Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Rootkit all' avvio di Avast! Opzioni
peace_and_love
Inviato: Saturday, December 27, 2008 4:52:10 PM
Rank: Member

Iscritto dal : 10/21/2004
Posts: 13
Salve a tutti, ho un problema che mi affligge da poco piu di 2 settimane. Premetto che utilizzo sia Zone Alarm come Firewall e Avast come antivirus.
In pratica, un paio di settimane fa, all avvio del pc, avast mi segnala un rootkit nel sistema, io vado per eliminarlo e credo che il problema sia risolto.
Ma niente affatto, dato che ho quasi sempre il pc acceso, oggi lo riaccendo e scopro lo stesso messaggio. mi sono informato un po di questo rootkit che non è un virus, ma se utilizano il mio pc per non so, ad esempio per sfruttare il mio pc a non so cosa, potrebbe diventare molto seccante!
Innanzitutto vi posto il log, ma per favore ditemi come posso muovermi, e se proprio ho la peggio, formatterei, ma non vorrei farlo...
Se gentilmente mi spiegate anche con esattezza cos è e a cosa potrei andare incontro, ve ne sarei grato! Auguri a tutti voi



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16.45.48, on 27/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avast4\aswUpdSv.exe
C:\Programmi\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\File comuni\Autodata Limited Shared\Service\ADCDLicSvc.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Avast4\ashMaiSv.exe
C:\Programmi\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Programmi\ZoneAlarm\zlclient.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\PROGRA~1\GRUPPO~2\WINSTA~1\UPS.EXE
C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\Programmi\FreePOPs\freepopsd.exe
C:\Programmi\Logitech Mouse e Tastiera\SetPoint\SetPoint.exe
C:\Programmi\File comuni\Logitech\KHAL\KHALMNPR.EXE
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\ZoneAlarm\MailFrontier\mantispm.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Programmi\ASUS\AASP\1.00.15\AsRunHelp.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TritUPSAutoRun] C:\PROGRA~1\GRUPPO~2\WINSTA~1\UPS.EXE
O4 - HKCU\..\Run: [LDM] C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: FreePOPs.lnk = C:\Programmi\FreePOPs\freepopsd.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech Mouse e Tastiera\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220903062140
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {87E500B2-ACFC-4085-84D1-C564B75CD2A9} - C:\Programmi\Logitech Mouse e Tastiera\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Programmi\File comuni\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 20778 bytes
Sponsor
Inviato: Saturday, December 27, 2008 4:52:10 PM

 
antonpaco
Inviato: Saturday, December 27, 2008 6:03:49 PM
Rank: AiutAmico

Iscritto dal : 11/7/2006
Posts: 1,180
avast non ti da' la possibilita' di metterlo nel cestino? da malwarebytes.org scarica il programma omonimo, e' in italiano, lo aggiorni e fai una scansione completa, vedi se lo trova.
peace_and_love
Inviato: Sunday, December 28, 2008 7:57:41 PM
Rank: Member

Iscritto dal : 10/21/2004
Posts: 13
Ciao antonpaco, avst mi da la possibilita di cestinarlo, ma un paio di settimane fa quando lo cestinai credevo di aver risolto, invece poi riaccendendo mi è riapparso il messaggio... ora ho riavviato una decina di volte e non esce nessun messaggio di rootkit, ho fatto la scansione con malawarbytes, e idem non mi ha trovato nemmeno un singolo file infetto... ecco qui il resoconto di malawerbytes...

Malwarebytes' Anti-Malware 1.31
Versione del database: 1556
Windows 5.1.2600 Service Pack 3

28/12/2008 1.53.47
mbam-log-2008-12-28 (01-53-47).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 100509
Tempo trascorso: 1 hour(s), 13 minute(s), 37 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)



la scansione l ho fatta complta
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.