|
|||||||
|
|
|
 |
|
|
Strumenti |
18-09-2006, 17:59
|
#3341 |
|
Junior Member
Iscritto dal: Sep 2006
Messaggi: 12
|
Log
Ciao a tutti volevo sapere se questo log di hijachthis è giusto
Grazie in anticipo delle risp! Logfile of HijackThis v1.99.1 Scan saved at 10.43.37, on 18/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\Spyware Doctor\sdhelp.exe C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\WinRAR\WinRAR.exe C:\DOCUME~1\Utente\IMPOST~1\Temp\Rar$EX00.953\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [Smapp] C:\Programmi\Analog Devices\SoundMAX\SMTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O12 - Plugin for .mpg: C:\Programmi\Internet Explorer\PLUGINS\npqtplugin3.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{1A264333-A733-4BD4-A651-49F42B59B09D}: NameServer = 85.37.17.57 85.38.28.80 O17 - HKLM\System\CS1\Services\Tcpip\..\{1A264333-A733-4BD4-A651-49F42B59B09D}: NameServer = 85.37.17.57 85.38.28.80 O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programmi\Ahead\InCD\InCDsrv.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Programmi\Spyware Doctor\sdhelp.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe |
|
|
|
18-09-2006, 18:06
|
#3342 |
|
Senior Member
Iscritto dal: Oct 2004
Città: Milano
Messaggi: 2641
|
@runner90
il log è pulito, però ti manca un antivirus mi sembra, o sbaglio 
__________________
FOXYLADY è un MASCHIO!! Un amico è una persona che sa tutto di te e nonostante questo gli piaci |
|
|
|
|
18-09-2006, 18:45
|
#3343 | |
|
Senior Member
Iscritto dal: Jan 2006
Città: Lainate(Mi)
Messaggi: 5645
|
Quote:
 era il pc di mio fratello che ha postato a mio nome!!!!!....riesce sempre a farci entrare certe schifezze!!!! 
__________________
PSN: gian73ska |
|
|
|
|
|
18-09-2006, 21:14
|
#3344 |
|
Junior Member
Iscritto dal: Sep 2006
Messaggi: 12
|
grazie
 foxylady per il chiarimento e si mi manca un antivirus lo metterò 
|
|
|
|
|
18-09-2006, 21:16
|
#3345 | |
|
Senior Member
Iscritto dal: Apr 2006
Città: Milano
Messaggi: 12425
|
Quote:
Corri a metterlo
|
|
|
|
|
|
18-09-2006, 21:16
|
#3346 |
|
Senior Member
Iscritto dal: Jan 2002
Messaggi: 1574
|
Ciao..
per favore puoi dare un'occhiata? ho un problema,ti allego quello che mi appare navigando in I.E.(scusa ho postato anche nella sezione di win,)Logfile of HijackThis v1.98.0 Scan saved at 22.11.27, on 18/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Sygate\SPF\smc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RunDll32.exe C:\Programmi\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\iTunes\iTunesHelper.exe C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe C:\Programmi\Spamihilator\spamihilator.exe C:\Programmi\Skype\Phone\Skype.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\Programmi\Logitech\MouseWare\system\em_exec.exe C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\svchost.exe C:\Programmi\iPod\bin\iPodService.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\Programmi\ATI Technologies\ATI.ACE\cli.exe C:\Programmi\emule0.47a-Xtreme5.2.2.rar\emule.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\explorer.exe I:\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: edit_html Class - {14D1A72D-8705-11D8-B120-0040F46CB696} - C:\Documents and Settings\Liuk\91293228.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe O4 - HKCU\..\Run: [Spamihilator] "C:\Programmi\Spamihilator\spamihilator.exe" O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [updateMgr] C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1 O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6AE02CCB-1C5C-446D-BF35-E19B8269A146}: NameServer = 192.168.0.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
__________________
Corsair RM650 - Asus Prime B550 plus - AMD Ryzen 5 5600X - Corsair Vengeance RGB PRO 16 GB - GeForce2070 RTX ROg Strix - Crucial Mx300 525 GB SATA 3 - LiteOn LH-20A1H - Pioneer 212D -ASUS TUF Gaming VG27AQ1A (2560x1440)- - Win 11 - LG OLED 65CX - Audio analogue maestro - Snell Tower - ---> Half-Life Club <--- Ultima modifica di viemme52 : 22-01-2008 alle 12:20. |
|
|
|
|
18-09-2006, 21:52
|
#3347 |
|
Senior Member
Iscritto dal: Oct 2004
Città: Milano
Messaggi: 2641
|
Questa mi sembra sospetta
O2 - BHO: edit_html Class - {14D1A72D-8705-11D8-B120-0040F46CB696} - C:\Documents and Settings\Liuk\91293228.dll per il resto il tuo log mi sembra pulito. Per il tuo problema prova a dare un occhiata qui http://www.azpoint.net/news/Consigli_per_PC_12063.asp
__________________
FOXYLADY è un MASCHIO!! Un amico è una persona che sa tutto di te e nonostante questo gli piaci Ultima modifica di FOXYLADY : 18-09-2006 alle 21:54. |
|
|
|
|
18-09-2006, 22:48
|
#3348 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
18-09-2006, 22:56
|
#3349 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
19-09-2006, 00:46
|
#3350 | |
|
Senior Member
Iscritto dal: Jul 2001
Città: Teramo
Messaggi: 705
|
Quote:
__________________
France' su Milan!!!!!!! FALLO!!!!!!! Amic'!!!!!!! Pianti!!! Chi????? Mamma, tuo figlio è un genio!! |
|
|
|
|
|
19-09-2006, 06:29
|
#3351 |
|
Member
Iscritto dal: Aug 2006
Messaggi: 58
|
virus
ciao a tutti ho questo problema, non riesco a toglire questa pagina bianca, ogni volta che apro alcune pagine se ne apre una bianca questa
questa è la pagina http://666666&color_border=d8e6f9&a...s=4&u_java=true http://cc0000&color_border=ffffff&re...=8&u_java=true Impossibile visualizzare la pagina La pagina cercata non è al momento disponibile. Nel sito Web si sono verificate delle difficoltà tecniche o è necessario modificare le impostazioni del browser. -------------------------------------------------------------------------------- Provare a eseguire le operazioni seguenti: Scegliere il pulsante Aggiorna o riprovare in un secondo momento. Verificare che l'indirizzo immesso nella barra degli indirizzi sia stato digitato nel modo corretto. Per controllare le impostazioni di connessione, dal menu Strumenti selezionare Opzioni Internet. Selezionare Impostazioni dalla scheda Connessioni. Le impostazioni devono corrispondere a quelle fornite dall'amministratore della rete locale (LAN) o dal provider di servizi Internet (ISP). Verificare che le impostazioni Internet vengano rilevate. È possibile impostare l'analisi della rete e il rilevamento automatico delle impostazioni di connessione (se l'amministratore di rete ha attivato questa impostazione). Dal menu Strumenti, scegliere Opzioni Internet. Nella scheda Connessioni, scegliere Impostazioni LAN. Selezionare Rileva automaticamente impostazioni, quindi scegliere OK. Per alcuni siti è richiesta la protezione della connessione a 128 bit. Scegliere Informazioni su Internet Explorer dal menu ? per informazioni sul tipo di protezione installato. Se si sta tentando di connettersi a un sito protetto, assicurarsi che sia supportato dalle impostazioni di protezione. Scegliere Opzioni Internet dal menu Strumenti. Nella scheda Avanzate, passare alla sezione Protezione e selezionare le impostazioni relative a SSL 2.0, SSL 3.0, TLS 1.0 e PCT 1.0. Per cercare un altro collegamento, fare clic sul pulsante Indietro. Impossibile trovare il server o errore DNS Internet Explorer Logfile of HijackThis v1.99.1 Scan saved at 22.28.29, on 18/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programmi\ewido anti-spyware 4.0\guard.exe C:\Programmi\Power Translator 10\LogoMedia TranslateDotNet Server.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\Norton AntiVirus\navapsvc.exe C:\Programmi\Java\jre1.5.0_02\bin\jusched.exe C:\WINDOWS\Dit.exe C:\Programmi\Norton AntiVirus\IWP\NPFMntor.exe C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programmi\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe C:\Programmi\Musicmatch\Musicmatch Jukebox\mm_tray.exe C:\Programmi\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\WINDOWS\system32\rundll32.exe C:\Programmi\ScanSoft\OmniPage15.0\Opware15.exe C:\Programmi\MemoRex\MemoRex.exe C:\Programmi\Lexmark 6200 Series\lxbumon.exe C:\Programmi\Lexmark 6200 Series\ezprint.exe C:\Programmi\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programmi\Corel\Corel Snapfire\Corel Photo Downloader.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\lxbucoms.exe C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe C:\Programmi\ScanSoft\OmniPage15.0\OpAgent.exe C:\Programmi\Creative\Shared Files\CamTray.exe C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Programmi\Alice ti aiuta\bin\mpbtn.exe C:\Programmi\Widcomm\Bluetooth Software\BTTray.exe C:\Programmi\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Programmi\Widcomm\Bluetooth Software\BTStackServer.exe C:\Programmi\WinZip\WZQKPICK.EXE C:\Program Files\Silicon Image\SI3114\SiITray.exe C:\Documents and Settings\Salvo\Documenti\CountDown\CountDown.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Microsoft Office\OFFICE11\WINWORD.EXE C:\WINDOWS\system32\msiexec.exe C:\Programmi\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE C:\Documents and Settings\Salvo\Desktop\Prog utilizzate\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virgilio.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: SuperAdBlockerBHO Class - {00000000-6C30-11D8-9363-000AE6309654} - C:\Programmi\SuperAdBlocker.com\Super Ad Blocker\SABBHO.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programmi\Norton AntiVirus\NavShExt.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programmi\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Programmi\Power Translator 10\Applications\LEC IE Translation Extension.dll O3 - Toolbar: Super Ad Blocker Toolbar - {B4B3001E-0F56-4E51-8250-BDE11547EC55} - C:\Programmi\SuperAdBlocker.com\Super Ad Blocker\sabtb.dll O4 - HKLM\..\Run: [Collegamento alla pagina delle proprietà di High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [MemoREX] "C:\Programmi\MemoRex\MemoRexStart.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmi\CyberLink\PowerDVD\Language\Language.exe O4 - HKLM\..\Run: [MMTray] C:\Programmi\Musicmatch\Musicmatch Jukebox\mm_tray.exe O4 - HKLM\..\Run: [mmtask] C:\Programmi\Musicmatch\Musicmatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [Opware15] "C:\Programmi\ScanSoft\OmniPage15.0\Opware15.exe" O4 - HKLM\..\Run: [OpScheduler] "C:\Programmi\ScanSoft\OmniPage15.0\OpScheduler.exe" O4 - HKLM\..\Run: [ScanSoft OmniPage 15.0-reminder] "C:\Programmi\ScanSoft\OmniPage15.0\Ereg\ereg.exe" -r "C:\Documents and Settings\All Users\Dati applicazioni\ScanSoft\OmniPage15.0\Ereg\ereg.ini" O4 - HKLM\..\Run: [PDF3 Registry Controller] "C:\Programmi\ScanSoft\OmniPage15.0\PDFConverter3\\RegistryController.exe" O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [lxbumon.exe] "C:\Programmi\Lexmark 6200 Series\lxbumon.exe" O4 - HKLM\..\Run: [FaxCenterServer] "C:\Programmi\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [EzPrint] "C:\Programmi\Lexmark 6200 Series\ezprint.exe" O4 - HKLM\..\Run: [!ewido] "C:\Programmi\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKLM\..\Run: [VF0060 STISvc] RunDLL32.exe V0060Pin.dll,RunDLL32EP 513 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [VoipStunt] "C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [OpAgent] "C:\Programmi\ScanSoft\OmniPage15.0\OpAgent.exe" /agent O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Programmi\Creative\Shared Files\CamTray.exe" O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Avvio veloce di Microsoft Office OneNote 2003.lnk = C:\Programmi\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programmi\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Java SATARaid.lnk = ? O4 - Global Startup: RAID Manager.lnk = C:\Programmi\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?02a995ab1d3b4e3e99d9aab4ed050cdf O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?02a995ab1d3b4e3e99d9aab4ed050cdf O8 - Extra context menu item: Apri PDF in Word (PDF Converter 3.0) - res://C:\Programmi\ScanSoft\OmniPage15.0\PDFConverter3\IEShellExt.dll /400 O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/res...can8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windows...b?1157465101656 O17 - HKLM\System\CCS\Services\Tcpip\..\{64FBA758-4B61-4255-9824-7FAD46D8C13E}: NameServer = 85.37.17.51 85.38.28.97 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: SABWinLogon - C:\Programmi\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLL O20 - Winlogon Notify: SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Programmi\Power Translator 10\LogoMedia TranslateDotNet Server.exe O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programmi\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared files\RichVideo.exe O23 - Service: Super Ad Blocker Service (SABSVC) - SuperAdBlocker.com - C:\Programmi\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe |
|
|
|
|
19-09-2006, 06:52
|
#3352 |
|
Senior Member
Iscritto dal: Feb 2002
Città: Discovery
Messaggi: 34710
|
controlla queste.
O4 - HKLM\..\Run: [VF0060 STISvc] RunDLL32.exe V0060Pin.dll,RunDLL32EP 513 O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" O4 - Global Startup: RAID Manager.lnk = C:\Programmi\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe O20 - Winlogon Notify: SABWinLogon - C:\Programmi\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLL O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Programmi\Power Translator 10\LogoMedia TranslateDotNet Server.exe O23 - Service: Super Ad Blocker Service (SABSVC) - SuperAdBlocker.com - C:\Programmi\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL e riduci i processi alcuni di essi sono sconosciuti. installa ccleaner fai pulizia disco, registro e avvio.
__________________
Good afternoon, gentlemen, I'm a H.A.L. computer. |
|
|
|
|
19-09-2006, 10:01
|
#3353 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
19-09-2006, 12:09
|
#3354 |
|
Senior Member
Iscritto dal: Jan 2002
Messaggi: 1574
|
grazie FOXYLADY ho fatto e pare che stamani vada bene,avevo letto che si trattava di un virus ostico....mhà speriamo bene.
Ragazzi ora mi date un'occhiata anche al pc dell'ufficio? grazie Logfile of HijackThis v1.98.0 Scan saved at 13.08.32, on 19/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Programmi\Portrait Displays\MagicTune\dtsrvc.exe c:\windows\nvidiatop.exe C:\Programmi\ewido\security suite\ewidoctrl.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe C:\Programmi\D-Tools\daemon.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\HighCriteria\TotalRecorder\TotRecSched.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\Skype\Phone\Skype.exe C:\Documents and Settings\vince\Menu Avvio\Programmi\Esecuzione automatica\w32.exe C:\Programmi\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\system32\wscntfy.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\svchost.exe C:\Programmi\Internet Explorer\IEXPLORE.EXE D:\Programmi\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,"c:\windows\nvidiatop.exe", O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmi\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Programmi\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [VoipStunt] "C:\programmi\voipstunt.com\voipstunt\voipstunt.exe" -nosplash -minimized O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [SkypeLink] C:\Programmi\SkypeLink\SkypeLink.exe O4 - Startup: w32.exe O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: MagicTune.lnk = C:\Programmi\Portrait Displays\MagicTune\DTHtml.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{79DC17F0-18EF-4789-A331-7CF4DA805D08}: NameServer = 62.94.0.1,62.94.0.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{79DC17F0-18EF-4789-A331-7CF4DA805D08}: NameServer = 62.94.0.1,62.94.0.2 O17 - HKLM\System\CS2\Services\Tcpip\..\{79DC17F0-18EF-4789-A331-7CF4DA805D08}: NameServer = 62.94.0.1,62.94.0.2
__________________
Corsair RM650 - Asus Prime B550 plus - AMD Ryzen 5 5600X - Corsair Vengeance RGB PRO 16 GB - GeForce2070 RTX ROg Strix - Crucial Mx300 525 GB SATA 3 - LiteOn LH-20A1H - Pioneer 212D -ASUS TUF Gaming VG27AQ1A (2560x1440)- - Win 11 - LG OLED 65CX - Audio analogue maestro - Snell Tower - ---> Half-Life Club <--- |
|
|
|
|
19-09-2006, 12:16
|
#3355 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
19-09-2006, 15:22
|
#3356 |
|
Member
Iscritto dal: May 2005
Messaggi: 274
|
ciao ragazzi ho un problemino clo pc mi potreste dare un'occhiata al casotto che ho combinato?
Logfile of HijackThis v1.99.1 Scan saved at 14.24.07, on 19/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\service32.exe C:\Programmi\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programmi\Java\jre1.5.0_04\bin\jusched.exe C:\Programmi\ATnotes\ATnotes.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\eMule\emule.exe C:\Programmi\Skype\Phone\Skype.exe C:\Programmi\Outlook Express\msimn.exe E:\Luis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.yahoo.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - URLSearchHook: (no name) - {8F6F0DF3-ECAD-F76B-D5E2-AB5E63CEC9A8} - MON76234.dll (file missing) R3 - URLSearchHook: (no name) - {DE62A088-BDAE-624B-9D7C-C96252FAB20F} - bingo9.dll (file missing) O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> O1 - Hosts: <HTML><HEAD> O1 - Hosts: <TITLE>404 Not Found</TITLE> O1 - Hosts: </HEAD><BODY> O1 - Hosts: <H1>Not Found</H1> O1 - Hosts: The requested URL /ad/hosts was not found on this server.<P> O1 - Hosts: </BODY></HTML> O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: edit_html Class - {14D1A72D-8705-11D8-B120-0040F46CB696} - C:\Documents and Settings\mirco\Desktop\9136912.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {FB47056B-B34D-410E-819A-E8A51CC8E2EB} - (no file) O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmi\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [AWMON] "C:\Programmi\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe" O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programmi\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_04\bin\jusched.exe O4 - HKCU\..\Run: [ATnotes.exe] C:\Programmi\ATnotes\ATnotes.exe O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [AWMON] "C:\Programmi\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe" O8 - Extra context menu item: Aggiungi all'elenco di stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Anteprima Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Stampa ad alta velocità Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Programmi\IrfanView\Ebay\Ebay.htm O15 - Trusted Zone: www.baciamistupido.biz O15 - Trusted Zone: www.dettaglio.biz O15 - Trusted Zone: www.dolcezze.biz O15 - Trusted Zone: content.licenseacquisition.org O15 - Trusted Zone: www.phishingfix.biz O15 - Trusted Zone: www.roserosse.biz O16 - DPF: {01E69986-A054-4C52-ABE8-EF63DF1C5211} - http://www.phishingfix.biz/CheckedUr...ercadoppia.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {3B0AFE6A-6AEF-47D7-83EA-D1929568B81B} (KWClient16 Control) - http://83.103.87.44/client16.cab O16 - DPF: {3CA6DFF6-C6B0-11D4-8035-0050BF0BA18C} (BMSPX Control) - http://www.brans.com/cab/Brans/bmspx.cab O16 - DPF: {46D8BEE7-0B27-4466-ABA2-A5F1E157971C} (Remote200 Control) - http://83.211.163.210/RemoteWeb.cab O16 - DPF: {4AFA7A89-8B3F-4096-A7A5-F8D997AABA82} (DSDKPACK Control) - http://83.211.163.210/cab/sdkinstall.cab O16 - DPF: {5FFDFC21-AE40-4C7C-955C-415A1ACE01C8} (CViewerControl Object) - http://83.211.163.210/VideoViewer.ocx O16 - DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} (WebWatch Class) - http://213.26.227.242/Ctl/WinWebPush.cab O16 - DPF: {7CD7C63F-A958-4E85-B21B-5157234F9BD8} (KWClient Control) - http://192.168.0.11/kwclient.cab O16 - DPF: {93F796E1-6BF7-4E22-958E-4E969E88F69D} (WebClient Control) - http://83.103.87.44/WebClient.cab O16 - DPF: {A6024F78-620D-42F2-B561-F1E4E581416A} (Bmsschedule Control) - http://www.brans.com/cab/Brans/bmspschedule.cab O16 - DPF: {C3D526DB-6593-4595-9162-10CC3F566EF9} (BMSPRX Control) - http://www.brans.com/cab/Brans/bmsprx.cab O16 - DPF: {C90F2ABA-5734-4CE3-B1CC-30D5C2D0FA8B} (Project1.ptzslidernew) - http://83.211.163.210/cab/newslider.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F144CA8B-1AAC-42BA-91B4-FAF020284296}: NameServer = 85.255.114.82,85.255.112.168 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.82 85.255.112.168 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.82 85.255.112.168 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.82 85.255.112.168 O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programmi\Ahead\InCD\InCDsrv.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: SysPqd - Unknown owner - \\?\C:\Programmi\File comuni\Services\lpt5.exe (file missing) |
|
|
|
|
19-09-2006, 15:34
|
#3357 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
19-09-2006, 16:08
|
#3358 |
|
Senior Member
Iscritto dal: Sep 2005
Messaggi: 1757
|
Ecco il mio log:
Grazie per l'aiuto Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\Programmi\ewido anti-spyware 4.0\guard.exe C:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe C:\Programmi\File comuni\LightScribe\LSSrvc.exe C:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\Programmi\File comuni\Softwin\BitDefender Communicator\xcommsvr.exe C:\Programmi\D-Link\AirPlus G\AirGCFG.exe C:\Programmi\File comuni\Softwin\BitDefender Scan Server\bdss.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe C:\Programmi\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe C:\WINDOWS\Logi_MwX.Exe C:\Programmi\Logitech\iTouch\iTouch.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\wscntfy.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe C:\Programmi\FreePOPs\freepopsd.exe C:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Mozilla Firefox\firefox.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Documents and Settings\Luca\Desktop\cureit.exe C:\DOCUME~1\Luca\IMPOST~1\Temp\RarSFX0\_start.exe C:\DOCUME~1\Luca\IMPOST~1\Temp\RarSFX0\cureit.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\taskmgr.exe F:\Luca\Varie\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programmi\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programmi\Free Download Manager\iefdmcks.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programmi\TechSmith\SnagIt 8\SnagItIEAddin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Programmi\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmi\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk.disabled O4 - Global Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Avvio veloce di Adobe Reader.lnk.disabled O4 - Global Startup: Tasto di scelta rapida per l'avvio di AutoCAD.lnk.disabled O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Programmi\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Scarica con Free Download Manager - file://C:\Programmi\Free Download Manager\dllink.htm O8 - Extra context menu item: Scarica selezionati con Free Download Manager - file://C:\Programmi\Free Download Manager\dlselected.htm O8 - Extra context menu item: Scarica tutto con Free Download Manager - file://C:\Programmi\Free Download Manager\dlall.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/res...can8/oscan8.cab O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) - http://ww3.pcn.minambiente.it/ecwplugins/ncs.cab O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/active...free/asinst.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5FF4F7F9-4013-4B4D-B0E0-F141447190AD}: NameServer = 213.205.32.70,213.205.36.70 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Programmi\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe O23 - Service: Adobe Active File Monitor V4 - Unknown - C:\Programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: avast! iAVS4 Control Service - Unknown - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - Unknown - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe O23 - Service: BitDefender Scan Server - Unknown - C:\Programmi\File comuni\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper - Nero AG - C:\Programmi\Ahead\InCD\InCDsrv.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: Kerio Personal Firewall 4 - Kerio Technologies - C:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: LightScribeService Direct Disc Labeling Service - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe O23 - Service: StarWind iSCSI Service - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: BitDefender Communicator - Softwin - C:\Programmi\File comuni\Softwin\BitDefender Communicator\xcommsvr.exe |
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 11:04.
