|
|||||||
|
|
|
 |
|
|
Strumenti |
25-06-2007, 12:10
|
#1 |
|
Member
Iscritto dal: Mar 2006
Messaggi: 93
|
aiuto possibile virus
ieri sera mia sorella e' stata sul pc e stamattina mi ritrovo windows come se fosse stato reinstallato (avvio presentazione,impostazioni iniziali eccecc),la tastiera fuori dalle lettere tradizionali e' totalmente sballata (per fare la ( devo premere shif e 9...altgr non funziona eccecc),inoltre se premo stampa su explorer avvia il comando salva
ho fatto vari scan con nod,adaware,spybot,spyware terminator ma non sono riuscito a risolvere il problema...posto il log di hijack...grazie a tutti dell'aiuto R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.google.it/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page=http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page=http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL=http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL=http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch= R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant= O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: Invia a OneNote (HKLM) O9 - Extra 'Tools' menuitem: I&nvia a OneNote (HKLM) O9 - Extra button: Research (HKLM) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 (HKLM) O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\imon.dll O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\imon.dll O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\imon.dll O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\imon.dll O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\imon.dll O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\imon.dll O11 - Options group: [INTERNATIONAL] International* O11 - Options group: [TABS] Tabbed Browsing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - [url] O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL Ultima modifica di machinehead : 25-06-2007 alle 12:30. |
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 04:28.
