| Autore |
 Discussione  |
|
|
Fotografo
New Member
Città: Iseo
41 Messaggi |
 Inserito il - 09/01/2006 : 14:55:07
|
Innanzitutto voglio complimentarmi con voi per il lavoro svolto, un mio amico ha risolto molti problemi al computer con i consigli che gli avete dato ( Riferimento Alessandro lago D' Iseo virus msx.dll.exe risolto dal vostro Team Alexandra) Grazie
Ora servirebbe che qualcuno mi aiuti queLogfile of HijackThis v1.99.1
Scan saved at 14.48.10, on 09/01/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\System32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe
E:\Programmi\AVPersonal\AVSched32.EXE
E:\Programmi\USB Flash Disk Utility\UFD Utility\UFDMon.exe
E:\Programmi\USB Flash Disk Utility\UFD Utility\USBTD.exe
E:\WINDOWS\System32\LVCOMSX.EXE
E:\Programmi\Logitech\Video\LogiTray.exe
E:\Programmi\Microsoft ActiveSync\WCESCOMM.EXE
E:\Programmi\Nikon\PictureProject\NkbMonitor.exe
E:\Programmi\Microsoft Office\Office\1040\OLFSNT40.EXE
E:\Programmi\Logitech\Video\FxSvr2.exe
E:\Programmi\AVPersonal\AVWUPSRV.EXE
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\PROGRAMMI\AVPERSONAL\AVGUARD.EXE
E:\Programmi\HITHIS\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = htt*://[www].fotosbardolini[.com]/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {4D044306-B8F3-4F16-9C8F-C81817A94FF0} - (no file)
O2 - BHO: - {6f356be7-db59-435f-90b1-8dde05927706} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\programmi\google\googletoolbar1.dll
O2 - BHO: - {bfad8626-c442-4f03-9fc3-9b00ec29f056} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [NeroCheck] E:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [AVSCHED32] E:\Programmi\AVPersonal\AVSched32.EXE /min
O4 - HKLM\..\Run: [UFD Monitor] E:\Programmi\USB Flash Disk Utility\UFD Utility\UFDMon.exe
O4 - HKLM\..\Run: [UFD Utility] E:\Programmi\USB Flash Disk Utility\UFD Utility\USBTD.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVGCtrl] E:\Programmi\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] E:\Programmi\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] E:\Programmi\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKCU\..\Run: [MSMSGS] "E:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "E:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Programmi\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] E:\Programmi\Logitech\Video\ManifestEngine.exe boot
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = E:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = E:\Programmi\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Porta Symantec Fax Starter Edition.lnk = E:\Programmi\Microsoft Office\Office\1040\OLFSNT40.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = E:\Programmi\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://E:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://E:\Programmi\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://E:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://E:\Programmi\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://E:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://E:\Programmi\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programmi\Java\j2re1.4.1\bin\npjpi141.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programmi\Java\j2re1.4.1\bin\npjpi141.dll
O9 - Extra button: Crea preferiti portatile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\Programmi\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Programmi\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Programmi\Microsoft ActiveSync\inetrepl.dll
O12 - Plugin for .spop: E:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - htt*://[www].ipix[.com]/viewers/ipixx .cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - htt*s://signup.msn[.com]/pages/MsnInstC .cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - htt*://[www].cult3d[.com]/download/cult .cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - htt*://spaces.msn[.com]//PhotoUpload/MsnPUpld .cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - htt*://software-dl.real[.com]/1063e967550fb244d915/netzip/RdxIE601_it .cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - htt*://v5.windowsupdate.microsoft[.com]/v5consumer/V5Controls/en/x86/client/wuweb_site .cab?1109611391728
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - htt*://messenger.msn[.com]/download/MsnMessengerSetupDownloader .cab
O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - htt*://[www].crtvg.es/camweb/camera .cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: SysTray - {bfad8626-c442-4f03-9fc3-9b00ec29f056} - (no file)
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - E:\PROGRAMMI\AVPERSONAL\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - Unknown owner - E:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - E:\Programmi\AVPersonal\AVWUPSRV.EXE
sta è la mia situazione: Cosa devo Fare ??
|
|
|
alexvr
Senior Member
Città: verona
203 Messaggi |
Inserito il - 09/01/2006 : 16:58:51
|
Ciao e benvenuto su notrace!
Come mai il so è in E:?
in C cosa c'è?
questi pensano siano di sicuro da fixare ma aspetta conferma da qualcun altro più esperto di me!
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\programmi\google\googletoolbar1.dll
O8 - Extra context menu item: &Google Search - res://E:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://E:\Programmi\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://E:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://E:\Programmi\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://E:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://E:\Programmi\Google\GoogleToolbar1.dll/cmtrans.html |
 |
|
|
Fotografo
New Member
Città: Iseo
41 Messaggi |
Inserito il - 10/01/2006 : 14:24:23
|
Ciao Alexsandra , non riesco ad entrare in modalità provvisoria mi esce una sccermata blu con il riferimentoBOOT seleziono il mio hard disk ma nulla cosa devo Fare??
Grazie per la pazienza ma ci capisco poco.
Un saluto da Iseo |
|
|
|
n/a
deleted
1470 Messaggi |
Inserito il - 10/01/2006 : 14:32:43
|
| Quì trovi anche altre informazioni per il tuo problema htt*://[www].notrace.it/faq-rimozione-virus.htm |
|
|
|
Fotografo
New Member
Città: Iseo
41 Messaggi |
Inserito il - 11/01/2006 : 09:21:56
|
Logfile of HijackThis v1.99.1
Scan saved at 9.22.29, on 11/01/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\System32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\Programmi\AVPersonal\AVGNT.EXE
E:\PROGRAMMI\AVPERSONAL\AVGUARD.EXE
E:\Programmi\AVPersonal\AVWUPSRV.EXE
E:\WINDOWS\System32\svchost.exe
E:\Programmi\HITHIS\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = htt*://[www].fotosbardolini[.com]/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [AVGCtrl] E:\Programmi\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [QuickTime Task] "E:\Programmi\QuickTime\qttask.exe" -atboottime
O21 - SSODL: SysTray - {bfad8626-c442-4f03-9fc3-9b00ec29f056} - (no file)
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - E:\PROGRAMMI\AVPERSONAL\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - Unknown owner - E:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - E:\Programmi\AVPersonal\AVWUPSRV.EXE
Spero di aver eseguito tutto OK attendo una vostra gentile risposta
Buona giornata a tutti
Fotografo |
|
|
|
n/a
deleted
Città: eh eh ti piacerebbe saperlo
2419 Messaggi |
Inserito il - 11/01/2006 : 11:42:47
|
puoi fare a meno anche di questo
O4 - HKLM\..\Run: [QuickTime Task] "E:\Programmi\QuickTime\qttask.exe" -atboottime
sarebbe quell'iconcina nel sistem tray relativa a quick time....
per il resto il log è perfetto....davvero eccezionale....
alex...quel link porta alla versione 8.0 di bitdefender..questo è quello giusto:
htt*://[www].zdnet.de/downloads/prg/g/r/deU7GR_is-wc.html
per il resto bravissima...
ciaooooooooooooo |
Modificato da - n/a in data 11/01/2006 11:44:31 |
|
|
| |
Discussione |
|
LVCOMSX:EXE??
Forum Bloccato
