inetget2

Radmaster · 20-04-2007, 15:57

ragazzi come faccio a liberarmi di sto adware o quello ke è...nn so esattamente cosa sia,ma si ricrea!

Bugs Bunny · 20-04-2007, 16:01

fai una scansione con avg antispyware dopo aver disabilitato ripristino conf di sys

Radmaster · 20-04-2007, 17:11

Quote:

Originariamente inviato da Bugs Bunny

fai una scansione con avg antispyware dopo aver disabilitato ripristino conf di sys

bugs sono un niubbo in questo campo...maledetti virus...mi dici dove posso disabilitare il ripristino?

Tidus Strife · 20-04-2007, 17:37

Quote:

Originariamente inviato da Radmaster

bugs sono un niubbo in questo campo...maledetti virus...mi dici dove posso disabilitare il ripristino?

Tasto destro su risorse del computer - Proprietà
Tab "Ripristino configurazione di sistema"
Spunta "Disattiva ripristino configurazione di sistema su tutte le unità"
OK

wizard1993 · 20-04-2007, 18:09

e poi usa questo fix altrimenti non fai un tubo
http://www.techsupportforum.com/sectools/combofix.exe

Radmaster · 20-04-2007, 19:06

cosa serve combofix???

ho lasciato scannare e mi ha aperto un log...

ma qual'è il suo compito precisamente?

wizard1993 · 21-04-2007, 19:07

togliere il tuo virus

Radmaster · 21-04-2007, 20:13

fa tutto da solo???

io l'ho lasciato fare ma sembrava troppo facile xkè avesse quarantenato il "maledetto"!

wizard1993 · 22-04-2007, 09:34

te posta il log che ti ha dato; e ti dico subito se ha fatto

Radmaster · 22-04-2007, 11:09

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\qoobox\purity\C\DOCUME~1
C:\qoobox\purity\C\DOCUME~1\bb
C:\qoobox\purity\C\DOCUME~1\bb\DATIAP~1
C:\qoobox\purity\C\DOCUME~1\bb\DATIAP~1\SSTEM~1
C:\qoobox\purity\C\WINDOWS\system32\CURITY~1
C:\qoobox\purity\C\WINDOWS\system32\CURITY~1\??curity

((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

-------\nm
-------\Windows Log
-------\LEGACY_WINDOWS_LOG

((((((((((((((((((((((((((((((( Files Created from 2007-03-20 to 2007-04-20 ))))))))))))))))))))))))))))))))))

2007-04-20 17:00 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-04-16 19:08 <DIR> d-------- C:\Programmi\iTunes
2007-04-16 19:06 <DIR> d-------- C:\Programmi\QuickTime
2007-04-15 14:11 <DIR> d-------- C:\Programmi\Windows Defender
2007-04-15 11:14 <DIR> d-------- C:\Programmi\Windows Live Safety Center
2007-04-06 14:05 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-04-06 14:05 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2007-04-06 14:05 66,560 --a------ C:\WINDOWS\MOTA113.exe
2007-04-06 14:05 502,784 --a------ C:\WINDOWS\x2.64.exe
2007-04-06 14:05 471,552 --a------ C:\WINDOWS\system32\Smab.dll
2007-04-06 14:05 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2007-04-06 14:05 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2007-04-06 14:05 217,073 --a------ C:\WINDOWS\meta4.exe
2007-04-06 14:04 31,232 -r-hs---- C:\WINDOWS\system32\msfDX.dll
2007-04-06 14:04 163,328 -r-hs---- C:\WINDOWS\system32\flvDX.dll
2007-04-06 14:04 <DIR> d-------- C:\Programmi\eRightSoft
2007-03-30 13:25 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2007-03-30 12:59 <DIR> d-------- C:\DOCUME~1\bb\DATIAP~1\Screenshot Sender
2007-03-22 16:36 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-03-22 14:05 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE
2007-03-22 13:57 <DIR> d-------- C:\Programmi\SUPERAntiSpyware
2007-03-22 13:57 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATIAP~1\SUPERAntiSpyware.com
2007-03-22 13:57 <DIR> d-------- C:\DOCUME~1\bb\DATIAP~1\SUPERAntiSpyware.com
2007-03-22 13:56 <DIR> d-------- C:\Programmi\File comuni\Wise Installation Wizard

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-04-20 14:46 718602 --a------ C:\WINDOWS\system32\perfh010.dat
2007-04-20 14:46 160754 --a------ C:\WINDOWS\system32\perfc010.dat
2007-04-18 21:22 -------- d-------- C:\Programmi\emule
2007-04-16 19:08 -------- d-------- C:\Programmi\ipod
2007-03-30 13:31 -------- d-------- C:\Programmi\msn messenger
2007-03-30 12:59 -------- d-------- C:\Programmi\messenger plus! live
2007-03-22 17:11 -------- d-------- C:\Programmi\multimedia card reader
2007-03-22 17:07 -------- d-------- C:\Programmi\google
2007-03-19 16:13 -------- d-------- C:\Programmi\red kawa
2007-03-17 15:44 293376 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-08 17:37 578560 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 17:37 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 17:37 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 17:33 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-02-05 22:19 185344 --a------ C:\WINDOWS\system32\upnphost.dll
2007-01-22 18:08 532 --a------ C:\WINDOWS\ereg.dat

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Programmi\Java\jre1.6.0\bin\ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} c:\programmi\google\googletoolbar2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Smapp"="C:\\Programmi\\Analog Devices\\SoundMAX\\SMTray.exe"
"InCD"="C:\\Programmi\\Ahead\\InCD\\InCD.exe"
"HP Software Update"="\"C:\\Programmi\\HP\\HP Software Update\\HPWuSchd2.exe\""
"SsAAD.exe"="C:\\PROGRA~1\\Sony\\SONICS~1\\SsAAD.exe"
"SMSERIAL"="sm56hlpr.exe"
"DataLayer"="C:\\Programmi\\File comuni\\PCSuite\\DataLayer\\DataLayer.exe"
"PCSuiteTrayApplication"="C:\\Programmi\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -onlytray"
"Sunkist2k"="C:\\Programmi\\Multimedia Card Reader\\shwicon2k.exe"
"ATICCC"="\"C:\\Programmi\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
"SunJavaUpdateSched"="\"C:\\Programmi\\Java\\jre1.6.0\\bin\\jusched.exe\""
"Motive SmartBridge"="C:\\PROGRA~1\\ALICET~1\\SMARTB~1\\MotiveSB.exe"
"Windows Defender"="\"C:\\Programmi\\Windows Defender\\MSASCui.exe\" -hide"
"QuickTime Task"="\"C:\\Programmi\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Programmi\\iTunes\\iTunesHelper.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"!AVG Anti-Spyware"="\"C:\\Programmi\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Programmi\\MSN Messenger\\MsnMsgr.Exe\" /background"
"swg"="C:\\Programmi\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
"SUPERAntiSpyware"="C:\\Programmi\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"
"Raps"="\"C:\\WINDOWS\\system32\\CURITY~1\\attrib.exe\" -vt ndrv"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="\"C:\\PROGRA~1\\FILECO~1\\MICROS~1\\DW\\dwtrig20.exe\" -t"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="ShellExecuteHook antimalware di Microsoft"
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Programmi\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Programmi\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDVDServ"
"hkey"="HKLM"
"command"="\"C:\\Programmi\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_AVG_ANTI-SPYWARE_DRIVER
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_AVG_ANTI-SPYWARE_GUARD

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Quick Scan.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

********************************************************************

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-04-20 19.03.32
C:\ComboFix-quarantined-files.txt ... 07-04-20 19:03

wizard1993 · 22-04-2007, 14:04

hai ancora problemi?

Radmaster · 22-04-2007, 14:53

no...almeno sembra di no...

wizard1993 · 22-04-2007, 15:48

sono felice di dirti che sei pulito

Radmaster · 22-04-2007, 21:18

grande wizard,tidus e bugs...cmq mi ero preso un virus ke mi riempiva la RAM e mi si bloccava tutto!!!

avg antispyware è la soluzione definitiva...gli altri antispyware me ne individuavano la metà e nn li cancellavano del tutto!

wizard1993 · 23-04-2007, 13:27

è risaputo che avg antispyware è molto potente

20-04-2007, 15:57	#1
Radmaster Senior Member Iscritto dal: Sep 2006 Messaggi: 321	inetget2 ragazzi come faccio a liberarmi di sto adware o quello ke è...nn so esattamente cosa sia,ma si ricrea!

20-04-2007, 16:01	#2
Bugs Bunny Senior Member Iscritto dal: Aug 2005 Città: Genova Messaggi: 3397	fai una scansione con avg antispyware dopo aver disabilitato ripristino conf di sys __________________ Rimozione Worm/Rootkit Bagle - Rimozione Trojan Vundo - Rimozione virus MSN Messenger -Rimozione virus su chiavetta o errori di file mancante all'apertura del disco fisso - NT AUTHORITY SYSTEM spegne il pc ad ogni avvio. Cosa fare?(worm sasser/blaster/rustock) - Thread Ufficiale firewall software

20-04-2007, 18:09	#5
wizard1993 Senior Member Iscritto dal: Apr 2006 Messaggi: 22462	e poi usa questo fix altrimenti non fai un tubo http://www.techsupportforum.com/sectools/combofix.exe __________________ amd a64x2 4400+ sk939;asus a8n-sli; 2x1gb ddr400; x850 crossfire; 2 x western digital abys 320gb\|\| asus g1 Se striscia fulmina, se svolazza l'ammazza

21-04-2007, 19:07	#7
wizard1993 Senior Member Iscritto dal: Apr 2006 Messaggi: 22462	togliere il tuo virus __________________ amd a64x2 4400+ sk939;asus a8n-sli; 2x1gb ddr400; x850 crossfire; 2 x western digital abys 320gb\|\| asus g1 Se striscia fulmina, se svolazza l'ammazza

22-04-2007, 09:34	#9
wizard1993 Senior Member Iscritto dal: Apr 2006 Messaggi: 22462	te posta il log che ti ha dato; e ti dico subito se ha fatto __________________ amd a64x2 4400+ sk939;asus a8n-sli; 2x1gb ddr400; x850 crossfire; 2 x western digital abys 320gb\|\| asus g1 Se striscia fulmina, se svolazza l'ammazza

20-04-2007, 19:06	#6
Radmaster Senior Member Iscritto dal: Sep 2006 Messaggi: 321	cosa serve combofix??? ho lasciato scannare e mi ha aperto un log... ma qual'è il suo compito precisamente?

21-04-2007, 20:13	#8
Radmaster Senior Member Iscritto dal: Sep 2006 Messaggi: 321	fa tutto da solo??? io l'ho lasciato fare ma sembrava troppo facile xkè avesse quarantenato il "maledetto"!

22-04-2007, 11:09	#10
Radmaster Senior Member Iscritto dal: Sep 2006 Messaggi: 321	~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Folders Quarantined: C:\qoobox\purity\C\DOCUME~1 C:\qoobox\purity\C\DOCUME~1\bb C:\qoobox\purity\C\DOCUME~1\bb\DATIAP~1 C:\qoobox\purity\C\DOCUME~1\bb\DATIAP~1\SSTEM~1 C:\qoobox\purity\C\WINDOWS\system32\CURITY~1 C:\qoobox\purity\C\WINDOWS\system32\CURITY~1\??curity ((((((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) -------\nm -------\Windows Log -------\LEGACY_WINDOWS_LOG ((((((((((((((((((((((((((((((( Files Created from 2007-03-20 to 2007-04-20 )))))))))))))))))))))))))))))))))) 2007-04-20 17:00 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-04-16 19:08 <DIR> d-------- C:\Programmi\iTunes 2007-04-16 19:06 <DIR> d-------- C:\Programmi\QuickTime 2007-04-15 14:11 <DIR> d-------- C:\Programmi\Windows Defender 2007-04-15 11:14 <DIR> d-------- C:\Programmi\Windows Live Safety Center 2007-04-06 14:05 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll 2007-04-06 14:05 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll 2007-04-06 14:05 66,560 --a------ C:\WINDOWS\MOTA113.exe 2007-04-06 14:05 502,784 --a------ C:\WINDOWS\x2.64.exe 2007-04-06 14:05 471,552 --a------ C:\WINDOWS\system32\Smab.dll 2007-04-06 14:05 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll 2007-04-06 14:05 240,128 --a------ C:\WINDOWS\system32\x.264.exe 2007-04-06 14:05 217,073 --a------ C:\WINDOWS\meta4.exe 2007-04-06 14:04 31,232 -r-hs---- C:\WINDOWS\system32\msfDX.dll 2007-04-06 14:04 163,328 -r-hs---- C:\WINDOWS\system32\flvDX.dll 2007-04-06 14:04 <DIR> d-------- C:\Programmi\eRightSoft 2007-03-30 13:25 <DIR> d-------- C:\WINDOWS\SxsCaPendDel 2007-03-30 12:59 <DIR> d-------- C:\DOCUME~1\bb\DATIAP~1\Screenshot Sender 2007-03-22 16:36 <DIR> d-------- C:\WINDOWS\system32\ActiveScan 2007-03-22 14:05 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE 2007-03-22 13:57 <DIR> d-------- C:\Programmi\SUPERAntiSpyware 2007-03-22 13:57 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATIAP~1\SUPERAntiSpyware.com 2007-03-22 13:57 <DIR> d-------- C:\DOCUME~1\bb\DATIAP~1\SUPERAntiSpyware.com 2007-03-22 13:56 <DIR> d-------- C:\Programmi\File comuni\Wise Installation Wizard (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-04-20 14:46 718602 --a------ C:\WINDOWS\system32\perfh010.dat 2007-04-20 14:46 160754 --a------ C:\WINDOWS\system32\perfc010.dat 2007-04-18 21:22 -------- d-------- C:\Programmi\emule 2007-04-16 19:08 -------- d-------- C:\Programmi\ipod 2007-03-30 13:31 -------- d-------- C:\Programmi\msn messenger 2007-03-30 12:59 -------- d-------- C:\Programmi\messenger plus! live 2007-03-22 17:11 -------- d-------- C:\Programmi\multimedia card reader 2007-03-22 17:07 -------- d-------- C:\Programmi\google 2007-03-19 16:13 -------- d-------- C:\Programmi\red kawa 2007-03-17 15:44 293376 --a------ C:\WINDOWS\system32\winsrv.dll 2007-03-08 17:37 578560 --a------ C:\WINDOWS\system32\user32.dll 2007-03-08 17:37 40960 --a------ C:\WINDOWS\system32\mf3216.dll 2007-03-08 17:37 281600 --a------ C:\WINDOWS\system32\gdi32.dll 2007-03-08 17:33 1843584 --a------ C:\WINDOWS\system32\win32k.sys 2007-02-05 22:19 185344 --a------ C:\WINDOWS\system32\upnphost.dll 2007-01-22 18:08 532 --a------ C:\WINDOWS\ereg.dat (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Programmi\Java\jre1.6.0\bin\ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} c:\programmi\google\googletoolbar2.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "Smapp"="C:\\Programmi\\Analog Devices\\SoundMAX\\SMTray.exe" "InCD"="C:\\Programmi\\Ahead\\InCD\\InCD.exe" "HP Software Update"="\"C:\\Programmi\\HP\\HP Software Update\\HPWuSchd2.exe\"" "SsAAD.exe"="C:\\PROGRA~1\\Sony\\SONICS~1\\SsAAD.exe" "SMSERIAL"="sm56hlpr.exe" "DataLayer"="C:\\Programmi\\File comuni\\PCSuite\\DataLayer\\DataLayer.exe" "PCSuiteTrayApplication"="C:\\Programmi\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -onlytray" "Sunkist2k"="C:\\Programmi\\Multimedia Card Reader\\shwicon2k.exe" "ATICCC"="\"C:\\Programmi\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay" "SunJavaUpdateSched"="\"C:\\Programmi\\Java\\jre1.6.0\\bin\\jusched.exe\"" "Motive SmartBridge"="C:\\PROGRA~1\\ALICET~1\\SMARTB~1\\MotiveSB.exe" "Windows Defender"="\"C:\\Programmi\\Windows Defender\\MSASCui.exe\" -hide" "QuickTime Task"="\"C:\\Programmi\\QuickTime\\qttask.exe\" -atboottime" "iTunesHelper"="\"C:\\Programmi\\iTunes\\iTunesHelper.exe\"" "AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP" "!AVG Anti-Spyware"="\"C:\\Programmi\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "MsnMsgr"="\"C:\\Programmi\\MSN Messenger\\MsnMsgr.Exe\" /background" "swg"="C:\\Programmi\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe" "SUPERAntiSpyware"="C:\\Programmi\\SUPERAntiSpyware\\SUPERAntiSpyware.exe" "Raps"="\"C:\\WINDOWS\\system32\\CURITY~1\\attrib.exe\" -vt ndrv" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "DWQueuedReporting"="\"C:\\PROGRA~1\\FILECO~1\\MICROS~1\\DW\\dwtrig20.exe\" -t" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="" "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="ShellExecuteHook antimalware di Microsoft" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages REG_MULTI_SZ msv1_0\0\0 Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages REG_MULTI_SZ scecli\0\0 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Programmi\\iTunes\\iTunesHelper.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Programmi\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PDVDServ" "hkey"="HKLM" "command"="\"C:\\Programmi\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="jusched" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 newlycreated - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_AVG_ANTI-SPYWARE_DRIVER newlycreated - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_AVG_ANTI-SPYWARE_GUARD Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\MP Scheduled Quick Scan.job C:\WINDOWS\tasks\MP Scheduled Scan.job ****************************************************************** catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ****************************************************************** Completion time: 07-04-20 19.03.32 C:\ComboFix-quarantined-files.txt ... 07-04-20 19:03

22-04-2007, 14:04	#11
wizard1993 Senior Member Iscritto dal: Apr 2006 Messaggi: 22462	hai ancora problemi? __________________ amd a64x2 4400+ sk939;asus a8n-sli; 2x1gb ddr400; x850 crossfire; 2 x western digital abys 320gb\|\| asus g1 Se striscia fulmina, se svolazza l'ammazza

22-04-2007, 14:53	#12
Radmaster Senior Member Iscritto dal: Sep 2006 Messaggi: 321	no...almeno sembra di no...

22-04-2007, 15:48	#13
wizard1993 Senior Member Iscritto dal: Apr 2006 Messaggi: 22462	sono felice di dirti che sei pulito __________________ amd a64x2 4400+ sk939;asus a8n-sli; 2x1gb ddr400; x850 crossfire; 2 x western digital abys 320gb\|\| asus g1 Se striscia fulmina, se svolazza l'ammazza

22-04-2007, 21:18	#14
Radmaster Senior Member Iscritto dal: Sep 2006 Messaggi: 321	grande wizard,tidus e bugs...cmq mi ero preso un virus ke mi riempiva la RAM e mi si bloccava tutto!!! avg antispyware è la soluzione definitiva...gli altri antispyware me ne individuavano la metà e nn li cancellavano del tutto!

23-04-2007, 13:27	#15
wizard1993 Senior Member Iscritto dal: Apr 2006 Messaggi: 22462	è risaputo che avg antispyware è molto potente __________________ amd a64x2 4400+ sk939;asus a8n-sli; 2x1gb ddr400; x850 crossfire; 2 x western digital abys 320gb\|\| asus g1 Se striscia fulmina, se svolazza l'ammazza

Strumenti
Mostra una versione stampabile Invia questa pagina per email