tyons ha scritto:posso usare hijackthis che ce l'ho già?
----------------- FindyKill V4.707 ------------------
* User : pc22 - NOTEBOOK22
* executed from : C:\Programmi\FindyKill
* Update on 06/12/08 par Chiquitine29
* Start at 17:10:22 the 2008-12-07
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programmi\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\OGAVerify.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\pc22\Dati applicazioni
»»»» Supression files in C:\DOCUME~1\pc22\IMPOST~1\Temp
»»»» Supression files in C:\Documents and Settings\pc22\Local Settings\Temporary Internet Files\Content.IE5
Deleted ! - C:\Documents and Settings\All Users\Dati applicazioni\Skype\Plugins\Local Cache\7B5560BB781B40259A06350E9B643B6E_more.jpg
Deleted ! - C:\Documents and Settings\All Users\Dati applicazioni\Skype\Plugins\Plugins\7B5560BB781B40259A06350E9B643B6E\more.JPG
Deleted ! - C:\Documents and Settings\pc22\Impostazioni locali\Dati applicazioni\Microsoft\Media Player\Cache copertina\LocalMLS\{2214A7AA-B641-4A99-A578-CDC5EFB46F7A}.jpg
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\german.exe
--------------- [ States / Restarting of services ] ----------------
+- Safe boot mode restored !
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Unit… fissa
+- deleting files :
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Cracks / Keygen ] ----------------
C:\Documents and Settings\pc22\Desktop\Programmi per i video\WinDVD Platinum 6 v6.0.6.42 + keygen
C:\Documents and Settings\pc22\Desktop\Programmi per i video\WinDVD Platinum 6 v6.0.6.42 + keygen\keygen (OK)
C:\Documents and Settings\pc22\Desktop\Programmi per i video\WinDVD Platinum 6 v6.0.6.42 + keygen\WinDVD 6 Patch
C:\Documents and Settings\pc22\Desktop\Programmi per i video\WinDVD Platinum 6 v6.0.6.42 + keygen\WinDVD6.exe
C:\Documents and Settings\pc22\Desktop\Programmi per i video\WinDVD Platinum 6 v6.0.6.42 + keygen\keygen (OK)\keygen.exe
C:\Documents and Settings\pc22\Desktop\Programmi per i video\WinDVD Platinum 6 v6.0.6.42 + keygen\keygen (OK)\ror.nfo
C:\Documents and Settings\pc22\Desktop\Programmi per i video\WinDVD Platinum 6 v6.0.6.42 + keygen\WinDVD 6 Patch\InstActivation.dll
C:\Documents and Settings\pc22\Desktop\Programmi per i video\WinDVD Platinum 6 v6.0.6.42 + keygen\WinDVD 6 Patch\INSTAL INFO.txt
C:\Documents and Settings\pc22\Desktop\Programmi per i video\WinDVD Platinum 6 v6.0.6.42 + keygen\WinDVD 6 Patch\regme.reg
---------------- ! End of report ! ------------------
tyons ha scritto:secondo me devo ri usare combofix perché, avendo fatto il ripristino, secondo me è come se non l'avessi usato.
tyons ha scritto: per l'hard disk esterno come faccio?
Visitano il forum: Nessuno e 13 ospiti
megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising