Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Crash antivirus e anti-spyware

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Rispondi al messaggio

Crash antivirus e anti-spyware

Messaggioda Guercio » gio giu 28, 2007 4:16 pm

Ciao a tutti, oggi ho fatto proprio il bis [cry] quando sono tornato al pc ho trovato la connessione ad internet staccata e la mancanza delle icone di Avast e AVG Anti-Spyware nella system tray [uhm] cosi ho riavviato il pc..

Dopo il riavvio la situazione nella tray non è cambiata e cosi ho eseguito Avast un paio di volte ma senza alcun risultato, allora l'ho disinstallato con la relativa utility.. dopo aver effettuato l'installazione (eseguita senza problemi) ora mi ritrovo che quando clicco sull'icona per avviarlo esce questo:

Immagine

Per quanto riguarda AVG invece, dopo averlo disinstallato, l'installazione è andata a buon fine ma nel momento in cui effettuo l'aggiornamento dopo aver scaricato il tutto mi da "Errore: Impossibile salvare il pacchetto"

Qualcuno sa dirmi cosa sta succedendo??? [8)] [boh]
Avatar utente
Guercio
Senior Member
Senior Member
 
Messaggi: 161
Iscritto il: lun apr 02, 2007 6:19 pm
Località: Napoli
Top

Messaggioda Amantide » gio giu 28, 2007 4:31 pm

Mi sa che ti sei beccato il worm Bagle.
Vedi se riesci a risolvere da solo leggendo questo articolo, altrimenti posta qui il log di Gmer.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo
Top

Messaggioda Guercio » gio giu 28, 2007 4:55 pm

Ciao Amantide, ti ringrazio per la risposta.. ho letto l'articolo che mi hai linkato: una volta insallato Gmer non mi ha chiesto di effettuare la scansione e cosi l'ho avviata io, ti posto il log, e non ci sono indicazioni in rosso..

..da quanto ho capito questo è relativo a "rootkit", devo fare anche la scansione in dell' "autostart"???


GMER 1.0.13.12540 - http://www.gmer.net
Rootkit scan 2007-06-28 15:55:58
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.13 ----

SSDT \??\C:\Documents and Settings\Emanuele\Dati applicazioni\hidires\rosa.sys ZwCreateFile
SSDT \??\C:\Documents and Settings\Emanuele\Dati applicazioni\hidires\rosa.sys ZwEnumerateKey
SSDT \??\C:\Documents and Settings\Emanuele\Dati applicazioni\hidires\rosa.sys ZwEnumerateValueKey
SSDT \??\C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.sys ZwOpenProcess
SSDT \??\C:\Documents and Settings\Emanuele\Dati applicazioni\hidires\rosa.sys ZwQueryDirectoryFile
SSDT \??\C:\Documents and Settings\Emanuele\Dati applicazioni\hidires\rosa.sys ZwQueryKey
SSDT \??\C:\Documents and Settings\Emanuele\Dati applicazioni\hidires\rosa.sys ZwQuerySystemInformation
SSDT \??\C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.sys ZwTerminateProcess

---- Devices - GMER 1.0.13 ----

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F47C8CD8] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F47C8CD8] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [F47C778C] aswMon2.SYS
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F47C778C] aswMon2.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F85C52C0] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F85C52C0] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F85C52C0] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F85C52C0] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F85C52C0] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F85C52C0] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [F85C58E6] aswTdi.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [F85C58E6] aswTdi.SYS

---- Registry - GMER 1.0.13 ----

Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Win32Assemblies\Global@Microsoft.MSXML2R,publicKeyToken="6bd6b9abf345378f",version="4.1.0.0",type="win32",processorArchitecture="x86" 8p6oAkvYS?]*ZCt8cMt=RaveProgramFiles>ITzaC}zyQ@Zq3QlMCb0e?
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\ 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTComponents\ 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\ 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\da.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\de.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\en.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\es.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\fi.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\fr.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\it.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\ja.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\ko.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\nb.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\nl.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\sv.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\zh_CN.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\CoreVideo.Resources\zh_TW.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\da.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\de.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\en.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\es.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\fi.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\fr.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\it.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\ja.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\ko.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\nb.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\nl.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\sv.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\zh_CN.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PanelHelperBase.Resources\zh_TW.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\da.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\de.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\en.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\es.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\fi.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\fr.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\it.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\ja.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\ko.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\nb.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\nl.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\sv.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\zh_CN.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PictureViewer.Resources\zh_TW.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\da.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\de.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\en.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\es.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\fi.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\fr.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\it.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\ja.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\ko.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\nb.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\nl.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\sv.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\zh_CN.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\PropertyPanels\PropPanelHelpers.Resources\zh_TW.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\QuickTime.Resources\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\QuickTime.Resources\da.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\QuickTime.Resources\de.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\QuickTime.Resources\en.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\QuickTime.Resources\es.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\QuickTime.Resources\fi.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\QuickTime.Resources\fr.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\QuickTime.Resources\it.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\QuickTime.Resources\ja.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\QuickTime.Resources\ko.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\QuickTime.Resources\nb.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\QuickTime.Resources\nl.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\QuickTime.Resources\sv.lproj\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\QuickTime\QTSystem\Qu
Avatar utente
Guercio
Senior Member
Senior Member
 
Messaggi: 161
Iscritto il: lun apr 02, 2007 6:19 pm
Località: Napoli
Top
Top

Messaggioda Amantide » gio giu 28, 2007 5:01 pm

Scarica The Avenger, estrai archivio in una cartella ed avvia il file Avenger.exe.
Seleziona l'opzione Input Script Manually, clicca sulla lente di ingrandimento e all'interno del form copia ed incolla questo script:

Files to delete:
C:\Documents and Settings\Emanuele\Dati applicazioni\hidires\rosa.sys
C:\Documents and Settings\Emanuele\Dati applicazioni\hidires\m_hook.sys
C:\Documents and Settings\Emanuele\Dati applicazioni\hidires\hidr.exe
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\hldrrr.exe

folders to delete:
C:\Documents and Settings\Emanuele\Dati applicazioni\hidires
C:\WINDOWS\exefld

registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\m_hook
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_M_HOOK

registry values to delete:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run | hldrrr

Dopodichè clicca sul pulsante Done, poi 2 volte sull'icona del semaforo verde e rispondi alle successive domande Si .
Il pc dovrebbe riavviarsi da solo,se cosi non fosse riavvialo manualmente.
Alla fine allegami il log di Avenger che si trova in C:/avenger.txt

Per ripulire i residui e ripristinare i servizi terminati segui le istruzioni dell'articolo.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo
Top

Messaggioda Guercio » gio giu 28, 2007 5:09 pm

Per ripulire i residui e ripristinare i servizi terminati segui le istruzioni dell'articolo.

Scusami, intendi la parte "Cenni finali", dell'articolo???

Ti posto il log di avenger, dimmi tu cosa devo fare...


Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\cvocobsm

*******************

Script file located at: \??\C:\aiclilqa.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\Documents and Settings\Emanuele\Dati applicazioni\hidires\rosa.sys deleted successfully.


File C:\Documents and Settings\Emanuele\Dati applicazioni\hidires\m_hook.sys not found!
Deletion of file C:\Documents and Settings\Emanuele\Dati applicazioni\hidires\m_hook.sys failed!

Could not process line:
C:\Documents and Settings\Emanuele\Dati applicazioni\hidires\m_hook.sys
Status: 0xc0000034

File C:\Documents and Settings\Emanuele\Dati applicazioni\hidires\hidr.exe deleted successfully.


File C:\WINDOWS\system32\wintems.exe not found!
Deletion of file C:\WINDOWS\system32\wintems.exe failed!

Could not process line:
C:\WINDOWS\system32\wintems.exe
Status: 0xc0000034

File C:\WINDOWS\system32\hldrrr.exe deleted successfully.
Folder C:\Documents and Settings\Emanuele\Dati applicazioni\hidires deleted successfully.
Folder C:\WINDOWS\exefld deleted successfully.


Registry key HKLM\SYSTEM\CurrentControlSet\Services\m_hook not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Services\m_hook failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Services\m_hook
Status: 0xc0000034



Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_M_HOOK not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_M_HOOK failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_M_HOOK
Status: 0xc0000034



Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|hldrrr
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|hldrrr failed!
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.
Avatar utente
Guercio
Senior Member
Senior Member
 
Messaggi: 161
Iscritto il: lun apr 02, 2007 6:19 pm
Località: Napoli
Top

Messaggioda Amantide » gio giu 28, 2007 5:15 pm

Si, si... i Cenni finali.

L'esecuzione dello script è andata a buon fine.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo
Top

Messaggioda Guercio » gio giu 28, 2007 6:02 pm

Ho ripristinato le ultime cose, installato Avast e AVG, quest'ultimo funziona correttamente mentre l'antivirus non me lo fa aggiornare [uhm] .. poi è successa una strana cosa.. è sparito il cestino!!! [cry]


Edit: anche Avast è tutto ok [^] manca solo il cestino [acc2]
Avatar utente
Guercio
Senior Member
Senior Member
 
Messaggi: 161
Iscritto il: lun apr 02, 2007 6:19 pm
Località: Napoli
Top

Messaggioda Amantide » gio giu 28, 2007 6:23 pm

Prova a rifare la scansione con Gmer.
Per il Cestino vedi qui
http://support.microsoft.com/kb/810869/it
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo
Top

Messaggioda Guercio » gio giu 28, 2007 6:42 pm

Ho risolto anche con il cestino [;)] Avast e AVG vanno alla perfezione, quindi credo sia inutile fare un'ulterione scan con Gmer, giusto???

Grazie mille di tutto Amantide, è già la seconda volta che mi salvi [:)]

GRAZIE [applauso+]
Avatar utente
Guercio
Senior Member
Senior Member
 
Messaggi: 161
Iscritto il: lun apr 02, 2007 6:19 pm
Località: Napoli
Top

Messaggioda Amantide » gio giu 28, 2007 6:48 pm

Guercio ha scritto: Avast e AVG vanno alla perfezione, quindi credo sia inutile fare un'ulterione scan con Gmer, giusto???

Giusto [;)]
Però ti consiglierei di cambiare Avast con qualche antivirus un po' più efficace.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo
Top

Messaggioda Guercio » gio giu 28, 2007 6:51 pm

Amantide ha scritto:Giusto [;)]
Però ti consiglierei di cambiare Avast con qualche antivirus un po' più efficace.

Consiglio accettato [;)] devo rinstallare anche un buon firewall..

Ancora Grazie!! [:)]
Avatar utente
Guercio
Senior Member
Senior Member
 
Messaggi: 161
Iscritto il: lun apr 02, 2007 6:19 pm
Località: Napoli
Top
Rispondi al messaggio

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 12 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising