Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

PROBLEMA hGqS

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

PROBLEMA hGqS

Postdi kobelak » 02/12/06 21:59

Ho un problema...all'avvio AVG mi segnala questo file D:\Programmi\WindowsNT\hGqS come cavallo di troia. AVG nn riesce rimuoverlo, io neanche (ho già provato in modalità provvisoria)


allego HJlog

Logfile of HijackThis v1.99.1
Scan saved at 21.55.10, on 02/12/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\SOUNDMAN.EXE
D:\Programmi\IPM\Adsl\DataWay\dslstat.exe
D:\paprport\pptd40nt.exe
D:\Programmi\Trust\305KS WIRELESS OPTICAL DESKSET\KbdAp32A.exe
D:\Programmi\Trust\305KS WIRELESS OPTICAL DESKSET\lwbwheel.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
D:\WINDOWS\System32\dslagent.exe
D:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
D:\Programmi\Pinnacle\PCTV Stereo\Remote\Remoterm.exe
D:\PROGRA~1\QUICKT~1\qttask.exe
D:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
D:\Programmi\Messenger\msmsgs.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\NCLAUNCH.EXe
D:\Programmi\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
D:\Programmi\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
D:\WINDOWS\System32\drivers\CDAC11BA.EXE
D:\PROGRA~1\CACHEM~1\CachemanXP.exe
D:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
D:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
D:\WINDOWS\System32\oodag.exe
D:\WINDOWS\System32\tcpsvcs.exe
D:\WINDOWS\System32\snmp.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
D:\Programmi\Internet Explorer\IEXPLORE.EXE
D:\Programmi\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
D:\Documents and Settings\User\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DSLSTATEXE] D:\Programmi\IPM\Adsl\DataWay\dslstat.exe icon
O4 - HKLM\..\Run: [PaperPort PTD] d:\paprport\pptd40nt.exe
O4 - HKLM\..\Run: [LWBKEYBOARD] D:\Programmi\Trust\305KS WIRELESS OPTICAL DESKSET\KbdAp32A.exe
O4 - HKLM\..\Run: [LWBMOUSE] D:\Programmi\Trust\305KS WIRELESS OPTICAL DESKSET\lwbwheel.exe
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe usb
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [PCTVRemote] D:\Programmi\Pinnacle\PCTV Stereo\Remote\Remoterm.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [gtfd1.exe] D:\WINDOWS\TEMP\gtfd1.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\PROGRA~1\QUICKT~1\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Programmi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "D:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NCLaunch] D:\WINDOWS\NCLAUNCH.EXe
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = D:\Programmi\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pinnacle Scheduler.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - D:\Programmi\ATI Multimedia\TV\EXPLBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{355ACE7B-8A7B-4A2F-856A-FD778BE0E942}: NameServer = 193.70.152.15 193.70.152.25
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: SASWinLogon - D:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - D:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: CachemanXP (CachemanXPService) - OuterTechnologies - D:\PROGRA~1\CACHEM~1\CachemanXP.exe
O23 - Service: O&O Defrag - O&O Software GmbH - D:\WINDOWS\System32\oodag.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
kobelak
Utente Senior
 
Post: 130
Iscritto il: 17/09/05 14:58

Sponsor
 

Postdi Luke57 » 03/12/06 00:54

Ciao, scarica Avgpfix da qui:
http://www.nod32.it/cgi-bin/mapdl.pl?tool=Agent.VP

lo avvii, premi Start, individui il file e premi Ok.
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10


Torna a Sicurezza e Privacy


Topic correlati a "PROBLEMA hGqS":

Problema Windows 10
Autore: asso1998
Forum: Software Windows
Risposte: 1

Chi c’è in linea

Visitano il forum: Nessuno e 12 ospiti