|
|||||||
|
|
|
 |
|
|
Strumenti |
25-07-2007, 20:09
|
#1 |
|
Member
Iscritto dal: Jun 2005
Città: Bari
Messaggi: 271
|
Malware AIUTOOOOOOOOO
http://www.hwupgrade.it/forum/attach...1&d=1185386733
Ragazzi vi prego di aiutarmi a rimuovere questi due file malware dal mio hd!!! La prima foto che posto non credo che sia esaustiva visto che l'ho rimpiciolita a dismisura!! Per favore AIUTATEMI!!! Ho provato i seguenti prog.ma con scarso risultato!!! avg anti spyware+super antispaware+ad-aware 3 prog.mmi easy cleaner+cclenear+reg cleaner!! Mi manca qualche prog all'appello??? Un grazie anticipato dodago 
|
|
|
|
26-07-2007, 12:35
|
#2 |
|
Member
Iscritto dal: Jun 2005
Città: Bari
Messaggi: 271
|
Come richiesta dal mitico e disponibile Lancetta adesso posto il log eseguito dal programma Hijackthis sul pc grande!
Aggiungo che ho anche eseguito la scansione all'avvio del sistema operativo da parte di avast..... Adesso aspetto direttive..... Ho postato con il pc piccolo ma pronto a testare il pc grande Un ringraziamento a tutti voi per l'aiuto concesso...... Dodago Logfile of HijackThis v1.99.1 Scan saved at 12.25.45, on 26/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: I:\WINDOWS\System32\smss.exe I:\WINDOWS\system32\winlogon.exe I:\WINDOWS\system32\services.exe I:\WINDOWS\system32\lsass.exe I:\WINDOWS\system32\svchost.exe I:\WINDOWS\System32\svchost.exe I:\WINDOWS\System32\wltrysvc.exe I:\WINDOWS\System32\bcmwltry.exe I:\Programmi\Alwil Software\Avast4\aswUpdSv.exe I:\Programmi\Alwil Software\Avast4\ashServ.exe I:\Programmi\Alwil Software\Avast4\ashMaiSv.exe I:\Programmi\Alwil Software\Avast4\ashWebSv.exe I:\WINDOWS\system32\spoolsv.exe I:\Programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe I:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe I:\WINDOWS\Explorer.EXE I:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe I:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe I:\Programmi\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe I:\Programmi\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe I:\WINDOWS\system32\nvsvc32.exe I:\WINDOWS\system32\HPZipm12.exe I:\WINDOWS\system32\svchost.exe I:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe I:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe I:\Programmi\Microsoft IntelliType Pro\type32.exe i:\programmi\pinnacle\shared files\programs\mediaserver\pmshost.exe I:\Programmi\BillP Studios\WinPatrol\winpatrol.exe I:\Programmi\Alwil Software\Avast4\ashDisp.exe I:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe I:\Programmi\Google\Google Updater\GoogleUpdater.exe I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe I:\PROGRA~1\INCRED~1\bin\IMApp.exe I:\WINDOWS\system32\wuauclt.exe I:\Documents and Settings\AGO\Desktop\HijackThis.exe I:\WINDOWS\system32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - I:\Programmi\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\programmi\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Programmi\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\programmi\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [type32] "I:\Programmi\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [WinPatrol] I:\Programmi\BillP Studios\WinPatrol\winpatrol.exe O4 - HKCU\..\Run: [swg] I:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [avast! service GUI component] I:\Programmi\Alwil Software\Avast4\ashDisp.exe O4 - HKCU\..\Run: [IncrediMail Tray Application] I:\Programmi\IncrediMail\bin\IncMail.exe O4 - HKCU\..\Run: [IncrediMail] I:\Programmi\IncrediMail\bin\IncMail.exe /c O4 - Startup: Avvio veloce di Adobe Reader.lnk = I:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Startup: Google Updater.lnk = I:\Programmi\Google\Google Updater\GoogleUpdater.exe O4 - Startup: Microsoft Office.lnk = I:\Programmi\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: E&sporta in Microsoft Excel - res://I:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3906F7BA-98B9-4405-8E62-CDDFC30B309B}: NameServer = 151.99.125.3,151.99.0.100 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "I:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: !SASWinLogon - I:\Programmi\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - I:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - I:\Programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - I:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - I:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - I:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Pinnacle Systems tvtv Spooler (EpgSpooler) - - i:\progra~1\pinnacle\mediac~1\epgspo~2.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - I:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing) O23 - Service: Google Updater Service (gusvc) - Google - I:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NkPtpEnumP2 - Unknown owner - I:\Programmi\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe" -a -d="I:\Programmi\Nikon\Wireless Camera Setup Utility\NkPtpip.dll (file missing) O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - i:\programmi\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - I:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - I:\WINDOWS\System32\wltrysvc.exe |
|
|
|
|
26-07-2007, 12:55
|
#3 | |
|
Bannato
Iscritto dal: Sep 2006
Città: Palermo
Messaggi: 1241
|
Quote:
|
|
|
|
|
|
26-07-2007, 14:36
|
#4 |
|
Senior Member
Iscritto dal: Feb 2007
Città: Salerno......
Messaggi: 3259
|
Dodago ti avevo chiesto di farlo in questa sezione http://www.hwupgrade.it/forum/forumdisplay.php?f=125 (t'avevo messo apposta il link)altrimenti passa un moderatore e ti chiude il post...sorry please....
__________________
Opera disabilitazione script ed iframe  Recuperare le proprie password on line. Messenger: massima attenzione ai SITI TRUFFA | GUIDA:ShutdownTimer (Spegnimento auto pc) | Quando il centro sicurezza non riconosce i soft. Guida a Malwarebytes' Anti-Malware = tiemp bell e na volta...
|
|
|
|
|
27-07-2007, 19:32
|
#5 |
|
Member
Iscritto dal: Jun 2005
Città: Bari
Messaggi: 271
|
Con tutta la buona volontà ma il sito l'ho trovo un labirinto tipo banzaj!!
Dopo appena mezz'ora non ho ancora capito dove postare!!! Help me anche per il post??? 
|
|
|
|
|
27-07-2007, 21:10
|
#6 | |
|
Senior Member
Iscritto dal: Nov 2001
Città: Fidenza(pr) da Trento
Messaggi: 27479
|
Quote:
__________________
"Visti da vicino siamo tutti strani..." ~|~ What Defines a Community? ~|~ Thread eMule Ufficiale ~|~ Online Armor in Italiano ~|~ Regole di Sezione ~|► Guida a PrivateFirewall
|
|
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 23:49.
