L'antivirus Mc Afee non è più attivo, spybot non si riesce a caricare.
Vi posto lo scan fatto con Kaspersky e hijiack:
KASPERSKY ONLINE SCANNER REPORT
Sunday, November 18, 2007 6:52:47 PM
Operating System: Microsoft Windows XP Professional, (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 18/11/2007
Kaspersky Anti-Virus database records: 461273
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
Scan Statistics:
Total number of scanned objects: 80709
Number of viruses found: 5
Number of infected objects: 18
Number of suspicious objects: 0
Duration of the scan process: 03:01:03
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Dati applicazioni\m\data.oct Infected: Trojan-Downloader.Win32.Bagle.fu skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Dati applicazioni\Microsoft\MSNLiveFav\LiveFavorites.xml Object is locked skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Desktop\DVD Software\produkey.zip/ProduKey.exe Infected: not-a-virus:PSWTool.Win32.Dialupass.o skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Desktop\DVD Software\produkey.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\ntuser.dat Object is locked skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Programmi\eMule\emule.exe -AutoStart Infected: Trojan-Downloader.Win32.Bagle.fm skipped
C:\Programmi\eMule\Incoming\FireWire IIDC Camera Driver 1.0.1.zip/FireWire IIDC Camera Driver 1.0.1.exe Infected: Trojan-Downloader.Win32.Bagle.fm skipped
C:\Programmi\eMule\Incoming\FireWire IIDC Camera Driver 1.0.1.zip ZIP: infected - 1 skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/J8Jq4K1.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/x7N8Mdi.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/iLlNgCV.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/gTEH230.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/GW7m8r1.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/X0EpsH4.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/d0CmX21.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/Xx7CJJO.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/E0qkfMq.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/V76cm54.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe RAR: infected - 10 skipped
C:\WINXP\Debug\PASSWD.LOG Object is locked skipped
C:\WINXP\SchedLgU.Txt Object is locked skipped
C:\WINXP\Sti_Trace.log Object is locked skipped
C:\WINXP\system32\config\AppEvent.Evt Object is locked skipped
C:\WINXP\system32\config\default Object is locked skipped
C:\WINXP\system32\config\default.LOG Object is locked skipped
C:\WINXP\system32\config\SAM Object is locked skipped
C:\WINXP\system32\config\SAM.LOG Object is locked skipped
C:\WINXP\system32\config\SecEvent.Evt Object is locked skipped
C:\WINXP\system32\config\SECURITY Object is locked skipped
C:\WINXP\system32\config\SECURITY.LOG Object is locked skipped
C:\WINXP\system32\config\software Object is locked skipped
C:\WINXP\system32\config\software.LOG Object is locked skipped
C:\WINXP\system32\config\SysEvent.Evt Object is locked skipped
C:\WINXP\system32\config\system Object is locked skipped
C:\WINXP\system32\config\system.LOG Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINXP\system32\yyddzx.exe Infected: Email-Worm.Win32.Agent.bg skipped
C:\WINXP\wiadebug.log Object is locked skipped
C:\WINXP\wiaservc.log Object is locked skipped
Scan process completed.
hijiack:
Logfile of HijackThis v1.99.1
Scan saved at 0.55.14, on 19/11/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINXP\Explorer.EXE
C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmi\eMule\emule.exe
C:\WINXP\system32\spoolsv.exe
C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programmi\CachemanXP\CachemanXP.exe
C:\Programmi\Sunbelt Software\CounterSpy\SBCSSvc.exe
C:\WINXP\System32\svchost.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINXP\system32\NOTEPAD.EXE
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Desktop\PC Help\Hijack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINXP\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINXP\System32\msdxm.ocx
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programmi\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programmi\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Programmi\File comuni\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINXP\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINXP\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [gyxlxgud] C:\tqfgsrv^.bat
O4 - HKLM\..\Run: [outiwbyj] C:\mqwvfjkw.bat
O4 - HKLM\..\Run: [uscdrvwt] C:\vnixdyvl.bat
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Programmi\eMule\emule.exe -AutoStart
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?0659c13f8825449cad5afc92737a2bbd
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?0659c13f8825449cad5afc92737a2bbd
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Post Image to Blog - res://C:\WINXP\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - res://C:\WINXP\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - res://C:\WINXP\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINXP\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINXP\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINXP\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINXP\web\related.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\SPYBOT~1\SDHelper.dll
O12 - Plugin for .pdf: C:\Programmi\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-U ... E_UNO1.cab
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/Im ... oolbar.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: CachemanXP (CachemanXPService) - OuterTechnologies - C:\Programmi\CachemanXP\CachemanXP.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINXP\System32\nvsvc32.exe
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Programmi\Sunbelt Software\CounterSpy\SBCSSvc.exe
aiuto!!!!
ciao
