Buonasera a tutti.
Non riesco ad istallare nessun antivirus ho fatto la scansione online norton e mi trova un file infetto con il Trojan.Linkoptimizer.B.
Ho scaricato il tool di rimozione , ma non mi trova niente.
ho fatto diversi tentativi di scansione online , ma senza risultati
Ho letto in qualche topic di utilizzare gmer e evanger . avviando gmer , mi trova delle voci in rosso , ma dopo non sono riuscito a capire cosa devo fare con l'evanger.
Ho fatto la pulizia con ccleaner , con regcure inutilmnete.
vi allego cosa mi dice HijackThis :
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Analog Devices\SoundMAX\smax4.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe
C:\Programmi\ScanSoft\OmniPage15.0\Opware15.exe
C:\WINDOWS\vVX1000.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\Programmi\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I09 1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\Diegos\IMPOST~1\Temp\Rar$EX00.828\Hija ckThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://it.rd.yahoo.com/customize/ie/...arch.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://it.rd.yahoo.com/customize/ie/...arch.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 226.644.648.5:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMAX] "C:\Programmi\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [ATIPTA] "C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [EPSON Stylus C48 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I09 1.EXE /P23 "EPSON Stylus C48 Series" /O6 "USB001" /M "Stylus C48"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe "
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [Opware15] "C:\Programmi\ScanSoft\OmniPage15.0\Opware15.e xe"
O4 - HKLM\..\Run: [PDF3 Registry Controller] "C:\Programmi\ScanSoft\OmniPage15.0\PDFConverter3\ \RegistryController.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmi\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programmi\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKCU\..\Run: [OpAgent] "C:\Programmi\ScanSoft\OmniPage15.0\OpAgent.ex e" /agent
O4 - HKCU\..\Run: [EPSON Stylus C48 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I09 1.EXE /P23 "EPSON Stylus C48 Series" /M "Stylus C48" /EF "HKCU"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 - res://C:\Programmi\ScanSoft\OmniPage15.0\PDFConverter3\I EShellExt.dll /100
O15 - Trusted Zone: http://linktrader.cyberspacehq.com
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://c6.community.alice.it/downloa...derActiveX.cab
O16 - DPF: {E686E206-5A05-4CAF-B3AA-B6B10304A271} (VaxSIPUserAgentCAB Control) - http://www.messagenet.it/images/webp...erAgentCAB.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Programmi\Power Translator 10\LogoMedia TranslateDotNet Server.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
Se potete aiutarmi , vi prego di farlo
Cordialmente
Diego
Rispondi quotando