Salve a tutti,
dopo aver risolto con istant access adesso ci risiamo con un dialer chiamato CONNECTION...qualcuno puo' aiutarmi??
Mille grazieeeee...
Salve a tutti,
dopo aver risolto con istant access adesso ci risiamo con un dialer chiamato CONNECTION...qualcuno puo' aiutarmi??
Mille grazieeeee...
vai su http://www.nanoscan.com/as/v1/principal.aspx
seleziona "Full Scan" e clicca su "Scan Now"
clicca su "I Accept" per accettare la licenza
accetta l'ActiveX, clicca su "Istalla"
attendi che l'istallazione sia terminata
partirà la scansione, una volta terminata clicca su "Save". Salva tutto sul desktop.
Portati su www.sendmefile.com carica il file appena salvato e posta, nella tua prossima risposta, l'URL per scaricarlo
;************************************************* ************************************************** ************************************************** ******************************
ANALYSIS: 2007-07-12 21:07:31
PROTECTIONS: 1
MALWARE: 9
SUSPECTS: 0
;************************************************* ************************************************** ************************************************** ******************************
PROTECTIONS
Description Version Active Updated
;================================================= ================================================== ================================================== ==============================
avast! antivirus 4.7.1001 [VPS 000756-0] 4.7.1001 No Yes
;================================================= ================================================== ================================================== ==============================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;================================================= ================================================== ================================================== ==============================
00039192 adware/msxmidi Adware No 0 Yes No c:\windows\msxmidi.exe
00135099 adware/powerstrip Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C}
00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\USER\Cookies\user@toplist[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\USER\Cookies\user@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\USER\Cookies\user@bs.serving-sys[2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\USER\Cookies\user@ads.pointroll[2].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\USER\Cookies\user@overture[1].txt
00180246 Cookie/XXXCounter TrackingCookie No 0 Yes No C:\Documents and Settings\USER\Cookies\user@xxxcounter[1].txt
00286738 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\USER\Cookies\user@cgi-bin[2].txt
;================================================= ================================================== ================================================== ==============================
SUSPECTS
Location
;================================================= ================================================== ================================================== ==============================
;================================================= ================================================== ================================================== ==============================
You are almost done , your file was successfully uploaded to our server , now you have an opportunity to secure it with a password or add a description to your file ,subscribe to daily download stats and send a download link to your friends , need help ? click here
File Upload is successful:
file name: TotalScan.txt
file size: 3468 bytes
File number: 00555310
file link: http://www.sendmefile.com/00555310
Add File the TOP award ? (optional) click here
Add File public catalog ? (optional) click here
file link: ... Video Files Music Documents Software
Add Description ? (optional) click here
Secure File with Password? (optional) click here
set password
Want to receive stats? (optional) click here
enter your email here
Send link to you friends? (optional) click here
Enter your friend's emails
ciao e scusa del ritardo.ecco cosa devi fare:
scarica
The Avenger --- http://swandog46.geekstogo.com/avenger.zip
Ora estrai e avvia Avenger.exe
disattiva antivirus, firewall, eventuali moduli hips
Seleziona l'opzione "Input Script Manually"
Clicca sulla lente di ingrandimento
Si apre una finestra "View/edit script"
All'interno del box bianco,copia e incolla le scritte:
files to delete:
C:\WINDOWS\msxmidi.exe
registry values to delete:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C}
poi clicca su DONE,sul semaforo,due volte SI,riavvia il pc e allegami il logfile in c:/avenger.txt
poi scaricati ccleaner da qui---> www.ccleaner.com/download
e fagli fare una pulitura dalla A alla Z,pero' togliendoci in opzioni avanzate la spunta su"cancella i file temp piu vecchi di 48 ore.
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 1813
Line: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C}
//////////////////////////////////////////
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Service s\qdkltcwu
*******************
Script file located at: \??\C:\rvemwfxj.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File C:\WINDOWS\msxmidi.exe deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
N.B. Al momento dell'avvio di avenger con i comandi che mi hai detto sopra, mi sono apparsi una serie di errori...Non ci capisco niente ...aiutoooo.. Cmq mille grazie per la cortesia..
il primo file l'ha cancellato,mentre la chiave di registro no.riprova con avenger.nella finestra wiev/edit script inserisci questo:
registry values to delete:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C}
poi su done,semaforo,due volte si e posta il log.
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 1813
Line: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C}
//////////////////////////////////////////
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Service s\tnipaihw
*******************
Script file located at: \??\C:\WINDOWS\system32\ewnopwpu.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Completed script processing.
*******************
Finished! Terminate.
niente da fare.allora dobbiamo eliminarlo manualmente.
accedi all'registro di sistema(start-esegui-regedit-ok).
individua la chiave:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C}
cliccando sul + piccolino di ogni percorso ed eliminala.