yak
25-04-2007, 17:38
Nella scansione effettuata con Ad Aware il programma
trova questo virus TR/Dldr.Swizzor.Gen e si blocca.
Rimane una clessidra all'interno della finestra, bloccata.
Antivir aggiornatissimo invece non lo vede.
Qualcuno sa qualcosa ?
Questo e' il Log di HiJackThis :
Logfile of HijackThis v1.99.0
Scan saved at 18.35.20, on 25/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Documents and Settings\Simone Baia\Desktop\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/search?hl=it&q=jazzbass&meta=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programmi\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [grim one] C:\DOCUME~1\SIMONE~1\DATIAP~1\DOGCAK~1\livesetupfind.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O23 - Service: AntiVir PersonalEdition Classic Scheduler - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
trova questo virus TR/Dldr.Swizzor.Gen e si blocca.
Rimane una clessidra all'interno della finestra, bloccata.
Antivir aggiornatissimo invece non lo vede.
Qualcuno sa qualcosa ?
Questo e' il Log di HiJackThis :
Logfile of HijackThis v1.99.0
Scan saved at 18.35.20, on 25/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Documents and Settings\Simone Baia\Desktop\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/search?hl=it&q=jazzbass&meta=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programmi\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [grim one] C:\DOCUME~1\SIMONE~1\DATIAP~1\DOGCAK~1\livesetupfind.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O23 - Service: AntiVir PersonalEdition Classic Scheduler - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe