Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
Service32.exe
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
marg17
Semidio
Semidio


Registrato: 02/06/07 09:48
Messaggi: 328
MessaggioInviato: 18 Set 2007 19:11    Oggetto: che casino.... Rispondi citando
Bisogna sempre navigare a vista, appena si và oltre ecco che ti becchi subito qualcosa.......
Dunque ci risiamo....
se qualcuno può darmi una mano ringrazio Smile


Logfile of HijackThis v1.99.1
Scan saved at 19.08.33, on 18/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\a-squared Anti-Dialer\a2service.exe
C:\Programmi\Comodo\Firewall\cmdagent.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ssoftsrv.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\service32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\a-squared Anti-Dialer\a2adguard.exe
C:\Programmi\Comodo\Firewall\CPF.exe
C:\WINDOWS\RTHDCPL.EXE
C:\windows\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Digisoft AntiDialer\AntiDialer.exe
C:\Programmi\CountDown\CountDown.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [a-squared Anti-Dialer] "C:\Programmi\a-squared Anti-Dialer\a2adguard.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programmi\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [lsaplmzj] "c:\windows\system32\lsaplmzj.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Digisoft AntiDialer.lnk = C:\Programmi\Digisoft AntiDialer\AntiDialer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/16.43/uploader2.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CDCEE584-6E7E-4F3F-A5A8-10177EC4AE62}: NameServer = 62.211.69.150 212.48.4.15
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Programmi\a-squared Anti-Dialer\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programmi\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cryptainer service (ssoftservice) - Cypherix - C:\WINDOWS\SYSTEM32\ssoftsrv.exe
Top
Profilo Invia messaggio privato
Orange
Dio maturo
Dio maturo


Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
MessaggioInviato: 18 Set 2007 19:53    Oggetto: Re: che casino.... Rispondi citando
marg17 ha scritto:
Bisogna sempre navigare a vista, appena si và oltre ecco che ti becchi subito qualcosa.......
Dunque ci risiamo....
se qualcuno può darmi una mano ringrazio Smile
ciao Smile
non aver timore ad aprire un topic tutto per te Wink

vabbè: un paio di processi strani ci sono...
cominciamo con i passi più semplici: scaricati Virit, aggiornalo e fai lo scan completo di sistema.
posta poi il risultato.

dopo fai anche questi passaggi e posta i link richiesti.
Top
Profilo Invia messaggio privato
marg17
Semidio
Semidio


Registrato: 02/06/07 09:48
Messaggi: 328
MessaggioInviato: 18 Set 2007 20:39    Oggetto: Service32.exe Rispondi citando
Come consigliato poco fà dal gentile Orange apro un
thread.
Sono una persona abbastanza accorta ma è inevitabile di tanto in tanto qualche problema viene fuori...

Logfile of HijackThis v1.99.1
Scan saved at 19.08.33, on 18/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\a-squared Anti-Dialer\a2service.exe
C:\Programmi\Comodo\Firewall\cmdagent.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ssoftsrv.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\service32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\a-squared Anti-Dialer\a2adguard.exe
C:\Programmi\Comodo\Firewall\CPF.exe
C:\WINDOWS\RTHDCPL.EXE
C:\windows\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Digisoft AntiDialer\AntiDialer.exe
C:\Programmi\CountDown\CountDown.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [a-squared Anti-Dialer] "C:\Programmi\a-squared Anti-Dialer\a2adguard.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programmi\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [lsaplmzj] "c:\windows\system32\lsaplmzj.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Digisoft AntiDialer.lnk = C:\Programmi\Digisoft AntiDialer\AntiDialer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/16.43/uploader2.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CDCEE584-6E7E-4F3F-A5A8-10177EC4AE62}: NameServer = 62.211.69.150 212.48.4.15
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Programmi\a-squared Anti-Dialer\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programmi\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cryptainer service (ssoftservice) - Cypherix - C:\WINDOWS\SYSTEM32\ssoftsrv.exe



Find AWF report by noahdfear ©2006


bak folders found
~~~~~~~~~~~

Il volume nell'unit? C non ha etichetta.
Numero di serie del volume: D039-8E28

Directory di C:\PROGRA~1\A-SQUA~1\BAK

21/11/2006 23.26 996.864 a2adguard.exe
1 File 996.864 byte
2 Directory 244.267.855.872 byte disponibili
Il volume nell'unit? C non ha etichetta.
Numero di serie del volume: D039-8E28

Directory di C:\WINDOWS\SYSTEM32\BAK

30/08/2004 22.00 15.360 ctfmon.exe
1 File 15.360 byte
2 Directory 244.267.855.872 byte disponibili
Il volume nell'unit? C non ha etichetta.
Numero di serie del volume: D039-8E28

Directory di C:\PROGRA~1\ALWILS~1\AVAST4\BAK

15/01/2007 18.28 108.160 ashDisp.exe
1 File 108.160 byte
2 Directory 244.267.851.776 byte disponibili
Il volume nell'unit? C non ha etichetta.
Numero di serie del volume: D039-8E28

Directory di C:\PROGRA~1\COMODO\FIREWALL\BAK

0 File 0 byte
2 Directory 244.267.851.776 byte disponibili
Il volume nell'unit? C non ha etichetta.
Numero di serie del volume: D039-8E28

Directory di C:\PROGRA~1\JAVA\JRE15~1.0_1\BIN\BAK

0 File 0 byte
2 Directory 244.267.851.776 byte disponibili


Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

1334272 2 Sep 2007 "C:\Programmi\a-squared Anti-Dialer\a2adguard.exe"
996864 21 Nov 2006 "C:\Programmi\a-squared Anti-Dialer\bak\a2adguard.exe"
15360 30 Aug 2004 "C:\WINDOWS\system32\ctfmon.exe"
15360 30 Aug 2004 "C:\WINDOWS\system32\bak\ctfmon.exe"
75392 30 Apr 2007 "C:\Programmi\Alwil Software\Avast4\ashDisp.exe"
108160 15 Jan 2007 "C:\Programmi\Alwil Software\Avast4\bak\ashDisp.exe"


end of report
Top
Profilo Invia messaggio privato
marg17
Semidio
Semidio


Registrato: 02/06/07 09:48
Messaggi: 328
MessaggioInviato: 18 Set 2007 20:44    Oggetto: Rispondi citando
grazie...http://forum.zeusnews.com/viewtopic.php?p=213498#213498
Top
Profilo Invia messaggio privato
marg17
Semidio
Semidio


Registrato: 02/06/07 09:48
Messaggi: 328
MessaggioInviato: 18 Set 2007 22:22    Oggetto: VirIT ha fatto il suo dovere...... Rispondi citando
mi pare un vero portento questo VirIT
Very Happy
Grazie ancora a orange Laughing
VirIT eXplorer Lite Log

[SCANSIONE DELLA MEMORIA]
OK
[SCANSIONE DELLA MEMORIA]
OK
--------------------------------------------------------
18/09/2007 - 22:01:55

[SCANSIONE DEL REGISTRO]
OK

[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK

C:\Documents and Settings\Administrator\Impostazioni locali\Temp\pa_0290.exe Infetto da Trojan.Win32.Small.RJ
* * * RIMOSSO * * *
C:\systuob.exe Infetto da Trojan.Win32.Agent.BCZ
* * * RIMOSSO * * *
C:\WINDOWS\service32.exe Infetto da Trojan.Win32.Agent.BCZ
* * * RIMOSSO * * *
C:\WINDOWS\sysnet32.exe Infetto da Trojan.Win32.Small.RJ
* * * RIMOSSO * * *

Chiavi Registro infette: 0.
Files Infetti: 4.
Files Sospetti: 0.
Files Analizzati: 29530.
Files Totali: 29530.
Chiavi Registro rimosse: 0.
Virus Rimossi: 4.

[SCANSIONE DELLA MEMORIA]
OK
[SCANSIONE DELLA MEMORIA]
OK
Top
Profilo Invia messaggio privato
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 18 Set 2007 22:41    Oggetto: Rispondi citando
Ok, adesso fai gli altri passaggi consigliati dalla dea Orange. Wink
Top
Profilo Invia messaggio privato
marg17
Semidio
Semidio


Registrato: 02/06/07 09:48
Messaggi: 328
MessaggioInviato: 19 Set 2007 00:49    Oggetto: ecco qui da qualcosa d'infetto...ma credo che.... Rispondi citando
Vi chiederei conferma...ma il probabile virus è in ormai sistemato in quarantena
dal programma a-squared anti-dialer, per cui non ci sono problemi giusto?
Smile
KASPERSKY ONLINE SCANNER REPORT
Wednesday, September 19, 2007 12:38:51 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 19/09/2007
Kaspersky Anti-Virus database records: 420425


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\
F:\

Scan Statistics
Total number of scanned objects 29213
Number of viruses found 1
Number of infected objects 2
Number of suspicious objects 0
Duration of the scan process 00:23:43

Infected Object Name Virus Name Last Action
C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Administrator\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Administrator\Impostazioni locali\Temp\Perflib_Perfdata_b68.dat Object is locked skipped

C:\Documents and Settings\Administrator\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Administrator\Impostazioni locali\Temporary Internet Files\Content.IE5\WU3X8SGD\CA3UOBFT.swf Object is locked skipped

C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Mario\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Mario\Dati applicazioni\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Dati applicazioni\Microsoft\HTML Help\hh.dat Object is locked skipped

C:\Documents and Settings\Mario\Dati applicazioni\Microsoft\Internet Explorer\brndlog.bak Object is locked skipped

C:\Documents and Settings\Mario\Dati applicazioni\Microsoft\Internet Explorer\brndlog.txt Object is locked skipped

C:\Documents and Settings\Mario\Dati applicazioni\Microsoft\Internet Explorer\Desktop.htt Object is locked skipped

C:\Documents and Settings\Mario\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Avvia il browser Internet Explorer.lnk Object is locked skipped

C:\Documents and Settings\Mario\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Mostra Desktop.scf Object is locked skipped

C:\Documents and Settings\Mario\Dati applicazioni\Microsoft\MMC\secpol Object is locked skipped

C:\Documents and Settings\Mario\Dati applicazioni\Microsoft\Protect\CREDHIST Object is locked skipped

C:\Documents and Settings\Mario\Dati applicazioni\Microsoft\Protect\S-1-5-21-1078081533-1715567821-725345543-1003\7987aaca-f828-4db5-8145-5296d1dec03f Object is locked skipped

C:\Documents and Settings\Mario\Dati applicazioni\Microsoft\Protect\S-1-5-21-1078081533-1715567821-725345543-1003\Preferred Object is locked skipped

C:\Documents and Settings\Mario\Dati applicazioni\Microsoft\Windows\Themes\Custom.theme Object is locked skipped

C:\Documents and Settings\Mario\Documenti\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Documenti\Immagini\Desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Documenti\Immagini\Immagini campione.lnk Object is locked skipped

C:\Documents and Settings\Mario\Documenti\Musica\Desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Documenti\Musica\Musica campione.lnk Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Cronologia\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Cronologia\History.IE5\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Cronologia\History.IE5\MSHist012007031020070311\index.dat Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Dati applicazioni\IconCache.db Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Dati applicazioni\Microsoft\HelpCtr\HelpSessionHistory.dat Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Dati applicazioni\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Dati applicazioni\Microsoft\Media Player\CurrentDatabase_59R.wmdb Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Dati applicazioni\Microsoft\Windows Media\9.0\WMSDKNS.DTD Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Dati applicazioni\Microsoft\Windows Media\9.0\WMSDKNS.XML Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Arabic.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Czech.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Danish.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Dutch.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\English.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Finnish.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\French.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\German.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\GLB1.tmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\GLC2.tmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Greek.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Hebrew.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Hungarian.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT10.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT102.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT103.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT104.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT107.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT108.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT109.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT10A.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT10B.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT10C.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT11.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT18.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT19.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT1A.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT25.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT26.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT27.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT28.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT29.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT2A.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT3B.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT3C.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT3D.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT3E.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT3F.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMT40.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMTF.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMTF2.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMTF3.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\IMTF4.xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\isp5.tmp\_Setup.dll Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\isp6.tmp\_Setup.dll Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Italian.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Japanese.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Korean.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Norwegian.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Polish.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Portuguese(Brazil).bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Portuguese.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Russian.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\set1.tmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Set2.tmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\SimChin.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Spanish.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\SWEDISH.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Thai.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\TradChin.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\Turkish.bin Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temp\_isdelet.ini Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\arrow_green_mouseover[1].bmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\arrow_green_normal[1].bmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\arrow_green_normal_shadow[1].bmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\collapsed[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\Common[1].js Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\Common[2].js Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\coUAprint[1].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\desktop_icon_02[1].bmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\firstpage[1].htm Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\Layout[1].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\logo[1].bmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\progbar[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\shared[1].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\shared[2].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\shared[3].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\shared[4].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\shared[5].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\shared[6].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\shortcutHot[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\stngs_ua[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\Uabrand[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\UAHelp_Metrics[1].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\2OP443JW\wlcm_ua[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\clsclgn_ua[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\Common[1].js Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\desktop_icon_03[1].bmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\helpdoc[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\HelpLA_lib[1].js Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\HHWRAPPER[2].htm Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\MiniNavBar[1].htm Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\mydcs_ua[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\NavBar[1].htm Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\Search[1].htm Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\shared[1].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\shared[1].js Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\shared[2].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\shared[3].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\shared[4].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\shared[5].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\shared[6].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\shortcutCold[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\switch1_ua[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\CFQ9H7ME\Uabrand[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\arrow_green_mousedown[1].bmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\CA6VKLAZ.HTM Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\chkmk_clrbkgrd[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\Common[1].js Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\Common[2].js Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\Common[3].js Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\Context[1].htm Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\cstmz_ua[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\desktop_icon_01[1].bmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\desktop_icon_04[1].bmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\endnode[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\Homepage__DESKTOP[1].js Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\Homepage__SHARED[1].js Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\icon_articles_12x[1].bmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\lgn_ua[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\note[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\popup[1].js Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\searchblurb[1].htm Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\shared[1].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\shared[2].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\switch2_ua[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\warning[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\JPN8ZUTH\wrapperparam[1].js Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\Behaviors[1].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\blank[1].htm Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\chkmk_antialiased[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\Common[1].js Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\coUA[1].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\fvrts_ua[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\HomePage[1].htm Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\icon_blank_12x[1].bmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\MiniNavBar[1].xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\NavBar[1].xml Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\plusCold[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\shared[1].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\shared[2].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\shared[3].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\shared[4].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\SubSite[1].htm Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\switch3_ua[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\UAHelp_Classic[1].css Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\ua[1].gif Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\Content.IE5\OQDNDYQD\watermark_300x[1].bmp Object is locked skipped

C:\Documents and Settings\Mario\Impostazioni locali\Temporary Internet Files\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Accessori\Accesso facilitato\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Accessori\Accesso facilitato\Magnifier.lnk Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Accessori\Accesso facilitato\Tastiera su schermo.lnk Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Accessori\Accesso facilitato\Utility Manager.lnk Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Accessori\Blocco note.lnk Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Accessori\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Accessori\Esplora risorse.lnk Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Accessori\Presentazione di Windows XP.lnk Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Accessori\Prompt dei comandi.lnk Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Accessori\Rubrica.lnk Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Accessori\Sincronizza.lnk Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Accessori\Svago\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Accessori\Svago\Windows Media Player.lnk Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Accessori\Verifica guidata compatibilità programmi.lnk Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Assistenza remota.lnk Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Internet Explorer.lnk Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Outlook Express.lnk Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Strumenti di amministrazione\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Menu Avvio\Programmi\Windows Media Player.lnk Object is locked skipped

C:\Documents and Settings\Mario\Modelli\amipro.sam Object is locked skipped

C:\Documents and Settings\Mario\Modelli\excel.xls Object is locked skipped

C:\Documents and Settings\Mario\Modelli\excel4.xls Object is locked skipped

C:\Documents and Settings\Mario\Modelli\lotus.wk4 Object is locked skipped

C:\Documents and Settings\Mario\Modelli\powerpnt.ppt Object is locked skipped

C:\Documents and Settings\Mario\Modelli\presenta.shw Object is locked skipped

C:\Documents and Settings\Mario\Modelli\quattro.wb2 Object is locked skipped

C:\Documents and Settings\Mario\Modelli\sndrec.wav Object is locked skipped

C:\Documents and Settings\Mario\Modelli\winword.doc Object is locked skipped

C:\Documents and Settings\Mario\Modelli\winword2.doc Object is locked skipped

C:\Documents and Settings\Mario\Modelli\wordpfct.wpd Object is locked skipped

C:\Documents and Settings\Mario\Modelli\wordpfct.wpg Object is locked skipped

C:\Documents and Settings\Mario\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Mario\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Mario\ntuser.ini Object is locked skipped

C:\Documents and Settings\Mario\Preferiti\Collegamenti\HotMail gratuita.url Object is locked skipped

C:\Documents and Settings\Mario\Preferiti\Collegamenti\Personalizzazione collegamenti.url Object is locked skipped

C:\Documents and Settings\Mario\Preferiti\Collegamenti\Windows.url Object is locked skipped

C:\Documents and Settings\Mario\Preferiti\Collegamenti\WindowsMedia.url Object is locked skipped

C:\Documents and Settings\Mario\Preferiti\Desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\Preferiti\Guida stazioni radio.url Object is locked skipped

C:\Documents and Settings\Mario\Preferiti\Microsoft bCentral.url Object is locked skipped

C:\Documents and Settings\Mario\Preferiti\MSN.com.url Object is locked skipped

C:\Documents and Settings\Mario\Recent\Desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\SendTo\Cartella compressa.ZFSendToTarget Object is locked skipped

C:\Documents and Settings\Mario\SendTo\Desktop (crea collegamento).DeskLink Object is locked skipped

C:\Documents and Settings\Mario\SendTo\desktop.ini Object is locked skipped

C:\Documents and Settings\Mario\SendTo\Destinatario posta.MAPIMail Object is locked skipped

C:\Documents and Settings\Mario\SendTo\Documenti.mydocs Object is locked skipped

C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Programmi\a-squared Anti-Dialer\Quarantine\613A32527F4A763C9023951444B6E2A9.a2q/Documents and Settings/Administrator/Impostazioni locali/Temp/1180698915.dat.exe Infected: Trojan.Win32.Agent.bab skipped

C:\Programmi\a-squared Anti-Dialer\Quarantine\613A32527F4A763C9023951444B6E2A9.a2q ZIP: infected - 1 skipped

C:\Programmi\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped

C:\Programmi\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped

C:\Programmi\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\WINDOWS\CSC\00000001 Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\ModemLog_PCI SoftV92 Modem.txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Paramete.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\lsaplmzj.exe Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\Temp\Perflib_Perfdata_430.dat Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
Top
Profilo Invia messaggio privato
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 19 Set 2007 02:49    Oggetto: Re: che casino.... Rispondi citando
Mancano gli altri logs richiesti da Orange:
Orange ha scritto:
dopo fai anche questi passaggi e posta i link richiesti.

Aggiungi anche un log aggiornato di hijackthis (ti consiglio di scaricare e utilizzare l'ultima versione).
Top
Profilo Invia messaggio privato
marg17
Semidio
Semidio


Registrato: 02/06/07 09:48
Messaggi: 328
MessaggioInviato: 19 Set 2007 10:08    Oggetto: Re: che casino.... Rispondi citando
bdoriano ha scritto:
Mancano gli altri logs richiesti da Orange:
Orange ha scritto:
dopo fai anche questi passaggi e posta i link richiesti.

Aggiungi anche un log aggiornato di hijackthis (ti consiglio di scaricare e utilizzare l'ultima versione).

Prima di scaricare la versione nuova conviene eliminare quella vecchia?

grazie Very Happy
Top
Profilo Invia messaggio privato
Orange
Dio maturo
Dio maturo


Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
MessaggioInviato: 19 Set 2007 18:20    Oggetto: Rispondi citando
come vuoi tu. non si danno fastidio a vicenda Wink
Top
Profilo Invia messaggio privato
marg17
Semidio
Semidio


Registrato: 02/06/07 09:48
Messaggi: 328
MessaggioInviato: 19 Set 2007 22:18    Oggetto: Rispondi citando
Grazie Orange Very Happy

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22.15.40, on 19/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\a-squared Anti-Dialer\a2service.exe
C:\Programmi\Comodo\Firewall\cmdagent.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ssoftsrv.exe
C:\VEXPLITE\viritsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\a-squared Anti-Dialer\a2adguard.exe
C:\Programmi\Comodo\Firewall\CPF.exe
C:\WINDOWS\RTHDCPL.EXE
C:\VEXPLITE\MONLITE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Digisoft AntiDialer\AntiDialer.exe
C:\Programmi\CountDown\CountDown.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\VEXPLITE\VIRITEXP.EXE
C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [a-squared Anti-Dialer] "C:\Programmi\a-squared Anti-Dialer\a2adguard.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programmi\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [lsaplmzj] "c:\windows\system32\lsaplmzj.exe"
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digisoft AntiDialer.lnk = C:\Programmi\Digisoft AntiDialer\AntiDialer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/16.43/uploader2.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CDCEE584-6E7E-4F3F-A5A8-10177EC4AE62}: NameServer = 62.211.69.150 212.48.4.15
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Programmi\a-squared Anti-Dialer\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programmi\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cryptainer service (ssoftservice) - Cypherix - C:\WINDOWS\SYSTEM32\ssoftsrv.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe

--
End of file - 6313 bytes
Top
Profilo Invia messaggio privato
Orange
Dio maturo
Dio maturo


Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
MessaggioInviato: 20 Set 2007 08:53    Oggetto: Re: che casino.... Rispondi citando
disattiva il ripristino e avvia in modalità provvisoria
avvia HiJack, seleziona Do a system scan only, metti la spunta alle voci indicate e premi Fix checked:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [lsaplmzj] "c:\windows\system32\lsaplmzj.exe"

e mi riquoto
Orange ha scritto:
dopo fai anche questi passaggi e posta i link richiesti.
Top
Profilo Invia messaggio privato
marg17
Semidio
Semidio


Registrato: 02/06/07 09:48
Messaggi: 328
MessaggioInviato: 21 Set 2007 10:36    Oggetto: Rispondi citando
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no
file)
Io di tanto in tanto uso MSN messenger, un'amico mi ha detto che si tratta di una sottochiave lecita che Hijackthis non riconosce ancora, potrebbe essere Orange?
Ho capito senza problemi come si esegue: disattiva il ripristino mentre sinceramente non mi è chiaro l'avvio in modalità provvisoria.
Se quest'ultima operazione è fondamentale potresti cortesemente spiegarmi? Io ho provato f8 sono poi entrato in modalità provvisoria ma lì mi son bloccato....... Embarassed
Grazie a dopo....
Top
Profilo Invia messaggio privato
Orange
Dio maturo
Dio maturo


Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
MessaggioInviato: 21 Set 2007 11:19    Oggetto: Rispondi citando
ciao.
Citazione:
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Io di tanto in tanto uso MSN messenger, un'amico mi ha detto che si tratta di una sottochiave lecita che Hijackthis non riconosce ancora
esatto, è un rimasuglio di MSN. ma se lo elimini non corri nessun rischio.
Citazione:
Io ho provato f8 sono poi entrato in modalità provvisoria ma lì mi son bloccato.......
basta seguire le indicazioni a schermo. tra le varie opzioni c'è anche Modalità provvisoria. selezionala con le frecce e dai l'invio.
Top
Profilo Invia messaggio privato
marg17
Semidio
Semidio


Registrato: 02/06/07 09:48
Messaggi: 328
MessaggioInviato: 21 Set 2007 13:07    Oggetto: Rispondi
Utilizzo questo metodo.....
metodo 3
1.Da Start/Esegui digitare msconfig/OK
verrà visualizzata la finestra System Configuration Utility.
2. Selezionare "Boot.INI" e quindi "Safeboot"
3. Fare clic su OK.
Viene visualizzata la richiesta di riavviare il computer. Fate clic su "Riavvia
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 2 ore
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi