C:\Programmi\msn messenger
2007-03-30 12:59 -------- d-------- C:\Programmi\messenger plus! live
2007-03-22 17:11 -------- d-------- C:\Programmi\multimedia card reader
2007-03-22 17:07 -------- d-------- C:\Programmi\google
2007-03-19 16:13 -------- d-------- C:\Programmi\red kawa
2007-03-17 15:44 293376 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-08 17:37 578560 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 17:37 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 17:37 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 17:33 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-02-05 22:19 185344 --a------ C:\WINDOWS\system32\upnphost.dll
2007-01-22 18:08 532 --a------ C:\WINDOWS\ereg.dat
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Programmi\Java\jre1.6.0\bin\ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} c:\programmi\google\googletoolbar2.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Smapp"="C:\\Programmi\\Analog Devices\\SoundMAX\\SMTray.exe"
"InCD"="C:\\Programmi\\Ahead\\InCD\\InCD.exe"
"HP Software Update"="\"C:\\Programmi\\HP\\HP Software Update\\HPWuSchd2.exe\""
"SsAAD.exe"="C:\\PROGRA~1\\Sony\\SONICS~1\\SsAAD.exe"
"SMSERIAL"="sm56hlpr.exe"
"DataLayer"="C:\\Programmi\\File comuni\\PCSuite\\DataLayer\\DataLayer.exe"
"PCSuiteTrayApplication"="C:\\Programmi\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -onlytray"
"Sunkist2k"="C:\\Programmi\\Multimedia Card Reader\\shwicon2k.exe"
"ATICCC"="\"C:\\Programmi\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
"SunJavaUpdateSched"="\"C:\\Programmi\\Java\\jre1.6.0\\bin\\jusched.exe\""
"Motive SmartBridge"="C:\\PROGRA~1\\ALICET~1\\SMARTB~1\\MotiveSB.exe"
"Windows Defender"="\"C:\\Programmi\\Windows Defender\\MSASCui.exe\" -hide"
"QuickTime Task"="\"C:\\Programmi\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Programmi\\iTunes\\iTunesHelper.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"!AVG Anti-Spyware"="\"C:\\Programmi\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Programmi\\MSN Messenger\\MsnMsgr.Exe\" /background"
"swg"="C:\\Programmi\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
"SUPERAntiSpyware"="C:\\Programmi\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"
"Raps"="\"C:\\WINDOWS\\system32\\CURITY~1\\attrib.exe\" -vt ndrv"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="\"C:\\PROGRA~1\\FILECO~1\\MICROS~1\\DW\\dwtrig20.exe\" -t"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="ShellExecuteHook antimalware di Microsoft"
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Programmi\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Programmi\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDVDServ"
"hkey"="HKLM"
"command"="\"C:\\Programmi\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_AVG_ANTI-SPYWARE_DRIVER
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_AVG_ANTI-SPYWARE_GUARD
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Quick Scan.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
********************************************************************
catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
********************************************************************
Completion time: 07-04-20 19.03.32
C:\ComboFix-quarantined-files.txt ... 07-04-20 19:03
wizard1993
22-04-2007, 14:04
hai ancora problemi?
Radmaster
22-04-2007, 14:53
no...almeno sembra di no...
wizard1993
22-04-2007, 15:48
sono felice di dirti che sei pulito
Radmaster
22-04-2007, 21:18
grande wizard,tidus e bugs...cmq mi ero preso un virus ke mi riempiva la RAM e mi si bloccava tutto!!!
avg antispyware è la soluzione definitiva...gli altri antispyware me ne individuavano la metà e nn li cancellavano del tutto!
avg antispyware è la soluzione definitiva...gli altri antispyware me ne individuavano la metà e nn li cancellavano del tutto!
wizard1993
23-04-2007, 13:27
è risaputo che avg antispyware è molto potente
vBulletin® v3.6.4, Copyright ©2000-2025, Jelsoft Enterprises Ltd.