|
|||||||
|
|
|
 |
|
|
Strumenti |
01-09-2006, 10:12
|
#1 |
|
Junior Member
Iscritto dal: Sep 2006
Messaggi: 29
|
mi aiutate e cercare il virus?
Salve a tutti,
ho un problema: quando apro il browser e nella barra degli indirizzi metto una path mi si apre il risultato di una ricerca fatta con il motore shabit.net. Ho provato vari tool, ma nessuno mi rileva virus. Vi posto il risultato di hijackthis con la speranza che qualcuno riesca ad aiutarmi. Ringrazio anticipatamente Logfile of HijackThis v1.99.1 Scan saved at 10.50.55, on 01/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\WINDOWS\Explorer.EXE C:\Programmi\PC Tools AntiVirus\PCTAVSvc.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\sm56hlpr.exe C:\Programmi\Synaptics\SynTP\SynTPLpr.exe C:\Programmi\Synaptics\SynTP\SynTPEnh.exe C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Programmi\Skype\Phone\Skype.exe C:\WINDOWS\System32\snmp.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\Programmi\PC Tools AntiVirus\ScanningProcess.exe C:\Documents and Settings\pasquale\Desktop\ewido_micro.exe C:\Programmi\a-squared Free\a2free.exe C:\Documents and Settings\pasquale\Desktop\download\sicurezza\HijackThis.exe R3 - Default URLSearchHook is missing O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Class - {B94F401C-56FA-4A94-CF2C-CA3F7CC86829} - C:\WINDOWS\rdbhl1.dll (file missing) O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Desktop Service] C:\Programmi\Free-Soft\Virtual Desktop\DesktopLoader.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{9325F1A2-322B-4A0F-8F25-DF6FCBBBF6A9}: NameServer = 213.140.2.12 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Programmi\QlikView\QvProtocol\qvp.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: openwork Manager - NET Sistemi - c:\openwork\lib\openworkman.exe O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - Unknown owner - C:\Programmi\PC Tools AntiVirus\PCTAVSvc.exe O23 - Service: Desktop (Service_Desktop) - Unknown owner - C:\Programmi\Free-Soft\Virtual Desktop\Desktop.exe |
|
|
01-09-2006, 10:32
|
#2 |
|
Member
Iscritto dal: Apr 2005
Città: Molise
Messaggi: 133
|
prova a fixare queste voci
R3 - Default URLSearchHook is missing O2 - BHO: Class - {B94F401C-56FA-4A94-CF2C-CA3F7CC86829} - C:\WINDOWS\rdbhl1.dll (file missing) Comunque i log vanno postati nella sezione apposita.
__________________
TELE2 SENZA CANONE: non fatevi fregare!!!  | SICILIA: TUTTO IL RESTO E' IN OMBRA GROUP member 
|
|
|
|
01-09-2006, 10:48
|
#3 |
|
Junior Member
Iscritto dal: Sep 2006
Messaggi: 29
|
ancora nulla! sempre stesso problema!
Altra info: ma O23 - Service: Desktop (Service_Desktop) - Unknown owner - C:\Programmi\Free-Soft\Virtual Desktop\Desktop.exe cos'è? |
|
|
|
01-09-2006, 10:56
|
#4 | |
|
Junior Member
Iscritto dal: Sep 2006
Messaggi: 29
|
Ti ringrazio infinitamente per l'aiuto ma ahimè ancora nulla di fatto.
Quote:
|
|
|
|
|
01-09-2006, 10:58
|
#5 |
|
Senior Member
Iscritto dal: Nov 2001
Città: Bastia Umbra (PG)
Messaggi: 6395
|
c'é un thread in rilievo apposito dove ci sono TUTTE le istruzioni
__________________
:: Il miglior argomento contro la democrazia è una conversazione di cinque minuti con l'elettore medio :: |
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 18:11.
