Da due giorni ho il pc che non appena faccio la connessione, riceve e manda pacchetti da solo senza nessun programma o altro aperto.
L'antivirus dice che c'è qualcosa ma non lo riconosce, e quindi è come se ci fosse un virus.
i messaggi di pc cillin sono:
MS04-011_LSASS_VULNERABILITY
MS04-011_PCT_VULNERABILITY
MS04-017_CRYSTAL_REPORTS

iNVECE CON NETSTAT RISULTANO ALCUNI INDIRIZZI CHE IL MIO PC CHIAMA :

ds SYN_SENT
TCP mau-j6oeaf14emw:3367 host251-178.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3368 host192-243.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3369 host33-7.pool8249.interbusiness.it:microsoft-ds
SYN_SENT
TCP mau-j6oeaf14emw:3370 host8-14.pool8249.interbusiness.it:microsoft-ds
SYN_SENT
TCP mau-j6oeaf14emw:3373 host205-10.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3374 host20-222.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3375 host104-139.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3377 host237-78.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3379 host134-116.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3380 host219-45.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3382 host66-169.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3385 host220-50.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3386 host182-62.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3388 host196-156.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3389 host254-226.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3390 host178-156.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3391 host23-33.pool8249.interbusiness.it:microsoft-ds
SYN_SENT
TCP mau-j6oeaf14emw:3392 host249-246.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3394 host196-26.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3395 host33-157.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3397 host242-127.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:3399 host242-127.pool8249.interbusiness.it:microsoft-
ds FIN_WAIT_1
TCP mau-j6oeaf14emw:3400 host61-52.pool8249.interbusiness.it:microsoft-ds
SYN_SENT
TCP mau-j6oeaf14emw:3403 host235-125.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3405 host61-245.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3406 host150-96.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3408 host190-132.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3409 a195.22.198-24.deploy.akamaitechnologies.com:htt
p TIME_WAIT
TCP mau-j6oeaf14emw:3411 216.239.59.99:http TIME_WAIT
TCP mau-j6oeaf14emw:3415 host150-52.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:3416 host228-37.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3417 host238-33.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3419 host150-52.pool8249.interbusiness.it:microsoft-d
s ESTABLISHED
TCP mau-j6oeaf14emw:3420 host70-141.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3421 host178-24.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3422 host186-23.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3423 host251-195.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3426 host243-144.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3429 host149-75.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3430 host97-53.pool8249.interbusiness.it:microsoft-ds
SYN_SENT
TCP mau-j6oeaf14emw:3431 host41-49.pool8249.interbusiness.it:microsoft-ds
SYN_SENT
TCP mau-j6oeaf14emw:3432 host231-85.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3435 a195.22.198-24.deploy.akamaitechnologies.com:htt
p TIME_WAIT
TCP mau-j6oeaf14emw:3436 host185-179.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3437 a195.22.198-24.deploy.akamaitechnologies.com:htt
p TIME_WAIT
TCP mau-j6oeaf14emw:3438 host111-73.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3442 host66-138.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3444 host187-32.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:3445 host81-220.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3446 host187-32.pool8249.interbusiness.it:microsoft-d
s ESTABLISHED
TCP mau-j6oeaf14emw:3447 host184-228.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3448 host131-167.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3449 host116-31.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3450 host78-99.pool8249.interbusiness.it:microsoft-ds
TIME_WAIT
TCP mau-j6oeaf14emw:3451 host93-158.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3452 host221-227.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3453 host46-117.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3454 host8-125.pool8249.interbusiness.it:microsoft-ds
SYN_SENT
TCP mau-j6oeaf14emw:3455 host176-68.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3456 host78-99.pool8249.interbusiness.it:microsoft-ds
SYN_SENT
TCP mau-j6oeaf14emw:3457 host162-106.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3459 host39-184.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3460 host171-111.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3461 host41-84.pool8249.interbusiness.it:microsoft-ds
SYN_SENT
TCP mau-j6oeaf14emw:3462 host32-189.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3463 host157-113.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3464 host46-131.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3465 host122-23.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3466 host141-50.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3467 host247-159.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3469 host225-97.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3473 host34-58.pool8249.interbusiness.it:microsoft-ds
SYN_SENT
TCP mau-j6oeaf14emw:3474 host184-114.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3476 host72-52.pool8249.interbusiness.it:microsoft-ds
SYN_SENT
TCP mau-j6oeaf14emw:3478 host208-210.pool8249.interbusiness.it:microsoft-
ds FIN_WAIT_1
TCP mau-j6oeaf14emw:3479 host206-21.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3480 host26-248.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3481 host208-210.pool8249.interbusiness.it:microsoft-
ds SYN_SENT
TCP mau-j6oeaf14emw:3482 host18-150.pool8249.interbusiness.it:microsoft-d
s SYN_SENT
TCP mau-j6oeaf14emw:3488 host189-98.pool8249.interbusiness.it:microsoft-d
s FIN_WAIT_1
TCP mau-j6oeaf14emw:3524 host124-55.pool8249.interbusiness.it:microsoft-d
s ESTABLISHED
TCP mau-j6oeaf14emw:3534 host249-222.pool8249.interbusiness.it:microsoft-
ds ESTABLISHED
TCP mau-j6oeaf14emw:3702 host203-164.pool8249.interbusiness.it:microsoft-
ds ESTABLISHED
TCP mau-j6oeaf14emw:3714 host211-127.pool8249.interbusiness.it:microsoft-
ds FIN_WAIT_1
TCP mau-j6oeaf14emw:3747 host81-42.pool8249.interbusiness.it:microsoft-ds
FIN_WAIT_1
TCP mau-j6oeaf14emw:3940 host182-99.pool8249.interbusiness.it:microsoft-d
s ESTABLISHED
TCP mau-j6oeaf14emw:4010 host134-135.pool8249.interbusiness.it:microsoft-
ds FIN_WAIT_1
TCP mau-j6oeaf14emw:4038 host220-162.pool8249.interbusiness.it:microsoft-
ds FIN_WAIT_1
TCP mau-j6oeaf14emw:4125 host121-213.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4127 host10-76.pool8249.interbusiness.it:microsoft-ds
TIME_WAIT
TCP mau-j6oeaf14emw:4128 host121-213.pool8249.interbusiness.it:microsoft-
ds ESTABLISHED
TCP mau-j6oeaf14emw:4130 host10-76.pool8249.interbusiness.it:microsoft-ds
ESTABLISHED
TCP mau-j6oeaf14emw:4137 host145-221.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4147 host229-140.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4153 host221-223.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4195 host173-215.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4201 host216-156.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4204 host240-53.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4205 host225-158.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4210 host39-180.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4221 host93-14.pool8249.interbusiness.it:microsoft-ds
TIME_WAIT
TCP mau-j6oeaf14emw:4222 host195-38.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4225 host22-24.pool8249.interbusiness.it:microsoft-ds
TIME_WAIT
TCP mau-j6oeaf14emw:4229 host86-131.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4235 host236-151.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4261 host240-53.pool8249.interbusiness.it:microsoft-d
s FIN_WAIT_1
TCP mau-j6oeaf14emw:4270 host70-188.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4284 host237-169.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4299 host90-141.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4301 host209-143.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4334 host24-104.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4337 host24-104.pool8249.interbusiness.it:microsoft-d
s ESTABLISHED
TCP mau-j6oeaf14emw:4373 host92-124.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4380 host245-192.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4386 host8-137.pool8249.interbusiness.it:microsoft-ds
TIME_WAIT
TCP mau-j6oeaf14emw:4407 host174-97.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4410 host92-124.pool8249.interbusiness.it:44445 ESTA
BLISHED
TCP mau-j6oeaf14emw:4419 host239-19.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4428 host113-98.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4436 host245-192.pool8249.interbusiness.it:microsoft-
ds FIN_WAIT_1
TCP mau-j6oeaf14emw:4491 host72-136.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4494 host28-209.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4498 host82-54.pool8249.interbusiness.it:microsoft-ds
TIME_WAIT
TCP mau-j6oeaf14emw:4500 host72-136.pool8249.interbusiness.it:microsoft-d
s ESTABLISHED
TCP mau-j6oeaf14emw:4519 host93-185.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4521 host18-134.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4533 host22-166.pool8249.interbusiness.it:microsoft-d
s FIN_WAIT_1
TCP mau-j6oeaf14emw:4542 host250-166.pool8249.interbusiness.it:microsoft-
ds FIN_WAIT_1
TCP mau-j6oeaf14emw:4563 host167-124.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4569 host167-124.pool8249.interbusiness.it:microsoft-
ds ESTABLISHED
TCP mau-j6oeaf14emw:4589 host26-167.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4601 host183-51.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4602 host192-73.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4625 host215-164.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4695 host94-214.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4696 host231-13.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4728 host94-214.pool8249.interbusiness.it:microsoft-d
s FIN_WAIT_1
TCP mau-j6oeaf14emw:4743 host250-31.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4746 host209-79.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4751 host250-31.pool8249.interbusiness.it:microsoft-d
s FIN_WAIT_1
TCP mau-j6oeaf14emw:4785 host212-47.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4788 host212-47.pool8249.interbusiness.it:microsoft-d
s ESTABLISHED
TCP mau-j6oeaf14emw:4805 host181-37.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4829 host119-214.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4854 host26-214.pool8249.interbusiness.it:microsoft-d
s TIME_WAIT
TCP mau-j6oeaf14emw:4857 host42-169.pool8249.interbusiness.it:microsoft-d
s FIN_WAIT_1
TCP mau-j6oeaf14emw:4863 host208-167.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT
TCP mau-j6oeaf14emw:4867 host208-167.pool8249.interbusiness.it:microsoft-
ds ESTABLISHED
TCP mau-j6oeaf14emw:4869 host141-144.pool8249.interbusiness.it:microsoft-
ds TIME_WAIT

E MOLTI ALTRI!!!!!!!!!!!!!!!!!!!!!!!

POTETE AIUTARMI IN QUALCHE MODO?
GRAZIE.

Ciao,

dal mio punto di vista:

- Non hai le varie patch di sicurezza installate sul pc (win xp?)
- Non hai un firewall inserito sulla connessione internet (va bene ICF il firewall nativo di win xp)
se è come penso io

- inserisci ICF
- installa:

http://www.microsoft.com/downloads/details.aspx?FamilyID=83e4e879-fa3a-48bf-ade5-023443e29d78&DisplayLang=it (no questo è il SP1)

http://www.microsoft.com/downloads/details.aspx?FamilyID=d531bf00-d7be-48e3-abcc-961602bd72c2&displaylang=it

http://www.microsoft.com/downloads/details.aspx?FamilyID=3549ea9e-da3f-43b9-a4f1-af243b6168f3&displaylang=it

Poi fai windows update:)

EDIT:

scusa, non tener conto del primo link, l'ho messo per sbaglio: è il service pak 1
Installa solo il secondo e il terzo

Ciao ho già installato tutto ma il pc cillin mi rileva lo stesso un network virus, che pero' andando a vedere sull'indirizzo che mi da non riconosce il virus.
Premetto di avere firwall antivirus e patch di aggiornamento fatte con windows update.
Ho controllato quelle che mi hai detto e ci sono tutte e due le patch.
1 può essere un nuovo bug di windows
2 un nuovo virus di cui non è stata scoperta ancora l'esistenza.

Originariamente inviato da momodj20
Ciao ho già installato tutto ma il pc cillin mi rileva lo stesso un network virus, che pero' andando a vedere sull'indirizzo che mi da non riconosce il virus.
Premetto di avere firwall antivirus e patch di aggiornamento fatte con windows update.
Ho controllato quelle che mi hai detto e ci sono tutte e due le patch.
1 può essere un nuovo bug di windows
2 un nuovo virus di cui non è stata scoperta ancora l'esistenza.

Ciao,

mah, :confused: se non l'hai già fatto potresti procedere così:

- cancella tutto ciò che è contenuto nelle cartelle temporanee
- cancella tutti i temporanei di internet
- disattiva il system restore
- lancia l'antivirus da modalità provvisoria
- prova anche con un antivirus on line questo (http://it.trendmicro-europe.com/consumer/products/housecall_it.php) è molto valido.

Se non risolvi, scarica

hijackthis (http://www.tweakness.net/showfiles.php?fid=5)

e facci vedere il log

Edit:
ah, dimenticavo... prova a vedere cosa ti dice questo test per il firewall: http://scan.sygate.com/probe.html

Ci sono porte aperte? Non sthealthed?

:D Ri-EDIT:
Dubbio amletico... visto che non trovi la directory dove dovrebbe essere il "network virus" mi domando: hai attivato la visualizzazione di tutti i file e le cartelle nascoste, di sistema ecc.?
Scusa la domanda banale, ma se in strumenti->opzioni cartella->visualizzazione non fosse tutto attivato, ovviamente certe voci non vengono visualizzate

prova anche a disinstallare (questo solo dopo aver provato il resto) i protocolli tcp-ip e a reinstallarli...
poi prova anche spybot...

secondo me hai semplicemente preso il sasser o una delle sue varianti.
Scaricati un removal tool tipo dal sito symantec.

Logfile of HijackThis v1.98.2
Scan saved at 13.40.01, on 20/08/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\System32\Ati2evxx.exe
H:\WINDOWS\system32\cisvc.exe
H:\WINDOWS\System32\svchost.exe
H:\Programmi\Trend Micro\Internet Security\Tmntsrv.exe
H:\Programmi\Trend Micro\Internet Security\tmproxy.exe
H:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
H:\WINDOWS\System32\rundll32.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
H:\WINDOWS\System32\hostserv.exe
H:\WINDOWS\System32\snlogsvc.exe
H:\WINDOWS\System32\NotifyPhoneBook.exe
H:\WINDOWS\System32\CTHELPER.EXE
H:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE
H:\Programmi\Trend Micro\Internet Security\PccPfw.exe
H:\WINDOWS\System32\IEXPLORER.EXE
H:\Programmi\Trend Micro\Internet Security\pccguide.exe
H:\Programmi\Trend Micro\Internet Security\PCClient.exe
H:\Programmi\Trend Micro\Internet Security\TMOAgent.exe
H:\WINDOWS\System32\ctfmon.exe
H:\WINDOWS\twain_32\Flatbed\Epp\Detector.exe
H:\Programmi\VIA\RAID\raid_tool.exe
H:\Programmi\TextBridge Classic 2.0\Ereg\REMIND32.EXE
H:\Programmi\Internet Explorer\IEXPLORE.EXE
H:\Programmi\WinRAR\WinRAR.exe
H:\DOCUME~1\pippo\IMPOST~1\Temp\Rar$EX00.552\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - H:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIPTA] H:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [Microsoft Host Service] hostserv.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] H:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Microsoft Update] snlogsvc.exe
O4 - HKLM\..\Run: [ShutDown] H:\Programmi\DFG\ShutDown3\ShutDown.exe
O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] H:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] H:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [InstantAccess] H:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] H:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKLM\..\Run: [ioroxxo microsoft sux] IEXPLORER.EXE
O4 - HKLM\..\Run: [pccguide.exe] "H:\Programmi\Trend Micro\Internet Security\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "H:\Programmi\Trend Micro\Internet Security\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "H:\Programmi\Trend Micro\Internet Security\TMOAgent.exe" /run
O4 - HKLM\..\RunServices: [Microsoft Host Service] hostserv.exe
O4 - HKLM\..\RunServices: [Microsoft Update] snlogsvc.exe
O4 - HKLM\..\RunServices: [RegisterDropHandler] H:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKLM\..\RunServices: [ioroxxo microsoft sux] IEXPLORER.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Host Service] hostserv.exe
O4 - HKCU\..\Run: [Microsoft Update] snlogsvc.exe
O4 - HKCU\..\Run: [ioroxxo microsoft sux] IEXPLORER.EXE
O4 - Startup: reminder-Registrazione del prodotto Scansoft.lnk = H:\Programmi\TextBridge Classic 2.0\Ereg\REMIND32.EXE
O4 - Global Startup: Detector.lnk = H:\WINDOWS\twain_32\Flatbed\Epp\Detector.exe
O4 - Global Startup: VIA RAID TOOL.lnk = H:\Programmi\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Google Search - res://H:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Collegamenti a ritroso - res://H:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pagine simili - res://H:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Versione cache della pagina - res://H:\Programmi\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .pdf: H:\Programmi\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2704C44C-5688-45D6-BAFE-A71E11B55A0B}: NameServer = 217.141.251.204 151.99.125.1

copia il tuo log in questo spazio..
http://hijackthis.de/index.php

e ti dirà che hai qualche problema... correggi i problemi cancellando le voci o ripristinandole come erano prima...

(ps x la pagina clikka su english... ;) )

Ho cancellato un file di nome ieplorer.exe e tutto cio' che c'era nel registro.
Risolto Grazie!!!!

HO RIAVVIATO IL PC E SI RICOLLEGA IN AUTOMATICO

installati il modulo tea timer di spybot.. e una volta cancellato quello che ti diceva HijackThis riavvia
nel momento in cui vedi il prg strano vietagli di funzionare.. magari prima digli solo di vietarlo (nn selezionare la voce "sempre") se dopo vedi che funziona.. la selezioni in maniera tale che vieti sempre a quel pocesso di partire..