View Full Version : mousecm.exe
fabrjzio
15-07-2005, 11:56
penso di aver dei virus in esecuzionie ma nn riesco a toglierli..
sapete dirmi di cosa si tratta e come posso fare per eliminarli?
tre l'altro mi rallentano e bloccano la connessione
mapi32.exe system
mousecm.exe system
iexplorer.exe giove
PCCPFW.exe system
gcasDTserv.exe giove
Pop3trep.exe giove
PCCCclient.exe giove
spoolv.exe
csrss.exe
smss.exe
lsass.exe
andorra24
15-07-2005, 12:08
Fai la scansione con hijackthis e posta il log sul forum.
fabrjzio
15-07-2005, 12:12
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\MSI\Live Update 2\LMonitor.exe
C:\Programmi\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Programmi\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Programmi\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\Programmi\Microsoft AntiSpyware\gcasDtServ.exe
C:\Programmi\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\mapi32.exe
C:\Documents and Settings\GIOVE\Desktop\HijackThis.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Microsoft Update Loaders 2005] winusers.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Programmi\MSI\Live Update 2\LMonitor.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Programmi\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Programmi\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Programmi\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [Services] C:\WINDOWS\system32\1.tmp
O4 - HKLM\..\RunServices: [Microsoft Update Loaders 2005] winusers.exe
O4 - HKCU\..\RunServices: [msngta32] msngta32.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121334769954
O17 - HKLM\System\CCS\Services\Tcpip\..\{2FE5D689-75A0-44FE-BD97-761FAC25BD9B}: NameServer = 85.37.17.46 151.99.125.1
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmi\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmi\ewido\security suite\ewidoguard.exe
O23 - Service: MAPI Mail Client (MAPI) - Unknown owner - C:\WINDOWS\System32\mapi32.exe
O23 - Service: Mouse Click Monitor (mousecm) - Unknown owner - C:\WINDOWS\System32\mousecm.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Programmi\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Programmi\Trend Micro\PC-cillin 2002\Tmntsrv.exe
HELP ME
andorra24
15-07-2005, 12:18
Fixa:
C:\WINDOWS\System32\mapi32.exe
O4 - HKLM\..\Run: [Microsoft Update Loaders 2005] winusers.exe
O4 - HKLM\..\Run: [Services] C:\WINDOWS\system32\1.tmp
O4 - HKLM\..\RunServices: [Microsoft Update Loaders 2005] winusers.exe
O4 - HKCU\..\RunServices: [msngta32] msngta32.exe
O23 - Service: MAPI Mail Client (MAPI) - Unknown owner - C:\WINDOWS\System32\mapi32.exe
O23 - Service: Mouse Click Monitor (mousecm) - Unknown owner - C:\WINDOWS\System32\mousecm.exe
ps: e' preferibile fare il fix in modalita' provvisoria.
fabrjzio
15-07-2005, 12:22
il fix mousecm.exe nn me lo fa' fare
andorra24
15-07-2005, 12:34
Fai una scansione antivirus online: http://www.bitdefender.com/scan8/ie.html
Prova anche ad usare questo antitrojan:http://www.majorgeeks.com/download4281.html
andorra24
15-07-2005, 12:54
Se non risolvi con tutte le scansioni puoi anche provare a killare il file usando questa piccola utility chiamata killbox: http://www.bleepingcomputer.com/files/killbox.php
vBulletin® v3.6.4, Copyright ©2000-2025, Jelsoft Enterprises Ltd.