Apertura Pagine INTERNET

palanzana · 29-04-2004, 17:19

appena apro internet explorer ..iltempo di caricare la pagina di google e si kiude in auto,sapetedirmi il xkè?dipende da qualke virus?ho fatto la scansione ma nn ha trovato niente..

palanzana · 29-04-2004, 22:59

mi compare anke una finestra con un motore di ricerca ...spot ot

The Lenny · 30-04-2004, 03:27

dice il saggio: se non usi ad-aware e cwshredder, sei un pò caggio (solo x cs e provincia)!
scherzi a parte, scaricati i 2 freeware anzidetti..stai tranko, passa in fretta...

palanzana · 30-04-2004, 10:33

Quote:

Originariamente inviato da The Lenny
dice il saggio: se non usi ad-aware e cwshredder, sei un pò caggio (solo x cs e provincia)!
scherzi a parte, scaricati i 2 freeware anzidetti..stai tranko, passa in fretta...

ad aware ce lho.cwshredd cnn hocapito come si usa

palanzana · 01-05-2004, 14:49

Logfile of HijackThis v1.97.7
Scan saved at 14.49.07, on 01/05/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Eset\nod32krn.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Programmi\Java\j2re1.4.2_01\bin\jusched.exe
C:\WINDOWS\htpatch.exe
C:\WINDOWS\System32\GSICON.EXE
C:\WINDOWS\System32\dslagent.exe
C:\Programmi\ESET\nod32kui.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
D:\DOWLOAD\PROGRAMMI\Spy\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://www.google.it/
R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - (no file)
O2 - BHO: (no name) - {7371F073-AC0F-4b80-BB2F-96A488CEFB32} - c:\Program Files\Xmod\xm320.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NetLimiter] C:\Programmi\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [nod32kui] C:\Programmi\Eset\nod32kui.exe /WAITSERVICE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O8 - Extra context menu item: &Google Search - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Programmi\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download with GetRight - C:\Programmi\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Programmi\GetRight\GRbrowse.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Ricerche (HKLM)
O10 - Broken Internet access because of LSP provider 'imon.dll' missing
O12 - Plugin for .pdf: C:\Programmi\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/downlo...22/wmv9VCM.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...043.2434606481
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/12119/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{481F1158-5C6D-4FB0-9B58-FB21B81EE0A1}: NameServer = 81.74.225.227 151.99.125.1

MrOZ · 01-05-2004, 17:01

con hijackthis fissa questi valori:

R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - (no file)
O2 - BHO: (no name) - {7371F073-AC0F-4b80-BB2F-96A488CEFB32} - c:\Program Files\Xmod\xm320.dll

Poi riavvia ed elimina il file xm320.dll e la cartella c:\Program Files\Xmod

palanzana · 01-05-2004, 17:05

Quote:

Originariamente inviato da MrOZ
con hijackthis fissa questi valori:

R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - (no file)
O2 - BHO: (no name) - {7371F073-AC0F-4b80-BB2F-96A488CEFB32} - c:\Program Files\Xmod\xm320.dll

Poi riavvia ed elimina il file xm320.dll e la cartella c:\Program Files\Xmod

ora provo

palanzana · 01-05-2004, 17:10

nn mifa eliminare quella dll xkè midice ke èusata

palanzana · 01-05-2004, 17:21

Quote:

Originariamente inviato da palanzana
nn mifa eliminare quella dll xkè midice ke èusata

fatto,lho canc in modalità provv

AMDmad · 01-05-2004, 18:35

Quote:

Originariamente inviato da palanzana
appena apro internet explorer ..iltempo di caricare la pagina di google e si kiude in auto,sapetedirmi il xkè?dipende da qualke virus?ho fatto la scansione ma nn ha trovato niente..

da stamattina succede la stessa identica cosa anche a me ....
che succede????

MrOZ · 01-05-2004, 20:46

Quote:

Originariamente inviato da AMDmad
da stamattina succede la stessa identica cosa anche a me ....
che succede????

Fai uno scan con qualke av online, usa adaware6, spybot e CWShredder aggiornati .

Se il prob persiste, scarica hijackthis, fai uno scan, salva il log e copia-incollalo sul forum.

palanzana · 01-05-2004, 20:48

pensavo di aver risolto,ma le cose sono peggiorate...ora la connessione mi carica solo mezza pagina

AMDmad · 01-05-2004, 20:57

Quote:

Originariamente inviato da MrOZ
Fai uno scan con qualke av online, usa adaware6, spybot e CWShredder aggiornati .

Se il prob persiste, scarica hijackthis, fai uno scan, salva il log e copia-incollalo sul forum.

Scusa l'ignoranza...cosa intendi per av online????'

palanzana · 01-05-2004, 21:06

Quote:

Originariamente inviato da AMDmad
Scusa l'ignoranza...cosa intendi per av online????'

antivirus online tipo panda

palanzana · 01-05-2004, 21:07

ma ke è?

MrOZ · 01-05-2004, 21:09

Quote:

Originariamente inviato da palanzana
pensavo di aver risolto,ma le cose sono peggiorate...ora la connessione mi carica solo mezza pagina

Prova a fare una scansione con qualche antivirus online.

palanzana · 01-05-2004, 21:12

Quote:

Originariamente inviato da MrOZ
Prova a fare una scansione con qualche antivirus online.

sono andato sul sito del panda ma nn trovo + dove poter fare la scansione online,mipuoi dare linidirzz esatto?

MrOZ · 01-05-2004, 21:17

Qui trovi i link a vari av online http://forum.gladiator-antivirus.com...howtopic=11418

Poi ti conviene installare la ver trial di trojanHunter www.misec.net e provare a fare una scan del sistema.

palanzana · 01-05-2004, 21:21

il migliore qualè?

palanzana · 01-05-2004, 21:24

The following ports were identified as open on your PC:

Port 5000

These programs or services use this port by default:
Windows ME, XP and 2003 Network Plug & Play

These Trojans or Malware files use this port by default:
Bubbel, Back Door Setup, Blazer 5, Socket 23, Sockets de Troie

Port 445

These programs or services use this port by default:
Microsoft-DS

Port 135

These programs or services use this port by default:
DCE endpoint resolution

Port 1025

These programs or services use this port by default:
Windows RPC, Scheduled Tasks

These Trojans or Malware files use this port by default:
NetSpy, Maverick's Matrix, RemoteStorm

Security-Test:
Public available information about your PC resp. your network are collected.

Your IP address: 80.117.16.172
Your operating system: Windows XP
Your browser: MS Internet Explorer
Full browser identification: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Browser languages: it

You did run the Online-Check 0 times before.

Public information for your IP address from the whois server:

%

inetnum: 80.117.0.0 - 80.117.255.255
netname: TINIT-ADSL-LITE
descr: Telecom Italia
descr: Accesso ADSL BBB
country: IT
admin-c: BS104-RIPE
tech-c: BS104-RIPE
status: ASSIGNED PA
remarks: Please send abuse notification to [email protected]
notify: [email protected]
mnt-by: TIWS-MNT
changed: [email protected] 20020927
source: RIPE

route: 80.117.0.0/16
descr: INTERBUSINESS
origin: AS3269
notify: [email protected]
mnt-by: INTERB-MNT
changed: [email protected] 20011210
source: RIPE

person: BBBEASYIP STAFF
address: Via Val Cannuta, 250
address: I-00100 Roma
address: Italy
phone: +39 06 36881
e-mail: [email protected]
nic-hdl: BS104-RIPE
notify: [email protected]
changed: [email protected] 20001019
source: RIPE

Your PC resp. your network is contacted now and public information will be collected.
Note: This check may take up to a minute.

29-04-2004, 17:19	#1
palanzana Bannato Iscritto dal: Sep 2003 Città: Viterbo Messaggi: 1762	Apertura Pagine INTERNET appena apro internet explorer ..iltempo di caricare la pagina di google e si kiude in auto,sapetedirmi il xkè?dipende da qualke virus?ho fatto la scansione ma nn ha trovato niente..

30-04-2004, 03:27	#3
The Lenny Senior Member Iscritto dal: Apr 2004 Messaggi: 502	dice il saggio: se non usi ad-aware e cwshredder, sei un pò caggio (solo x cs e provincia)! scherzi a parte, scaricati i 2 freeware anzidetti..stai tranko, passa in fretta... __________________ "Chiù pilu pì tutti" - "Tira chiù nu pilu ca nu 'nsartu!" A volte, una ricerca su Google vale più di mille parole.. Non dimentichiamo che...

29-04-2004, 22:59	#2
palanzana Bannato Iscritto dal: Sep 2003 Città: Viterbo Messaggi: 1762	mi compare anke una finestra con un motore di ricerca ...spot ot

01-05-2004, 14:49	#5
palanzana Bannato Iscritto dal: Sep 2003 Città: Viterbo Messaggi: 1762	Logfile of HijackThis v1.97.7 Scan saved at 14.49.07, on 01/05/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Eset\nod32krn.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\CTHELPER.EXE C:\Programmi\Java\j2re1.4.2_01\bin\jusched.exe C:\WINDOWS\htpatch.exe C:\WINDOWS\System32\GSICON.EXE C:\WINDOWS\System32\dslagent.exe C:\Programmi\ESET\nod32kui.exe C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\Programmi\Internet Explorer\IEXPLORE.EXE D:\DOWLOAD\PROGRAMMI\Spy\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://www.google.it/ R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - (no file) O2 - BHO: (no name) - {7371F073-AC0F-4b80-BB2F-96A488CEFB32} - c:\Program Files\Xmod\xm320.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_01\bin\jusched.exe O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NetLimiter] C:\Programmi\NetLimiter\NetLimiter.exe /s O4 - HKLM\..\Run: [nod32kui] C:\Programmi\Eset\nod32kui.exe /WAITSERVICE O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O8 - Extra context menu item: &Google Search - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Programmi\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Download with GetRight - C:\Programmi\GetRight\GRdownload.htm O8 - Extra context menu item: Open with GetRight Browser - C:\Programmi\GetRight\GRbrowse.htm O8 - Extra context menu item: Si&milar Pages - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: Ricerche (HKLM) O10 - Broken Internet access because of LSP provider 'imon.dll' missing O12 - Plugin for .pdf: C:\Programmi\Internet Explorer\PLUGINS\nppdf32.dll O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/downlo...22/wmv9VCM.CAB O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...043.2434606481 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/12119/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{481F1158-5C6D-4FB0-9B58-FB21B81EE0A1}: NameServer = 81.74.225.227 151.99.125.1

01-05-2004, 17:01	#6
MrOZ Senior Member Iscritto dal: Jun 2003 Città: "Mantua me genuit" Trattative concluse: 1 fracco!!! Devianze: MacTard iMac 27" i5 2,8Ghz 4GB IPHONE 5 32GB Black Iscritto dal: Nov 2002 Messaggi: 4426	con hijackthis fissa questi valori: R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - (no file) O2 - BHO: (no name) - {7371F073-AC0F-4b80-BB2F-96A488CEFB32} - c:\Program Files\Xmod\xm320.dll Poi riavvia ed elimina il file xm320.dll e la cartella c:\Program Files\Xmod

01-05-2004, 17:10	#8
palanzana Bannato Iscritto dal: Sep 2003 Città: Viterbo Messaggi: 1762	nn mifa eliminare quella dll xkè midice ke èusata

01-05-2004, 20:48	#12
palanzana Bannato Iscritto dal: Sep 2003 Città: Viterbo Messaggi: 1762	pensavo di aver risolto,ma le cose sono peggiorate...ora la connessione mi carica solo mezza pagina

01-05-2004, 21:07	#15
palanzana Bannato Iscritto dal: Sep 2003 Città: Viterbo Messaggi: 1762	ma ke è?

01-05-2004, 21:17	#18
MrOZ Senior Member Iscritto dal: Jun 2003 Città: "Mantua me genuit" Trattative concluse: 1 fracco!!! Devianze: MacTard iMac 27" i5 2,8Ghz 4GB IPHONE 5 32GB Black Iscritto dal: Nov 2002 Messaggi: 4426	Qui trovi i link a vari av online http://forum.gladiator-antivirus.com...howtopic=11418 Poi ti conviene installare la ver trial di trojanHunter www.misec.net e provare a fare una scan del sistema.

01-05-2004, 21:21	#19
palanzana Bannato Iscritto dal: Sep 2003 Città: Viterbo Messaggi: 1762	il migliore qualè?

01-05-2004, 21:24	#20
palanzana Bannato Iscritto dal: Sep 2003 Città: Viterbo Messaggi: 1762	The following ports were identified as open on your PC: Port 5000 These programs or services use this port by default: Windows ME, XP and 2003 Network Plug & Play These Trojans or Malware files use this port by default: Bubbel, Back Door Setup, Blazer 5, Socket 23, Sockets de Troie Port 445 These programs or services use this port by default: Microsoft-DS Port 135 These programs or services use this port by default: DCE endpoint resolution Port 1025 These programs or services use this port by default: Windows RPC, Scheduled Tasks These Trojans or Malware files use this port by default: NetSpy, Maverick's Matrix, RemoteStorm Security-Test: Public available information about your PC resp. your network are collected. Your IP address: 80.117.16.172 Your operating system: Windows XP Your browser: MS Internet Explorer Full browser identification: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Browser languages: it You did run the Online-Check 0 times before. Public information for your IP address from the whois server: % inetnum: 80.117.0.0 - 80.117.255.255 netname: TINIT-ADSL-LITE descr: Telecom Italia descr: Accesso ADSL BBB country: IT admin-c: BS104-RIPE tech-c: BS104-RIPE status: ASSIGNED PA remarks: Please send abuse notification to [email protected] notify: [email protected] mnt-by: TIWS-MNT changed: [email protected] 20020927 source: RIPE route: 80.117.0.0/16 descr: INTERBUSINESS origin: AS3269 notify: [email protected] mnt-by: INTERB-MNT changed: [email protected] 20011210 source: RIPE person: BBBEASYIP STAFF address: Via Val Cannuta, 250 address: I-00100 Roma address: Italy phone: +39 06 36881 e-mail: [email protected] nic-hdl: BS104-RIPE notify: [email protected] changed: [email protected] 20001019 source: RIPE Your PC resp. your network is contacted now and public information will be collected. Note: This check may take up to a minute.

Strumenti
Mostra una versione stampabile Invia questa pagina per email