Esegui ![[:(!]](http://www.megalab.it/forum/images/smilies/mad.gif "Arrabbiato")
-
- Annuncio Pubblicitario
finestra sospetta di spybot
9 messaggi
• Pagina 1 di 1
finestra sospetta di spybot
da desco » lun mar 28, 2005 1:08 pm
...graffio la ragione e nasce il sogno... ribelle!
-
desco - Senior Member
- Messaggi: 264
- Iscritto il: dom nov 09, 2003 1:04 am
- Località: Estero
da crazy.cat » lun mar 28, 2005 1:16 pm
Prova a fare una scansione con questo programma
Spycleaner free
qui trovi l'aggiornamento che devi fare a mano
Pagina degli update
Se insiste manda qui il log della scansione di Hijackthis
Spycleaner free
qui trovi l'aggiornamento che devi fare a mano
Pagina degli update
Se insiste manda qui il log della scansione di Hijackthis
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
-
crazy.cat - MLI Hero
- Messaggi: 30959
- Iscritto il: lun gen 12, 2004 1:38 pm
- Località: Mestre
da desco » lun mar 28, 2005 1:31 pm
niente...continua a scacassare...ti lascio il log di zio jack, che mi segnala nella prima chiave di registro questa dannatissima search bar, che io avevo gia cancellato un paio di giorni fa proprio con jack ma che continua a tornare
Logfile of HijackThis v1.99.1
Scan saved at 14:26:41, on 28.03.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\CPLFL32.EXE
C:\Programmi\Aspire Arcade\PCMService.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Programmi\Winamp\winampa.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Winamp\Winamp.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\PROGRA~1\FREESP~1\SPYWAT~1.EXE
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Flexware SA\Impostazioni locali\Temp\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lvavqluucihbqbmrmmoxezwi.com/a5v ... RzVDyq.jsp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tiscali.it
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {A9F5BFED-0F33-591B-B9C2-952D3914B96A} - C:\DOCUME~1\FLEXWA~1\DATIAP~1\TRUSTT~1\errordownload.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\CPLFL32.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programmi\Aspire Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogonStudio] "C:\Programmi\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Name bias dupe bits] C:\Documents and Settings\All Users\Dati applicazioni\flaw ooze name bias\active hide.exe
O4 - HKLM\..\RunServices: [win-xp] winis.exe
O4 - HKLM\..\RunServices: [virtual-machine] wini.exe
O4 - HKCU\..\Run: [OnlineCdrom] C:\DOCUME~1\FLEXWA~1\DATIAP~1\ATOMDE~1\32third.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunServices: [win-xp] winis.exe
O4 - HKCU\..\RunServices: [virtual-machine] wini.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'xfire_lsp.dll' missing
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b30149.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b30149.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 5263685687
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b30149.cab
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) - http://ww3.atlanteitaliano.it/ecwplugins/ncs.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0AD5E16F-6EEB-4CEE-9F92-A459E018F59D}: NameServer = 195.190.166.166
O17 - HKLM\System\CCS\Services\Tcpip\..\{DC022585-426E-41D5-BE88-E3B1EEBD2775}: NameServer = 195.190.166.166,195.190.166.167
O17 - HKLM\System\CS1\Services\Tcpip\..\{0AD5E16F-6EEB-4CEE-9F92-A459E018F59D}: NameServer = 195.190.166.166
O17 - HKLM\System\CS2\Services\Tcpip\..\{0AD5E16F-6EEB-4CEE-9F92-A459E018F59D}: NameServer = 195.190.166.166
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programmi\Sygate\SPF\smc.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Programmi\RealVNC\WinVNC\winvnc.exe" -service (file missing)
Logfile of HijackThis v1.99.1
Scan saved at 14:26:41, on 28.03.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\CPLFL32.EXE
C:\Programmi\Aspire Arcade\PCMService.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Programmi\Winamp\winampa.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Winamp\Winamp.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\PROGRA~1\FREESP~1\SPYWAT~1.EXE
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Flexware SA\Impostazioni locali\Temp\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lvavqluucihbqbmrmmoxezwi.com/a5v ... RzVDyq.jsp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tiscali.it
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {A9F5BFED-0F33-591B-B9C2-952D3914B96A} - C:\DOCUME~1\FLEXWA~1\DATIAP~1\TRUSTT~1\errordownload.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\CPLFL32.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programmi\Aspire Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogonStudio] "C:\Programmi\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Name bias dupe bits] C:\Documents and Settings\All Users\Dati applicazioni\flaw ooze name bias\active hide.exe
O4 - HKLM\..\RunServices: [win-xp] winis.exe
O4 - HKLM\..\RunServices: [virtual-machine] wini.exe
O4 - HKCU\..\Run: [OnlineCdrom] C:\DOCUME~1\FLEXWA~1\DATIAP~1\ATOMDE~1\32third.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunServices: [win-xp] winis.exe
O4 - HKCU\..\RunServices: [virtual-machine] wini.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'xfire_lsp.dll' missing
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b30149.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b30149.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 5263685687
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b30149.cab
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) - http://ww3.atlanteitaliano.it/ecwplugins/ncs.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0AD5E16F-6EEB-4CEE-9F92-A459E018F59D}: NameServer = 195.190.166.166
O17 - HKLM\System\CCS\Services\Tcpip\..\{DC022585-426E-41D5-BE88-E3B1EEBD2775}: NameServer = 195.190.166.166,195.190.166.167
O17 - HKLM\System\CS1\Services\Tcpip\..\{0AD5E16F-6EEB-4CEE-9F92-A459E018F59D}: NameServer = 195.190.166.166
O17 - HKLM\System\CS2\Services\Tcpip\..\{0AD5E16F-6EEB-4CEE-9F92-A459E018F59D}: NameServer = 195.190.166.166
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programmi\Sygate\SPF\smc.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Programmi\RealVNC\WinVNC\winvnc.exe" -service (file missing)
...graffio la ragione e nasce il sogno... ribelle!
-
desco - Senior Member
- Messaggi: 264
- Iscritto il: dom nov 09, 2003 1:04 am
- Località: Estero
da Michael » lun mar 28, 2005 1:46 pm
Per prima cosa, questo lo puoi cancellare:
- Codice: Seleziona tutto
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lvavqluucihbqbmrmmoxezwi.com/a5v4K_dozV6hN1MzBl9WWmA0AYGrzVMVqtVG/SC_kFCiOTxSibZkJoxqVjRzVDyq.jsp
Io voglio soldi, SOLO SOLDI!!
Non me ne frega niente del monopolio!
Non me ne frega niente del monopolio!
-
Michael - Silver Member
- Messaggi: 1543
- Iscritto il: mer dic 01, 2004 7:13 pm
- Località: xxx
da crazy.cat » lun mar 28, 2005 2:01 pm
Da eliminare con hijackthis
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lvavqluucihbqbmrmmoxezwi.com/a5v ... RzVDyq.jsp
O10 - Broken Internet access because of LSP provider 'xfire_lsp.dll' missing
Poco chiaro cosa siano questi
O2 - BHO: (no name) - {A9F5BFED-0F33-591B-B9C2-952D3914B96A} - C:\DOCUME~1\FLEXWA~1\DATIAP~1\TRUSTT~1\errordownload.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\CPLFL32.EXE
O4 - HKLM\..\Run: [Name bias dupe bits] C:\Documents and Settings\All Users\Dati applicazioni\flaw ooze name bias\active hide.exe
O4 - HKCU\..\Run: [OnlineCdrom] C:\DOCUME~1\FLEXWA~1\DATIAP~1\ATOMDE~1\32third.exe
Virus
O4 - HKCU\..\RunServices: [win-xp] winis.exe
O4 - HKLM\..\RunServices: [win-xp] winis.exe
http://www.symantec.com/avcenter/venc/d ... .04.d.html
O4 - HKCU\..\RunServices: [virtual-machine] wini.exe
O4 - HKLM\..\RunServices: [virtual-machine] wini.exe
Consiglio una bella scansione dalla modalità provvisoria
http://www.MegaLab.it/2333
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lvavqluucihbqbmrmmoxezwi.com/a5v ... RzVDyq.jsp
O10 - Broken Internet access because of LSP provider 'xfire_lsp.dll' missing
Poco chiaro cosa siano questi
O2 - BHO: (no name) - {A9F5BFED-0F33-591B-B9C2-952D3914B96A} - C:\DOCUME~1\FLEXWA~1\DATIAP~1\TRUSTT~1\errordownload.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\CPLFL32.EXE
O4 - HKLM\..\Run: [Name bias dupe bits] C:\Documents and Settings\All Users\Dati applicazioni\flaw ooze name bias\active hide.exe
O4 - HKCU\..\Run: [OnlineCdrom] C:\DOCUME~1\FLEXWA~1\DATIAP~1\ATOMDE~1\32third.exe
Virus
O4 - HKCU\..\RunServices: [win-xp] winis.exe
O4 - HKLM\..\RunServices: [win-xp] winis.exe
http://www.symantec.com/avcenter/venc/d ... .04.d.html
O4 - HKCU\..\RunServices: [virtual-machine] wini.exe
O4 - HKLM\..\RunServices: [virtual-machine] wini.exe
Consiglio una bella scansione dalla modalità provvisoria
http://www.MegaLab.it/2333
-
crazy.cat - MLI Hero
- Messaggi: 30959
- Iscritto il: lun gen 12, 2004 1:38 pm
- Località: Mestre
da desco » lun mar 28, 2005 2:25 pm
azz proprio un sacco della monnezza sto pc! l'unica cosa è che questo...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lvavqluucihbqbmrmmoxezwi.com/a5v ... RzVDyq.jsp
mi continua a ricomparire ad ogni loggata con jack
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lvavqluucihbqbmrmmoxezwi.com/a5v ... RzVDyq.jsp
mi continua a ricomparire ad ogni loggata con jack
...graffio la ragione e nasce il sogno... ribelle!
-
desco - Senior Member
- Messaggi: 264
- Iscritto il: dom nov 09, 2003 1:04 am
- Località: Estero
da desco » lun mar 28, 2005 3:16 pm
ho caancellato tutto ma quella voce continua a restare. Ho fatto anche una scansione con avg, ad aware e spybot in modalità provvisoria ma non mi hanno trovato niente
...graffio la ragione e nasce il sogno... ribelle!
-
desco - Senior Member
- Messaggi: 264
- Iscritto il: dom nov 09, 2003 1:04 am
- Località: Estero
da crazy.cat » lun mar 28, 2005 3:20 pm
Utilizza questo per la scansione di virus dalla modalità provvisoria
http://www.MegaLab.it/2333
Poi puoi provare con Spysweeper è un 30 giorni ma lo puoi aggiornare e pulisce un mucchio di roba che gli altri antispy non vedono.
http://www.MegaLab.it/2333
Poi puoi provare con Spysweeper è un 30 giorni ma lo puoi aggiornare e pulisce un mucchio di roba che gli altri antispy non vedono.
-
crazy.cat - MLI Hero
- Messaggi: 30959
- Iscritto il: lun gen 12, 2004 1:38 pm
- Località: Mestre
9 messaggi
• Pagina 1 di 1
Chi c’è in linea
Visitano il forum: Nessuno e 41 ospiti
megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising