Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

aiuto,aiuto,aiuto..virus nel mio pc

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Messaggioda lorenza » dom feb 03, 2008 8:08 pm

dopo aver usato avanger con l' ultima esecuzione non si connette piu ad internet emi chiede il cd del service pack 2 aprendo windows friwall mi da errore 1068
Avatar utente
lorenza
Aficionado
Aficionado
 
Messaggi: 37
Iscritto il: mar gen 15, 2008 9:04 pm

Messaggioda ste_95 » dom feb 03, 2008 8:10 pm

Prova a ripristinare i backup di Avenger... [...]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda lorenza » dom feb 03, 2008 8:30 pm

mi dice che impossibile inserire i registri di sistema !
Avatar utente
lorenza
Aficionado
Aficionado
 
Messaggi: 37
Iscritto il: mar gen 15, 2008 9:04 pm


Messaggioda lorenza » dom feb 03, 2008 8:55 pm

non riconosce fairwall se ne installo un'altro??
Avatar utente
lorenza
Aficionado
Aficionado
 
Messaggi: 37
Iscritto il: mar gen 15, 2008 9:04 pm

Messaggioda ste_95 » lun feb 04, 2008 6:48 am

Che cosa sarebbe un fairwall? Se mai intendi un firewall. A questo il tuo problema attuale mi è sfuggito [8)]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda lorenza » lun feb 04, 2008 10:09 am

no none' istallato correttamente ti spiego ??? quando vado su start -connetti a - non mi esce nessuna connessione e quindi non posso connettermiad internet.,poi vado su start pannello di controllo clicco per attivarlo e mi dice impossibile visualizzare le impostazioni di windows firewall. il relativo servizio non e' attivo.avviare il servizio windows firewall/internet connection sharing(ICS) HOE PROVATO AD ATTTIVARLO SU STRUMENTI AMMINISTRAZIONE -SERVIZI E'IMPOSTATO IN AUTOMATICO LO AVVIO E MI DICE -ERRORE1068:AVVIO DEL GRUPPO O DEL SERVIZIODI DIPENDENZA NON RIUSCITO--------ASPETTO RISPOSTA GRAZIE
Avatar utente
lorenza
Aficionado
Aficionado
 
Messaggi: 37
Iscritto il: mar gen 15, 2008 9:04 pm

Messaggioda lorenza » lun feb 04, 2008 2:02 pm

ho provato a dare una passata con hijackthis e mi esce molte cose da selezionare
Avatar utente
lorenza
Aficionado
Aficionado
 
Messaggi: 37
Iscritto il: mar gen 15, 2008 9:04 pm

Messaggioda ste_95 » lun feb 04, 2008 2:03 pm

Posta il log di hijackthis.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda lorenza » lun feb 04, 2008 2:51 pm

ho fatto quello che mi hai detto ma non funziona adesso cosa devo fare????
Avatar utente
lorenza
Aficionado
Aficionado
 
Messaggi: 37
Iscritto il: mar gen 15, 2008 9:04 pm

Messaggioda ste_95 » lun feb 04, 2008 3:10 pm

Lo ripeto, non postare un po' di qua, un po' di là, non si capisce più niente!

Non mi hai detto se l'articolo che ti ho segnalato lo hai seguito.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda lorenza » lun feb 04, 2008 3:14 pm

ho fatto tutto quello che mi hai detto ma non ho letto nessun articolo !! p.s mi sa che il pc lo devo riformattare vero???
Avatar utente
lorenza
Aficionado
Aficionado
 
Messaggi: 37
Iscritto il: mar gen 15, 2008 9:04 pm

Messaggioda ste_95 » lun feb 04, 2008 3:18 pm

Questo è l'articolo da leggere:

http://www.MegaLab.it/2624
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda lorenza » lun feb 04, 2008 3:29 pm

allora devo fare una scanzione con questo programma e poi ti faccio sapere
Avatar utente
lorenza
Aficionado
Aficionado
 
Messaggi: 37
Iscritto il: mar gen 15, 2008 9:04 pm

Messaggioda lorenza » lun feb 04, 2008 4:34 pm

questo e quanto eseguito con terminator Logfile of Spyware Terminator v2.0.1.224 (db:1.0.044.807)
Scan Time: 04/02/2008 16.06.40 length: 1320 s
Platform: Windows XP Service Pack 2 (WINNT 5.1.2600)
User: Admin
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 75209 (Critical:7)
Filter: No System items, No Safe items

Running Processes
SAgent2.exe [SEIKO EPSON CORPORATION] : C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
issch.exe [InstallShield Software Corporation] : C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
E_S10IC2.EXE [SEIKO EPSON CORPORATION] : C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
VTTimer.exe [S3 Graphics, Inc.] : C:\WINDOWS\system32\VTTimer.exe
WZQKPICK.EXE [WinZip Computing, Inc.] : C:\Programmi\WinZip\WZQKPICK.EXE
LaunchApplication.exe [Nokia] : C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
ServiceLayer.exe [Nokia.] : C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
MPAPI3s.exe [Nokia Corporation] : C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe

Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =

BHO
02 - BHO: &Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - [Yahoo! Inc.] : C:\Programmi\Yahoo!\Common\yhexbmesit.dll
02 - BHO: &Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - [Yahoo! Inc.] : C:\Programmi\Yahoo!\Common\yhexbmesit.dll
02 - BHO: - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - File not found
02 - BHO: &Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - [Yahoo! Inc.] : C:\Programmi\Yahoo!\Common\yhexbmesit.dll
02 - BHO: - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - File not found
02 - BHO: - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found

StartUps
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ISUSScheduler : [InstallShield Software Corporation] : C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ISUSPM Startup : [InstallShield Software Corporation] : C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, EPSON Stylus C42 Series : [SEIKO EPSON CORPORATION] : C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, VTTimer : [S3 Graphics, Inc.] : C:\WINDOWS\system32\VTTimer.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SiS KHooker : [Silicon Integrated Systems Corporation] : C:\WINDOWS\system32\khooker.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PCSuiteTrayApplication : [Nokia] : C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
04 - HKLM\System\CurrentControlSet\Control\Session Manager, BootExecute : [Greatis Software] : C:\WINDOWS\system32\PARTIZAN.EXE
04 - Startup: %START_PROGRAMSALL%\Esecuzione automatica\WinZip Quick Pick.lnk [WinZip Computing, Inc.] : C:\Programmi\WinZip\WZQKPICK.EXE

Explorer Bars
&Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - [Yahoo! Inc.] : C:\Programmi\Yahoo!\Common\yhexbmesit.dll
&Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - [Yahoo! Inc.] : C:\Programmi\Yahoo!\Common\yhexbmesit.dll

Shell Extensions
- {42071714-76d4-11d1-8b24-00a0c9068ff3} - File not found
- {764BF0E1-F219-11ce-972D-00AA00A14F56} - File not found
- {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - File not found
Barra delle applicazioni e menu di avvio - {0DF44EAA-FF21-4412-828E-260A8728E7F1} - File not found
Account utente - {7A9D77BD-5403-11d2-8785-2E0420524153} - File not found
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Programmi\WinRAR\rarext.dll
- {C169E5F0-E2B3-41F3-B81A-7BA529CBE193} - File not found
- {2E5AC2E0-406D-11D4-86B3-FA5861508E25} - File not found
- {310A0C95-EA11-42AE-A8E4-53E69E650310} - File not found
- {FE8D01BF-610A-4261-9C6E-32D65A42C907} - File not found
YMailShellExt Class - {5464D816-CF16-4784-B9F3-75C0DB52B499} - [Yahoo! Inc.] : C:\Programmi\Yahoo!\Common\ymmapi.dll
- {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - File not found
WinZip - {E0D79304-84BE-11CE-9641-444553540000} - [WinZip Computing, Inc.] : C:\Programmi\WinZip\WZSHLSTB.DLL
WinZip - {E0D79305-84BE-11CE-9641-444553540000} - [WinZip Computing, Inc.] : C:\Programmi\WinZip\WZSHLSTB.DLL
WinZip - {E0D79306-84BE-11CE-9641-444553540000} - [WinZip Computing, Inc.] : C:\Programmi\WinZip\WZSHLSTB.DLL
WinZip - {E0D79307-84BE-11CE-9641-444553540000} - [WinZip Computing, Inc.] : C:\Programmi\WinZip\WZSHLSTB.DLL
Nokia Phone Browser - {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} - [Nokia] : C:\Programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll

Services
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23 - [BIOSTAR Group] : C:\WINDOWS\system32\DRIVERS\BIOS.SYS
23 - [SEIKO EPSON CORPORATION] : C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
23 - [VIA Technologies, Inc.] : C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
23 - [Creative Technology Ltd.] : C:\WINDOWS\system32\DRIVERS\P1001Vid.sys
23 - [Padus, Inc.] : C:\WINDOWS\system32\drivers\pfc.sys
23 - : C:\WINDOWS\system32\drivers\srvkp.sys
23 - [Copyright (C) VIA/S3 Graphics Co, Ltd.] : C:\WINDOWS\system32\DRIVERS\vtmini.sys
23 - [Nokia.] : C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
23 - [Nokia] : C:\WINDOWS\system32\drivers\nmwcd.sys
23 - [Nokia] : C:\WINDOWS\system32\drivers\nmwcdc.sys
23 - [Nokia] : C:\WINDOWS\system32\drivers\nmwcdcm.sys

Threat Files
<BitDownload> : C:\Programmi\BitDownload\BitDownload.TRC
<Backdoor/W32.AHIA.OLE> : C:\System Volume Information\_restore{E0E8F182-9026-41BD-98C4-C938366F49F6}\RP1\A0000141.sys
<Backdoor/W32.AHIA.OLE> : C:\System Volume Information\_restore{E0E8F182-9026-41BD-98C4-C938366F49F6}\RP1\A0000159.sys
<Trojan.Downloader.Delf.BR.3> : C:\System Volume Information\_restore{E0E8F182-9026-41BD-98C4-C938366F49F6}\RP2\A0000287.exe
<Trojan.Downloader.Delf.BR.3> : C:\System Volume Information\_restore{E0E8F182-9026-41BD-98C4-C938366F49F6}\RP2\A0000290.exe
<Backdoor/W32.AHIA.OLE> : C:\System Volume Information\_restore{E0E8F182-9026-41BD-98C4-C938366F49F6}\RP2\A0002477.sys

Advanced Files Report
%PROGRAMFILES%\WinZip\WZSHLSTB.DLL [WinZip Computing, Inc.] [WinZip] MD5=AA25C5DDAE3B9820D9E4A73380167B3F SIZE=5120
%PROGRAMFILES%\WinRAR\rarext.dll [] MD5=B98E6C1C8543F71D3C81C7AF93AAAEBD SIZE=120320
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\Lang\ConnectionManager_ita.nlr [Nokia] [Nokia ConnectionManager_eng] MD5=0770722D078532DEF0C340F29A16949B SIZE=5120
%SYSDIR%\EBPMON2.DLL [SEIKO EPSON CORPORATION] [EPSON Bidirectional Printer] MD5=BB14307B29EA221A30A97150E6E7282C SIZE=73116
%COMMONFILES%\EPSON\EBAPI\SAgent2.exe [SEIKO EPSON CORPORATION] [EPSON Bidirectional Printer] MD5=12CDB5DC7774298223099D6E41ED5CE7 SIZE=94208
%SYSDIR%\EBAPI2.DLL [SEIKO EPSON CORPORATION] [EPSON Bidirectional Printer] MD5=B40DA4318B477B07D635565E3014513D SIZE=139264
%COMMONFILES%\EPSON\EBAPI\EBPLPT.DLL [SEIKO EPSON CORPORATION] [EPSON Bidirectional Printer] MD5=BCE1C54740086D375721E8BBFE41D8F2 SIZE=230912
%SYSDIR%\P1001Sti.dll [Creative Technology Ltd.] [Creative WebCam] MD5=2C5E473B49CECFCF8CE63EE8930B0F52 SIZE=26176
%SYSDIR%\VTDisply.dll [S3 Graphics Co., Ltd.] [Part of S3 Screen Toys] MD5=B8758039D2D93CCAA9BA6A5FA55F7DAE SIZE=581632
%SYSDIR%\VTGamma2.dll [S3 Graphics Co., Ltd.] [S3 Screen Toys Utility Suite] MD5=E2ABAC0900F3CD9BEBA9777EDD557181 SIZE=360448
%SYSDIR%\VTInfo2.dll [S3 Graphics Co., Ltd.] [Part of S3 Screen Toys] MD5=DE1259A0259ABA98E17016087D82CA79 SIZE=262144
%SYSDIR%\VTOvrlay.dll [S3 Graphics Co., Ltd.] [S3ColorPlus/S3Overlay Utility] MD5=C3176BCF74E7D3046ED66AEAA1EF678A SIZE=397312
%PROGRAMFILES%\WinZip\WZQKPICK.EXE [WinZip Computing, Inc.] [WinZip] MD5=4707A73E38157E37C5D807F29809F2D4 SIZE=118784
%SYSDIR%\ConnAPI.DLL [Nokia.] [Nokia Connectivity API] MD5=258154ED7DDA83E2F201EF7103142E5E SIZE=242688
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\PCSCM.dll [Nokia] [PCSCM] MD5=6550787D16122F4989CFE1987A23543B SIZE=557056
%COMMONFILES%\PCSuite\ConfServer\ConfServer.dll [Nokia] [Nokia Connectivity Library] MD5=8C6CF4DE0CB86E552252BF29F5D0FF50 SIZE=77312
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\Lang\LaunchApplication_ita.NLR [Nokia] MD5=80541759CE92CC99EA15C82B6FC063CC SIZE=9728
%COMMONFILES%\PCSuite\Services\ServiceLayer.exe [Nokia.] [PC Connectivity Solution] MD5=4C0A4FEFD62519552C0E5171F418C4BC SIZE=174080
%SYSDIR%\NclTools.dll [Nokia.] [Nokia Connectivity Library] MD5=85F64D998D432707F949748B5AA75795 SIZE=61440
%COMMONFILES%\PCSuite\Transports\NCLIrDAMM.dll [Nokia Corp.] [PC Connectivity Solution] MD5=C4E6F34259BE5BEF933D0583014132A7 SIZE=50688
%COMMONFILES%\PCSuite\Transports\NCLRSMM.dll [Nokia] [PC Connectivity Solution] MD5=7FECAAFE21D543943C4412D98349E3FF SIZE=77312
%COMMONFILES%\PCSuite\Transports\NCLUSBMM.dll [Nokia] [PC Connectivity Solution] MD5=434527A7118624E865EF286E514C074B SIZE=88064
%COMMONFILES%\PCSuite\Transports\NclMSBTMM.dll [Nokia.] [PC Connectivity Solution] MD5=9288687D340A2F77950D4F1FA9EC2AC4 SIZE=79872
%COMMONFILES%\PCSuite\Services\NclDS.dll [Nokia] [Nokia Connectivity Library] MD5=B0F606DD0CCF663B3DC66B7B6D992839 SIZE=38912
%COMMONFILES%\PCSuite\Services\NclCapability.dll [Nokia] [Nokia Connectivity Library] MD5=D2E659A825BE80EAAF84556A035204EA SIZE=47104
%COMMONFILES%\PCSuite\Protocols\NOX.dll [Nokia] [Nokia Connectivity Library] MD5=30FEEBCC93A30E725B0D1231DD5141B1 SIZE=154624
%COMMONFILES%\PCSuite\Services\NclFT.dll [Nokia] [Nokia Connectivity Library] MD5=E9EA0ADAD1DE9C30366C481B60969A8E SIZE=74752
%COMMONFILES%\PCSuite\Services\NclSync.dll [Nokia.] [Nokia Connectivity Library] MD5=4391AACEABFC898A32E45DC6E6C34241 SIZE=67072
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\PCSL.dll [Nokia] [Nokia PCSL] MD5=B67102A8C8CDF5268275E644B246AF1D SIZE=4096
%PROGRAMFILES%\NOKIA\NOKIA PC SUITE 6\Lang\PcSync2_ita.nlr [Time Information Services Ltd.] [PcSync 2.0] MD5=97F13907BF44C2C877416859E2CDCBEC SIZE=89088
%PROGRAMFILES%\NOKIA\NOKIA PC SUITE 6\Resource\PcSync2_Nokia.ngr [Time Information Services Ltd.] [PcSync 2.0] MD5=3C2094DCC6FD978A251792393A2F0871 SIZE=759296
%COMMONFILES%\Nokia\Adapters\NclSet.dll [Nokia] [Nokia Connectivity Library] MD5=BDF5B15D4530C5AB0130EF8303E94A48 SIZE=269824
%COMMONFILES%\Nokia\Adapters\Nclaeo.dsc [Nokia Mobile Phones Ltd.] [Nokia Connectivity Library] MD5=12B95F15B418E60E8B2FC649836D631D SIZE=20480
%COMMONFILES%\Nokia\MPAPI\MPAPIps.dll [Nokia Corporation] [Nokia Connectivity Library] MD5=4AB46520573849B58D817BBEBE0F6230 SIZE=48128
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\CommonSelectDevice.dll [Nokia] [Common Select Device module] MD5=CE833FE72FDAE2673918052A71F7756A SIZE=106496
%COMMONFILES%\Nokia\MPAPI\MPAPI3s.exe [Nokia Corporation] [Nokia Connectivity Library] MD5=BA18073891BB866ED51D25CC6B62A96D SIZE=471552
%PROGRAMFILES%\Yahoo!\Common\yhexbmesit.dll [Yahoo! Inc.] [YhExBMes] MD5=787DCCCF97A3C97C546B38CC36F3B58C SIZE=316552
%PROGRAMFILES%\Yahoo!\Common\ymmapi.dll [Yahoo! Inc.] [YMMAPI Module] MD5=0BA783C222DE53CFA06DF2910A84CDF9 SIZE=180848
%PROGRAMFILES%\Nokia\Nokia PC Suite 6\PhoneBrowser.dll [Nokia] [Phone Browser] MD5=EE72989BDAC20CC914ADEF6A7BCEEDB9 SIZE=544768
%SYSDIR%\drivers\ALCXWDM.SYS [Realtek Semiconductor Corp.] [Windows (R) WDM driver for Realtek AC'97 Audio(HRTF data Copyright 1994 by MIT Media Lab)] MD5=92AE420BE14B0D97D14DAC4ABA22A702 SIZE=3644800
%SYSDIR%\DRIVERS\BIOS.SYS [BIOSTAR Group] [BIOSTAR I/O driver fle] MD5=BE5D50529799B9BAB6BE879EC768B6CF SIZE=13696
%SYSDIR%\DRIVERS\fetnd5bv.sys [VIA Technologies, Inc.] [VIA Rhine Family Fast Ethernet Adapter] MD5=41561219A8C2D5CC17AA463ACFF0506F SIZE=43008
%SYSDIR%\DRIVERS\P1001Vid.sys [Creative Technology Ltd.] [Creative WebCam] MD5=FB2C5ADAF3768871D4EA64883C4A3695 SIZE=395224
%SYSDIR%\drivers\pfc.sys [Padus, Inc.] [Padus(R) ASPI Shell] MD5=5903FA75200807AD739286BBF40C4904 SIZE=9856
%SYSDIR%\drivers\srvkp.sys [] MD5=0BA1BC20204DB877236EB5F674879ED5 SIZE=5760
%SYSDIR%\DRIVERS\vtmini.sys [Copyright (C) VIA/S3 Graphics Co, Ltd.] [UniChrome(Pro) IGP Driver] MD5=BCB2353661CB74A28C2E3E08CCFDFF12 SIZE=237312
%SYSDIR%\drivers\nmwcd.sys [Nokia] MD5=F5B1200C75B160C81E7E48CC0489AA5E SIZE=127488
%SYSDIR%\drivers\nmwcdc.sys [Nokia] MD5=5ABB6B2461C4EB0AFDF1BF7F03963D59 SIZE=8704
%SYSDIR%\drivers\nmwcdcm.sys [Nokia] MD5=353C16D21EEC1F11306270040B3713C1 SIZE=13312
%SYSDIR%\systray.exe []

End of Report


Procedura per la Rimozione:

Preparazione delle strutture
Creazione del punto di ripristino
Rimuovi Trojan.Downloader.Delf.BR.3
File eliminato: c:\System Volume Information\_restore{E0E8F182-9026-41BD-98C4-C938366F49F6}\RP2\A0000287.exe
File eliminato: c:\System Volume Information\_restore{E0E8F182-9026-41BD-98C4-C938366F49F6}\RP2\A0000290.exe
Rimuovi Backdoor/W32.AHIA.OLE
File eliminato: c:\System Volume Information\_restore{E0E8F182-9026-41BD-98C4-C938366F49F6}\RP1\A0000141.sys
File eliminato: c:\System Volume Information\_restore{E0E8F182-9026-41BD-98C4-C938366F49F6}\RP1\A0000159.sys
File eliminato: c:\System Volume Information\_restore{E0E8F182-9026-41BD-98C4-C938366F49F6}\RP2\A0002477.sys
Rimuovi Affiliate tracking cookie
File eliminato: C:\Documents and Settings\Utente\cookies\utente@doubleclick[1].txt
File eliminato: C:\Documents and Settings\Utente\cookies\utente@atdmt[2].txt
File eliminato: C:\Documents and Settings\Utente\cookies\utente@mediaplex[1].txt
File eliminato: C:\Documents and Settings\Utente\cookies\utente@statcounter[1].txt
File eliminato: C:\Documents and Settings\Utente\cookies\utente@hitbox[2].txt
File eliminato: C:\Documents and Settings\Utente\cookies\utente@ehg-nokiafin.hitbox[2].txt
File eliminato: C:\Documents and Settings\Utente\cookies\utente@2o7[2].txt
File eliminato: C:\Documents and Settings\Utente\cookies\utente@tribalfusion[2].txt
Rimuovi BitDownload
File eliminato: C:\Programmi\BitDownload\BitDownload.TRC
Delete Directory: C:\Programmi\BitDownload\
Chiusura del punto di ripristino
Fine
mail pc non funziona!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! mi da sempre errore KERNEL 32 ALMOMENTO DELL'ACCENSIONE
Avatar utente
lorenza
Aficionado
Aficionado
 
Messaggi: 37
Iscritto il: mar gen 15, 2008 9:04 pm

Messaggioda ste_95 » lun feb 04, 2008 4:56 pm

Mi spieghi dove sta scritto che per rimuoverlo serve SpywareTerminator?
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda lorenza » lun feb 04, 2008 5:03 pm

E' SCRITTO AL MOMENTO DELL' ACCENSIONE DEL PC CON UN MESSGGIOE POI E' NELLA CARTELLA SYSTEM 32
Avatar utente
lorenza
Aficionado
Aficionado
 
Messaggi: 37
Iscritto il: mar gen 15, 2008 9:04 pm

Messaggioda ste_95 » lun feb 04, 2008 5:06 pm

C'è una seconda pagina nominata Rimozione [rolleyes]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda lorenza » lun feb 04, 2008 5:09 pm

senti io sono 2 giorni che sono dietro a questo pc se non ci riusciamo io vado a afrlo riformattare !! io so solo che non mi riesco piu a collegare ad internet dopo aver istallato avast dopo aver riseguito le tue procedure di mmmi cosa devo fare
Avatar utente
lorenza
Aficionado
Aficionado
 
Messaggi: 37
Iscritto il: mar gen 15, 2008 9:04 pm

Messaggioda lorenza » lun feb 04, 2008 5:46 pm

guarda che sono brava ti ho fatto anche una passata di gmer GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2008-02-04 17:46:11
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.13 ----

SSDT \SystemRoot\system32\drivers\pctmp.sys ZwAllocateVirtualMemory
SSDT \SystemRoot\system32\drivers\pctmp.sys ZwProtectVirtualMemory
SSDT \SystemRoot\system32\drivers\pctmp.sys ZwSetValueKey

---- Devices - GMER 1.0.13 ----

AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F9258300] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F9258300] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F9258300] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F9258300] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [F9258730] pctfw2.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [F9258730] pctfw2.sys

---- EOF - GMER 1.0.13 ----
Avatar utente
lorenza
Aficionado
Aficionado
 
Messaggi: 37
Iscritto il: mar gen 15, 2008 9:04 pm

Messaggioda lorenza » lun feb 04, 2008 6:27 pm

PUOI DARMI UN CONSIGLIO????
Avatar utente
lorenza
Aficionado
Aficionado
 
Messaggi: 37
Iscritto il: mar gen 15, 2008 9:04 pm

Precedente

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 6 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising