Mi controllate il LOG? - Sicurezza VIRUS

Benvenuto Ospite

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Mi controllate il LOG?

Mi controllate il LOG?

Opzioni

Topic Precedente · Topic Sucessivo

jei_jei

Inviato: Monday, February 21, 2005 11:21:07 PM

Rank: Member

Iscritto dal : 2/1/2005
Posts: 0

Ciao Alfonso, ti avevo scritto perchè non si visualizzavano le pagine in Internet, ho installato i programmi ad-aware e spybot come mi avevi detto tu ed ora sembra che tutto vada bene. Ti mando ugualmente il LOG, puoi controllarlo? Grazie!!!

Logfile of HijackThis v1.99.0
Scan saved at 23.05.45, on 21/02/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\Programmi\TOSHIBA\TouchPadNF\TPTray.exe
C:\WINDOWS\System32\CePMTray.exe
C:\PROGRA~1\EzButton\CPATR10.EXE
C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
C:\Programmi\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\System32\ntcmd.exe
C:\Programmi\Winamp\winampa.exe
C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\Programmi\Apoint2K\Apntex.exe
C:\WINDOWS\System32\winnt.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\File comuni\Symantec Shared\Security Center\UsrPrmpt.exe
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Cklcse\Ardia.exe
C:\Program Files\AdTools Service\AdTools.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Program Files\AdTools Service\AdToolsKeep.exe
C:\WINDOWS\System32\??rss.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Programmi\Network Associates\VirusScan\Avsynmgr.exe
C:\WINDOWS\ntrvs.exe
C:\Microsoft Office\Office\1040\OLFSNT40.EXE
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\Programmi\Network Associates\VirusScan\VsStat.exe
C:\Programmi\Network Associates\VirusScan\Avconsol.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programmi\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\System32\wuauclt.exe
C:\DOCUME~1\GABELL~1\IMPOST~1\Temp\Rar$EX00.608\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fastweb.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.fastweb.it
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da FastWeb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O2 - BHO: (no name) - {0339BE40-76AF-5A5D-8E7C-5A27B8ECB9B0} - C:\WINDOWS\System32\entzscbs.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SoundFusion] RunDll32 cwaprops.cpl,CrystalControlWnd
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TPNF] C:\Programmi\TOSHIBA\TouchPadNF\TPTray.exe
O4 - HKLM\..\Run: [CeEPOWER] C:\WINDOWS\System32\CePMTray.exe
O4 - HKLM\..\Run: [CPATR10] C:\PROGRA~1\EzButton\CPATR10.EXE
O4 - HKLM\..\Run: [CeEKey.exe] C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Programmi\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Local Service] rundll.exe
O4 - HKLM\..\Run: [USB Device] win32usb.exe
O4 - HKLM\..\Run: [OEM32 Tools] sres32.exe
O4 - HKLM\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\Run: [starter] scvhosting.exe
O4 - HKLM\..\Run: [Win32 Configuration] videosd32.exe
O4 - HKLM\..\Run: [Sysino] lsess.exe
O4 - HKLM\..\Run: [Windows Network Service] winvc32.exe
O4 - HKLM\..\Run: [Windows Timer Update] phqghume.exe
O4 - HKLM\..\Run: [window2] host.exe
O4 - HKLM\..\Run: [Windows Network Controller] mqguard.exe
O4 - HKLM\..\Run: [Microsoft Windows Updates] updates.exe
O4 - HKLM\..\Run: [Microsoft Intrenets Explorer] ntcmd.exe
O4 - HKLM\..\Run: [system service] csrsss.exe
O4 - HKLM\..\Run: [system] system32.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [Microsoftvirus] sysoverload.exe
O4 - HKLM\..\Run: [PK Services] pksvc.exe
O4 - HKLM\..\Run: [Microsoft Security Management] winnt.exe
O4 - HKLM\..\Run: [Starting up] wvsvc.exe
O4 - HKLM\..\Run: [NDIS Adapter] ndis.exe
O4 - HKLM\..\Run: [MP Services] mpsvc.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programmi\File comuni\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [DeskAd Service] C:\Program Files\DeskAd Service\DeskAdServ.exe
O4 - HKLM\..\Run: [Admanager Controller] C:\Program Files\Admanager Controller\AdManCtl.exe
O4 - HKLM\..\Run: [gyHg8Rc] C:\WINDOWS\snrhtelo.exe
O4 - HKLM\..\Run: [*wuauclt.exe] wmsct.exe
O4 - HKLM\..\Run: [Windows AdStatus] C:\Program Files\Windows AdStatus\WinStat.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [gyHg80+¿ÔÇè]Iú" ‹üžC:\Programmi\ISTsvc\istsvc.exe] C:\WINDOWS\snrhtelo.exe
O4 - HKLM\..\Run: [Pycmerfn] C:\Program Files\Sqyjsmm\Dvqwtr.exe
O4 - HKLM\..\Run: [Xhtpmzx] C:\Program Files\Cklcse\Ardia.exe
O4 - HKLM\..\Run: [AdTools Service] C:\Program Files\AdTools Service\AdTools.exe
O4 - HKLM\..\RunServices: [Local Service] rundll.exe
O4 - HKLM\..\RunServices: [USB Device] win32usb.exe
O4 - HKLM\..\RunServices: [OEM32 Tools] sres32.exe
O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\RunServices: [starter] scvhosting.exe
O4 - HKLM\..\RunServices: [Win32 Configuration] videosd32.exe
O4 - HKLM\..\RunServices: [Sysino] lsess.exe
O4 - HKLM\..\RunServices: [Windows Network Service] winvc32.exe
O4 - HKLM\..\RunServices: [Windows Timer Update] phqghume.exe
O4 - HKLM\..\RunServices: [window2] host.exe
O4 - HKLM\..\RunServices: [Windows Network Controller] mqguard.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Updates] updates.exe
O4 - HKLM\..\RunServices: [Microsoft Intrenets Explorer] ntcmd.exe
O4 - HKLM\..\RunServices: [system service] csrsss.exe
O4 - HKLM\..\RunServices: [system] system32.exe
O4 - HKLM\..\RunServices: [Microsoftvirus] sysoverload.exe
O4 - HKLM\..\RunServices: [PK Services] pksvc.exe
O4 - HKLM\..\RunServices: [Microsoft Security Management] winnt.exe
O4 - HKLM\..\RunServices: [Starting up] wvsvc.exe
O4 - HKLM\..\RunServices: [NDIS Adapter] ndis.exe
O4 - HKLM\..\RunServices: [MP Services] mpsvc.exe
O4 - HKLM\..\RunServices: [*wuauclt.exe] wmsct.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Local Service] rundll.exe
O4 - HKCU\..\Run: [USB Device] win32usb.exe
O4 - HKCU\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKCU\..\Run: [OEM32 Tools] sres32.exe
O4 - HKCU\..\Run: [starter] scvhosting.exe
O4 - HKCU\..\Run: [Win32 Configuration] videosd32.exe
O4 - HKCU\..\Run: [Sysino] lsess.exe
O4 - HKCU\..\Run: [Windows Timer Update] phqghume.exe
O4 - HKCU\..\Run: [window2] host.exe
O4 - HKCU\..\Run: [Windows Network Controller] mqguard.exe
O4 - HKCU\..\Run: [Microsoftvirus] sysoverload.exe
O4 - HKCU\..\Run: [PK Services] pksvc.exe
O4 - HKCU\..\Run: [Starting up] wvsvc.exe
O4 - HKCU\..\Run: [NDIS Adapter] ndis.exe
O4 - HKCU\..\Run: [MP Services] mpsvc.exe
O4 - HKCU\..\Run: [Raer] C:\Documents and Settings\gabellone\Dati applicazioni\lrit.exe
O4 - HKCU\..\Run: [*wuauclt.exe] wmsct.exe
O4 - HKCU\..\Run: [Harferxv] C:\WINDOWS\System32\??rss.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Porta Symantec Fax Starter Edition.lnk = C:\Microsoft Office\Office\1040\OLFSNT40.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.fastweb.it
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1107645784187
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-it/it/games3.cab
O16 - DPF: {BB1B5064-1496-4E40-A80D-EFF7C5A953A6} (VacPro.italy_vdem) - http://207.234.185.217/italy_vdem.CAB
O16 - DPF: {DBAE7000-01EC-4162-8FEB-8A27AC937CA0} - http://dist.belnk.com/4/download/hdplugin_1101_bundle43v5d43.cab
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVSync Manager - Unknown - C:\Programmi\Network Associates\VirusScan\Avsynmgr.exe
O23 - Service: USB Device - Unknown - C:\WINDOWS\System32\win32usb.exe (file missing)
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Microsoft Security Subsystem Provider - Unknown - C:\WINDOWS\ntrvs.exe
O23 - Service: McShield - Unknown - C:\Programmi\File comuni\Network Associates\McShield\Mcshield.exe
O23 - Service: Microsoft Support Service - Unknown - C:\WINDOWS\System32\svcmgt.exe (file missing)
O23 - Service: Servizio Norton AntiVirus Auto-Protect - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: ZESOFT - Unknown - C:\WINDOWS\zeta.exe (file missing)

Torna in alto

Sponsor

Inviato: Monday, February 21, 2005 11:21:07 PM

Torna in alto

alfonso

Inviato: Tuesday, February 22, 2005 12:07:50 AM

Rank: AiutAmico

Iscritto dal : 10/5/2000
Posts: 19,132

Ciao,
esegui queste operazioni

1) Disattiva il ripristino di configurazione, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=257&SH=N

2) riavvia in modalità provvisoria, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=344&SH=N

apri HIJAC THIS ed elimina come indicato in questo articolo
http://www.aiutamici.com/software/descrizione.asp?CodSw=1175
le righe che seguono, (nel caso le righe da eliminare non compaiono in modalità provvisoria, eliminale dalla modalità normale e riavvia il computer).

==================================
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O2 - BHO: (no name) - {0339BE40-76AF-5A5D-8E7C-5A27B8ECB9B0} - C:\WINDOWS\System32\entzscbs.dll
-
O4 - HKLM\..\Run: [USB Device] win32usb.exe
O4 - HKLM\..\Run: [OEM32 Tools] sres32.exe
O4 - HKLM\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\Run: [starter] scvhosting.exe
O4 - HKLM\..\Run: [Win32 Configuration] videosd32.exe
O4 - HKLM\..\Run: [Sysino] lsess.exe
O4 - HKLM\..\Run: [Windows Network Service] winvc32.exe
O4 - HKLM\..\Run: [Windows Timer Update] phqghume.exe
O4 - HKLM\..\Run: [window2] host.exe
O4 - HKLM\..\Run: [Windows Network Controller] mqguard.exe
O4 - HKLM\..\Run: [Microsoft Windows Updates] updates.exe
O4 - HKLM\..\Run: [Microsoft Intrenets Explorer] ntcmd.exe
O4 - HKLM\..\Run: [system service] csrsss.exe
O4 - HKLM\..\Run: [system] system32.exe
-
O4 - HKLM\..\Run: [Microsoftvirus] sysoverload.exe
O4 - HKLM\..\Run: [PK Services] pksvc.exe
O4 - HKLM\..\Run: [Microsoft Security Management] winnt.exe
O4 - HKLM\..\Run: [Starting up] wvsvc.exe
O4 - HKLM\..\Run: [NDIS Adapter] ndis.exe
O4 - HKLM\..\Run: [MP Services] mpsvc.exe
-
O4 - HKLM\..\Run: [DeskAd Service] C:\Program Files\DeskAd Service\DeskAdServ.exe
O4 - HKLM\..\Run: [Admanager Controller] C:\Program Files\Admanager Controller\AdManCtl.exe
O4 - HKLM\..\Run: [gyHg8Rc] C:\WINDOWS\snrhtelo.exe
O4 - HKLM\..\Run: [*wuauclt.exe] wmsct.exe
O4 - HKLM\..\Run: [Windows AdStatus] C:\Program Files\Windows AdStatus\WinStat.exe
-
O4 - HKLM\..\Run: [gyHg80+¿ÔÇè]Iú" ‹üžC:\Programmi\ISTsvc\istsvc.exe] C:\WINDOWS\snrhtelo.exe
O4 - HKLM\..\Run: [Pycmerfn] C:\Program Files\Sqyjsmm\Dvqwtr.exe
O4 - HKLM\..\Run: [Xhtpmzx] C:\Program Files\Cklcse\Ardia.exe
O4 - HKLM\..\Run: [AdTools Service] C:\Program Files\AdTools Service\AdTools.exe
-
O4 - HKLM\..\RunServices: [USB Device] win32usb.exe
O4 - HKLM\..\RunServices: [OEM32 Tools] sres32.exe
O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\RunServices: [starter] scvhosting.exe
O4 - HKLM\..\RunServices: [Win32 Configuration] videosd32.exe
O4 - HKLM\..\RunServices: [Sysino] lsess.exe
O4 - HKLM\..\RunServices: [Windows Network Service] winvc32.exe
O4 - HKLM\..\RunServices: [Windows Timer Update] phqghume.exe
O4 - HKLM\..\RunServices: [window2] host.exe
O4 - HKLM\..\RunServices: [Windows Network Controller] mqguard.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Updates] updates.exe
O4 - HKLM\..\RunServices: [Microsoft Intrenets Explorer] ntcmd.exe
O4 - HKLM\..\RunServices: [system service] csrsss.exe
O4 - HKLM\..\RunServices: [system] system32.exe
O4 - HKLM\..\RunServices: [Microsoftvirus] sysoverload.exe
O4 - HKLM\..\RunServices: [PK Services] pksvc.exe
O4 - HKLM\..\RunServices: [Microsoft Security Management] winnt.exe
O4 - HKLM\..\RunServices: [Starting up] wvsvc.exe
O4 - HKLM\..\RunServices: [NDIS Adapter] ndis.exe
O4 - HKLM\..\RunServices: [MP Services] mpsvc.exe
O4 - HKLM\..\RunServices: [*wuauclt.exe] wmsct.exe
-
O4 - HKCU\..\Run: [USB Device] win32usb.exe
O4 - HKCU\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKCU\..\Run: [OEM32 Tools] sres32.exe
O4 - HKCU\..\Run: [starter] scvhosting.exe
O4 - HKCU\..\Run: [Win32 Configuration] videosd32.exe
O4 - HKCU\..\Run: [Sysino] lsess.exe
O4 - HKCU\..\Run: [Windows Timer Update] phqghume.exe
O4 - HKCU\..\Run: [window2] host.exe
O4 - HKCU\..\Run: [Windows Network Controller] mqguard.exe
O4 - HKCU\..\Run: [Microsoftvirus] sysoverload.exe
O4 - HKCU\..\Run: [PK Services] pksvc.exe
O4 - HKCU\..\Run: [Starting up] wvsvc.exe
O4 - HKCU\..\Run: [NDIS Adapter] ndis.exe
O4 - HKCU\..\Run: [MP Services] mpsvc.exe
O4 - HKCU\..\Run: [Raer] C:\Documents and Settings\gabellone\Dati applicazioni\lrit.exe
O4 - HKCU\..\Run: [*wuauclt.exe] wmsct.exe
O4 - HKCU\..\Run: [Harferxv] C:\WINDOWS\System32\??rss.exe
-
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-it/it/games3.cab
O16 - DPF: {BB1B5064-1496-4E40-A80D-EFF7C5A953A6} (VacPro.italy_vdem) - http://207.234.185.217/italy_vdem.CAB
O16 - DPF: {DBAE7000-01EC-4162-8FEB-8A27AC937CA0} - http://dist.belnk.com/4/download/hdplugin_1101_bundle43v5d43.cab
-
O23 - Service: USB Device - Unknown - C:\WINDOWS\System32\win32usb.exe (file missing)
-
O23 - Service: Microsoft Support Service - Unknown - C:\WINDOWS\System32\svcmgt.exe (file missing)
-
O23 - Service: ZESOFT - Unknown - C:\WINDOWS\zeta.exe (file missing)
==================================

Con la funzione TROVA di Windows, cerca ed elimina questi file,

==================================
entzscbs.dll
win32usb.exe
sres32.exe
svcmgt.exe
scvhosting.exe
videosd32.exe
lsess.exe
winvc32.exe
phqghume.exe
host.exe
mqguard.exe
updates.exe
ntcmd.exe
csrsss.exe
system32.exe
sysoverload.exe
pksvc.exe
winnt.exe
wvsvc.exe
ndis.exe
mpsvc.exe
DeskAdServ.exe
AdManCtl.exe
snrhtelo.exe
wmsct.exe
WinStat.exe
Dvqwtr.exe
Ardia.exe
AdTools.exe
lrit.exe
??rss.exe
zeta.exe
==================================

al termine utilizza i programmi AD-AWARE e SPYBOT indicati in questo articolo
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=388&SH=N

sempre in modalità provvisoria fai una scansione Antivirus

quindi riavvia il computer e controlla se il problema e risolto, se e tutto OK riattiva il ripristino configurazione disattivato all'inizio di questa procedura.

Collaboratore Aiutamici

Torna in alto

Utenti presenti in questo topic

Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Mi controllate il LOG?

Salta al Forum

Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Invia topic via Email

RSS Feed

Watch this topic

Stampa topic

Normale

Threaded