Condividi:        

virus serwab

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

virus serwab

Postdi SIMONA182 » 06/10/06 10:15

ciao. ho un problema con un virus: serwab. lascio il log aiutatemi...grazie

Logfile of HijackThis v1.99.1
Scan saved at 11.01.06, on 06/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Programmi\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\carpserv.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\dfndrff_e23.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\File comuni\{AC681233-06FD-1040-1106-030304300027}\Update.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\File comuni\Microsoft Shared\Encarta Web Companion\ENCWCSVR.EXE
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\simona\IMPOST~1\Temp\Rar$EX82.769\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Programmi\File comuni\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\Programmi\File comuni\{3C681233-06FD-1040-1106-030304300027}\MyToolBar.dll
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Programmi\TheSearchAccelerator\UCMTSAIE.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copia 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copia 1)" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [defender] C:\\dfndrff_e23.exe
O4 - HKLM\..\Run: [newname] c:\\nwnmff_e23.exe
O4 - HKLM\..\Run: [NI.UWA6PT_0001_N91M2107] "C:\Documents and Settings\simona\Impostazioni locali\Temp\Temporary Internet Files\Content.IE5\QFUVM9E9\WinAntiVirusPro2006FreeInstall_it[1].exe" -nag
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?1c0f48d3d9f94aa683f8eba256c25720
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?1c0f48d3d9f94aa683f8eba256c25720
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selfte ... TPTest.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b47946.cab
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/1004869.exe
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A39CE531-F288-4764-8AA3-D1E0BC42C08B}: NameServer = 85.37.17.16 85.38.28.68
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (file missing)
O20 - Winlogon Notify: Extensions - C:\WINDOWS\system32\faeploy.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Programmi\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
SIMONA182
Newbie
 
Post: 4
Iscritto il: 06/10/06 10:04

Sponsor
 

Postdi Luke57 » 06/10/06 10:52

Ciao, scarica questo tool per la rimozione dell’adware look2me ed eseguilo:
http://www.f-secure.com/tools/f-look2me.zip

Inoltre, apri hiajckthis, premi “open the misc tool section”, “open process manager”, cerchi e spunti:
C:\dfndrff_e23.exe
Premi kill process

Torni alla pagina principale con back, premi scan, cerca e spunta le voci seguenti, se ci sono tutte:
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Programmi\TheSearchAccelerator\UCMTSAIE.dll
O4 - HKLM\..\Run: [defender] C:\\dfndrff_e23.exe
O4 - HKLM\..\Run: [newname] c:\\nwnmff_e23.exe
O4 - HKLM\..\Run: [NI.UWA6PT_0001_N91M2107] "C:\Documents and Settings\simona\Impostazioni locali\Temp\Temporary Internet Files\Content.IE5\QFUVM9E9\WinAntiVirusPro2006FreeInstall_it[1].exe" –nag
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/1004869.exe
O20 - Winlogon Notify: Extensions - C:\WINDOWS\system32\faeploy.dll

Premi fix checked

Poi, riavvia in modalità provvisoria
(Avviare il computer.Subito dopo il calcolo della RAM e prima che inizi a caricarsi Windows, iniziare a premere ripetutamente il tasto F8 sulla tastiera. Continuare a farlo fino a visualizzare il menu Opzioni avanzate di Windows.
Usando i tasti freccia sulla tastiera, scorrere le opzioni e selezionare il menu Modalità Provvisoria, quindi premere Invio)

Rendi visibili file e cartelle nascosti:
da risorse del computer>strumenti>Opzioni Cartella
Seleziona Visualizza
Spunta "mostra file e cartelle nascoste"
Togli la spunta da "nascondi file di sistema protetti (consigliato)"
Click Ok

Cerchi ed elimini i seguenti file, se ci sono tutti:
C:\dfndrff_e23.exe
c:\\nwnmff_e23.exe
C:\WINDOWS\system32\faeploy.dll

vai su pannello di controllo"installazione applicazioni" e rimuovi tutte le applicazioni che non conosci e che non hai installato tu;

Poi elimina tutti i file temporanei di windows (temp e tmp) >fai così:
start>cerca>tutti i file e cartelle, nello spazio bianco “nome del file o parte del nome” copi : *.temp; *.tmp
ed elimini tutti quelli trovati, selezionandoli e cancellandoli),

Cancella tutti i file temporanei di IE ( pannello di controllo>opzioni internet>elimina file temporanei (spuntando anche la casella “elimina tutto il contenuto non in linea”>OK, cancella la cronologia, cancella i cookies,

Svuota il cestino.

Posta nuovo log di controllo
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

virus serwab

Postdi SIMONA182 » 06/10/06 12:21

il problema persiste....

Logfile of HijackThis v1.99.1
Scan saved at 13.14.20, on 06/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Programmi\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\simona\IMPOST~1\Temp\Rar$EX00.103\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\Programmi\File comuni\{3C681233-06FD-1040-1106-030304300027}\MyToolBar.dll (file missing)
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copia 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copia 1)" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NI.UWA6PT_0001_N91M2107] "C:\Documents and Settings\simona\Impostazioni locali\Temp\Temporary Internet Files\Content.IE5\QFUVM9E9\WinAntiVirusPro2006FreeInstall_it[1].exe" -nag
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?1c0f48d3d9f94aa683f8eba256c25720
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?1c0f48d3d9f94aa683f8eba256c25720
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selfte ... TPTest.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b47946.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (file missing)
O20 - Winlogon Notify: Applets - C:\WINDOWS\system32\fp0003dme.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Programmi\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
SIMONA182
Newbie
 
Post: 4
Iscritto il: 06/10/06 10:04

Postdi Luke57 » 06/10/06 12:36

Ciao, scarica ewido da qui:
http://www.hwupgrade.it/download/file/2605.html
lo installi, lo aggiorni e fai una scansione completa dalla modalità provvisoria. Dovrebbe risolverti il problema.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

VIRUS

Postdi SIMONA182 » 06/10/06 13:09

prima di fare qll che mi hai detto ho provato a rifare qll di prima il log è qst:


Logfile of HijackThis v1.99.1
Scan saved at 14.05.57, on 06/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Programmi\DAEMON Tools\daemon.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Programmi\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\simona\IMPOST~1\Temp\Rar$EX02.524\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\Programmi\File comuni\{3C681233-06FD-1040-1106-030304300027}\MyToolBar.dll (file missing)
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copia 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copia 1)" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NI.UWA6PT_0001_N91M2107] "C:\Documents and Settings\simona\Impostazioni locali\Temp\Temporary Internet Files\Content.IE5\QFUVM9E9\WinAntiVirusPro2006FreeInstall_it[1].exe" -nag
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?1c0f48d3d9f94aa683f8eba256c25720
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?1c0f48d3d9f94aa683f8eba256c25720
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selfte ... TPTest.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b47946.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A39CE531-F288-4764-8AA3-D1E0BC42C08B}: NameServer = 85.37.17.16 85.38.28.68
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (file missing)
O20 - Winlogon Notify: Reliability - C:\WINDOWS\system32\jt2o07f3e.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Programmi\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

cmq adesso provo a fare anche qll cosa che mi hai detto...grazie
SIMONA182
Newbie
 
Post: 4
Iscritto il: 06/10/06 10:04

virus

Postdi SIMONA182 » 06/10/06 15:40

tutto risolto grazie mille
;)
SIMONA182
Newbie
 
Post: 4
Iscritto il: 06/10/06 10:04

Postdi Luke57 » 06/10/06 17:26

Prego ;)
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi gabosce » 06/10/06 19:04

ciao raga,penso di aver preso serwab,lascio qui il mio log,spero qlkn mi possa aiutare
grazie


Logfile of HijackThis v1.99.1
Scan saved at 19.52.14, on 06/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\ASUS\ASUS Live Update\ALU.exe
C:\Programmi\ASUS\Wireless Console 2\wcourier.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe
C:\WINDOWS\ATKKBService.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe
C:\Programmi\WinAntiVirus Pro 2006\FWSvc.exe
C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Programmi\Anti-Blaxx\Anti-Blaxx.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\Lexmark 2200 Series\lxbvbmgr.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Lexmark 2200 Series\lxbvbmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\nwnmff_e24.exe
C:\dfndrff_e24.exe
C:\kybrdff_e24.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Eset\nod32krn.exe
C:\Programmi\Intel\Wireless\Bin\OProtSvc.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Programmi\ASUS\Asus ChkMail\ChkMail.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\OpenOffice.org 2.0\program\soffice.exe
C:\Programmi\OpenOffice.org 2.0\program\soffice.BIN
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Proprietario\Desktop\hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Programmi\DeluxeCommunications\DxcBho.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Collegamento alla pagina delle proprietà di High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Programmi\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Programmi\ASUS\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Programmi\Anti-Blaxx\Anti-Blaxx.exe
O4 - HKLM\..\Run: [nod32kui] C:\Programmi\Eset\nod32kui.exe /WAITSERVICE
O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Programmi\Lexmark 2200 Series\lxbvbmgr.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Programmi\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P ] FIFA Football 2007
O4 - HKLM\..\Run: [ots66a03] RUNDLL32.EXE w3a789ec.dll,n 005669fe0000000a3a789ec
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Programmi\DeluxeCommunications\Dxc.exe
O4 - HKLM\..\Run: [newname] C:\\nwnmff_e24.exe
O4 - HKLM\..\Run: [defender] C:\\dfndrff_e24.exe
O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_e24.exe
O4 - HKLM\..\Run: [WinAntiVirusPro2006] "C:\Programmi\WinAntiVirus Pro 2006\WinAV.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Programmi\DeluxeCommunications\Dxc.exe
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Programmi\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: ASUS ChkMail.lnk = C:\Programmi\ASUS\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?678d0331a7e54908a8978cb7dfb80573
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?678d0331a7e54908a8978cb7dfb80573
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: App Paths - C:\WINDOWS\system32\uxandlg.dll (file missing)
O20 - Winlogon Notify: Controls Folder - C:\WINDOWS\system32\dnno0153e.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: IntelWireless - C:\Programmi\Intel\Wireless\Bin\LgNotify.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Programmi\WinAntiVirus Pro 2006\FWSvc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Programmi\Eset\nod32krn.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
gabosce
Newbie
 
Post: 3
Iscritto il: 06/10/06 19:01

Postdi andorra24 » 06/10/06 19:31

@gabosce

Ciao, come prima cosa vai nel Pannello di controllo/installazione applicazioni e disinstalla (se presenti) le seguenti voci: WinAntiVirus Pro 2006 e DeluxeCommunications. Poi lancia questo tool di rimozione dell'adware look2me perche' ne sei affetto:
http://www.atribune.org/content/view/28/

Passiamo al log adesso. Apri hijackthis, premi su ''open the misc tools section'', poi premi ''open process manager'', individua le voci indicate sotto e premi ''kill process'':

C:\nwnmff_e24.exe
C:\dfndrff_e24.exe
C:\kybrdff_e24.exe
C:\Programmi\WinAntiVirus Pro 2006\FWSvc.exe

Poi vai in basso e premi il tasto back e subito dopo il tasto scan. Metti la spunta nella casellina accanto alle voci indicate sotto e premi ''fix checked'':

R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Programmi\DeluxeCommunications\DxcBho.dll
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P ] FIFA Football 2007
O4 - HKLM\..\Run: [ots66a03] RUNDLL32.EXE w3a789ec.dll,n 005669fe0000000a3a789ec
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Programmi\DeluxeCommunications\Dxc.exe
O4 - HKLM\..\Run: [newname] C:\\nwnmff_e24.exe
O4 - HKLM\..\Run: [defender] C:\\dfndrff_e24.exe
O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_e24.exe
O4 - HKLM\..\Run: [WinAntiVirusPro2006] "C:\Programmi\WinAntiVirus Pro 2006\WinAV.exe" /min
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Programmi\DeluxeCommunications\Dxc.exe
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: App Paths - C:\WINDOWS\system32\uxandlg.dll (file missing)
O20 - Winlogon Notify: Controls Folder - C:\WINDOWS\system32\dnno0153e.dll
O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Programmi\WinAntiVirus Pro 2006\FWSvc.exe

Vai su start/risorse del computer/strumenti/opzioni cartella/visualizzazione e metti la spunta su visualizza cartelle file nascosti e togli la spunta da ''nascondi i file protetti di sistema''.

Scarica killbox da qui: http://www.killbox.net/downloads/KillBox.exe
Elimina i seguenti files:
C:\nwnmff_e24.exe
C:\dfndrff_e24.exe
C:\kybrdff_e24.exe
C:\Programmi\WinAntiVirus Pro 2006 (l'intera cartella)
C:\Programmi\DeluxeCommunications\DxcBho.dll (elimina l'intera cartella DeluxeCommunications)
C:\WINDOWS\system32\dnno0153e.dll
C:\WINDOWS\system32\uxandlg.dll
C:\windows\system32\dxclib303562752.dll

Fai anche questa operazione:
start>esegui>sc stop FWSvc>OK
start>esegui>sc delete FWSvc>OK

Fai una scansione con avg antispyware:
http://download.grisoft.cz/softw/70/fil ... 5.0.47.exe
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi gabosce » 07/10/06 11:13

ti ringrazio tanto. Ho fatto tutto anche se alcuni file non c'erano o non potevano essere eliminati. Ora vedo come va il pc, se mi da ancora problemi te li elenco.
Grazie ancora
gabosce
Newbie
 
Post: 3
Iscritto il: 06/10/06 19:01

Postdi gabosce » 07/10/06 11:43

Il rapporto della scansione è disastroso,cosa devo fare?






AVG Anti-Spyware - Rapporto scansione
---------------------------------------------------------

+ Creato alle: 12.41.07 07/10/2006

+ Risultato scansione:



C:\System Volume Information\_restore{6C93FE2E-EF39-4909-9D10-300946C4A7B7}\RP161\A0024190.exe -> Adware.AdURL : Ignorato.
C:\WINDOWS\icont.exe -> Adware.AdURL : Ignorato.
HKLM\SOFTWARE\DeluxeCommunications -> Adware.DeluxeCommunications : Ignorato.
HKLM\SOFTWARE\DeluxeCommunications\Internet Explorer -> Adware.DeluxeCommunications : Ignorato.
HKU\S-1-5-21-4175591340-3040690002-1871154074-1003\Software\DeluxeCommunications -> Adware.DeluxeCommunications : Ignorato.
HKU\S-1-5-21-4175591340-3040690002-1871154074-1003\Software\DeluxeCommunications\Internet Explorer -> Adware.DeluxeCommunications : Ignorato.
C:\Installer4.exe -> Adware.Look2Me : Ignorato.
C:\warebundlenewer.exe -> Adware.Look2Me : Ignorato.
C:\Programmi\Deskbar\__delete_on_reboot__d_e_s_k_b_a_r_._d_l_l_ -> Adware.Softomate : Ignorato.
C:\System Volume Information\_restore{6C93FE2E-EF39-4909-9D10-300946C4A7B7}\RP161\A0025593.dll -> Adware.Softomate : Ignorato.
C:\System Volume Information\_restore{6C93FE2E-EF39-4909-9D10-300946C4A7B7}\RP161\A0026603.dll -> Adware.Softomate : Ignorato.
[1684] C:\Programmi\Deskbar\deskbar.dll -> Adware.Softomate : Ignorato.
[2248] C:\Programmi\Deskbar\deskbar.dll -> Adware.Softomate : Ignorato.
C:\DXC9.exe -> Adware.SurfSide : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\i147.tmp -> Adware.SurfSide : Ignorato.
C:\System Volume Information\_restore{6C93FE2E-EF39-4909-9D10-300946C4A7B7}\RP161\A0025580.dll -> Adware.SurfSide : Ignorato.
C:\System Volume Information\_restore{6C93FE2E-EF39-4909-9D10-300946C4A7B7}\RP161\A0025581.dll -> Adware.SurfSide : Ignorato.
C:\System Volume Information\_restore{6C93FE2E-EF39-4909-9D10-300946C4A7B7}\RP161\A0025586.dll -> Adware.SurfSide : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\temp.fr3385\UCMTSAIE.dll -> Adware.Ucmore : Ignorato.
C:\Documents and Settings\Proprietario\Menu Avvio\Programmi\UCmore - The Search Accelerator -> Adware.Ucmore : Ignorato.
C:\Documents and Settings\Proprietario\Menu Avvio\Programmi\UCmore - The Search Accelerator\How To Uninstall.lnk -> Adware.Ucmore : Ignorato.
C:\Documents and Settings\Proprietario\Menu Avvio\Programmi\UCmore - The Search Accelerator\UCmore - The Search Accelerator.lnk -> Adware.Ucmore : Ignorato.
C:\Documents and Settings\Proprietario\Menu Avvio\Programmi\UCmore - The Search Accelerator\UCmore Tour.lnk -> Adware.Ucmore : Ignorato.
C:\System Volume Information\_restore{6C93FE2E-EF39-4909-9D10-300946C4A7B7}\RP161\A0025550.dll -> Adware.Ucmore : Ignorato.
C:\ucmoreiex.exe/IUCMORE.DLL -> Adware.Ucmore : Ignorato.
C:\ucmoreiex.exe/UCMTSAIE.DLL -> Adware.Ucmore : Ignorato.
C:\ucmoreiex.exe/empty_00000001 -> Adware.Ucmore : Ignorato.
HKLM\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : Ignorato.
HKU\S-1-5-21-4175591340-3040690002-1871154074-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temporary Internet Files\Content.IE5\MN8FWFOV\AppWrap[1].exe -> Adware.Zestyfind : Ignorato.
C:\WINDOWS\Temp\bw2.com -> Adware.Zestyfind : Ignorato.
C:\WINDOWS\iconu.exe -> Adware.Zestyfind : Ignorato.
C:\System Volume Information\_restore{6C93FE2E-EF39-4909-9D10-300946C4A7B7}\RP161\A0026605.dll -> Downloader.Agent.awb : Ignorato.
C:\WINDOWS\system32\__delete_on_reboot__o_t_s_6_6_a_0_3_._d_l_l_ -> Downloader.Agent.awb : Ignorato.
[3408] C:\WINDOWS\system32\ots66a03.dll -> Downloader.Agent.awb : Ignorato.
C:\System Volume Information\_restore{6C93FE2E-EF39-4909-9D10-300946C4A7B7}\RP161\A0026604.dll -> Downloader.Small : Ignorato.
C:\WINDOWS\system32\__delete_on_reboot__w_3_a_7_8_9_e_c_._d_l_l_ -> Downloader.Small : Ignorato.
C:\ac3_0010.exe -> Downloader.Small : Ignorato.
C:\Recycled\Dc10.rar/Kaspersky Antivirus Personal 5.0.372 (espa¤ol)\Keys\key???@ttdown.com.exe -> Dropper.Agent.xk : Ignorato.
C:\Recycled\Dc14\Keys\key___@ttdown.com.exe -> Dropper.Agent.xk : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Temporary Internet Files\Content.IE5\I7E3MT0P\WinAntiVirusPro2006FreeInstall_it[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Ignorato.
:mozilla.272:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.273:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.274:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.275:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.276:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.277:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.278:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.279:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.280:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.281:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.282:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.283:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.284:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.285:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.286:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.287:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.288:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.289:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.290:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.291:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.292:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.494:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.495:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.660:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.718:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.2o7 : Ignorato.
C:\Documents and Settings\Proprietario\Cookies\proprietario@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Ignorato.
C:\Documents and Settings\Proprietario\Cookies\proprietario@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@2o7[2].txt -> TrackingCookie.2o7 : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignorato.
:mozilla.484:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Adbrite : Ignorato.
:mozilla.485:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Adbrite : Ignorato.
:mozilla.569:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Adtech : Ignorato.
:mozilla.570:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Adtech : Ignorato.
:mozilla.516:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Advertising : Ignorato.
:mozilla.517:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Advertising : Ignorato.
:mozilla.518:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Advertising : Ignorato.
:mozilla.519:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Advertising : Ignorato.
:mozilla.520:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Advertising : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@advertising[1].txt -> TrackingCookie.Advertising : Ignorato.
:mozilla.91:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Atdmt : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@atdmt[1].txt -> TrackingCookie.Atdmt : Ignorato.
:mozilla.603:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Bluestreak : Ignorato.
:mozilla.453:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Casalemedia : Ignorato.
:mozilla.88:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Com : Ignorato.
:mozilla.721:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Coremetrics : Ignorato.
:mozilla.23:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Cpvfeed : Ignorato.
:mozilla.24:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Cpvfeed : Ignorato.
:mozilla.25:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Cpvfeed : Ignorato.
:mozilla.26:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Cpvfeed : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Ignorato.
:mozilla.33:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Doubleclick : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignorato.
:mozilla.99:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Estat : Ignorato.
:mozilla.889:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Euroclick : Ignorato.
:mozilla.190:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Falkag : Ignorato.
:mozilla.191:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Falkag : Ignorato.
:mozilla.192:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Falkag : Ignorato.
:mozilla.193:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Falkag : Ignorato.
:mozilla.194:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Falkag : Ignorato.
:mozilla.195:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Falkag : Ignorato.
:mozilla.196:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Falkag : Ignorato.
:mozilla.197:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Falkag : Ignorato.
:mozilla.198:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Falkag : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Ignorato.
:mozilla.467:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Fastclick : Ignorato.
:mozilla.433:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Googleadservices : Ignorato.
:mozilla.439:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Googleadservices : Ignorato.
:mozilla.157:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Hitbox : Ignorato.
:mozilla.160:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Hitbox : Ignorato.
:mozilla.161:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Hitbox : Ignorato.
:mozilla.171:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Hitbox : Ignorato.
:mozilla.409:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Hitbox : Ignorato.
:mozilla.846:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Hitbox : Ignorato.
:mozilla.922:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Hitbox : Ignorato.
:mozilla.408:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Itrack : Ignorato.
:mozilla.724:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Ivwbox : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@linksynergy[1].txt -> TrackingCookie.Linksynergy : Ignorato.
:mozilla.928:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Masterstats : Ignorato.
:mozilla.31:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Mediaplex : Ignorato.
:mozilla.32:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Mediaplex : Ignorato.
:mozilla.904:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Onestat : Ignorato.
:mozilla.905:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Onestat : Ignorato.
:mozilla.127:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Overture : Ignorato.
:mozilla.128:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Overture : Ignorato.
:mozilla.129:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Overture : Ignorato.
:mozilla.130:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Overture : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@data2.perf.overture[1].txt -> TrackingCookie.Overture : Ignorato.
:mozilla.675:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Pointroll : Ignorato.
:mozilla.676:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Pointroll : Ignorato.
:mozilla.677:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Pointroll : Ignorato.
:mozilla.678:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Pointroll : Ignorato.
:mozilla.63:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Reliablestats : Ignorato.
:mozilla.65:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Reliablestats : Ignorato.
:mozilla.67:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Reliablestats : Ignorato.
:mozilla.68:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Reliablestats : Ignorato.
:mozilla.69:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Reliablestats : Ignorato.
:mozilla.70:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Reliablestats : Ignorato.
:mozilla.71:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Reliablestats : Ignorato.
:mozilla.73:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Reliablestats : Ignorato.
:mozilla.74:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Reliablestats : Ignorato.
:mozilla.76:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Reliablestats : Ignorato.
:mozilla.77:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Reliablestats : Ignorato.
:mozilla.78:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Reliablestats : Ignorato.
:mozilla.79:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Reliablestats : Ignorato.
C:\Documents and Settings\Proprietario\Cookies\proprietario@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Ignorato.
:mozilla.535:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Revenue : Ignorato.
C:\Documents and Settings\Proprietario\Cookies\proprietario@ads1.revenue[1].txt -> TrackingCookie.Revenue : Ignorato.
C:\Documents and Settings\Proprietario\Cookies\proprietario@revenue[2].txt -> TrackingCookie.Revenue : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@ads1.revenue[1].txt -> TrackingCookie.Revenue : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@revenue[1].txt -> TrackingCookie.Revenue : Ignorato.
:mozilla.735:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Ru4 : Ignorato.
:mozilla.488:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Serving-sys : Ignorato.
:mozilla.489:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Serving-sys : Ignorato.
:mozilla.490:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Serving-sys : Ignorato.
:mozilla.491:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Serving-sys : Ignorato.
:mozilla.492:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Serving-sys : Ignorato.
:mozilla.493:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Serving-sys : Ignorato.
:mozilla.606:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Sitestat : Ignorato.
:mozilla.607:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Sitestat : Ignorato.
:mozilla.627:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Statcounter : Ignorato.
:mozilla.628:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Statcounter : Ignorato.
:mozilla.629:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Statcounter : Ignorato.
:mozilla.630:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Statcounter : Ignorato.
:mozilla.631:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Statcounter : Ignorato.
:mozilla.632:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Statcounter : Ignorato.
:mozilla.633:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Statcounter : Ignorato.
:mozilla.634:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Statcounter : Ignorato.
:mozilla.635:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Statcounter : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@statcounter[1].txt -> TrackingCookie.Statcounter : Ignorato.
:mozilla.759:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Tacoda : Ignorato.
:mozilla.760:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Tacoda : Ignorato.
:mozilla.38:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignorato.
:mozilla.42:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignorato.
:mozilla.43:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignorato.
:mozilla.44:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignorato.
:mozilla.45:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@trafficmp[1].txt -> TrackingCookie.Trafficmp : Ignorato.
:mozilla.166:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignorato.
:mozilla.339:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Webtrendslive : Ignorato.
:mozilla.793:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Webtrendslive : Ignorato.
:mozilla.740:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Yadro : Ignorato.
:mozilla.39:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignorato.
:mozilla.40:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignorato.
:mozilla.41:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignorato.
C:\Documents and Settings\Proprietario\Cookies\proprietario@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignorato.
:mozilla.595:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Zedo : Ignorato.
:mozilla.596:C:\Documents and Settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\olcxnjo8.default\cookies.txt -> TrackingCookie.Zedo : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@c5.zedo[1].txt -> TrackingCookie.Zedo : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\Cookies\proprietario@zedo[2].txt -> TrackingCookie.Zedo : Ignorato.
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\NI.UWA6PT_0001_N91M2107\setup.exe -> Trojan.Fakealert : Ignorato.


::Fine rapporto
gabosce
Newbie
 
Post: 3
Iscritto il: 06/10/06 19:01

Postdi andorra24 » 07/10/06 12:16

gabosce ma come hai fatto a ridurre il pc in questo modo? Ci vuole talento per ridurlo cosi. Comunque quando hai concluso la scansione con avg antispyware non dovevi lasciare tutte le infezioni su ''ignora'' perche' in questo modo non hai concluso un bel nulla. Devi ripetere la scansione e questa volta dovrai selezionare come azione da intraprendere ''elimina''. E' fondamentale che tu faccia eliminare le infezioni trovate da avg antispyware.

Poi ti consiglio di fare un po' di pulizia di files temp, cookies,cache e altre cose utilizzando un pulitore come CCleaner: http://www.ccleaner.com/
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo


Torna a Sicurezza e Privacy


Topic correlati a "virus serwab":

Virus o cosa?
Autore: danibi60
Forum: Sicurezza e Privacy
Risposte: 26

Chi c’è in linea

Visitano il forum: Nessuno e 94 ospiti