aiuto non riesco ad entrare in explorer e messenger

Pubblicità
biasion118

biasion118

Utente Attivo
Messaggi
209
Reazioni
3
Punteggio
38
HO UN VIRUS NEL PORTATILE DI MIA SORELLA AUTATEMI A SISTEMARLO SE NO SI INCAZZA COME UNA BESTIA, HO LOG

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12.06.41, on 05/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\Intel\Wireless\Bin\EvtEng.exe
D:\WINDOWS\system32\WgaTray.exe
D:\WINDOWS\Explorer.EXE
D:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
D:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
D:\Programmi\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programmi\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
D:\Programmi\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\WINDOWS\system32\dwwin.exe
D:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
D:\WINDOWS\PixArt\PAC207\Monitor.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Programmi\Java\jre6\bin\jusched.exe
D:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programmi\Alwil Software\Avast4\setup\avast.setup
D:\Programmi\Windows Live\Messenger\msnmsgr.exe
D:\Programmi\Intel\Wireless\Bin\Dot1XCfg.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Programmi\Internet Explorer\iexplore.exe
D:\Programmi\Internet Explorer\iexplore.exe
D:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Programmi\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programmi\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - D:\Programmi\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IntelZeroConfig] "D:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [Monitor] D:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IntelWireless] "D:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE D:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1075128944484
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - D:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - D:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - D:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - D:\Programmi\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6917 bytes
 
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Gli elementi non necessari (disattivati) dovrebbero essere eliminati. Questa voce è stata classificata dai nostri visitatori come sicura.

O4 - HKLM\..\Run: [Monitor] D:\WINDOWS\PixArt\PAC207\Monitor.exe


Da eliminare! Browser hijacker
disattiva la prima e cerca di eliminare la secona in qualche modo... spybot dovrebbe farcela
 
ho anche fatto delle scansioni con combofix e malwarebytes ecco i rispettivi log:

ComboFix 09-11-04.05 - federica 05/11/2009 14.23.51.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1023.627 [GMT 1:00]
Eseguito da: d:\documents and settings\federica\Desktop\ComboFix.exe
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.
((((((((((((((((((((((((( Files Creati Da 2009-10-05 al 2009-11-05 )))))))))))))))))))))))))))))))))))
.
2009-11-05 12:30 . 2009-11-05 12:30 -------- d-----w- d:\programmi\Kaspersky Lab
2009-11-05 12:30 . 2009-11-05 12:30 -------- d-----w- d:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2009-11-05 12:30 . 2009-11-05 12:31 -------- d-----w- d:\windows\LastGood
2009-11-05 12:05 . 2009-11-05 12:05 -------- d-----w- d:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2009-11-05 11:06 . 2009-11-05 11:06 -------- d-----w- d:\programmi\Trend Micro
2009-11-05 11:05 . 2009-11-05 11:05 -------- d-----w- d:\documents and settings\HelpAssistant\PrivacIE
2009-11-05 11:03 . 2009-11-05 11:03 -------- d-----w- d:\documents and settings\HelpAssistant\IECompatCache
2009-11-04 18:04 . 2009-11-04 18:04 -------- d-----w- d:\programmi\XP TCPIP Repair
2009-11-04 18:00 . 2009-11-04 18:00 -------- d-sh--w- d:\documents and settings\federica\IECompatCache
2009-11-04 17:59 . 2009-11-04 17:59 -------- d-sh--w- d:\documents and settings\federica\PrivacIE
2009-11-04 17:47 . 2009-11-04 17:47 -------- d-----w- d:\documents and settings\federica\Dati applicazioni\InstallShield
2009-11-04 16:44 . 2009-11-05 11:03 -------- d-----w- d:\documents and settings\HelpAssistant\IETldCache
2009-11-04 16:37 . 2009-11-04 16:37 -------- d-sh--w- d:\documents and settings\federica\IETldCache
2009-11-04 16:16 . 2009-11-04 16:16 -------- d-----w- d:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2009-11-04 16:14 . 2009-11-04 16:14 -------- d-----w- d:\programmi\File comuni\Windows Live
2009-11-04 16:10 . 2009-11-04 16:10 -------- d-----w- d:\programmi\Messenger Plus! Live
2009-11-04 15:52 . 2007-10-17 09:19 20480 ----a-w- d:\windows\system32\SysRestore.dll
2009-11-04 15:52 . 2008-04-17 15:22 208896 ----a-w- d:\windows\system32\ConTest.dll
2009-11-04 15:51 . 2009-11-04 17:47 -------- d-----w- d:\programmi\Ascentive
2009-11-04 15:41 . 2009-11-04 15:41 -------- d-----w- d:\programmi\Lavalys
2009-11-04 13:23 . 2009-11-04 16:18 -------- dc-h--w- d:\windows\ie8
2009-11-04 08:49 . 2009-11-04 08:49 152576 ----a-w- d:\documents and settings\federica\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-04 17:47 . 2008-10-30 09:11 -------- d--h--w- d:\programmi\InstallShield Installation Information
2009-11-04 08:50 . 2004-01-08 13:39 -------- d-----w- d:\programmi\Java
2009-10-31 13:35 . 2001-08-31 09:00 48988 ----a-w- d:\windows\system32\perfc010.dat
2009-10-31 13:35 . 2001-08-31 09:00 348476 ----a-w- d:\windows\system32\perfh010.dat
2009-10-17 15:05 . 2009-10-03 12:09 -------- d-----w- d:\programmi\BearShare
2009-10-11 03:17 . 2004-01-08 13:39 411368 ----a-w- d:\windows\system32\deploytk.dll
2009-10-04 15:44 . 2009-08-14 14:11 -------- d-----w- d:\programmi\PokerStars.IT
2009-10-03 12:18 . 2009-10-03 12:18 -------- d-----w- d:\documents and settings\All Users\Dati applicazioni\23157
2009-09-11 14:17 . 2004-08-19 13:39 136192 ----a-w- d:\windows\system32\msv1_0.dll
2009-09-10 19:10 . 2009-06-21 15:52 -------- d-----w- d:\programmi\Microsoft Silverlight
2009-09-04 21:03 . 2004-08-19 13:39 58880 ----a-w- d:\windows\system32\msasn1.dll
2009-08-26 08:00 . 2004-08-19 13:39 247326 ----a-w- d:\windows\system32\strmdll.dll
2009-08-18 16:34 . 2009-08-18 16:34 33061 ----a-w- d:\windows\king-uninstall.exe
2009-08-09 17:09 . 2009-08-09 17:09 152576 ----a-w- d:\documents and settings\federica\Dati applicazioni\Sun\Java\jre1.6.0_15\lzma.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="d:\programmi\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelZeroConfig"="d:\programmi\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-01 802816]
"Monitor"="d:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"SunJavaUpdateSched"="d:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"IntelWireless"="d:\programmi\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-01 696320]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2005-04-28 5562368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="d:\windows\system32\sti_ci.dll" [2008-04-14 137216]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
R0 R592;R592;d:\windows\system32\drivers\R592.sys [30/10/2008 11.06.52 57088]
R0 risdpntk;risdpntk;d:\windows\system32\drivers\risdpntk.sys [30/10/2008 11.06.52 27264]
S0 klbg;Kaspersky Lab Boot Guard Driver;d:\windows\system32\drivers\klbg.sys [15/12/2008 20.41.32 33808]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;d:\windows\system32\drivers\klim5.sys [13/05/2009 17.46.52 31760]
S3 klmouflt;Kaspersky Lab KLMOUFLT;d:\windows\system32\drivers\klmouflt.sys [16/05/2009 20.59.44 19472]
S3 PAC207;Trust WB-1400T Webcam;d:\windows\system32\drivers\PFC027.SYS [14/05/2007 10.26.10 508288]
--- Altri Servizi/Drivers In Memoria ---
*NewlyCreated* - KL1
*NewlyCreated* - KLIF
*NewlyCreated* - MBR
*NewlyCreated* - PROCEXP113
*Deregistered* - mbr
*Deregistered* - PROCEXP113
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE: E&sporta in Microsoft Excel - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-11-05 14:31
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys >>UNKNOWN [0x8615DE40]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\ACPI -> 0x8615de40
NDIS: Realtek RTL8139/810x Family Fast Ethernet NIC -> SendCompleteHandler -> 0x8619a800
Warning: possible MBR rootkit infection !
copy of MBR has been found in sector 0x0950E4C1
malicious code @ sector 0x0950E4C4 !
PE file found in sector at 0x0950E4DA !
MBR rootkit infection detected ! Use: "mbr.exe -f" to fix.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*]
"0140110900063D11C8EF10054038389C"="D?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'explorer.exe'(3216)
d:\windows\system32\ieframe.dll
d:\windows\system32\webcheck.dll
.
Ora fine scansione: 2009-11-05 14.33.29
ComboFix-quarantined-files.txt 2009-11-05 13:33
Pre-Run: 16.191.868.928 byte disponibili
Post-Run: 16.391.368.704 byte disponibili
 
Malwarebytes' Anti-Malware 1.41
Versione del database: 2775
Windows 5.1.2600 Service Pack 3
05/11/2009 14.49.44
mbam-log-2009-11-05 (14-49-36).txt
Tipo di scansione: Scansione rapida
Elementi scansionati: 101753
Tempo trascorso: 3 minute(s), 49 second(s)
Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 7
Valori di registro infetti: 2
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 3
Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)
Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)
Chiavi di registro infette:
HKEY_CLASSES_ROOT\TypeLib\{497dddb6-6eee-4561-9621-b77dc82c1f84} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{4e980492-027b-47f1-a7ab-ab086dacbb9e} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{5ead8321-fcbb-4c3f-888c-ac373d366c3f} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{31f3cf6e-a71a-4daa-852b-39ac230940b4} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{c24d7016-d00f-41ef-9781-984b6b5ff38f} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{ec88fcd0-2ed5-4d65-9b4c-71d146b43a2e} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e532cfb1-5edd-4663-8c22-bcd67b5e5bd4} (Rogue.Ascentive) -> No action taken.
Valori di registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\D:\WINDOWS\system32\SysRestore.dll (Rogue.Ascentive) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\D:\WINDOWS\system32\ConTest.dll (Rogue.Ascentive) -> No action taken.
Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)
Cartelle infette:
(Nessun elemento malevolo rilevato)
File infetti:
D:\WINDOWS\system32\SysRestore.dll (Rogue.Ascentive) -> No action taken.
D:\WINDOWS\system32\ConTest.dll (Rogue.Ascentive) -> No action taken.
D:\Documents and Settings\All Users\Desktop\Spyware Striker Update.url (Rogue.Multiple) -> No action taken.
 
non riesco a istallare niente apparte malwarbytes appena parte il setrip lo ralleltala massimo bloccandolo sia explorer messenger che tutti i programmi
 
ok appena finito la scansione di spyboot in mod. prov. ha trovato molti virus su bearshare ma uno sul registro con nome " ativirus0verride " li ho cancellati tutti :boh: boooo vediamo

 
Pubblicità
Pubblicità
Indietro
Top