Mic87xp1
25-01-2010, 13:03
Salve a tutti ragazzi, volevo chiedervi un parere riguardo un problema del mio portatile. Non sapendo se si tratta di virus o meno, ho pensato di scrivere in questa sezione.
Durante l'avvio del computer, mentre stà caricando le applicazioni in basso a destra, improvvisamente il computer, dopo aver caricato Windows Live Messeger, si blocca.
Dopo un minuto il computer riprende a funzionare e continua a caricare i rimanenti programmi.
La cosa strana è che non si freeza, però se cerco di aprire un qualsiasi programma non succede nulla, sempre in quell'intervallo di tempo.
Secondo voi da cosa può dipendere?
Stò seguendo passo passo la guida alla disinfestazione che c'è sul forum e sono arrivato ad Atf-Cleaner.
Fino a questo punto non ho avuto nessun problema.
Volevo chiedervi, ma devo installarli tutti i programmi elencati sotto? Intendo Malwarebytes ecc..
ciao
il fatto che il pc sia lento all'avvio può essere per svariati motivi ma non necessariamente perchè infetto
seguire la guida non guasterà di certo, anzì imparerai magari qualcosa in più in fatto di sicurezza
ovviamente devi installare tutti i programmi consigliatie a fine guida vedrai che per alcuni di essi sarà consigliato di tenerli installati
Mic87xp1
30-01-2010, 10:51
Ok ho finito con i test che avete messo sulla guida. Effettivamente qualche virus c'era. Ora sembra che non ci siano virus, però Windows ancora si blocca per un minuto all'avvio e poi riprende.
Ho aggiornato Windows fino all'ultimo aggiornamento, ho fatto pure qualche aggiornamento facoltativo ma niente.
Non so più che fare( a parte formattare).
Vi allego i log dei risultati.
a-squad free
a-squared Free - Version 4.5
Last update: 27/01/2010 23.01.00
Scan settings:
Scan type: Deep Scan
Objects: Memory, Traces, Cookies, C:\, D:\
Scan archives: On
Heuristics: Off
ADS Scan: On
Scan start: 28/01/2010 11.10.10
[3152] C:\Programmi\Internet Download Manager\IDMan.exe detected: Trojan.Generic!IK
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1263681022218000 detected: Trace.TrackingCookie.doubleclick.net!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1263681022578000 detected: Trace.TrackingCookie.tribalfusion.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1263681025343000 detected: Trace.TrackingCookie.tribalfusion.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1263681025343001 detected: Trace.TrackingCookie.tribalfusion.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1263681025343002 detected: Trace.TrackingCookie.tribalfusion.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1263681025343003 detected: Trace.TrackingCookie.tribalfusion.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1263681025343004 detected: Trace.TrackingCookie.tribalfusion.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1263681056828000 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1263681056828002 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1263894032125001 detected: Trace.TrackingCookie.adserv!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1263984229921000 detected: Trace.TrackingCookie.m.webtrends.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1264200423125001 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1264418482671000 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1264418483328000 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1264418483328001 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1264418487265002 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1264418522859002 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Michele\Dati applicazioni\Mozilla\Firefox\Profiles\r8tdutwg.default\cookies.sqlite:1264418532140000 detected: Trace.TrackingCookie.track.adform.net!A2
C:\Documents and Settings\Michele\Documenti\Download\eMule\Incoming\(Apps) Xilisoft Audio Converter 2.1.43.1229 (Convert Between Mp3, m4A, Wav, Wma, Mp4, Mp2, Vqf, Ape, Ogg, Aac And Flac) & Key Gen(1).rar/x-mp3-wav-converter.exe detected: Riskware.FraudTool.Win32.SpywareDetector!IK
C:\Documents and Settings\Michele\Documenti\Download\eMule\Incoming\(Apps) Xilisoft Audio Converter 2.1.43.1229 (Convert between MP3, M4A, WAV, WMA, MP4, MP2, VQF, APE, OGG, AAC and FLAC) & Key Gen.rar/x-mp3-wav-converter.exe detected: Riskware.FraudTool.Win32.SpywareDetector!IK
C:\Documents and Settings\Michele\Documenti\Download\eMule\Incoming\Programma - Xilisoft Audio Converter 2.1.43.1229 (Convert between MP3, M4A, WAV, WMA, MP4, MP2, VQF, APE, OGG, AAC and FLAC) & Key Gen.rar/x-mp3-wav-converter.exe detected: Riskware.FraudTool.Win32.SpywareDetector!IK
C:\Documents and Settings\Michele\Documenti\Download\eMule\Incoming\Seriale - Attivazione - Crack - Adobe Photoshop CS2 v9.0 ITA.rar/keygen.exe detected: Riskware.Keygen.Adobe!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\Adobe.Photoshop.CS2.v9.0.German.Incl.Keymaker.READ.NFO-AGAiN.ZIP/keymaker.exe detected: Riskware.Keygen.Adobe!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\Adobe.Photoshop.CS2.v9.0.Incl.Keygen.READ.NFO-SSG.ZIP/keygen.exe detected: Riskware.Hacktool.Keygen.Adobe!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\Adobe_Photoshop_CS2_Tryout_to_Full_Activation.zip/OS-Adobe_CS2_KeyGen_Tryout_to_Full.exe detected: Riskware.Hacktool.Keygen.Adobe!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\DVDFab.Platinum.v5.2.3.2.Final.Multilenguaje.Incl.Unlock.Pack.rar/DVDFab5Crack.ExE detected: Riskware.Patch.DVDFab!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\DVDFab.Platinum.v5.2.3.2.Final.Multilenguaje.Incl.Unlock.Pack.rar/universal.dvdfab.platinum.5-patch.2.2.exe detected: Riskware.Hacktool.Patch.DVDFab!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\flash liteon ix15.rar/JungleFlasher.exe detected: Trojan.Win32.Obfuscated!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\flash liteon ix15.rar/PortIO32.exe detected: Trojan.SuspectCRC!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\Hyperionics.HyperCam.v2.13.1.Cracked-F4CG.rar/Patch.exe detected: Riskware.patch.HyperCAM!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\mirc 633 ita.zip/mirc.exe detected: Riskware.Client-IRC.Win32.mIRC!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\OPPv1.6R3_PCFORUM89.zip/Keygen.exe detected: Riskware.Hacktool.Keygen.office2007!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\TMPGEnc DVD Author 3 With DivX Authoring v3.1.1.174.rar/Key Generator.exe detected: Trojan.Win32.Obfuscated!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\Total.Video.Converter.v3.14.Incl.Medicina-By.CARGOHE.LmZ.rar/Patch.exe detected: Riskware.Hacktool.Patch.tvc310!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\Total.Video.Converter.v3.14.zip/Patch.exe detected: Riskware.Hacktool.Patch.tvc310!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\TuneUp Utilities 2008 7.0.7991.rar/TU2008 Keymaker.exe detected: Riskware.Keygen.tuneup2008!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\Ultra.MP4.Video.Converter.v3.9.Build.1120.Incl.Keygen.rar/keygen.exe detected: Backdoor.Win32.Rbot!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\xbins.zip/xbins.exe detected: Riskware.Hacktool.XBins!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Compressed\xbins_2.zip/xbins.exe detected: Riskware.Hacktool.XBins!IK
C:\Documents and Settings\Michele\Documenti\Downloads\Programs\ProgDVB6.30Std.exe detected: Trojan.IRC.Backdoor.SdBot4!IK
C:\Documents and Settings\Michele\Impostazioni locali\Temp\OnlineScanner\updates\aquawin32\jpeg.xmd detected: HTML.Infected!IK
C:\downloads\Nuovo WinRAR archive.rar/keygen.exe detected: Riskware.Keygen.Adobe!IK
C:\downloads\Sony Vegas Pro 9 - Keygen + Istruzioni.rar/Keygen.exe detected: possible-Threat.Patch.SoundForge!IK
C:\Programmi\Acronis\TrueImageHome\acronis.patch.exe detected: Riskware.Patch.Acronis!IK
C:\Programmi\UlisesSoft\nodlogin.exe detected: Riskware.Hacktool.Eset!IK
C:\xbox\ixtreme_1.5_samsung.rar/JungleFlasher.exe detected: Trojan.Win32.Obfuscated!IK
C:\xbox\ixtreme_1.5_samsung.rar/PortIO32.exe detected: Trojan.SuspectCRC!IK
C:\xbox\ixtreme_1.5_samsung2.rar/JungleFlasher.exe detected: Trojan.Win32.Obfuscated!IK
C:\xbox\ixtreme_1.5_samsung2.rar/PortIO32.exe detected: Trojan.SuspectCRC!IK
Scanned
Files: 419172
Traces: 663720
Cookies: 322
Processes: 70
Found
Files: 59
Traces: 0
Cookies: 19
Processes: 1
Registry keys: 0
Scan end: 28/01/2010 12.04.17
Scan time: 0:54:07
Malwarebyte
Malwarebytes' Anti-Malware 1.44
Versione del database: 3641
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
26/01/2010 21.12.39
mbam-log-2010-01-26 (21-12-39).txt
Tipo di scansione: Scansione completa (C:\|D:\|)
Elementi scansionati: 197379
Tempo trascorso: 27 minute(s), 34 second(s)
Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 1
Cartelle infette: 0
File infetti: 4
Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)
Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)
Chiavi di registro infette:
(Nessun elemento malevolo rilevato)
Valori di registro infetti:
(Nessun elemento malevolo rilevato)
Elementi dato del registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Cartelle infette:
(Nessun elemento malevolo rilevato)
File infetti:
C:\Documents and Settings\Michele\Desktop\desktop\Cartelle e file vari\TuneUp2008_ITA.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michele\Documenti\Downloads\Programs\ECBarre_V_01.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\pcsx22\plugins\PadSSSPSX.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\xbox\xbins.exe (HackTool.IRCBrute) -> Quarantined and deleted successfully.
hjthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18.57.43, on 28/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmi\ATKGFNEX\GFNEXSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\ESET\ESET Smart Security\ekrn.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\Programmi\ATK Hotkey\Hcontrol.exe
C:\Programmi\ATKOSD2\ATKOSD2.exe
C:\Programmi\Wireless Console 2\wcourier.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\system32\ASUSTPE.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmi\ASUS\Splendid\ACMON.exe
C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe
C:\Programmi\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Programmi\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe
C:\Programmi\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Programmi\File comuni\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Programmi\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Internet Download Manager\IDMan.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Programmi\ATK Hotkey\ATKOSD.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Programmi\ATK Hotkey\WDC.exe
C:\Programmi\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Programmi\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\StkCSrv.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Internet Download Manager\IEMonitor.exe
C:\Programmi\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Documents and Settings\Michele\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michele\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michele\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michele\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michele\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michele\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michele\Desktop\Nuova cartella (7)\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Programmi\Internet Download Manager\IDMIECC.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programmi\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Programmi\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Programmi\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Programmi\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Programmi\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ACMON] "C:\Programmi\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [Power_Gear] C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Programmi\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Programmi\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Programmi\File comuni\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [egui] "C:\Programmi\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Michele\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [IDMan] C:\Programmi\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Download all links with IDM - C:\Programmi\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Programmi\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Programmi\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263669878000
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1264284270750
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} (RIM AxLoader) - http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{127F09D7-1E15-4524-9AB0-8D566166F449}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: OneCard - C:\Programmi\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\DOCUMENTS AND SETTINGS\MICHELE\DESKTOP\NUOVA CARTELLA (7)\a2service.exe (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Programmi\ATKGFNEX\GFNEXSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Programmi\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Programmi\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: spmgr - Unknown owner - C:\Programmi\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkCSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 13479 bytes
i log caricati sui server remoti, grazie
meglio wikisend o fileqube :)
vBulletin® v3.6.4, Copyright ©2000-2025, Jelsoft Enterprises Ltd.