www.MegaLab.it

[giuseppe67]

nel fra tempo o fatto una scansione con spybot e ma trovato:Società:
Prodotto: DriveCleaner 2006
Minaccia: PUPS


Funzionalità
Pretends to be a registry cleanup utility

Descrizione
DriveCleaner 2006 is spread by a trojan horse and pretends to be a registry cleanup utility. If you scan your computer with DriveCleaner 2006 it may display hundreds of threats, which should get fixed by the user. But when you try to fix these problems, you have to purchase a licence.
Suggerimento del giorno: Clic sulla barra a destra per visualizzare ulteriori informazioni! ()


DriveCleaner 2006: [SBI $7E4FBD6E] ID di classe (Chiave di registro, nothing done)
HKEY_CLASSES_ROOT\CLSID\InprocServer32

Microsoft.WindowsSecurityCenter.AntiVirusOverride: [SBI $3604910C] Impostazioni (Modifica al registro, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride


--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-01-16 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2009-07-28 advcheck.dll (1.6.3.17)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2009-10-08 Includes\Adware.sbi (*)
2010-02-23 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-02-23 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-02-23 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-02-23 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-02-10 Includes\Malware.sbi (*)
2010-02-23 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-02-23 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-02-23 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-11-03 Includes\Spyware.sbi (*)
2010-02-23 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2010-02-16 Includes\Trojans.sbi (*)
2010-02-23 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
cosa fo?????????????????????????????????????????????????

[Uomo_Senza_Sonno]

Scusa se mi permetto, ma hai dato un'occhiata qua?
Non è per niente inerente alla richiesta di aiuto, ma almeno così i post sono di più facile visualizzazione.
Grazie

[giuseppe67]

no no avevo visto devo rimetterli tutti o no?

[giuseppe67]

o messo il file nel programmino e mi da questo risultato:File Trshlex.dll ricevuto il 2009.12.03 04:12:38 (UTC)
Stato corrente: finito

Risultato: 2/41 (4.88%)
Formattato Stampa risultati
Antivirus Versione Ultimo aggiornamento Risultato
a-squared 4.5.0.43 2009.12.03 -
AhnLab-V3 5.0.0.2 2009.12.03 -
AntiVir 7.9.1.92 2009.12.02 -
Antiy-AVL 2.0.3.7 2009.12.02 -
Authentium 5.2.0.5 2009.12.02 -
Avast 4.8.1351.0 2009.12.03 Win32:Delf-MZG
AVG 8.5.0.426 2009.12.02 -
BitDefender 7.2 2009.12.03 -
CAT-QuickHeal 10.00 2009.12.02 -
ClamAV 0.94.1 2009.12.03 -
Comodo 3103 2009.12.01 -
DrWeb 5.0.0.12182 2009.12.03 -
eSafe 7.0.17.0 2009.12.02 -
eTrust-Vet 35.1.7153 2009.12.02 -
F-Prot 4.5.1.85 2009.12.02 -
F-Secure 9.0.15370.0 2009.12.03 -
Fortinet 4.0.14.0 2009.12.03 -
GData 19 2009.12.03 Win32:Delf-MZG
Ikarus T3.1.1.74.0 2009.12.03 -
Jiangmin 13.0.900 2009.12.02 -
K7AntiVirus 7.10.910 2009.12.02 -
Kaspersky 7.0.0.125 2009.12.03 -
McAfee 5819 2009.12.01 -
McAfee+Artemis 5819 2009.12.01 -
McAfee-GW-Edition 6.8.5 2009.12.03 -
Microsoft 1.5302 2009.12.02 -
NOD32 4656 2009.12.02 -
Norman 6.03.02 2009.12.02 -
nProtect 2009.1.8.0 2009.12.02 -
Panda 10.0.2.2 2009.12.03 -
PCTools 7.0.3.5 2009.12.03 -
Prevx 3.0 2009.12.03 -
Rising 22.24.03.01 2009.12.03 -
Sophos 4.48.0 2009.12.03 -
Sunbelt 3.2.1858.2 2009.12.03 -
Symantec 1.4.4.12 2009.12.03 -
TheHacker 6.5.0.2.083 2009.12.01 -
TrendMicro 9.100.0.1001 2009.12.03 -
VBA32 3.12.12.0 2009.12.02 -
ViRobot 2009.12.2.2068 2009.12.02 -
VirusBuster 5.0.21.0 2009.12.02 -
Informazioni addizionali
File size: 467552 bytes
MD5 : b76fdc3cdb2580405fe8100d248b4821
SHA1 : 074665572523c7787f4bc3914568c04fafc4ec55
SHA256: 5e8d904ff8000d3e676e9d8ef48d162db216dc82a0731fad1080c452ec4a9112
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x60B50
timedatestamp.....: 0x2A425E19 (Sat Jun 20 00:22:17 1992)
machinetype.......: 0x14C (Intel I386)

( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x5FB68 0x5FC00 6.54 9db468a8209b5526fcce4c888108d3f5
DATA 0x61000 0x12C0 0x1400 4.09 35382a9ac62d5e1c39cb6cda7bed5c84
BSS 0x63000 0xC6D 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x64000 0x2678 0x2800 4.84 e25c0659b5df7b9c2cd611719dab0f94
.edata 0x67000 0xA4 0x200 1.93 dee1197c4fb9a92d91005d8055d7d826
.reloc 0x68000 0x6CA8 0x6E00 6.68 869533f9ecc0fd3f4fd0b3ec0902b0e0
.rsrc 0x6F000 0x6400 0x6400 4.13 a8bc95df671d8e313d641dcc1e17bad3

( 0 imports )


( 0 exports )

TrID : File type identification
Windows OCX File (80.8%)
Win32 Executable Delphi generic (9.6%)
Win32 Executable Generic (5.5%)
Win16/32 Executable Delphi generic (1.3%)
Generic Win/DOS Executable (1.3%)
ssdeep: 6144:kmflcAwTacg6vFCJmoZuU/1i4YvPlU7E14hjzAfCFigz5ql2ieL3n7xeuQgOAjRk:k+lcAWg6vF4my0+HEKg8pQMOAjVkDWs
PEiD : -
RDS : NSRL Reference Data Set

[giuseppe67]

nel fra tempo o fatto una scansione con spybot e ma trovato:Società:
Prodotto: DriveCleaner 2006
Minaccia: PUPS


Funzionalità
Pretends to be a registry cleanup utility

Descrizione
DriveCleaner 2006 is spread by a trojan horse and pretends to be a registry cleanup utility. If you scan your computer with DriveCleaner 2006 it may display hundreds of threats, which should get fixed by the user. But when you try to fix these problems, you have to purchase a licence.
Suggerimento del giorno: Clic sulla barra a destra per visualizzare ulteriori informazioni! ()


DriveCleaner 2006: [SBI $7E4FBD6E] ID di classe (Chiave di registro, nothing done)
HKEY_CLASSES_ROOT\CLSID\InprocServer32

Microsoft.WindowsSecurityCenter.AntiVirusOverride: [SBI $3604910C] Impostazioni (Modifica al registro, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride


--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-01-16 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2009-07-28 advcheck.dll (1.6.3.17)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2009-10-08 Includes\Adware.sbi (*)
2010-02-23 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-02-23 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-02-23 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-02-23 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-02-10 Includes\Malware.sbi (*)
2010-02-23 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-02-23 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-02-23 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-11-03 Includes\Spyware.sbi (*)
2010-02-23 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2010-02-16 Includes\Trojans.sbi (*)
2010-02-23 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
cosa fo?????????????????????????????????????????????????
giuseppe67
Aficionado


Messaggi: 30
Iscritto il: lun dic 22, 2008 10:05 pm
Messaggio privatoE-mail giuseppe67 Top

[Uomo_Senza_Sonno]

Sarebbe meglio così tutti i post si visualizzano meglio. In tutti i casi il modo corretto per postare i log è il seguente:

Codice: Seleziona tutto

[LOG]va inserito qui il testo[/LOG]

ed il risultato è il seguente

log

[giuseppe67]

nel fra tempo o fatto una scansione con spybot e ma trovato:Società:
Prodotto: DriveCleaner 2006
Minaccia: PUPS


Funzionalità
Pretends to be a registry cleanup utility

Descrizione
DriveCleaner 2006 is spread by a trojan horse and pretends to be a registry cleanup utility. If you scan your computer with DriveCleaner 2006 it may display hundreds of threats, which should get fixed by the user. But when you try to fix these problems, you have to purchase a licence.
Suggerimento del giorno: Clic sulla barra a destra per visualizzare ulteriori informazioni! ()


DriveCleaner 2006: [SBI $7E4FBD6E] ID di classe (Chiave di registro, nothing done)
HKEY_CLASSES_ROOT\CLSID\InprocServer32

Microsoft.WindowsSecurityCenter.AntiVirusOverride: [SBI $3604910C] Impostazioni (Modifica al registro, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride


--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-01-16 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2009-07-28 advcheck.dll (1.6.3.17)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2009-10-08 Includes\Adware.sbi (*)
2010-02-23 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-02-23 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-02-23 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-02-23 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-02-10 Includes\Malware.sbi (*)
2010-02-23 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-02-23 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-02-23 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-11-03 Includes\Spyware.sbi (*)
2010-02-23 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2010-02-16 Includes\Trojans.sbi (*)
2010-02-23 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
cosa fo?????????????????????????????????????????????????

[stevens]

scusa non ho capito bene

questo rogue DriveCleaner 2006 te lo ha eliminato?? controlla in pannello di controllo e vedi se e' riportato tra le installazioni

[giuseppe67]

nel pannello di controllo non ce ma il programma che o scaricato se chiama atf-cleaner.exe mica e questo?

[stevens]

no atf cleaner e' il pulitore che ti ho fatto eseguire prima

se malwarebytes non lo ha rilevato potrebbe anche non esserci

prova a leggere QUI

postami anche un log di hijackthis

[giuseppe67]

e Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 22.07.01, on 25/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\VEXPLite\viritsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\VEXPLite\MONLITE.EXE
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmi\Microsoft Student\Microsoft Encarta 2009 - Premium + Student DVD\EDICT.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Ninja\ninja.exe
C:\Programmi\HP\Digital Imaging\bin\hpqgalry.exe
C:\Programmi\Spybot - Search & Destroy\SpybotSD.exe
C:\Programmi\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Programmi\Bandoo\Plugins\IE\ieplugin.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Programmi\Power Translator 10\Applications\LEC IE Translation Extension.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVP] "C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLite\MONLITE.EXE
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [L09IXLRD_1560406] "C:\Programmi\Microsoft Student\Microsoft Encarta 2009 - Premium + Student DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Avvio rapido di HP Image Zone.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: ninja.lnk = C:\Programmi\Ninja\ninja.exe
O8 - Extra context menu item: Aggiungi ad Anti-Banner - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barra di ricerca di Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{45DC4DE7-2584-4638-8886-1B223360BF58}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{45DC4DE7-2584-4638-8886-1B223360BF58}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{45DC4DE7-2584-4638-8886-1B223360BF58}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{45DC4DE7-2584-4638-8886-1B223360BF58}: NameServer = 192.168.1.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Programmi\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Programmi\Power Translator 10\LogoMedia TranslateDotNet Server.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: VirIT eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLite\viritsvc.exe

--
End of file - 7888 bytes

[giuseppe67]

sto a rifa pure la scansione con spybot x vede cosa fa se lo rifa di nuovosto ìspyder

[giuseppe67]

sto a rifa la scansione con spybot e ce di nuovo cosa fo???????????????????

[stevens]

il log e' pulito

prova a trovare col ''cerca'' di windows questi file

udc2006.exe
updater.exe
pv.exe
dcsm.exe

se li trovi eliminali

vai in C:\PROGRAMMI e controlla se c'e' la cartella

secondo me non troverai niente, e' un bug di spybot come era indicato in quel post

[giuseppe67]

la carterlla non ce. con cerca mi a trovato di updater exe : azreus,adope,acrobat,reader,adobe air che fo???????

[stevens]

puoi dirmi il percorso di updater exe ?

[giuseppe67]

il percorso :start,cerca,file cartella,disco locale c,cerca updater exe

[giuseppe67]

ce nessuno che mi puo aiutare

[stevens]

giuseppe67 ti avevo chiesto il percorso, non come lo haii trovato

usa la funzione cerca e vedi in che percorso e' il file updater exe

[giuseppe67]

il file updater exe e in in c\ programmi\ file comuni\adobe