|
|||||||
|
|
|
 |
|
|
Strumenti |
30-07-2004, 21:01
|
#21 | |
|
Member
Iscritto dal: Jul 2004
Messaggi: 203
|
Quote:
ok fatto 
|
|
|
|
|
30-07-2004, 21:07
|
#22 |
|
Senior Member
Iscritto dal: May 2001
Messaggi: 1740
|
il log?
__________________
www.tweakness.net - Trucchi per il PC DECALOGO ANTISPY - GUIDA A HIJACKTHIS - GUIDA AI SERVIZI DI WIN XP - CONSIGLI ANTIVIRUS PER BART'S PE - SP2 SLIPSTREAMING - FAQ WINDOWS XPSP2 - I SERVIZI DOPO SP2 - XP SP2 UNATTENDED - GUIDA A nLite |
|
|
|
|
30-07-2004, 21:10
|
#23 | |
|
Member
Iscritto dal: Jul 2004
Messaggi: 203
|
Quote:
Ultima modifica di stoprunn : 30-07-2004 alle 21:13. |
|
|
|
|
|
30-07-2004, 21:42
|
#24 |
|
Senior Member
Iscritto dal: May 2001
Messaggi: 1740
|
e dove è?
__________________
www.tweakness.net - Trucchi per il PC DECALOGO ANTISPY - GUIDA A HIJACKTHIS - GUIDA AI SERVIZI DI WIN XP - CONSIGLI ANTIVIRUS PER BART'S PE - SP2 SLIPSTREAMING - FAQ WINDOWS XPSP2 - I SERVIZI DOPO SP2 - XP SP2 UNATTENDED - GUIDA A nLite |
|
|
|
|
30-07-2004, 21:53
|
#25 |
|
Senior Member
Iscritto dal: May 2001
Messaggi: 1740
|
e dove è?
__________________
www.tweakness.net - Trucchi per il PC DECALOGO ANTISPY - GUIDA A HIJACKTHIS - GUIDA AI SERVIZI DI WIN XP - CONSIGLI ANTIVIRUS PER BART'S PE - SP2 SLIPSTREAMING - FAQ WINDOWS XPSP2 - I SERVIZI DOPO SP2 - XP SP2 UNATTENDED - GUIDA A nLite |
|
|
|
|
30-07-2004, 21:57
|
#26 | |
|
Member
Iscritto dal: Jul 2004
Messaggi: 203
|
Quote:
sta nella sua piccola cartella forse non ci siamo capiti........ vuoi che lo metta in questa risposta come allegato?? se è quello .......... il formato del file non è valido. |
|
|
|
|
|
30-07-2004, 22:05
|
#27 |
|
Senior Member
Iscritto dal: May 2001
Messaggi: 1740
|
allora... dai...
salvato il file log... aprilio seleziona il contenuto e fai copia poi incollalo come risposta a questo msg ok?
__________________
www.tweakness.net - Trucchi per il PC DECALOGO ANTISPY - GUIDA A HIJACKTHIS - GUIDA AI SERVIZI DI WIN XP - CONSIGLI ANTIVIRUS PER BART'S PE - SP2 SLIPSTREAMING - FAQ WINDOWS XPSP2 - I SERVIZI DOPO SP2 - XP SP2 UNATTENDED - GUIDA A nLite |
|
|
|
|
30-07-2004, 22:12
|
#28 |
|
Member
Iscritto dal: Jul 2004
Messaggi: 203
|
scusa non avevo capito
Logfile of HijackThis v1.97.7 Scan saved at 21.00.29, on 30/07/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\RunDll32.exe C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\wuam.exe C:\Programmi\Common files\updater\wupdater.exe C:\Programmi\Microsoft Office\Office10\msoffice.exe C:\Programmi\DownloadWare\dw.exe C:\WINDOWS\System32\rfrr.exe C:\Documents and Settings\med\Dati applicazioni\twtw.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\xjzurd.exe C:\Programmi\Internet Explorer\iexplore.exe C:\PROGRA~1\RECOMM~1\v15\rh.exe c:\docume~1\med\impost~1\temp\msbb.exe C:\Programmi\CashBack\bin\cashback.exe C:\Programmi\NAVISearch\bin\nls.exe C:\Programmi\BullsEye Network\bin\bargains.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Windows Media Player\wmplayer.exe C:\Documents and Settings\med\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-sea...=sbar1_srchbtn R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-sea...ook=stmpl1&fw= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.myfunstart.com/index.cfm?pc=bdhp R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-sea...ook=stmpl1&fw= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-sea...=sbar1_srchbtn R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-sea...ook=stmpl1&fw= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.search-exe.com/nph-sea...ook=stmpl1&fw= R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-sea...ook=stmpl1&fw= R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-sea...ook=stmpl1&fw= R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - URLSearchHook: WebSearch Class - {9368D063-44BE-49B9-BD14-BB9663FD38FC} - C:\Programmi\se\v11\se.DLL O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll O2 - BHO: (no name) - {00041A26-7033-432C-94C7-6371DE343822} - C:\Programmi\se\v11\se.DLL O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\bxxs5.dll O2 - BHO: Recommended Hotfix - {0421701D-CF13-4E70-ADF0-45A953E7CB8B} - C:\Programmi\Recommended Hotfix - 421701D\v15\RH.DLL O2 - BHO: (no name) - {18DF445C-B161-51E4-8406-655579A02B4B} - C:\WINDOWS\System32\gbkkxwtp.dll O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\Downloaded Program Files\bridge.dll O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\WINDOWS\System32\apuc.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: PowerSearch - {4E7BD74F-2B8D-469E-D6F5-F66EA787AD2D} - C:\Programmi\PowerSearch\Toolbar\pwrsbikd.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Microsoft Update Time] wuam.exe O4 - HKLM\..\Run: [demm3861.exe] demm3861.exe O4 - HKLM\..\Run: [Windows System Manager Loader] smsls.exe O4 - HKLM\..\Run: [Microsoft Update Machine] ntsystem.exe O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\bxxs5.dll,DllRun O4 - HKLM\..\Run: [updater] C:\Programmi\Common files\updater\wupdater.exe O4 - HKLM\..\Run: [DownloadWare] "C:\Programmi\DownloadWare\dw.exe" /H O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load O4 - HKLM\..\Run: [Search-Exe] "C:\Programmi\se\v11\se.EXE" /H O4 - HKLM\..\Run: [wybxity] C:\WINDOWS\System32\xjzurd.exe O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe O4 - HKLM\..\Run: [msbb] c:\docume~1\med\impost~1\temp\msbb.exe O4 - HKLM\..\Run: [jiv] C:\WINDOWS\jiv.exe O4 - HKLM\..\Run: [CashBack] C:\Programmi\CashBack\bin\cashback.exe O4 - HKLM\..\Run: [NaviSearch] C:\Programmi\NaviSearch\bin\nls.exe O4 - HKLM\..\Run: [BullsEye Network] C:\Programmi\BullsEye Network\bin\bargains.exe O4 - HKLM\..\Run: [Windows SA] C:\Program Files\WindowsSA\omniscient.exe O4 - HKLM\..\RunServices: [Microsoft Update Time] wuam.exe O4 - HKLM\..\RunServices: [demm3861.exe] demm3861.exe O4 - HKLM\..\RunServices: [Windows System Manager Loader] smsls.exe O4 - HKLM\..\RunServices: [Microsoft Update Machine] ntsystem.exe O4 - HKCU\..\Run: [Microsoft Update Time] wuam.exe O4 - HKCU\..\Run: [Microsoft Update Machine] ntsystem.exe O4 - HKCU\..\Run: [Lacs] C:\Documents and Settings\med\Dati applicazioni\twtw.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://www2.installdollars.com/files/small/small83.exe O16 - DPF: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (brdg Class) - http://static.flingstone.com/cab/200...Inc/bridge.cab O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...195.4945138889 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab O16 - DPF: {F57D17AE-CE37-4BC8-B232-EA57747BE5E7} - http://66.230.146.53/EPlugin_IT.cab |
|
|
|
|
30-07-2004, 22:31
|
#29 |
|
Senior Member
Iscritto dal: May 2001
Messaggi: 1740
|
scusami ma per esere precisi devi scarica re l'ultima versione del programma
(lo faccio per aiutarti al meglio) HijackThis [ MIRROR @ Majorgeeks ]
__________________
www.tweakness.net - Trucchi per il PC DECALOGO ANTISPY - GUIDA A HIJACKTHIS - GUIDA AI SERVIZI DI WIN XP - CONSIGLI ANTIVIRUS PER BART'S PE - SP2 SLIPSTREAMING - FAQ WINDOWS XPSP2 - I SERVIZI DOPO SP2 - XP SP2 UNATTENDED - GUIDA A nLite |
|
|
|
|
30-07-2004, 22:36
|
#30 |
|
Senior Member
Iscritto dal: Mar 2004
Città: Rimini
Messaggi: 10296
|
  mmh... ce n'è di robaccia in quel log, che ne dici netquik?
__________________
sometimes they come back *** Life Happens! - (Professionista I.T. - Tecnico Telecomunicazioni) Latitude E6420 I7 2760QM SSD Crucial M4-512GB --- Tecra R840 I5 2520M SSD Samsung 830-256GB --- Macbook Pro 13,3" I5 2435M SSD Samsung 830-256GB |
|
|
|
|
30-07-2004, 22:46
|
#31 |
|
Senior Member
Iscritto dal: May 2001
Messaggi: 1740
|
tantissima... mi dai una mano wgator?
aspetto il log del nuovo...
__________________
www.tweakness.net - Trucchi per il PC DECALOGO ANTISPY - GUIDA A HIJACKTHIS - GUIDA AI SERVIZI DI WIN XP - CONSIGLI ANTIVIRUS PER BART'S PE - SP2 SLIPSTREAMING - FAQ WINDOWS XPSP2 - I SERVIZI DOPO SP2 - XP SP2 UNATTENDED - GUIDA A nLite |
|
|
|
|
30-07-2004, 22:48
|
#32 |
|
Member
Iscritto dal: Jul 2004
Messaggi: 203
|
cosa vuoi dire wgator???
cmq sto da tre ore provando a connetrmi a quel linq che mi avete detto ma non fa ................ io cmq aspetto |
|
|
|
|
30-07-2004, 22:50
|
#33 |
|
Member
Iscritto dal: Jul 2004
Messaggi: 203
|
niente ..... c'è un altro sito?
|
|
|
|
|
30-07-2004, 22:51
|
#34 |
|
Senior Member
Iscritto dal: May 2001
Messaggi: 1740
|
stroprunn se vuoi risolvere il problema devi essere concentrato...
ti prego..  nessuno dei due links funzionano? considera che in quel primo log c'è davvero di tutto 
__________________
www.tweakness.net - Trucchi per il PC DECALOGO ANTISPY - GUIDA A HIJACKTHIS - GUIDA AI SERVIZI DI WIN XP - CONSIGLI ANTIVIRUS PER BART'S PE - SP2 SLIPSTREAMING - FAQ WINDOWS XPSP2 - I SERVIZI DOPO SP2 - XP SP2 UNATTENDED - GUIDA A nLite |
|
|
|
|
30-07-2004, 22:53
|
#35 |
|
Senior Member
Iscritto dal: May 2001
Messaggi: 1740
|
__________________
www.tweakness.net - Trucchi per il PC DECALOGO ANTISPY - GUIDA A HIJACKTHIS - GUIDA AI SERVIZI DI WIN XP - CONSIGLI ANTIVIRUS PER BART'S PE - SP2 SLIPSTREAMING - FAQ WINDOWS XPSP2 - I SERVIZI DOPO SP2 - XP SP2 UNATTENDED - GUIDA A nLite |
|
|
|
|
30-07-2004, 23:01
|
#36 |
|
Member
Iscritto dal: Jul 2004
Messaggi: 203
|
alla fine c'è lo fatta
 Logfile of HijackThis v1.98.0 Scan saved at 23.00.03, on 30/07/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\RunDll32.exe C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\wuam.exe C:\WINDOWS\System32\demm3861.exe C:\WINDOWS\System32\ntsystem.exe C:\Programmi\Common files\updater\wupdater.exe C:\Programmi\DownloadWare\dw.exe C:\WINDOWS\System32\xjzurd.exe C:\Programmi\BullsEye Network\bin\bargains.exe C:\WINDOWS\jiv.exe C:\Programmi\CashBack\bin\cashback.exe C:\Programmi\NaviSearch\bin\nls.exe C:\Documents and Settings\med\Dati applicazioni\twtw.exe C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe C:\Programmi\Microsoft Office\Office10\msoffice.exe C:\DOCUME~1\med\IMPOST~1\Temp\msbb.exe C:\WINDOWS\System32\rfrr.exe c:\mot.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\med\Impostazioni locali\Temp\Directory temporanea 1 per hijackthis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-sea...=sbar1_srchbtn R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-sea...ook=stmpl1&fw= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.myfunstart.com/index.cfm?pc=bdhp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.search-exe.com/nph-sea...ook=stmpl1&fw= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-sea...=sbar1_srchbtn R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-sea...ook=stmpl1&fw= R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-sea...ook=stmpl1&fw= R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-sea...ook=stmpl1&fw= R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-sea...ook=stmpl1&fw= R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-sea...ook=stmpl1&fw= R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - URLSearchHook: WebSearch Class - {9368D063-44BE-49B9-BD14-BB9663FD38FC} - C:\Programmi\se\v11\se.DLL O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com O2 - BHO: twaintecObj Class - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll O2 - BHO: WebBho Class - {00041A26-7033-432C-94C7-6371DE343822} - C:\Programmi\se\v11\se.DLL O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\bxxs5.dll O2 - BHO: Recommended Hotfix - {0421701D-CF13-4E70-ADF0-45A953E7CB8B} - C:\Programmi\Recommended Hotfix - 421701D\v15\RH.DLL O2 - BHO: (no name) - {18DF445C-B161-51E4-8406-655579A02B4B} - C:\WINDOWS\System32\gbkkxwtp.dll O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll O2 - BHO: brdg Class - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\Downloaded Program Files\bridge.dll O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\WINDOWS\System32\apuc.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: PowerSearch - {4E7BD74F-2B8D-469E-D6F5-F66EA787AD2D} - C:\Programmi\PowerSearch\Toolbar\pwrsbikd.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Microsoft Update Time] wuam.exe O4 - HKLM\..\Run: [demm3861.exe] demm3861.exe O4 - HKLM\..\Run: [Windows System Manager Loader] smsls.exe O4 - HKLM\..\Run: [Microsoft Update Machine] ntsystem.exe O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\bxxs5.dll,DllRun O4 - HKLM\..\Run: [updater] C:\Programmi\Common files\updater\wupdater.exe O4 - HKLM\..\Run: [DownloadWare] "C:\Programmi\DownloadWare\dw.exe" /H O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load O4 - HKLM\..\Run: [Search-Exe] "C:\Programmi\se\v11\se.EXE" /H O4 - HKLM\..\Run: [wybxity] C:\WINDOWS\System32\xjzurd.exe O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe O4 - HKLM\..\Run: [msbb] c:\docume~1\med\impost~1\temp\msbb.exe O4 - HKLM\..\Run: [jiv] C:\WINDOWS\jiv.exe O4 - HKLM\..\Run: [CashBack] C:\Programmi\CashBack\bin\cashback.exe O4 - HKLM\..\Run: [NaviSearch] C:\Programmi\NaviSearch\bin\nls.exe O4 - HKLM\..\Run: [BullsEye Network] C:\Programmi\BullsEye Network\bin\bargains.exe O4 - HKLM\..\Run: [Windows SA] C:\Program Files\WindowsSA\omniscient.exe O4 - HKLM\..\RunServices: [Microsoft Update Time] wuam.exe O4 - HKLM\..\RunServices: [demm3861.exe] demm3861.exe O4 - HKLM\..\RunServices: [Windows System Manager Loader] smsls.exe O4 - HKLM\..\RunServices: [Microsoft Update Machine] ntsystem.exe O4 - HKCU\..\Run: [Microsoft Update Time] wuam.exe O4 - HKCU\..\Run: [Microsoft Update Machine] ntsystem.exe O4 - HKCU\..\Run: [Lacs] C:\Documents and Settings\med\Dati applicazioni\twtw.exe O4 - HKCU\..\Run: [demm3861.exe] demm3861.exe O4 - Global Startup: LG Sync Manager.lnk = ? O4 - Global Startup: LG SyncManager.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://www2.installdollars.com/files/small/small83.exe O16 - DPF: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (brdg Class) - http://static.flingstone.com/cab/200...Inc/bridge.cab O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab O16 - DPF: {F57D17AE-CE37-4BC8-B232-EA57747BE5E7} - http://66.230.146.53/EPlugin_IT.cab O20 - AppInit_DLLs: C:\WINDOWS\System32\wmpui482e.dll |
|
|
|
|
30-07-2004, 23:07
|
#37 |
|
Senior Member
Iscritto dal: Mar 2004
Città: Rimini
Messaggi: 10296
|
mamma mia!
non è facile districarsi li dentro... ci saranno almeno 20 entry maligne... forse converrebbe fare una pulizia preventiva con spybot e ad-aware... anzi... si potrebbe provare con la versione free di spy sweeper, almeno qualcosa tolgono, poi si riesce a lavorare meglio con hijackthis
__________________
sometimes they come back *** Life Happens! - (Professionista I.T. - Tecnico Telecomunicazioni) Latitude E6420 I7 2760QM SSD Crucial M4-512GB --- Tecra R840 I5 2520M SSD Samsung 830-256GB --- Macbook Pro 13,3" I5 2435M SSD Samsung 830-256GB |
|
|
|
|
30-07-2004, 23:11
|
#38 |
|
Senior Member
Iscritto dal: May 2001
Messaggi: 1740
|
allora prova a fixare queste voci
cioè checkale in hijack e fai fix cheched... considera che quasi tutto (ma sei sicuro di aver fatto girare ad-aware? mah) ti consigliere idi farlo da modalità provissoria inoltre dopo andrebbero eliminati tutti i vari files a cui fanno riferimento queste righe.. un lavoraccio cmq iniziamo.. poi riavvia e posta il nuovo log R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-se...k=sbar1_srchbtn R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-se...=stmpl1&fw= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.myfunstart.com/index.cfm?pc=bdhp R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-se...=stmpl1&fw= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-se...k=sbar1_srchbtn R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-se...=stmpl1&fw= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.search-exe.com/nph-se...=stmpl1&fw= R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-se...=stmpl1&fw= R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-se...=stmpl1&fw= R3 - URLSearchHook: WebSearch Class - {9368D063-44BE-49B9-BD14-BB9663FD38FC} - C:\Programmi\se\v11\se.DLL O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll O2 - BHO: (no name) - {00041A26-7033-432C-94C7-6371DE343822} - C:\Programmi\se\v11\se.DLL O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\bxxs5.dll O2 - BHO: Recommended Hotfix - {0421701D-CF13-4E70-ADF0-45A953E7CB8B} - C:\Programmi\Recommended Hotfix - 421701D\v15\RH.DLL O2 - BHO: (no name) - {18DF445C-B161-51E4-8406-655579A02B4B} - C:\WINDOWS\System32\gbkkxwtp.dll O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\Downloaded Program Files\bridge.dll O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\WINDOWS\System32\apuc.dll O3 - Toolbar: PowerSearch - {4E7BD74F-2B8D-469E-D6F5-F66EA787AD2D} - C:\Programmi\PowerSearch\Toolbar\pwrsbikd.dll O4 - HKLM\..\Run: [Microsoft Update Time] wuam.exe O4 - HKLM\..\Run: [demm3861.exe] demm3861.exe O4 - HKLM\..\Run: [Windows System Manager Loader] smsls.exe O4 - HKLM\..\Run: [Microsoft Update Machine] ntsystem.exe O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\bxxs5.dll,DllRun O4 - HKLM\..\Run: [updater] C:\Programmi\Common files\updater\wupdater.exe O4 - HKLM\..\Run: [DownloadWare] "C:\Programmi\DownloadWare\dw.exe" /H O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load O4 - HKLM\..\Run: [Search-Exe] "C:\Programmi\se\v11\se.EXE" /H O4 - HKLM\..\Run: [wybxity] C:\WINDOWS\System32\xjzurd.exe O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe O4 - HKLM\..\Run: [msbb] c:\docume~1\med\impost~1\temp\msbb.exe O4 - HKLM\..\Run: [jiv] C:\WINDOWS\jiv.exe O4 - HKLM\..\Run: [CashBack] C:\Programmi\CashBack\bin\cashback.exe O4 - HKLM\..\Run: [NaviSearch] C:\Programmi\NaviSearch\bin\nls.exe O4 - HKLM\..\Run: [BullsEye Network] C:\Programmi\BullsEye Network\bin\bargains.exe O4 - HKLM\..\Run: [Windows SA] C:\Program Files\WindowsSA\omniscient.exe O4 - HKLM\..\RunServices: [Microsoft Update Time] wuam.exe O4 - HKLM\..\RunServices: [demm3861.exe] demm3861.exe O4 - HKLM\..\RunServices: [Windows System Manager Loader] smsls.exe O4 - HKLM\..\RunServices: [Microsoft Update Machine] ntsystem.exe O4 - HKCU\..\Run: [Microsoft Update Time] wuam.exe O4 - HKCU\..\Run: [Microsoft Update Machine] ntsystem.exe O4 - HKCU\..\Run: [Lacs] C:\Documents and Settings\med\Dati applicazioni\twtw.exe O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://www2.installdollars.com/files/small/small83.exe O16 - DPF: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (brdg Class) - http://static.flingstone.com/cab/20...TInc/bridge.cab O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab O16 - DPF: {F57D17AE-CE37-4BC8-B232-EA57747BE5E7} - http://66.230.146.53/EPlugin_IT.cab O20 - AppInit_DLLs: C:\WINDOWS\System32\wmpui482e.dll
__________________
www.tweakness.net - Trucchi per il PC DECALOGO ANTISPY - GUIDA A HIJACKTHIS - GUIDA AI SERVIZI DI WIN XP - CONSIGLI ANTIVIRUS PER BART'S PE - SP2 SLIPSTREAMING - FAQ WINDOWS XPSP2 - I SERVIZI DOPO SP2 - XP SP2 UNATTENDED - GUIDA A nLite |
|
|
|
|
30-07-2004, 23:13
|
#39 |
|
Senior Member
Iscritto dal: May 2001
Messaggi: 1740
|
wgator... era la prima cosa che gli ho fatto fare...
pensa tu 
__________________
www.tweakness.net - Trucchi per il PC DECALOGO ANTISPY - GUIDA A HIJACKTHIS - GUIDA AI SERVIZI DI WIN XP - CONSIGLI ANTIVIRUS PER BART'S PE - SP2 SLIPSTREAMING - FAQ WINDOWS XPSP2 - I SERVIZI DOPO SP2 - XP SP2 UNATTENDED - GUIDA A nLite |
|
|
|
|
30-07-2004, 23:22
|
#40 |
|
Member
Iscritto dal: Jul 2004
Messaggi: 203
|
non sono cosi deficiente ..............
vi ringrazio tutti per quello che state facendo .........il problema è che lo scan lo faccio sempre ma ricompaiono tutti cmq ecco il log rifatto con la scansione Logfile of HijackThis v1.98.0 Scan saved at 23.22.03, on 30/07/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\RunDll32.exe C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\wuam.exe C:\WINDOWS\System32\demm3861.exe C:\WINDOWS\System32\ntsystem.exe C:\WINDOWS\System32\xjzurd.exe C:\Programmi\CashBack\bin\cashback.exe C:\Programmi\NaviSearch\bin\nls.exe C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe C:\Programmi\Microsoft Office\Office10\msoffice.exe C:\WINDOWS\System32\rfrr.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\WindUpdates\WinKA.exe c:\demtee2.exe c:\ovr.exe C:\Programmi\Internet Explorer\iexplore.exe C:\PROGRA~1\RECOMM~1\v15\rh.exe c:\mot.exe c:\mot.exe C:\WINDOWS\ysxou.exe C:\Program Files\WindUpdates\WinUpdt.exe C:\Documents and Settings\med\Impostazioni locali\Temp\Directory temporanea 1 per hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.myfunstart.com/index.cfm?pc=bdhp R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - Default URLSearchHook is missing O2 - BHO: (no name) - {00041A26-7033-432C-94C7-6371DE343822} - (no file) O2 - BHO: Recommended Hotfix - {0421701D-CF13-4E70-ADF0-45A953E7CB8B} - C:\Programmi\Recommended Hotfix - 421701D\v15\RH.DLL O2 - BHO: (no name) - {18DF445C-B161-51E4-8406-655579A02B4B} - C:\WINDOWS\System32\gbkkxwtp.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Microsoft Update Time] wuam.exe O4 - HKLM\..\Run: [demm3861.exe] demm3861.exe O4 - HKLM\..\Run: [Windows System Manager Loader] smsls.exe O4 - HKLM\..\Run: [Microsoft Update Machine] ntsystem.exe O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load O4 - HKLM\..\Run: [wybxity] C:\WINDOWS\System32\xjzurd.exe O4 - HKLM\..\Run: [CashBack] C:\Programmi\CashBack\bin\cashback.exe O4 - HKLM\..\Run: [NaviSearch] C:\Programmi\NaviSearch\bin\nls.exe O4 - HKLM\..\Run: [BullsEye Network] C:\Programmi\BullsEye Network\bin\bargains.exe O4 - HKLM\..\Run: [Windows SA] C:\Program Files\WindowsSA\omniscient.exe O4 - HKLM\..\Run: [WindUpdates] C:\Program Files\WindUpdates\WinUpdt.exe O4 - HKLM\..\Run: [ngvkhaj] C:\WINDOWS\ngvkhaj.exe O4 - HKLM\..\Run: [vspru] C:\WINDOWS\ysxou.exe O4 - HKLM\..\RunServices: [Microsoft Update Time] wuam.exe O4 - HKLM\..\RunServices: [demm3861.exe] demm3861.exe O4 - HKLM\..\RunServices: [Windows System Manager Loader] smsls.exe O4 - HKLM\..\RunServices: [Microsoft Update Machine] ntsystem.exe O4 - HKLM\..\RunOnce: [Ad-aware] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-aware.exe" "+b1" O4 - HKCU\..\Run: [Microsoft Update Time] wuam.exe O4 - HKCU\..\Run: [Microsoft Update Machine] ntsystem.exe O4 - HKCU\..\Run: [demm3861.exe] demm3861.exe O4 - Global Startup: LG Sync Manager.lnk = ? O4 - Global Startup: LG SyncManager.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_fi...1a0351cafa03db O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} (IObjSafety.DemoCtl) - http://cabs.media-motor.net/cabs/mmed.cab O16 - DPF: {F57D17AE-CE37-4BC8-B232-EA57747BE5E7} - http://66.230.146.53/EPlugin_IT.cab O20 - AppInit_DLLs: C:\WINDOWS\System32\wmpui482e.dll |
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 22:07.
