Axfreeporn

[sonniboi]

Ciao a tutti

ho un problema: sul mio PC si è installato un malware che non riesco a togliere - Axfreeporn.

Non riesco a mantenere attiva la mia linea ADSL perchè il malware interrompe la connessione e tenta di connettersi ad Axfreeporn.

Ho provato a scansionare il sistema con Prevx1 e Noadware (oltre che con Adaware e Spybotblaster) ma senza risultati.

Di seguito riporto il responso di Hijackthis.

Qualcuno può darmi una mano???

Grazie!



Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 22.37.05, on 16/03/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~2\FOLDER~1\FGKey.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.2480\G oogleToolbarNotifier.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Prevx1\PXConsole.exe
C:\Program Files\Prevx1\PXAgent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\programmi\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~2\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Prevx\pxbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: &Google Notebook - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.17--2067290891.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Google Notebook - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.17--2067290891.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O4 - HKLM\..\Run: [Adobe Version Cue CS2] C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Free Internet Window Washer] C:\PROGRA~2\FREEIN~1\Clearpch.exe -Start
O4 - HKCU\..\Run: [H/PC Connection Agent] C:\PROGRA~2\MICROS~4\wcescomm.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: PowerReg Scheduler V3.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Note this (Google Notebook) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.17--2067290891.dll/gn_menu1.html
O8 - Extra context menu item: Note this item (Google Notebook) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.17--2067290891.dll/gn_menu2.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~2\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~2\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferito portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~2\MICROS~4\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~2\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{300F1655-31DA-452E-B09E-E026C94502A3}: NameServer = 213.205.32.70 213.205.36.70
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\Google\GOOGLE~4\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Prevx Agent (PREVXAgent) - Prevx - C:\Program Files\Prevx1\PXAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 9577 bytes

[holifay]

Ciao e benvenuto/a

scarica questo: http://www.suspectfile.com/systemscan

avvialo, premi SCAN NOW e aspetta. Dopo un po' di minuti si aprirà un log, che viene anche salvato come report.txt in c:\suspectfile

Carica questo file su www.easy-share.com e poi posta qui il link che ti verrà dato così che possiamo analizzarlo. Non copiare il log qui sul forum: verrebbe tagliato.

[sonniboi]

Grazie per la risposta rapida!

Ecco il link del mio Systemscan file.

http://w12.easy-share.com/930069.html

Fammi sapere...

Paolo

[sergaf]

anche io ho lo stesso problema con axfreeporn qualcuno mi può aiutare?

posto HJ
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 22.55.27, on 18/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Programmi\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\devldr32.exe
C:\Programmi\SlySoft\AnyDVD\ElbyCheck.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ARESCOM\Modem Telindus Arescom ND220\dslmon.exe
C:\Programmi\eMule\emule.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Documents and Settings\Sergaf\Desktop\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Programmi\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Programmi\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "C:\Programmi\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
O4 - HKLM\..\Run: [AnyDVD] "C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Programmi\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128 .5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Programmi\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKLM\..\Policies\Explorer\Run: [1] C:\WINDOWS\winsys.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = ?
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Programmi\Executive Software\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: StyleXPService - Unknown owner - C:\Programmi\TGTSoft\StyleXP\StyleXPService.exe

--
End of file - 5495 bytes

[holifay]

@sonniboi: scarica questo http://noahdfear.geekstogo.com/FindAWF.exe
avvialo e attendi qualche minuto. Quando si apre il blocco note, copia qui il contenuto.


@sergaf: apri un topic tuo, è meglio

[sergaf]

Find AWF report by noahdfear ©2006


bak folders found
~~~~~~~~~~~

Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 3C1C-043F

Directory di C:\WINDOWS\BAK

11/05/2000 02.00 90.112 Updreg.exe
1 File 90.112 byte
2 Directory 6.508.474.368 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 3C1C-043F

Directory di C:\PROGRA~1\PEERGU~1\BAK

18/09/2005 18.40 1.421.824 pg2.exe
1 File 1.421.824 byte
2 Directory 6.508.474.368 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 3C1C-043F

Directory di C:\WINDOWS\SYSTEM32\BAK

19/08/2004 15.39 15.360 ctfmon.exe
09/07/2001 11.50 155.648 NeroCheck.exe
2 File 171.008 byte
2 Directory 6.508.470.272 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 3C1C-043F

Directory di C:\PROGRA~1\ALWILS~1\AVAST4\BAK

25/09/2006 17.42 108.160 ashDisp.exe
1 File 108.160 byte
2 Directory 6.508.470.272 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 3C1C-043F

Directory di C:\PROGRA~1\NOKIA\NOKIAP~1\BAK

15/06/2006 12.36 229.376 LAUNCH~1.EXE
27/06/2006 16.21 1.449.984 PcSync2.exe
2 File 1.679.360 byte
2 Directory 6.508.470.272 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 3C1C-043F

Directory di C:\PROGRA~1\SKYPE\PHONE\BAK

0 File 0 byte
2 Directory 6.508.470.272 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 3C1C-043F

Directory di C:\PROGRA~1\SLYSOFT\ANYDVD\BAK

29/09/2003 23.17 175.616 AnyDVD.exe
20/09/2003 21.23 45.056 ElbyCheck.exe
2 File 220.672 byte
2 Directory 6.508.470.272 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 3C1C-043F

Directory di C:\PROGRA~1\TGTSOFT\STYLEXP\BAK

30/01/2006 18.23 1.363.968 StyleXP.exe
1 File 1.363.968 byte
2 Directory 6.508.470.272 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 3C1C-043F

Directory di C:\WINDOWS\FLYAKI~1\TOOLS\BAK

0 File 0 byte
2 Directory 6.508.470.272 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 3C1C-043F

Directory di C:\DOCUME~1\SERGAF\IMPOST~1\OLDTMP\BAK

19/08/2004 15.39 60.928 wljaaf.exe
1 File 60.928 byte
2 Directory 6.508.470.272 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 3C1C-043F

Directory di C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\BAK

11/08/2005 17.30 81.920 issch.exe
11/08/2005 17.30 249.856 isuspm.exe
2 File 331.776 byte
2 Directory 6.508.470.272 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 3C1C-043F

Directory di C:\PROGRA~1\GOOGLE\GOOGLE~2\121128~1.546\BAK

27/01/2007 12.45 171.448 GoogleToolbarNotifier.exe
1 File 171.448 byte
2 Directory 6.508.466.176 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 3C1C-043F

Directory di C:\PROGRA~1\GOOGLE\GOOGLE~2\12908~1.500\BAK

21/11/2006 01.54 163.576 GoogleToolbarNotifier.exe
1 File 163.576 byte
2 Directory 6.508.466.176 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 3C1C-043F

Directory di C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK

03/05/2006 03.56 36.975 jusched.exe
1 File 36.975 byte
2 Directory 6.508.466.176 byte disponibili


Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

90112 11 May 2000 "C:\WINDOWS\Updreg.exe"
90112 11 May 2000 "C:\WINDOWS\bak\Updreg.exe"
90112 11 May 2000 "C:\Documents and Settings\Sergaf\Impostazioni locali\Oldtmp\_ISTMP2.DIR\_ISTMP0.DIR\Updreg.exe"
1421824 18 Sep 2005 "C:\Programmi\PeerGuardian2\pg2.exe"
1421824 18 Sep 2005 "C:\Programmi\PeerGuardian2\bak\pg2.exe"
15360 19 Aug 2004 "C:\WINDOWS\system32\ctfmon.exe"
15360 19 Aug 2004 "C:\WINDOWS\system32\bak\ctfmon.exe"
15360 19 Aug 2004 "F:\WINDOWS\system32\ctfmon.exe"
155648 9 Jul 2001 "C:\WINDOWS\system32\NeroCheck.exe"
155648 9 Jul 2001 "C:\WINDOWS\system32\bak\NeroCheck.exe"
155648 9 Jul 2001 "F:\WINDOWS\system32\NeroCheck.exe"
108160 15 Jan 2007 "C:\Programmi\Alwil Software\Avast4\ashDisp.exe"
108160 25 Sep 2006 "C:\Programmi\Alwil Software\Avast4\bak\ashDisp.exe"
229376 15 Jun 2006 "C:\Programmi\Nokia\Nokia PC Suite 6\LAUNCH~1.EXE"
229376 15 Jun 2006 "C:\Programmi\Nokia\Nokia PC Suite 6\bak\LAUNCH~1.EXE"
1449984 27 Jun 2006 "C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe"
1449984 27 Jun 2006 "C:\Programmi\Nokia\Nokia PC Suite 6\bak\PcSync2.exe"
175616 29 Sep 2003 "C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe"
175616 29 Sep 2003 "C:\Programmi\SlySoft\AnyDVD\bak\AnyDVD.exe"
175616 29 Sep 2003 "C:\Documents and Settings\Sergaf\Desktop\motore\Elby Clone Dvd V1.3.10.1 Anydvd 2.0.0.4 Ger Key\Anydvd V2.0.0.4\AnyDVD.exe"
45056 20 Sep 2003 "C:\Programmi\SlySoft\AnyDVD\ElbyCheck.exe"
45056 20 Sep 2003 "C:\Programmi\SlySoft\AnyDVD\bak\ElbyCheck.exe "
1363968 30 Jan 2006 "C:\Programmi\TGTSoft\StyleXP\StyleXP.exe"
1363968 30 Jan 2006 "C:\Programmi\TGTSoft\StyleXP\bak\StyleXP.exe"
60928 19 Aug 2004 "C:\Documents and Settings\Sergaf\Impostazioni locali\Oldtmp\wljaaf.exe"
60928 19 Aug 2004 "C:\Documents and Settings\Sergaf\Impostazioni locali\Oldtmp\bak\wljaaf.exe"
81920 11 Aug 2005 "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe"
81920 11 Aug 2005 "C:\Programmi\File comuni\InstallShield\UpdateService\bak\issch.exe"
69632 19 Sep 2003 "F:\Programmi\File comuni\InstallShield\UpdateService\issch.exe"
249856 11 Aug 2005 "C:\Programmi\File comuni\InstallShield\UpdateService\isuspm.exe"
249856 11 Aug 2005 "C:\Programmi\File comuni\InstallShield\UpdateService\bak\isuspm.exe"
52272 27 Jan 2007 "C:\Programmi\Google\googletoolbar3user.exe"
5007104 1 Jan 2007 "C:\Documents and Settings\Sergaf\Desktop\GoogleVideoPlayerSetup.exe "
69632 31 Oct 2006 "C:\Programmi\Google\Google Earth\googleearth.exe"
4997120 21 Sep 2006 "C:\Programmi\Google\Google Video Player\GoogleVideoPlayer.exe"
138168 27 Jan 2007 "C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe"
171448 27 Jan 2007 "C:\Programmi\Google\GoogleToolbarNotifier\1.2.112 8.5462\GoogleToolbarNotifier.exe"
171448 27 Jan 2007 "C:\Programmi\Google\GoogleToolbarNotifier\1.2.112 8.5462\bak\GoogleToolbarNotifier.exe"
163576 21 Nov 2006 "C:\Programmi\Google\GoogleToolbarNotifier\1.2.908 .5008\bak\GoogleToolbarNotifier.exe"
52272 27 Jan 2007 "C:\Programmi\Google\googletoolbar3user.exe"
5007104 1 Jan 2007 "C:\Documents and Settings\Sergaf\Desktop\GoogleVideoPlayerSetup.exe "
69632 31 Oct 2006 "C:\Programmi\Google\Google Earth\googleearth.exe"
4997120 21 Sep 2006 "C:\Programmi\Google\Google Video Player\GoogleVideoPlayer.exe"
138168 27 Jan 2007 "C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe"
171448 27 Jan 2007 "C:\Programmi\Google\GoogleToolbarNotifier\1.2.112 8.5462\GoogleToolbarNotifier.exe"
171448 27 Jan 2007 "C:\Programmi\Google\GoogleToolbarNotifier\1.2.112 8.5462\bak\GoogleToolbarNotifier.exe"
163576 21 Nov 2006 "C:\Programmi\Google\GoogleToolbarNotifier\1.2.908 .5008\bak\GoogleToolbarNotifier.exe"
36975 3 May 2006 "C:\Programmi\Java\jre1.5.0_07\bin\jusched.exe "
36975 3 May 2006 "C:\Programmi\Java\jre1.5.0_07\bin\bak\jusched.exe "
32873 28 Mar 2006 "C:\Programmi\File comuni\Autodesk Shared\DirectConnect2.0\java\bin\jusched.exe"


end of report

[holifay]

@sergaf, mi pareva di averti consigliato di aprire un tuo topic

Procediamo con ordine: scarica l´ultima versione di systemscan. Chiudi tutte le applicazioni e avvialo. Fai la scansione. Al termine ti salverà il file report.zip nella cartella suspectfile. Metti quel file su http://www.easy-share.com/ e posta qui il link al log.

Ciao

[Habanero]

Originariamente inviato da holifay
@sergaf, mi pareva di averti consigliato di aprire un tuo topic

Sergarf leggiti il regolamento per favore e fa' come ti ha detto holifay.