Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

come eliminare questi trojan horse

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

come eliminare questi trojan horse

Messaggioda rentonboy » lun gen 15, 2007 1:52 pm

ciao raga avrei bisogno di aiuto [V] ...,facendo una scansione al pc mi sono imbattuto in 2 trojan horse che però non riesco ad individuare.l'anv mi dice che la sorgente è la "backup copy" ma il guaio è che io non so dove andare a trovarla questa copia.... [cry] ,quindi non è che mi potreste aiutare? P.S. i 2 trojan che mi ha individuato si chiamano Trojan horse Dropper.Generic.DZD non so se vi potrà essere d'aiuto comunque grazie in anticipo.. [;)]
Avatar utente
rentonboy
Senior Member
Senior Member
 
Messaggi: 293
Iscritto il: mar ago 01, 2006 10:35 am

Messaggioda crazy.cat » lun gen 15, 2007 2:34 pm

Facci vedere uno screenshot del messaggio, poi quale antivirus ti rileva il problema.
Poi posta un log della scansione di hijackthis.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

ecco il log della scansione di hijackthis

Messaggioda rentonboy » lun gen 15, 2007 3:13 pm

Logfile of HijackThis v1.99.1
Scan saved at 11.18.29, on 15/01/07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmi\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programmi\Winamp\winampa.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\Programmi\Metacafe\MetacafeAgent.exe
C:\Programmi\Morpheus\Morpheus.exe
C:\Programmi\Grisoft\AVG Free\avgwb.dat
C:\WINDOWS\explorer.exe
C:\Programmi\Grisoft\AVG Free\avgvv.exe
C:\Documents and Settings\utente\Desktop\hijackthis_199\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SoundMAX] C:\Programmi\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: MetaCafe.lnk = C:\Programmi\Metacafe\MetacafeAgent.exe
O4 - Startup: Morpheus.lnk = C:\Programmi\Morpheus\Morpheus.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Metacafe.lnk = C:\Programmi\Metacafe\MetacafeAgent.exe
O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\programmi\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\programmi\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmi\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\programmi\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\programmi\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: IntelWireless - C:\Programmi\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmi\HPQ\Shared\hpqwmi.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programmi\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Avatar utente
rentonboy
Senior Member
Senior Member
 
Messaggi: 293
Iscritto il: mar ago 01, 2006 10:35 am


Messaggioda rentonboy » lun gen 15, 2007 3:16 pm

scusa se rispondo poco per volta ma mi cade la connessione in continuazione,comunque anv che uso è AVG (P.S. come si posta uno screenshot?) [:-H]
Avatar utente
rentonboy
Senior Member
Senior Member
 
Messaggi: 293
Iscritto il: mar ago 01, 2006 10:35 am

Messaggioda crazy.cat » lun gen 15, 2007 3:22 pm

rentonboy ha scritto:(P.S. come si posta uno screenshot?) [:-H]

http://www.MegaLab.it/2995

Adesso guardo il log.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda Amantide » lun gen 15, 2007 4:06 pm

Nel log non si vede nulla, potrebbe trattarsi di qualche rootkit.

Scarica Gmer, apri il tab Rootkit, seleziona Show all e premi Scan. A scansione terminata clicca sul bottone Copy ed incolla il log qui. Ripeti questa operazione anche per Autostart.
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Messaggioda rentonboy » lun gen 15, 2007 4:56 pm

scusa amantide ma ora non riesco a scaricare gmer appena riesco a ristabilire la connessione faccio quello che mi hai scritto... [;)] ciao
Avatar utente
rentonboy
Senior Member
Senior Member
 
Messaggi: 293
Iscritto il: mar ago 01, 2006 10:35 am

Messaggioda Amantide » lun gen 15, 2007 5:00 pm

Puoi scaricarlo anche da qui . [;)]
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

ecco il log autostart

Messaggioda rentonboy » lun gen 15, 2007 6:04 pm

GMER 1.0.12.12011 - http://www.gmer.net
Autostart scan 2007-01-15 17:03:50
Windows 5.1.2600 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%

\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On

SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3

ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32

\userinit.exe,

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>>
igfxcui@DLLName = igfxdev.dll
IntelWireless@DLLName = C:\Programmi\Intel\Wireless\Bin\LgNotify.dll
WgaLogon@DLLName = WgaLogon.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
Avg7Alrt /*AVG7 Alert Manager Server*/@ = C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Avg7UpdSvc /*AVG7 Update Service*/@ = C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
AVGEMS /*AVG E-mail Scanner*/@ = C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
btwdins /*Bluetooth Service*/@ = C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
EvtEng /*EvtEng*/@ = C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
LightScribeService /*LightScribeService Direct Disc Labeling Service*/@ = "C:\Programmi\File

comuni\LightScribe\LSSrvc.exe"
MDM /*Machine Debug Manager*/@ = "C:\Programmi\File comuni\Microsoft

Shared\VS7DEBUG\MDM.EXE"
RegSrvc /*RegSrvc*/@ = C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
S24EventMonitor /*Spectrum24 Event Monitor*/@ = C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
SoundMAX Agent Service (default) /*SoundMAX Agent Service*/@ = C:\Programmi\Analog

Devices\SoundMAX\SMAgent.exe
Spooler /*Spooler di stampa*/@ = %SystemRoot%\system32\spoolsv.exe
UMWdf /*Windows User Mode Driver Framework*/@ = C:\WINDOWS\system32\wdfmgr.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@ /*file not found*/ = /*file not found*/
@AVG7_CCC:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP = C:\PROGRA~1\Grisoft\AVGFRE~1

\avgcc.exe /STARTUP
@SoundMAXC:\Programmi\Analog Devices\SoundMAX\Smax4.exe /tray /*file not found*/ =

C:\Programmi\Analog Devices\SoundMAX\Smax4.exe /tray /*file not found*/
@SoundMAXPnPC:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe = C:\Programmi\Analog

Devices\SoundMAX\SMax4PNP.exe
@CorelDRAW Graphics Suite 11bC:\Programmi\Corel\Corel Graphics 12

\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=012007

serial=DR12WEX-1504397-KTY lang=EN /*file not found*/ = C:\Programmi\Corel\Corel Graphics

12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=012007

serial=DR12WEX-1504397-KTY lang=EN /*file not found*/
@NeroFilterCheckC:\WINDOWS\system32\NeroCheck.exe = C:\WINDOWS\system32\NeroCheck.exe
@WinampAgentC:\Programmi\Winamp\winampa.exe = C:\Programmi\Winamp\winampa.exe
@KernelFaultCheck%systemroot%\system32\dumprep 0 -k = %systemroot%\system32\dumprep 0 -k

HKCU\Software\Microsoft\Windows\CurrentVersion\Run@ctfmon.exe = C:\WINDOWS\system32

\ctfmon.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di

controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Pagina proprietà versioni precedenti*/%

SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Versioni precedenti*/%SystemRoot%\system32

\twext.dll = %SystemRoot%\system32\twext.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\WINDOWS\system32\ieframe.dll =

C:\WINDOWS\system32\ieframe.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\WINDOWS\system32

\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/C:\WINDOWS\system32\ieframe.dll

= C:\WINDOWS\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History

Service*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\WINDOWS\system32\ieframe.dll =

C:\WINDOWS\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32

\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32

\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\WINDOWS\system32

\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\WINDOWS\system32\ieframe.dll =

C:\WINDOWS\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\WINDOWS\system32

\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:\WINDOWS\system32

\extmgr.dll = C:\WINDOWS\system32\extmgr.dll
@CorelDRAW Shell Extension Component /*CorelDRAW Shell Extension Component*/(null) =
@{6af09ec9-b429-11d4-a1fb-0090960218cb} /*My Bluetooth Places*/C:\WINDOWS\system32

\btneighborhood.dll = C:\WINDOWS\system32\btneighborhood.dll
@{2F603045-309F-11CF-9774-0020AFD0CFF6} /*Synaptics Control

Panel*/C:\Programmi\Synaptics\SynTP\SynTPCpl.dll = C:\Programmi\Synaptics\SynTP\SynTPCpl.dll
@{DEE12703-6333-4D4E-8F34-738C4DCC2E04} /*RecordNow!

SendToExt*/C:\Programmi\Sonic\RecordNow!\shlext.dll = C:\Programmi\Sonic\RecordNow!

\shlext.dll
@{5CA3D70E-1895-11CF-8E15-001234567890} /*DriveLetterAccess*/C:\WINDOWS\system32

\dla\tfswshx.dll = C:\WINDOWS\system32\dla\tfswshx.dll
@{E0D79304-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL =

C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79305-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL =

C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79306-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL =

C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79307-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL =

C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell

extension*/C:\Programmi\WinRAR\rarext.dll = C:\Programmi\WinRAR\rarext.dll
@{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0} /*TuneUp Shredder Shell Context Menu

Extension*/"C:\Programmi\TuneUp Utilities 2006\sdshelex.dll" = "C:\Programmi\TuneUp

Utilities 2006\sdshelex.dll"
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Cartelle Web*/C:\PROGRA~1\FILECO~1\MICROS~1

\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon

Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~2\OFFICE11

\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon

Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\OFFICE11

\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon

Handler*/C:\Programmi\Microsoft Office\OFFICE11\msohev.dll = C:\Programmi\Microsoft

Office\OFFICE11\msohev.dll
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\WINDOWS\system32

\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\WINDOWS\system32\ieframe.dll =

C:\WINDOWS\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\WINDOWS\system32\ieframe.dll

= C:\WINDOWS\system32\ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\WINDOWS\system32\ieframe.dll =

C:\WINDOWS\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\WINDOWS\system32\ieframe.dll

= C:\WINDOWS\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\WINDOWS\system32\ieframe.dll =

C:\WINDOWS\system32\ieframe.dll
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\WINDOWS\system32\ieframe.dll =

C:\WINDOWS\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete

List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\WINDOWS\system32

\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\WINDOWS\system32

\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\WINDOWS\system32\ieframe.dll =

C:\WINDOWS\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\WINDOWS\system32

\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\WINDOWS\system32

\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete

List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List

Container*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} /*Microsoft Browser

Architecture*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\WINDOWS\system32

\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\WINDOWS\system32

\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\WINDOWS\system32\ieframe.dll =

C:\WINDOWS\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options

Utility*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/C:\WINDOWS\system32\ieframe.dll =

C:\WINDOWS\system32\ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted

List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} /*AVG7 Shell Extension*/C:\PROGRA~1

\Grisoft\AVGFRE~1\avgse.dll = C:\PROGRA~1\Grisoft\AVGFRE~1\avgse.dll
@{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} /*AVG7 Find Extension*/C:\PROGRA~1\Grisoft\AVGFRE~1

\avgse.dll = C:\PROGRA~1\Grisoft\AVGFRE~1\avgse.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
AVG7 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\PROGRA~1\Grisoft\AVGFRE~1

\avgse.dll
TuneUp Shredder@{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0} = "C:\Programmi\TuneUp Utilities

2006\sdshelex.dll"
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
TuneUp Shredder@{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0} = "C:\Programmi\TuneUp Utilities

2006\sdshelex.dll"
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
AVG7 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\PROGRA~1\Grisoft\AVGFRE~1

\avgse.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Programmi\Adobe\Acrobat 7.0

\ActiveX\AcroIEHelper.dll = C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1

\SPYBOT~1\SDHelper.dll
@{5CA3D70E-1895-11CF-8E15-001234567890}C:\WINDOWS\system32\dla\tfswshx.dll =

C:\WINDOWS\system32\dla\tfswshx.dll
@{AA58ED58-01DD-4d91-8333-CF10577473F7}c:\programmi\google\googletoolbar2.dll =

c:\programmi\google\googletoolbar2.dll

HKCU\Control Panel\Desktop@SCRNSAVE.EXE = c:\windows\jaws.scr

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 =

http://go.microsoft.com/fwlink/?LinkId=69157
@Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?

LinkId=69157
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.google.it/ = http://www.google.it/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Programmi\File comuni\Microsoft

Shared\OFFICE11\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
ms-itss@CLSID = C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL
mso-offdap@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll

HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll

C:\Documents and Settings\utente\Menu Avvio\Programmi\Esecuzione automatica >>>
MetaCafe.lnk = MetaCafe.lnk
Morpheus.lnk = Morpheus.lnk

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica >>>
Adobe Gamma Loader.lnk = Adobe Gamma Loader.lnk
BTTray.lnk = BTTray.lnk
Metacafe.lnk = Metacafe.lnk

---- EOF - GMER 1.0.12 ----
Avatar utente
rentonboy
Senior Member
Senior Member
 
Messaggi: 293
Iscritto il: mar ago 01, 2006 10:35 am

Messaggioda Amantide » lun gen 15, 2007 7:05 pm

La scansione Rootkit non riesci a farla?
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Messaggioda rentonboy » lun gen 15, 2007 7:16 pm

GMER 1.0.12.12011 - http://www.gmer.net
Rootkit scan 2007-01-15 18:02:57
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.12 ----

INT 0x00 \WINDOWS\system32\ntkrnlpa.exe 8053D36C
INT 0x01 \WINDOWS\system32\ntkrnlpa.exe 8053D4E4
INT 0x03 \WINDOWS\system32\ntkrnlpa.exe 8053D8B4
INT 0x04 \WINDOWS\system32\ntkrnlpa.exe 8053DA34
INT 0x05 \WINDOWS\system32\ntkrnlpa.exe 8053DB90
INT 0x06 \WINDOWS\system32\ntkrnlpa.exe 8053DD04
INT 0x07 \WINDOWS\system32\ntkrnlpa.exe 8053E36C
INT 0x09 \WINDOWS\system32\ntkrnlpa.exe 8053E790
INT 0x0A \WINDOWS\system32\ntkrnlpa.exe 8053E8B0
INT 0x0B \WINDOWS\system32\ntkrnlpa.exe 8053E9F0
INT 0x0C \WINDOWS\system32\ntkrnlpa.exe 8053EC4C
INT 0x0D \WINDOWS\system32\ntkrnlpa.exe 8053EF30
INT 0x0E \WINDOWS\system32\ntkrnlpa.exe 8053F620
INT 0x0F \WINDOWS\system32\ntkrnlpa.exe 8053F950
INT 0x10 \WINDOWS\system32\ntkrnlpa.exe 8053FA70
INT 0x11 \WINDOWS\system32\ntkrnlpa.exe 8053FBA8
INT 0x12 \WINDOWS\system32\ntkrnlpa.exe 8053F950
INT 0x13 \WINDOWS\system32\ntkrnlpa.exe 8053FD10
INT 0x14 \WINDOWS\system32\ntkrnlpa.exe 8053F950
INT 0x15 \WINDOWS\system32\ntkrnlpa.exe 8053F950
INT 0x16 \WINDOWS\system32\ntkrnlpa.exe 8053F950
INT 0x17 \WINDOWS\system32\ntkrnlpa.exe 8053F950
INT 0x18 \WINDOWS\system32\ntkrnlpa.exe 8053F950
INT 0x19 \WINDOWS\system32\ntkrnlpa.exe 8053F950
INT 0x1A \WINDOWS\system32\ntkrnlpa.exe 8053F950
INT 0x1B \WINDOWS\system32\ntkrnlpa.exe 8053F950
INT 0x1C \WINDOWS\system32\ntkrnlpa.exe 8053F950
INT 0x1D \WINDOWS\system32\ntkrnlpa.exe 8053F950
INT 0x1E \WINDOWS\system32\ntkrnlpa.exe 8053F950
INT 0x1F \WINDOWS\system32\hal.dll 806D0FD0
INT 0x2A \WINDOWS\system32\ntkrnlpa.exe 8053CBAE
INT 0x2B \WINDOWS\system32\ntkrnlpa.exe 8053CCB0
INT 0x2C \WINDOWS\system32\ntkrnlpa.exe 8053CE50
INT 0x2D \WINDOWS\system32\ntkrnlpa.exe 8053D790
INT 0x2E \WINDOWS\system32\ntkrnlpa.exe 8053C651
INT 0x2F \WINDOWS\system32\ntkrnlpa.exe 8053F950
INT 0x30 \WINDOWS\system32\ntkrnlpa.exe 8053BD10
INT 0x31 \WINDOWS\system32\ntkrnlpa.exe 8053BD1A
INT 0x32 \WINDOWS\system32\ntkrnlpa.exe 8053BD24
INT 0x33 \WINDOWS\system32\ntkrnlpa.exe 8053BD2E
INT 0x34 \WINDOWS\system32\ntkrnlpa.exe 8053BD38
INT 0x35 \WINDOWS\system32\ntkrnlpa.exe 8053BD42
INT 0x36 \WINDOWS\system32\ntkrnlpa.exe 8053BD4C
INT 0x37 \WINDOWS\system32\hal.dll 806D0728
INT 0x38 \WINDOWS\system32\ntkrnlpa.exe 8053BD60
INT 0x39 \WINDOWS\system32\ntkrnlpa.exe 8053BD6A
INT 0x3A \WINDOWS\system32\ntkrnlpa.exe 8053BD74
INT 0x3B \WINDOWS\system32\ntkrnlpa.exe 8053BD7E
INT 0x3C \WINDOWS\system32\ntkrnlpa.exe 8053BD88
INT 0x3D \WINDOWS\system32\hal.dll 806D1B70
INT 0x3E \WINDOWS\system32\ntkrnlpa.exe 8053BD9C
INT 0x3F \WINDOWS\system32\ntkrnlpa.exe 8053BDA6
INT 0x40 \WINDOWS\system32\ntkrnlpa.exe 8053BDB0
INT 0x41 \WINDOWS\system32\hal.dll 806D19CC
INT 0x42 \WINDOWS\system32\ntkrnlpa.exe 8053BDC4
INT 0x43 \WINDOWS\system32\ntkrnlpa.exe 8053BDCE
INT 0x44 \WINDOWS\system32\ntkrnlpa.exe 8053BDD8
INT 0x45 \WINDOWS\system32\ntkrnlpa.exe 8053BDE2
INT 0x46 \WINDOWS\system32\ntkrnlpa.exe 8053BDEC
INT 0x47 \WINDOWS\system32\ntkrnlpa.exe 8053BDF6
INT 0x48 \WINDOWS\system32\ntkrnlpa.exe 8053BE00
INT 0x49 \WINDOWS\system32\ntkrnlpa.exe 8053BE0A
INT 0x4A \WINDOWS\system32\ntkrnlpa.exe 8053BE14
INT 0x4B \WINDOWS\system32\ntkrnlpa.exe 8053BE1E
INT 0x4C \WINDOWS\system32\ntkrnlpa.exe 8053BE28
INT 0x4D \WINDOWS\system32\ntkrnlpa.exe 8053BE32
INT 0x4E \WINDOWS\system32\ntkrnlpa.exe 8053BE3C
INT 0x4F \WINDOWS\system32\ntkrnlpa.exe 8053BE46
INT 0x50 \WINDOWS\system32\hal.dll 806D0800
INT 0x51 \WINDOWS\system32\ntkrnlpa.exe 8053BE5A
INT 0x52 \WINDOWS\system32\ntkrnlpa.exe 8053BE64
INT 0x53 \WINDOWS\system32\ntkrnlpa.exe 8053BE6E
INT 0x54 \WINDOWS\system32\ntkrnlpa.exe 8053BE78
INT 0x55 \WINDOWS\system32\ntkrnlpa.exe 8053BE82
INT 0x56 \WINDOWS\system32\ntkrnlpa.exe 8053BE8C
INT 0x57 \WINDOWS\system32\ntkrnlpa.exe 8053BE96
INT 0x58 \WINDOWS\system32\ntkrnlpa.exe 8053BEA0
INT 0x59 \WINDOWS\system32\ntkrnlpa.exe 8053BEAA
INT 0x5A \WINDOWS\system32\ntkrnlpa.exe 8053BEB4
INT 0x5B \WINDOWS\system32\ntkrnlpa.exe 8053BEBE
INT 0x5C \WINDOWS\system32\ntkrnlpa.exe 8053BEC8
INT 0x5D \WINDOWS\system32\ntkrnlpa.exe 8053BED2
INT 0x5E \WINDOWS\system32\ntkrnlpa.exe 8053BEDC
INT 0x5F \WINDOWS\system32\ntkrnlpa.exe 8053BEE6
INT 0x60 \WINDOWS\system32\ntkrnlpa.exe 8053BEF0
INT 0x61 \WINDOWS\system32\ntkrnlpa.exe 8053BEFA
INT 0x64 \WINDOWS\system32\ntkrnlpa.exe 8053BF18
INT 0x65 \WINDOWS\system32\ntkrnlpa.exe 8053BF22
INT 0x66 \WINDOWS\system32\ntkrnlpa.exe 8053BF2C
INT 0x67 \WINDOWS\system32\ntkrnlpa.exe 8053BF36
INT 0x68 \WINDOWS\system32\ntkrnlpa.exe 8053BF40
INT 0x69 \WINDOWS\system32\ntkrnlpa.exe 8053BF4A
INT 0x6A \WINDOWS\system32\ntkrnlpa.exe 8053BF54
INT 0x6B \WINDOWS\system32\ntkrnlpa.exe 8053BF5E
INT 0x6C \WINDOWS\system32\ntkrnlpa.exe 8053BF68
INT 0x6D \WINDOWS\system32\ntkrnlpa.exe 8053BF72
INT 0x6E \WINDOWS\system32\ntkrnlpa.exe 8053BF7C
INT 0x6F \WINDOWS\system32\ntkrnlpa.exe 8053BF86
INT 0x70 \WINDOWS\system32\ntkrnlpa.exe 8053BF90
INT 0x71 \WINDOWS\system32\ntkrnlpa.exe 8053BF9A
INT 0x72 \WINDOWS\system32\ntkrnlpa.exe 8053BFA4
INT 0x74 \WINDOWS\system32\ntkrnlpa.exe 8053BFB8
INT 0x75 \WINDOWS\system32\ntkrnlpa.exe 8053BFC2
INT 0x76 \WINDOWS\system32\ntkrnlpa.exe 8053BFCC
INT 0x77 \WINDOWS\system32\ntkrnlpa.exe 8053BFD6
INT 0x78 \WINDOWS\system32\ntkrnlpa.exe 8053BFE0
INT 0x79 \WINDOWS\system32\ntkrnlpa.exe 8053BFEA
INT 0x7A \WINDOWS\system32\ntkrnlpa.exe 8053BFF4
INT 0x7B \WINDOWS\system32\ntkrnlpa.exe 8053BFFE
INT 0x7C \WINDOWS\system32\ntkrnlpa.exe 8053C008
INT 0x7D \WINDOWS\system32\ntkrnlpa.exe 8053C012
INT 0x7E \WINDOWS\system32\ntkrnlpa.exe 8053C01C
INT 0x7F \WINDOWS\system32\ntkrnlpa.exe 8053C026
INT 0x80 \WINDOWS\system32\ntkrnlpa.exe 8053C030
INT 0x81 \WINDOWS\system32\ntkrnlpa.exe 8053C03A
INT 0x82 \WINDOWS\system32\ntkrnlpa.exe 8053C044
INT 0x85 \WINDOWS\system32\ntkrnlpa.exe 8053C062
INT 0x86 \WINDOWS\system32\ntkrnlpa.exe 8053C06C
INT 0x87 \WINDOWS\system32\ntkrnlpa.exe 8053C076
INT 0x88 \WINDOWS\system32\ntkrnlpa.exe 8053C080
INT 0x89 \WINDOWS\system32\ntkrnlpa.exe 8053C08A
INT 0x8A \WINDOWS\system32\ntkrnlpa.exe 8053C094
INT 0x8B \WINDOWS\system32\ntkrnlpa.exe 8053C09E
INT 0x8C \WINDOWS\system32\ntkrnlpa.exe 8053C0A8
INT 0x8D \WINDOWS\system32\ntkrnlpa.exe 8053C0B2
INT 0x8E \WINDOWS\system32\ntkrnlpa.exe 8053C0BC
INT 0x8F \WINDOWS\system32\ntkrnlpa.exe 8053C0C6
INT 0x90 \WINDOWS\system32\ntkrnlpa.exe 8053C0D0
INT 0x91 \WINDOWS\system32\ntkrnlpa.exe 8053C0DA
INT 0x92 \WINDOWS\system32\ntkrnlpa.exe 8053C0E4
INT 0x95 \WINDOWS\system32\ntkrnlpa.exe 8053C102
INT 0x96 \WINDOWS\system32\ntkrnlpa.exe 8053C10C
INT 0x97 \WINDOWS\system32\ntkrnlpa.exe 8053C116
INT 0x98 \WINDOWS\system32\ntkrnlpa.exe 8053C120
INT 0x99 \WINDOWS\system32\ntkrnlpa.exe 8053C12A
INT 0x9A \WINDOWS\system32\ntkrnlpa.exe 8053C134
INT 0x9B \WINDOWS\system32\ntkrnlpa.exe 8053C13E
INT 0x9C \WINDOWS\system32\ntkrnlpa.exe 8053C148
INT 0x9D \WINDOWS\system32\ntkrnlpa.exe 8053C152
INT 0x9E \WINDOWS\system32\ntkrnlpa.exe 8053C15C
INT 0x9F \WINDOWS\system32\ntkrnlpa.exe 8053C166
INT 0xA0 \WINDOWS\system32\ntkrnlpa.exe 8053C170
INT 0xA1 \WINDOWS\system32\ntkrnlpa.exe 8053C17A
INT 0xA2 \WINDOWS\system32\ntkrnlpa.exe 8053C184
INT 0xA5 \WINDOWS\system32\ntkrnlpa.exe 8053C1A2
INT 0xA6 \WINDOWS\system32\ntkrnlpa.exe 8053C1AC
INT 0xA7 \WINDOWS\system32\ntkrnlpa.exe 8053C1B6
INT 0xA8 \WINDOWS\system32\ntkrnlpa.exe 8053C1C0
INT 0xA9 \WINDOWS\system32\ntkrnlpa.exe 8053C1CA
INT 0xAA \WINDOWS\system32\ntkrnlpa.exe 8053C1D4
INT 0xAB \WINDOWS\system32\ntkrnlpa.exe 8053C1DE
INT 0xAC \WINDOWS\system32\ntkrnlpa.exe 8053C1E8
INT 0xAD \WINDOWS\system32\ntkrnlpa.exe 8053C1F2
INT 0xAE \WINDOWS\system32\ntkrnlpa.exe 8053C1FC
INT 0xAF \WINDOWS\system32\ntkrnlpa.exe 8053C206
INT 0xB0 \WINDOWS\system32\ntkrnlpa.exe 8053C210
INT 0xB2 \WINDOWS\system32\ntkrnlpa.exe 8053C224
INT 0xB3 \WINDOWS\system32\ntkrnlpa.exe 8053C22E
INT 0xB5 \WINDOWS\system32\ntkrnlpa.exe 8053C242
INT 0xB6 \WINDOWS\system32\ntkrnlpa.exe 8053C24C
INT 0xB7 \WINDOWS\system32\ntkrnlpa.exe 8053C256
INT 0xB8 \WINDOWS\system32\ntkrnlpa.exe 8053C260
INT 0xB9 \WINDOWS\system32\ntkrnlpa.exe 8053C26A
INT 0xBA \WINDOWS\system32\ntkrnlpa.exe 8053C274
INT 0xBB \WINDOWS\system32\ntkrnlpa.exe 8053C27E
INT 0xBC \WINDOWS\system32\ntkrnlpa.exe 8053C288
INT 0xBD \WINDOWS\system32\ntkrnlpa.exe 8053C292
INT 0xBE \WINDOWS\system32\ntkrnlpa.exe 8053C29C
INT 0xBF \WINDOWS\system32\ntkrnlpa.exe 8053C2A6
INT 0xC0 \WINDOWS\system32\ntkrnlpa.exe 8053C2B0
INT 0xC1 \WINDOWS\system32\hal.dll 806D0984
INT 0xC2 \WINDOWS\system32\ntkrnlpa.exe 8053C2C4
INT 0xC3 \WINDOWS\system32\ntkrnlpa.exe 8053C2CE
INT 0xC4 \WINDOWS\system32\ntkrnlpa.exe 8053C2D8
INT 0xC5 \WINDOWS\system32\ntkrnlpa.exe 8053C2E2
INT 0xC6 \WINDOWS\system32\ntkrnlpa.exe 8053C2EC
INT 0xC7 \WINDOWS\system32\ntkrnlpa.exe 8053C2F6
INT 0xC8 \WINDOWS\system32\ntkrnlpa.exe 8053C300
INT 0xC9 \WINDOWS\system32\ntkrnlpa.exe 8053C30A
INT 0xCA \WINDOWS\system32\ntkrnlpa.exe 8053C314
INT 0xCB \WINDOWS\system32\ntkrnlpa.exe 8053C31E
INT 0xCC \WINDOWS\system32\ntkrnlpa.exe 8053C328
INT 0xCD \WINDOWS\system32\ntkrnlpa.exe 8053C332
INT 0xCE \WINDOWS\system32\ntkrnlpa.exe 8053C33C
INT 0xCF \WINDOWS\system32\ntkrnlpa.exe 8053C346
INT 0xD0 \WINDOWS\system32\ntkrnlpa.exe 8053C350
INT 0xD1 \WINDOWS\system32\hal.dll 806CFD34
INT 0xD2 \WINDOWS\system32\ntkrnlpa.exe 8053C364
INT 0xD3 \WINDOWS\system32\ntkrnlpa.exe 8053C36E
INT 0xD4 \WINDOWS\system32\ntkrnlpa.exe 8053C378
INT 0xD5 \WINDOWS\system32\ntkrnlpa.exe 8053C382
INT 0xD6 \WINDOWS\system32\ntkrnlpa.exe 8053C38C
INT 0xD7 \WINDOWS\system32\ntkrnlpa.exe 8053C396
INT 0xD8 \WINDOWS\system32\ntkrnlpa.exe 8053C3A0
INT 0xD9 \WINDOWS\system32\ntkrnlpa.exe 8053C3AA
INT 0xDA \WINDOWS\system32\ntkrnlpa.exe 8053C3B4
INT 0xDB \WINDOWS\system32\ntkrnlpa.exe 8053C3BE
INT 0xDC \WINDOWS\system32\ntkrnlpa.exe 8053C3C8
INT 0xDD \WINDOWS\system32\ntkrnlpa.exe 8053C3D2
INT 0xDE \WINDOWS\system32\ntkrnlpa.exe 8053C3DC
INT 0xDF \WINDOWS\system32\ntkrnlpa.exe 8053C3E6
INT 0xE0 \WINDOWS\system32\ntkrnlpa.exe 8053C3F0
INT 0xE1 \WINDOWS\system32\hal.dll 806D0F0C
INT 0xE2 \WINDOWS\system32\ntkrnlpa.exe 8053C404
INT 0xE3 \WINDOWS\system32\hal.dll 806D0C70
INT 0xE4 \WINDOWS\system32\ntkrnlpa.exe 8053C418
INT 0xE5 \WINDOWS\system32\ntkrnlpa.exe 8053C422
INT 0xE6 \WINDOWS\system32\ntkrnlpa.exe 8053C42C
INT 0xE7 \WINDOWS\system32\ntkrnlpa.exe 8053C436
INT 0xE8 \WINDOWS\system32\ntkrnlpa.exe 8053C440
INT 0xE9 \WINDOWS\system32\ntkrnlpa.exe 8053C44A
INT 0xEA \WINDOWS\system32\ntkrnlpa.exe 8053C454
INT 0xEB \WINDOWS\system32\ntkrnlpa.exe 8053C45E
INT 0xEC \WINDOWS\system32\ntkrnlpa.exe 8053C468
INT 0xED \WINDOWS\system32\ntkrnlpa.exe 8053C472
INT 0xEE \WINDOWS\system32\ntkrnlpa.exe 8053C479
INT 0xEF \WINDOWS\system32\ntkrnlpa.exe 8053C480
INT 0xF0 \WINDOWS\system32\ntkrnlpa.exe 8053C487
INT 0xF1 \WINDOWS\system32\ntkrnlpa.exe 8053C48E
INT 0xF2 \WINDOWS\system32\ntkrnlpa.exe 8053C495
INT 0xF3 \WINDOWS\system32\ntkrnlpa.exe 8053C49C
INT 0xF4 \WINDOWS\
Avatar utente
rentonboy
Senior Member
Senior Member
 
Messaggi: 293
Iscritto il: mar ago 01, 2006 10:35 am

Messaggioda Amantide » lun gen 15, 2007 7:33 pm

Non si vede niente di niente, evidentemente i file segnalati si trovavano o nella cartella dei file di ripristino o in qualche altra cartella bloccata dal sistema.
Se non riesci a farci vedere lo screenshot dell'errore l'unica via per capire di cosa si tratta è fare la scansione online con Kaspersky. Fatta la scansione, posta qui il log.
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising