Condividi:        

Problema con GROMOZ.N

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Problema con GROMOZ.N

Postdi Haggard » 08/11/06 19:39

Salve ragazzi, ieri il mio nod mi ha segnalato la presenza del gromoz ma nn sono sicuro al 100% di averlo eliminato vi posto il log di hijackthis cosi magari capite qualcosa meglio

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Programmi\Eset\nod32krn.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\VEXPLITE\viritsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\hot_plug.exe
C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe
C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programmi\Analog Devices\SoundMAX\smax4.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\D-Link\DSL-200\dslstat.exe
C:\Program Files\D-Link\DSL-200\dslagent.exe
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmi\Logitech\Video\LogiTray.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\VEXPLITE\MONLITE.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Logitech\Video\FxSvr2.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\DOCUME~1\Utente\IMPOST~1\Temp\Rar$EX01.828\HijackThis.exe
C:\WINDOWS\system32\svchost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {8B562015-AD0E-15C4-F77F-F6837AE8383C} - C:\WINDOWS\dkijt1.dll (file missing)
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Programmi\DAP\DAPIEBar.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Hotplug] C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\hot_plug.exe
O4 - HKLM\..\Run: [SiSRaid] C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programmi\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\D-Link\DSL-200\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\D-Link\DSL-200\dslagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmi\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmi\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmi\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packa ... anager.cab
O16 - DPF: {2A93D1F1-31FF-434A-ACD3-458081A06FEA} - http://td8eau9td.com/f6f1e5ec/50310/1/xp/FreeAccess.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b47946.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{21548A46-AEE8-40EB-9B68-C181F6FBAA1F}: NameServer = 85.37.17.14 85.38.28.78
O18 - Protocol: bw+0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {BD33B9E8-0AE1-4ED7-B37B-A31AF736BF5C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas http://www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
Haggard
Newbie
 
Post: 4
Iscritto il: 08/11/06 19:29

Sponsor
 

Postdi Luke57 » 08/11/06 22:33

Ciao, scarica questi tools per linkoptimizer e/o gromozon:
http://www.prevx.com/gromozon.asp
disattiva l'antivirus durante la scansione. Il programma fa riavviare il computer e al riavvio termina la scansione. Rilascia un report che trovi in C:\Gromzon_Removal.log.

Scarica anche il tool della symantec

http://smallbiz.symantec.com/security_r ... 16-4153-99
lo scan va eseguito dalla modalità provvisoria (riavvii il computer, premi il tasto F8 ripetutamente all'accensione del computer e prima che si carichi windows, nella schermata che appare scegli modalità provvisoria spostandoti con le freccette e confermi la scelta premendo invio. Segui poi le istruzioni a schermo).

Posta i due report.

Se detti tools non dovessero partire è colpa del virus. Se ti riesce scaricarli, prima di eseguirli li rinomini a casaccio, lasciando sempre l'estensione .exe inalterata.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi Haggard » 09/11/06 11:05

Allora per quanto rigurda il primo tool dopo aver riavviato il sitema il programma mi da un errore e nn compelato il suo lavoro

per il secondo invece è un mio problema. se premo f8 mi appare una casella dove devo scegliere come far partire windows tramite cd rom, harddisck o floppy nn riesco ad andare insomma in modalità provvisoria :oops:
Haggard
Newbie
 
Post: 4
Iscritto il: 08/11/06 19:29

Postdi Luke57 » 09/11/06 11:12

Ciao, per andare in mod.provvisoria, fai così:
start>esegui>msconfig (lo digiti nello spazio)>OK
nella finestra che si apre premil il tab BOOT.INI, metti la spunta A
SAFEBOOT >ok
Riavvii il computer che si dovrebe riavviare in mod.provvisoria. fatto il tutto, rifai la stessa procedura e togli la spunta a SFEBOOT>OK.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi Haggard » 09/11/06 13:00

Grazi grazie :lol:

allora sn riuscito a far partire il tool della Symantec e m idice che nn trova nulla

Symantec Trojan.Linkoptimizer Removal Tool 1.0.8
Restored SeDebugPrivilege to Administrators group

Trojan.Linkoptimizer has not been found on your computer.


Mentre l'altro come ti ho già detto quando mi fa riavviare il pc poi si blocca dandomi nn soche di errore. Cmq in teoria nn dovrei avere nulla, vero?
Haggard
Newbie
 
Post: 4
Iscritto il: 08/11/06 19:29

Postdi Luke57 » 09/11/06 13:52

Haggard ha scritto:Grazi grazie :lol:

allora sn riuscito a far partire il tool della Symantec e m idice che nn trova nulla

Symantec Trojan.Linkoptimizer Removal Tool 1.0.8
Restored SeDebugPrivilege to Administrators group

Trojan.Linkoptimizer has not been found on your computer.


Mentre l'altro come ti ho già detto quando mi fa riavviare il pc poi si blocca dandomi nn soche di errore. Cmq in teoria nn dovrei avere nulla, vero?

Ciao, apri hiajckthis, premi "do a system scan only", cerca e spunta:
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {8B562015-AD0E-15C4-F77F-F6837AE8383C} - C:\WINDOWS\dkijt1.dll (file missing)

premi fix checked.

Riavvia e rifai un log, osservando se le voci sono sparite.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi Haggard » 09/11/06 19:53

Ok sn sparite!
Haggard
Newbie
 
Post: 4
Iscritto il: 08/11/06 19:29


Torna a Sicurezza e Privacy


Topic correlati a "Problema con GROMOZ.N":

problema blocco note
Autore: carlin
Forum: Software Windows
Risposte: 7

Chi c’è in linea

Visitano il forum: Nessuno e 131 ospiti