|
|||||||
|
|
|
 |
|
|
Strumenti |
10-08-2006, 09:15
|
#3001 |
|
Senior Member
Iscritto dal: Jun 2001
Città: Verona
Messaggi: 8698
|
vorrei sapere perchè queste entries
O13 - DefaultPrefix: O13 - WWW Prefix: O13 - Home Prefix: O13 - Mosaic Prefix: O13 - FTP Prefix: O13 - Gopher Prefix: sebbene le fixi si ripresentino ad un successivo scan  grazie 
__________________
You have to be trusted by the people that you lie to / So that when they turn their backs on you / You'll get the chance to put the knife in |
|
|
|
10-08-2006, 09:30
|
#3002 |
|
Junior Member
Iscritto dal: Aug 2006
Messaggi: 4
|
buongiorno ragazzi...ho installato winantivirus pro 2006 scoprendo ke è un malware o qualcosa del genere... ieri ho fatto il fix con haijackthis e poi ho eliminato grazie l'aiuto di un vostro amico i file nocivi e con LSPfix il file nocivo scanmail.dll. ma ancora non mi disinstalla quel maledetto programma.
Mi dice ke manca il file unins000.dat cosa devo fare? spero nel vostro aiuto. grazie |
|
|
|
|
10-08-2006, 10:05
|
#3003 | |
|
Senior Member
Iscritto dal: Mar 2004
Città: Rimini
Messaggi: 10296
|
Quote:
quelle voci servono per definire il "default prefix" vale a dire: se nella barra degli indirizzi di explorer digiti "google.com" senza "http://www" automaticamente IE comprende di dover inserire davanti "www." Quelle entry vengono spesso sfruttate da CoolWebSearch per dirottarti da qualche parte anche se, nel tuo caso non vedo nulla di anomalo, nel senso che se fossi "hackerato" quelle rigge dovrebbero presentarsi più o meno così: www. Prefix: http://http://sito_schifoso.com . Per sicurezza fai un controllo con CWShredder
__________________
sometimes they come back *** Life Happens! - (Professionista I.T. - Tecnico Telecomunicazioni) Latitude E6420 I7 2760QM SSD Crucial M4-512GB --- Tecra R840 I5 2520M SSD Samsung 830-256GB --- Macbook Pro 13,3" I5 2435M SSD Samsung 830-256GB |
|
|
|
|
|
10-08-2006, 10:24
|
#3004 |
|
Junior Member
Iscritto dal: Aug 2006
Messaggi: 4
|
qualcuno sa aiutarmi?
|
|
|
|
|
10-08-2006, 12:40
|
#3005 | |
|
Senior Member
Iscritto dal: Jun 2001
Città: Verona
Messaggi: 8698
|
Quote:
__________________
You have to be trusted by the people that you lie to / So that when they turn their backs on you / You'll get the chance to put the knife in |
|
|
|
|
|
10-08-2006, 14:16
|
#3006 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
almeno che non sia soltanto una scusa per non farsi estirpare 
|
|
|
|
|
|
13-08-2006, 11:07
|
#3007 |
|
Member
Iscritto dal: Jan 2006
Città: Roma & "Kansas City"
Messaggi: 122
|
Quando accendo il pc è mi compare la schermata mi da un messaggio : RUNDLL errore durante il caricamento il C \windows\ sistem32\implib.dll impossibile trovare il modulo specificato
Cosa devo fare???? |
|
|
|
|
13-08-2006, 11:20
|
#3008 | |
|
Senior Member
Iscritto dal: Sep 2004
Città: Prov. Novara/Palmdale
Messaggi: 5228
|
Quote:
Forse ci siamo capiti male...il crossposting è vietato...errore anche mio...(qui avresti dovuto postare solo il log )Ciao Ultima modifica di SkunkWorks 68 : 13-08-2006 alle 11:31. |
|
|
|
|
|
13-08-2006, 11:48
|
#3009 |
|
Senior Member
Iscritto dal: Jan 2005
Città: Meduno/Trieste
Messaggi: 806
|
provate a controllarmi questo log, grazie mille
Logfile of HijackThis v1.99.1 Scan saved at 12.35.00, on 13/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Programmi\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Programmi\Thomson\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\Mixer.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\Eset\nod32kui.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\File comuni\Real\Update_OB\rnathchk.exe C:\Documents and Settings\ILCASTIGO\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Programmi\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [Windows Registers] winservicess.exe O4 - HKLM\..\Run: [NVIDIA Video drivers] video_32sD.exe O4 - HKLM\..\Run: [Microsoft Update] snlogsvc.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe O4 - HKLM\..\Run: [Microsoft Update Machine] scvhostsys.exe O4 - HKLM\..\Run: [Web Service] xdlfpz.exe O4 - HKLM\..\Run: [MSN Update] dllcon.exe O4 - HKLM\..\Run: [Microsoft CONFIG] winmx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] C:\Programmi\File comuni\Real\Update_OB\realsched.exe -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\RunServices: [Windows Registers] winservicess.exe O4 - HKLM\..\RunServices: [Microsoft CONFIG] winmx.exe O4 - HKLM\..\RunServices: [Microsoft Update Machine] scvhostsys.exe O4 - HKLM\..\RunServices: [Web Service] xdlfpz.exe O4 - HKLM\..\RunServices: [MSN Update] dllcon.exe O4 - HKLM\..\RunServices: [NVIDIA Video drivers] video_32sD.exe O4 - HKLM\..\RunServices: [Microsoft Update] snlogsvc.exe O4 - HKCU\..\Run: [Windows Registers] winservicess.exe O4 - HKCU\..\Run: [NVIDIA Video drivers] video_32sD.exe O4 - HKCU\..\Run: [Microsoft Update] snlogsvc.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Web Service] xdlfpz.exe O4 - HKCU\..\Run: [Microsoft CONFIG] winmx.exe O4 - HKCU\..\Run: [MSN Update] dllcon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Google Search - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://C:\Programmi\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://C:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Programmi\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://C:\Programmi\Google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe O12 - Plugin for .pdf: C:\Programmi\Internet Explorer\PLUGINS\nppdf32.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
__________________
MacBook Pro 13" mid 2010 |
|
|
|
|
13-08-2006, 12:00
|
#3010 |
|
Senior Member
Iscritto dal: Sep 2004
Città: Prov. Novara/Palmdale
Messaggi: 5228
|
Siamo messi malino.
Da fixare: O4 - HKLM\..\Run: [Windows Registers] winservicess.exe O4 - HKLM\..\Run: [NVIDIA Video drivers] video_32sD.exe O4 - HKLM\..\Run: [Microsoft Update] snlogsvc.exe O4 - HKLM\..\Run: [Microsoft Update Machine] scvhostsys.exe O4 - HKLM\..\Run: [Web Service] xdlfpz.exe O4 - HKLM\..\Run: [MSN Update] dllcon.exe O4 - HKLM\..\Run: [Microsoft CONFIG] winmx.exe O4 - HKLM\..\RunServices: [Windows Registers] winservicess.exe O4 - HKLM\..\RunServices: [Microsoft CONFIG] winmx.exe O4 - HKLM\..\RunServices: [Microsoft Update Machine] scvhostsys.exe O4 - HKLM\..\RunServices: [Web Service] xdlfpz.exe O4 - HKLM\..\RunServices: [MSN Update] dllcon.exe O4 - HKLM\..\RunServices: [NVIDIA Video drivers] video_32sD.exe O4 - HKLM\..\RunServices: [Microsoft Update] snlogsvc.exe O4 - HKCU\..\Run: [Windows Registers] winservicess.exe O4 - HKCU\..\Run: [NVIDIA Video drivers] video_32sD.exe O4 - HKCU\..\Run: [Microsoft Update] snlogsvc.exe O4 - HKCU\..\Run: [Web Service] xdlfpz.exe O4 - HKCU\..\Run: [Microsoft CONFIG] winmx.exe O4 - HKCU\..\Run: [MSN Update] dllcon.exe dai una bella passata con un antispyware e fai uno scan con l'antivirus da provvisoria(vedo che hai il NOD che non è male),magari riescono a toglierti qualcosa e disattiva il ripristino configurazione. Ciao |
|
|
|
|
13-08-2006, 12:01
|
#3011 |
|
Senior Member
Iscritto dal: May 2005
Città: Palermo
Messaggi: 6390
|
subbywrc i tuoi log sono sempre molto sudici, ma come fai?
 Con hijackthis elimina queste voci: O4 - HKLM\..\Run: [Windows Registers] winservicess.exe O4 - HKLM\..\Run: [NVIDIA Video drivers] video_32sD.exe O4 - HKLM\..\Run: [Microsoft Update] snlogsvc.exe O4 - HKLM\..\Run: [Microsoft Update Machine] scvhostsys.exe O4 - HKLM\..\Run: [Web Service] xdlfpz.exe O4 - HKLM\..\Run: [MSN Update] dllcon.exe O4 - HKLM\..\Run: [Microsoft CONFIG] winmx.exe O4 - HKLM\..\RunServices: [Windows Registers] winservicess.exe O4 - HKLM\..\RunServices: [Microsoft CONFIG] winmx.exe O4 - HKLM\..\RunServices: [Microsoft Update Machine] scvhostsys.exe O4 - HKLM\..\RunServices: [Web Service] xdlfpz.exe O4 - HKLM\..\RunServices: [MSN Update] dllcon.exe O4 - HKLM\..\RunServices: [NVIDIA Video drivers] video_32sD.exe O4 - HKLM\..\RunServices: [Microsoft Update] snlogsvc.exe O4 - HKCU\..\Run: [Windows Registers] winservicess.exe O4 - HKCU\..\Run: [NVIDIA Video drivers] video_32sD.exe O4 - HKCU\..\Run: [Microsoft Update] snlogsvc.exe O4 - HKCU\..\Run: [Web Service] xdlfpz.exe O4 - HKCU\..\Run: [Microsoft CONFIG] winmx.exe O4 - HKCU\..\Run: [MSN Update] dllcon.exe |
|
|
|
|
13-08-2006, 12:03
|
#3012 |
|
Senior Member
Iscritto dal: May 2005
Città: Palermo
Messaggi: 6390
|
Ciao SkunkWorks 68
|
|
|
|
|
13-08-2006, 12:04
|
#3013 | |
|
Senior Member
Iscritto dal: Sep 2004
Città: Prov. Novara/Palmdale
Messaggi: 5228
|
Quote:
|
|
|
|
|
|
13-08-2006, 12:19
|
#3014 |
|
Senior Member
Iscritto dal: Feb 2005
Messaggi: 351
|
Ho rivisto i programmi x navigare tranquillo in initernet (avast, zone alarm, spyware terminator con protezione in tempo reale clamav ).
Il log e' sempre ok? Grazie, ciao. Logfile of HijackThis v1.99.1 Scan saved at 13.06.54, on 13/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\ehome\ehtray.exe C:\Programmi\Analog Devices\SoundMAX\SMTray.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Programmi\IPM\Adsl\DataWay\dslstat.exe C:\WINDOWS\eHome\ehRecvr.exe C:\Programmi\Java\jre1.5.0_07\bin\jusched.exe C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe C:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\WINDOWS\eHome\ehSched.exe C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe C:\Programmi\Free Download Manager\fdm.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\VisualTaskTips\VisualTaskTips.exe C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\Digisoft AntiDialer\AntiDialer.exe C:\Programmi\Down2Home\Down2Home.exe C:\Programmi\Xi\NetTransport 2\NetTransport.exe C:\Programmi\Microsoft Private Folder 1.0\PrfldSvc.exe C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\Programmi\USDownloader 1.3.4 Beta 7\USDownloader.exe C:\Programmi\Http File Server 2.0a\hfs.exe C:\Programmi\Mozilla Firefox\firefox.exe C:\Programmi\Mozilla Thunderbird\thunderbird.exe C:\Documents and Settings\ciao\Documenti\new\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Programmi\Xi\NetTransport 2\NTIEHelper.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programmi\Free Download Manager\iefdmcks.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmi\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [Smapp] C:\Programmi\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [DSLSTATEXE] C:\Programmi\IPM\Adsl\DataWay\dslstat.exe icon O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programmi\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_07\bin\jusched.exe O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [Free Download Manager] C:\Programmi\Free Download Manager\fdm.exe -autorun O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Allway Sync] "C:\Programmi\Allway Sync\bin\syncappw.exe" -m O4 - HKCU\..\Run: [VisualTaskTips] C:\Programmi\VisualTaskTips\VisualTaskTips.exe O4 - HKCU\..\Run: [USDownloader] "C:\Programmi\USDownloader 1.3.4 Beta 7\USDownloader.exe" O4 - HKCU\..\Run: [AnyDVD] C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe O4 - Global Startup: Digisoft AntiDialer.lnk = C:\Programmi\Digisoft AntiDialer\AntiDialer.exe O4 - Global Startup: Down2Home.lnk = C:\Programmi\Down2Home\Down2Home.exe O4 - Global Startup: Net Transport.lnk = C:\Programmi\Xi\NetTransport 2\NetTransport.exe O8 - Extra context menu item: Aggiungi all'elenco di stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Anteprima Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Salva oggetto con Net Transport - C:\Programmi\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: Salva tutti gli oggetti con Net Transport - C:\Programmi\Xi\NetTransport 2\NTAddList.html O8 - Extra context menu item: Scarica con Free Download Manager - file://C:\Programmi\Free Download Manager\dllink.htm O8 - Extra context menu item: Scarica selezionati con Free Download Manager - file://C:\Programmi\Free Download Manager\dlselected.htm O8 - Extra context menu item: Scarica tutto con Free Download Manager - file://C:\Programmi\Free Download Manager\dlall.htm O8 - Extra context menu item: Stampa ad alta velocità Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{32316DFA-214D-4E41-820E-6F2679FDB41B}: NameServer = 85.37.17.41 85.38.28.83 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Programmi\Microsoft Private Folder 1.0\PrfldSvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Programmi\RealVNC\VNC4\WinVNC4.exe" -service (file missing) |
|
|
|
|
13-08-2006, 12:22
|
#3015 | |
|
Senior Member
Iscritto dal: Jan 2005
Città: Meduno/Trieste
Messaggi: 806
|
Quote:
no ma questi non sono i miei log, sono dei miei "pazienti", messo a posto questo posto il mio per curiosità  intanto cancello le voci che mi avete segnalato
__________________
MacBook Pro 13" mid 2010 |
|
|
|
|
|
13-08-2006, 14:52
|
#3016 |
|
Senior Member
Iscritto dal: May 2005
Città: Palermo
Messaggi: 6390
|
fenomeno ita il log e' pulito.
|
|
|
|
|
13-08-2006, 17:25
|
#3017 | |
|
Member
Iscritto dal: Jan 2006
Città: Roma & "Kansas City"
Messaggi: 122
|
Quote:
Logfile of HijackThis v1.99.1 Scan saved at 18.20.55, on 13/08/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\fswinsys.exe C:\Programmi\Eset\nod32krn.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\csrvhost.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe C:\Programmi\Eset\nod32kui.exe C:\WINDOWS\System32\ctfmon.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\System32\rsjheci.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Documents and Settings\Francky.N1-UWNJ63CHO8Z3\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Class - {C7489511-53F4-C96F-B1E8-6941B95E98DC} - C:\WINDOWS\fmknx1.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [implib] rundll32.exe C:\WINDOWS\System32\implib.dll,start O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [Msnupgred] xhspxxz.exe O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [FiresWallservices] zpjfnahuyatjmd.exe O4 - HKLM\..\Run: [nod32kui] C:\Programmi\Eset\nod32kui.exe /WAITSERVICE O4 - HKLM\..\Run: [Windows System File] csrvhost.exe O4 - HKLM\..\Run: [Microsoft Update] rsjheci.exe O4 - HKLM\..\RunServices: [Msnupgred] xhspxxz.exe O4 - HKLM\..\RunServices: [FiresWallservices] zpjfnahuyatjmd.exe O4 - HKLM\..\RunServices: [Windows System File] csrvhost.exe O4 - HKLM\..\RunServices: [Microsoft Update] rsjheci.exe O4 - HKLM\..\RunOnce: [Windows System File] csrvhost.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [updateMgr] "C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O4 - HKCU\..\Run: [Windows System File] csrvhost.exe O4 - HKCU\..\RunOnce: [Windows System File] csrvhost.exe O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O23 - Service: fsecure 2006 (fsecure) - Unknown owner - C:\WINDOWS\fswinsys.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Programmi\Eset\nod32krn.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SysHug - Unknown owner - C:\WINDOWS\TEMP\AF5.tmp (file missing) |
|
|
|
|
|
13-08-2006, 17:30
|
#3018 | |
|
Senior Member
Iscritto dal: Feb 2002
Città: Discovery
Messaggi: 34710
|
Quote:
__________________
Good afternoon, gentlemen, I'm a H.A.L. computer. |
|
|
|
|
|
13-08-2006, 17:43
|
#3019 | |
|
Member
Iscritto dal: Jan 2006
Città: Roma & "Kansas City"
Messaggi: 122
|
Quote:
Grazie |
|
|
|
|
|
13-08-2006, 17:45
|
#3020 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 18:09.
