Telefonino.net network
 
| HOMEPAGE | INDICE FORUM | REGOLAMENTO | ::. NEI PREFERITI .:: | RSS Forum | RSS News | NEWS web | NEWS software |
| PUBBLICITA' | | ARTICOLI | WIN XP | VISTA | WIN 7 | REGISTRI | SOFTWARE | MANUALI | RECENSIONI | LINUX | HUMOR | HARDWARE | DOWNLOAD | | CERCA nel FORUM » |

Torna indietro   WinTricks Forum > Antivirus&Sicurezza > Sicurezza&Privacy

Notices

Rispondi
 
Strumenti discussione
Vecchio 25-06-2006, 13.54.09   #1
marco.online
Senior Member
 
L'avatar di marco.online
 
Registrato: 24-08-2001
Loc.: Chieti
Messaggi: 234
marco.online promette bene
Exploit wmf

da un paio di giorni avg mi segnala un file infetto dal virus in oggetto.
il file è presente nella cartella dei file temporanei di internet
Premetto che ho da tempo installato la patch microsoft rilasciata a suo tempo..

avg trova il file, io lo cancello, tuttavia il giorno dopo me lo ritrovo

che fare?
grazie
marco.online non è collegato   Rispondi citando
Vecchio 26-06-2006, 08.43.55   #2
Grouchomarx
Junior Member
 
L'avatar di Grouchomarx
 
Registrato: 22-01-2006
Loc.: Salerno
Messaggi: 74
Grouchomarx promette bene
Fai una pulizia con ccleaner.
___________________________________

"Le parole sono tutto quello che abbiamo." R. Carver
Grouchomarx non è collegato   Rispondi citando
Vecchio 13-07-2006, 03.07.48   #3
UG0_BOSS
Young Promise
 
Registrato: 04-02-2006
Messaggi: 2.114
UG0_BOSS promette bene
Controlla che in avvio non ci siano programmi nocivi, se non sei molto esperto fai una scansione con HijackThis e postala qua
UG0_BOSS non è collegato   Rispondi citando
Vecchio 14-07-2006, 14.14.28   #4
Cader98
Newbie
 
Registrato: 14-07-2006
Messaggi: 2
Cader98 promette bene
Logfile of HijackThis v1.99.1
Scan saved at 14.05.13, on 14/07/2006
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\ibmpmsvc.exe
C:\Programmi\ThinkPad\Utilities\TpKmapMn.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\Ati2evxx.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Programmi\Prevx Home\PXAgent.exe
C:\WINNT\system32\regsvc.exe
C:\Programmi\RDS\RsiSvc.exe
C:\Programmi\RDS\srscandr.exe
C:\WINNT\system32\MSTask.exe
C:\Programmi\Laplink Everywhere\ServerProxyService.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINNT\system32\stisvc.exe
C:\Programmi\Trend Micro\OfficeScan Client\tmlisten.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Programmi\Laplink\winShadow\shwSrvc.exe
C:\Programmi\Trend Micro\OfficeScan Client\ofcdog.exe
C:\Programmi\eSVNC\WinVNC.exe
C:\WINNT\system32\svchost.exe
C:\Programmi\RDS\ddsschednt.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\WINNT\AGRSMMSG.exe
C:\Programmi\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Programmi\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINNT\system32\PRPCUI.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\ThinkPad\Utilities\TpKmapMn.exe
C:\Programmi\Trend Micro\OfficeScan Client\RAUAgent.exe
C:\Programmi\Trend Micro\OfficeScan Client\Pccntmon.exe
C:\programmi\u-storage tools2.77\ustorage.exe
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmi\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Programmi\SmartAP_K2\iRunMon.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Iomega HotBurn Pro\Autolaunch.exe
C:\Programmi\Quik Touch\EzdMontr.exe
C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
c:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\Prevx Home\SAGUI.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINNT\system32\internat.exe
C:\Programmi\Microsoft ActiveSync\WCESCOMM.EXE
C:\Programmi\RDS\PLDlnk.exe
C:\Programmi\RDS\PLTBar.exe
C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
C:\Programmi\Nikon\NkView6\NkvMon.exe
C:\Programmi\Yahoo!\Messenger\ymsgr_tray.exe
C:\Programmi\File comuni\Sonic Shared\cinetray.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\WINNT\System32\calc.exe
C:\Programmi\OFFICE11\OUTLOOK.EXE
C:\Programmi\OFFICE11\WINWORD.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgwb.dat
C:\PROGRA~1\Grisoft\AVGFRE~1\avgvv.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\derienzo\Desktop\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?.home=ytie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://it.rd.yahoo.com/customize/ie/...arch.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://it.rd.yahoo.com/customize/ie/...arch.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?.home=ytie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Programmi\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: ready2wear Class - {521693AA-7453-47ED-9959-3BD47DAA1B1A} - C:\WINNT\system32\msx.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Programmi\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPMN] C:\Programmi\ThinkPad\Utilities\TpKmapMn.exe
O4 - HKLM\..\Run: [RemoteAgent] C:\Programmi\Trend Micro\OfficeScan Client\RAUAgent.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Programmi\Trend Micro\OfficeScan Client\Pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [WinVNC] "C:\Programmi\eSVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [Connector] C:\WINNT\system32\Windxp\QWE.EXE -n
O4 - HKLM\..\Run: [UStorag] c:\programmi\u-storage tools2.77\ustorage.exe sys_auto_run C:\Programmi\U-Storage Tools2.77
O4 - HKLM\..\Run: [CheckBO] E:\checkbo\CheckBO.exe
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [JobHisInit] C:\Programmi\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Programmi\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [eBayToolbar] C:\Programmi\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [iRunMon.exe] C:\Programmi\SmartAP_K2\iRunMon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EzdMontr] c:\Programmi\Quik Touch\EzdMontr.exe install
O4 - HKLM\..\Run: [Drag'n'Drop_Autolaunch] "C:\Programmi\Iomega HotBurn Pro\Autolaunch.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] "C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [winupdates] C:\Programmi\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [PCSuiteTrayApplication] c:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] c:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
CONTINUA
Cader98 non è collegato   Rispondi citando
Vecchio 14-07-2006, 14.14.54   #5
Cader98
Newbie
 
Registrato: 14-07-2006
Messaggi: 2
Cader98 promette bene
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrevxHome] C:\Programmi\Prevx Home\SAGUI.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programmi\Yahoo!\Messenger\YahooMessenger. exe" -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Global Startup: Auto Document Link.lnk = C:\Programmi\RDS\PLDlnk.exe
O4 - Global Startup: Avvia servizi di consegna.lnk = C:\Programmi\RDS\DdsLaunch.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Function Palette.lnk = C:\Programmi\RDS\PLTBar.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Programmi\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Programmi\3M\PSNLite\PsnLite.exe
O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = C:\Programmi\File comuni\Sonic Shared\cinetray.exe
O8 - Extra context menu item: &eBay Search - res://C:\Programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\programmi\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\programmi\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmi\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\programmi\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\programmi\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Crea preferiti portatile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Programmi\Yahoo!\Messenger\yhexbmesit.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Programmi\Yahoo!\Messenger\yhexbmesit.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=http://www.clicktel.it
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: Yahoo! Canasta - http://download.games.yahoo.com/game...ts/y/yt1_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/game...s/y/dot8_x.cab
O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/game.../y/fltt3_x.cab
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://www.accessoveloce.com/webline...uttogratis.exe
O16 - DPF: {16E166F9-35E8-4CA5-B50D-5CEFABF45B09} - http://www.super-videochat-community.biz/Web_Cam.exe
O16 - DPF: {1AE9D306-DD1A-11D9-8CD5-0800200C9A66} (LLX Controllo) - https://www.ll2go.com/html/x-file/00...res/llx_it.ocx
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...tup1.0.0.8.cab
O16 - DPF: {2F6C63DF-48AD-44C3-A761-7FB53ECF064A} - http://www.ricercadoppia.com/tangary.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3A471221-E332-4240-A709-C6D087007ADE} - http://www.silver-bullet.biz/ddd/55/.../cameramia.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/16a00913...dxIE601_it.cab
O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} (PowerPlayer Control) - http://www.ppstream.com/bin/powerplayer.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/pro...anner37380.cab
O16 - DPF: {9F54BF10-C88E-43FD-AA9E-16BF45747C72} - http://www.ricercadoppia.com/LinkShare.exe
O16 - DPF: {A9FD89D6-C839-11D3-B0FE-0050044B8FE9} (OBInstallRunner Control) - http://www.opinionbar.com/download/r...allCabinet.CAB
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/1080209.exe
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://livesc02.custhelp.com/6030-b.../java/RntX.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - http://us.dl1.yimg.com/download.comp...bio5_1_6_0.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = solfin.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{04DDA6B9-DA5E-432E-BA5E-F917ADA6FD29}: NameServer = 213.140.2.43,213.140.2.49
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = solfin.local
O17 - HKLM\System\CS1\Services\Tcpip\..\{04DDA6B9-DA5E-432E-BA5E-F917ADA6FD29}: NameServer = 213.140.2.43,213.140.2.49
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = solfin.local
O17 - HKLM\System\CS2\Services\Tcpip\..\{04DDA6B9-DA5E-432E-BA5E-F917ADA6FD29}: NameServer = 213.140.2.43,213.140.2.49
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: NavLogon - C:\WINNT\System32\NavLogon.dll
O20 - Winlogon Notify: tphotkey - C:\WINNT\SYSTEM32\tphklock.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: CA ISafe (CAISafe) - Unknown owner - C:\Programmi\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe (file missing)
O23 - Service: Dds Scheduler Deamon (DdsSched) - RICOH Company Ltd. - C:\Programmi\RDS\ddsschednt.exe
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINNT\System32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\Cheetah Burner\Cheetah DVD Burner\NMSAccess.exe (file missing)
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Programmi\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: Prevx Agent (PrevxAgent) - Prevx Ltd. - C:\Programmi\Prevx Home\PXAgent.exe
O23 - Service: Ridoc Server Information Service (RsiSvc) - RICOH Company Ltd. - C:\Programmi\RDS\RsiSvc.exe
O23 - Service: ScanRouterDriverV2 - Ricoh Co.,Ltd. - C:\Programmi\RDS\srscandr.exe
O23 - Service: ServerProxyService - Unknown owner - C:\Programmi\Laplink Everywhere\ServerProxyService.exe
O23 - Service: SOption - RICOH Company Ltd. - C:\Programmi\RDS\SOption.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Unknown owner - C:\Programmi\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: VET Message Service (VETMSGNT) - Unknown owner - C:\Programmi\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe (file missing)
O23 - Service: winShadow - OmniCom Technologies - C:\Programmi\Laplink\winShadow\shwSrvc.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Programmi\eSVNC\WinVNC.exe" -service (file missing)
Cader98 non è collegato   Rispondi citando
Vecchio 14-07-2006, 19.18.43   #6
Semi.genius
Guest
 
Messaggi: n/a
http://www.accessoveloce.com/weblin...Tuttogratis.exe
O16 - DPF: {16E166F9-35E8-4CA5-B50D-5CEFABF45B09} - http://www.super-videochat-community.biz/Web_Cam.exe
O16 - DPF: {1AE9D306-DD1A-11D9-8CD5-0800200C9A66} (LLX Controllo) - https://www.ll2go.com/html/x-file/0...-res/llx_it.ocx
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocach...etup1.0.0.8.cab
O16 - DPF: {2F6C63DF-48AD-44C3-A761-7FB53ECF064A} - http://www.ricercadoppia.com/tangary.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.clicktel.it
O16 - DPF: {9F54BF10-C88E-43FD-AA9E-16BF45747C72} - http://www.ricercadoppia.com/LinkShare.exe
O16 - DPF: {A9FD89D6-C839-11D3-B0FE-0050044B8FE9} (OBInstallRunner Control) - http://www.opinionbar.com/download/...tallCabinet.CAB
http://www.accessoveloce.com/weblin...Tuttogratis.exe
O16 - DPF: {16E166F9-35E8-4CA5-B50D-5CEFABF45B09} - http://www.super-videochat-community.biz/Web_Cam.exe
O16 - DPF: {1AE9D306-DD1A-11D9-8CD5-0800200C9A66} (LLX Controllo) - https://www.ll2go.com/html/x-file/0...-res/llx_it.ocx
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocach...etup1.0.0.8.cab
O16 - DPF: {2F6C63DF-48AD-44C3-A761-7FB53ECF064A} - http://www.ricercadoppia.com/tangary.exe
O16 - DPF: {3A471221-E332-4240-A709-C6D087007ADE} - http://www.silver-bullet.biz/ddd/55...a/cameramia.exe
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/1080209.exe
O23 - Service: CA ISafe (CAISafe) - Unknown owner - C:\Programmi\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe (file missing)

Comincia a fare fuori questi...poi, domanda un po' sciocca...ma l'hai disattivato Ripristino configurazione di sistema prima di farci la scansione? sennò ogni volta ti ricrea il file
  Rispondi citando
Vecchio 16-07-2006, 00.23.41   #7
Giorgius
Gold Member
Top Poster
 
L'avatar di Giorgius
 
Registrato: 26-08-2000
Loc.: tokyo city
Messaggi: 8.374
Giorgius promette bene
Prova con Ewido 4.x trial
http://free.grisoft.com/doc/5390/ln...l/v5#ewido-free

o Spysweeper 5.x trial
http://www.webroot.com/it/downloads/

Attualmente sono gli antimalware più efficaci.
Giorgius non è collegato   Rispondi citando
Rispondi


Utenti attualmente attivi che stanno leggendo questa discussione: 1 (0 utenti e 1 ospiti)
 
Strumenti discussione

Regole di scrittura
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is ON
Gli smilies sono ON
[IMG] è ON
Il codice HTML è OFF

Vai al forum

Discussioni simili
Discussione Autore discussione Forum Risposte Ultimo messaggio
Windows 7 RC & exploit Cacciavite Segnalazioni Web 7 06-05-2009 19.42.37
Microsoft exploit code hits the web Giorgius Sicurezza&Privacy 0 13-08-2005 13.48.52
DCOM Exploit attack... ??? Mc|Atm0s Sicurezza&Privacy 5 26-01-2005 17.09.56
vnc Man in the Middle Exploit (entrare in server vnc anche senza conoscere la pass) gutguy Programmazione 0 09-12-2004 18.35.25
Incoming LSASS buffer overflow exploit attempt detected Enrico204 Sicurezza&Privacy 4 25-08-2004 13.43.33

Orario GMT +2. Ora sono le: 10.37.16.


E' vietata la riproduzione, anche solo in parte, di contenuti e grafica.
Copyright © 1999-2017 Edizioni Master S.p.A. p.iva: 02105820787 • Tutti i diritti sono riservati
L'editore NON si assume nessuna responsabilità dei contenuti pubblicati sul forum in quanto redatti direttamente dagli utenti.
Questi ultimi sono responsabili dei contenuti da loro riportati nelle discussioni del forum
Powered by vBulletin - 2010 Copyright © Jelsoft Enterprises Limited.