PcPrimiPassi.it FORUM: SICUREZZA INFORMATICA: Infezioni informatiche e Sicurezza informatica in generale
Topic: Post n° 72.306 - Postato: 03/Ottobre/2007 alle 16:23
Topic: Post n° 72.312 - Postato: 03/Ottobre/2007 alle 18:10
Topic: Post n° 72.392 - Postato: 04/Ottobre/2007 alle 21:47
Ho fatto la scansione e per fortuna tutto a posto. L'unica cosa è che mi ha chiesto prima di scaricare la piattaforma Java; scusa l'ignoranza, ma oltre a successive scansioni online a cos'altro può servirmi?perchè altrimenti la cancello...Grazie
Topic: Post n° 72.405 - Postato: 05/Ottobre/2007 alle 12:13
Topic: Post n° 72.417 - Postato: 05/Ottobre/2007 alle 15:25 Topic: Post n° 72.418 - Postato: 05/Ottobre/2007 alle 15:34
Topic: Post n° 72.434 - Postato: 05/Ottobre/2007 alle 22:33Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21.57.12, on 05/10/2007
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAMMI\FILE COMUNI\EPSON\EBAPI\SAGENT2.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAMMI\FILE COMUNI\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
C:\PROGRAMMI\EXECUTIVE SOFTWARE\DISKEEPERLITE\DKSERVICE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\IRMON.EXE
C:\WINDOWS\SM56HLPR.EXE
C:\WINDOWS\SYSTEM\E_S10IC2.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAMMI\ASUS\ASUS HOTKEY\VCONTROL.EXE
C:\PROGRAMMI\SYNAPTICS\SYNTP\SYNTPLPR.EXE
C:\PROGRAMMI\ASUS\ASUS HOTKEY\OSD.EXE
C:\PROGRAMMI\SYNAPTICS\SYNTP\SYNTPENH.EXE
C:\WINDOWS\TEMP\IZRFAA.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMMI\GRISOFT\AVG7\AVGCC.EXE
C:\PROGRAMMI\GRISOFT\AVG7\AVGEMC.EXE
C:\PROGRAMMI\GRISOFT\AVG7\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAMMI\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.tiscali.it/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tiscali.it
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {0C69A4AE-FECD-5ACA-F7A8-A9AC979FADD3} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [IrMon] irmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\SYSTEM\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O5 "LPT1:" /M "Stylus C42"
O4 - HKLM\..\Run: [AHotkey] C:\Programmi\Asus\Asus Hotkey\vcontrol.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [idmsnn] Wscript C:\WINDOWS\LICENSEMSE.VBS /B
O4 - HKLM\..\Run: [IZRFAA.EXE] C:\WINDOWS\TEMP\IZRFAA.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVG7\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVG7\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVG7\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [SAgent2ExePath] C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\FILECO~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
O4 - HKLM\..\RunServices: [DkService] C:\Programmi\Executive Software\DiskeeperLite\DkService.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_03\bin\npjpi150_03.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.it
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
--
End of file - 5125 bytes
Topic: Post n° 72.437 - Postato: 05/Ottobre/2007 alle 23:33
Topic: Post n° 72.459 - Postato: 06/Ottobre/2007 alle 18:50|
Avast |
4.7.1051.0 |
2007.10.06 |
Win32:Agent-LVW |
|
CAT-QuickHeal |
9.00 |
2007.10.06 |
PornDialer.Agent.aw (Not a Virus) |
|
DrWeb |
4.44.0.09170 |
2007.10.06 |
Dialer.Bute |
|
eSafe |
7.0.15.0 |
2007.10.04 |
suspicious Trojan/Worm |
|
F-Secure |
6.70.13030.0 |
2007.10.05 |
W32/Dialer.BGUH |
|
Ikarus |
T3.1.1.12 |
2007.10.06 |
not-a-virus:Porn-Dialer.Win32.Agent.aw |
|
Kaspersky |
7.0.0.125 |
2007.10.06 |
not-a-virus:Porn-Dialer.Win32.Agent.aw |
|
NOD32v2 |
2575 |
2007.10.06 |
a variant of Win32/Dialer.RU |
|
Norman |
5.80.02 |
2007.10.05 |
W32/Dialer.BGUH |
|
Panda |
9.0.0.4 |
2007.10.06 |
Dialer.KGW |
|
Prevx1 |
V2 |
2007.10.06 |
Malware.Gen |
|
Rising |
19.43.50.00 |
2007.10.06 |
Trojan.Win32.Small.jk |
|
Symantec |
10 |
2007.10.06 |
Trojan.Linkoptimizer.B |
|
Webwasher-Gateway |
6.0.1 |
2007.10.05 |
Win32.ModifiedUPX.gen!90 (suspicious) |
|
Webwasher-Gateway |
6.0.1 |
2007.10.05 |
VBScript.Vulnerable.gen!High (suspicious) |
Topic: Post n° 72.460 - Postato: 06/Ottobre/2007 alle 18:55
che fare?Grazie per l'interessamento
Topic Attivi
Lista Membri
Calendario
Cerca
Aiuto
Registrati
Login
