|
|
#1
3 febbraio 2008, 04:12
| |||
| |||
| Ho visto questo problema in altri posti elencati qui. Purtroppo, non mi hanno un po 'di fortuna la rimozione di questo trojan utilizzando la procedura descritta. Ho eseguito HijackThis ... rinominato come sniper.exe ... e trovato nulla. Ho anche installato e gestito NoLop ... non vi sia nulla. iexplore.exe mantiene riapparire nel mio Task Manager e mi sono molto preoccupato è rubare informazioni personali dal mio sistema. Ogni consiglio è molto gradito.  HJT ogfile di Trend Micro HijackThis v2.0.2 Scan salvato a 3:02:25 AM, il 2/3/2008 Piattaforma: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Boot mode: Normal Processi in esecuzione: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ system32 \ spoolsv.exe C: \ WINDOWS \ Explorer.EXE C: \ Program Files \ ATI Technologies \ ATI.ACE \ cli.exe C: \ WINDOWS \ SOUNDMAN.EXE C: \ Program Files \ PrevxCSI \ prevxcsi.exe C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ HPZipm12.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ wscntfy.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ WINDOWS \ system32 \ Wuauclt.exe C: \ Program Files \ Trend Micro \ HijackThis \ Sniper.exe.exe O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O4 - HKLM \ .. \ Run: [ATICCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ cli.exe" runtime-Delay O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe" O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM \ .. \ Run: [PWRISOVM.EXE] C: \ Program Files \ PowerISO \ PWRISOVM.EXE O4 - HKLM \ .. \ Run: [PrevxCSI] "C: \ Program Files \ PrevxCSI \ prevxcsi.exe" boot - O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / minimizzate O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe O4 - HKCU \ .. \ Run: [WMPNSCFG] C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe O8 - Extra contesto voce di menu: E & sporta in Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ micros ~ 2 \ Office10 \ EXCEL.EXE/3000 O9 - Extra pulsante: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll Ø16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab Ø16 - DPF: (6F15128C-E66A-490C-B848-5000B5ABEEAC) (HP Download Manager) -- https: / / h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Ati Hotkey Poller - ATI Technologies Inc. - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: ATI Smart - Unknown proprietario - C: \ WINDOWS \ system32 \ ati2sgag.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1150 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE O23 - Service: PML Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe -- |
|
#3
3. Feb 2008, 14:46
| |||
| |||
| Fatto! Scanner trovato un mucchio di tracking cookie ... ma nient'altro. Ecco la sua relazione. -------------------------------------------------- ------- AVG Anti-Spyware - Rapporto scansione -------------------------------------------------- ------- + Creato alle: 1:43:17 AM 2/3/2008 + Scan risultato: Nulla trovati. :: Relazione finale |
|
#4
3 febbraio 2008, 16:18
| |||
| |||
| Forse c'è un po 'di confusione qui. AVG Anti-Spyware non è antivirus. È necessario installare un antivirus e scansione con quello.
__________________  |
