kkava

ciao quest monitor mi si spegne alcune volte appena lo accendo(il pc continua a funzionare correttamente),dopo parte regolarmente e rimane acceso. che puo' essere? grazie

ciao a tutti ho formattato il pc e adesso non riesco piu' a istallare Sonic record now.Prima della formattazione lo avevo istallato regolarmente e il programma funzionava. Accetto consigli

ciao grazie ho fatto cio' che hai detto ma quando spengo e riaccendo Karpesky mi rileva questo trojan. trojan-clicker.win32.small.kj e il solito syshost.dll. L'antivirus non riesce ad eliminarlo.

scusa kuma per il tempo che ti faccio perdere ma il mio hard disk e' solo il C ,potrebbe essere la chiave USB che a volte uso?Mi trovo sempre l'applicazione aperta anche senza inserirla(nel task manager windows

scusa ho provato ma quando premo ok mi dice di inserire il disco,mah...

io ho trovato nella cartella di windows la cartella Drive cache dove dentro c'e' una cartella che contiene due file zippati(drive e sp2),non riesco a trovare setup.exe purtroppo.

un'altra informazione un altro setup exe mi da questo STATUS: QUEUEDYour file "TROJANHUNTERSETUP.EXE-3383D5F7.pf" is queued in position: 69. Estimated start time is between 6 and 9 minutes. AntivirusVersionUpdateResult Aditional InformationVirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

io l'ho trovato sulla sottocartella di windows denominata Prefetch,io non son un grande esperto in materia purtroppo. Che dovrei fare adesso? grazie per l'aiuto che mi state dando.

questo il risultato: STATUS: QUEUEDYour file "SETUP_WM.EXE-2E6FC482.pf" is queued in position: 23. Estimated start time is between 131 and 197 seconds. AntivirusVersionUpdateResult Aditional InformationVirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

ecco il log:Logfile of HijackThis v1.99.1 Scan saved at 12.22.13, on 30/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Roper\AirBlue Bluetooth Software\bin\btwdins.exe C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\ABoard.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\V-Stream\PVR Plus\TVR\Scheduled.exe C:\apps\ABoard\AOSD.exe C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe C:\Programmi\USB FlashDisk\UFD Utility 2004\ufdlmon.exe C:\Programmi\USB FlashDisk\UFD Utility 2004\UFDTool.exe C:\Programmi\USB FlashDisk\UFD Utility 2004\UFDMon.exe C:\Programmi\USB FlashDisk\UFD Utility 2004\USBTD.exe C:\Programmi\HP\HP Software Update\HPWuSchd2.exe C:\Programmi\QuickTime\qttask.exe C:\Programmi\TrojanHunter 4.5\THGuard.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\Roper\AirBlue Bluetooth Software\BTTray.exe C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe C:\Programmi\V-Stream Multimedia\TV713X Utilities\P3XRCtl.exe C:\Programmi\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe C:\Programmi\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Outlook Express\msimn.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Documents and Settings\kkava\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\it.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [PVR Agent] C:\Programmi\V-Stream\PVR Plus\TVR\Scheduled.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [MediaFace Integration] C:\Programmi\Fellowes\MediaFACE 4.0\SetHook.exe O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Programmi\Corel\Corel Graphics 12\Languages\IT\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=090506 serial=DR12WES-3007622-EUW lang=IT O4 - HKLM\..\Run: [uFD Monitor9382] C:\Programmi\USB FlashDisk\UFD Utility 2004\ufdlmon.exe O4 - HKLM\..\Run: [uFD Utility9382] C:\Programmi\USB FlashDisk\UFD Utility 2004\UFDTool.exe O4 - HKLM\..\Run: [uFD Monitor] C:\Programmi\USB FlashDisk\UFD Utility 2004\UFDMon.exe O4 - HKLM\..\Run: [uFD Utiility] C:\Programmi\USB FlashDisk\UFD Utility 2004\USBTD.exe O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [THGuard] "C:\Programmi\TrojanHunter 4.5\THGuard.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background O4 - Startup: CamSetup.lnk = D:\Driver\Setup.EXE O4 - Global Startup: ARTEC ScanEZ.lnk = C:\Programmi\ARTEC ScanEZ\SCANEZ.EXE O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: TV713X Remote Control.lnk = C:\Programmi\V-Stream Multimedia\TV713X Utilities\P3XRCtl.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\Roper\AirBlue Bluetooth Software\btsendto_ie_ctx.htm O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\it.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1126376197046 O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/...loadcontrol.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{4D6FFEF5-6481-4CF9-8937-46C99908B9C0}: NameServer = 10.0.0.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{4D6FFEF5-6481-4CF9-8937-46C99908B9C0}: NameServer = 10.0.0.2 O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\Roper\AirBlue Bluetooth Software\bin\btwdins.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Programmi\Virtual CD v4 SDK\system\vcssecs.exe

Ciao sono nuovo del forum mi si e' infiltrato questo virus nel pc. come posso eliminarlo? Ringrazio anticipatamente