• User Newbie

    Aiuto Ho Problemi Con Internet Explorer........

    Da due giorni internet explorer mi si blocca o ci mette minuti per caricare le pagine.
    Ho fatto scanzioni con avast e niente.....ho trovato qualche spyware ma eliminandole non ho risolto il problema.
    Ho installato mozilla per riuscire a navigare e va benissimo.
    Ho scaricato aggiornamenti di Internet explorer ma non hanno cambiato nulla.
    Se avvio internet explorer in modalita (nessun componente aggiuntivo) funziona.
    Ho fatto scanzioni con hijackthis ma non ne capisco niente........please help???:x


  • Bannato User

    intanto posta qua il report di hijackthis,cosi lo controlliamo.
    scarica superantispywarefree:
    http://www.superantispyware.com/superantispywarefreevspro.html
    avvialo,aggiornalo(ceck for updates)fai una scansione completa ed elimina le traccie individuate.


  • User

    anche a me stesso problema!
    ogni tanto mi "chiude" quasi la connessione a internet (lo vedo dal fatto che messanger va fuori linea) eppure ho un'adsl professionale FLAT a ip fisso.

    Se uso firefox tutto OK!


  • Bannato User

    postate un log di hijackthis entrambi.


  • User Newbie

    Logfile of HijackThis v1.99.1
    Scan saved at 11.38.24, on 12/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
    C:\Programmi\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\drivers\Icon.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
    C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
    C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
    C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\system32\drivers\bak\Icon.exe
    c:\programmi\internet explorer\iexplore.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programmi\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\GATTO\Desktop\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.libero.it/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar4.dll
    O4 - HKLM..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
    O4 - HKLM..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe
    O4 - HKLM..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
    O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
    O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
    O4 - HKLM..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
    O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
    O4 - HKCU..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
    O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\it.htm
    O15 - Trusted Zone: *.doginhispen.com
    O15 - Trusted Zone: *.whataboutadog.com
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://guidomonkey.spaces.live.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://filelodge.bolt.com/ImageUploader3.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.shockwave.com/content/heavyweapon/popcaploader_v6.cab
    O17 - HKLM\System\CCS\Services\Tcpip..{BE66D1EF-278E-4AE4-BAD5-EFC396E8A68D}: NameServer = 85.37.17.16 85.38.28.68
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe


  • Bannato User

    ciao,sei infetto purtroppo da instant access.
    scarica Findawf http://noahdfear.geekstogo.com/FindAWF.exe
    avvialo,scegli la prima opzione e posta il log.


  • User Newbie

    Grazie dell'aiuto eccoti il responso, ora vado a lavoro perciò seguirò i tuoi consigli e le tue indicazioni stasera ancora grazie

    Find AWF report by noahdfear ©2006
    Version 1.40

    bak folders found

    
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\BAK
    
    10/06/2004  13.48           286.720 vsnpstd.exe
                 1 File        286.720 byte
                 2 Directory  45.084.848.128 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\APPS\POWERC~1\BAK
    
    08/10/2004  04.14            81.920 PCMService.exe
                 1 File         81.920 byte
                 2 Directory  45.084.848.128 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\ITUNES\BAK
    
    23/02/2006  16.45           278.528 iTunesHelper.exe
                 1 File        278.528 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\MESSEN~2\BAK
    
    27/09/2006  20.36           190.024 MsgPlus.exe
                 1 File        190.024 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\QUICKT~1\BAK
    
    20/06/2006  17.19           282.624 qttask.exe
                 1 File        282.624 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\SYSTEM32\BAK
    
    01/07/2004  12.58           118.784 hkcmd.exe
    01/07/2004  13.02           155.648 igfxtray.exe
    09/07/2001  12.50           155.648 NeroCheck.exe
                 3 File        430.080 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\ALWILS~1\AVAST4\BAK
    
    15/01/2007  19.28           108.160 ashDisp.exe
                 1 File        108.160 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\GOOGLE\GOOGLE~3\BAK
    
    29/07/2007  17.05            68.856 GoogleToolbarNotifier.exe
                 1 File         68.856 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\HP\HPSOFT~1\BAK
    
    11/05/2005  23.12            49.152 HPWuSchd2.exe
                 1 File         49.152 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\NOKIA\NOKIAP~1\BAK
    
    13/12/2005  08.49           217.088 LAUNCH~1.EXE
                 1 File        217.088 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\SYNAPT~1\SYNTP\BAK
    
    26/09/2003  12.01           503.808 SynTPEnh.exe
    26/09/2003  12.01            98.304 SynTPLpr.exe
                 2 File        602.112 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\IME\IMJP8_1\BAK
    
    19/08/2004  15.00           208.952 IMJPMIG.EXE
                 1 File        208.952 byte
                 2 Directory  45.084.839.936 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\SYSTEM32\DRIVERS\BAK
    
    08/03/2004  14.23           217.088 Icon.exe
                 1 File        217.088 byte
                 2 Directory  45.084.839.936 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\FILECO~1\REAL\UPDATE~1\BAK
    
    11/03/2006  16.24           180.269 realsched.exe
                 1 File        180.269 byte
                 2 Directory  45.084.839.936 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\JAVA\J2RE14~1.2_0\BIN\BAK
    
    03/06/2004  23.05            32.881 jusched.exe
                 1 File         32.881 byte
                 2 Directory  45.084.839.936 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\SYSTEM32\IME\TINTLGNT\BAK
    
    19/08/2004  15.00           455.168 TINTSETP.EXE
                 1 File        455.168 byte
                 2 Directory  45.084.839.936 byte disponibili
    
    
    Duplicate files of bak directory contents
    
     28172  8 Oct 2007 "C:\WINDOWS\vsnpstd.exe"
    286720 10 Jun 2004 "C:\WINDOWS\bak\vsnpstd.exe"
    286720 10 Jun 2004 "C:\Programmi\File comuni\snpstd\vsnpstd.exe"
     28172  8 Oct 2007 "C:\APPS\Powercinema\PCMService.exe"
     81920  8 Oct 2004 "C:\APPS\Powercinema\bak\PCMService.exe"
     28172  8 Oct 2007 "C:\Programmi\iTunes\iTunesHelper.exe"
    278528 23 Feb 2006 "C:\Programmi\iTunes\bak\iTunesHelper.exe"
     28172  8 Oct 2007 "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
    190024 27 Sep 2006 "C:\Programmi\MessengerPlus! 3\bak\MsgPlus.exe"
     28172  8 Oct 2007 "C:\Programmi\QuickTime\qttask.exe"
    282624 20 Jun 2006 "C:\Programmi\QuickTime\bak\qttask.exe"
     28172  8 Oct 2007 "C:\WINDOWS\system32\hkcmd.exe"
    118784  1 Jul 2004 "C:\PNP\VIDEO\WIN2000\HKCMD.EXE"
    118784  1 Jul 2004 "C:\WINDOWS\system32\bak\hkcmd.exe"
     28172  8 Oct 2007 "C:\WINDOWS\system32\igfxtray.exe"
    155648  1 Jul 2004 "C:\PNP\VIDEO\WIN2000\IGFXTRAY.EXE"
    155648  1 Jul 2004 "C:\WINDOWS\system32\bak\igfxtray.exe"
     28172  8 Oct 2007 "C:\WINDOWS\system32\NeroCheck.exe"
    155648  9 Jul 2001 "C:\WINDOWS\system32\bak\NeroCheck.exe"
     79224  6 Sep 2007 "C:\Programmi\Alwil Software\Avast4\ashDisp.exe"
    108160 15 Jan 2007 "C:\Programmi\Alwil Software\Avast4\bak\ashDisp.exe"
    

    11813120 12 Nov 2005 "C:\Programmi\GoogleEarthSetup.exe"
    52272 3 Feb 2007 "C:\Programmi\Google\googletoolbar4user.exe"
    458820 3 Nov 2005 "C:\Programmi\Google\Google Earth\GoogleEarth.exe"
    28172 8 Oct 2007 "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    608936 11 Mar 2006 "C:\Programmi\File comuni\Real\GToolbar\GoogleToolbarInstaller.exe"
    138168 3 Feb 2007 "C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe"
    68856 29 Jul 2007 "C:\Programmi\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
    28172 8 Oct 2007 "C:\Programmi\HP\HP Software Update\HPWuSchd2.exe"
    49152 11 May 2005 "C:\Programmi\HP\HP Software Update\bak\HPWuSchd2.exe"
    28172 8 Oct 2007 "C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe"
    217088 13 Dec 2005 "C:\Programmi\Nokia\Nokia PC Suite 6\bak\LAUNCH~1.EXE"
    503808 26 Sep 2003 "C:\PNP\MOUSE\SYNTPENH.EXE"
    28172 8 Oct 2007 "C:\Programmi\Synaptics\SynTP\SynTPEnh.exe"
    503808 26 Sep 2003 "C:\Programmi\Synaptics\SynTP\bak\SynTPEnh.exe"
    98304 26 Sep 2003 "C:\PNP\MOUSE\SYNTPLPR.EXE"
    28172 8 Oct 2007 "C:\Programmi\Synaptics\SynTP\SynTPLpr.exe"
    98304 26 Sep 2003 "C:\Programmi\Synaptics\SynTP\bak\SynTPLpr.exe"
    208952 19 Aug 2004 "C:\WINDOWS\ime\IMJP8_1\imjpmig.exe"
    208952 19 Aug 2004 "C:\WINDOWS\ime\IMJP8_1\bak\IMJPMIG.EXE"
    217088 8 Mar 2004 "C:\PNP\NET\ICON.EXE"
    217088 8 Mar 2004 "C:\WINDOWS\Temp\Icon.EXE"
    32768 16 Nov 2006 "C:\WINDOWS\Installer{37477865-A3F1-4772-AD43-AAFC6BCFF99F}\icon.exe"
    32768 15 Aug 2007 "C:\WINDOWS\Installer{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe"
    28172 8 Oct 2007 "C:\WINDOWS\system32\drivers\Icon.exe"
    217088 8 Mar 2004 "C:\WINDOWS\system32\drivers\bak\Icon.exe"
    217088 8 Mar 2004 "C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\Icon.exe"
    28172 8 Oct 2007 "C:\Programmi\File comuni\Real\Update_OB\realsched.exe"
    180269 11 Mar 2006 "C:\Programmi\File comuni\Real\Update_OB\bak\realsched.exe"
    28172 8 Oct 2007 "C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe"
    75520 15 Dec 2006 "C:\Programmi\Java\jre1.5.0_11\bin\jusched.exe"
    32881 3 Jun 2004 "C:\Programmi\Java\j2re1.4.2_05\bin\bak\jusched.exe"
    455168 19 Aug 2004 "C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe"
    455168 19 Aug 2004 "C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE"

    end of report


  • Bannato User

    @GATTO said:

    Grazie dell'aiuto eccoti il responso, ora vado a lavoro perciò seguirò i tuoi consigli e le tue indicazioni stasera ancora grazie

    Find AWF report by noahdfear ©2006
    Version 1.40

    bak folders found

    
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\BAK
    
    10/06/2004  13.48           286.720 vsnpstd.exe
                 1 File        286.720 byte
                 2 Directory  45.084.848.128 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\APPS\POWERC~1\BAK
    
    08/10/2004  04.14            81.920 PCMService.exe
                 1 File         81.920 byte
                 2 Directory  45.084.848.128 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\ITUNES\BAK
    
    23/02/2006  16.45           278.528 iTunesHelper.exe
                 1 File        278.528 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\MESSEN~2\BAK
    
    27/09/2006  20.36           190.024 MsgPlus.exe
                 1 File        190.024 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\QUICKT~1\BAK
    
    20/06/2006  17.19           282.624 qttask.exe
                 1 File        282.624 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\SYSTEM32\BAK
    
    01/07/2004  12.58           118.784 hkcmd.exe
    01/07/2004  13.02           155.648 igfxtray.exe
    09/07/2001  12.50           155.648 NeroCheck.exe
                 3 File        430.080 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\ALWILS~1\AVAST4\BAK
    
    15/01/2007  19.28           108.160 ashDisp.exe
                 1 File        108.160 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\GOOGLE\GOOGLE~3\BAK
    
    29/07/2007  17.05            68.856 GoogleToolbarNotifier.exe
                 1 File         68.856 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\HP\HPSOFT~1\BAK
    
    11/05/2005  23.12            49.152 HPWuSchd2.exe
                 1 File         49.152 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\NOKIA\NOKIAP~1\BAK
    
    13/12/2005  08.49           217.088 LAUNCH~1.EXE
                 1 File        217.088 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\SYNAPT~1\SYNTP\BAK
    
    26/09/2003  12.01           503.808 SynTPEnh.exe
    26/09/2003  12.01            98.304 SynTPLpr.exe
                 2 File        602.112 byte
                 2 Directory  45.084.844.032 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\IME\IMJP8_1\BAK
    
    19/08/2004  15.00           208.952 IMJPMIG.EXE
                 1 File        208.952 byte
                 2 Directory  45.084.839.936 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\SYSTEM32\DRIVERS\BAK
    
    08/03/2004  14.23           217.088 Icon.exe
                 1 File        217.088 byte
                 2 Directory  45.084.839.936 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\FILECO~1\REAL\UPDATE~1\BAK
    
    11/03/2006  16.24           180.269 realsched.exe
                 1 File        180.269 byte
                 2 Directory  45.084.839.936 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\JAVA\J2RE14~1.2_0\BIN\BAK
    
    03/06/2004  23.05            32.881 jusched.exe
                 1 File         32.881 byte
                 2 Directory  45.084.839.936 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\SYSTEM32\IME\TINTLGNT\BAK
    
    19/08/2004  15.00           455.168 TINTSETP.EXE
                 1 File        455.168 byte
                 2 Directory  45.084.839.936 byte disponibili
    
    
    Duplicate files of bak directory contents
    
     28172  8 Oct 2007 "C:\WINDOWS\vsnpstd.exe"
    286720 10 Jun 2004 "C:\WINDOWS\bak\vsnpstd.exe"
    286720 10 Jun 2004 "C:\Programmi\File comuni\snpstd\vsnpstd.exe"
     28172  8 Oct 2007 "C:\APPS\Powercinema\PCMService.exe"
     81920  8 Oct 2004 "C:\APPS\Powercinema\bak\PCMService.exe"
     28172  8 Oct 2007 "C:\Programmi\iTunes\iTunesHelper.exe"
    278528 23 Feb 2006 "C:\Programmi\iTunes\bak\iTunesHelper.exe"
     28172  8 Oct 2007 "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
    190024 27 Sep 2006 "C:\Programmi\MessengerPlus! 3\bak\MsgPlus.exe"
     28172  8 Oct 2007 "C:\Programmi\QuickTime\qttask.exe"
    282624 20 Jun 2006 "C:\Programmi\QuickTime\bak\qttask.exe"
     28172  8 Oct 2007 "C:\WINDOWS\system32\hkcmd.exe"
    118784  1 Jul 2004 "C:\PNP\VIDEO\WIN2000\HKCMD.EXE"
    118784  1 Jul 2004 "C:\WINDOWS\system32\bak\hkcmd.exe"
     28172  8 Oct 2007 "C:\WINDOWS\system32\igfxtray.exe"
    155648  1 Jul 2004 "C:\PNP\VIDEO\WIN2000\IGFXTRAY.EXE"
    155648  1 Jul 2004 "C:\WINDOWS\system32\bak\igfxtray.exe"
     28172  8 Oct 2007 "C:\WINDOWS\system32\NeroCheck.exe"
    155648  9 Jul 2001 "C:\WINDOWS\system32\bak\NeroCheck.exe"
     79224  6 Sep 2007 "C:\Programmi\Alwil Software\Avast4\ashDisp.exe"
    108160 15 Jan 2007 "C:\Programmi\Alwil Software\Avast4\bak\ashDisp.exe"
    

    11813120 12 Nov 2005 "C:\Programmi\GoogleEarthSetup.exe"
    52272 3 Feb 2007 "C:\Programmi\Google\googletoolbar4user.exe"
    458820 3 Nov 2005 "C:\Programmi\Google\Google Earth\GoogleEarth.exe"
    28172 8 Oct 2007 "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    608936 11 Mar 2006 "C:\Programmi\File comuni\Real\GToolbar\GoogleToolbarInstaller.exe"
    138168 3 Feb 2007 "C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe"
    68856 29 Jul 2007 "C:\Programmi\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
    28172 8 Oct 2007 "C:\Programmi\HP\HP Software Update\HPWuSchd2.exe"
    49152 11 May 2005 "C:\Programmi\HP\HP Software Update\bak\HPWuSchd2.exe"
    28172 8 Oct 2007 "C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe"
    217088 13 Dec 2005 "C:\Programmi\Nokia\Nokia PC Suite 6\bak\LAUNCH~1.EXE"
    503808 26 Sep 2003 "C:\PNP\MOUSE\SYNTPENH.EXE"
    28172 8 Oct 2007 "C:\Programmi\Synaptics\SynTP\SynTPEnh.exe"
    503808 26 Sep 2003 "C:\Programmi\Synaptics\SynTP\bak\SynTPEnh.exe"
    98304 26 Sep 2003 "C:\PNP\MOUSE\SYNTPLPR.EXE"
    28172 8 Oct 2007 "C:\Programmi\Synaptics\SynTP\SynTPLpr.exe"
    98304 26 Sep 2003 "C:\Programmi\Synaptics\SynTP\bak\SynTPLpr.exe"
    208952 19 Aug 2004 "C:\WINDOWS\ime\IMJP8_1\imjpmig.exe"
    208952 19 Aug 2004 "C:\WINDOWS\ime\IMJP8_1\bak\IMJPMIG.EXE"
    217088 8 Mar 2004 "C:\PNP\NET\ICON.EXE"
    217088 8 Mar 2004 "C:\WINDOWS\Temp\Icon.EXE"
    32768 16 Nov 2006 "C:\WINDOWS\Installer{37477865-A3F1-4772-AD43-AAFC6BCFF99F}\icon.exe"
    32768 15 Aug 2007 "C:\WINDOWS\Installer{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe"
    28172 8 Oct 2007 "C:\WINDOWS\system32\drivers\Icon.exe"
    217088 8 Mar 2004 "C:\WINDOWS\system32\drivers\bak\Icon.exe"
    217088 8 Mar 2004 "C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\Icon.exe"
    28172 8 Oct 2007 "C:\Programmi\File comuni\Real\Update_OB\realsched.exe"
    180269 11 Mar 2006 "C:\Programmi\File comuni\Real\Update_OB\bak\realsched.exe"
    28172 8 Oct 2007 "C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe"
    75520 15 Dec 2006 "C:\Programmi\Java\jre1.5.0_11\bin\jusched.exe"
    32881 3 Jun 2004 "C:\Programmi\Java\j2re1.4.2_05\bin\bak\jusched.exe"
    455168 19 Aug 2004 "C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe"
    455168 19 Aug 2004 "C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE"

    end of report

    ciao,scarica avenger http://swandog46.geekstogo.com/avenger.zip
    clicca sull'opzione **Input script manually **e poi sulla **lente di ingrandimento.
    **nello spazio bianco,fai copia|incolla delle seguenti righe:

    files to delete:
    C:\WINDOWS\vsnpstd.exe
    C:\APPS\Powercinema\PCMService.exe
    C:\Programmi\iTunes\iTunesHelper.exe
    C:\Programmi\MessengerPlus! 3\MsgPlus.exe
    C:\Programmi\QuickTime\qttask.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\NeroCheck.exe
    C:\Programmi\Alwil Software\Avast4\ashDisp.exe
    C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
    C:\Programmi\Nokia\Nokia PC Suite 6\LAUNCH~1.EXE
    C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
    C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
    C:\WINDOWS\ime\IMJP8_1\IMJPMIG.EXE
    C:\WINDOWS\system32\drivers\Icon.exe
    C:\Programmi\File comuni\Real\Update_OB\realsched.exe
    C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe
    C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

    files to move:
    C:\WINDOWS\bak\vsnpstd.exe | C:\WINDOWS\vsnpstd.exe
    C:\APPS\Powercinema\bak\PCMService.exe | C:\APPS\Powercinema\PCMService.exe
    C:\Programmi\iTunes\bak\iTunesHelper.exe | C:\Programmi\iTunes\iTunesHelper.exe
    C:\Programmi\MessengerPlus! 3\bak\MsgPlus.exe | C:\Programmi\MessengerPlus! 3\MsgPlus.exe
    C:\Programmi\QuickTime\bak\qttask.exe | C:\Programmi\QuickTime\qttask.exe
    C:\WINDOWS\system32\bak\hkcmd.exe | C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\bak\igfxtray.exe | C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\bak\NeroCheck.exe | C:\WINDOWS\system32\NeroCheck.exe
    C:\Programmi\Alwil Software\Avast4\bak\ashDisp.exe | C:\Programmi\Alwil Software\Avast4\ashDisp.exe
    C:\Programmi\HP\HP Software Update\bak\HPWuSchd2.exe | C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
    C:\Programmi\Nokia\Nokia PC Suite 6\bak\LAUNCH~1.EXE | C:\Programmi\Nokia\Nokia PC Suite 6\LAUNCH~1.EXE
    C:\Programmi\Synaptics\SynTP\bak\SynTPEnh.exe | C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
    C:\Programmi\Synaptics\SynTP\bak\SynTPLpr.exe | C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
    C:\WINDOWS\ime\IMJP8_1\bak\IMJPMIG.EXE | C:\WINDOWS\ime\IMJP8_1\IMJPMIG.EXE
    C:\WINDOWS\system32\drivers\bak\Icon.exe | C:\WINDOWS\system32\drivers\Icon.exe
    C:\Programmi\File comuni\Real\Update_OB\bak\realsched.exe | C:\Programmi\File comuni\Real\Update_OB\realsched.exe
    C:\Programmi\Java\j2re1.4.2_05\bin\bak\jusched.exe | C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe
    C:\Programmi\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe | C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE | C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

    Poi clicca su Done.
    poi sul semaforo verde,due volte si,il pc si riavviera',posta qua il log di avenger(C:/avenger.txt) e poi dimmi come va.

    strano si separano le lettere.sara' un errore del forum

    comunque google e toolbar attaccato,modificalo tu nello script.(nell'ultima righa)


  • User Newbie

    grazie ma sembrerebbe che ancora non abbiamo risolto eccoti quello che mi hai richiesto

    Logfile of The Avenger version 1, by Swandog46
    Running from registry key:
    \Registry\Machine\System\CurrentControlSet\Services\qfwoqrqw


    Script file located at: ??\C:\WINDOWS\ycbxiwst.txt
    Script file opened successfully.

    Script file read successfully

    Backups directory opened successfully at C:\Avenger


    Beginning to process script file:

    File C:\WINDOWS\vsnpstd.exe deleted successfully.
    File C:\APPS\Powercinema\PCMService.exe deleted successfully.
    File C:\Programmi\iTunes\iTunesHelper.exe deleted successfully.
    File C:\Programmi\MessengerPlus! 3\MsgPlus.exe deleted successfully.
    File C:\Programmi\QuickTime\qttask.exe deleted successfully.
    File C:\WINDOWS\system32\hkcmd.exe deleted successfully.
    File C:\WINDOWS\system32\igfxtray.exe deleted successfully.
    File C:\WINDOWS\system32\NeroCheck.exe deleted successfully.
    File C:\Programmi\Alwil Software\Avast4\ashDisp.exe deleted successfully.

    File C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe not found!
    Deletion of file C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe failed!

    Could not process line:
    C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
    Status: 0xc0000034

    File C:\Programmi\HP\HP Software Update\HPWuSchd2.exe deleted successfully.
    File C:\Programmi\Nokia\Nokia PC Suite 6\LAUNCH~1.EXE deleted successfully.
    File C:\Programmi\Synaptics\SynTP\SynTPEnh.exe deleted successfully.
    File C:\Programmi\Synaptics\SynTP\SynTPLpr.exe deleted successfully.
    File C:\WINDOWS\ime\IMJP8_1\IMJPMIG.EXE deleted successfully.
    File C:\WINDOWS\system32\drivers\Icon.exe deleted successfully.
    File C:\Programmi\File comuni\Real\Update_OB\realsched.exe deleted successfully.
    File C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe deleted successfully.
    File C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE deleted successfully.
    File move operation C:\WINDOWS\bak\vsnpstd.exe|C:\WINDOWS\vsnpstd.exe completed successfully.
    File move operation C:\APPS\Powercinema\bak\PCMService.exe|C:\APPS\Powercinema\PCMService.exe completed successfully.
    File move operation C:\Programmi\iTunes\bak\iTunesHelper.exe|C:\Programmi\iTunes\iTunesHelper.exe completed successfully.
    File move operation C:\Programmi\MessengerPlus! 3\bak\MsgPlus.exe|C:\Programmi\MessengerPlus! 3\MsgPlus.exe completed successfully.
    File move operation C:\Programmi\QuickTime\bak\qttask.exe|C:\Programmi\QuickTime\qttask.exe completed successfully.
    File move operation C:\WINDOWS\system32\bak\hkcmd.exe|C:\WINDOWS\system32\hkcmd.exe completed successfully.
    File move operation C:\WINDOWS\system32\bak\igfxtray.exe|C:\WINDOWS\system32\igfxtray.exe completed successfully.
    File move operation C:\WINDOWS\system32\bak\NeroCheck.exe|C:\WINDOWS\system32\NeroCheck.exe completed successfully.
    File move operation C:\Programmi\Alwil Software\Avast4\bak\ashDisp.exe|C:\Programmi\Alwil Software\Avast4\ashDisp.exe completed successfully.
    File move operation C:\Programmi\HP\HP Software Update\bak\HPWuSchd2.exe|C:\Programmi\HP\HP Software Update\HPWuSchd2.exe completed successfully.
    File move operation C:\Programmi\Nokia\Nokia PC Suite 6\bak\LAUNCH~1.EXE|C:\Programmi\Nokia\Nokia PC Suite 6\LAUNCH~1.EXE completed successfully.
    File move operation C:\Programmi\Synaptics\SynTP\bak\SynTPEnh.exe|C:\Programmi\Synaptics\SynTP\SynTPEnh.exe completed successfully.
    File move operation C:\Programmi\Synaptics\SynTP\bak\SynTPLpr.exe|C:\Programmi\Synaptics\SynTP\SynTPLpr.exe completed successfully.
    File move operation C:\WINDOWS\ime\IMJP8_1\bak\IMJPMIG.EXE|C:\WINDOWS\ime\IMJP8_1\IMJPMIG.EXE completed successfully.
    File move operation C:\WINDOWS\system32\drivers\bak\Icon.exe|C:\WINDOWS\system32\drivers\Icon.exe completed successfully.
    File move operation C:\Programmi\File comuni\Real\Update_OB\bak\realsched.exe|C:\Programmi\File comuni\Real\Update_OB\realsched.exe completed successfully.
    File move operation C:\Programmi\Java\j2re1.4.2_05\bin\bak\jusched.exe|C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe completed successfully.
    File move operation C:\Programmi\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe|C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe completed successfully.
    File move operation C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE|C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE completed successfully.

    Completed script processing.


    Finished! Terminate.


  • User Newbie

    mi sono accorto che c'erano 2 errori e prima ne avevo corretto solo 1 ho rifatto tutto con il testo giusto......questo è il responso.....cmq explorer non funziona ancora

    Logfile of The Avenger version 1, by Swandog46
    Running from registry key:
    \Registry\Machine\System\CurrentControlSet\Services\tkuxisfl


    Script file located at: ??\C:\WINDOWS\tywmosyu.txt
    Script file opened successfully.

    Script file read successfully

    Backups directory opened successfully at C:\Avenger


    Beginning to process script file:

    File C:\WINDOWS\vsnpstd.exe deleted successfully.
    File C:\APPS\Powercinema\PCMService.exe deleted successfully.
    File C:\Programmi\iTunes\iTunesHelper.exe deleted successfully.
    File C:\Programmi\MessengerPlus! 3\MsgPlus.exe deleted successfully.
    File C:\Programmi\QuickTime\qttask.exe deleted successfully.
    File C:\WINDOWS\system32\hkcmd.exe deleted successfully.
    File C:\WINDOWS\system32\igfxtray.exe deleted successfully.
    File C:\WINDOWS\system32\NeroCheck.exe deleted successfully.
    File C:\Programmi\Alwil Software\Avast4\ashDisp.exe deleted successfully.
    File C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe deleted successfully.
    File C:\Programmi\HP\HP Software Update\HPWuSchd2.exe deleted successfully.
    File C:\Programmi\Nokia\Nokia PC Suite 6\LAUNCH~1.EXE deleted successfully.
    File C:\Programmi\Synaptics\SynTP\SynTPEnh.exe deleted successfully.
    File C:\Programmi\Synaptics\SynTP\SynTPLpr.exe deleted successfully.
    File C:\WINDOWS\ime\IMJP8_1\IMJPMIG.EXE deleted successfully.
    File C:\WINDOWS\system32\drivers\Icon.exe deleted successfully.
    File C:\Programmi\File comuni\Real\Update_OB\realsched.exe deleted successfully.
    File C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe deleted successfully.
    File C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE deleted successfully.

    File C:\WINDOWS\bak\vsnpstd.exe not found!
    File move operation C:\WINDOWS\bak\vsnpstd.exe|C:\WINDOWS\vsnpstd.exe failed!

    Could not process line:
    C:\WINDOWS\bak\vsnpstd.exe|C:\WINDOWS\vsnpstd.exe
    Status: 0xc0000034

    File C:\APPS\Powercinema\bak\PCMService.exe not found!
    File move operation C:\APPS\Powercinema\bak\PCMService.exe|C:\APPS\Powercinema\PCMService.exe failed!

    Could not process line:
    C:\APPS\Powercinema\bak\PCMService.exe|C:\APPS\Powercinema\PCMService.exe
    Status: 0xc0000034

    File C:\Programmi\iTunes\bak\iTunesHelper.exe not found!
    File move operation C:\Programmi\iTunes\bak\iTunesHelper.exe|C:\Programmi\iTunes\iTunesHelper.exe failed!

    Could not process line:
    C:\Programmi\iTunes\bak\iTunesHelper.exe|C:\Programmi\iTunes\iTunesHelper.exe
    Status: 0xc0000034

    File C:\Programmi\MessengerPlus! 3\bak\MsgPlus.exe not found!
    File move operation C:\Programmi\MessengerPlus! 3\bak\MsgPlus.exe|C:\Programmi\MessengerPlus! 3\MsgPlus.exe failed!

    Could not process line:
    C:\Programmi\MessengerPlus! 3\bak\MsgPlus.exe|C:\Programmi\MessengerPlus! 3\MsgPlus.exe
    Status: 0xc0000034

    File C:\Programmi\QuickTime\bak\qttask.exe not found!
    File move operation C:\Programmi\QuickTime\bak\qttask.exe|C:\Programmi\QuickTime\qttask.exe failed!

    Could not process line:
    C:\Programmi\QuickTime\bak\qttask.exe|C:\Programmi\QuickTime\qttask.exe
    Status: 0xc0000034

    File C:\WINDOWS\system32\bak\hkcmd.exe not found!
    File move operation C:\WINDOWS\system32\bak\hkcmd.exe|C:\WINDOWS\system32\hkcmd.exe failed!

    Could not process line:
    C:\WINDOWS\system32\bak\hkcmd.exe|C:\WINDOWS\system32\hkcmd.exe
    Status: 0xc0000034

    File C:\WINDOWS\system32\bak\igfxtray.exe not found!
    File move operation C:\WINDOWS\system32\bak\igfxtray.exe|C:\WINDOWS\system32\igfxtray.exe failed!

    Could not process line:
    C:\WINDOWS\system32\bak\igfxtray.exe|C:\WINDOWS\system32\igfxtray.exe
    Status: 0xc0000034

    File C:\WINDOWS\system32\bak\NeroCheck.exe not found!
    File move operation C:\WINDOWS\system32\bak\NeroCheck.exe|C:\WINDOWS\system32\NeroCheck.exe failed!

    Could not process line:
    C:\WINDOWS\system32\bak\NeroCheck.exe|C:\WINDOWS\system32\NeroCheck.exe
    Status: 0xc0000034

    File C:\Programmi\Alwil Software\Avast4\bak\ashDisp.exe not found!
    File move operation C:\Programmi\Alwil Software\Avast4\bak\ashDisp.exe|C:\Programmi\Alwil Software\Avast4\ashDisp.exe failed!

    Could not process line:
    C:\Programmi\Alwil Software\Avast4\bak\ashDisp.exe|C:\Programmi\Alwil Software\Avast4\ashDisp.exe
    Status: 0xc0000034

    File C:\Programmi\HP\HP Software Update\bak\HPWuSchd2.exe not found!
    File move operation C:\Programmi\HP\HP Software Update\bak\HPWuSchd2.exe|C:\Programmi\HP\HP Software Update\HPWuSchd2.exe failed!

    Could not process line:
    C:\Programmi\HP\HP Software Update\bak\HPWuSchd2.exe|C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
    Status: 0xc0000034

    File C:\Programmi\Nokia\Nokia PC Suite 6\bak\LAUNCH~1.EXE not found!
    File move operation C:\Programmi\Nokia\Nokia PC Suite 6\bak\LAUNCH~1.EXE|C:\Programmi\Nokia\Nokia PC Suite 6\LAUNCH~1.EXE failed!

    Could not process line:
    C:\Programmi\Nokia\Nokia PC Suite 6\bak\LAUNCH~1.EXE|C:\Programmi\Nokia\Nokia PC Suite 6\LAUNCH~1.EXE
    Status: 0xc0000034

    File C:\Programmi\Synaptics\SynTP\bak\SynTPEnh.exe not found!
    File move operation C:\Programmi\Synaptics\SynTP\bak\SynTPEnh.exe|C:\Programmi\Synaptics\SynTP\SynTPEnh.exe failed!

    Could not process line:
    C:\Programmi\Synaptics\SynTP\bak\SynTPEnh.exe|C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
    Status: 0xc0000034

    File C:\Programmi\Synaptics\SynTP\bak\SynTPLpr.exe not found!
    File move operation C:\Programmi\Synaptics\SynTP\bak\SynTPLpr.exe|C:\Programmi\Synaptics\SynTP\SynTPLpr.exe failed!

    Could not process line:
    C:\Programmi\Synaptics\SynTP\bak\SynTPLpr.exe|C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
    Status: 0xc0000034

    File C:\WINDOWS\ime\IMJP8_1\bak\IMJPMIG.EXE not found!
    File move operation C:\WINDOWS\ime\IMJP8_1\bak\IMJPMIG.EXE|C:\WINDOWS\ime\IMJP8_1\IMJPMIG.EXE failed!

    Could not process line:
    C:\WINDOWS\ime\IMJP8_1\bak\IMJPMIG.EXE|C:\WINDOWS\ime\IMJP8_1\IMJPMIG.EXE
    Status: 0xc0000034

    File C:\WINDOWS\system32\drivers\bak\Icon.exe not found!
    File move operation C:\WINDOWS\system32\drivers\bak\Icon.exe|C:\WINDOWS\system32\drivers\Icon.exe failed!

    Could not process line:
    C:\WINDOWS\system32\drivers\bak\Icon.exe|C:\WINDOWS\system32\drivers\Icon.exe
    Status: 0xc0000034

    File C:\Programmi\File comuni\Real\Update_OB\bak\realsched.exe not found!
    File move operation C:\Programmi\File comuni\Real\Update_OB\bak\realsched.exe|C:\Programmi\File comuni\Real\Update_OB\realsched.exe failed!

    Could not process line:
    C:\Programmi\File comuni\Real\Update_OB\bak\realsched.exe|C:\Programmi\File comuni\Real\Update_OB\realsched.exe
    Status: 0xc0000034

    File C:\Programmi\Java\j2re1.4.2_05\bin\bak\jusched.exe not found!
    File move operation C:\Programmi\Java\j2re1.4.2_05\bin\bak\jusched.exe|C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe failed!

    Could not process line:
    C:\Programmi\Java\j2re1.4.2_05\bin\bak\jusched.exe|C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe
    Status: 0xc0000034

    File C:\Programmi\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe not found!
    File move operation C:\Programmi\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe|C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe failed!

    Could not process line:
    C:\Programmi\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe|C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    Status: 0xc0000034

    File C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE not found!
    File move operation C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE|C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE failed!

    Could not process line:
    C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE|C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
    Status: 0xc0000034

    Completed script processing.


    Finished! Terminate.


  • Bannato User

    riposta un log di findawf.


  • User Newbie

    appena apro il pc adesso mi chiede "HPPProductAssistant" disc........che cos'è??
    cmq ecco il log

    Find AWF report by noahdfear ©2006
    Version 1.40

    bak folders found

    
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.645.632 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\APPS\POWERC~1\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.645.632 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\ITUNES\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.641.536 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\MESSEN~2\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.641.536 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\QUICKT~1\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.641.536 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\SYSTEM32\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.641.536 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\ALWILS~1\AVAST4\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.641.536 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\GOOGLE\GOOGLE~3\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.641.536 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\HP\HPSOFT~1\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.641.536 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\NOKIA\NOKIAP~1\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.641.536 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\SYNAPT~1\SYNTP\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.641.536 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\IME\IMJP8_1\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.641.536 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\SYSTEM32\DRIVERS\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.641.536 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\FILECO~1\REAL\UPDATE~1\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.637.440 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\PROGRA~1\JAVA\J2RE14~1.2_0\BIN\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.637.440 byte disponibili
    Il volume nell'unit? C ? HDD
    Numero di serie del volume: 70E8-BCFA
    
    Directory di C:\WINDOWS\SYSTEM32\IME\TINTLGNT\BAK
    
                 0 File              0 byte
                 2 Directory  45.080.637.440 byte disponibili
    
    
    Duplicate files of bak directory contents
    

    end of report


  • Bannato User

    il log di findawf e' pulito.
    proviamo cosi:
    scansione con total scan www.nanoscan.com/as/v1/
    clicca su full scan e poi su scan now.aspetta che fa l'update e la scansione,quando ha finito esce un log.
    caricalo qua:
    http://megaupload.com
    e dacci il link per scaricarlo


  • User Newbie

    grazie ancora per il tuo aiuto!!!ho fatto lo scan che mi hai detto.......però sono dovuto uscire e quando sono tornato da lavoro lo scan mi aveva riavviato in automatico il pc e non c'era nessun log.......il problema continua ad esserci.........hai altri suggerimenti????


  • User

    format 😄 (invio) ? :mmm: 😄