Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

problema ad eliminare virusfighter

Office fa le bizze? Photoshop non funziona più? Forse possiamo darti una mano...

problema ad eliminare virusfighter

Messaggioda partyboy78 » ven ott 30, 2009 5:17 pm

ciao,ho un problema...mesi fa ho caricato virusfighter...poi l 'ho cancellato subito !! ma adesso fancendo una scansione con combofix mi dice che è ancora attivo!! ho provato con cerca e ha vedere nei programmi ma non l ho trovo!! deve essere qualche file con un altro nome!! sapete dirmi come rimuoverlo?? o potete consigliarmi qualche programma x pulire il pc da file scancellati e inutili? grazie
Avatar utente
partyboy78
Neo Iscritto
Neo Iscritto
 
Messaggi: 12
Iscritto il: mar ott 27, 2009 8:33 pm

Re: problema ad eliminare virusfighter

Messaggioda crazy.cat » ven ott 30, 2009 5:19 pm

ci fai vedere il log di combofix?
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: problema ad eliminare virusfighter

Messaggioda partyboy78 » sab ott 31, 2009 12:40 pm

grazie x aver risposo crazy.cat ! ti mando adesso combofix...puoi dare un' occhiata se c'è ancora qualche residuo dal virus beagle che ho preso...dovrei averlo eliminato...se vuoi ti mando anche gli altri report??

ComboFix 09-10-26.06 - Beppe 31/10/2009 8.37.16.11.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.511.192 [GMT 1:00]
Eseguito da: c:\documents and settings\Beppe\Desktop\aab.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: VIRUSfighter ver. 5.99 *On-access scanning enabled* (Updated) {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Trend Micro PC-cillin Internet Security *enabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}
.

((((((((((((((((((((((((( Files Creati Da 2009-09-28 al 2009-10-31 )))))))))))))))))))))))))))))))))))
.

2009-10-31 07:31 . 2009-10-31 07:32 -------- d-----w- C:\aab
2009-10-30 17:18 . 2008-05-29 08:28 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2009-10-30 17:18 . 2009-10-30 17:18 355584 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-10-30 17:17 . 2009-10-30 17:17 -------- d-----w- c:\documents and settings\Beppe\Dati applicazioni\TuneUp Software
2009-10-30 17:16 . 2009-10-30 17:16 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\TuneUp Software
2009-10-30 17:15 . 2009-10-30 17:20 -------- d-----w- c:\programmi\TuneUp Utilities 2008
2009-10-30 17:12 . 2009-10-30 17:12 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2009-10-29 19:45 . 2009-10-29 19:46 -------- d-----w- C:\FindyKill
2009-10-29 19:16 . 2009-10-29 19:16 -------- d-----w- c:\programmi\Trend Micro
2009-10-28 19:04 . 2009-10-28 19:04 44288 ----a-w- c:\windows\system32\drivers\viragtlt.sys
2009-10-28 18:10 . 2009-10-28 18:10 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-10-28 18:07 . 2009-10-28 18:22 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-28 18:07 . 2009-10-28 18:22 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-28 18:04 . 2009-10-31 08:03 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2009-10-28 18:04 . 2009-10-28 18:04 -------- d-----w- c:\programmi\Kaspersky Lab
2009-10-27 19:13 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\37837622.sys
2009-10-27 17:07 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\99745568.sys
2009-10-27 16:38 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\54650354.sys
2009-10-27 16:36 . 2009-10-27 16:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\CrystalIdea Software
2009-10-27 16:29 . 2009-10-27 16:29 -------- d-----w- c:\programmi\Uninstall Tool
2009-10-27 16:28 . 2009-10-29 21:35 22060 -c--a-w- c:\windows\system32\dllcache\npds.zip
2009-10-27 16:28 . 2009-10-29 21:36 403 -c--a-w- c:\windows\system32\dllcache\npdrmv2.zip
2009-10-27 16:16 . 2009-10-27 16:17 -------- d-----w- C:\abc13308a
2009-10-26 21:30 . 2009-10-26 21:30 -------- d-----w- c:\programmi\Codyssey
2009-10-26 21:21 . 2009-10-26 21:24 -------- d-----w- c:\documents and settings\Beppe\Impostazioni locali\Dati applicazioni\Eraser
2009-10-26 21:17 . 2009-06-10 13:22 83344 ----a-w- c:\windows\system32\Erasext.dll
2009-10-26 21:17 . 2009-06-10 13:22 307088 ----a-w- c:\windows\system32\Eraser.dll
2009-10-26 21:17 . 2009-06-10 13:22 73104 ----a-w- c:\windows\system32\Eraserl.exe
2009-10-26 19:29 . 2009-10-26 19:29 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Martau
2009-10-24 19:09 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\07980805.sys
2009-10-17 10:44 . 2009-10-17 10:48 -------- d-----w- c:\programmi\XP TCPIP Repair
2009-10-17 08:26 . 2009-10-17 08:26 -------- d-----w- c:\documents and settings\Default User\Impostazioni locali\Dati applicazioni\Microsoft Help
2009-10-14 17:47 . 2009-10-14 17:47 -------- d-----w- c:\documents and settings\Beppe\Dati applicazioni\Malwarebytes
2009-10-14 17:47 . 2009-10-14 17:47 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-10-14 17:41 . 2009-10-31 08:03 85542944 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-14 17:36 . 2009-10-27 18:01 14848 -c--a-w- c:\windows\system32\dllcache\register.exe.REN
2009-10-14 14:07 . 2009-10-14 14:07 -------- d-----w- C:\QUARANTENA_VIRIT
2009-10-13 20:25 . 2009-10-13 20:25 -------- d-----w- c:\documents and settings\Beppe\Dati applicazioni\Desktop Maestro
2009-10-13 20:24 . 2009-10-23 06:59 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-10-11 10:25 . 2009-10-11 10:34 -------- d-----w- C:\abc
2009-10-10 14:54 . 2009-10-10 14:54 -------- d-----w- c:\programmi\MIKSOFT
2009-10-10 11:57 . 2009-10-11 12:41 -------- d-----w- c:\programmi\Lphant
2009-10-09 15:56 . 2009-10-11 12:24 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-10-09 15:38 . 2009-10-09 15:38 -------- d-----w- c:\documents and settings\Beppe\Impostazioni locali\Dati applicazioni\PackageAware
2009-10-09 13:33 . 2009-10-09 13:33 -------- d-----w- c:\documents and settings\Beppe\DoctorWeb
2009-10-09 05:28 . 2009-10-09 15:09 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Norton
2009-10-09 05:28 . 2009-10-09 05:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Symantec
2009-10-09 05:28 . 2009-10-09 05:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NortonInstaller
2009-10-07 22:15 . 2009-10-07 22:15 -------- d-----w- c:\programmi\NOS
2009-10-07 20:27 . 2009-10-07 20:27 -------- d-----w- c:\windows\system32\wbem\Repository
2009-10-07 20:26 . 2009-10-07 20:26 -------- d-----w- c:\programmi\K-Lite Codec Pack
2009-10-07 20:26 . 2009-10-07 20:26 -------- d-----w- c:\documents and settings\Beppe\Dati applicazioni\DivX
2009-10-07 20:26 . 2009-10-07 20:26 -------- d-----w- c:\programmi\Codec Pack - All In 1
2009-10-07 20:25 . 2009-10-07 20:25 -------- d-----w- c:\documents and settings\Beppe\Dati applicazioni\ATI
2009-10-07 20:22 . 2009-10-07 20:22 -------- d--h--w- c:\documents and settings\All Users\Dati applicazioni\{FCCD3ACF-B2F9-4087-B2A4-0DB5FADB9C32}
2009-10-07 20:22 . 2009-10-07 20:26 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McAfee Security Scan
2009-10-06 21:42 . 2009-10-07 20:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NOS(4)
2009-10-06 20:51 . 2009-10-07 20:59 -------- d-----w- c:\programmi\Mozilla Firefox(2)
2009-10-06 20:28 . 2009-10-06 20:28 0 ----a-w- c:\windows\nsreg.dat
2009-10-06 20:28 . 2009-10-06 20:28 -------- d-----w- c:\documents and settings\Beppe\Impostazioni locali\Dati applicazioni\Mozilla
2009-10-06 09:46 . 2009-10-07 20:26 -------- d-----w- c:\programmi\K-Lite Codec Pack(2)

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-31 07:59 . 2009-10-14 17:41 1003784 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-28 18:01 . 2009-01-19 19:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2009-10-27 15:57 . 2008-10-16 17:58 -------- d-----w- c:\documents and settings\Beppe\Dati applicazioni\uTorrent
2009-10-27 15:41 . 2001-08-31 12:00 91962 ----a-w- c:\windows\system32\perfc010.dat
2009-10-27 15:41 . 2001-08-31 12:00 505964 ----a-w- c:\windows\system32\perfh010.dat
2009-10-24 09:20 . 2009-10-13 14:23 241664 ----a-w- c:\documents and settings\NetworkService\NTUSER.DAT.TMP
2009-10-24 09:20 . 2009-10-12 12:31 32422 ----a-w- c:\windows\SchedLgU.Txt.TMP
2009-10-24 09:20 . 2009-10-12 12:31 262144 ----a-w- c:\documents and settings\LocalService\NTUSER.DAT.TMP
2009-10-24 09:20 . 2009-10-12 12:31 1024 ----a-w- c:\documents and settings\Beppe\ntuser.dat.LOG.TMP
2009-10-22 08:19 . 2009-10-12 12:31 1024 ----a-w- c:\documents and settings\Beppe\NTUSER~1.LOG.TMP
2009-10-22 08:18 . 2009-10-18 17:29 786432 ----a-w- c:\documents and settings\Administrator\ntuser.dat.TMP
2009-10-19 12:18 . 2009-09-08 21:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DriverScanner
2009-10-17 18:02 . 2008-09-05 16:15 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-10-13 20:14 . 2009-02-22 17:46 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Trend Micro
2009-10-12 16:34 . 2008-11-13 14:58 -------- d-----w- c:\programmi\Softwin
2009-10-12 16:34 . 2008-11-13 14:55 -------- d-----w- c:\programmi\File comuni\Softwin
2009-10-08 17:39 . 2008-10-31 13:41 -------- d-----w- c:\programmi\Windows Live Safety Center
2009-10-07 22:17 . 2009-09-30 10:17 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NOS
2009-10-07 20:23 . 2009-09-16 17:35 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-10-07 20:22 . 2009-09-08 21:18 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
2009-10-06 21:35 . 2008-09-15 20:28 -------- d-----w- c:\documents and settings\Beppe\Dati applicazioni\Vso
2009-10-01 11:21 . 2008-11-21 10:40 -------- d-----w- c:\documents and settings\Beppe\Dati applicazioni\Datalayer
2009-09-16 18:12 . 2008-09-10 06:39 -------- d-----w- c:\programmi\ATI Technologies
2009-09-16 17:39 . 2008-09-23 20:53 -------- d-----w- c:\programmi\Uniblue
2009-09-16 17:01 . 2009-09-16 17:01 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Uniblue
2009-09-16 16:59 . 2008-09-23 20:53 -------- d-----w- c:\documents and settings\Beppe\Dati applicazioni\Uniblue
2009-09-15 17:56 . 2009-09-15 17:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McAfee
2009-09-11 14:17 . 2001-08-31 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-09 07:52 . 2009-09-02 17:49 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Trymedia
2009-09-09 07:51 . 2009-09-08 21:48 -------- dc----w- c:\documents and settings\All Users\Dati applicazioni\{8A09CD83-59E1-4DB1-AAFC-E25174FC6706}
2009-09-09 07:51 . 2009-09-08 21:49 -------- dc----w- c:\documents and settings\All Users\Dati applicazioni\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2009-09-09 07:51 . 2009-09-09 07:51 867336 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2009-09-04 21:03 . 2001-08-31 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:56 . 2001-08-31 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2001-08-31 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-06 17:24 . 2008-09-05 14:26 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 17:24 . 2008-09-05 14:26 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 17:24 . 2008-09-05 14:26 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 17:24 . 2008-09-05 14:26 35552 ----a-w- c:\windows\system32\wups(2)(3).dll
2009-08-06 17:24 . 2007-07-30 17:19 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 17:24 . 2007-07-30 17:19 44768 ----a-w- c:\windows\system32\wups2(2)(3).dll
2009-08-06 17:24 . 2008-09-05 13:59 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-06 17:24 . 2001-08-31 12:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 17:23 . 2008-09-05 14:26 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 17:23 . 2008-09-06 15:49 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 17:23 . 2008-09-05 13:59 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-06 17:23 . 2008-07-18 20:07 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-05 08:59 . 2001-08-31 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 20:56 . 2001-08-31 12:00 2192896 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 17:26 . 2001-08-30 21:33 2069760 ------w- c:\windows\system32\ntkrnlpa.exe
.

((((((((((((((((((((((((((((( SnapShot_2009-10-27_19.02.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-03 14:45 . 2009-07-03 14:45 27507 c:\windows\system32\drivers\klopp.dat
+ 2009-05-16 19:59 . 2009-05-16 19:59 19472 c:\windows\system32\drivers\klmouflt.sys
+ 2009-05-13 16:46 . 2009-05-13 16:46 31760 c:\windows\system32\drivers\klim5.sys
+ 2008-12-15 19:41 . 2008-12-15 19:41 33808 c:\windows\system32\drivers\klbg.sys
+ 2008-09-05 14:06 . 2009-10-28 16:31 14848 c:\windows\system32\dllcache\register.exe
- 2008-09-05 14:06 . 2009-10-27 18:01 14848 c:\windows\system32\dllcache\register.exe
+ 2009-07-11 23:02 . 2009-07-11 23:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2009-07-03 14:48 . 2009-07-03 14:48 219664 c:\windows\system32\klogon.dll
+ 2009-10-28 18:03 . 2009-10-28 18:03 296976 c:\windows\system32\drivers\klif.sys
+ 2009-06-15 13:01 . 2009-06-15 13:01 128016 c:\windows\system32\drivers\kl1.sys
+ 2009-10-28 04:24 . 2009-10-28 04:24 195584 c:\windows\Installer\20e1da0.msi
+ 2009-10-30 17:17 . 2009-10-30 17:17 2563072 c:\windows\Installer\ae522b.msi
+ 2009-10-28 18:07 . 2009-10-28 18:07 3401216 c:\windows\Installer\5dfa7b.msi
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PcSync"="c:\programmi\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
"Uniblue RegistryBooster 2"="c:\programmi\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2008-01-10 1885464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpeedTouch USB Diagnostics"="c:\programmi\Thomson\SpeedTouch USB\Dragdiag.exe" [2003-09-05 878080]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"ATICCC"="c:\programmi\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\Beppe\Menu Avvio\Programmi\Esecuzione automatica\
is-H6EI7.lnk - c:\documents and settings\Beppe\Desktop\Virus Removal Tool2\is-H6EI7\startup.exe [2009-10-27 65536]
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\programmi\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
WinZip Quick Pick.lnk - c:\programmi\WinZip\WZQKPICK.EXE [2008-9-9 525664]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^McAfee Security Scan.lnk]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programmi\\SopCast\\adv\\SopAdver.exe"=
"c:\\Programmi\\SopCast\\SopCast.exe"=
"c:\\Programmi\\File comuni\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Programmi\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Programmi\\Lphant\\eLePhantClient.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"55556:UDP"= 55556:UDP:UDP
"55555:TCP"= 55555:TCP:TCP

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15/12/2008 20.41.32 33808]
R1 is-CPSHNdrv;is-CPSHNdrv;c:\windows\system32\drivers\54650354.sys [27/10/2009 17.38.22 148496]
R1 is-H6EI7drv;is-H6EI7drv;c:\windows\system32\drivers\37837622.sys [27/10/2009 20.13.00 148496]
R1 is-LLM70drv;is-LLM70drv;c:\windows\system32\drivers\07980805.sys [24/10/2009 20.09.41 148496]
R1 is-R58B8drv;is-R58B8drv;c:\windows\system32\drivers\99745568.sys [27/10/2009 18.07.46 148496]
R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\drivers\ousbehci.sys [05/09/2008 15.13.18 45440]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/05/2009 17.46.52 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16/05/2009 20.59.44 19472]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [05/09/2008 15.13.18 56960]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys --> c:\windows\system32\drivers\pavboot.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [19/01/2009 16.47.21 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [19/01/2009 16.47.24 8320]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\f:\ntglm7x.sys --> f:\NTGLM7X.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenuto della cartella 'Scheduled Tasks'

2009-10-25 c:\windows\Tasks\Uniblue SpeedUpMyPC Nag.job
- c:\programmi\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2009-09-14 08:13]

2009-09-14 c:\windows\Tasks\Uniblue SpeedUpMyPC.job
- c:\programmi\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2009-09-14 08:13]

2009-10-28 c:\windows\Tasks\Uniblue SpyEraser Nag.job
- c:\programmi\Uniblue\SpyEraser\SpyEraser.exe [2009-09-16 13:44]

2009-09-16 c:\windows\Tasks\Uniblue SpyEraser.job
- c:\programmi\Uniblue\SpyEraser\SpyEraser.exe [2009-09-16 13:44]

2009-10-31 c:\windows\Tasks\User_Feed_Synchronization-{5E3EABF5-93D7-4BDA-8F12-80749F258036}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]

2009-10-31 c:\windows\Tasks\Verifica e correzione automatica.job
- c:\programmi\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:27]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.libero.it/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Beppe\Dati applicazioni\Mozilla\Firefox\Profiles\ie1iw790.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - component: c:\programmi\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\documents and settings\Beppe\Dati applicazioni\Mozilla\Firefox\Profiles\ie1iw790.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-31 09:02
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
Avatar utente
partyboy78
Neo Iscritto
Neo Iscritto
 
Messaggi: 12
Iscritto il: mar ott 27, 2009 8:33 pm


Re: problema ad eliminare virusfighter

Messaggioda Roberto88 » sab ott 31, 2009 2:11 pm

a me successe la stessa cosa molto tempo fa con AVG, risolsi reinstallandolo e disinstallandolo con Revo Uninstaller (ripulendo tutte le voci asociate nel registro) e per sicurezza feci alcune passate con CCleaner e Wintools.net
spero di esserti stato d'aiuto
within the truth of evil and good there's more than you see
....much more than you should
Avatar utente
Roberto88
Bronze Member
Bronze Member
 
Messaggi: 968
Iscritto il: mar nov 11, 2008 11:17 pm

Re: problema ad eliminare virusfighter

Messaggioda partyboy78 » lun nov 02, 2009 11:08 am

non arrivo ancora ad eliminarlo...ho la cartella in c con la sottocartella con il programma "njeeves" ogni volta che provo a cancellarla mi dice impossibile eliminare controllare che il disco non sia pieno o protetto da scrittura e che il file non sia attualmente in uso!
Avatar utente
partyboy78
Neo Iscritto
Neo Iscritto
 
Messaggi: 12
Iscritto il: mar ott 27, 2009 8:33 pm

Re: problema ad eliminare virusfighter

Messaggioda crazy.cat » lun nov 02, 2009 12:10 pm

Hai già fatto la scansione con Malwarebytes o superantispyware?
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: problema ad eliminare virusfighter

Messaggioda partyboy78 » lun nov 02, 2009 3:29 pm

non ho provo con sti 2 ,adsso provo!!...ho fatto la scansione con:combofix,fxbeagle,findykill,hijackthis,elibagla e ho messo l'antivirus kaspersky versione di prova 30 giorni!se vuoi ti mando i report così gli dai un occhiata??
Avatar utente
partyboy78
Neo Iscritto
Neo Iscritto
 
Messaggi: 12
Iscritto il: mar ott 27, 2009 8:33 pm

Re: problema ad eliminare virusfighter

Messaggioda crazy.cat » lun nov 02, 2009 6:19 pm

partyboy78 ha scritto:fxbeagle,findykill,hijackthis,elibagla

Tutte cose inutili contro virusfighter che è un rogue software.
I log non servono.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: problema ad eliminare virusfighter

Messaggioda partyboy78 » lun nov 02, 2009 7:02 pm

ma 6 sicuro che si tratti di un virus?? VIRUSfighter ver. 5.99 è un antivirus che avevo caricato mesi fa....qualche file del antivirus si deve essere misciato a qualche file di windows..e non lo trovo dove si è nascosto x cancellarlo!! malwarebytes non ha trovato niente,mentre superantispyware mi ha trovato 22 ardware tracking cokie!
Avatar utente
partyboy78
Neo Iscritto
Neo Iscritto
 
Messaggi: 12
Iscritto il: mar ott 27, 2009 8:33 pm

Re: problema ad eliminare virusfighter

Messaggioda crazy.cat » lun nov 02, 2009 7:15 pm

Lo davano come uno rogue, cioè un programma inutile e pericoloso (ma forse è cambiato)
http://www.2-spyware.com/remove-virusfighter.html

Ci sono anche delle istruzioni su cosa ripulire.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: problema ad eliminare virusfighter

Messaggioda partyboy78 » lun nov 02, 2009 8:11 pm

ho visto il sito...ma non è il mio caso mi sa...ho provato a vedere le voci di registro da scancellare che c'erano sul sito ma sul mio pc non c'è traccia di loro!!
Avatar utente
partyboy78
Neo Iscritto
Neo Iscritto
 
Messaggi: 12
Iscritto il: mar ott 27, 2009 8:33 pm

Re: problema ad eliminare virusfighter

Messaggioda partyboy78 » mer nov 04, 2009 10:37 pm

ciao,crazy.cat penso di aver trovato dove si nasconde virusfighter...ho fatto la scansione con hijachthis e me l'ha trovato! puoi vedermi quali file inutili posso cancellare che io non ho esperienza!ti mando l,allegato! grazie Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22.45.04, on 04/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Programmi\Uniblue\SpyEraser\SpyEraser.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\oodag.exe
C:\Programmi\internet explorer\iexplore.exe
C:\Programmi\internet explorer\iexplore.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O4 - HKLM\..\Run: [avp] "C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Programmi\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Programmi\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Aggiungi ad Anti-Banner - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Tastiera Virtuale - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: C&ontrollo URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0636430906
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A63DCB9C-C6C6-4E60-86C8-BC68796EF54E}: NameServer = 85.37.17.14 85.38.28.78
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\VIRUSfighter\bin\NJEEVES.EXE (file missing)
O23 - Service: Norman ZANDA - Unknown owner - C:\VIRUSfighter\Bin\Zanda.exe (file missing)
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 7153 bytes
Avatar utente
partyboy78
Neo Iscritto
Neo Iscritto
 
Messaggi: 12
Iscritto il: mar ott 27, 2009 8:33 pm

Re: problema ad eliminare virusfighter

Messaggioda crazy.cat » gio nov 05, 2009 8:51 am

Devi rimuovere i due servizi inutili seguendo le istruzioni di questo articolo
http://www.MegaLab.it/2578/ripulire-la- ... di-windows

partyboy78 ha scritto:O23 - Service: Norman NJeeves - Unknown owner - C:\VIRUSfighter\bin\NJEEVES.EXE (file missing)
O23 - Service: Norman ZANDA - Unknown owner - C:\VIRUSfighter\Bin\Zanda.exe (file missing)
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre


Torna a Software

Chi c’è in linea

Visitano il forum: Nessuno e 17 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising