|
|||||||
|
|
|
 |
|
|
Strumenti |
06-09-2004, 12:26
|
#1 |
|
Senior Member
Iscritto dal: Jan 2004
Messaggi: 635
|
help toolbar che non vanno via!!!!!!!!
Cosa faccio? come le posso disistallare?
ho gia porovato ad andare nel registro di sistema ma niente una seconda barra mi si avvia come internet expolore help help help 
|
|
|
|
06-09-2004, 12:40
|
#2 |
|
Senior Member
Iscritto dal: Jan 2004
Messaggi: 635
|
sono le toolbar del sito search the web che installa anche un programma che ti cambia la pagina iniziale dal nome
bend inside soft.exe che è nella di c:\programmi\knob army\ |
|
|
|
|
06-09-2004, 13:37
|
#5 |
|
Senior Member
Iscritto dal: Jan 2004
Messaggi: 635
|
salve ragazzi ho risolto!!
ECCOVI LA PROCEDURA CHE HO SEGUITO con hijack this ho eseguito lo scan ed eccovi il log così se qualcuno vede qualche altra cosa da eliminare me lo può dire: Logfile of HijackThis v1.97.7 Scan saved at 13.34.37, on 06/09/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Sygate\SPF\smc.exe C:\Programmi\Stardock\Object Desktop\WindowBlinds\wbload.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\Mixer.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\WINDOWS\System32\atwtusb.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe C:\WINDOWS\System32\hphmon03.exe C:\PROGRA~1\DAP\DAP.EXE C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\ufd\ufd.exe C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe C:\Programmi\Messenger Plus! 3\MsgPlus.exe C:\WINDOWS\System32\TBLMOUSE.EXE C:\WINDOWS\System32\ctfmon.exe C:\Programmi\CursorXP\CursorXP.exe C:\Programmi\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Programmi\Logitech\MouseWare\system\em_exec.exe C:\Programmi\Stardock\ObjectDock\ObjectDock.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\MSN Messenger\msnmsgr.exe C:\Programmi\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Commander Pro\UPServ.exe C:\Programmi\Commander Pro\UPS.EXE C:\Programmi\Outlook Express\msimn.exe C:\Programmi\Internet Explorer\iexplore.exe E:\Programmi nuovi\Hijak this\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fastweb.it/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\System32\hphmon03.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [PLoader] c:\ufd\ufd.exe sys_auto_run C:\UFD O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Programmi\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MOD] C:\Programmi\Microangelo\muamgr.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] C:\Programmi\Messenger\msmsgs.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\Messenger Plus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [CursorXP] C:\Programmi\CursorXP\CursorXP.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background O4 - Startup: Stardock ObjectDock.lnk = C:\Programmi\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Programmi\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab28578.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1094389613078 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab28578.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...138.7531597222 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/get...sh/swflash.cab nel log file ho rintracciato l'esecuzione dei 2 programmi incriminati che mi impostavano una nuova pagina iniziale e una toolbar fastidiosissima i 2 programmi sono: bend inside soft.exe list dash.exe eliminandoli con hijack o deselezionandoli nell'avvio automatico e poi cancellandoli dall'hd il problema viene risolto ciaoo |
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 01:27.
