Aiutoooo, sto diventando matta, ho attivato spy sweeper ma non riesco a farlo andare e quindi non riesco a cancellare nulla (sembra che questo sia un parassita, così è stato indivuato) dopo alcuni minuti mi si blocca il pc e debbo spegnere e riaccendere, so di avere vari trojan tra cui funk e systray.exe, e adware, cosa posso fare?, ho provato anche con gli antivirus più classici ma senza successo, di seguito vi allego il mio
Logfile of HijackThis v1.99.1
Scan saved at 20.07.14, on 27/06/06
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAMMI\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\TASKMON.EXE
C:\PROGRAMMI\NETROPA\MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\Programmi\Netropa\Onscreen Display\OSD.exe
C:\PROGRAMMI\OLIVETTI\ANY_WAY\OLDVCSTATUS.EXE
C:\PROGRAMMI\OLIVETTI\ANY_WAY\OLMNTRSERVICE.EXE
C:\WINDOWS\TEMP\QDEX1.EXE
C:\PROGRAMMI\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE
C:\PROGRAMMI\NETROPA\MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
C:\PROGRAMMI\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE
C:\INTEL\INTEL PSNCU\CPUNUMBER.EXE
C:\DOCUMENTI\ESEGUIBILI\SUPERANTISPYWARE.EXE
C:\WINDOWS\TWAIN_32\A4CIS600\WATCH.EXE
C:\PROGRAMMI\HP DESKJET 710C SERIES\EREG\REMIND32.EXE
C:\PROGRAMMI\MICROSOFT OFFICE\OFFICE\MSOFFICE.EXE
C:\PROGRAMMI\STOPDIALERS\STOPDIALERS.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAMMI\WEBROOT\SPY SWEEPER\WRSSSDK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAMMI\MY DRIVERS\MYDRIVERS.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\DOCUMENTI\ESEGUIBILI\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://it.yahoo.comR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://it.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://it.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F1 - win.ini: run=hpfsched
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRAMMI\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: PrxcnBHO Class - {7D9E713D-0388-4384-BDD8-2A42EB1C4F04} - C:\PROGRAMMI\EMAIL.IT INTERNET ACCELERATOR\PRXCNBRSRCTRL.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAMMI\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Multimedia Keyboard] C:\Programmi\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [Onscreen Display] C:\Programmi\Netropa\Onscreen Display\OSD.exe
O4 - HKLM\..\Run: [OlStatusMon] "c:\Programmi\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [olmntrsrv] "c:\Programmi\Olivetti\ANY_WAY\olMntrService.exe"
O4 - HKLM\..\Run: [OutpostFeedBack] C:\PROGRAMMI\AGNITUM\OUTPOST FIREWALL 1.0\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [Outpost Firewall] C:\PROGRA~1\AGNITUM\OUTPOS~1.0\OUTPOST.EXE /waitservice
O4 - HKLM\..\Run: [QDEX1.EXE] C:\WINDOWS\TEMP\QDEX1.EXE
O4 - HKLM\..\Run: [SpySweeper] "C:\PROGRAMMI\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE" /startintray
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] c:\windows\SYSTEM\mstask.exe
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRAMMI\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE" -quiet
O4 - HKCU\..\Run: [IntelProcNumUtility] "C:\Intel\Intel PSNCU\CPUNumber.exe" /nosplash
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\DOCUMENTI\ESEGUIBILI\SUPERANTISPYWARE.EXE
O4 - Startup: Watch.lnk = C:\WINDOWS\Twain_32\A4CIS600\WATCH.exe
O4 - Startup: Reminder-hpc41001.lnk = C:\Programmi\HP DeskJet 710C Series\ereg\Remind32.exe
O4 - Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE
O4 - Startup: Barra degli strumenti Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\MSOFFICE.EXE
O4 - Startup: Stop Dialers.lnk = C:\Programmi\StopDialers\StopDialers.exe
O8 - Extra context menu item: Scarica con Download &Express - C:\PROGRAMMI\DOWNLOAD EXPRESS\Add_Url.htm
O9 - Extra button: RealGuide - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\PROGRAMMI\AGNITUM\OUTPOST FIREWALL 1.0\PLUGINS\BROWSERBAR\IE_BAR.DLL (file missing)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAMMI\YAHOO!\COMMON\YHEXBMESIT.DLL (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAMMI\YAHOO!\COMMON\YHEXBMESIT.DLL (file missing)
O12 - Plugin for .qt: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .png: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .swf: C:\PROGRAMMI\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\NPSWF32.DLL
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/italy/start
O14 - IERESET.INF: MS_START_PAGE_URL=http://www.microsoft.com/italy/start
O20 - AppInit_DLLs: C:\PROGRAMMI\AGNITUM\OUTPOST FIREWALL 1.0\wl_hook.dll
O20 - Winlogon Notify: SASWinLogon - C:\DOCUMENTI\ESEGUIBILI\SASWINLO.DLL
vi sarei veramente grata se mi poteste dare una mano e soprattutto per risolvere gli unnumerevoli problemi che sto riscontrando
Ciao e grazie mille
Florata57
<BLOCKQUOTE id=quote><font size=1 face="Sans Serif, Arial, Helvetica" id=quote>quote:<hr height=1 noshade id=quote>
Se fosse solo Cdex, verrebbe da pensare, perchè questo è il suo nome, a un programma per l'estrazione di tracce audio.
Ma sei sicuro che sia il percorso del registro? Perchè, secondo me, trovandosi nella cartella temp, puoi benissimo eliminarlo.
<hr height=1 noshade id=quote></BLOCKQUOTE id=quote></font id=quote><font face="Sans Serif, Arial, Helvetica" size=2 id=quote>