Condividi:        

cartelle vuote possibile virus

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

cartelle vuote possibile virus

Postdi aemme43 » 23/07/13 15:38

Salve,
mi sono ritrovato molte cartelle vuote, sono andato a vedere se era spuntato "visualizza cartelle nascoste" ed è spuntato,
credo di aver preso qualche virus :oops:
ho fatto una scansione CCleaner, ora è in corso una scansione con Avast, e ad Aware, ho fatto HijackThis
e questo è il risultato:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:07:17, on 23/07/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Windows\vVX6000.exe
C:\Users\Ario\AppData\Roaming\uTorrent\uTorrent.exe
E:\Downloads\GreedyTorrent\GTor.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Ario\AppData\Roaming\Spotify\spotify.exe
C:\Users\Ario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files (x86)\PPÖúÊÖ\ihelper.exe
C:\Windows\SysWOW64\jmdp\stij.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Spotydl\spotydl.exe
C:\Windows\SysWOW64\prevhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\PROGRA~2\AD-AWA~1\AdAware.exe
H:\Users\Ario\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1372930274
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mixidj.delta-search.com/?babsrc= ... 8&tsp=4951
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1372930274
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:56847
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: WhiteSmoke New Toolbar - {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhi0.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0033036 - {11111111-1111-1111-1111-110311301136} - C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho.dll
O2 - BHO: CrossriderApp0035589 - {11111111-1111-1111-1111-110311551189} - C:\Program Files (x86)\1ClickMovieDownloader V2\1ClickMovieDownloader V2-bho.dll
O2 - BHO: saafe asaave - {1856373A-7964-BCCF-FB4B-936C666269D9} - C:\ProgramData\saafe asaave\51e1223c216de.dll
O2 - BHO: Speed Analysis 2 - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll
O2 - BHO: WebCake Layers - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Cool Smiley Bar for Facebook - {4723AAA8-B2F9-4CC1-9E60-190976DB1FA4} - C:\Program Files (x86)\Cool Smiley Bar for Facebook\ScriptHost.dll
O2 - BHO: uTorrentBar_IT - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll
O2 - BHO: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll
O2 - BHO: TBSB01620 - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - (no file)
O2 - BHO: saFe save - {5E68DF79-7005-F6DE-DF05-A8622D758D22} - C:\ProgramData\saFe save\51ed31867f2bf.dll
O2 - BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
O2 - BHO: SearchNewTab - {71869F24-72EF-231F-EC69-6B0B7907D645} - C:\ProgramData\SearchNewTab\51ed31baed8a1.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: WhiteSmoke New - {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhi0.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Ario\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
O2 - BHO: HomeTab - {89ff4afe-0f57-4503-8739-702e4c40add6} - C:\Users\Ario\AppData\Roaming\HomeTab\HomeTab.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.3.0.11\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: DealPly Shopping - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: LyricsFolder - {AF252F2C-0F44-47A7-89B9-3AFF5A17DEB2} - C:\Program Files (x86)\LyricsFolder\120.dll
O2 - BHO: safE saave - {B1E96A5B-8A54-8B27-8FCE-CE4385D4A76B} - C:\ProgramData\safE saave\51dfa3d284fab.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: holasearch Helper Object - {DFF9B2DA-EF99-4B26-83CB-7058299999D8} - C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\bh\holasearch.dll
O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\bh\Softonic.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Holasearch Toolbar - {C510DFFB-0AFE-484C-BA40-CED5B74C4EEF} - C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\holasearchTlbr.dll
O3 - Toolbar: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll
O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\SoftonicTlbr.dll
O3 - Toolbar: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
O3 - Toolbar: WhiteSmoke New Toolbar - {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhi0.dll
O3 - Toolbar: HomeTab - {89ff4afe-0f57-4503-8739-702e4c40add6} - C:\Users\Ario\AppData\Roaming\HomeTab\HomeTab.dll
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.3.0.11\AVG SafeGuard toolbar_toolbar.dll
O3 - Toolbar: MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SsroService] C:\Users\Public\Documents\Application\CurrentFile\ssadl.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Desk 365] "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Ario\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [GreedyTorrent] "E:\Downloads\GreedyTorrent\GTor.exe" -tray
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WebCake Desktop] "C:\Users\Ario\AppData\Roaming\WebCake\WebCakeDesktop.exe"
O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
O4 - HKCU\..\Run: [Spotify] "C:\Users\Ario\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Ario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-18\..\Run: [SsroService] C:\Users\Public\Documents\Application\CurrentFile\ssadl.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [SsroService] C:\Users\Public\Documents\Application\CurrentFile\ssadl.exe (User 'Default user')
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {38da9475-3ef2-4c0d-a060-97d7a8b81d70} - C:\Users\Ario\AppData\Roaming\HomeTab\HomeTab.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B289FA1D-0082-40E6-BD1C-145CE72B573D}: NameServer = 94.198.96.34,46.4.70.20
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\safesa~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Servizio di aggiornamento Ask (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Servizio DealPly Live (dealplylive) (dealplylive) - DealPly Technologies Ltd - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
O23 - Service: Servizio DealPly Live (dealplylivem) (dealplylivem) - DealPly Technologies Ltd - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Ario\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpSC - SoftwareUpdService - C:\Users\Ario\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: OfferBox update service - Unknown owner - C:\Program Files (x86)\OfferBox\OfferBoxUpdateService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: Skype C2C Service - Unknown owner - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SProtection - Unknown owner - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe (file missing)
O23 - Service: Software Updater (SrvUpdater) - Unknown owner - C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
O23 - Service: Ssro Service (SsroService) - SsroService - C:\Users\Ario\AppData\Local\ServiceManager\ssro.exe
O23 - Service: Ssupd Service (SsupdService) - SsupdService - C:\Users\Ario\AppData\Local\ssupd\ssupd.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater15.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WebCake Desktop Updater - Unknown owner - C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe

--
End of file - 24063 bytes

cosa devo eliminare? :cry:

purtroppo in quelle cartelle avevo molte foto e alcuni file DWG che non posso perdere,
potete aiutarmi prima di chiamare qualche tecnico esterno :cry:

su Ad Aware, per il momento mi sta rilevando 19 tracce
Avast ha trovato questa minaccia: Win 32:AddLyric-H[Adw] ..... l'ho spostata nel cestino :oops:
aemme43
Utente Junior
 
Post: 16
Iscritto il: 02/05/12 12:27

Sponsor
 

Re: cartelle vuote possibile virus

Postdi Luke57 » 23/07/13 15:53

Ciao, termina la scansione con avast. Adware non è un programma molto utile.

1) Scarica Adwcleaner sul desktop:
http://general-changelog-team.fr/fr/dow ... adwcleaner
Avvialo e clicca sul pulsante "Delete"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Allega il log.

2)Scarica OTL,
http://oldtimer.geekstogo.com/OTL.exe
salvalo sul desktop,doppio click sulla sua icona.
Metti la spunta su SCAN ALL USERS.
Sotto output spunta minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days
Metti la spunta a LOP Check and Purity Check.

A fine scansione OTL produrrà due file di log (OTL.txt ed Extras.txt) . Inserisci otl.txt qui:
http://wikisend.com/
fornendo il link per poterlo vedere.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Re: cartelle vuote possibile virus

Postdi aemme43 » 23/07/13 19:11

ho proceduto con Adwcleaner , dopo, quando è ripartito windows 7 pro, si è aperta una finestrella:
"errore durantel'avvio di c:\programfile (86)\hometab\TBUdater.dll"
riparte, apre windows, installo OTL e inizio a fare la scansione come da tue indicazioni, inizia a scannerizzare ma dopo un pò si blocca a: Scanning Firefox settings....
aemme43
Utente Junior
 
Post: 16
Iscritto il: 02/05/12 12:27

Re: cartelle vuote possibile virus

Postdi aemme43 » 23/07/13 20:08

ho cancellato firefox e rifatto lo scan :
http://wikisend.com/download/762766/OTL.Txt
questo è il risultato,
scusa il disturbo ;)
aemme43
Utente Junior
 
Post: 16
Iscritto il: 02/05/12 12:27

Re: cartelle vuote possibile virus

Postdi aemme43 » 23/07/13 23:01

Scusa Luke57, come devo procedere? puoi aiutarmi? sono veramente incasinato, a parte le foto, ma anche i file .doc e alcuni disegni in DWG, mi sono spariti, accidenti a me e quando vado a scar. da certi siti.
Proprio ieri l'antivirus mi segnalava un sospetto, ma io capone, ho continuato, non credevo che invece dovevo fermarmi,
dammi un aiuto... ;)
aemme43
Utente Junior
 
Post: 16
Iscritto il: 02/05/12 12:27

Re: cartelle vuote possibile virus

Postdi Luke57 » 23/07/13 23:53

Ciao, apri otl.exe, copia il seguente script nel suo box bianco:

Codice: Seleziona tutto
:OTL
SRV - [2013/01/24 15:46:02 | 000,156,160 | ---- | M] (SsupdService) [Auto | Stopped] -- C:\Users\Ario\AppData\Local\ssupd\ssupd.exe -- (SsupdService)
SRV - [2013/01/24 15:46:02 | 000,031,232 | ---- | M] (SsroService) [Auto | Stopped] -- C:\Users\Ario\AppData\Local\ServiceManager\ssro.exe -- (SsroService)
O2 - BHO: (no name) - {89ff4afe-0f57-4503-8739-702e4c40add6} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {89ff4afe-0f57-4503-8739-702e4c40add6} - No CLSID value found.
O4 - HKLM..\Run: [SsroService] C:\Users\Public\Documents\Application\CurrentFile\ssadl.exe (ssadl)
O4 - HKU\.DEFAULT..\Run: [SsroService] C:\Users\Public\Documents\Application\CurrentFile\ssadl.exe (ssadl)
O4 - HKU\S-1-5-18..\Run: [SsroService] C:\Users\Public\Documents\Application\CurrentFile\ssadl.exe (ssadl)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

:files
C:\Users\Ario\AppData\Local\ssupd
C:\Users\Ario\AppData\Local\ServiceManager\ssro.exe
C:\Users\Public\Documents\Application\CurrentFile\ssadl.exe


:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]


premi runfix. Al riavvio posta il nuovo report di otl nel solito modo.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Re: cartelle vuote possibile virus

Postdi aemme43 » 24/07/13 07:32

grazie Luke, ma non vorrei aver fatto ancora qualche cas*** ,
mi sono accorto, dopo aver lanciato OTL, che non avevo apportato le modifiche:
-Metti la spunta su SCAN ALL USERS.
-Sotto output spunta minimal output

-Clicca sulla freccettina di File Age e seleziona 60 Days
-Metti la spunta a LOP Check and Purity Check.
ed ho dato il via a run fix con questo risultato :
http://wikisend.com/download/102548/07242013_080549.log
aemme43
Utente Junior
 
Post: 16
Iscritto il: 02/05/12 12:27

Re: cartelle vuote possibile virus

Postdi aemme43 » 24/07/13 08:06

sto comunque riprendendo a rifare tutto dall'inizio:
1° Adwcleaner ( ma il log che è uscito che devo fare? soltanto salvarlo o devo usarlo in otl? )
aemme43
Utente Junior
 
Post: 16
Iscritto il: 02/05/12 12:27

Re: cartelle vuote possibile virus

Postdi aemme43 » 24/07/13 10:41

aemme43 ha scritto:sto comunque riprendendo a rifare tutto dall'inizio:
1° Adwcleaner ( ma il log che è uscito che devo fare? soltanto salvarlo o devo usarlo in otl? )


:cry: :cry:
aemme43
Utente Junior
 
Post: 16
Iscritto il: 02/05/12 12:27

Re: cartelle vuote possibile virus

Postdi Luke57 » 24/07/13 11:35

Ciao, il log di adwcleaner nulla c'entra con otl. Lo copi e lo incolli in un post.

poi apri otl.exe, copi e incolli il mio script del post precedente nel suo box bianco, premi runfix.
Al riavvio del computer troverai, nella medesima cartella del programma, il report del fix, che copieai e incollerai nel post.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Re: cartelle vuote possibile virus

Postdi aemme43 » 24/07/13 13:59

Luke57 ha scritto:Ciao, il log di adwcleaner nulla c'entra con otl. Lo copi e lo incolli in un post.

poi apri otl.exe, copi e incolli il mio script del post precedente nel suo box bianco, premi runfix.
Al riavvio del computer troverai, nella medesima cartella del programma, il report del fix, che copieai e incollerai nel post.


scusa, ma per sicurezza, ho ripetuto adwcleaner, poi ho proseguito con OTL, ho copiato il log in:
http://wikisend.com/download/192744/OTL.Txt,
purtroppo continuo ad avere le cartelle vuote :cry:
qualche file .doc che avevo sul desk mi viene così: ~$pianto elettrico-2.docx (era: impianto elettrico.doc :cry:)
come procedo? :oops: :cry:
aemme43
Utente Junior
 
Post: 16
Iscritto il: 02/05/12 12:27


Torna a Sicurezza e Privacy


Topic correlati a "cartelle vuote possibile virus":


Chi c’è in linea

Visitano il forum: Nessuno e 24 ospiti