|
|||||||
|
|
|
 |
|
|
Strumenti |
19-10-2006, 10:11
|
#3701 |
|
Member
Iscritto dal: Oct 2005
Città: in ogni dove
Messaggi: 231
|
ancora irrisolta....
raga
ho eliminato come suggerito da juninho le stringhe C:\DOCUME~1\METALS~1\IMPOST~1\Temp\11exinjs.i.exe O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe lo ho fatto sia manualmente che con hijackthis, ma ogni volta mi si ripresentano..... antivir me li evidenzia ogni volta e fortuna che ho sygate che me li blocca... nessuno lo ha gia incontrato??? una risoluzione definitiva???? grazie...
__________________
Onesto è colui che cambia il proprio pensiero per accordarlo alla verità. Disonesto è colui che cambia la verità per accordarla al proprio pensiero. IMPOSSIBLE IS NOTHING  Apple iPhone 4 16gb - Samsung T220HD 22" - Dell XPS 1530 - Acer Aspire Timeline 1810tz PearlWhite - Play Station 3 - Logitech G27 with Driving Relax - Samsung LCD TV LED 46B7000
|
|
|
|
19-10-2006, 10:14
|
#3702 | |
|
Bannato
Iscritto dal: Feb 2005
Città: Cagliari Messaggi totali:7546
Messaggi: 2162
|
Quote:
Prova a fare cosi.. Fai prima una scansione disabilitando il punto di ripristino,poi riusa hijackthis e fissali. |
|
|
|
|
|
19-10-2006, 10:17
|
#3703 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
19-10-2006, 10:19
|
#3704 | |
|
Bannato
Iscritto dal: Feb 2005
Città: Cagliari Messaggi totali:7546
Messaggi: 2162
|
Quote:
|
|
|
|
|
|
19-10-2006, 10:41
|
#3705 | |
|
Senior Member
Iscritto dal: Nov 2001
Città: Bastia Umbra (PG)
Messaggi: 6395
|
Quote:
http://www.pcalsicuro.com/main/?p=8 poi segui questa guida http://www.pcalsicuro.com/main/?page_id=48 
__________________
:: Il miglior argomento contro la democrazia è una conversazione di cinque minuti con l'elettore medio :: |
|
|
|
|
|
19-10-2006, 13:28
|
#3706 |
|
Member
Iscritto dal: Sep 2006
Messaggi: 41
|
Ciao. ho un virus da un po' di giorni.
Questo virus geniale bloccava l'utilizzo di Hijack, non mi faceva entrare in questo forum e nemmeno sul sito del log di hijack. Però ho eliminato un po' di spyware e virus vari ke si erano installati, usando ewido e un altro programma. Quindi sono riuscito a indebolire l'applicazione ke chiudeva Hijack potendo ora aprirlo per una frazione di secondo. Una volta sono riuscito a cliccare abbastanza velocemente e a fare il log. Ho portato il log su un altro PC e l'ho analizzato sul sito. ho quindi eliminato le voci pericolose entrando manualmente nel registro di windows. Quindi sono riuscito a cancellare l'applicazione ke mi impediva di usare Hijack e di visitare sito e forum. Ho rifatto il log, eliminando tutte le minacce. Eppure qualcosa rimane: Infatti se sono connesso a internet mi si aprono continuamente pagine con pubblicità o simili. Inoltre giocando online vengo bannato dai server per INADEQUATE O/S PRIVILEGIES e l'unica volta ke mi era successo avevo subito un attacco trojan e ho risolto la cosa eliminando utenti strani dalla lista ASSEGNAZIONI DIRITTI UTENTI. Però questa volta la procedura è inutile, il che mi fa pensare che ci sia ancora qualke virus, lo stesso ke apre pubblicità... ECCO IL MIO LOG: Logfile of HijackThis v1.99.1 Scan saved at 14.28.38, on 19/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\AntiVir PersonalEdition Classic\sched.exe C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe C:\Programmi\Analog Devices\Core\smax4pnp.exe C:\Programmi\Analog Devices\SoundMAX\smax4.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE C:\Programmi\Spyware Nuker\swnxt.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe C:\Programmi\Alice ti aiuta\bin\mpbtn.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Documents and Settings\Francesco\Desktop\Hijack This.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\it\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Programmi\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE /P30 "EPSON Stylus Photo R220 Series" /O6 "USB003" /M "Stylus Photo R220" O4 - HKLM\..\Run: [SWN2] C:\Programmi\Spyware Nuker\swnxt.exe /h O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://californication91.spaces.live...d/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: Controls Folder - C:\WINDOWS\system32\fpjm0311e.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe |
|
|
|
|
19-10-2006, 15:04
|
#3707 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
19-10-2006, 16:28
|
#3708 |
|
Bannato
Iscritto dal: Sep 2004
Città: busto arsizio
Messaggi: 2367
|
ogfile of HijackThis v1.99.1 Scan saved at 17.23.37, on 19/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\Programmi\File comuni\Symantec Shared\ccProxy.exe C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Raxco\PerfectDisk\PDSched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe C:\Programmi\ARESCOM\Modem Telindus Arescom ND220b\dslmon.exe C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Programmi\Outlook Express\msimn.exe C:\Programmi\Internet Explorer\iexplore.exe D:\driver\hj hatim\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Norton Personal Firewall 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar3.dll O3 - Toolbar: Norton Personal Firewall 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar3.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: DSLMON.lnk = ? O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar1.google.com/data/GoogleActivate.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A5E480F1-55D3-4B44-8980-42A807F47C7C}: NameServer = 85.37.17.15 85.38.28.74 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Programmi\Norton Personal Firewall\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe O23 - Service: Servizio di Kaspersky Anti-Virus (kavsvc) - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDEngine.exe O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDSched.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe scusate va tutto bene? tino
|
|
|
|
|
19-10-2006, 16:32
|
#3709 | |
|
Member
Iscritto dal: Sep 2006
Messaggi: 41
|
Quote:
COSA??? |
|
|
|
|
|
19-10-2006, 16:32
|
#3710 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
19-10-2006, 16:34
|
#3711 | |
|
Bannato
Iscritto dal: Sep 2004
Città: busto arsizio
Messaggi: 2367
|
Quote:
grazie tino
|
|
|
|
|
|
19-10-2006, 17:10
|
#3713 |
|
Member
Iscritto dal: Sep 2006
Messaggi: 41
|
Allora, io l'ho scaricato senza leggere, quindi può darsi ke manki qualke procedura.
In ogni caso fatto sta ke l'ho scaricato, estratto ed eseguito. mi ha riavviato, dopodichè ha scansionato il pc trovando 2 linkOptimizer e alla fine mi ha detto di aver eliminato Gromozon. MA NON è ASSOLUTAMENTE VERO!!! Le pubblicità restano, e non riesco a giocare! Help... |
|
|
|
|
19-10-2006, 17:16
|
#3714 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
19-10-2006, 18:42
|
#3715 |
|
Member
Iscritto dal: Sep 2006
Messaggi: 41
|
no,no,no ti sbagli!!!
Ho già preso un AntiSpyware, eppure niente!!! Dimmi come posso fare!!! |
|
|
|
|
19-10-2006, 19:05
|
#3716 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
hai il service pack 2 installato,dunque dovresti avere di default il servizio messenger disabilitato,verifica...si sa mai 
|
|
|
|
|
|
19-10-2006, 19:09
|
#3717 |
|
Member
Iscritto dal: Sep 2006
Messaggi: 41
|
allora...uno ho il service pack 2 di cosa?
Due: non ho messenger disabilitato...Tre: cosa dovrei fare alle pubblicità??? Cmq ti assicuro che le pubblicità sono iniziate col gromozon, o forse qualcosa di peggio...mi si erano liberati decine di virus e applicazioni cazzute, più spyware, ma ora ho tolto tutto. Ossia: Antivir e Ewido mi danno pc pulito. Hijack idem. Spyware Nuker non rileva spyware...dunque??? |
|
|
|
|
19-10-2006, 19:15
|
#3718 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
altra cosa:verifica che ci sia la spunta in opzioni internet/privacy/blocca popup |
|
|
|
|
|
19-10-2006, 19:49
|
#3719 |
|
Member
Iscritto dal: Mar 2005
Città: London
Messaggi: 182
|
ciao a tutti, potete darmi una controllata al log perfavore, si tratta del pc di mio zio, grazie.
Logfile of HijackThis v1.99.1 Scan saved at 19:43:55, on 19/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\ezSP_Px.exe C:\WINDOWS\system32\ICO.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Sony\HotKey Utility\HKserv.exe C:\Program Files\sony\vaio power management\SPMgr.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\PROGRA~1\OneCare\SMARTB~1\MotiveSB.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Sony\HotKey Utility\HKWnd.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Ken Beaumont\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.finance.yahoo.com/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\sony\vaio power management\SPMgr.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\OneCare\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Systweak Ad and Popup Blocker] "C:\Program Files\Advanced System Optimizer\adblock.exe" O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Global Startup: Bluetooth Manager.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?b5f896d8b4fd47078935f9358f007c9e O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?b5f896d8b4fd47078935f9358f007c9e O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/ O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O15 - Trusted IP range: 64.127.104.144 O15 - Trusted IP range: 64.127.104.144 (HKLM) O16 - DPF: {00216501-F4D1-070D-5F2D-35053B3C5E07} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {0108C56B-23C7-5672-E099-6E285B2356BD} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {013D8FE1-2DFF-3506-8219-5C7B237AC26F} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {032D1E28-C873-73BC-32EF-705F6E313ACC} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {069C54DE-1723-79CF-E0F7-2012732565D1} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {0752825A-0C74-3F58-C426-629C096FDE11} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {0A0809DE-EB11-63D1-EAE5-4CC4655D078B} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {0A447E32-B654-2B3C-4FA6-39A257DBEF14} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {0BF475AD-746A-7728-AEF8-252610FD881B} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {0D40FFCD-AC9B-683D-0060-135C673F8B33} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {0E6BA12A-5087-24CC-1E08-37BF28D0C8E7} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {0F3D89E9-684B-0AD3-AD16-169879E90231} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {10149385-E80C-0A57-2756-3C063363306D} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {11703AC1-B1DD-3D7C-29C8-2455622F1F21} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {13DF2B16-7A16-7073-3BA3-4614467BDB14} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {1B4661DD-E13C-5A66-0B7A-0BA552DC9E7B} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {1B9F5BB5-DFB7-56DE-75DE-0A892D609E04} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {1BF0118B-9EE3-21F1-AD74-4D5133C2D563} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {1CCA93B3-FD1F-72FA-C8AE-02C602774A8B} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {1CCDB015-2779-029A-2C0E-2A2A1389FFB1} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {1DAC5622-B87A-7A10-B99F-0D183DA1571D} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {27FEF578-8AE6-1F41-740D-1A5C750E88C7} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {2973B17A-6355-2CDB-7F5C-4DE1475F804D} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {2A8B3A7F-9890-48F2-95A5-4536535CA28A} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {2AB21235-F135-47C0-7D91-7EF9134DE8FC} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {2ACCE1FC-C6BD-76BD-0748-1C202C0E3294} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {3717D034-37C3-1F81-1444-265B6EBEDC6A} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {38B28667-2CEB-2884-F127-717344EBD5FD} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {3AD20D12-7A08-5612-6DD4-489F7B09C4FD} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {3C463300-866C-5089-8D35-05D9520ECF13} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {3D9CACF9-B256-2EB9-7BF7-27A17F7FD7BD} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {3DA06EFF-8A2A-6836-841B-2E35670ACC34} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {3EFF83C0-381C-1F9B-E777-25ED22747498} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {40442549-8070-1DDA-C017-39D50E86201D} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {41A5AF5A-42F6-45EF-BDB2-036F1BDBFDD1} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {41B66585-4DEA-674A-6468-2C8A3E6B8972} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {41F37EB9-CB26-45E1-652A-607167F45473} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {43FCCD11-452B-582B-3EDB-1DAC23AD28FD} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {491D02E2-C700-5F2A-E289-6C4807E5B662} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {4B3FBB14-7035-472D-C0F0-15FC72770F36} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {4D105E1B-BBA6-52AB-3AFD-6EEC11073028} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {4E038B97-A272-4909-F5B2-7AC27874AE74} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {4E754DB4-4761-4120-6271-0CD65F003ED3} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {4EE6C4D1-3F19-69A9-833B-669F0CC88A58} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {4F72D16B-D88B-26FE-93FA-67F27BEED210} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {51842CA6-F0B9-65E0-49AB-4BB3432C3E60} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {51E06809-A943-732A-4C73-48DF010C2336} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {5276EE5C-BB4E-3BEE-7514-5C1E646452D1} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {52C8B60A-D14D-5132-61C3-78B424D09621} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {5358CF39-41A0-5353-208A-23E6375950D1} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {54E484E6-DEB8-48F3-A5C7-2AED10D63A45} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {55ECFBC6-33B1-220F-BB5F-1A173DCD33C6} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {56845D79-19DA-31B9-C0D2-50C44A2995CC} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {572E0F2D-0824-22CB-6E5C-42F37D9972DB} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {58D5458C-8B6A-5B81-DD3C-64E23BF6A171} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {593DD35F-320B-4018-6AD9-71906468EA61} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {5B9593FD-2FE7-609F-024F-4733553613A3} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {5CF3C8FE-9F06-7C11-14C1-04545EBB380F} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {5D754FBA-F6B1-03D3-4A62-18100E3D5ECE} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O16 - DPF: {61D4ABF8-C927-1555-4D38-3EF33EA800BF} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {62AFBAA0-2B81-1792-30D1-42DF701273E9} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {641F7C3B-1B2D-700B-47EA-1AA065EFA212} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {648B3CF3-2893-4A06-36A4-71B604157BAE} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {64DE4A92-2948-77A6-8020-68AE7435418E} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {655A8C5F-2946-0113-B488-034937C16F35} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {68996F95-86F9-721F-9482-00C16D243B9E} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {69DFAB33-A60A-2DAF-F334-2138410976EF} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {6A5776D7-A9A9-6918-726A-0C886B0DC7CB} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {6B6C9F75-12BD-207A-0AFC-1BE9733DE44F} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {6D4F245D-885E-2521-24F9-335E5263F334} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {6EE11AA7-9D57-2800-57C8-69934266198F} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {71C7408D-8008-5BAF-8AA4-3CB94ED42862} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {73EA3652-BD30-0619-0911-58DE15C2F160} - http://85.255.115.229/1/gdnFR250.exe O16 - DPF: {7477D459-8DF0-2D7E-2610-6BDE1EA056A3} - http://85.255.115.229/1/gdnFR1402.exe O16 - DPF: {75F53B52-3853-73A5-9FBF-32367FCF14AD} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {76BBD503-08B1-756C-C492-272375D59F6B} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {776D8A6E-B68C-3621-F3CF-57B32C80B161} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {781D538E-00AA-6F72-EF3E-11F14FCEF4C3} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {7BC65DEC-AD0C-5B5F-9240-5CFE67ED0541} - http://85.255.115.229/1/gdnFR1440.exe O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.co...p/PhtPkMSN.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://locator1.cdn.imagesrvr.com/si...reeInstall.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents...r/imloader.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B66C4656-1EE9-49BE-AD40-61B285524FC0}: NameServer = 212.67.120.148 212.67.96.129 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\sony\vaio media music server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing) O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\vaio media platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing) O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\vaio media platform\UPnPFramework.exe O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\sony\photo server\appsrv\PhotoAppSrv.exe O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing) O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\sony shared\vaio media platform\UPnPFramework.exe |
|
|
|
|
19-10-2006, 19:52
|
#3720 |
|
Junior Member
Iscritto dal: May 2003
Messaggi: 3
|
Ragazzi, vi sembra normale questo logfile?
Il problema è che ultimamente mi si disattiva in automatico la scheda audio dopo pochi minuti che accendo il pc, le finestre di windows e la barra applicazioni diventano con la grafica old style, tipo modalità provvisoria, e AVG mi trova 3 trojan horse Generic2.dgi nella cartella D:\Programmi\File Comuni\Services\ che si chiamano stQ.exe lpV.exe HJdCf.exe ma purtroppo gli nega l'accesso. GRAZIE MILLE in anticipo a chiunque risponda Mirko Logfile of HijackThis v1.99.1 Scan saved at 19.49.49, on 19/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\Explorer.EXE D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe D:\Programmi\ewido anti-spyware 4.0\guard.exe D:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe D:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe D:\WINDOWS\Mixer.exe D:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe D:\Programmi\Messenger\msmsgs.exe D:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\wscntfy.exe D:\Programmi\Internet Explorer\iexplore.exe D:\Programmi\Outlook Express\msimn.exe D:\PROGRA~1\WINZIP\winzip32.exe D:\Documents and Settings\MIRKO\Impostazioni locali\Temp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.inter.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programmi\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmi\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmi\google\googletoolbar3.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [ATIPTA] D:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [aouei] D:\Documents and Settings\MANITTA\Dati applicazioni\ratorefaci\sysrtmvs.exe O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKCU\..\Run: [MSMSGS] "D:\Programmi\Messenger\msmsgs.exe" /background O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe O15 - Trusted Zone: www.adslconnection.name O15 - Trusted Zone: www.softlab.name O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/importer/MypixUploader.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/z...ylomloader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\Programmi\ewido anti-spyware 4.0\guard.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - D:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe Ultima modifica di mkm5 : 19-10-2006 alle 19:54. |
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 02:09.
