+ Rispondi alla Discussione
Risultati da 1 a 9 di 9

[Risolto] Virus Win32.Small.bxp

Ultimo Messaggio di Izzyweb il:
  1. #1
    Utente Premium L'avatar di Izzyweb
    Data Registrazione
    May 2006
    Località
    Sesto Fiorentino
    Messaggi
    868

    Virus Win32.Small.bxp

    Ho bisogno di nuovo di voi...
    Avast mi segnala questo cavallo di troia, ( win32: small - bxp ) lo sposto nel cestino ma ad ogni riavvio si ripresenta come prima...
    Come posso rimuoverlo definitivamente??
    Google+ Seguimi

  2. #2
    Consiglio Direttivo L'avatar di Wolf Otakar
    Data Registrazione
    Apr 2006
    Località
    Calabria
    Messaggi
    7,479
    Segui Wolf Otakar su Twitter
    Ciao Izzyweb,

    posta un log con Hijackthis:

    Posizionalo in una cartella dentro C:\ ed avvialo dalla voce: Do a system scan and save a logfile

    Ricopia il file .txt e allegalo qui nel forum!

  3. #3
    Utente Premium L'avatar di Izzyweb
    Data Registrazione
    May 2006
    Località
    Sesto Fiorentino
    Messaggi
    868
    Ecco il file log:
    Codice:
    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 9.44.33, on 07/06/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
    C:\Programmi\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Programmi\Analog Devices\SoundMAX\Smax4.exe
    C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe
    c:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
    C:\Programmi\Brother\ControlCenter2\brctrcen.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Programmi\iTunes\iTunesHelper.exe
    C:\Programmi\QuickTime\qttask.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Programmi\Logitech\Video\CameraAssistant.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Programmi\Skype\Phone\Skype.exe
    C:\WINDOWS\9129837.exe
    C:\Programmi\Logitech\SetPoint\SetPoint.exe
    C:\Programmi\SANYO\XactiScreenCapture\SetClip.exe
    C:\Programmi\File comuni\Logitech\KHAL\KHALMNPR.EXE
    C:\WINDOWS\system32\Brmfrmps.exe
    C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\BRMFRSMG.EXE
    C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
    C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
    C:\Programmi\iPod\bin\iPodService.exe
    C:\Programmi\Skype\Plugin Manager\skypePM.exe
    C:\Programmi\Outlook Express\msimn.exe
    C:\Programmi\Internet Explorer\iexplore.exe
    C:\HiJackThis_v2.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.corriere.it/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Programmi\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [SetDefPrt] C:\Programmi\Brother\Brmfl04e\BrStDvPt.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programmi\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [MMTray] "C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
    O4 - HKLM\..\Run: [mmtask] "C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programmi\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programmi\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [ttool] C:\WINDOWS\9129837.exe
    O4 - HKLM\..\Policies\Explorer\Run: [5T19I3B27A] C:\WINDOWS\csrs.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Xacti Screen Capture 1.1.lnk = ?
    O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\SetPoint.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Crea preferiti portatile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{879CC4D2-CD51-449B-AEC8-CC165E7260EB}: NameServer = 80.93.143.42,80.93.143.44
    O18 - Protocol: bw+0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {47E6ACDE-D35B-4273-99FA-5D71B1E51634} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
    
    --
    End of file - 20708 bytes
    Google+ Seguimi

  4. #4
    Utente Premium L'avatar di phpone
    Data Registrazione
    Jun 2006
    Località
    Roma
    Messaggi
    733
    C:\WINDOWS\9129837.exe
    O4 - HKCU\..\Run: [ttool] C:\WINDOWS\9129837.exe <-- occhio che e' un malware
    O4 - HKLM\..\Policies\Explorer\Run: [5T19I3B27A] C:\WINDOWS\csrs.exe

    Selezionate queste chiavi clicca su Fix checked da hijackthis!!
    e poi dovrebbe andare tutto bene

    cerca di mantenere l'antivirus aggiornato
    e prova a installare un qualche software antispyware o antimalware
    eccoti una lista di programmi utili
    http://www.giorgiotave.it/forum/sicu...za-del-pc.html


  5. #5
    Utente Premium L'avatar di Izzyweb
    Data Registrazione
    May 2006
    Località
    Sesto Fiorentino
    Messaggi
    868
    Tutto ok risolto alla perfezione

    Grazie
    Google+ Seguimi

  6. #6
    Consiglio Direttivo L'avatar di Wolf Otakar
    Data Registrazione
    Apr 2006
    Località
    Calabria
    Messaggi
    7,479
    Segui Wolf Otakar su Twitter
    Ciao Izzyweb,

    fixa anche queste voci:

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)



  7. #7
    Utente Premium L'avatar di Izzyweb
    Data Registrazione
    May 2006
    Località
    Sesto Fiorentino
    Messaggi
    868
    Ok grazie Wolf....
    ma come fate a sapere quali voci cancellare?? esperienza personale o esiste un sito che raccoglie queste informazioni??
    Google+ Seguimi

  8. #8
    Consiglio Direttivo L'avatar di Wolf Otakar
    Data Registrazione
    Apr 2006
    Località
    Calabria
    Messaggi
    7,479
    Segui Wolf Otakar su Twitter
    Puoi verificare il log anche sul sito di hijackthis, ne parla in questo 3d Kru!

    Cmq, bisogna prestare molta attenzione, nel fixare le vari voci presenti nel log, "causa blocco del pc"!






  9. #9
    Utente Premium L'avatar di Izzyweb
    Data Registrazione
    May 2006
    Località
    Sesto Fiorentino
    Messaggi
    868
    Ok grazie per i chiarimenti...
    Google+ Seguimi

+ Rispondi alla Discussione

Tag per Questa Discussione

^ Permessi di Scrittura

  • Tu non puoi inviare nuove discussioni
  • Tu non puoi inviare risposte
  • Tu non puoi inviare allegati
  • Tu non puoi modificare i tuoi messaggi
  •  
  • Il codice BB è Attivato
  • Le faccine sono Attivato
  • Il codice [IMG] è Attivato
  • Il codice [VIDEO] è Attivato
  • Il codice HTML è Disattivato
  • Trackbacks Attivato
  • Pingback Attivato
  • Refback Attivato

SEO by vBSEO 3.6.0 PL2 ©2011, Crawlability, Inc.