Dialer disconnette il pc [era: Aiutooooooooooo]

**delfino168** · 06-10-2007, 14:21

da giorni,mentre navigavo mi scollega la connessione analogica e miritrovo con una
una seconda connessione di accesso remoto (genericamente denominata "Internet connection" al numero "000")
ho visto che era implicato un processo in background chiamato "1190916649.dat.exe" mai visto prima...

Entrambi li ho rimossi.
Ma, controllando, ho trovato dei strani file nella cartella TEMP chiamato "abc123.pid"
1191583617.dat 1191649522.dat che cancello e appaiono sempre spero qualcuno possa
aiutarmi premetto che sono un principiante grazie.

**ste_95** · 06-10-2007, 14:22

scarica finawf e fai la scansione ed alla fine posta il log...

link findawf:

http://noahdfear.geekstogo.com/FindAWF.exe

ps. titolo innaprorpiato...

**tecnico24** · 06-10-2007, 14:23

1)scaricati Hijackthis
clicca su do a system scan and save logfile,posta qui il file di testo che uscira'.
2)scaricati Findawf
avvialo,premi un tasto quando te lo dice,fagli fare lo scan e posta qui il log relativo ad esso.

**delfino168** · 06-10-2007, 15:02

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14.34 , on 06/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
C:\Programmi\File comuni\Symantec Shared\AppCore\AppSvc32.exe
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.e xe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\NeroCheck.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
C:\Programmi\SEC\Natural Color\NaturalColorLoad.exe
C:\Programmi\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
C:\Programmi\Microsoft Office\Office10\msoffice.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Programmi\iDC++\iDCPlusPlus.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alice.it/oggi/indexbb.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Live_TV toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Programmi\Live_TV\tbLiv1.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Encarta Web Companion Oggetto helper - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Programmi\File comuni\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301. 7164\swg.dll
O2 - BHO: Live_TV toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Programmi\Live_TV\tbLiv1.dll
O3 - Toolbar: Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Programmi\File comuni\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: Live_TV toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Programmi\Live_TV\tbLiv1.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [osCheck] "C:\Programmi\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [AnyDVD] "C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
O4 - HKCU\..\Run: [SpyBrowser] C:\Programmi\SpyBro\SpyBro.exe /autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: Pinnacle Scheduler.lnk = C:\Programmi\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O15 - Trusted Zone: *.doginhispen.com
O15 - Trusted Zone: *.whataboutadog.com
O15 - Trusted Zone: *.whataboutarabit.com
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {5AF01DCD-8539-4814-9693-ADF47058F075} (ReportReader Class) - http://aiuto.alice.it/ata/static/ins...ller_4-1-5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1171696571359
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1171696763109
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://scarendelfino.spaces.live.com...d/MsnPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E3E842C-2BAC-4ED6-85F5-055D105048C3}: NameServer = 85.37.17.39 85.38.28.71
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: DiamondCS ProcessGuard Service v3.410 (DCSPGSRV) - Unknown owner - C:\Programmi\ProcessGuard\dcsuserprot.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Convalida password di Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.e xe

--
End of file - 9658 bytes

**delfino168** · 06-10-2007, 15:03

Find AWF report by noahdfear ©2006
Version 1.40

bak folders found
~~~~~~~~~~~

Il volume nell'unit… C Š Windows XP
Numero di serie del volume: B094-3F62

Directory di C:\PROGRA~1\NORTON~1\BAK

05/09/2006 19.22 26.248 osCheck.exe
1 File 26.248 byte
2 Directory 23.629.332.480 byte disponibili
Il volume nell'unit… C Š Windows XP
Numero di serie del volume: B094-3F62

Directory di C:\PROGRA~1\QUICKT~1\BAK

25/06/2007 15.11 77.824 qttask.exe
1 File 77.824 byte
2 Directory 23.629.336.576 byte disponibili
Il volume nell'unit… C Š Windows XP
Numero di serie del volume: B094-3F62

Directory di C:\WINDOWS\SYSTEM32\BAK

09/07/2001 11.50 155.648 NeroCheck.exe
04/12/2003 12.34 406.016 PSDrvCheck.exe
2 File 561.664 byte
2 Directory 23.629.332.480 byte disponibili
Il volume nell'unit… C Š Windows XP
Numero di serie del volume: B094-3F62

Directory di C:\PROGRA~1\CYBERL~1\POWERDVD\BAK

02/11/2004 20.24 32.768 PDVDServ.exe
1 File 32.768 byte
2 Directory 23.629.332.480 byte disponibili
Il volume nell'unit… C Š Windows XP
Numero di serie del volume: B094-3F62

Directory di C:\PROGRA~1\FILECO~1\SYMANT~1\BAK

09/01/2007 22.59 115.816 ccApp.exe
1 File 115.816 byte
2 Directory 23.629.332.480 byte disponibili
Il volume nell'unit… C Š Windows XP
Numero di serie del volume: B094-3F62

Directory di C:\PROGRA~1\GOOGLE\GOOGLE~1\BAK

25/06/2007 22.57 68.856 GoogleToolbarNotifier.exe
1 File 68.856 byte
2 Directory 23.629.332.480 byte disponibili
Il volume nell'unit… C Š Windows XP
Numero di serie del volume: B094-3F62

Directory di C:\PROGRA~1\HP\HPSOFT~1\BAK

11/05/2005 23.12 49.152 HPWuSchd2.exe
1 File 49.152 byte
2 Directory 23.629.332.480 byte disponibili
Il volume nell'unit… C Š Windows XP
Numero di serie del volume: B094-3F62

Directory di C:\PROGRA~1\SLYSOFT\ANYDVD\BAK

26/05/2007 23.42 473.600 AnyDVD.exe
1 File 473.600 byte
2 Directory 23.629.332.480 byte disponibili
Il volume nell'unit… C Š Windows XP
Numero di serie del volume: B094-3F62

Directory di C:\PROGRA~1\SLYSOFT\CLONECD\BAK

19/05/2005 15.47 57.344 CloneCDTray.exe
1 File 57.344 byte
2 Directory 23.629.332.480 byte disponibili
Il volume nell'unit… C Š Windows XP
Numero di serie del volume: B094-3F62

Directory di C:\PROGRA~1\FILECO~1\REAL\UPDATE~1\BAK

08/02/2007 00.50 180.269 realsched.exe
1 File 180.269 byte
2 Directory 23.629.332.480 byte disponibili
Il volume nell'unit… C Š Windows XP
Numero di serie del volume: B094-3F62

Directory di C:\PROGRA~1\JAVA\JRE16~2.0_0\BIN\BAK

12/07/2007 04.00 132.496 jusched.exe
1 File 132.496 byte
2 Directory 23.629.332.480 byte disponibili

Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

26248 5 Sep 2006 "C:\Programmi\Norton AntiVirus\osCheck.exe"
26248 5 Sep 2006 "C:\Programmi\Norton AntiVirus\bak\osCheck.exe"
27664 3 Oct 2007 "C:\Programmi\QuickTime\qttask.exe"
77824 25 Jun 2007 "C:\Programmi\QuickTime\bak\qttask.exe"
27664 3 Oct 2007 "C:\WINDOWS\system32\NeroCheck.exe"
155648 9 Jul 2001 "C:\WINDOWS\system32\bak\NeroCheck.exe"
27664 3 Oct 2007 "C:\WINDOWS\system32\PSDrvCheck.exe"
406016 4 Dec 2003 "C:\WINDOWS\system32\bak\PSDrvCheck.exe"
27664 3 Oct 2007 "C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe"
32768 2 Nov 2004 "C:\Programmi\CyberLink\PowerDVD\bak\PDVDServ. exe"
115816 9 Jan 2007 "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
115816 9 Jan 2007 "C:\Programmi\File comuni\Symantec Shared\bak\ccApp.exe"
52272 18 Jun 2007 "C:\Programmi\Google\googletoolbar2user.exe"
27664 3 Oct 2007 "C:\Programmi\Google\GoogleToolbarNotifier\GoogleT oolbarNotifier.exe"
138168 18 Jun 2007 "C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe"
68856 25 Jun 2007 "C:\Programmi\Google\GoogleToolbarNotifier\bak\Goo gleToolbarNotifier.exe"
559784 10 Feb 2007 "C:\Documents and Settings\Renato\Dati applicazioni\Real\Update\GOOGLE_TOOLBAR\googletool barinstaller.exe"
27664 3 Oct 2007 "C:\Programmi\HP\HP Software Update\HPWuSchd2.exe"
49152 11 May 2005 "C:\Programmi\HP\HP Software Update\bak\HPWuSchd2.exe"
473600 4 Oct 2007 "C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe"
473600 26 May 2007 "C:\Programmi\SlySoft\AnyDVD\bak\AnyDVD.exe"
27664 3 Oct 2007 "C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe"
57344 19 May 2005 "C:\Programmi\SlySoft\CloneCD\bak\CloneCDTray. exe"
180269 2 Jun 2007 "C:\Programmi\File comuni\Real\Update_OB\realsched.exe"
180269 8 Feb 2007 "C:\Programmi\File comuni\Real\Update_OB\bak\realsched.exe"
77824 18 Jun 2007 "C:\Programmi\Java\jre1.6.0\bin\jusched.exe"
83608 14 Mar 2007 "C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe "
27664 3 Oct 2007 "C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe "
132496 12 Jul 2007 "C:\Programmi\Java\jre1.6.0_02\bin\bak\jusched.exe "

end of report

**tecnico24** · 06-10-2007, 15:15

Aglia!sei infetto da Instant access.(dialer)
avvia hijackthis,clicca su Do a system scan only,spunta a sinistra su queste voci:

O15 - Trusted Zone: *.whataboutarabit.com
O15 - Trusted Zone: *.whataboutadog.com
O15 - Trusted Zone: *.doginhispen.com
O4 - HKCU\..\Run: [SpyBrowser] C:\Programmi\SpyBro\SpyBro.exe /autostart

e clicca sotto su fix checked.

poi scarica avenger http://swandog46.geekstogo.com/avenger.zip
clicca su input script manually e poi sulla lente di ingrandimento.
nello spazio bianco inserisci queste righe in rosso con copia|incolla:

files to delete:
C:\Programmi\Norton AntiVirus\osCheck.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINDOWS\system32\NeroCheck.exe
C:\WINDOWS\system32\PSDrvCheck.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe

files to move:
C:\Programmi\Norton AntiVirus\bak\osCheck.exe | C:\Programmi\Norton AntiVirus\osCheck.exe
C:\Programmi\QuickTime\bak\qttask.exe | C:\Programmi\QuickTime\qttask.exe
C:\WINDOWS\system32\bak\NeroCheck.exe | C:\WINDOWS\system32\NeroCheck.exe
C:\WINDOWS\system32\bak\PSDrvCheck.exe | C:\WINDOWS\system32\PSDrvCheck.exe
C:\Programmi\CyberLink\PowerDVD\bak\PDVDServ.exe | C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\File comuni\Symantec Shared\bak\ccApp.exe | C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Google\GoogleToolbarNotifier\bak\Goog leToolbarNotifier.exe | C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
C:\Programmi\HP\HP Software Update\bak\HPWuSchd2.exe | C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\Programmi\SlySoft\AnyDVD\bak\AnyDVD.exe | C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
C:\Programmi\SlySoft\CloneCD\bak\CloneCDTray.exe | C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe
C:\Programmi\File comuni\Real\Update_OB\bak\realsched.exe | C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Java\jre1.6.0_02\bin\bak\jusched.exe | C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe

Clicca poi su Done,sul semaforo con luce verde,due volte Si,riavvia il pc e posta sul forum il log di avenger(c:/avenger.txt)

poi dovresti essere a posto.

**delfino168** · 06-10-2007, 15:31

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Service s\xtxwccfy

*******************

Script file located at: \??\C:\cerabtno.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\Programmi\Norton AntiVirus\osCheck.exe deleted successfully.
File C:\Programmi\QuickTime\qttask.exe deleted successfully.
File C:\WINDOWS\system32\NeroCheck.exe deleted successfully.
File C:\WINDOWS\system32\PSDrvCheck.exe deleted successfully.
File C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe deleted successfully.
File C:\Programmi\File comuni\Symantec Shared\ccApp.exe deleted successfully.
File C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe deleted successfully.
File C:\Programmi\HP\HP Software Update\HPWuSchd2.exe deleted successfully.
File C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe deleted successfully.
File C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe deleted successfully.
File C:\Programmi\File comuni\Real\Update_OB\realsched.exe deleted successfully.
File C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe deleted successfully.
File move operation C:\Programmi\Norton AntiVirus\bak\osCheck.exe|C:\Programmi\Norton AntiVirus\osCheck.exe completed successfully.
File move operation C:\Programmi\QuickTime\bak\qttask.exe|C:\Programmi \QuickTime\qttask.exe completed successfully.
File move operation C:\WINDOWS\system32\bak\NeroCheck.exe|C:\WINDOWS\s ystem32\NeroCheck.exe completed successfully.
File move operation C:\WINDOWS\system32\bak\PSDrvCheck.exe|C:\WINDOWS\ system32\PSDrvCheck.exe completed successfully.
File move operation C:\Programmi\CyberLink\PowerDVD\bak\PDVDServ.exe|C :\Programmi\CyberLink\PowerDVD\PDVDServ.exe completed successfully.
File move operation C:\Programmi\File comuni\Symantec Shared\bak\ccApp.exe|C:\Programmi\File comuni\Symantec Shared\ccApp.exe completed successfully.
File move operation C:\Programmi\Google\GoogleToolbarNotifier\bak\Goog leToolbarNotifier.exe|C:\Programmi\Google\GoogleTo olbarNotifier\GoogleToolbarNotifier.exe completed successfully.
File move operation C:\Programmi\HP\HP Software Update\bak\HPWuSchd2.exe|C:\Programmi\HP\HP Software Update\HPWuSchd2.exe completed successfully.
File move operation C:\Programmi\SlySoft\AnyDVD\bak\AnyDVD.exe|C:\Prog rammi\SlySoft\AnyDVD\AnyDVD.exe completed successfully.
File move operation C:\Programmi\SlySoft\CloneCD\bak\CloneCDTray.exe|C :\Programmi\SlySoft\CloneCD\CloneCDTray.exe completed successfully.
File move operation C:\Programmi\File comuni\Real\Update_OB\bak\realsched.exe|C:\Program mi\File comuni\Real\Update_OB\realsched.exe completed successfully.
File move operation C:\Programmi\Java\jre1.6.0_02\bin\bak\jusched.exe| C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe completed successfully.

Completed script processing.

*******************

Finished! Terminate.

**delfino168** · 06-10-2007, 15:40

Grazie Veramente per Avermi Aiutato Spero Che Tutto e amdato a posto Eventualmente ti faro sapee ciao a presto Anche a tutti Del fotum

**tecnico24** · 06-10-2007, 15:51

come regola,non dovresti avere piu' problemi.alla prossima

**delfino168** · 06-10-2007, 15:53

ok e di nuovo grazieeeeeeee ciao

Discussione: Dialer disconnette il pc [era: Aiutooooooooooo]

Strumenti discussione

Ricerca discussione

Visualizza

Aiutooooooooooo

Permessi di invio