- Home
- Categorie
- Gaming, Hardware e Software
- Sicurezza Informatica & Privacy
- PDFCreator segnalato da AVG?
-
PDFCreator segnalato da AVG?
Oggi AVG mi ha segnalato uno strano Warning:
Infection
Trojan horse Agent_r.CD
C:\Programmi\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dllQualcuno sa dirmi qualcosa?
-
ciao
puoi essere piu' preciso?
invia un log di hijackthis
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10.45.58, on 30/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: NormalRunning processes:
H:\WINDOWS\System32\smss.exe
H:\windows\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\cisvc.exe
H:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
H:\WINDOWS\system32\inetsrv\inetinfo.exe
H:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
H:\WINDOWS\system32\tcpsvcs.exe
H:\Programmi\SiteAdvisor\6261\SAService.exe
H:\WINDOWS\System32\snmp.exe
H:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\mqsvc.exe
H:\WINDOWS\system32\mqtgsvc.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\igfxtray.exe
H:\WINDOWS\system32\hkcmd.exe
H:\WINDOWS\system32\igfxpers.exe
H:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
H:\Programmi\Analog Devices\SoundMAX\Smax4.exe
H:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
H:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
H:\Programmi\QuickTime\qttask.exe
H:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
H:\PROGRA~1\Hardware\Mouse\Amoumain.exe
H:\Programmi\HP\HP Software Update\HPWuSchd.exe
H:\Programmi\HP\hpcoretech\hpcmpmgr.exe
H:\Programmi\SiteAdvisor\6261\SiteAdv.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Programmi\AS3 Personal Firewall\AS3PF.exe
H:\Programmi\Messenger\msmsgs.exe
H:\Programmi\Skype\Phone\Skype.exe
H:\Programmi\OpenOffice.org 2.4\program\soffice.exe
H:\Programmi\OpenOffice.org 2.4\program\soffice.BIN
H:\Programmi\Skype\Plugin Manager\skypePM.exe
H:\Programmi\Outlook Express\msimn.exe
H:\Programmi\AVG\AVG8\avgtray.exe
H:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
H:\PROGRA~1\AVG\AVG8\avgrsx.exe
H:\PROGRA~1\AVG\AVG8\avgemc.exe
H:\windows\system32\cidaemon.exe
H:\windows\system32\cidaemon.exe
H:\Programmi\Internet Explorer\iexplore.exe
H:\Programmi\AVG\AVG8\avgui.exe
H:\Programmi\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ig?sourceid=navclient&hl=it&ie=UTF-8
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - H:\Programmi\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - H:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - H:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - H:\Programmi\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Programmi\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - H:\Programmi\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll (file missing)
O2 - BHO: XBTBPos00 - {F1E5286B-7517-4446-874B-65B1C8843A6D} - H:\PROGRA~1\PROZ~1.COM\KUDOZ_~1.DLL (file missing)
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - H:\Programmi\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll (file missing)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - H:\Programmi\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - H:\Programmi\AVG\AVG8\avgtoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\programmi\google\googletoolbar1.dll
O4 - HKLM..\Run: [igfxtray] H:\WINDOWS\system32\igfxtray.exe
O4 - HKLM..\Run: [igfxhkcmd] H:\WINDOWS\system32\hkcmd.exe
O4 - HKLM..\Run: [igfxpers] H:\WINDOWS\system32\igfxpers.exe
O4 - HKLM..\Run: [SoundMAXPnP] H:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM..\Run: [SoundMAX] "H:\Programmi\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM..\Run: [RemoteControl] H:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM..\Run: [SunJavaUpdateSched] "H:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM..\Run: [QuickTime Task] "H:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM..\Run: [Camera Detector] H:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM..\Run: [WheelMouse] H:\PROGRA~1\Hardware\Mouse\Amoumain.exe
O4 - HKLM..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM..\Run: [HP Software Update] "H:\Programmi\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM..\Run: [HP Component Manager] "H:\Programmi\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM..\Run: [SiteAdvisor] "H:\Programmi\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM..\Run: [AS3 Personal Firewall] H:\Programmi\AS3 Personal Firewall\AS3PF.exe
O4 - HKLM..\Run: [AVG8_TRAY] H:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU..\Run: [NBJ] "H:\Programmi\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU..\Run: [MSMSGS] "H:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU..\Run: [Skype] "H:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = H:\Programmi\OpenOffice.org 2.4\program\quickstart.exe
O8 - Extra context menu item: Google AdSense Preview Tool - http://pagead2.googlesyndication.com/pagead/preview/en/preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - H:\Programmi\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - H:\Programmi\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - H:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1163095398117
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5024/mcfscan.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Programmi\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - H:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - H:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - H:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MySQL - Unknown owner - H:\Programmi\MySQL\MySQL.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - H:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Servizio SiteAdvisor (SiteAdvisor Service) - Unknown owner - H:\Programmi\SiteAdvisor\6261\SAService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - H:\Programmi\Analog Devices\SoundMAX\SMAgent.exe--
End of file - 9138 bytes
-
...forse perchè quella dll è andata a "toccare" qualcosa che AVG tiene sotto controllo; è un antivirus free quindi si puo' concedergli qualche sbaglio
facci sapere
-
se proprio vuoi essere sicuro di non avere problemi puoi disinstallare AVG free e installare il trial di NOD32 (dura 30 gg) per fare una scansione approfondita del sistema
altrimenti, mantenendo installato AVG puoi installare la versione free di VIRIT (funziona anche con altri antivirus presenti nel sistema) ed effettuare una scansione
entrambi gli antivirus li trovi cercando su google
se PDFCreator ti da problemi, prova ad usare PrimoPDF (lo trovi facilmente cercando su google)