MartyBalla

Problema Con Finti Windows System Alerts

6 messaggi in questa discussione

Ciao a tutti...

ho un problema: ogni 5 minuti mi compaiono dei finti messaggi di sicurezza di windows che mi invitano a installare un programma spyware...mi sono comparse sul desktop nuove icone che, nonostante io le cancelli, ritornano regolarmente e inoltre mi reindirizzano sempre la prima pagina di internet.

cosa devo fare per eliminarli completamente??? confused.gif

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

[ben]Sophia[/ben]

Ciao Sophia,

allega un log di Hijackthis

http://forum.wininizio.it/index.php?showtopic=21584

Esegui una scansione online con Kaspersky (su "my computer")ed allega il report in formato HTML

http://forum.wininizio.it/index.php?showtopic=36981&hl=

Se non riesci ad allegare il report,

carica il file su http://www.wikifortio.com/

e poi copia il link per poterlo scaricare.

:P:)

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Allora il log di HiJack è

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 22.33.33, on 26/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)Boot mode: Normal
Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\AntiVir PersonalEdition Classic\avguard.exeC:\WINDOWS\Explorer.EXE
C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exeC:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exeC:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
C:\Programmi\Windows Live\Family Safety\fssui.exe
C:\WINDOWS\system32\rundll32.exeC:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exeC:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\CASIO\Pocket Sheet Sync\PSXLTRAY.EXE
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmi\CASIO\PCsync\QDCTray.exeC:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exeC:\Programmi\Java\jre1.6.0_03\bin\jucheck.exe
C:\WINDOWS\system32\svchost.exeC:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Programmi\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Windows Live Toolbar\msn_sl.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = <A href="[url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]" target=_blank>http://go.microsoft.com/fwlink/?LinkId=54896</A>
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = <A href="[url="http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2"]http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2[/url]" target=_blank>http://softwarereferral.com/jump.php...MjI6Ojg5&lid=2</A>
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <A href="[url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url]" target=_blank>http://go.microsoft.com/fwlink/?LinkId=69157</A>
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = <A href="[url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]" target=_blank>http://go.microsoft.com/fwlink/?LinkId=54896</A>
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = <A href="[url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]" target=_blank>http://go.microsoft.com/fwlink/?LinkId=54896</A>
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = <A href="[url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url]" target=_blank>http://go.microsoft.com/fwlink/?LinkId=69157</A>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programmi\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {58FB2CBB-C874-45FC-A1C9-B62CC9E3BED9} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: qvdntlmw - {0250B459-0F71-48F6-9784-CB7F2C338A0A} - C:\WINDOWS\qvdntlmw.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PD0620 STISvc] RunDLL32.exe P0620Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [fssui] "C:\Programmi\Windows Live\Family Safety\fssui.exe" -autorun
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Pocket Sheet Sync] C:\Programmi\CASIO\Pocket Sheet Sync\PSXLTRAY.EXE
O4 - HKLM\..\Policies\Explorer\Run: [5T19I3B27A] C:\WINDOWS\csrs.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Quick Data Copy.lnk = C:\Programmi\CASIO\PCsync\QDCTray.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: Avvio rapido di HP Image Zone.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - <A href="[url="http://favorites.live.com/quickadd.aspx"]http://favorites.live.com/quickadd.aspx[/url]" target=_blank>http://favorites.live.com/quickadd.aspx</A>
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Memoring - {69b50480-2506-11d5-ad03-0050badf8784} - <A href="[url="file://C:\Programmi\Memoring\PsScript.js"]file://C:\Programmi\Memoring\PsScript.js[/url]" target=_blank>file://C:\Programmi\Memoring\PsScript.js</A> (file missing)
O9 - Extra 'Tools' menuitem: Memoring - {69b50480-2506-11d5-ad03-0050badf8784} - <A href="[url="file://C:\Programmi\Memoring\PsScript.js"]file://C:\Programmi\Memoring\PsScript.js[/url]" target=_blank>file://C:\Programmi\Memoring\PsScript.js</A> (file missing)
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - <A href="[url="http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab"]http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab[/url]" target=_blank>http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab</A>
O16 - DPF: {18506D80-9B80-11D4-82C2-0080C8D7ED4A} (GameDesire Roulette) - <A href="[url="http://194.244.16.123/g_bin/eng/roulette_2_0_0_27.cab"]http://194.244.16.123/g_bin/eng/roulette_2_0_0_27.cab[/url]" target=_blank>http://194.244.16.123/g_bin/eng/roulette_2_0_0_27.cab</A>
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - <A href="[url="http://194.244.16.123/g_bin/eng/cards_2_0_0_75.cab"]http://194.244.16.123/g_bin/eng/cards_2_0_0_75.cab[/url]" target=_blank>http://194.244.16.123/g_bin/eng/cards_2_0_0_75.cab</A>
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - <A href="[url="http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab"]http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[/url]" target=_blank>http://messenger.zone.msn.com/binary...r.cab56986.cab</A>
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) - <A href="[url="http://194.244.16.123/g_bin/eng/boards_2_0_0_34.cab"]http://194.244.16.123/g_bin/eng/boards_2_0_0_34.cab[/url]" target=_blank>http://194.244.16.123/g_bin/eng/boards_2_0_0_34.cab</A>
O16 - DPF: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64} (GameDesire Sea Battle) - <A href="[url="http://194.244.16.123/g_bin/eng/navy_2_0_0_29.cab"]http://194.244.16.123/g_bin/eng/navy_2_0_0_29.cab[/url]" target=_blank>http://194.244.16.123/g_bin/eng/navy_2_0_0_29.cab</A>
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - <A href="[url="http://ilaballa.spaces.live.com//PhotoUpload/MsnPUpld.cab"]http://ilaballa.spaces.live.com//PhotoUpload/MsnPUpld.cab[/url]" target=_blank>http://ilaballa.spaces.live.com//Pho...d/MsnPUpld.cab</A>
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - <A href="[url="http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab"]http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab[/url]" target=_blank>http://messenger.zone.msn.com/IT-IT/.../GAME_UNO1.cab</A>
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - <A href="[url="http://ilaballa.spaces.live.com/PhotoUpload/MsnPUpld.cab"]http://ilaballa.spaces.live.com/PhotoUpload/MsnPUpld.cab[/url]" target=_blank>http://ilaballa.spaces.live.com/Phot...d/MsnPUpld.cab</A>
O16 - DPF: {A1FE3DE0-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Demon) - <A href="[url="http://194.244.16.123/g_bin/eng/demon_2_0_0_30.cab"]http://194.244.16.123/g_bin/eng/demon_2_0_0_30.cab[/url]" target=_blank>http://194.244.16.123/g_bin/eng/demon_2_0_0_30.cab</A>
O16 - DPF: {A6212120-01D4-11D5-9A39-0080C8D85044} (GameDesire Slots 70th) - <A href="[url="http://194.244.16.123/g_bin/eng/slots70_2_0_0_35.cab"]http://194.244.16.123/g_bin/eng/slots70_2_0_0_35.cab[/url]" target=_blank>http://194.244.16.123/g_bin/eng/slots70_2_0_0_35.cab</A>
O16 - DPF: {A7196C8E-35A5-4FF0-9E46-E28918B5CAF6} (GameDesire Domino) - <A href="[url="http://194.244.16.123/g_bin/eng/domino_2_0_0_33.cab"]http://194.244.16.123/g_bin/eng/domino_2_0_0_33.cab[/url]" target=_blank>http://194.244.16.123/g_bin/eng/domino_2_0_0_33.cab</A>
O16 - DPF: {A9ED6AA2-D9D4-4D71-9586-E293E2E3580B} (GameDesire Marbles&Diamonds&Runes) - <A href="[url="http://194.244.16.123/g_bin/eng/marbles_2_0_0_32.cab"]http://194.244.16.123/g_bin/eng/marbles_2_0_0_32.cab[/url]" target=_blank>http://194.244.16.123/g_bin/eng/marbles_2_0_0_32.cab</A>
O16 - DPF: {AD7013FF-1D9A-4F36-94A6-3CD408A663F9} (GameDesire BreakOut) - <A href="[url="http://194.244.16.123/g_bin/eng/breakout_2_0_0_29.cab"]http://194.244.16.123/g_bin/eng/breakout_2_0_0_29.cab[/url]" target=_blank>http://194.244.16.123/g_bin/eng/breakout_2_0_0_29.cab</A>
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - <A href="[url="http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab"]http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab[/url]" target=_blank>http://messenger.zone.msn.com/binary...o.cab56649.cab</A>
O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) - <A href="[url="http://194.244.16.123/g_bin/eng/words_2_0_0_51.cab"]http://194.244.16.123/g_bin/eng/words_2_0_0_51.cab[/url]" target=_blank>http://194.244.16.123/g_bin/eng/words_2_0_0_51.cab</A>
O16 - DPF: {BFA1F11D-3121-AFE1-4112-983219421AEF} (GameDesire 1Player Word Games) - <A href="[url="http://194.244.16.123/g_bin/eng/wordssingle_2_0_0_48.cab"]http://194.244.16.123/g_bin/eng/wordssingle_2_0_0_48.cab[/url]" target=_blank>http://194.244.16.123/g_bin/eng/word...e_2_0_0_48.cab</A>
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - <A href="[url="http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab"]http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[/url]" target=_blank>http://messenger.zone.msn.com/binary...t.cab56907.cab</A>
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - <A href="[url="http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab"]http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab[/url]" target=_blank>http://eu.download.games.yahoo.com/z...ylomloader.cab</A>
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - <A href="[url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/url]" target=_blank>http://fpdownload2.macromedia.com/ge...sh/swflash.cab</A>
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - <A href="[url="http://www.fueps.com/gp/resources/games/puzzle/PopCapGames/popcaploader_v10_it.cab"]http://www.fueps.com/gp/resources/games/puzzle/PopCapGames/popcaploader_v10_it.cab[/url]" target=_blank>http://www.fueps.com/gp/resources/ga...der_v10_it.cab</A>
O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - <A href="[url="http://194.244.16.123/g_bin/eng/mahjong_2_0_0_29.cab"]http://194.244.16.123/g_bin/eng/mahjong_2_0_0_29.cab[/url]" target=_blank>http://194.244.16.123/g_bin/eng/mahjong_2_0_0_29.cab</A>
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - <A href="[url="http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab"]http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab[/url]" target=_blank>http://messenger.zone.msn.com/binary...r.cab56986.cab</A>
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - <A href="[url="http://194.244.16.123/g_bin/eng/billard8_2_0_0_35.cab"]http://194.244.16.123/g_bin/eng/billard8_2_0_0_35.cab[/url]" target=_blank>http://194.244.16.123/g_bin/eng/billard8_2_0_0_35.cab</A>
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C4} (GameDesire Pool Training) - <A href="[url="http://194.244.16.123/g_bin/eng/billardt_2_0_0_35.cab"]http://194.244.16.123/g_bin/eng/billardt_2_0_0_35.cab[/url]" target=_blank>http://194.244.16.123/g_bin/eng/billardt_2_0_0_35.cab</A>
O17 - HKLM\System\CCS\Services\Tcpip\..\{0A5ECA3A-9883-4FAC-87AE-BCF6DAC8E58A}: NameServer = 193.70.152.15 193.70.152.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{0A5ECA3A-9883-4FAC-87AE-BCF6DAC8E58A}: NameServer = 193.70.152.15 193.70.152.25
O21 - SSODL: dwnrpofk - {C2AD7315-4D43-4303-B03A-30DC3F8B70D7} - C:\WINDOWS\dwnrpofk.dll
O21 - SSODL: vbgtorfd - {385309CD-90EC-4F03-B586-D36D1FFAC354} - C:\WINDOWS\vbgtorfd.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
--End of file - 12965 bytes

mentre qll di kaspersky lo sto ancora facendo..

ora cosa devo fare???

Grazie mille

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Fortunatamente grazie alla scansione li ho eliminati definitivamente...sono ancora a rischio, devo fare qualcosa oppure va bene così???

Grazie mille!!!!!!! :)

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Kaspersky ha segnalato qualcosa ed hai eliminato i file manualmente??

perchè la scansione online non rimuove nulla :)

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Crea un account o accedi per lasciare un commento

Devi essere un utente registrato per partecipare

Crea un account

Iscriviti per un nuovo account nella nostra community. È facile!


Registra un nuovo account

Accedi

Sei già registrato? Accedi qui.


Accedi Ora