potete guardarmi il log di hijack this
Inviato: mar lug 25, 2006 3:14 pmtre giorni fa ho formattato il pc , reistallato l'indispensabile e ecco di nuovo che si aviano tentativi di connessione ad internet! attualmente ho istallatol'antivirus Avk(motore kaspersky) il firewall di lavasoft, A squared anti malware , stinger(removal tool) , non so che fare .Premetto che ho formattato perché il firewall mi aveva notificato un changed application memory su ON SPEED da parte di un virus Drwatson ( on speed è un ottimo acceleratore di connessione americano che per i poveri navigatori gprs è la manna dal cielo)....graziiieee
---------------------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 14.28.01, on 25/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\G DATA\AVKProxy\AVKProxy.exe
C:\Programmi\AntiVirusKit 2006\AVKService.exe
C:\Programmi\AntiVirusKit 2006\AVKWCtl.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Personal Firewall\lpfw.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\AntiVirusKit 2006\AVKTray\AVKTray.exe
C:\Programmi\a-squared Anti-Malware\a2guard.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\ONSPEED\onspeedcore.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ONSPEED\onspeedgui.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\AntiVirusKit 2006\AVKTray\AVKTray.exe
C:\Programmi\a-squared Anti-Malware\a2guard.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\ONSPEED\onspeedcore.exe
C:\WINDOWS\system32\CTFMON.EXE
C:\Programmi\ONSPEED\onspeedgui.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\Programmi\ewido anti-spyware 4.0\ewido.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\ALESSA~1\IMPOST~1\Temp\Rar$EX01.538\HijackThis.exe
C:\Programmi\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5400
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Programmi\ONSPEED\PBHelper.dll
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Programmi\ONSPEED\Toolband.dll
O4 - HKLM\..\Run: [AVKTray] "C:\Programmi\AntiVirusKit 2006\AVKTray\AVKTray.exe"
O4 - HKLM\..\Run: [a-squared] "C:\Programmi\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [Personal Firewall] C:\Programmi\Personal Firewall\lpfw.exe /waitservice
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SlipStream] "C:\Programmi\ONSPEED\onspeedcore.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: ONSPEED.lnk = C:\Programmi\ONSPEED\onspeedgui.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Mostra immagine originale - res://C:\Programmi\ONSPEED\gui_resource.dll/328
O8 - Extra context menu item: Mostra le immagini originali - res://C:\Programmi\ONSPEED\gui_resource.dll/327
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{671A75FB-2994-4901-B2EB-1B38B50F681F}: NameServer = 212.245.255.2 212.141.84.12
O20 - AppInit_DLLs: e:\lavasoft\person~3\wl_hook.dll e:\lavasoft\person~3\wl_hook.dll e:\lavasoft\person~3\wl_hook.dll C:\PROGRA~1\PERSON~1\wl_hook.dll
O23 - Service: AVKProxy - G DATA Software AG - C:\Programmi\File comuni\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: AVK Service (AVKService) - Unknown owner - C:\Programmi\AntiVirusKit 2006\AVKService.exe
O23 - Service: Monitor di AVK (AVKWCtl) - Unknown owner - C:\Programmi\AntiVirusKit 2006\AVKWCtl.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe
O23 - Service: Lavasoft Personal Firewall Service (LavasoftFirewall) - Agnitum Ltd. - C:\Programmi\Personal Firewall\lpfw.exe
---------------------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 14.28.01, on 25/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\G DATA\AVKProxy\AVKProxy.exe
C:\Programmi\AntiVirusKit 2006\AVKService.exe
C:\Programmi\AntiVirusKit 2006\AVKWCtl.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Personal Firewall\lpfw.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\AntiVirusKit 2006\AVKTray\AVKTray.exe
C:\Programmi\a-squared Anti-Malware\a2guard.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\ONSPEED\onspeedcore.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ONSPEED\onspeedgui.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\AntiVirusKit 2006\AVKTray\AVKTray.exe
C:\Programmi\a-squared Anti-Malware\a2guard.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\ONSPEED\onspeedcore.exe
C:\WINDOWS\system32\CTFMON.EXE
C:\Programmi\ONSPEED\onspeedgui.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\Programmi\ewido anti-spyware 4.0\ewido.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\ALESSA~1\IMPOST~1\Temp\Rar$EX01.538\HijackThis.exe
C:\Programmi\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5400
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Programmi\ONSPEED\PBHelper.dll
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Programmi\ONSPEED\Toolband.dll
O4 - HKLM\..\Run: [AVKTray] "C:\Programmi\AntiVirusKit 2006\AVKTray\AVKTray.exe"
O4 - HKLM\..\Run: [a-squared] "C:\Programmi\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [Personal Firewall] C:\Programmi\Personal Firewall\lpfw.exe /waitservice
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SlipStream] "C:\Programmi\ONSPEED\onspeedcore.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: ONSPEED.lnk = C:\Programmi\ONSPEED\onspeedgui.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Mostra immagine originale - res://C:\Programmi\ONSPEED\gui_resource.dll/328
O8 - Extra context menu item: Mostra le immagini originali - res://C:\Programmi\ONSPEED\gui_resource.dll/327
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{671A75FB-2994-4901-B2EB-1B38B50F681F}: NameServer = 212.245.255.2 212.141.84.12
O20 - AppInit_DLLs: e:\lavasoft\person~3\wl_hook.dll e:\lavasoft\person~3\wl_hook.dll e:\lavasoft\person~3\wl_hook.dll C:\PROGRA~1\PERSON~1\wl_hook.dll
O23 - Service: AVKProxy - G DATA Software AG - C:\Programmi\File comuni\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: AVK Service (AVKService) - Unknown owner - C:\Programmi\AntiVirusKit 2006\AVKService.exe
O23 - Service: Monitor di AVK (AVKWCtl) - Unknown owner - C:\Programmi\AntiVirusKit 2006\AVKWCtl.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe
O23 - Service: Lavasoft Personal Firewall Service (LavasoftFirewall) - Agnitum Ltd. - C:\Programmi\Personal Firewall\lpfw.exe