Dopo varie scansioni con antivirus ecc e non avendo trovato nulla riguardo all'errore che si manifestava all'avvio: www.secure.exe (probabile Troian)vi allego il log per essere analizzato. Grazie - Ape
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15.23.20, on 18/09/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\Programmi\Eset\nod32krn.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Programmi\SiteAdvisor\6172\SAService.exe
C:\WINNT\system32\stisvc.exe
C:\Programmi\UPHClean\uphclean.exe
C:\Programmi\UPSMON\UPSMON_Service.Exe
C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\wwSecure.exe
C:\Programmi\UPSMON\UPSInt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\RUNDLL32.EXE
C:\WINNT\system32\rundll32.exe
C:\Programmi\UPSMON\UPSMON.exe
C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe
C:\Programmi\File comuni\ACD Systems\IT\DevDetect.exe
C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Programmi\SiteAdvisor\6172\SiteAdv.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\WINNT\system32\internat.exe
C:\Programmi\Steganos Password Manager 7\SPM7.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\ESET\nod32kui.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\PETER\Impostazioni locali\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.it/nwshp?ie=UTF-8&oe=UTF-8&hl=it&tab=wn&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Programmi\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programmi\SiteAdvisor\6172\SiteAdv.dll
O4 - HKLM\..\Run: [Synchronization Manager] "mobsync.exe" /logon
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [AdslTaskBar] "rundll32.exe" stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [UPSMON] C:\Programmi\UPSMON\UPSMON.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] "C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Programmi\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Programmi\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [SPM7] "C:\Programmi\Steganos Password Manager 7\SPM7.exe" -boot
O4 - HKCU\..\Run: [NBJ] "C:\Programmi\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [Index Washer] C:\Programmi\Webroot\Washer\WashIdx.exe "Peter"
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Programmi\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Iomega App Services - Unknown owner - C:\PROGRA~1\Iomega\System32\AppServices.exe (file missing)
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: Servizio SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Programmi\SiteAdvisor\6172\SAService.exe
O23 - Service: UPSMONService - Unknown owner - C:\Programmi\UPSMON\UPSMON_Service.Exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe
O23 - Service: Sistema Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINNT\system32\wwSecure.exe

--
End of file - 6927 bytes

Non sono bravo a scandagliare i LOG (ma qui su Aiutamici troverai altri -più abili di me- che ti sapranno certamente aiutare al meglio).
Io voglio solo aggiungere che il backdoor che causa il malfunzionamento di cui ha sofferto il tuo computer si chiama <font color=red> Backdoor.W32.RoboBot</font id=red> (a beneficio dei volontari che si cimenteranno nell'analisi del tuo LOG).

Edited by - monsee on 09/19/2007 23:51:41