|
|||||||
|
|
|
 |
|
|
Strumenti |
12-01-2008, 11:55
|
#1 |
|
Member
Iscritto dal: Aug 2006
Messaggi: 170
|
iexplore.exe già presente nel task e internet connection VIRUS?
allora vi spiego il mio problema : mi appare iexplore.exe prima di avviare explorer. avviando explorer si carica per la prima volta lentissimo. poi mi è apparsa una connessione nuove INTERNET CONNECTION che ho eliminato. il problema persiste.
vi posto awf Find AWF report by noahdfear ©2006 Version 1.40 bak folders found ~~~~~~~~~~~ Il volume nell'unit… C Š ALEX Numero di serie del volume: FC8E-A721 Directory di C:\WINDOWS\SYSTEM32\BAK 19/08/2004 14.39 15.360 ctfmon.exe 1 File 15.360 byte 2 Directory 68.027.731.968 byte disponibili Il volume nell'unit… C Š ALEX Numero di serie del volume: FC8E-A721 Directory di C:\PROGRA~1\ALWILS~1\AVAST4\BAK 04/12/2007 14.00 79.224 ashDisp.exe 1 File 79.224 byte 2 Directory 68.027.731.968 byte disponibili Il volume nell'unit… C Š ALEX Numero di serie del volume: FC8E-A721 Directory di C:\PROGRA~1\GOOGLE\GOOGLE~3\BAK 05/01/2008 16.52 68.856 GoogleToolbarNotifier.exe 1 File 68.856 byte 2 Directory 68.027.727.872 byte disponibili Il volume nell'unit… C Š ALEX Numero di serie del volume: FC8E-A721 Directory di C:\PROGRA~1\JAVA\JRE16~1.0_0\BIN\BAK 25/09/2007 01.11 132.496 jusched.exe 1 File 132.496 byte 2 Directory 68.027.727.872 byte disponibili Duplicate files of bak directory contents ~~~~~~~~~~~~~~~~~~~~~~~ 15360 19 Aug 2004 "C:\WINDOWS\system32\ctfmon.exe" 15360 19 Aug 2004 "C:\WINDOWS\system32\bak\ctfmon.exe" 79224 4 Dec 2007 "C:\Programmi\Alwil Software\Avast4\ashDisp.exe" 79224 4 Dec 2007 "C:\Programmi\Alwil Software\Avast4\bak\ashDisp.exe" 52272 5 Jan 2008 "C:\Programmi\Google\googletoolbar1user.exe" 14348 11 Jan 2008 "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" 124400 5 Jan 2008 "C:\Programmi\Google\Google Updater\GoogleUpdater.exe" 138680 5 Jan 2008 "C:\Programmi\Google\Common\Google Updater(2)\GoogleUpdaterService(2).exe" 138680 5 Jan 2008 "C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe" 68856 5 Jan 2008 "C:\Programmi\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe" 124400 5 Jan 2008 "C:\Programmi\Google\Google Updater\2.2.1070.1219\GoogleUpdaterRestartManager.exe" 865912 4 Jan 2008 "G:\Download Programmi\Internet\Google_Updater.exe" 14348 11 Jan 2008 "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" 132496 25 Sep 2007 "C:\Programmi\Java\jre1.6.0_03\bin\bak\jusched.exe" end of report e hijackthis Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programmi\File comuni\EPSON\EBAPI\eEBSVC.exe C:\WINDOWS\ATKKBService.exe C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Programmi\ArcSoft\Magic-i 3\uMgiSvr.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\ADSL\StarModem ADSL USB MODEM\dslmon.exe C:\Programmi\Java\jre1.6.0_03\bin\bak\jusched.exe C:\WINDOWS\system32\wscntfy.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\devldr32.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Documents and Settings\Alessandro\Desktop\avenger.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\Programmi\MSN Messenger\usnsvc.exe C:\Documents and Settings\Alessandro\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - URLSearchHook: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll O3 - Toolbar: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [bylsyfvd] C:\omjetefb.bat O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: DSLMON.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\npjpi160_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\npjpi160_03.dll O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{DE53B4A7-C169-4036-81DA-AB8E22C0FE16}: NameServer = 193.70.152.15 193.70.152.25 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Programmi\File comuni\EPSON\EBAPI\eEBSVC.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MgiSvr - ArcSoft, Inc. - C:\Programmi\ArcSoft\Magic-i 3\uMgiSvr.exe O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe AIUTATEMI! |
|
|
|
25-01-2008, 17:21
|
#2 |
|
Junior Member
Iscritto dal: Jan 2008
Messaggi: 1
|
Anch'io ho lo stesso problema, su tcpview vedo che all'avvio di XP è presente iexplore.exe che tenta di connettersi a siti come bskitodayplease.com. E' presente anche in task manager (iexplore.exe) anche se non compare la finestra dell'applicazione. Ho cercato su google per due ore ma non ho trovato niente. AVG antivirus e antispyware, a squared, spybot sd non hanno rilevato niente. Qualcuno sa mettermi sulla strada giusta? Grazie 1000.
--Ste |
|
|
|
|
25-01-2008, 18:20
|
#3 |
|
Senior Member
Iscritto dal: Oct 2006
Messaggi: 4374
|
sezione sbagliata
Chiedete in ANTIVIRUS E SICUREZZA |
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 18:21.
