Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Probabile Virus

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Probabile Virus

Messaggioda SUMMERBOY » lun ago 03, 2009 1:33 pm

Potete controllarmi il log???il pc sembra molto lento,e l'adsl sembra lmitata:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14.34.04, on 03/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\AVG\AVG8\avgcsrvx.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\twain_32\CIS600X\WATCH.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Programmi\Opera\opera.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
D:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Programmi\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Programmi\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [InstantAccess] C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Utilità adattatore wireless ZyXEL G-202.lnk = ?
O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\CIS600X\WATCH.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF78D79F-4AAF-4551-9C95-BDF9EAA4D278}: NameServer = 213.156.54.80,213.156.54.81
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe

--
End of file - 5392 bytes
Avatar utente
SUMMERBOY
Aficionado
Aficionado
 
Messaggi: 78
Iscritto il: lun dic 10, 2007 11:00 am

Re: Probabile Virus

Messaggioda ste_95 » lun ago 03, 2009 1:54 pm

Nessun problema visibile.

Scarica ComboFix , salvandolo sul desktop con un nome di fantasia, ed esegui la scansione seguendo queste istruzioni (giù in fondo). Al termine della scansione verrà creato il file di report C:\combofix.txt, copia qui il suo contenuto inserendolo tra i tag LOG, in questo modo:
Codice: Seleziona tutto
[LOG]qui va inserito il log[/LOG]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: Probabile Virus

Messaggioda SUMMERBOY » lun ago 03, 2009 3:12 pm

Ecco il lofg di ConboFix:

ComboFix 09-08-02.04 - User 03/08/2009 15.34.50.5.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.127.56 [GMT 2:00]
Eseguito da: c:\documents and settings\User\Desktop\Combofix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((( Files Creati Da 2009-07-03 al 2009-08-03 )))))))))))))))))))))))))))))))))))
.

2009-07-29 10:33 . 2009-07-03 16:55 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-29 10:32 . 2009-07-03 16:55 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-07-18 10:47 . 2009-07-18 10:47 -------- d-sh--w- c:\documents and settings\User\PrivacIE
2009-07-18 10:25 . 2009-07-18 10:25 -------- d-sh--w- c:\documents and settings\User\IETldCache
2009-07-18 10:18 . 2009-07-18 10:20 -------- d-----w- c:\windows\ie8updates
2009-07-18 09:43 . 2009-07-18 10:15 -------- dc-h--w- c:\windows\ie8
2009-07-18 09:42 . 2009-07-18 10:14 -------- d-----w- c:\windows\system32\it-IT
2009-07-18 09:33 . 2009-06-02 10:12 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-07-18 09:32 . 2009-07-03 16:55 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-07-18 09:32 . 2009-07-03 16:55 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-18 09:32 . 2009-07-03 16:55 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-07-18 09:32 . 2009-07-19 16:42 11067392 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-07-13 09:15 . 2009-08-02 16:05 -------- d-----w- c:\documents and settings\User\Dati applicazioni\vlc
2009-07-12 16:46 . 2009-07-12 16:46 67774 ----a-w- C:\cc_20090712_1846.reg

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-02 13:06 . 2008-01-05 18:12 -------- d-----w- c:\programmi\eMule
2009-08-01 13:20 . 2008-08-02 18:58 -------- d-----w- c:\documents and settings\User\Dati applicazioni\gtk-2.0
2009-07-14 08:22 . 2008-02-01 16:33 -------- d-----w- c:\documents and settings\User\Dati applicazioni\Skype
2009-07-14 08:19 . 2008-02-01 17:05 -------- d-----w- c:\documents and settings\User\Dati applicazioni\skypePM
2009-07-13 17:40 . 2008-05-14 16:04 -------- d-----w- c:\documents and settings\User\Dati applicazioni\dvdcss
2009-07-13 08:52 . 2008-01-09 18:17 -------- d-----w- c:\programmi\VideoLAN
2009-07-11 16:27 . 2008-05-23 15:45 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-07-11 14:51 . 2008-12-20 16:05 3561743 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-07-11 12:37 . 2000-01-01 15:46 90112 ----a-w- c:\windows\DUMP5346.tmp
2009-07-03 16:55 . 2004-08-19 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-02 16:29 . 2009-07-02 16:29 463360 ----a-w- c:\documents and settings\User\Dati applicazioni\Techno Design IP\LiveSearch Notification.exe
2009-07-02 16:29 . 2009-07-02 16:29 -------- d-----w- c:\documents and settings\User\Dati applicazioni\Techno Design IP
2009-06-17 09:27 . 2008-12-02 15:11 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-17 09:27 . 2008-12-02 15:11 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-17 08:54 . 2000-01-01 15:40 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-16 14:53 . 2004-08-19 12:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:53 . 2004-08-19 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-11 18:00 . 2009-06-11 18:00 248566 ----a-w- C:\cc_20090611_1959.reg
2009-06-08 19:50 . 2009-06-08 19:50 19165248 ----a-w- c:\documents and settings\User\Dati applicazioni\TomTom\HOME\Profiles\u1fppxy6.default\Updates\v2_6_2_1586_win.exe
2009-06-03 19:25 . 2004-08-19 12:00 1295872 ----a-w- c:\windows\system32\quartz.dll
2009-05-12 17:34 . 2008-01-06 18:19 2608 ----a-w- c:\windows\system32\d3d9caps.dat
2009-05-08 10:27 . 2008-08-07 14:03 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-08 10:27 . 2008-05-23 15:45 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-07 15:41 . 2004-08-19 12:00 346112 ----a-w- c:\windows\system32\localspl.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-07-12_15.43.24 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 17:41 . 2009-07-11 17:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2008-01-04 11:43 . 2009-01-07 16:21 26144 c:\windows\system32\spupdsvc.exe
+ 2008-01-04 11:43 . 2009-01-07 16:21 18464 c:\windows\system32\spmsg.dll
+ 2004-08-19 12:00 . 2009-03-08 02:31 46592 c:\windows\system32\pngfilt.dll
+ 2009-01-07 16:20 . 2009-01-07 16:20 23552 c:\windows\system32\normaliz.dll
+ 2009-01-07 16:20 . 2009-01-07 16:20 24576 c:\windows\system32\nlsdl.dll
+ 2004-08-19 12:00 . 2009-03-08 02:31 48128 c:\windows\system32\mshtmler.dll
+ 2004-08-19 12:00 . 2009-03-08 02:31 66560 c:\windows\system32\mshtmled.dll
+ 2004-08-19 12:00 . 2009-03-08 02:31 45568 c:\windows\system32\mshta.exe
+ 2009-03-08 02:31 . 2009-03-08 02:31 13312 c:\windows\system32\msfeedssync.exe
+ 2009-03-08 02:31 . 2009-07-03 16:55 55296 c:\windows\system32\msfeedsbs.dll
+ 2004-08-19 12:00 . 2009-03-08 02:34 43008 c:\windows\system32\licmgr10.dll
+ 2004-08-19 12:00 . 2009-07-03 16:55 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-19 12:00 . 2009-03-08 02:32 94720 c:\windows\system32\inseng.dll
+ 2004-08-19 12:00 . 2009-03-08 02:31 34816 c:\windows\system32\imgutil.dll
+ 2009-03-08 02:32 . 2009-03-08 02:32 36864 c:\windows\system32\ieudinit.exe
+ 2004-08-19 12:00 . 2009-03-08 02:32 71680 c:\windows\system32\iesetup.dll
+ 2004-08-19 12:00 . 2009-03-08 02:32 55808 c:\windows\system32\iernonce.dll
+ 2009-01-07 16:20 . 2009-01-07 16:20 26112 c:\windows\system32\idndl.dll
+ 2009-03-08 02:31 . 2009-03-08 02:31 59904 c:\windows\system32\icardie.dll
+ 2004-08-19 12:00 . 2009-03-08 02:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-19 12:00 . 2009-03-08 02:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2004-08-19 12:00 . 2009-03-08 02:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-19 12:00 . 2009-03-08 02:31 45568 c:\windows\system32\dllcache\mshta.exe
+ 2004-08-19 12:00 . 2009-03-08 02:34 43008 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-19 12:00 . 2009-07-03 16:55 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-19 12:00 . 2009-03-08 02:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2004-08-19 12:00 . 2009-03-08 02:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2004-08-19 12:00 . 2009-03-08 02:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2004-08-19 12:00 . 2009-03-08 02:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2000-01-01 15:11 . 2009-03-08 02:24 68608 c:\windows\system32\dllcache\hmmapi.dll
+ 2004-08-19 12:00 . 2009-06-16 14:53 82432 c:\windows\system32\dllcache\fontsub.dll
+ 2004-08-19 12:00 . 2009-03-08 02:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2004-08-19 12:00 . 2009-03-08 02:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2004-08-19 12:00 . 2009-03-08 02:33 18944 c:\windows\system32\corpol.dll
+ 2004-08-19 12:00 . 2009-03-08 02:32 72704 c:\windows\system32\admparse.dll
+ 2009-07-30 11:48 . 2009-04-30 21:13 12800 c:\windows\ie8updates\KB972260-IE8\xpshims.dll
+ 2009-07-30 11:48 . 2009-03-08 02:31 55296 c:\windows\ie8updates\KB972260-IE8\msfeedsbs.dll
+ 2009-07-30 11:48 . 2009-04-30 21:13 25600 c:\windows\ie8updates\KB972260-IE8\jsproxy.dll
+ 2009-07-18 10:18 . 2009-03-08 02:33 12288 c:\windows\ie8updates\KB969897-IE8\xpshims.dll
+ 2009-07-18 10:18 . 2009-03-08 02:33 25600 c:\windows\ie8updates\KB969897-IE8\jsproxy.dll
+ 2009-07-18 09:43 . 2004-08-19 12:00 37888 c:\windows\ie8\url.dll
+ 2009-07-18 10:12 . 2009-03-08 18:34 58448 c:\windows\ie8\spuninst\iecustom.dll
+ 2009-07-18 10:11 . 2009-04-29 04:51 39424 c:\windows\ie8\pngfilt.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 97280 c:\windows\ie8\occache.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 57344 c:\windows\ie8\mshtmler.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 29184 c:\windows\ie8\mshta.exe
+ 2009-07-18 10:11 . 2004-08-19 12:00 22016 c:\windows\ie8\licmgr10.dll
+ 2009-07-18 10:11 . 2009-04-29 04:51 16384 c:\windows\ie8\jsproxy.dll
+ 2009-07-18 10:11 . 2009-04-29 04:51 96768 c:\windows\ie8\inseng.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 35840 c:\windows\ie8\imgutil.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 93184 c:\windows\ie8\iexplore.exe
+ 2009-07-18 10:11 . 2004-08-19 12:00 63488 c:\windows\ie8\iesetup.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 49152 c:\windows\ie8\iernonce.dll
+ 2009-07-18 10:11 . 2009-04-29 04:51 81920 c:\windows\ie8\ieencode.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 34304 c:\windows\ie8\ie4uinit.exe
+ 2009-07-18 10:11 . 2004-08-19 12:00 38912 c:\windows\ie8\hmmapi.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 35328 c:\windows\ie8\corpol.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 61440 c:\windows\ie8\admparse.dll
+ 2009-07-18 10:20 . 2009-03-08 02:35 2048 c:\windows\ie8updates\KB971930-IE8\iecompat.dll
+ 2009-01-07 16:21 . 2009-01-07 16:21 121856 c:\windows\system32\xmllite.dll
+ 2009-03-08 02:34 . 2009-03-08 02:34 208384 c:\windows\system32\WinFXDocObj.exe
+ 2004-08-19 12:00 . 2009-03-08 02:34 236544 c:\windows\system32\webcheck.dll
+ 2004-08-19 12:00 . 2009-03-08 02:33 420352 c:\windows\system32\vbscript.dll
+ 2004-08-19 12:00 . 2009-03-08 02:34 105984 c:\windows\system32\url.dll
+ 2004-08-19 12:00 . 2009-07-03 16:55 206848 c:\windows\system32\occache.dll
+ 2004-08-19 12:00 . 2009-03-08 02:32 611840 c:\windows\system32\mstime.dll
+ 2004-08-19 12:00 . 2009-03-08 02:34 193536 c:\windows\system32\msrating.dll
+ 2004-08-19 12:00 . 2009-03-08 02:22 156160 c:\windows\system32\msls31.dll
+ 2009-03-08 02:32 . 2009-07-03 16:55 594432 c:\windows\system32\msfeeds.dll
+ 2009-01-07 16:20 . 2009-01-07 16:20 265720 c:\windows\system32\msdbg2.dll
+ 2004-08-19 12:00 . 2009-03-08 02:33 726528 c:\windows\system32\jscript.dll
+ 2009-03-08 02:22 . 2009-03-08 02:22 164352 c:\windows\system32\ieui.dll
+ 2004-08-19 12:00 . 2009-07-03 16:55 184320 c:\windows\system32\iepeers.dll
+ 2004-08-19 12:00 . 2009-07-03 16:55 386048 c:\windows\system32\iedkcs32.dll
+ 2009-03-08 02:11 . 2009-03-08 02:11 445952 c:\windows\system32\ieapfltr.dll
+ 2004-08-19 12:00 . 2009-03-08 02:32 163840 c:\windows\system32\ieakui.dll
+ 2004-08-19 12:00 . 2009-03-08 02:33 229376 c:\windows\system32\ieaksie.dll
+ 2004-08-19 12:00 . 2009-03-08 02:33 125952 c:\windows\system32\ieakeng.dll
+ 2004-08-19 12:00 . 2009-07-03 11:01 173056 c:\windows\system32\ie4uinit.exe
+ 2004-08-19 12:00 . 2009-03-08 02:31 216064 c:\windows\system32\dxtrans.dll
+ 2004-08-19 12:00 . 2009-03-08 02:31 348160 c:\windows\system32\dxtmsft.dll
+ 2004-08-19 12:00 . 2009-07-03 16:55 915456 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-19 12:00 . 2009-03-08 02:34 236544 c:\windows\system32\dllcache\webcheck.dll
+ 2000-01-01 15:12 . 2009-03-08 02:33 759296 c:\windows\system32\dllcache\VGX.dll
+ 2004-08-19 12:00 . 2009-03-08 02:33 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2004-08-19 12:00 . 2009-03-08 02:34 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-19 12:00 . 2009-06-16 14:53 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-01-07 16:20 . 2009-01-07 16:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2004-08-19 12:00 . 2009-07-03 16:55 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-19 12:00 . 2009-03-08 02:32 611840 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-19 12:00 . 2009-03-08 02:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-19 12:00 . 2009-03-08 02:22 156160 c:\windows\system32\dllcache\msls31.dll
+ 2004-08-19 12:00 . 2009-03-08 02:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2000-01-01 15:11 . 2009-03-08 12:09 638816 c:\windows\system32\dllcache\iexplore.exe
+ 2004-08-19 12:00 . 2009-07-03 16:55 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-19 12:00 . 2009-07-03 16:55 386048 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-19 12:00 . 2009-03-08 02:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-19 12:00 . 2009-03-08 02:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-19 12:00 . 2009-03-08 02:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-19 12:00 . 2009-07-03 11:01 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-19 12:00 . 2009-03-08 02:31 216064 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-19 12:00 . 2009-03-08 02:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-19 12:00 . 2009-03-08 02:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-19 12:00 . 2009-03-08 02:32 128512 c:\windows\system32\advpack.dll
+ 2009-07-30 11:45 . 2009-07-30 11:45 248832 c:\windows\Installer\842b3.msi
+ 2009-07-30 11:48 . 2009-05-13 05:02 915456 c:\windows\ie8updates\KB972260-IE8\wininet.dll
+ 2009-07-30 11:48 . 2009-05-26 11:41 402296 c:\windows\ie8updates\KB972260-IE8\spuninst\updspapi.dll
+ 2009-07-30 11:48 . 2009-05-26 11:41 233848 c:\windows\ie8updates\KB972260-IE8\spuninst\spuninst.exe
+ 2009-07-30 11:48 . 2009-03-08 02:34 109568 c:\windows\ie8updates\KB972260-IE8\occache.dll
+ 2009-07-30 11:48 . 2009-03-08 02:32 594432 c:\windows\ie8updates\KB972260-IE8\msfeeds.dll
+ 2009-07-30 11:48 . 2009-04-30 21:13 246272 c:\windows\ie8updates\KB972260-IE8\ieproxy.dll
+ 2009-07-30 11:48 . 2009-03-08 02:31 183808 c:\windows\ie8updates\KB972260-IE8\iepeers.dll
+ 2009-07-30 11:48 . 2009-04-30 21:13 385536 c:\windows\ie8updates\KB972260-IE8\iedkcs32.dll
+ 2009-07-30 11:48 . 2009-04-30 11:21 173056 c:\windows\ie8updates\KB972260-IE8\ie4uinit.exe
+ 2009-07-18 10:20 . 2008-07-08 13:06 402296 c:\windows\ie8updates\KB971930-IE8\spuninst\updspapi.dll
+ 2009-07-18 10:20 . 2008-07-08 13:06 233848 c:\windows\ie8updates\KB971930-IE8\spuninst\spuninst.exe
+ 2009-07-18 10:18 . 2009-03-08 02:34 914944 c:\windows\ie8updates\KB969897-IE8\wininet.dll
+ 2009-07-18 10:18 . 2008-07-09 07:42 402296 c:\windows\ie8updates\KB969897-IE8\spuninst\updspapi.dll
+ 2009-07-18 10:18 . 2007-11-30 12:39 233848 c:\windows\ie8updates\KB969897-IE8\spuninst\spuninst.exe
+ 2009-07-18 10:18 . 2009-03-08 02:33 246784 c:\windows\ie8updates\KB969897-IE8\ieproxy.dll
+ 2009-07-18 10:18 . 2009-03-08 12:09 391536 c:\windows\ie8updates\KB969897-IE8\iedkcs32.dll
+ 2009-07-18 10:18 . 2009-03-08 02:32 173056 c:\windows\ie8updates\KB969897-IE8\ie4uinit.exe
+ 2009-07-18 09:43 . 2009-04-29 04:51 662016 c:\windows\ie8\wininet.dll
+ 2009-07-18 09:43 . 2004-08-19 12:00 280576 c:\windows\ie8\webcheck.dll
+ 2009-07-18 09:43 . 2007-06-26 13:56 851968 c:\windows\ie8\vgx.dll
+ 2009-07-18 09:43 . 2007-12-18 14:40 417792 c:\windows\ie8\vbscript.dll
+ 2009-07-18 09:43 . 2009-04-29 04:51 617472 c:\windows\ie8\urlmon.dll
+ 2009-07-18 10:12 . 2009-01-07 16:21 401952 c:\windows\ie8\spuninst\updspapi.dll
+ 2009-07-18 10:12 . 2009-01-07 16:21 234016 c:\windows\ie8\spuninst\spuninst.exe
+ 2009-07-18 10:11 . 2009-04-29 04:51 532480 c:\windows\ie8\mstime.dll
+ 2009-07-18 10:11 . 2009-04-29 04:51 146432 c:\windows\ie8\msrating.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 146432 c:\windows\ie8\msls31.dll
+ 2009-07-18 10:11 . 2009-04-29 04:51 449024 c:\windows\ie8\mshtmled.dll
+ 2009-07-18 10:11 . 2007-12-18 14:40 450560 c:\windows\ie8\jscript.dll
+ 2009-07-18 10:11 . 2009-04-29 04:51 251392 c:\windows\ie8\iepeers.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 323584 c:\windows\ie8\iedkcs32.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 237568 c:\windows\ie8\ieakui.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 221184 c:\windows\ie8\ieaksie.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 139264 c:\windows\ie8\ieakeng.dll
+ 2009-07-18 10:11 . 2009-04-29 04:51 205312 c:\windows\ie8\dxtrans.dll
+ 2009-07-18 10:11 . 2009-04-29 04:51 357888 c:\windows\ie8\dxtmsft.dll
+ 2009-07-18 10:11 . 2004-08-19 12:00 101888 c:\windows\ie8\advpack.dll
+ 2004-08-19 12:00 . 2009-07-03 16:55 1208832 c:\windows\system32\urlmon.dll
+ 2004-08-19 12:00 . 2009-07-19 13:12 5937152 c:\windows\system32\mshtml.dll
+ 2009-03-08 02:32 . 2009-07-03 16:55 1985536 c:\windows\system32\iertutil.dll
+ 2009-02-06 19:07 . 2009-02-06 19:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2004-08-19 12:00 . 2009-07-03 16:55 1208832 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-19 12:00 . 2009-06-03 19:25 1295872 c:\windows\system32\dllcache\quartz.dll
+ 2004-08-19 12:00 . 2009-07-19 13:12 5937152 c:\windows\system32\dllcache\mshtml.dll
+ 2009-07-30 11:48 . 2009-04-30 21:13 1207808 c:\windows\ie8updates\KB972260-IE8\urlmon.dll
+ 2009-07-30 11:48 . 2009-05-13 05:02 5936128 c:\windows\ie8updates\KB972260-IE8\mshtml.dll
+ 2009-07-30 11:48 . 2009-04-30 21:13 1985024 c:\windows\ie8updates\KB972260-IE8\iertutil.dll
+ 2009-07-18 10:18 . 2009-03-08 02:34 1206784 c:\windows\ie8updates\KB969897-IE8\urlmon.dll
+ 2009-07-18 10:18 . 2009-03-08 02:41 5937152 c:\windows\ie8updates\KB969897-IE8\mshtml.dll
+ 2009-07-18 10:18 . 2009-03-08 02:32 1985024 c:\windows\ie8updates\KB969897-IE8\iertutil.dll
+ 2009-07-18 10:11 . 2009-04-29 04:51 3081728 c:\windows\ie8\mshtml.dll
+ 2008-01-29 18:38 . 2009-07-07 15:10 24539592 c:\windows\system32\MRT.exe
+ 2009-03-08 02:39 . 2009-07-19 16:42 11067392 c:\windows\system32\ieframe.dll
+ 2009-07-30 11:48 . 2009-04-30 21:13 11064832 c:\windows\ie8updates\KB972260-IE8\ieframe.dll
+ 2009-07-18 10:18 . 2009-03-08 02:39 11063808 c:\windows\ie8updates\KB969897-IE8\ieframe.dll
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PE2CKFNT SE"="c:\programmi\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe" [1998-07-03 25088]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-12 1948440]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2008-12-03 413696]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2009-04-29 198160]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-08-19 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Bluetooth Manager.lnk - c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Utilit… adattatore wireless ZyXEL G-202.lnk - c:\programmi\ZyXEL\ZyXEL G-202 Wireless Adapter Utility\ZyXEL G-202.exe [2008-11-6 10907648]
Watch.lnk - c:\windows\twain_32\CIS600X\WATCH.exe [2008-2-2 356352]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-08 10:27 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Nero BackItUp Scheduler 3"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programmi\\LimeWire\\LimeWire.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgemc.exe"=
"c:\\Programmi\\DAP\\DAP.exe"=
"c:\\Programmi\\ZyXEL\\ZyXEL G-202 Wireless Adapter Utility\\ZyXEL G-202.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"d:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [23/05/2008 17.45.12 335752]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [23/05/2008 17.45.12 108552]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [07/08/2008 16.03.59 907032]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [07/08/2008 16.03.56 298776]
R2 SFC4;SFC4;c:\windows\system32\drivers\sfc4.sys [02/02/2008 11.22.34 41472]
R3 phil2vid;Fotocamera VGA USB Philip;c:\windows\system32\drivers\philcam2.sys [05/01/2008 18.32.22 173696]
R3 ZDCNDIS5;ZDCNDIS5 NDIS Protocol Driver;c:\windows\system32\ZDCndis5.sys [28/10/2008 14.01.44 19072]
R3 ZY202_XP;ZyXEL 802.11g XG202 1211 Driver;c:\windows\system32\drivers\WlanUZXP.SYS [28/10/2008 14.27.18 437760]
S3 AX88178;Sitecom USB Gigabit LAN LN-028;c:\windows\system32\drivers\ax88178.sys [01/01/2000 18.50.57 22144]
S3 BRGSp50;BRGSp50 NDIS Protocol Driver;c:\windows\system32\drivers\BRGSp50.sys [28/10/2008 14.01.44 20608]

--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - ZDCNDIS5

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'

2009-08-03 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-23 20:18]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://it.msn.com
IE: &Download with &DAP - c:\progra~1\DAP\dapextie.htm
TCP: {AF78D79F-4AAF-4551-9C95-BDF9EAA4D278} = 213.156.54.80,213.156.54.81
Name-Space Handler: FTP\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: HTTP\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: HTTPS\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-03 15:46
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(3920)
c:\windows\system32\WININET.dll
c:\progra~1\TEXTBR~1.0\Bin\TBMHOOK.dll
c:\windows\system32\webcheck.dll
.
Ora fine scansione: 2009-08-03 15.52.52
ComboFix-quarantined-files.txt 2009-08-03 13:52
ComboFix2.txt 2009-07-12 15:49
ComboFix3.txt 2008-12-02 19:12
ComboFix4.txt 2008-12-02 14:58
ComboFix5.txt 2009-08-03 13:22

Pre-Run: 5.289.082.880 byte disponibili
Post-Run: 5.554.827.264 byte disponibili

WindowsXP-KB310994-SP2-Pro-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

315 --- E O F --- 2009-07-30 11:49
Avatar utente
SUMMERBOY
Aficionado
Aficionado
 
Messaggi: 78
Iscritto il: lun dic 10, 2007 11:00 am


Re: Probabile Virus

Messaggioda ste_95 » lun ago 03, 2009 3:17 pm

Vedo che hai aggiornato di recente a Internet Explorer 8, non potrebbe essere dato da questo il problema?
Dai anche un'occhiata a questo articolo.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: Probabile Virus

Messaggioda lorenaino » lun ago 03, 2009 3:25 pm

ste_95 ha scritto:Vedo che hai aggiornato di recente a Internet Explorer 8, non potrebbe essere dato da questo il problema?
Dai anche un'occhiata a questo articolo.


ciao Summerboy e ste_95
perché non provi a usare firefox e avira antivir free,sono entrambi più leggeri e veloci rispettivamente di internet explorer 8 e AVG.
[^]
Avatar utente
lorenaino
Aficionado
Aficionado
 
Messaggi: 138
Iscritto il: mar feb 17, 2009 3:43 pm
Località: Sasso Marconi

Re: Probabile Virus

Messaggioda SUMMERBOY » lun ago 03, 2009 3:45 pm

nn credo c'entri molto IE8 visto che uso Opera.Conbofix nn ha trovato niente??
Avatar utente
SUMMERBOY
Aficionado
Aficionado
 
Messaggi: 78
Iscritto il: lun dic 10, 2007 11:00 am

Re: Probabile Virus

Messaggioda lorenaino » lun ago 03, 2009 3:51 pm

ops,mi era sfuggito [acc]
hai provato a scansionare con Malwarebytes' antimalware e superantispyware free?
[;)]
Avatar utente
lorenaino
Aficionado
Aficionado
 
Messaggi: 138
Iscritto il: mar feb 17, 2009 3:43 pm
Località: Sasso Marconi

Re: Probabile Virus

Messaggioda ste_95 » lun ago 03, 2009 3:53 pm

SUMMERBOY ha scritto:nn credo c'entri molto IE8 visto che uso Opera.Conbofix nn ha trovato niente??

Non importa il browser in uso. Internet Explorer è così legato a Windows hce condividono anche alcuni componenti, e l'aggiornamento potrebbe non essere andato proprio come doveva. [;)]
Io proverei a reinstallarlo.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 8 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising