Utility
Home Messaggi odierni FAQ Ricerca avanzata Lo staff del forum Regolamento Utenti Archivio
Visualizzazione dei risultati da 1 a 10 su 15

Hybrid View

  1. 18-08-2007, 18:11 #1
    Doriano Rossi
    Doriano Rossi non è in linea
    Utente di HTML.it L'avatar di Doriano Rossi
    Registrato dal
    Nov 2005
    Messaggi
    18

    rieccomi I°

    ...allora, ho seguito le istruzioni del 3d tranne per il fatto che non ho lanciato i vari antivirus dalla modalità provvisoria. Ci ho provato più volte ma dopo averla selezionata (ho provato anche con la versione "con prompt dei comandi") parte qualcosa e poi mi compare uno schermo nero con un "|" lampeggiante. Ho provato ad usare la tastiera con spinotto PS/2 ma non è cambiato nulla. Avast mi identifica sempre la presenza del Trojan precedente e, delle volte si, delle volte no, ricompare Firefox sulle applicazioni avviate ma effettivamente non è presente.....
    Ora allego cosa ha trovato la scansione online (Karpesky)
    -------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER REPORT
    Saturday, August 18, 2007 3:33:48 AM
    Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.93.0
    Kaspersky Anti-Virus database last update: 17/08/2007
    Kaspersky Anti-Virus database records: 384659
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: extended
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - My Computer:
    A:\
    C:\
    F:\
    G:\

    Scan Statistics:
    Total number of scanned objects: 137222
    Number of viruses found: 5
    Number of infected objects: 86
    Number of suspicious objects: 0
    Duration of the scan process: 04:08:36

    (qui ci sarebbe a seguire tutta la lista dei file in questione ma non la posto xchè diventa troppo lunga, se serve la posto a pezzi)
    e qui il log di hijackthis:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17.34.13, on 18/08/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
    C:\Programmi\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
    C:\Programmi\digicomt\Michelangelo USB ADSL\CnxDslTb.exe
    C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
    C:\Programmi\D-Link\AirPlus G\AirGCFG.exe
    C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    C:\Programmi\U.S. Robotics\Wireless USB Manager\PRISMSVR.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Programmi\hijackthis\HiJackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Programmi\digicomt\Michelangelo USB ADSL\CnxDslTb.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Programmi\D-Link\AirPlus G\AirGCFG.exe
    O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Programmi\U.S. Robotics\Wireless USB Manager\PRISMSVR.EXE" /APPLY
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Arnesi\adv\cs2\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Arnesi\adv\cs2\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Arnesi\adv\cs2\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Arnesi\adv\cs2\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Arnesi\adv\cs2\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
    O21 - SSODL: AccessRunner ADSL - {D6A45C98-2EE5-E8A3-94C9-433A0F1F6E17} - c:\programmi\digicom\michelangelo usb adsl\winlkps5.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Programmi\Sunbelt Software\Personal Firewall\kpf4ss.exe (file missing)
    O23 - Service: Macromedia Licensing Service - Macromedia - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Programmi\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Programmi\Spyware Doctor\swdsvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O24 - Desktop Component 0: (no name) -
    O24 - Desktop Component 10: (no name) - file:///C:/Documents and Settings/Admin/Documenti/Archivi/Server/EasyPHP1-8/www/07.mesposo.it/mesposo/fedi_nuziali/anelli_di_matrimonio/misure_fedi_matrimoniali.php
    misure_fedi_matrimoniali.php??
    O24 - Desktop Component 2: (no name) - file:///C:/Documents%20and%20Settings/Admin/Documenti/Archivi/Server/EasyPHP1-8/www/07.mesposo.php/mesposo/visitors/templates/viewsource/admin1.tpl
    admin1.tplg
    O24 - Desktop Component 3: (no name) - file:///C:/Documents%20and%20Settings/Admin/Documenti/Archivi/Server/EasyPHP1-8/www/08.risancolor.it/risancolor.it/cantiere/grafica/fascette/cannuccia-separatore3d.psd
    cannuccia-separatore3d.psd
    O24 - Desktop Component 4: (no name) - (no file)
    O24 - Desktop Component 5: (no name) - file:///C:/Documents and Settings/Admin/Documenti/Archivi/Server/EasyPHP1-8/www/10.guarnitalia/10.guarnitalia.it/it/00.grafica/azienda.swf
    azienda.swf
    O24 - Desktop Component 6: (no name) - file:///C:/Documents and Settings/Admin/Documenti/Archivi/Server/EasyPHP1-8/www/07.mesposo.php/mesposo/visitors/os.dat
    os.dat
    O24 - Desktop Component 7: (no name) - file:///C:/Documents and Settings/Admin/Documenti/Archivi/Server/EasyPHP1-8/www/07.mesposo.php/mesposo/visitors/bw.dat
    bw.dats
    O24 - Desktop Component 8: (no name) - file:///C:/Documents and Settings/Admin/Documenti/Archivi/Server/EasyPHP1-8/www/07.mesposo.php/mesposo/movie/albumlibromovie1.swf
    albumlibromovie1.swfp
    ]
    O24 - Desktop Component 9: (no name) - file:///C:/Documents and Settings/Admin/Documenti/Archivi/Server/EasyPHP1-8/www/07.mesposo.php/mesposo/robots.txt
    robots.txtxT%

    --
    End of file - 9122 bytes
    ....per di più aggiungo che sono 20 gg circa che WinUpDate non riesce ad installarmi questo aggiornamento automatico......

    :quote: ... 1.000 grazie per eventuali dritte.....

    ps: mardux sei sempre li? :-)))
    Immagini allegate Immagini allegate
    dory
« Discussione precedente | Prossima discussione »

Permessi di invio

  • Non puoi inserire discussioni
  • Non puoi inserire repliche
  • Non puoi inserire allegati
  • Non puoi modificare i tuoi messaggi
  •  

Regole del Forum

Powered by vBulletin® Version 4.2.1
Copyright © 2026 vBulletin Solutions, Inc. All rights reserved.