Ciao a tutti,
ho un problemino, non essendo esperto non so se preoccuparmi...
da circa una mezz'ora ogni minuto NORTON mi trova ed elimina systemcfg.exe (w32.hllw.gaobot), ma se lo elimina come fa ongi minuto a ritornare?????
Ciao a tutti,
ho un problemino, non essendo esperto non so se preoccuparmi...
da circa una mezz'ora ogni minuto NORTON mi trova ed elimina systemcfg.exe (w32.hllw.gaobot), ma se lo elimina come fa ongi minuto a ritornare?????
ADVGROUP is now Drink Creativity!
www.drinkcreativity.com
Logfile of HijackThis v1.98.0
Scan saved at 19.02.10, on 28/07/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\iolo\System Mechanic 4 Professional\PopupStopper.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\SpywareGuard\sgmain.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\Programmi\SpywareGuard\sgbhp.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\RoamMgr.exe
C:\WINDOWS\System32\1XConfig.exe
C:\WINDOWS\System32\wuauclt.exe
D:\MAGAZZINO\UTILITA\UTILITY SOFTWARE\antivirus\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Programmi\SpywareGuard\dlprotect.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Programmi\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [System Mechanic Popup Stopper] "C:\Programmi\iolo\System Mechanic 4 Professional\PopupStopper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - Startup: SpywareGuard.lnk = C:\Programmi\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: ICQ 4.0 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/...lInstaller.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1471DD6-6F6B-4E2C-A7D6-5181F34AB44D}: NameServer = 213.140.2.12,213.140.2.21
ADVGROUP is now Drink Creativity!
www.drinkcreativity.com
verifica d'aver installate tutte le patch
http://it.trendmicro-europe.com/ente...WORM_AGOBOT.SZ
scusami la mia ignoranza amvinfe...
ma io non uso pc cillin... come faccio ad installare le patch....
dal log è venuto fuori qualcosa di particolare o comunque per ora posso stare tranquillo???
grazie
ADVGROUP is now Drink Creativity!
www.drinkcreativity.com
le patch servono al sistema operativo
fai una verifica, leggiti tutto con calma onde evitare di fare errori.
http://www.microsoft.com/italy/techn.../ms03-026.mspx
http://www.microsoft.com/italy/techn.../ms03-007.mspx
http://support.microsoft.com/default...d=kb;it;331953
vai all'url e scariacti tutti gli aggiornamenti
http://v4.windowsupdate.microsoft.com/it/default.asp
disabilita il system restore e riavvia in modalita provv, fai la scansione,dovresti eliminarlo.
Permessi di invio
Rispondi quotando