Ero convinto che il mio problema fosse finalmente sparito ma ora si è ripresentato...
mi si aprono Pop-Up che vorrebbero farmi scaricare degli anti-spyware, ovviamente io li chiudo subito ma periodicamente riappaiono ed è piuttosto fastidioso.
Inoltre F-Secure continua a dirmi che ho subito un infezione da Trojan Downloader etc. etc io gli dico di eliminarli ma prima mi dice che non può ( sono utilizzati da qlche processo ) poi mi dice che li ha eliminati e di riavviare il pc, io lo faccio ma siamo punto da capo ogni volta.
Se gli dico di disinfettare dice ke non può...
Non so piu che fare, ecco il log di Hijackthis...
Logfile of HijackThis v1.99.1
Scan saved at 13.28.05, on 14/03/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\System32\rundll32.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Ahead\InCD\InCD.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\Internet Security\Anti-Virus\fsgk32st.exe
C:\Programmi\Internet Security\Anti-Virus\FSGK32.EXE
C:\Programmi\Internet Security\backweb\1655489\program\fsbwsys.exe
C:\Programmi\Internet Security\Common\FSMA32.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmi\Internet Security\Anti-Virus\fssm32.exe
C:\Programmi\Internet Security\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Internet Security\Common\FCH32.EXE
C:\Programmi\Internet Security\Common\FAMEH32.EXE
C:\Programmi\Internet Security\Anti-Virus\fsav32.exe
C:\Programmi\Internet Security\FSPC\fspc.exe
C:\Programmi\Internet Security\Anti-Virus\fsrw.exe
C:\Programmi\Internet Security\FWES\Program\fsdfwd.exe
C:\PROGRA~1\INTERN~1\ANTI-S~1\fsaw.exe
C:\Programmi\Internet Security\FSGUI\fsguidll.exe
C:\Programmi\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\INTERN~1\backweb\1655489\Program\SERVIC~1.EXE
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Security\backweb\1655489\Program\fspex.exe
C:\Documents and Settings\Papo ciccione.SNAKE-WMSUITYYI\Impostazioni locali\Temp\Directory temporanea 2 per hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fastweb.it/myfastpage/res/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {20D57A66-F7DF-467d-907B-9B7F4A118AB7} - C:\WINDOWS\System32\mlljk.dll
O2 - BHO: WTLHelper Object - {6D33B121-5C4C-4450-9D1F-7B67085CC199} - C:\WINDOWS\System32\ssqrq.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [wlib32] rundll32.exe C:\WINDOWS\System32\wlib32.dll,start
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [InCD] C:\Programmi\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programmi\Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Programmi\Internet Security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Programmi\Internet Security\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Programmi\Internet Security\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - Global Startup: Internet Security.lnk = C:\Programmi\Internet Security\backweb\1655489\Program\fspex.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Blocca questo popup - C:\Programmi\Internet Security\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Filtro pagine Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Programmi\Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Programmi\Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Filtro pagine Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Programmi\Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: Protezione IE - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Programmi\Internet Security\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protezione IE... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Programmi\Internet Security\Anti-Spyware\ieshield.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O12 - Plugin for .pdf: C:\Programmi\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: mlljk - C:\WINDOWS\SYSTEM32\mlljk.dll
O20 - Winlogon Notify: ssqrq - C:\WINDOWS\System32\ssqrq.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Internet Security (BackWeb Plug-in - 1655489) - Wind - C:\PROGRA~1\INTERN~1\backweb\1655489\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Programmi\Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Programmi\Internet Security\backweb\1655489\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Programmi\Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Programmi\Internet Security\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Programmi\Internet Security\Common\FSMA32.EXE
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programmi\Ahead\InCD\InCDsrv.exe
Confido in voi!!