TheyCallMeMr.X.
15-01-2008, 12:44
cioa,da ieri incontinua ad uscire dopo pochi sec che navigo il messaggio:
si č verificato un errore in firefox,l'applicazione verrā chiusa
(posso continuare a navigare ,solo che rimane la finestra d'errore)
stessa identica cosa con explorer
ho fatto una scansione con avg ,ma niente...
questo č il mio log
Logfile of HijackThis v1.99.1
Scan saved at 12.35.31, on 15/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\Explorer.EXE
F:\alcohol\al\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\Linksts.exe
C:\Programmi\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\System32\SSLEmptyCache.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Programmi\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\RegDoctor\RegDoctor.exe
C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\FILECO~1\Nokia\MPAPI\MPAPI3s.exe
F:\EmuleOKSPERIAMO\emule.exe
F:\winamp\Winamp.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\dwwin.exe
C:\Documents and Settings\teoz.TEO\Desktop\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System\blank.htm
O2 - BHO: (no name) - {FE67F9CB-2DC8-4EEF-8EAC-F668D0DDC98E} - C:\WINDOWS\system32\sblfx32.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ISDN Monitor] Linksts.exe W 1024
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [bit4id store register] RUNDLL32.EXE C:\WINDOWS\System32\bit4cnsp.dll,RegisterMyPhysicalStore
O4 - HKLM\..\Run: [SSLEmptyCache] C:\WINDOWS\System32\SSLEmptyCache.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [OrderReminder] C:\Programmi\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\PINNAC~1\PPE\PPE.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [RegDoctor] C:\Programmi\RegDoctor\RegDoctor.exe -Quick
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [eMuleAutoStart] F:\EmuleOKSPERIAMO\emule.exe -AutoStart
O4 - Startup: 1.brs
O4 - Startup: EarthView.lnk = C:\Programmi\EarthView\EarthView.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = F:\office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - F:\INCOMI~1\dap\DAP\DAP.EXE (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} (Posto di Lavoro del Cittadino - Attestazione) - http://www.crs.lombardia.it/components/OcsKitCittadino.cab
O16 - DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} (Posto di Lavoro del Cittadino - Autenticazione utente) - http://www.crs.lombardia.it/components/OcxCertUpdate.cab
O16 - DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} (Posto di Lavoro del Cittadino - Interprete dati) - http://www.crs.lombardia.it/components/OcxCrsInfo.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{013401ED-0C9E-44EB-B318-97A7A4CF228C}: NameServer = 193.70.192.25 193.70.152.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{013401ED-0C9E-44EB-B318-97A7A4CF228C}: NameServer = 193.70.192.25 193.70.152.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{013401ED-0C9E-44EB-B318-97A7A4CF228C}: NameServer = 193.70.192.25 193.70.152.25
O20 - Winlogon Notify: iprop32 - iprop32.dll (file missing)
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - F:\alcohol\al\Alcohol 120\StarWind\StarWindService.exe
cosa potrebbe essere?????
grazie mille
si č verificato un errore in firefox,l'applicazione verrā chiusa
(posso continuare a navigare ,solo che rimane la finestra d'errore)
stessa identica cosa con explorer
ho fatto una scansione con avg ,ma niente...
questo č il mio log
Logfile of HijackThis v1.99.1
Scan saved at 12.35.31, on 15/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\Explorer.EXE
F:\alcohol\al\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\Linksts.exe
C:\Programmi\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\System32\SSLEmptyCache.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Programmi\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\RegDoctor\RegDoctor.exe
C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\FILECO~1\Nokia\MPAPI\MPAPI3s.exe
F:\EmuleOKSPERIAMO\emule.exe
F:\winamp\Winamp.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\dwwin.exe
C:\Documents and Settings\teoz.TEO\Desktop\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System\blank.htm
O2 - BHO: (no name) - {FE67F9CB-2DC8-4EEF-8EAC-F668D0DDC98E} - C:\WINDOWS\system32\sblfx32.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ISDN Monitor] Linksts.exe W 1024
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [bit4id store register] RUNDLL32.EXE C:\WINDOWS\System32\bit4cnsp.dll,RegisterMyPhysicalStore
O4 - HKLM\..\Run: [SSLEmptyCache] C:\WINDOWS\System32\SSLEmptyCache.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [OrderReminder] C:\Programmi\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\PINNAC~1\PPE\PPE.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [RegDoctor] C:\Programmi\RegDoctor\RegDoctor.exe -Quick
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [eMuleAutoStart] F:\EmuleOKSPERIAMO\emule.exe -AutoStart
O4 - Startup: 1.brs
O4 - Startup: EarthView.lnk = C:\Programmi\EarthView\EarthView.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = F:\office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - F:\INCOMI~1\dap\DAP\DAP.EXE (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} (Posto di Lavoro del Cittadino - Attestazione) - http://www.crs.lombardia.it/components/OcsKitCittadino.cab
O16 - DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} (Posto di Lavoro del Cittadino - Autenticazione utente) - http://www.crs.lombardia.it/components/OcxCertUpdate.cab
O16 - DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} (Posto di Lavoro del Cittadino - Interprete dati) - http://www.crs.lombardia.it/components/OcxCrsInfo.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{013401ED-0C9E-44EB-B318-97A7A4CF228C}: NameServer = 193.70.192.25 193.70.152.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{013401ED-0C9E-44EB-B318-97A7A4CF228C}: NameServer = 193.70.192.25 193.70.152.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{013401ED-0C9E-44EB-B318-97A7A4CF228C}: NameServer = 193.70.192.25 193.70.152.25
O20 - Winlogon Notify: iprop32 - iprop32.dll (file missing)
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - F:\alcohol\al\Alcohol 120\StarWind\StarWindService.exe
cosa potrebbe essere?????
grazie mille