|
| Precedente :: Successivo |
| Autore |
Messaggio |
Lebistes
Mortale pio
Registrato: 26/07/06 21:13
Messaggi: 27
|
 Inviato: 27 Lug 2006 21:04 Oggetto: Help anche per me.... |
 |
|
Ciao.Ora provo ad applicare i tuoi suggerimenti.
Nel mio computer invece,nel quale uso ad-aware,spybot,avast,zone alarm(con antivirus ed antispyware incorporato),spywareblaster ed ewido, ogni tanto avast mi scopre nel computer i due virus :
- Win32.agent.gen
- Win32.favadd-o
Io li elimino ma dopo qualche tempo ricompaiono.
Ho fatto la scansione online con kaspersky, e mi ha trovato questo:
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, July 27, 2006 8:46:10 PM
Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 27/07/2006
Kaspersky Anti-Virus database records: 210358
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 57484
Number of viruses found: 6
Number of infected objects: 22 / 0
Number of suspicious objects: 0
Duration of the scan process: 00:39:20
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Davide\Impostazioni locali\Temp\m Infected: Trojan.Win32.Agent.vp skipped
C:\Documents and Settings\Davide\Impostazioni locali\Temporary Internet Files\Content.IE5\GLLWJZ7Q\d[1].gif Infected: Trojan.Win32.Agent.vp skipped
C:\Documents and Settings\Fabio\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Cronologia\History.IE5\MSHist012006072720060728\index.dat Object is locked skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Temp\~DF4BCC.tmp Object is locked skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\4D6VSDQ7\install[1].htm Infected: Exploit.HTML.CodeBaseExec skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\S1ENCXYJ\popup[1].htm Infected: Trojan-Clicker.HTML.Agent.a skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\SHABGXMZ\popup[1].php Infected: Trojan-Clicker.HTML.Agent.a skipped
C:\Documents and Settings\Fabio\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Fabio\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\wzOhFmpSvJn\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\wzOhFmpSvJn\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\wzOhFmpSvJn\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\report\Protezione residente.txt Object is locked skipped
C:\Programmi\File comuni\System\hQY.exe Object is locked skipped
C:\Programmi\File comuni\System\jlLF.exe Object is locked skipped
C:\Programmi\File comuni\System\jviJI.exe Object is locked skipped
C:\Programmi\File comuni\System\kHZ.exe Object is locked skipped
C:\Programmi\File comuni\System\wgx.exe Object is locked skipped
C:\Programmi\Zone Labs\ZoneAlarm\MailFrontier\MailBuddy.log Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP15\A0001215.exe/data0002 Infected: Trojan.Win32.VB.amd skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP15\A0001215.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP17\A0001341.exe Infected: Trojan.Win32.VB.amd skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP47\A0009285.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP47\A0009320.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP47\A0009350.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP47\A0009364.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP47\A0009381.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP48\A0009509.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP48\A0009536.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP48\A0009549.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP48\A0009571.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP49\A0009613.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP49\A0009626.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP50\A0009692.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP50\A0010693.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP50\A0010706.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP51\A0010747.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP51\A0010842.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP51\A0010858.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP51\A0011858.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP51\A0011866.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP51\A0011880.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP52\A0011903.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP52\A0011912.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP53\A0011943.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP53\A0012054.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP53\A0012067.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP53\A0012081.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP54\A0012095.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP55\A0012364.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP57\A0012391.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP57\A0012431.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP57\A0012472.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP57\A0012488.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP57\A0012502.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP57\A0012529.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP57\A0012545.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP57\A0012556.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP57\A0013556.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP57\A0013571.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP58\A0013594.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP58\A0013633.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP58\A0013645.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP58\A0013684.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP59\A0013887.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP60\A0013903.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP60\A0013922.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP61\A0014053.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP61\A0014073.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP61\A0014084.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP63\A0014105.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP63\A0014169.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP64\A0014430.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP64\A0014451.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP64\A0014492.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP64\A0014519.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP64\A0015519.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP64\A0015541.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP64\A0015608.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP65\A0015646.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP67\A0015786.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP67\A0015825.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP67\A0015836.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP67\A0015850.exe Object is locked skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP70\A0016185.exe/data0007 Infected: Trojan-Downloader.Win32.Zlob.aai skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP70\A0016185.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.aai skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP70\A0016185.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP70\A0016185.exe UPX: infected - 2 skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP74\A0017495.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.aan skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP74\A0017495.exe/stream Infected: Trojan-Downloader.Win32.Zlob.aan skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP74\A0017495.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP74\A0017495.exe UPX: infected - 2 skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP74\A0017495.exe PE_Patch.UPX: infected - 2 skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP74\A0017496.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.aan skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP74\A0017496.exe/stream Infected: Trojan-Downloader.Win32.Zlob.aan skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP74\A0017496.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP74\A0017496.exe UPX: infected - 2 skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP74\A0017496.exe PE_Patch.UPX: infected - 2 skipped
C:\System Volume Information\_restore{2D442F79-6959-43CE-A367-0595B752FC33}\RP76\change.log Object is locked skipped
C:\WINDOWS\Debug\oakley.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Internet Logs\CENTRINO.ldb Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd7149.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_684.dat Object is locked skipped
C:\WINDOWS\Temp\ZLT049ef.TMP Object is locked skipped
C:\WINDOWS\Temp\ZLT049f2.TMP Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
Scan process completed.
Cioè mi ha trovato questi virus,diversi da quelli segnalatimi prima.In più questo scanner online non mi permette di eliminare i virus trovati.
Cosa devo fare secondo te?
Ti posto pure il log di hijackthis fatto poco prima:
Logfile of HijackThis v1.99.1
Scan saved at 23.45.43, on 26/07/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\ZoneLabs\isafe.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\carpserv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Winamp\winamp.exe
C:\Documents and Settings\Fabio\Documenti\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: DAPBHO Class - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - C:\Programmi\DAP\DAPIEBar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Give4Free Plugin Installer - {208E7E77-507A-4649-B0C9-D39E9049C7A2} - C:\Programmi\Give4Free Plugin\ibho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Programmi\DAP\DAPIEBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O8 - Extra context menu item: &Cerca con Google - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Traduci parola in italiano - res://C:\Programmi\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Link a ritroso - res://C:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pagine simili - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Versione cache della pagina - res://C:\Programmi\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\System32\ZoneLabs\isafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
ho provato a fare controllare il log su www.hijackthis.de/it e mi ha segnalato solo queste due voci come non verdi:
O2 - BHO: DAPBHO Class - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - C:\Programmi\DAP\DAPIEBar.dll
Sospetto Le voci trovate nel registro di sistema sono potenzialmente pericolose.
Hit rate: 100,00%
Da eliminare!
O2 - BHO: Give4Free Plugin Installer - {208E7E77-507A-4649-B0C9-D39E9049C7A2} - C:\Programmi\Give4Free Plugin\ibho.dll
Sospetto Le voci trovate nel registro di sistema sono potenzialmente pericolose.
Hit rate: 100,00%
Da eliminare
Datemi una mano!!!!! |
|
| Top |
|
 |
holifay
Dio maturo
Registrato: 08/03/05 10:48
Messaggi: 2912
Residenza: Milano
|
| Inviato: 28 Lug 2006 00:46 Oggetto: |
 |
|
Give4free è un adware che visualizza dei banner pubblicitari. Si è installato con quelche software adware che hai installato e che potrebbe non funzionare più se rimuovi quella voce.
Eliminalo pure, se qualche programma non ti funziona più, lo puoi ripristinare dal backup
La voce BHO: DAPBHO Class è invece del Downloader Accelerator Plus. Se lo usi non va rimossa, altrimenti disinstalla il programma dal Pannello di controllo.
Purtroppo il problema più grande è il trojan agent che ricompare nella cartella temp e la cartella wzOhFmpSvJn. Prova a leggere la guida in rilievo in cima al forum ed eventualmente posta tutti i risultati dei controlli richiesti al punto AIUTO AL FORUM DI ZEUSNEWS. In particolare i due log di GMER
Del resto, quello che si trova in C:/System Volume Information/_restore per ora non preoccuparti
Ciao |
|
| Top |
|
|
|
|
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi
|
|
FAQ
Cerca
Lista utenti
Gruppi
Registrati
Profilo
Messaggi privati
Log in
