annuncio

Comprimi
Ancora nessun annuncio.

[HELP] virus spyware. non so cosa sia

Comprimi
X
Comprimi
 
  • Pagina di 1
  • Filtro
  • Ora
  • Visualizza
Elimina tutto
nuovi messaggi
Precedente template Succ.
  • #1

    [HELP] virus spyware. non so cosa sia

    Salve. Ho un grosso problema al pc. l'altro ieri spengo normalemnte il pc e quando lo riavvio mi va in tilt tutto ovvero mi vengono continuamente fuori messaggi come : explorer error mi apre explorer ogni tot secondi mi avverte che il pc ha rilevato la presenza di spyware ecc. lo sfondo del desktop mi è diventato nero con in mezzo una scritta in rosso "Warning spyware threat has been detected on your pc. your computer has several fatal errors due to spyware activity. your ip (dice il mio ip del pc) ecc. it is recommended to install an antispyware.
    provo a ricambiare sfondo ma mi ritorna semrpe quello.
    avevo ad aware installato spi and destroy spyware ma boh... ora sto scaricando ad aware 2007. non so più che fare


    edit: ho provato anche con adaware 2007 ma appena faccio partire lo scanning di sistema mi si riavvia il pc
    Ultima modifica di Ildioscuro; 12-09-2007, 15:07.
    Tag: Nessuno
  • #2
    Fai un giro con HijackThis e posta i log.
    Fai anche un controllino con smitfraudfix

    Commenta

    • #3
      ecco i log con HijackThis:
      Logfile of HijackThis v1.99.1
      Scan saved at 10.30.14, on 13/09/2007
      Platform: Windows XP (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 (6.00.2600.0000)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\explorer.exe
      C:\WINDOWS\System32\spoolw.exe
      C:\WINDOWS\System32\igfxsvc.exe
      C:\WINDOWS\System32\alg.exe
      C:\WINDOWS\QXJ0aHVy\command.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\nvsvc32.exe
      C:\WINDOWS\System32\nusrmgr.exe
      C:\WINDOWS\System32\spoolw.exe
      C:\WINDOWS\System32\igfxsvc.exe
      C:\WINDOWS\MSATL32.exe
      C:\WINDOWS\System32\spoolsv4.exe
      C:\WINDOWS\System32\wdfmgr.exe
      C:\PROGRA~1\Mozilla Firefox\firefox.exe
      C:\Documents and Settings\Arthur & Daniel\Desktop\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
      R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programmi\Macrogaming\SweetIMBarForIE\toolbar.d ll
      O2 - BHO: (no name) - {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} - (no file)
      O2 - BHO: (no name) - {00000012-890e-4aac-afd9-eff6954a34dd} - (no file)
      O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file)
      O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programmi\ICQToolbar\tbu9\toolbaru.dll (file missing)
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file)
      O2 - BHO: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
      O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
      O2 - BHO: (no name) - {1adbcce8-cf84-441e-9b38-afc7a19c06a4} - (no file)
      O2 - BHO: (no name) - {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} - (no file)
      O2 - BHO: (no name) - {4522BF4C-91AA-2AC7-F6C3-02F9FA534F67} - C:\Programmi\Rkctfogk\gwyxyymm.dll
      O2 - BHO: (no name) - {51641ef3-8a7a-4d84-8659-b0911e947cc8} - (no file)
      O2 - BHO: (no name) - {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} - (no file)
      O2 - BHO: (no name) - {54645654-2225-4455-44A1-9F4543D34546} - (no file)
      O2 - BHO: bho3 Class - {58FB2CBB-C874-45FC-A1C9-B62CC9E3BED9} - C:\WINDOWS\system32\912112553.dll
      O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)
      O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file)
      O2 - BHO: 0 - {71284847-05DE-47F0-4AB1-D6A2455AAEBC} - C:\Programmi\ComPlus Applications\qufapy.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: (no name) - {944864a5-3916-46e2-96a9-a2e84f3f1208} - (no file)
      O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file)
      O2 - BHO: oembios32.msdn_hlp - {AB5FE6E5-7C72-4B89-85D0-D57E7AEAC236} - C:\WINDOWS\System32\oembios32.dll
      O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file)
      O2 - BHO: (no name) - {bb936323-19fa-4521-ba29-eca6a121bc78} - (no file)
      O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file)
      O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file)
      O2 - BHO: (no name) - {c5af2622-8c75-4dfb-9693-23ab7686a456} - (no file)
      O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file)
      O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
      O2 - BHO: (no name) - {e9147a0a-a866-4214-b47c-da821891240f} - (no file)
      O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file)
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programmi\Macrogaming\SweetIMBarForIE\toolbar.d ll
      O4 - HKLM\..\Run: [SvcManager] spoolsv4.exe
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
      O4 - HKCU\..\Run: [spoolw] C:\WINDOWS\System32\spoolw.exe
      O4 - HKCU\..\Run: [igfxsvc] C:\WINDOWS\System32\igfxsvc.exe
      O4 - HKCU\..\Run: [MSWTL32] C:\WINDOWS\MSATL32.exe
      O4 - Startup: imfe.exe
      O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
      O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe (file missing)
      O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe (file missing)
      O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
      O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
      O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programmi\ICQ6\ICQ.exe
      O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programmi\ICQ6\ICQ.exe
      O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
      O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab56986.cab
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/.../GAME_UNO1.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
      O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll
      O20 - Winlogon Notify: winyzz32 - C:\WINDOWS\SYSTEM32\winyzz32.dll
      O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
      O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\QXJ0aHVy\command.exe
      O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
      O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

      non ci capisco niente

      mi potresti spiegare come funziona smitfraudfix che lo ho appena scaricato ma non so che fare ^^.

      grazie per la disponibilità

      Commenta

      Precedente template Succ.
      Sto operando...
      X