|
|||||||
|
|
|
 |
|
|
Strumenti |
16-10-2006, 12:48
|
#1 |
|
Junior Member
Iscritto dal: Oct 2006
Messaggi: 16
|
Seguita la guida, problemi downloader.harnig.cu, downloader.adload.fu, hijacker.small
Vi prego aiutatemi, non so più che fare...Ho seguito e letto la guida!!!
Ho utilizzato fino a adesso: 1)Ad-aware 2)Spybot 3)Bitdefender 4)ewido ma continuano a comparire finestre con un disegnino con scritto: idd2B.tmp NON RIESCO A TROVARE UN MODEM PER LA CONNESSIONE idd12E.tmp NON RIESCO A TROVARE UN MODEM PER LA CONNESSIONE etc. etc. compaiono icone con DILAIER e uno SCUDO con un punto interrogativo che rimanda ad un sito per l'acquisto di un antispyware...di windows??? non riesco ad aprire HIJACKTHIS, se cerco di aprire il file zip mi va in tilt il sistema, scompare il desktop e poi riappare. ewido ha identificato e ma non é riuscito a mettere in quarantena i seguenti file: downloader.harnig.cu downloader.adload.fu hijacker.small.lr Ho letteralemente le chiappette a terra!!! 
Ultima modifica di canadino : 16-10-2006 alle 14:11. |
|
|
16-10-2006, 12:50
|
#2 |
|
Senior Member
Iscritto dal: Aug 2006
Messaggi: 5647
|
ti chiuderanno il topic per titolo non esplicitativo
comunque non so che dirti |
|
|
|
16-10-2006, 13:38
|
#3 |
|
Senior Member
Iscritto dal: Aug 2006
Messaggi: 299
|
rifai la scansione dalla modalità provvisoria ...
|
|
|
|
16-10-2006, 14:10
|
#4 |
|
Senior Member
Iscritto dal: Apr 2006
Città: Milano
Messaggi: 12425
|
Posta un log di hijackthis nel thread in rilievo.
|
|
|
|
16-10-2006, 14:25
|
#5 | |
|
Senior Member
Iscritto dal: Sep 2004
Città: Prov. Novara/Palmdale
Messaggi: 5228
|
Quote:
Questi sono i tipici casi quasi disperati  @Teliqalipukt...purtroppo HijackThis non gli va... La cosa migliore sarebbe poter smontare il disco,metterlo come slave su un altro PC e fare una bella scansione con un buon Antivirus. Ciao |
|
|
|
|
16-10-2006, 14:28
|
#6 |
|
Senior Member
Iscritto dal: Apr 2006
Città: Milano
Messaggi: 12425
|
Mmmm..... e se provasse con hijackfree?
E' un prodotto della software house che fa a-squared. Somiglia ad hijackthis mi pare, ed è ugualmente free. Boh, può essere un tentativo. 
|
|
|
|
16-10-2006, 14:33
|
#7 | |
|
Senior Member
Iscritto dal: Sep 2004
Città: Prov. Novara/Palmdale
Messaggi: 5228
|
Quote:
Ciao |
|
|
|
|
16-10-2006, 15:41
|
#8 |
|
Junior Member
Iscritto dal: Oct 2006
Messaggi: 16
|
Fatto il riavvio in modalità provvisoria e eliminato tramite ewido i tre:
downloader.harnig.cu downloader.adload.fu hijacker.small.lr Spero fin quì di aver fatto bene. Hijackfree scaricato e installato da la seguente lista di processi -------------------------------------------------------------- Nome ProcessID Priorità Locazione a2hijackfree.exe 2984 Normale C:\Programmi\a-squared HiJackFree\a2hijackfree.exe alg.exe 2712 N/A C:\Programmi\Alwil Software\Avast4\ashWebSv.exe ashDisp.exe 800 Normale C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe ashMaiSv.exe 2184 Normale C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe ashServ.exe 1976 Alta C:\Programmi\Alwil Software\Avast4\ashServ.exe ashWebSv.exe 2448 Normale C:\Programmi\Alwil Software\Avast4\ashWebSv.exe aswUpdSv.exe 1932 Normale C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe bdmcon.exe 3376 Normale c:\programmi\softwin\bitdefender8\bdmcon.exe bdnagent.exe 1032 Normale C:\Programmi\Softwin\BitDefender8\bdnagent.exe bdss.exe 2132 Normale C:\Programmi\File comuni\Softwin\BitDefender Scan Server\bdss.exe csrss.exe 640 N/A C:\WINDOWS\System32\smss.exe ewido.exe 1048 Normale C:\Programmi\ewido anti-spyware 4.0\ewido.exe explorer.exe 2864 Normale C:\WINDOWS\explorer.exe guard.exe 124 Normale C:\Programmi\ewido anti-spyware 4.0\guard.exe iexplore.exe 1384 Normale C:\Programmi\Internet Explorer\iexplore.exe iexplore.exe 2296 Normale C:\Programmi\Internet Explorer\iexplore.exe iexplore.exe 2992 Normale C:\Programmi\Internet Explorer\iexplore.exe jusched.exe 936 Normale C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe lsass.exe 724 Normale C:\WINDOWS\system32\lsass.exe MDM.EXE 176 Normale C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE msmsgs.exe 1232 Normale C:\Programmi\Messenger\msmsgs.exe qttask.exe 920 Normale C:\Programmi\QuickTime\qttask.exe rundll32.exe 192 Normale C:\WINDOWS\system32\RunDll32.exe SeagateNetwork.exe 1696 Normale c:\windows\seagatenetwork.exe services.exe 712 Normale C:\WINDOWS\system32\services.exe smss.exe 592 Normale C:\WINDOWS\System32\smss.exe spoolsv.exe 1492 Normale C:\WINDOWS\system32\spoolsv.exe svchost.exe 900 Normale C:\WINDOWS\system32\svchost.exe svchost.exe 992 N/A C:\WINDOWS\system32\svchost.exe svchost.exe 1084 Normale C:\WINDOWS\System32\svchost.exe svchost.exe 1208 N/A C:\WINDOWS\System32\svchost.exe svchost.exe 1344 N/A C:\WINDOWS\System32\svchost.exe svchost.exe 1680 N/A C:\Programmi\Messenger\msmsgs.exe System 4 Normale N/A System Idle Processes 0 Bassa N/A win14E.tmp.exe 3908 Normale C:\WINDOWS\TEMP\win14E.tmp.exe winlogon.exe 664 Alta C:\WINDOWS\system32\winlogon.exe WZQKPICK.EXE 1712 Normale C:\Programmi\WinZip\WZQKPICK.EXE xcommsvr.exe 1156 Normale C:\Programmi\File comuni\Softwin\BitDefender Communicator\xcommsvr.exe --------------------------------------------------------------- Il programma permette di accedere anche ad altre funzioni... Ditemi voi cosa é meglio postare o meno... Grazie! |
|
|
|
16-10-2006, 15:47
|
#9 | |
|
Senior Member
Iscritto dal: Apr 2006
Città: Milano
Messaggi: 12425
|
Quote:
|
|
|
|
|
16-10-2006, 15:52
|
#10 |
|
Junior Member
Iscritto dal: Oct 2006
Messaggi: 16
|
Analisi Hijackfree
----------------------------------------------------------------------- Registry Autoruns: Result ToDo Name: Cmaudio Path: RunDll32 cmicnfg.cpl,CMICtrlWnd Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Good: 2 - Bad: 0 View Details Name: Easy-PrintToolBox Path: C:\Programmi\Canon\Easy-PrintToolBox\BJPSMAIN.EXE Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Good: 2 - Bad: 0 View Details Name: avast! Path: C:\Programmi\ALWILS~1\Avast4\ashDisp.exe Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Good: 4 - Bad: 0 View Details Name: QuickTime Task Path: C:\Programmi\QuickTime\qttask.exe Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Good: 0 - Bad: 0 Unknown Item Search at Google Name: SunJavaUpdateSched Path: C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Good: 2 - Bad: 0 View Details Name: BDMCon Path: C:\Programmi\Softwin\BitDefender8\bdmcon.exe Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Good: 2 - Bad: 0 View Details Name: BDNewsAgent Path: c:\programmi\softwin\bitdefender8\bdnagent.exe Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Good: 2 - Bad: 0 View Details Name: !ewido Path: C:\Programmi\ewido anti-spyware 4.0\ewido.exe Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Good: 0 - Bad: 0 Unknown Item Search at Google Name: MSMSGS Path: "C:\Programmi\Messenger\msmsgs.exe" Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Good: 2 - Bad: 18 View Details Requires Attention! Compare details with your local values and/or search at Google Tricky and Other Autoruns: Result ToDo Name: shell Path: Explorer.exe Location: system.ini Not checked Unknown Item Search at Google Name: SET BLASTER Path: A220 I5 D1 P330 T3 Location: autoexec.nt Not checked Unknown Item Search at Google Name: dos Path: high, umb Location: config.nt Not checked Unknown Item Search at Google Name: device Path: %SystemRoot%\system32\himem.sys Location: config.nt Not checked Unknown Item Search at Google Name: files Path: 40 Location: config.nt Not checked Unknown Item Search at Google Name: device Path: C:\Programmi\ALWILS~1\Avast4\aswmonds.sys Location: config.nt Not checked Unknown Item Search at Google Name: WinZip Quick Pick Path: Location: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\ Not checked Unknown Item Search at Google Name: SA Path: Location: C:\WINDOWS\tasks\ Not checked Unknown Item Search at Google Name: CTFMON.EXE Path: C:\WINDOWS\System32\CTFMON.EXE Location: HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run\ Not checked Unknown Item Search at Google Name: Shell Path: Explorer.exe Location: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ Not checked Unknown Item Search at Google Name: $GT;{22d6f312-b0f6-11d0-94ab-0080c74c7e95} Path: C:\WINDOWS\inf\unregmp2.exe Location: HKLM\Software\Microsoft\Active Setup\Installed Components\ Not checked Unknown Item Search at Google Name: $GT;{26923b43-4d38-484f-9b9e-de460746276c} Path: C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE Location: HKLM\Software\Microsoft\Active Setup\Installed Components\ Not checked Unknown Item Search at Google Name: $GT;{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS Path: RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP Location: HKLM\Software\Microsoft\Active Setup\Installed Components\ Not checked Unknown Item Search at Google Name: $GT;{881dd1c5-3dcf-431b-b061-f3f88e8be88a} Path: C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE Location: HKLM\Software\Microsoft\Active Setup\Installed Components\ Not checked Unknown Item Search at Google Name: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} Path: C:\WINDOWS\system32\regsvr32.exe Location: HKLM\Software\Microsoft\Active Setup\Installed Components\ Not checked Unknown Item Search at Google Name: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} Path: "C:\Programmi\Outlook Express\setup50.exe" Location: HKLM\Software\Microsoft\Active Setup\Installed Components\ Not checked Unknown Item Search at Google Name: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT Location: HKLM\Software\Microsoft\Active Setup\Installed Components\ Not checked Unknown Item Search at Google Name: {5945c046-1e7d-11d1-bc44-00c04fd912be} Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser Location: HKLM\Software\Microsoft\Active Setup\Installed Components\ Not checked Unknown Item Search at Google Name: {6BF52A52-394A-11d3-B153-00C04F79FAA6} Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub Location: HKLM\Software\Microsoft\Active Setup\Installed Components\ Not checked Unknown Item Search at Google Name: {7790769C-0471-11d2-AF11-00C04FA35D02} Path: "C:\Programmi\Outlook Express\setup50.exe" Location: HKLM\Software\Microsoft\Active Setup\Installed Components\ Not checked Unknown Item Search at Google Name: {89820200-ECBD-11cf-8B85-00AA005B4340} Path: regsvr32.exe Location: HKLM\Software\Microsoft\Active Setup\Installed Components\ Not checked Unknown Item Search at Google Name: {89820200-ECBD-11cf-8B85-00AA005B4383} Path: C:\WINDOWS\system32\ie4uinit.exe Location: HKLM\Software\Microsoft\Active Setup\Installed Components\ Not checked Unknown Item Search at Google Name: File di script VBScript Path: C:\WINDOWS\System32\WScript.exe "%1" %* Location: HKEY_CLASSES_ROOT\vbsfile\shell\open\command\ Not checked Unknown Item Search at Google Name: File di script codificato in VBScript Path: C:\WINDOWS\System32\WScript.exe "%1" %* Location: HKEY_CLASSES_ROOT\vbefile\shell\open\command\ Not checked Unknown Item Search at Google Name: File di script JScript Path: C:\WINDOWS\System32\WScript.exe "%1" %* Location: HKEY_CLASSES_ROOT\jsfile\shell\open\command\ Not checked Unknown Item Search at Google Name: File di script codificato in JScript Path: C:\WINDOWS\System32\WScript.exe "%1" %* Location: HKEY_CLASSES_ROOT\jsefile\shell\open\command\ Not checked Unknown Item Search at Google Name: File di impostazioni di Windows Script Host Path: C:\WINDOWS\System32\WScript.exe "%1" %* Location: HKEY_CLASSES_ROOT\wshfile\shell\open\command\ Not checked Unknown Item Search at Google Name: File di script Windows Path: C:\WINDOWS\System32\WScript.exe "%1" %* Location: HKEY_CLASSES_ROOT\wsffile\shell\open\command\ Not checked Unknown Item Search at Google Name: Applicazione Path: "%1" %* Location: HKEY_CLASSES_ROOT\exefile\shell\open\command\ Not checked Unknown Item Search at Google Name: Applicazione per MS-DOS Path: "%1" %* Location: HKEY_CLASSES_ROOT\comfile\shell\open\command\ Not checked Unknown Item Search at Google Name: File batch MS-DOS Path: "%1" %* Location: HKEY_CLASSES_ROOT\batfile\shell\open\command\ Not checked Unknown Item Search at Google Name: Screen saver Path: "%1" Location: HKEY_CLASSES_ROOT\scrfile\shell\open\command\ Not checked Unknown Item Search at Google Name: Collegamento ad un programma per MS-DOS Path: "%1" %* Location: HKEY_CLASSES_ROOT\piffile\shell\open\command\ Not checked Unknown Item Search at Google Name: PostBootReminder Path: C:\WINDOWS\system32\SHELL32.dll Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ Not checked Unknown Item Search at Google Name: CDBurn Path: C:\WINDOWS\system32\SHELL32.dll Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ Not checked Unknown Item Search at Google Name: WebCheck Path: C:\WINDOWS\System32\webcheck.dll Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ Not checked Unknown Item Search at Google Name: SysTray Path: C:\WINDOWS\System32\stobject.dll Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ Not checked Unknown Item Search at Google Layered Service Providers (LSP): Result ToDo Name: mswsock.dll Path: %SystemRoot%\system32\ Location: HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\ Good: 1 - Bad: 0 View Details Name: rsvpsp.dll Path: %SystemRoot%\system32\ Location: HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\ Good: 1 - Bad: 0 View Details Explorer And Browser Addons: Result ToDo Name: Class Path: C:\WINDOWS\bkwmp1.dll Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects ClsID: {A2F00648-FEE1-9795-AF5E-97C17406FAC5} Good: 0 - Bad: 0 Unknown Item Search at Google Name: Google Toolbar Helper Path: c:\programmi\google\googletoolbar2.dll Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects ClsID: {AA58ED58-01DD-4d91-8333-CF10577473F7} Good: 1 - Bad: 0 View Details Name: Hook per l'esecuzione degli URL Path: shell32.dll Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ClsID: {AEB6717E-7E19-11d0-97EE-00C04FD91972} Good: 0 - Bad: 0 Unknown Item Search at Google Name: CShellExecuteHookImpl Object Path: C:\Programmi\ewido anti-spyware 4.0\shellexecutehook.dll Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ClsID: {57B86673-276A-48B2-BAE7-C6DBB3020EB8} Good: 0 - Bad: 0 Unknown Item Search at Google Local Open Ports: Result ToDo Port: 135 TCP Path: system (Process ID: 992) Good: 1 - Bad: 0 View Details Port: 139 TCP Path: system (Process ID: 4) Good: 1 - Bad: 0 View Details Port: 445 TCP Path: system (Process ID: 4) Good: 1 - Bad: 0 View Details Port: 1308 TCP Path: system (Process ID: 0) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1311 TCP Path: system (Process ID: 0) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1313 TCP Path: system (Process ID: 0) Good: 0 - Bad: 1 View Details Requires Attention! Compare details with your local values and/or search at Google Port: 1315 TCP Path: system (Process ID: 0) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1320 TCP Path: system (Process ID: 0) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1327 TCP Path: C:\Programmi\Internet Explorer\iexplore.exe (Process ID: 2992) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1328 TCP Path: C:\Programmi\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2448) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1329 TCP Path: C:\Programmi\Internet Explorer\iexplore.exe (Process ID: 2992) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1330 TCP Path: C:\Programmi\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2448) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1331 TCP Path: C:\Programmi\Internet Explorer\iexplore.exe (Process ID: 2992) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1332 TCP Path: C:\Programmi\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2448) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1333 TCP Path: C:\Programmi\Internet Explorer\iexplore.exe (Process ID: 2992) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1334 TCP Path: C:\Programmi\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2448) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1335 TCP Path: C:\Programmi\Internet Explorer\iexplore.exe (Process ID: 2296) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1336 TCP Path: C:\Programmi\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2448) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1337 TCP Path: C:\Programmi\Internet Explorer\iexplore.exe (Process ID: 2296) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1338 TCP Path: C:\Programmi\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2448) Good: 0 - Bad: 1 View Details Requires Attention! Compare details with your local values and/or search at Google Port: 12025 TCP Path: C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 2184) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 12080 TCP Path: C:\Programmi\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2448) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 12080 TCP Path: system (Process ID: 0) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 12110 TCP Path: C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 2184) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 12119 TCP Path: C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 2184) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 12143 TCP Path: C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 2184) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 123 UDP Path: C:\WINDOWS\System32\svchost.exe (Process ID: 1084) Good: 1 - Bad: 0 View Details Port: 137 UDP Path: system (Process ID: 4) Good: 1 - Bad: 0 View Details Port: 138 UDP Path: system (Process ID: 4) Good: 1 - Bad: 0 View Details Port: 445 UDP Path: system (Process ID: 4) Good: 1 - Bad: 0 View Details Port: 500 UDP Path: C:\WINDOWS\system32\lsass.exe (Process ID: 724) Good: 1 - Bad: 0 View Details Port: 1025 UDP Path: system (Process ID: 1208) Good: 1 - Bad: 1 View Details Requires Attention! Compare details with your local values and/or search at Google Port: 1033 UDP Path: C:\Programmi\Internet Explorer\iexplore.exe (Process ID: 1384) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1052 UDP Path: C:\Programmi\Internet Explorer\iexplore.exe (Process ID: 2296) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1087 UDP Path: C:\Programmi\Internet Explorer\iexplore.exe (Process ID: 2992) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 1900 UDP Path: system (Process ID: 1344) Good: 0 - Bad: 0 Unknown Item Search at Google Port: 4500 UDP Path: C:\WINDOWS\system32\lsass.exe (Process ID: 724) Good: 0 - Bad: 0 Unknown Item Search at Google Running Processes: Result ToDo Name: [System Process] Process ID: 0 Path: Info: Threads: 2 - Priority: N/A - Visible: No Good: 1 - Bad: 0 View Details Name: System Process ID: 4 Path: Info: Threads: 70 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: guard.exe Process ID: 124 Path: C:\Programmi\ewido anti-spyware 4.0\guard.exe Info: Threads: 9 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: MDM.EXE Process ID: 176 Path: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE Info: Threads: 5 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: rundll32.exe Process ID: 192 Path: C:\WINDOWS\system32\RunDll32.exe Info: Threads: 2 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: a2hijackfree.exe (a-squared HiJackFree) Process ID: 456 Path: C:\Programmi\a-squared HiJackFree\a2hijackfree.exe Info: Threads: 4 - Priority: Normale - Visible: Si Good: 1 - Bad: 0 View Details Name: smss.exe Process ID: 592 Path: C:\WINDOWS\System32\smss.exe Info: Threads: 3 - Priority: Normale - Visible: No Good: 1 - Bad: 2 View Details Requires Attention! Compare details with your local values and/or search at Google Name: csrss.exe Process ID: 640 Path: C:\WINDOWS\System32\smss.exe Info: Threads: 11 - Priority: N/A - Visible: No Good: 1 - Bad: 3 View Details Requires Attention! Compare details with your local values and/or search at Google Name: winlogon.exe Process ID: 664 Path: C:\WINDOWS\system32\winlogon.exe Info: Threads: 22 - Priority: Alta - Visible: No Good: 1 - Bad: 2 View Details Requires Attention! Compare details with your local values and/or search at Google Name: services.exe Process ID: 712 Path: C:\WINDOWS\system32\services.exe Info: Threads: 17 - Priority: Normale - Visible: No Good: 1 - Bad: 3 View Details Requires Attention! Compare details with your local values and/or search at Google Name: lsass.exe Process ID: 724 Path: C:\WINDOWS\system32\lsass.exe Info: Threads: 20 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: ashDisp.exe Process ID: 800 Path: C:\Programmi\ALWILS~1\Avast4\ashDisp.exe Info: Threads: 10 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: svchost.exe Process ID: 900 Path: C:\WINDOWS\system32\svchost.exe Info: Threads: 17 - Priority: Normale - Visible: No Good: 1 - Bad: 2 View Details Requires Attention! Compare details with your local values and/or search at Google Name: qttask.exe Process ID: 920 Path: C:\Programmi\QuickTime\qttask.exe Info: Threads: 3 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: jusched.exe Process ID: 936 Path: C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe Info: Threads: 2 - Priority: Normale - Visible: No Good: 2 - Bad: 0 View Details Name: svchost.exe Process ID: 992 Path: C:\WINDOWS\system32\svchost.exe Info: Threads: 10 - Priority: N/A - Visible: No Good: 1 - Bad: 2 View Details Requires Attention! Compare details with your local values and/or search at Google Name: bdnagent.exe Process ID: 1032 Path: C:\Programmi\Softwin\BitDefender8\bdnagent.exe Info: Threads: 2 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: ewido.exe Process ID: 1048 Path: C:\Programmi\ewido anti-spyware 4.0\ewido.exe Info: Threads: 14 - Priority: Normale - Visible: No Good: 0 - Bad: 0 Unknown Item Search at Google Submit new process info Name: svchost.exe Process ID: 1084 Path: C:\WINDOWS\System32\svchost.exe Info: Threads: 64 - Priority: Normale - Visible: No Good: 1 - Bad: 2 View Details Requires Attention! Compare details with your local values and/or search at Google Name: xcommsvr.exe Process ID: 1156 Path: C:\Programmi\File comuni\Softwin\BitDefender Communicator\xcommsvr.exe Info: Threads: 3 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: svchost.exe Process ID: 1208 Path: C:\WINDOWS\System32\svchost.exe Info: Threads: 7 - Priority: N/A - Visible: No Good: 1 - Bad: 2 View Details Requires Attention! Compare details with your local values and/or search at Google Name: msmsgs.exe Process ID: 1232 Path: C:\Programmi\Messenger\msmsgs.exe Info: Threads: 4 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: svchost.exe Process ID: 1344 Path: C:\WINDOWS\System32\svchost.exe Info: Threads: 14 - Priority: N/A - Visible: No Good: 1 - Bad: 2 View Details Requires Attention! Compare details with your local values and/or search at Google Name: iexplore.exe (Hardware Upgrade Forum - PAZZESCO! - Microsoft Internet Explorer) Process ID: 1384 Path: C:\Programmi\Internet Explorer\iexplore.exe Info: Threads: 22 - Priority: Normale - Visible: Si Good: 1 - Bad: 0 View Details Name: spoolsv.exe Process ID: 1492 Path: C:\WINDOWS\system32\spoolsv.exe Info: Threads: 13 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: svchost.exe Process ID: 1680 Path: C:\Programmi\Messenger\msmsgs.exe Info: Threads: 6 - Priority: N/A - Visible: No Good: 1 - Bad: 2 View Details Requires Attention! Compare details with your local values and/or search at Google Name: SeagateNetwork.exe Process ID: 1696 Path: c:\windows\seagatenetwork.exe Info: Threads: 4 - Priority: Normale - Visible: No Good: 0 - Bad: 0 Unknown Item Search at Google Submit new process info Name: WZQKPICK.EXE Process ID: 1712 Path: C:\Programmi\WinZip\WZQKPICK.EXE Info: Threads: 2 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: aswUpdSv.exe Process ID: 1932 Path: C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe Info: Threads: 4 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: ashServ.exe Process ID: 1976 Path: C:\Programmi\Alwil Software\Avast4\ashServ.exe Info: Threads: 27 - Priority: Alta - Visible: No Good: 1 - Bad: 0 View Details Name: bdss.exe Process ID: 2132 Path: C:\Programmi\File comuni\Softwin\BitDefender Scan Server\bdss.exe Info: Threads: 7 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: ashMaiSv.exe Process ID: 2184 Path: C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe Info: Threads: 9 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: iexplore.exe (Rivista Internet di Viticoltura e Enologia - Microsoft Internet Explorer) Process ID: 2296 Path: C:\Programmi\Internet Explorer\iexplore.exe Info: Threads: 16 - Priority: Normale - Visible: Si Good: 1 - Bad: 0 View Details Name: ashWebSv.exe Process ID: 2448 Path: C:\Programmi\Alwil Software\Avast4\ashWebSv.exe Info: Threads: 19 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: alg.exe Process ID: 2712 Path: C:\Programmi\Alwil Software\Avast4\ashWebSv.exe Info: Threads: 4 - Priority: N/A - Visible: No Good: 1 - Bad: 1 View Details Requires Attention! Compare details with your local values and/or search at Google Name: explorer.exe Process ID: 2864 Path: C:\WINDOWS\explorer.exe Info: Threads: 12 - Priority: Normale - Visible: No Good: 2 - Bad: 1 View Details Requires Attention! Compare details with your local values and/or search at Google Name: iexplore.exe (Rivista Internet di Viticoltura e Enologia - Microsoft Internet Explorer) Process ID: 2992 Path: C:\Programmi\Internet Explorer\iexplore.exe Info: Threads: 18 - Priority: Normale - Visible: Si Good: 1 - Bad: 0 View Details Name: bdmcon.exe Process ID: 3376 Path: c:\programmi\softwin\bitdefender8\bdmcon.exe Info: Threads: 4 - Priority: Normale - Visible: No Good: 1 - Bad: 0 View Details Name: win52.tmp.exe Process ID: 3604 Path: C:\WINDOWS\TEMP\win52.tmp.exe Info: Threads: 2 - Priority: Normale - Visible: No Good: 0 - Bad: 0 Unknown Item Search at Google Submit new process info |
|
|
|
16-10-2006, 15:57
|
#11 |
|
Junior Member
Iscritto dal: Oct 2006
Messaggi: 16
|
Praticamente devo cercare tutto su google? mah!?
|
|
|
|
16-10-2006, 16:14
|
#12 | |
|
Senior Member
Iscritto dal: Apr 2006
Città: Milano
Messaggi: 12425
|
Quote:
Comunque a questo punto, visto che l'abbiamo menzionato, fai pure una scansione con a squared (e ti raccomando di fare attenzione a quello che trova con l'euristica, perchè soffre un pochettino di falsi positivi  )Il log di hijackfree postalo nel thread di hijackthis, magari mettendo in anteprima il collegamento a questo thread e specificando che hai fatto questo log perchè hijackthis non ti funziona. Sicuramente lì troverai qualcuno che saprà darti un aiuto ad interpretarlo
|
|
|
|
|
16-10-2006, 16:32
|
#13 |
|
Junior Member
Iscritto dal: Oct 2006
Messaggi: 16
|
E' dura, troppo dura...mi sa tanto che questa volta vince lui...
Non mi fa neppure cercare in google la parola hijackthis... Grazie comunque di tutto... |
|
|
|
16-10-2006, 16:35
|
#14 |
|
Senior Member
Iscritto dal: Apr 2000
Città: Roma
Messaggi: 305
|
Prova a far passare questo: http://www.tgsoft.it/italy/index_ita.html
__________________
Alberto aka Pitagora |
|
|
|
17-10-2006, 08:35
|
#15 |
|
Junior Member
Iscritto dal: Oct 2006
Messaggi: 16
|
Fatto passare anche Vir.it ma ancora nulla...
|
|
|
|
17-10-2006, 08:43
|
#16 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
17-10-2006, 11:37
|
#17 |
|
Senior Member
Iscritto dal: Aug 2006
Messaggi: 299
|
fai una scansione online da qui -> http://it.trendmicro-europe.com/cons...all_launch.php
|
|
|
|
17-10-2006, 12:24
|
#18 | |
|
Senior Member
Iscritto dal: Feb 2003
Città: Perugia [Città della Pieve]
Messaggi: 7279
|
Quote:
__________________
2 cdj 850, 2 technics 1200 mkII, 1 mixer djm 700 s, 1 monocuffia sony mdr-xc5000, una collezione di vinili appena cominciata...
 ...Let the music play... |
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 01:31.
