Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

problemi con dialer sfonditalia

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

problemi con dialer sfonditalia

Messaggioda ivano67pc » gio ott 19, 2006 9:03 pm

salve
ho da qualche giorno problemi con la disinstallazione del dialer sfonditalia
che non vuole saperne di sparire
inoltre non riesco più ad entrare su yahoo (soltanto)

vi invio la scansione fatta con hijackthis
vi prego aiutatemi

Logfile of HijackThis v1.99.1
Scan saved at 12.01.51, on 19/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\Programmi\Microsoft SQL Server\MSSQL$ARIC\Binn\sqlservr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\Programmi\Norton AntiVirus\SAVScan.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\dslagent.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Windows Defender\MSASCui.exe
C:\Programmi\Antiriciclaggio\keyserv.exe
C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
C:\Programmi\OpenOffice.org1.1.5\program\soffice.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Documents and Settings\Compaq_Proprietario\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800"
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [KEYSERV] C:\Programmi\Antiriciclaggio\keyserv.exe
O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Programmi\OpenOffice.org1.1.5\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/in ... er_gmn.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0497156765
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/S ... anager.ocx
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (Net Music Media Bar) - http://sib1.od2.com/common/musicmanager ... Plugin.CAB
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylo ... loader.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: MSSQL$ARIC - Unknown owner - C:\Programmi\Microsoft SQL Server\MSSQL$ARIC\Binn\sqlservr.exe" -sARIC (file missing)
O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: SQLAgent$ARIC - Unknown owner - C:\Programmi\Microsoft SQL Server\MSSQL$ARIC\Binn\sqlagent.EXE" -i ARIC (file missing)
O23 - Service: SrvNjd - Unknown owner - \\?\C:\Programmi\File comuni\Services\com3.exe (file missing)
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
Avatar utente
ivano67pc
Neo Iscritto
Neo Iscritto
 
Messaggi: 7
Iscritto il: gio ott 19, 2006 8:27 pm
Località: ALBA ADRIATICA

Messaggioda crazy.cat » gio ott 19, 2006 9:12 pm

Il dialer non si vede attivo nel log, ma hai anche un altro grosso problema con il virus link optimizer
O23 - Service: SrvNjd - Unknown owner - \\?\C:\Programmi\File comuni\Services\com3.exe (file missing)

Installa virit, lo aggiorni e fai la scansione, dovrebbe toglierti tutti e due i problemi
http://www.tgsoft.it/files/vnlt6125.exe

Se il dialer continua, mi serve il log preso nel momento in cui è attivo, altrimenti non si vede a quale file punta.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

problemi con dialer sfonditalia

Messaggioda ivano67pc » ven ott 20, 2006 12:23 am

Installato, aggiornato e fatta scansione con virit

rimosso il seguente file:
C:\Document and Setting\Compaq_Proprietario\Dati Applicazioni\Microsoft\Internet Explorer\Quick Launch\explorer.lnk
perché infetto da Trojan.Win32.Agent.SP

messi in quarantena i seguenti file:
C:\Programmi\seac\ANAN\ANDR04\AD2A8F.DLL
C:\Programmi\seac\ANAN\ANDR05\AD2A8F.DLL
perché con possibili varianti di Trojan.Win32.Zlob.E

ti reinvio la scansione fatta con HijackThis

facendo una scansione con Spy-Boat mi segnala la presenza del dialer Sfonditalia così

HKEY_USERS\S-1-5-21-2617207383-3097706280-2222530535-1007\Software\Microsoft\Windows\CurrentVersion\Internet Setting\ZoneMap\Domains\skymasters.biz\www\*!=W=4

HKEY_USERS\S-1-5-21-2617207383-3097706280-2222530535-1007\Software\Microsoft\Windows\CurrentVersion\Internet Setting\ZoneMap\Domains\redfunny.com\www\*!=W=4

Logfile of HijackThis v1.99.1
Scan saved at 15.42.43, on 19/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\Programmi\Microsoft SQL Server\MSSQL$ARIC\Binn\sqlservr.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\Programmi\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\svchost.exe
C:\VEXPLITE\viritsvc.exe
C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\dslagent.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Windows Defender\MSASCui.exe
C:\Programmi\Antiriciclaggio\keyserv.exe
C:\VEXPLITE\MONLITE.EXE
C:\Programmi\OpenOffice.org1.1.5\program\soffice.exe
C:\Programmi\Norton AntiVirus\OPScan.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Documents and Settings\Compaq_Proprietario\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tgsoft.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800"
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [KEYSERV] C:\Programmi\Antiriciclaggio\keyserv.exe
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Programmi\OpenOffice.org1.1.5\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/in ... er_gmn.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0497156765
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/S ... anager.ocx
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (Net Music Media Bar) - http://sib1.od2.com/common/musicmanager ... Plugin.CAB
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylo ... loader.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: MSSQL$ARIC - Unknown owner - C:\Programmi\Microsoft SQL Server\MSSQL$ARIC\Binn\sqlservr.exe" -sARIC (file missing)
O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: SQLAgent$ARIC - Unknown owner - C:\Programmi\Microsoft SQL Server\MSSQL$ARIC\Binn\sqlagent.EXE" -i ARIC (file missing)
O23 - Service: SrvNjd - Unknown owner - \\?\C:\Programmi\File comuni\Services\com3.exe (file missing)
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
Avatar utente
ivano67pc
Neo Iscritto
Neo Iscritto
 
Messaggi: 7
Iscritto il: gio ott 19, 2006 8:27 pm
Località: ALBA ADRIATICA


Messaggioda crazy.cat » ven ott 20, 2006 3:37 am

Il link optimizer è ancora presente.
Proviamo con il tools della Prevx
http://www.prevx.com/gromozon.asp

Direi che ha preso una mezza cantonata Spybot in quanto al dialer, rimuovi comunque le chiavi che ti propone.
Hai delle icone in più sul desktop?
ti appare una finestra con Adult key?
Si sconnette il modem?
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

problemi con dialer sfonditalia

Messaggioda ivano67pc » ven ott 20, 2006 6:40 pm

fatta scansione con il tools della Prevx che sembra aver cancellato quella riga maledetta

comunque non ho icone in più sul desktop, non mi appare la finestra di Adult key ed il modem non si sconette mai

non so però come togliere dal registro le chiavi che mi segnala Spybot

ti reinvio la nuova scansione fatta con HijackThis

spero che ora vada bene anche perché sembra che explorer vada più veloce di prima

Logfile of HijackThis v1.99.1
Scan saved at 10.25.14, on 20/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\Programmi\Microsoft SQL Server\MSSQL$ARIC\Binn\sqlservr.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\Programmi\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\VEXPLITE\viritsvc.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\dslagent.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Windows Defender\MSASCui.exe
C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
C:\Programmi\Antiriciclaggio\keyserv.exe
C:\VEXPLITE\MONLITE.EXE
C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\OpenOffice.org1.1.5\program\soffice.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Compaq_Proprietario\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tgsoft.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800"
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [KEYSERV] C:\Programmi\Antiriciclaggio\keyserv.exe
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Programmi\OpenOffice.org1.1.5\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/in ... er_gmn.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0497156765
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/S ... anager.ocx
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (Net Music Media Bar) - http://sib1.od2.com/common/musicmanager ... Plugin.CAB
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylo ... loader.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: MSSQL$ARIC - Unknown owner - C:\Programmi\Microsoft SQL Server\MSSQL$ARIC\Binn\sqlservr.exe" -sARIC (file missing)
O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: SQLAgent$ARIC - Unknown owner - C:\Programmi\Microsoft SQL Server\MSSQL$ARIC\Binn\sqlagent.EXE" -i ARIC (file missing)
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
Avatar utente
ivano67pc
Neo Iscritto
Neo Iscritto
 
Messaggi: 7
Iscritto il: gio ott 19, 2006 8:27 pm
Località: ALBA ADRIATICA

Messaggioda crazy.cat » ven ott 20, 2006 7:25 pm

Adesso non ho spybot sotto mano, però devi selezionare le caselle che ti propone e poi c'è un pulsante più in alto nello schermo con scritto Cura (ripara, ripulisci non mi ricordo cosa ci sia) premi quello e le righe vengono eliminate.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda ivano67pc » ven ott 20, 2006 11:24 pm

ok tuuto fatto e risolto
ti ringrazio moltissimo

potresti controllarmi anche il logfile del computer di casa per favore?

ultimissima cosa
quali mi consigli di avere nel computer fra antivirus, antispyware, anti trojan, firewall?

sai vorrei essere tranquillo e sperare di non beccare mai nulla
(almeno spero)
Avatar utente
ivano67pc
Neo Iscritto
Neo Iscritto
 
Messaggi: 7
Iscritto il: gio ott 19, 2006 8:27 pm
Località: ALBA ADRIATICA

Messaggioda crazy.cat » sab ott 21, 2006 12:37 am

ivano67pc ha scritto:quali mi consigli di avere nel computer fra antivirus, antispyware, anti trojan, firewall?

Il log è pulito.
Hai già due buone cose come Avg antispyware e avast.
Come firewall zone alarm è buono e in italiano, e comodo firewall quando farà uscire la nuova versione.
Spywareblaster per la prevenzione dagli spyware e spywareterminator per il controllo in tempo reale del pc.
Trovi gli articoli nella sezione sicurezza in home page del sito.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda ivano67pc » sab ott 21, 2006 4:02 am

puoi controllarmi anche questo computer

scusami
ti invio il logfile
Avatar utente
ivano67pc
Neo Iscritto
Neo Iscritto
 
Messaggi: 7
Iscritto il: gio ott 19, 2006 8:27 pm
Località: ALBA ADRIATICA

Messaggioda Amantide » sab ott 21, 2006 4:58 am

Anche questo log è pulito.
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

ciao amantide

Messaggioda dav16 » sab ott 21, 2006 5:21 am

ciao amantide ti ricordi del mio problema (si creava una connessione da sola...) ecco, il problema non è stato risolto....help
Avatar utente
dav16
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 4963
Iscritto il: mar ott 10, 2006 2:09 am

Re: ciao amantide

Messaggioda Amantide » sab ott 21, 2006 5:30 am

dav16 ha scritto:ciao amantide ti ricordi del mio problema (si creava una connessione da sola...) ecco, il problema non è stato risolto....help

Cerchiamo di non andare off topic.
Uppa il tuo topic in modo che lo vedo e vediamo un po'.
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

problemi sfonditaliacitofarefaiexplore

Messaggioda piacio1984 » sab feb 10, 2007 1:39 am

ciao sono nuovo ed ignorante lo premetto, ho letto un po in giro ma non so che file fixare.

uso clam win come antivirus e spybot e spyware terminetor come spyware.
che però non riescono a togliermi ne citofarefa che sfonditalia e ogni tanto compare pure swissor. e da oggi anche iexplore con conseguente instabilità di internet, che devo togliere e fare questo è lo scan hijack

Logfile of HijackThis v1.99.1
Scan saved at 0.08.36, on 10/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ASWL2K.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\ASUS\ASUS Live Update\ALU.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe
C:\Programmi\Antivirus\ClamWin\bin\ClamTray.exe
C:\Programmi\utility\Spyware Terminator\SpywareTerminatorShield.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Documents and Settings\Marco\Desktop\HyperCut.exe
C:\Programmi\Skype\Plugin Manager\SkypePM.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Marco\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Utility\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Programmi\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\Antivirus\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programmi\utility\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [typeaboutcoolball] C:\Documents and Settings\All Users\Dati applicazioni\regs debug type about\poll book.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [FACE DELETE] C:\DOCUME~1\Marco\DATIAP~1\DrawCopy\bendamenball.exe
O4 - Startup: HyperCut.lnk = C:\Documents and Settings\Marco\Desktop\HyperCut.exe
O4 - Startup: Teamspeak 2 RC2.lnk = C:\Programmi\Utility\Teamspeak2_RC2\TeamSpeak.exe
O4 - Global Startup: MSN Messenger 7.5.lnk = ?
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b47946.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{95F7A1BD-1B12-41CD-B549-D8BA1D4DC9D1}: NameServer = 193.204.35.27
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe

che mi dici ?

ciao marco
Avatar utente
piacio1984
Neo Iscritto
Neo Iscritto
 
Messaggi: 21
Iscritto il: sab feb 10, 2007 1:21 am

Re: problemi sfonditaliacitofarefaiexplore

Messaggioda crazy.cat » sab feb 10, 2007 9:20 am

piacio1984 ha scritto:ciao sono nuovo ed ignorante lo premetto, ho letto un po in giro ma non so che file fixare.

Intanto clamwin non dispone del controllo in tempo reale dei virus e quindi lo rende (almeno per il momento) un antivirus inutile.
Ti serve qualcosa con Antivir pe o Active virus shield, a seconda della potenza del tuo pc, in più ti serve un vero firewall che mi sembra tu non abbia.

Nel log si vedono questi problemi da eliminare e non il classico dialer sfondiitalia.
rifai la scansione e selezioni le caselle sulla sinistra di queste righe e poi premi fix, controlla poi che spariscano i due file exe e le loro cartelle.
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [typeaboutcoolball] C:\Documents and Settings\All Users\Dati applicazioni\regs debug type about\poll book.exe
O4 - HKCU\..\Run: [FACE DELETE] C:\DOCUME~1\Marco\DATIAP~1\DrawCopy\bendamenball.exe

Installati questo programma
http://download5.emsisoft.com/a2FreeSetup.exe
lo aggiorni e fai la scansione ed elimini tutto quello che trova.

Se hai ancora problemi dopo queste pulizie facci sapere.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda piacio1984 » sab feb 10, 2007 5:39 pm

ok quello che mi hai fatto scaricare che cos'è? hai il link per caso dove scaricare un buon antivirus free e anche un buon firewall?

questo e lo scan dopo il fix il problema citofarefa e sfonditalia c'è ancora


Logfile of HijackThis v1.99.1
Scan saved at 16.36.30, on 10/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ASWL2K.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\ASUS\ASUS Live Update\ALU.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe
C:\Programmi\Antivirus\ClamWin\bin\ClamTray.exe
C:\Programmi\utility\Spyware Terminator\SpywareTerminatorShield.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Marco\Desktop\HyperCut.exe
C:\Programmi\Utility\Teamspeak2_RC2\TeamSpeak.exe
C:\Programmi\Skype\Plugin Manager\SkypePM.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\a-squared Free\a2free.exe
C:\Documents and Settings\Marco\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Utility\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Programmi\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\Antivirus\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programmi\utility\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: HyperCut.lnk = C:\Documents and Settings\Marco\Desktop\HyperCut.exe
O4 - Startup: Teamspeak 2 RC2.lnk = C:\Programmi\Utility\Teamspeak2_RC2\TeamSpeak.exe
O4 - Global Startup: MSN Messenger 7.5.lnk = ?
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b47946.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{95F7A1BD-1B12-41CD-B549-D8BA1D4DC9D1}: NameServer = 193.204.35.27
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe

spybot e spyware terminetor li tengo? o li disinstallo? ciao e grazie ancora marco
Avatar utente
piacio1984
Neo Iscritto
Neo Iscritto
 
Messaggi: 21
Iscritto il: sab feb 10, 2007 1:21 am

Messaggioda piacio1984 » sab feb 10, 2007 5:44 pm

dimenticavo dopo il fix iexplore c'è ancora. che faccio?
Avatar utente
piacio1984
Neo Iscritto
Neo Iscritto
 
Messaggi: 21
Iscritto il: sab feb 10, 2007 1:21 am

Messaggioda -superluca- » sab feb 10, 2007 6:12 pm

piacio1984 ha scritto:ok quello che mi hai fatto scaricare che cos'è?

è un'anti maleware.
Avatar utente
-superluca-
Senior Member
Senior Member
 
Messaggi: 264
Iscritto il: dom feb 04, 2007 8:43 pm
Località: A casa mia e dove se no!!!!

Messaggioda piacio1984 » sab feb 10, 2007 6:23 pm

il tuo programma mi ha trovato 23 file con il tuo programma,
17 coockies e 10 heuristic.lop

questo il resoconto

a-squared Free - Version 2.1

Impostazioni scansione:

Oggetti: Memoria, Tracce, Cookies, C:\, D:\
Archivio scansioni: On
Scientifico: On
ADS Scan: On

Scansione avviata: 10/02/2007 16.36.10

C:\Documents and Settings\Marco\Cookies\marco@serving-sys[1].txt rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Cookies\marco@bs.serving-sys[1].txt rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:105 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:111 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:113 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:123 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:162 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:182 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:201 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:234 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:235 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:236 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:246 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:273 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:274 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:275 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:291 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Marco\Impostazioni locali\Temp\47e079.exe rilevati: Heuristic.LOP
C:\Documents and Settings\Marco\Impostazioni locali\Temp\sta12.exe rilevati: Heuristic.LOP
C:\Documents and Settings\Marco\Impostazioni locali\Temp\3e3289.exe rilevati: Heuristic.LOP
C:\Documents and Settings\Marco\Impostazioni locali\Temp\sta4.exe rilevati: Heuristic.LOP
C:\Documents and Settings\Marco\Impostazioni locali\Temporary Internet Files\Content.IE5\9BB6D2QA\upAYB[1].int rilevati: Heuristic.LOP
C:\Documents and Settings\Marco\Impostazioni locali\Temporary Internet Files\Content.IE5\5B0YCXJN\upAYB_unk[1].int rilevati: Heuristic.LOP
C:\Documents and Settings\Marco\Dati applicazioni\DrawCopy\biasmediastopupload.exe rilevati: Heuristic.LOP
C:\Documents and Settings\Marco\Dati applicazioni\DrawCopy\flap sect download.exe rilevati: Heuristic.LOP
C:\Documents and Settings\Marco\Dati applicazioni\DrawCopy\ebrxodle.exe rilevati: Heuristic.LOP
C:\Documents and Settings\Marco\Dati applicazioni\DrawCopy\nssemtko.exe rilevati: Heuristic.LOP

Scansionati

Files: 103314
Tracce: 97219
Cookies: 356
Processi: 32

Rilevato

Files: 10
Tracce: 0
Cookies: 17
Processi: 0
Chiavi registro: 0

Fine scansione: 10/02/2007 17.08.41
Tempo scansione: 0.32.31

C:\Documents and Settings\Marco\Impostazioni locali\Temp\47e079.exe Cancellato Heuristic.LOP
C:\Documents and Settings\Marco\Impostazioni locali\Temp\sta12.exe Cancellato Heuristic.LOP
C:\Documents and Settings\Marco\Impostazioni locali\Temp\3e3289.exe Cancellato Heuristic.LOP
C:\Documents and Settings\Marco\Impostazioni locali\Temp\sta4.exe Cancellato Heuristic.LOP
C:\Documents and Settings\Marco\Impostazioni locali\Temporary Internet Files\Content.IE5\9BB6D2QA\upAYB[1].int Cancellato Heuristic.LOP
C:\Documents and Settings\Marco\Impostazioni locali\Temporary Internet Files\Content.IE5\5B0YCXJN\upAYB_unk[1].int Cancellato Heuristic.LOP
C:\Documents and Settings\Marco\Dati applicazioni\DrawCopy\biasmediastopupload.exe Cancellato Heuristic.LOP
C:\Documents and Settings\Marco\Dati applicazioni\DrawCopy\flap sect download.exe Cancellato Heuristic.LOP
C:\Documents and Settings\Marco\Dati applicazioni\DrawCopy\ebrxodle.exe Cancellato Heuristic.LOP
C:\Documents and Settings\Marco\Dati applicazioni\DrawCopy\nssemtko.exe Cancellato Heuristic.LOP
C:\Documents and Settings\Marco\Cookies\marco@serving-sys[1].txt Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Cookies\marco@bs.serving-sys[1].txt Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:105 Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:111 Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:113 Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:123 Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:162 Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:182 Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:201 Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:234 Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:235 Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:236 Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:246 Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:273 Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:274 Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:275 Cancellato Trace.TrackingCookie
C:\Documents and Settings\Marco\Dati applicazioni\Mozilla\Firefox\Profiles\vp3me4if.default\cookies.txt:291 Cancellato Trace.TrackingCookie

Cancellato

Files: 10
Tracce: 0
Cookies: ho fatto scan con spybot e il problema di citofarefa e sfonditalia c'è ancora e anche iexplore
Avatar utente
piacio1984
Neo Iscritto
Neo Iscritto
 
Messaggi: 21
Iscritto il: sab feb 10, 2007 1:21 am

Messaggioda crazy.cat » sab feb 10, 2007 6:38 pm

piacio1984 ha scritto:il problema di citofarefa

non riesco a capire cosa sia questo citofarefa?????

Antivir pe come antivirus
http://www.free-av.com/down/windows/ant ... u_en_h.exe

Zonealarm come firewall
http://dl2.zonelabs.com/bin/free/1220_i ... 000_it.exe

Spywareterminator da tenere assolutamente.

Sarebbe il caso di abbandonare una volta per tutte la navigazione con Internet explorer ed usare firefox o Opera che sono molto più sicuri.

Ma hai un icona sul desktop per il dialer sfonditalia o cosa?
Se c'è un icona riesci guardando nelle proprietà del collegamento a risalire ad un file?

Nel log non si vede altro di pericoloso.

Proviamo anche con questo programma
http://www.tgsoft.it/files/vnlt6154.exe
lo installi, lo aggiorni, fai la scansione e rimozione.
Una volta fatto lo puoi anche disinstallare.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda piacio1984 » sab feb 10, 2007 6:57 pm

citofarefa e sfonditalia vanno d'amore e d'accordo nel senso che spesso se ne hai uno hai anche l'altro. non ho icone, e non mi crea problemi solo che spybot non me lo cancella mentre spyware terminator non lo trova proprio.
iexplore c'è ancora che ci faccio?


Logfile of HijackThis v1.99.1
Scan saved at 17.55.39, on 10/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\Programmi\Utility\Avast\aswUpdSv.exe
C:\Programmi\Utility\Avast\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ASWL2K.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\ASUS\ASUS Live Update\ALU.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe
C:\Programmi\Antivirus\ClamWin\bin\ClamTray.exe
C:\Programmi\utility\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\Utility\Avast\ashDisp.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Documents and Settings\Marco\Desktop\HyperCut.exe
C:\Programmi\Utility\Teamspeak2_RC2\TeamSpeak.exe
C:\Programmi\Utility\Avast\ashMaiSv.exe
C:\Programmi\Utility\Avast\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Skype\Plugin Manager\SkypePM.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Marco\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Utility\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Programmi\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\Antivirus\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programmi\utility\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Utility\Avast\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: HyperCut.lnk = C:\Documents and Settings\Marco\Desktop\HyperCut.exe
O4 - Startup: Teamspeak 2 RC2.lnk = C:\Programmi\Utility\Teamspeak2_RC2\TeamSpeak.exe
O4 - Global Startup: MSN Messenger 7.5.lnk = ?
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b47946.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{95F7A1BD-1B12-41CD-B549-D8BA1D4DC9D1}: NameServer = 193.204.35.27
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Utility\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Utility\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Utility\Avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Utility\Avast\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe

questo e lo scan con hijack...
Avatar utente
piacio1984
Neo Iscritto
Neo Iscritto
 
Messaggi: 21
Iscritto il: sab feb 10, 2007 1:21 am

Prossimo

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 0 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising