|
|||||||
|
|
|
 |
|
|
Strumenti |
11-02-2006, 13:09
|
#1 |
|
Junior Member
Iscritto dal: Feb 2006
Messaggi: 7
|
Problema con start page, qualcuno può aiutarmi????
Ciao a tutti...da qualche tempo ogni volte che entro in internet mi si apre una pagina iniziale di sfondissimi.net....mi dicono che potrebbe essere un trojan ma ho provato a fare scansioni con antivirus...cleaner....spyware..e nessuno riesce a rilevarlo....qualcono ha una soluzione?????
grazie 
|
|
|
|
11-02-2006, 13:10
|
#2 |
|
Senior Member
Iscritto dal: May 2005
Città: Palermo
Messaggi: 6390
|
Hai provato anche con ewido? http://download.ewido.net/ewido-setup.exe
|
|
|
|
|
12-02-2006, 10:12
|
#3 |
|
Junior Member
Iscritto dal: Feb 2006
Messaggi: 7
|
Ho provato anche quello ma non lo rileva
|
|
|
|
|
12-02-2006, 10:21
|
#4 | |
|
Senior Member
Iscritto dal: May 2005
Città: Palermo
Messaggi: 6390
|
Quote:
|
|
|
|
|
|
12-02-2006, 10:31
|
#5 |
|
Senior Member
Iscritto dal: Sep 2005
Città: Opinions are like assholes: anybody has one...
Messaggi: 34290
|
ripulisci e immunizza gli hosts
start esegui ipconfig /flushdns metti spywareblaster
__________________
Ну давай !! . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Cina, bugiardo - stolen conto: non paghi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . NON CERCO PIU' UN ALIMENTATORE DECENTE ----------------> LINK |
|
|
|
|
12-02-2006, 17:12
|
#6 | |
|
Junior Member
Iscritto dal: Feb 2006
Messaggi: 7
|
Quote:
Ecco il log...e grazie in anticipo per l'aiuto...molto gentile Logfile of HijackThis v1.91.2 Scan saved at 18.08.15, on 12/02/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://it.rd.yahoo.com/customize/ycomp/defaults/sb/*http://it.docs.yahoo.com/info/ie6.html R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default)=http://it.rd.yahoo.com/customize/ycomp/defaults/su/*http://it.yahoo.com R3 - Default URLSearchHook is missing O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [WheelMouse] Amoumain.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Programmi\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NAV CfgWiz] C:\Programmi\File comuni\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programmi\File comuni\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ccleaner] "C:\Programmi\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [SpySweeper] C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe /0 O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O16 - DPF: ConferenceRoom Java Client - http://www.mtv.co.uk/mtv.co.uk/chat/java/cr.cab O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/downlo...22/wmv9VCM.CAB O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" |
|
|
|
|
|
12-02-2006, 17:21
|
#7 |
|
Senior Member
Iscritto dal: May 2005
Città: Palermo
Messaggi: 6390
|
Fixa questa:
R3 - Default URLSearchHook is missing |
|
|
|
|
12-02-2006, 19:31
|
#8 |
|
Junior Member
Iscritto dal: Feb 2006
Messaggi: 7
|
Fixata ma...purtroppo la pagina resta lì ferma e irremovibile....
|
|
|
|
|
12-02-2006, 19:36
|
#9 | |
|
Senior Member
Iscritto dal: May 2005
Città: Palermo
Messaggi: 6390
|
Quote:
Ultima modifica di andorra24 : 12-02-2006 alle 19:40. |
|
|
|
|
|
12-02-2006, 20:29
|
#10 |
|
Senior Member
Iscritto dal: Sep 2005
Città: Opinions are like assholes: anybody has one...
Messaggi: 34290
|
fixa gli host anche
__________________
Ну давай !! . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Cina, bugiardo - stolen conto: non paghi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . NON CERCO PIU' UN ALIMENTATORE DECENTE ----------------> LINK |
|
|
|
|
13-02-2006, 09:34
|
#11 | |
|
Junior Member
Iscritto dal: Feb 2006
Messaggi: 7
|
Quote:
...ho provato anke questa ma niente....ormai è una questione di principio...devo assolutamente eliminare quella pagina...
|
|
|
|
|
|
13-02-2006, 09:35
|
#12 | |
|
Junior Member
Iscritto dal: Feb 2006
Messaggi: 7
|
Quote:
...spero che questo log sia completo Running Processes: ----------------- #:1 [smss.exe] File Path: C:\WINDOWS\System32\smss.exe ProcessID: 448 Threads: 3 Priority: Normal File Size: 49 KB Version: 5.1.2600.2180 File Version: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Product Version: 5.1.2600.2180 Copyright: © Microsoft Corporation. Tutti i diritti riservati. Company Name: Microsoft Corporation File Description: Windows NT Session Manager Internal Name: smss.exe Original Filename: smss.exe Product Name: Sistema operativo Microsoft® Windows® Created on: 09/09/2002 12.51.38 Last accessed: 13/02/2006 9.44.16 Last modified: 19/08/2004 23.39.44 #:2 [winlogon.exe] File Path: C:\WINDOWS\system32\winlogon.exe ProcessID: 536 Threads: 18 Priority: High File Size: 493 KB Version: 5.1.2600.2180 File Version: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Product Version: 5.1.2600.2180 Copyright: © Microsoft Corporation. Tutti i diritti riservati. Company Name: Microsoft Corporation File Description: Applicazione Accesso a Windows NT Internal Name: winlogon Original Filename: WINLOGON.EXE Product Name: Sistema operativo Microsoft® Windows® Created on: 09/09/2002 12.51.42 Last accessed: 13/02/2006 10.31.01 Last modified: 19/08/2004 23.39.44 #:3 [services.exe] File Path: C:\WINDOWS\system32\services.exe ProcessID: 580 Threads: 15 Priority: Normal File Size: 106 KB Version: 5.1.2600.2180 File Version: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Product Version: 5.1.2600.2180 Copyright: © Microsoft Corporation. Tutti i diritti riservati. Company Name: Microsoft Corporation File Description: Applicazione Servizi e Controller Internal Name: services.exe Original Filename: services.exe Product Name: Sistema operativo Microsoft® Windows® Created on: 31/08/2001 13.00.00 Last accessed: 13/02/2006 9.44.34 Last modified: 19/08/2004 23.39.44 #:4 [lsass.exe] File Path: C:\WINDOWS\system32\lsass.exe ProcessID: 592 Threads: 20 Priority: Normal File Size: 13 KB Version: 5.1.2600.2180 File Version: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Product Version: 5.1.2600.2180 Copyright: © Microsoft Corporation. All rights reserved. Company Name: Microsoft Corporation File Description: LSA Shell (Export Version) Internal Name: lsass.exe Original Filename: lsass.exe Product Name: Microsoft® Windows® Operating System Created on: 09/09/2002 12.51.32 Last accessed: 13/02/2006 9.44.54 Last modified: 19/08/2004 23.39.37 #:5 [svchost.exe] File Path: C:\WINDOWS\system32\svchost.exe ProcessID: 744 Threads: 18 Priority: Normal File Size: 14 KB Version: 5.1.2600.2180 File Version: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Product Version: 5.1.2600.2180 Copyright: © Microsoft Corporation. All rights reserved. Company Name: Microsoft Corporation File Description: Generic Host Process for Win32 Services Internal Name: svchost.exe Original Filename: svchost.exe Product Name: Microsoft® Windows® Operating System Created on: 31/08/2001 13.00.00 Last accessed: 13/02/2006 9.49.04 Last modified: 19/08/2004 23.39.44 #:6 [svchost.exe] File Path: C:\WINDOWS\System32\svchost.exe ProcessID: 860 Threads: 72 Priority: Normal File Size: 14 KB Version: 5.1.2600.2180 File Version: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Product Version: 5.1.2600.2180 Copyright: © Microsoft Corporation. All rights reserved. Company Name: Microsoft Corporation File Description: Generic Host Process for Win32 Services Internal Name: svchost.exe Original Filename: svchost.exe Product Name: Microsoft® Windows® Operating System Created on: 31/08/2001 13.00.00 Last accessed: 13/02/2006 10.31.07 Last modified: 19/08/2004 23.39.44 #:7 [CCSETMGR.EXE] File Path: C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe ProcessID: 1128 Threads: 7 Priority: Normal File Size: 161 KB Version: 103.0.3.8 File Version: 103.0.3.8 Product Version: 103.0.3.8 Copyright: Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. Company Name: Symantec Corporation File Description: Symantec Settings Manager Service Internal Name: ccSetMgr Original Filename: ccSetMgr.exe Product Name: Client and Host Security Platform Created on: 24/08/2004 17.44.18 Last accessed: 13/02/2006 9.47.18 Last modified: 22/02/2005 12.09.40 #:8 [explorer.exe] File Path: C:\WINDOWS\Explorer.EXE ProcessID: 1136 Threads: 13 Priority: Normal File Size: 1010 KB Version: 6.0.2900.2180 File Version: 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Product Version: 6.00.2900.2180 Copyright: © Microsoft Corporation. Tutti i diritti riservati. Company Name: Microsoft Corporation File Description: Esplora risorse Internal Name: explorer Original Filename: EXPLORER.EXE Product Name: Sistema operativo Microsoft® Windows® Created on: 09/09/2002 12.51.30 Last accessed: 13/02/2006 9.44.44 Last modified: 19/08/2004 23.39.35 #:9 [CCEVTMGR.EXE] File Path: C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe ProcessID: 1224 Threads: 22 Priority: Normal File Size: 193 KB Version: 103.0.3.8 File Version: 103.0.3.8 Product Version: 103.0.3.8 Copyright: Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. Company Name: Symantec Corporation File Description: Symantec Event Manager Service Internal Name: ccEvtMgr Original Filename: ccEvtMgr.exe Product Name: Client and Host Security Platform Created on: 24/08/2004 17.43.12 Last accessed: 13/02/2006 9.47.19 Last modified: 22/02/2005 12.09.38 #:10 [LEXBCES.EXE] File Path: C:\WINDOWS\system32\LEXBCES.EXE ProcessID: 1384 Threads: 8 Priority: Normal File Size: 296 KB Version: 8.29.0.0 File Version: 8.29 Product Version: 8.29 Copyright: (C) 1993 - 2003 Lexmark International, Inc. Company Name: Lexmark International, Inc. File Description: LexBce Service Internal Name: LexBce Service Original Filename: LexBceS.exe Product Name: MarkVision for Windows (32 bit) Created on: 18/08/2003 15.37.10 Last accessed: 13/02/2006 9.44.48 Last modified: 18/08/2003 15.37.10 #:11 [LEXPPS.EXE] File Path: C:\WINDOWS\system32\LEXPPS.EXE ProcessID: 1408 Threads: 10 Priority: Normal File Size: 170 KB Version: 8.29.0.0 File Version: 8.29 Product Version: 8.29 Copyright: (C) 1993 - 2003 Lexmark International, Inc. Company Name: Lexmark International, Inc. File Description: LEXPPS.EXE Internal Name: LEXPPS Original Filename: LEXPPS.EXE Product Name: MarkVision for Windows (32 bit) Created on: 18/08/2003 15.32.56 Last accessed: 13/02/2006 9.44.48 Last modified: 18/08/2003 15.32.56 #:12 [spoolsv.exe] File Path: C:\WINDOWS\system32\spoolsv.exe ProcessID: 1416 Threads: 13 Priority: Normal File Size: 56 KB Version: 5.1.2600.2696 File Version: 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) Product Version: 5.1.2600.2696 Copyright: © Microsoft Corporation. All rights reserved. Company Name: Microsoft Corporation File Description: Spooler SubSystem App Internal Name: spoolsv.exe Original Filename: spoolsv.exe Product Name: Microsoft® Windows® Operating System Created on: 31/08/2001 13.00.00 Last accessed: 13/02/2006 9.44.48 Last modified: 11/06/2005 0.53.32 #:13 [ewidoctrl.exe] File Path: C:\Programmi\ewido anti-malware\ewidoctrl.exe ProcessID: 1696 Threads: 5 Priority: Normal File Size: 13 KB Version: 3.0.0.1 File Version: 3, 0, 0, 1 Product Version: 3, 0, 0, 1 Copyright: Copyright © 2004 Company Name: ewido networks File Description: ewido control Internal Name: ewido control Original Filename: ewidoctrl.exe Product Name: ewido control Created on: 30/11/2005 10.47.52 Last accessed: 13/02/2006 9.49.32 Last modified: 30/11/2005 10.47.52 #:14 [ewidoguard.exe] File Path: C:\Programmi\ewido anti-malware\ewidoguard.exe ProcessID: 1744 Threads: 9 Priority: Normal File Size: 148 KB Version: 3.0.0.1 File Version: 3, 0, 0, 1 Product Version: 3, 0, 0, 1 Copyright: Copyright © 2004 Company Name: ewido networks File Description: guard Internal Name: guard Original Filename: guard.exe Product Name: guard Created on: 18/12/2005 18.41.35 Last accessed: 13/02/2006 9.49.32 Last modified: 18/12/2005 18.41.35 #:15 [NAVAPSVC.EXE] File Path: C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe ProcessID: 1788 Threads: 11 Priority: Normal File Size: 154 KB Version: 10.0.10.13 File Version: 10.00.13 Product Version: 10.00.13 Copyright: Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright (c) 2003 Symantec Corporation. All rights reserved. Company Name: Symantec Corporation File Description: Norton AntiVirus Auto-Protect Service Internal Name: NAVAPSVC Original Filename: NAVAPSVC.EXE Product Name: Norton AntiVirus Created on: 22/08/2003 9.31.20 Last accessed: 13/02/2006 9.52.30 Last modified: 04/12/2003 20.14.04 #:16 [SAVSCAN.EXE] File Path: C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe ProcessID: 1860 Threads: 7 Priority: Normal File Size: 189 KB Version: 9.2.2.7 File Version: Product Version: 9.2 Copyright: Copyright (c) 2004 Symantec Corporation Company Name: Symantec Corporation File Description: Symantec AntiVirus Scanner Internal Name: SAVSCAN Original Filename: SAVSCAN.EXE Product Name: Symantec AntiVirus AutoProtect Created on: 09/08/2003 17.26.24 Last accessed: 13/02/2006 9.44.55 Last modified: 25/01/2005 20.48.50 #:17 [svchost.exe] File Path: C:\WINDOWS\System32\svchost.exe ProcessID: 1912 Threads: 8 Priority: Normal File Size: 14 KB Version: 5.1.2600.2180 File Version: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Product Version: 5.1.2600.2180 Copyright: © Microsoft Corporation. All rights reserved. Company Name: Microsoft Corporation File Description: Generic Host Process for Win32 Services Internal Name: svchost.exe Original Filename: svchost.exe Product Name: Microsoft® Windows® Operating System Created on: 31/08/2001 13.00.00 Last accessed: 13/02/2006 10.31.07 Last modified: 19/08/2004 23.39.44 #:18 [symwsc.exe] File Path: C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe ProcessID: 292 Threads: 10 Priority: Normal File Size: 309 KB Version: 2005.1.2.20 File Version: 2005.1.2.20 Product Version: 2005.1 Copyright: Copyright (c) 1997-2004 Symantec Corporation Company Name: Symantec Corporation File Description: Norton Security Center Service Internal Name: SymWSC.exe Original Filename: SymWSC.exe Product Name: Norton Security Center Created on: 20/07/2005 12.22.39 Last accessed: 13/02/2006 9.45.06 Last modified: 02/11/2004 15.59.50 #:19 [gsicon.exe] File Path: C:\WINDOWS\system32\GSICON.EXE ProcessID: 2200 Threads: 3 Priority: Normal File Size: 88 KB Version: 3.1.0.0 File Version: 3.1.0 Product Version: 3.1.0 Copyright: Copyright © 2001 GlobeSpan, Inc. Company Name: GlobeSpan, Inc. File Description: DSL Modem Monitor Internal Name: GSICON.EXE Original Filename: GSICON.EXE Product Name: DSL Modem Created on: 24/04/2004 15.33.23 Last accessed: 13/02/2006 10.31.05 Last modified: 13/08/2001 18.28.28 #:20 [dslagent.exe] File Path: C:\WINDOWS\system32\dslagent.exe ProcessID: 2236 Threads: 1 Priority: Normal File Size: 16 KB Created on: 24/04/2004 15.33.22 Last accessed: 13/02/2006 9.46.20 Last modified: 21/08/2001 18.50.02 #:21 [Amoumain.exe] File Path: C:\Programmi\Trust\Ami Mouse 250S Cordless\Amoumain.exe ProcessID: 2364 Threads: 1 Priority: Normal File Size: 192 KB Created on: 15/11/2001 12.44.54 Last accessed: 13/02/2006 9.46.25 Last modified: 15/11/2001 12.44.54 #:22 [iTunesHelper.exe] File Path: C:\Programmi\iTunes\iTunesHelper.exe ProcessID: 2432 Threads: 4 Priority: Normal File Size: 280 KB Version: 4.5.0.31 File Version: 4.5.0.31 Product Version: 4.5.0.31 Copyright: © 2003-2004 Apple Computer, Inc. All Rights Reserved. Company Name: Apple Computer, Inc. File Description: iTunesHelper Module Internal Name: iTunesHelper Original Filename: iTunesHelper.exe Product Name: iTunes Created on: 21/04/2004 10.28.18 Last accessed: 13/02/2006 9.46.35 Last modified: 21/04/2004 10.28.18 #:23 [qttask.exe] File Path: C:\Programmi\QuickTime\qttask.exe ProcessID: 2484 Threads: 2 Priority: Normal File Size: 96 KB Version: 6.5.1.17 File Version: 6.5.1 Product Version: QuickTime 6.5.1 Copyright: © Apple Computer, Inc. 2001-2004 Company Name: Apple Computer, Inc. File Description: Internal Name: QuickTime Task Original Filename: QTTask.exe Product Name: QuickTime Created on: 30/04/2004 16.55.17 Last accessed: 13/02/2006 9.46.33 Last modified: 30/04/2004 16.55.17 #:24 [lxbkbmgr.exe] File Path: C:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe ProcessID: 2496 Threads: 1 Priority: Normal File Size: 56 KB Version: 0.1.1.1 File Version: 0.1.1.1 Product Version: 0.1.1.1 Copyright: (C) 2002 Lexmark International, Inc. Company Name: Lexmark International, Inc. File Description: Lexmark X1100 Series Button Manager Internal Name: lxbkbmgr.exe Original Filename: lxbkbmgr.exe Product Name: Button Manager Executable Created on: 19/08/2003 16.01.32 Last accessed: 13/02/2006 10.31.10 Last modified: 19/08/2003 16.01.32 #:25 [iPodService.exe] File Path: C:\Programmi\iPod\bin\iPodService.exe ProcessID: 2508 Threads: 6 Priority: Normal File Size: 392 KB Version: 4.5.0.31 File Version: 4.5.0.31 Product Version: 4.5.0.31 Copyright: © 2003-2004 Apple Computer, Inc. All Rights Reserved. Company Name: Apple Computer, Inc. File Description: iPodService Module Internal Name: iPodService Original Filename: iPodService.exe Product Name: iTunes Created on: 21/04/2004 10.28.04 Last accessed: 13/02/2006 9.46.35 Last modified: 21/04/2004 10.28.04 #:26 [CCAPP.EXE] File Path: C:\Programmi\File comuni\Symantec Shared\ccApp.exe ProcessID: 2528 Threads: 22 Priority: Normal File Size: 57 KB Version: 103.0.3.8 File Version: 103.0.3.8 Product Version: 103.0.3.8 Copyright: Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. Company Name: Symantec Corporation File Description: Symantec User Session Internal Name: ccApp Original Filename: ccApp.exe Product Name: Client and Host Security Platform Created on: 24/08/2004 17.42.40 Last accessed: 13/02/2006 9.47.22 Last modified: 22/02/2005 12.09.38 #:27 [lxbkbmon.exe] File Path: C:\Programmi\Lexmark X1100 Series\lxbkbmon.exe ProcessID: 2572 Threads: 1 Priority: Normal File Size: 52 KB Version: 0.1.1.1 File Version: 0.1.1.1 Product Version: 0.1.1.1 Copyright: (C) 2002 Lexmark International, Inc. Company Name: Lexmark International, Inc. File Description: Lexmark X1100 Series Button Monitor Internal Name: lxbkbmon.exe Original Filename: lxbkbmon.exe Product Name: Button Monitor Executable Created on: 19/08/2003 16.00.40 Last accessed: 13/02/2006 9.46.36 Last modified: 19/08/2003 16.00.40 #:28 [CfgWiz.exe] File Path: C:\Programmi\File comuni\Symantec Shared\CfgWiz.exe ProcessID: 2692 Threads: 7 Priority: Normal File Size: 121 KB Version: 4.0.0.92 File Version: 4.0.0.92 Product Version: 4.0 Copyright: Copyright (c) 2000-2003 Symantec Corporation. All rights reserved. Company Name: Symantec Corporation File Description: Symantec Internal Component Internal Name: ConfigWiz Original Filename: ConfigWiz.exe Product Name: Symantec Shared Components Created on: 09/09/2003 13.30.24 Last accessed: 13/02/2006 9.46.47 Last modified: 09/09/2003 13.30.24 #:29 [ctfmon.exe] File Path: C:\WINDOWS\system32\ctfmon.exe ProcessID: 2776 Threads: 1 Priority: Normal File Size: 15 KB Version: 5.1.2600.2180 File Version: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Product Version: 5.1.2600.2180 Copyright: © Microsoft Corporation. All rights reserved. Company Name: Microsoft Corporation File Description: CTF Loader Internal Name: CTFMON Original Filename: CTFMON.EXE Product Name: Microsoft® Windows® Operating System Created on: 09/09/2002 12.51.28 Last accessed: 13/02/2006 9.46.51 Last modified: 19/08/2004 23.39.35 #:30 [SpySweeper.exe] File Path: C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe ProcessID: 2888 Threads: 1 Priority: Normal File Size: 595 KB Version: 1.7.0.8 File Version: 1.7.0.8 Product Version: 1.0.0.0 Copyright: Copyright (c) 2001-2003 Webroot Software, Inc. Company Name: Webroot Software, Inc. File Description: Spy Sweeper Internal Name: Original Filename: Product Name: Spy Sweeper Created on: 09/02/2006 21.11.51 Last accessed: 13/02/2006 9.47.35 Last modified: 21/05/2003 13.56.24 #:31 [msmsgs.exe] File Path: C:\Programmi\Messenger\msmsgs.exe ProcessID: 3896 Threads: 5 Priority: Normal File Size: 1654 KB Version: 4.7.0.3001 File Version: 4.7.3001 Product Version: Version 4.7.3001 Copyright: Copyright (c) Microsoft Corporation 2004 Company Name: Microsoft Corporation File Description: Windows Messenger Internal Name: msmsgs Original Filename: msmsgs.exe Product Name: Messenger Created on: 14/04/2003 18.30.14 Last accessed: 13/02/2006 10.29.25 Last modified: 13/10/2004 17.24.37 #:32 [OPSCAN.EXE] File Path: C:\Programmi\Norton Internet Security\Norton AntiVirus\OPScan.exe ProcessID: 324 Threads: 8 Priority: Normal File Size: 65 KB Version: 10.0.2.610 File Version: 10.0.2.610 Product Version: 10.0.2.610 Copyright: Copyright (c) 2000-2003 Symantec Corporation. All rights reserved. Company Name: Symantec Corporation File Description: Norton AntiVirus Out of Process Scan Server Internal Name: OPScan Original Filename: OPScan.exe Product Name: Norton AntiVirus Created on: 14/08/2003 18.00.02 Last accessed: 13/02/2006 10.30.10 Last modified: 10/11/2003 12.30.22 #:33 [HiJack.exe] File Path: C:\Programmi\BulletProofSoft.com\SpywareRemover\HS\HiJack.exe ProcessID: 3712 Threads: 7 Priority: Normal File Size: 404 KB Version: 1.0.0.1 File Version: 1, 0, 0, 1 Product Version: 1, 0, 0, 1 Copyright: Copyright (C) 2003 Company Name: File Description: HiJack MFC Application Internal Name: System Hijack Scanner Original Filename: HiJackNT.EXE Product Name: System Hijack Scanner Created on: 14/05/2003 20.19.48 Last accessed: 13/02/2006 10.30.40 Last modified: 14/05/2003 20.19.48 System Hijack Scanner Entries: --------------- R0 - HKCU\Software\Microsoft\Internet Explorer\Main, Local Page=\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main, Local Page=C:\WINDOWS\system32\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar, LinksFolderName=Collegamenti R1 - HKLM\Software\Microsoft\Internet Explorer\Main, Default_page_url=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome R1 - HKLM\Software\Microsoft\Internet Explorer\Main, Default_search_url=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R1 - HKCU\Software\Microsoft\Internet Explorer\Main, search bar=http://it.rd.yahoo.com/customize/ycomp/defaults/sb/*http://it.docs.yahoo.com/info/ie6.html R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search, CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search, SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm R2 - HKCU\Software\Microsoft\Internet Explorer\SearchURL, Default=http://it.rd.yahoo.com/customize/ycomp/defaults/su/*http://it.yahoo.com R3 - URLSearchHook: Hook per la ricerca di URL Microsoft - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - %SystemRoot%\System32\shdocvw.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - ToolBar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O3 - ToolBar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE (file missing) O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB (file missing) O4 - HKLM\..\Run: [WheelMouse] Amoumain.exe (file missing) O4 - HKLM\..\Run: [iTunesHelper] C:\Programmi\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime (file missing) O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NAV CfgWiz] C:\Programmi\File comuni\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT" (file missing) O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programmi\File comuni\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ccleaner] "C:\Programmi\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [SpySweeper] C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe /0 O4 - Start Up: C:\Documents and Settings\UTENTE\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini O4 - User Start Up: C:\Documents and Settings\UTENTE\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini O4 - Global Start Up: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Reader.lnk O4 - Global Start Up: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini O4 - Global Start Up: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Microsoft Office.lnk O4 - Global User Start Up: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Reader.lnk O4 - Global User Start Up: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini O4 - Global User Start Up: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Microsoft Office.lnk O5 - HKCU\control panel\don't load: ncpa.cpl = No O5 - HKCU\control panel\don't load: odbccp32.cpl = No O16 - DPF: ConferenceRoom Java Client ((no name)) - http://www.mtv.co.uk/mtv.co.uk/chat/java/cr.cab O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} ((no name)) - http://codecs.microsoft.com/codecs/i386/msaudio.cab O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} ((no name)) - http://download.microsoft.com/downlo...22/wmv9VCM.CAB O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} ((no name)) - http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab O17 - HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TCPIP\Parameters\Interfaces\{6758B06E-B93F-4906-B867-56983879B31D}, NameServer=85.37.17.7 85.38.28.95 O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll |
|
|
|
|
|
13-02-2006, 10:14
|
#13 |
|
Senior Member
Iscritto dal: May 2005
Città: Palermo
Messaggi: 6390
|
Il log e' pulito. Ci sono solo alcune voci di file missing che potresti fixare:
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE (file missing) O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB (file missing) O4 - HKLM\..\Run: [WheelMouse] Amoumain.exe (file missing) O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime (file missing) Ti consiglio di disinstallare questo programma: C:\Programmi\BulletProofSoft.com\SpywareRemover\HS\HiJack.exe SpywareRemover e' inserito nella rogue list di SpywareWarrior ed e' ritenuto inaffidabile e sospetto. Fai una scansione con questo tool:http://www.francydelorenzi.it/compon.../filecatid,105 e una scansione con bitdefender free:http://www.bitdefender.com/site/Down...adFile/340/EN/ |
|
|
|
|
13-02-2006, 18:31
|
#14 | |
|
Junior Member
Iscritto dal: Feb 2006
Messaggi: 7
|
Quote:
...ma sei fantasticaaaaaaaaaaaa.....ho lanciato il primo tool che mi hai suggerito e...in unminuto problema risolto....davvero non so come ringraziarti..... |
|
|
|
|
|
13-02-2006, 19:22
|
#15 | |
|
Senior Member
Iscritto dal: May 2005
Città: Palermo
Messaggi: 6390
|
Quote:
|
|
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 06:17.
