Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Pagine Pubblicitarie

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Pagine Pubblicitarie

Messaggioda shiny deoxys » mer apr 22, 2009 7:45 pm

salve,
usando il cerca di questo ottimissimo forum, ho trovato un problema simile al mio cioè l'apertura di pagine pubblicitarie non volute.
ora vi dico cosa uso:

-Nod 32 (antivirus)
-spybot search % destroy

Ora seguendo quella guida ho scaricato HijackThis
ho fatto la scansione e questo è il log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20.00.14, on 22/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\Programmi\Veoh Networks\Veoh\VeohClient.exe
C:\Programmi\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\documents and settings\schip\impostazioni locali\dati applicazioni\mesyiok.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmi\WiFiConnector\NintendoWFCReg.exe
C:\Programmi\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe
C:\WINDOWS\VPro500.exe
C:\Programmi\DesktopEarth\DesktopEarth.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Programmi\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Programmi\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\MioNet\MioNetManager.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\Programmi\Eset\nod32krn.exe
C:\Programmi\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd .exe
C:\WINDOWS\system32\ctfmon .exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programmi\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programmi\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SPC500NC_Monitor] C:\WINDOWS\Philips\SPC500NC\Monitor.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Programmi\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [VeohPlugin] "C:\Programmi\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [mesyiok] "c:\documents and settings\schip\impostazioni locali\dati applicazioni\mesyiok.exe" mesyiok
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: DesktopEarth AutoStart.lnk = ?
O4 - Startup: Piylzq2tOn.lnk = C:\Documents and Settings\schip\Impostazioni locali\Temp\uolvvubc.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: Esegui il programma di registrazione della chiave USB Wi-Fi Nintendo.lnk = C:\Programmi\WiFiConnector\NintendoWFCReg.exe
O4 - Global Startup: HPAiODevice(hp officejet 7100 series) - 1.lnk = C:\Programmi\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe
O4 - Global Startup: VPro500.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Programmi\MioNet\MioNetManager.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE

--
End of file - 9320 bytes


dopo ho scaricato navilog, sono entrato in modalità provvisoria l'ho avviato e ho scelto (per sbaglio) l'opzione n3 anzichè la n4

Navipromo Removal version 3.7.6 started on 22/04/2009 at 20.06.55,46

Fix running from C:\Programmi\navilog1
Actual User Account : "schip"

Updated on 14.03.2009 at 18h00 by IL-MAFIOSO

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 07/07/06 22:50:40 Ver: 08.00.10
USER : schip ( Administrator )
BOOT : Fail-safe boot

Antivirus : Sistema Antivirus NOD32 2.70 2.70 (Activated)


A:\ (USB)
C:\ (Local Disk) - NTFS - Total:149 Go (Free:124 Go)
D:\ (CD or DVD)


*** Searching, making backups and deleting files ***

No Files entered !!


*** Deleting folders in "C:\WINDOWS" ***


*** Deleting folders in "C:\Programmi" ***


*** Deleting folders in "C:\Documents and Settings\All Users\menuav~1\progra~1" ***


*** Deleting folders in "C:\Documents and Settings\All Users\menuav~1" ***


*** Deleting folders in "c:\docume~1\alluse~1\datiap~1" ***


*** Deleting folders in "C:\Documents and Settings\schip\datiap~1" ***


*** Deleting folders in "C:\Documents and Settings\schip\impost~1\datiap~1" ***


*** Deleting folders in "C:\Documents and Settings\schip\menuav~1\progra~1" ***



*** Deleting files ***


*** Deleting temporary files ***

Cleaning of C:\WINDOWS\Temp done !
Cleaning of C:\Documents and Settings\schip\impost~1\Temp done !

*** Complementary Search ***
(Search specific files)

1)Deletion with backups new Instant Access files:

2)Heuristic search and deletion with backups :


* In "C:\WINDOWS\system32" *



* In "C:\Documents and Settings\schip\impost~1\datiap~1" *


mesyiok.exe found !
Copy mesyiok.exe done !
mesyiok.exe deleted !

mesyiok.dat found !
Copy mesyiok.dat done !
mesyiok.dat deleted !

mesyiok_nav.dat found !
Copy mesyiok_nav.dat done !
mesyiok_nav.dat deleted !

mesyiok_navps.dat found !
Copy mesyiok_navps.dat done !
mesyiok_navps.dat deleted !


*** Copy Registry to Safebackup folder ***

Backing up Registry done !

*** Cleaning Registry ***

Registry cleaned


*** Certificates ***

Egroup Certificate not found !
Electronic-Group Certificate not found !
Montorgueil Certificate not found !
OOO-Favorit Certificate not found !
Sunny-Day-Design-Ltd Certificate not found !

*** Search others known folders and files ***



*** Cleaning stage complete on 22/04/2009 at 20.08.41,40 ***


non so cosa ho fatto [cry] e vorrei chiarimenti da qualche esperto...

comunque stringendo i denti sono andato avanti, ho rifatto tutto da capo e ho scelto (che fortuna!) l'opzione n4

Navipromo Removal version 3.7.6 started on 22/04/2009 at 20.20.51,31

Fix running from C:\Programmi\navilog1
Actual User Account : "schip"

Updated on 14.03.2009 at 18h00 by IL-MAFIOSO

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 07/07/06 22:50:40 Ver: 08.00.10
USER : schip ( Administrator )
BOOT : Fail-safe boot

Antivirus : Sistema Antivirus NOD32 2.70 2.70 (Activated)


A:\ (USB)
C:\ (Local Disk) - NTFS - Total:149 Go (Free:124 Go)
D:\ (CD or DVD)



Manual Removal

Typed filename : qmieyms

Cleanning stage done in safe mode

*** Searching, making backups and deleting files ***

* Deletion in "C:\WINDOWS\system32" *


* Deletion in "C:\Documents and Settings\schip\impost~1\datiap~1" *



*** Deleting folders in "C:\WINDOWS" ***


*** Deleting folders in "C:\Programmi" ***


*** Deleting folders in "C:\Documents and Settings\All Users\menuav~1\progra~1" ***


*** Deleting folders in "C:\Documents and Settings\All Users\menuav~1" ***


*** Deleting folders in "c:\docume~1\alluse~1\datiap~1" ***


*** Deleting folders in "C:\Documents and Settings\schip\datiap~1" ***


*** Deleting folders in "C:\Documents and Settings\schip\impost~1\datiap~1" ***


*** Deleting folders in "C:\Documents and Settings\schip\menuav~1\progra~1" ***



*** Deleting files ***


*** Deleting temporary files ***

Cleaning of C:\WINDOWS\Temp done !
Cleaning of C:\Documents and Settings\schip\impost~1\Temp done !

*** Complementary Search ***
(Search specific files)

1)Deletion with backups new Instant Access files:

2)Heuristic search and deletion with backups :


* In "C:\WINDOWS\system32" *


* In "C:\Documents and Settings\schip\impost~1\datiap~1" *


*** Copy Registry to Safebackup folder ***

Backing up Registry done !

*** Cleaning Registry ***

Registry cleaned


*** Certificates ***

Egroup Certificate not found !
Electronic-Group Certificate not found !
Montorgueil Certificate not found !
OOO-Favorit Certificate not found !
Sunny-Day-Design-Ltd Certificate not found !

*** Search others known folders and files ***



*** Cleaning stage complete on 22/04/2009 at 20.23.06,50 ***


sono rientrato in modalita normale ho cancellato i file dalla cartella C://prefer (mi sembra si chiami così) e ho avviato per 3 volte la pulizia di CCleaner. Ora il mio problema sembra risolto ma vorrei sapere se percaso ho combinato problemi scegliendo l'opzione sbagliata...Grazie per il lavoro che svolgete.
Avatar utente
shiny deoxys
Neo Iscritto
Neo Iscritto
 
Messaggi: 16
Iscritto il: mer apr 22, 2009 7:35 pm

Re: Pagine Pubblicitarie

Messaggioda ste_95 » mer apr 22, 2009 7:48 pm

Scarica ComboFix , salvandolo sul desktop con un nome di fantasia, ed esegui la scansione seguendo queste istruzioni (giù in fondo). Al termine della scansione verrà creato il file di report C:\combofix.txt, copia qui il suo contenuto inserendolo tra i tag LOG, in questo modo:
Codice: Seleziona tutto
[LOG]qui va inserito il log[/LOG]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: Pagine Pubblicitarie

Messaggioda shiny deoxys » mer apr 22, 2009 8:15 pm

ComboFix 09-04-23.02 - schip 22/04/2009 21.05.29.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.1023.367 [GMT 2:00]
Eseguito da: c:\documents and settings\schip\Desktop\ComboFix.exe
AV: Sistema Antivirus NOD32 2.70 *On-access scanning enabled* (Updated)
* Creato nuovo punto di ripristino
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\schip\Dati applicazioni\inst.exe
C:\install.exe
c:\programmi\update.exe

.
((((((((((((((((((((((((( Files Creati Da 2009-03-23 al 2009-04-23 )))))))))))))))))))))))))))))))))))
.

2141-06-18 15:49 . 2141-06-18 15:49 3120 ----a-w c:\windows\MF_C421.lfa
2141-06-18 15:49 . 2141-06-18 15:49 3120 ----a-w c:\windows\MF_C420.lfa
2009-04-22 19:00 . 2009-04-22 01:27 -------- d-----w C:\32788R22FWJFW
2009-04-22 17:25 . 2009-04-22 17:24 102664 ----a-w c:\windows\system32\drivers\tmcomm.sys
2009-04-22 17:24 . 2009-04-22 17:25 -------- d-----w c:\documents and settings\schip\.housecall6.6
2009-04-20 18:19 . 2009-04-22 18:28 -------- d-----w c:\documents and settings\schip\Tracing
2009-04-19 19:31 . 2009-04-22 18:29 14348 ----a-w c:\windows\system32\nerocheck.exe
2009-04-19 19:31 . 2009-04-22 18:11 14348 ----a-w c:\windows\system32\nerocheck.exe2954534744
2009-04-19 19:31 . 2009-04-22 17:57 14348 ----a-w c:\windows\system32\nerocheck.exe2800647465
2009-04-19 19:31 . 2009-04-22 17:43 14348 ----a-w c:\windows\system32\nerocheck.exe3976750156
2009-04-19 19:31 . 2009-04-22 16:52 14348 ----a-w c:\windows\system32\nerocheck.exe4234743029
2009-04-19 19:31 . 2009-04-22 11:19 14348 ----a-w c:\windows\system32\nerocheck.exe2381670988
2009-04-19 19:31 . 2009-04-21 16:08 14348 ----a-w c:\windows\system32\nerocheck.exe4257853633
2009-04-19 19:31 . 2009-04-20 21:56 14348 ----a-w c:\windows\system32\nerocheck.exe3952690111
2009-04-19 19:31 . 2009-04-20 13:47 14348 ----a-w c:\windows\system32\nerocheck.exe2793539488
2009-04-19 19:31 . 2009-04-20 13:11 14348 ----a-w c:\windows\system32\nerocheck.exe631415572
2009-04-19 19:31 . 2009-04-20 12:08 14348 ----a-w c:\windows\system32\nerocheck.exe3680657184
2009-04-19 19:31 . 2009-04-19 19:31 14348 ----a-w c:\windows\system32\nerocheck.exe2160372274
2009-04-09 09:28 . 2009-04-09 09:28 0 ----a-w c:\windows\system32\mapisvc.inf
2009-04-09 09:28 . 2009-04-09 09:27 298104 ----a-w c:\windows\system32\imon.dll
2009-04-09 09:28 . 2009-04-09 09:27 512096 ----a-w c:\windows\system32\drivers\amon.sys
2009-04-09 09:28 . 2009-04-09 09:27 15424 ----a-w c:\windows\system32\drivers\nod32drv.sys
2009-04-09 08:33 . 2009-04-09 08:33 -------- d-----w c:\documents and settings\schip\Dati applicazioni\InstallShield
2009-04-09 07:54 . 2009-04-18 16:53 -------- d-----w C:\Downloads
2009-04-05 17:37 . 2005-01-04 18:43 4682 ----a-w c:\windows\system32\npptNT2.sys
2009-04-05 17:37 . 2003-07-21 03:17 5174 ----a-w c:\windows\system32\nppt9x.vxd
2009-04-02 16:44 . 2009-04-21 14:32 -------- d-----w c:\documents and settings\schip\Impostazioni locali\Dati applicazioni\WarRockDF
2009-03-29 12:43 . 2009-03-29 12:43 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-29 11:28 . 2004-02-04 19:11 81920 ----a-w c:\windows\system32\AC3ACM.acm
2009-03-29 11:28 . 2003-05-21 21:50 82944 ----a-w c:\windows\system32\vct3216.acm
2009-03-29 11:28 . 2003-05-21 21:50 38912 ----a-w c:\windows\system32\alf2cd.acm
2009-03-29 11:28 . 2000-03-14 18:55 13239 ----a-w c:\windows\system32\Scg726.acm
2009-03-29 11:28 . 2007-09-27 12:22 413760 ----a-w c:\windows\system32\mpg4c32.dll
2009-03-29 11:28 . 2007-09-27 12:22 261632 ----a-w c:\windows\system32\mcdvd_32.dll
2009-03-29 11:28 . 2007-09-27 12:22 139264 ----a-w c:\windows\system32\xvidvfw.dll
2009-03-29 11:28 . 2003-05-21 21:50 156910 ----a-w c:\windows\WMSysPr8.prx
2009-03-29 11:28 . 2003-05-21 21:50 1700352 ----a-w c:\windows\system32\GdiPlus.dll
2009-03-29 11:28 . 2003-05-21 10:50 24576 ----a-w c:\windows\system32\msxml3a.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-22 19:05 . 2007-12-08 21:01 -------- d-----w c:\programmi\ESET
2009-04-22 18:29 . 2004-08-19 13:39 14348 ----a-w c:\windows\system32\ctfmon.exe
2009-04-22 18:23 . 2009-04-22 18:20 2337 ----a-w C:\cleannavi.txt
2009-04-22 18:23 . 2009-04-22 17:36 -------- d-----w c:\programmi\Navilog1
2009-04-22 17:59 . 2009-04-22 17:59 -------- d-----w c:\programmi\Trend Micro
2009-04-21 17:42 . 2009-04-21 17:42 -------- d-----w c:\programmi\DesktopEarth
2009-04-21 15:34 . 2009-01-01 21:20 -------- d-----w c:\documents and settings\schip\Dati applicazioni\Skype
2009-04-21 14:00 . 2009-01-01 21:22 -------- d-----w c:\documents and settings\schip\Dati applicazioni\skypePM
2009-04-21 13:58 . 2008-08-22 07:48 -------- d-----w c:\programmi\Metin2_Italiano
2009-04-20 18:18 . 2007-12-08 20:55 44704 ----a-w c:\documents and settings\schip\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-04-20 14:28 . 2009-04-20 14:28 -------- d-----w c:\programmi\Microsoft
2009-04-20 14:28 . 2009-04-20 14:28 -------- d-----w c:\programmi\Windows Live SkyDrive
2009-04-20 14:27 . 2008-01-27 15:52 -------- d-----w c:\programmi\Windows Live
2009-04-20 14:26 . 2009-04-20 14:26 -------- d-----w c:\programmi\File comuni\Windows Live
2009-04-20 14:15 . 2007-12-09 09:36 -------- d-----w c:\programmi\CCleaner
2009-04-19 19:19 . 2007-12-22 11:59 -------- d-----w c:\programmi\WiFiConnector
2009-04-17 15:36 . 2008-03-23 11:28 268 ---ha-w C:\sqmdata10.sqm
2009-04-17 15:36 . 2008-03-20 18:23 244 ---ha-w C:\sqmnoopt09.sqm
2009-04-16 20:41 . 2008-03-20 18:23 268 ---ha-w C:\sqmdata09.sqm
2009-04-16 20:41 . 2008-03-20 11:09 244 ---ha-w C:\sqmnoopt08.sqm
2009-04-15 18:14 . 2008-03-20 11:09 268 ---ha-w C:\sqmdata08.sqm
2009-04-15 18:14 . 2008-03-05 19:03 244 ---ha-w C:\sqmnoopt07.sqm
2009-04-14 21:24 . 2008-03-05 19:03 208 ---ha-w C:\sqmdata07.sqm
2009-04-14 21:24 . 2008-01-21 18:27 172 ---ha-w C:\sqmnoopt06.sqm
2009-04-14 17:11 . 2007-12-12 20:46 -------- d-----w c:\documents and settings\schip\Dati applicazioni\Vso
2009-04-14 17:11 . 2008-01-21 18:27 136 ---ha-w C:\sqmdata06.sqm
2009-04-14 17:11 . 2007-12-08 21:02 244 ---ha-w C:\sqmnoopt05.sqm
2009-04-14 17:11 . 2007-12-08 21:02 136 ---ha-w C:\sqmdata05.sqm
2009-04-14 17:11 . 2007-12-08 20:54 268 ---ha-w C:\sqmdata04.sqm
2009-04-14 17:11 . 2007-12-08 20:54 244 ---ha-w C:\sqmnoopt04.sqm
2009-04-13 21:41 . 2007-12-08 20:49 268 ---ha-w C:\sqmdata03.sqm
2009-04-13 21:41 . 2007-12-08 20:49 244 ---ha-w C:\sqmnoopt03.sqm
2009-04-13 17:47 . 2007-12-08 20:39 268 ---ha-w C:\sqmdata02.sqm
2009-04-13 17:47 . 2007-12-08 20:39 244 ---ha-w C:\sqmnoopt02.sqm
2009-04-12 20:51 . 2007-12-08 20:32 268 ---ha-w C:\sqmdata01.sqm
2009-04-12 20:51 . 2007-12-08 20:32 244 ---ha-w C:\sqmnoopt01.sqm
2009-04-11 13:17 . 2007-12-03 20:14 268 ---ha-w C:\sqmdata00.sqm
2009-04-11 13:17 . 2007-12-03 20:14 244 ---ha-w C:\sqmnoopt00.sqm
2009-04-11 08:26 . 2008-09-05 17:58 268 ---ha-w C:\sqmdata19.sqm
2009-04-11 08:26 . 2008-09-05 17:58 244 ---ha-w C:\sqmnoopt19.sqm
2009-04-10 21:58 . 2008-09-04 21:25 268 ---ha-w C:\sqmdata18.sqm
2009-04-10 21:58 . 2008-09-04 21:25 244 ---ha-w C:\sqmnoopt18.sqm
2009-04-10 13:17 . 2008-09-04 21:21 268 ---ha-w C:\sqmdata17.sqm
2009-04-10 13:17 . 2008-09-04 21:21 244 ---ha-w C:\sqmnoopt17.sqm
2009-04-09 13:19 . 2008-08-21 14:32 268 ---ha-w C:\sqmdata16.sqm
2009-04-09 13:19 . 2008-08-21 14:32 244 ---ha-w C:\sqmnoopt16.sqm
2009-04-09 09:35 . 2008-07-21 18:20 268 ---ha-w C:\sqmdata15.sqm
2009-04-09 09:35 . 2008-07-21 18:20 244 ---ha-w C:\sqmnoopt15.sqm
2009-04-09 09:28 . 2008-07-21 10:41 268 ---ha-w C:\sqmdata14.sqm
2009-04-09 09:28 . 2008-07-21 10:41 244 ---ha-w C:\sqmnoopt14.sqm
2009-04-09 09:18 . 2008-07-20 21:08 268 ---ha-w C:\sqmdata13.sqm
2009-04-09 09:18 . 2008-07-20 21:08 244 ---ha-w C:\sqmnoopt13.sqm
2009-04-09 08:33 . 2007-12-03 19:34 -------- d--h--w c:\programmi\InstallShield Installation Information
2009-04-08 19:38 . 2008-05-24 08:20 268 ---ha-w C:\sqmdata12.sqm
2009-04-08 19:38 . 2008-05-24 08:20 244 ---ha-w C:\sqmnoopt12.sqm
2009-04-08 15:48 . 2008-04-20 17:38 268 ---ha-w C:\sqmdata11.sqm
2009-04-08 15:48 . 2008-04-20 17:38 244 ---ha-w C:\sqmnoopt11.sqm
2009-04-05 17:22 . 2009-04-05 17:22 -------- d-----w c:\programmi\Games-Masters.com
2009-04-05 16:52 . 2009-04-05 16:30 -------- d-----w c:\programmi\launcher
2009-04-05 16:52 . 2009-04-05 16:37 61 ----a-w c:\programmi\mainex.dat
2009-04-05 16:50 . 2009-04-05 16:37 163 ----a-w c:\programmi\main.dat
2009-04-05 16:50 . 2009-04-05 16:29 -------- d-----w c:\programmi\data
2009-04-05 16:37 . 2009-04-05 16:29 73728 ----a-w c:\programmi\cabal.exe
2009-04-05 16:32 . 2009-04-05 16:29 199454 ----a-w c:\programmi\unins000.dat
2009-04-05 16:30 . 2009-04-05 16:29 -------- d-----w c:\programmi\GameGuard
2009-03-05 14:17 . 2008-07-25 08:29 -------- d-----w c:\programmi\Alice ti aiuta
2009-03-05 12:56 . 2008-09-20 18:07 -------- d-----w c:\programmi\Motive
2009-02-06 16:52 . 2009-02-06 16:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2008-06-09 15:11 . 2009-04-05 16:29 369664 ----a-w c:\programmi\fmodexL.dll
2008-06-09 15:11 . 2009-04-05 16:29 325632 ----a-w c:\programmi\fmodex.dll
2008-01-31 19:47 . 2008-01-31 19:47 20816 ----a-w c:\documents and settings\schip\fyhyevfg.exe
2008-01-31 19:46 . 2008-01-31 19:46 20816 ----a-w c:\documents and settings\schip\ykeqsftt.exe
2008-01-31 19:46 . 2008-01-31 19:46 20816 ----a-w c:\documents and settings\schip\rxuomfcy.exe
2008-01-31 19:42 . 2008-01-31 19:42 20816 ----a-w c:\documents and settings\schip\nosxlvxq.exe
2007-12-12 20:46 . 2007-12-12 20:46 47360 ----a-w c:\documents and settings\schip\Dati applicazioni\pcouffin.sys
2008-09-09 19:27 . 2008-09-09 19:27 32768 --sha-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012008090920080910\index.dat
.

------- Sigcheck -------

[-] 2009-04-22 18:29 14348 82284B8FE5CE54365F8448F311160317 c:\windows\system32\ctfmon.exe

[-] 2007-01-03 10:51 296960 F959D929A6A22D78E3A6851A9361CE18 c:\windows\system32\termsrv.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2009-04-22 14348]
"MsnMsgr"="c:\programmi\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-22 14348]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\lib\NMBgMonitor.exe" [2006-02-01 98304]
"Veoh"="c:\programmi\Veoh Networks\Veoh\VeohClient.exe" [2008-04-01 3587120]
"VeohPlugin"="c:\programmi\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2008-12-16 3528440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SPC500NC_Monitor"="c:\windows\Philips\SPC500NC\Monitor.exe" [2009-04-22 14348]
"Share-to-Web Namespace Daemon"="c:\programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2009-04-22 14348]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2009-04-22 14348]
"Motive SmartBridge"="c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2009-04-22 14348]
"nod32kui"="c:\programmi\Eset\nod32kui.exe" [2009-04-09 949376]
"MSConfig"="c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2007-01-03 172032]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-04-04 16120832]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2006-02-20 86016]
"AlcWzrd"="ALCWZRD.EXE" - c:\windows\ALCWZRD.EXE [2006-03-14 2809344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2009-04-22 14348]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2007-01-03 123904]

c:\documents and settings\schip\Menu Avvio\Programmi\Esecuzione automatica\
DesktopEarth AutoStart.lnk - c:\documents and settings\schip\Dati applicazioni\Microsoft\Installer\{DBA5E973-660D-4CBE-A469-F5C37FBF0CE4}\_C1A9BF9D98647632ED5172.exe [2009-4-21 29926]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Reader Speed Launch.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\BitTorrent\\bittorrent.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Programmi\\DNA\\btdna.exe"=
"c:\\Programmi\\Veoh Networks\\Veoh\\VeohClient.exe"=
"c:\\Programmi\\Metin2_Italiano\\metin2.bin"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Metin2.us\\metin2.bin"=
"c:\\Programmi\\File comuni\\Ahead\\Lib\\NMBgMonitor.exe"=
"c:\\Programmi\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Programmi\\launcher\\update\\ESTdnheadless.exe"=
"c:\\Programmi\\WiFiConnector\\NintendoWFCReg.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1700:TCP"= 1700:TCP:MioNet Remote Drive Access
"1641:TCP"= 1641:TCP:MioNet Remote Drive Verification

R3 SPC500NC;SPC 500NC Laptop Camera;c:\windows\system32\DRIVERS\SPC610NC.SYS [2005-10-13 156800]
R3 SPC610NC;Philips SPC500NC Webcam;c:\windows\system32\DRIVERS\SPC610NC.SYS [2005-10-13 156800]
S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2009-04-09 15424]
S2 MioNet;MioNet Service;c:\programmi\MioNet\MioNetManager.exe [2005-07-15 139264]
S2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [2003-04-18 8192]


--- Altri Servizi/Drivers In Memoria ---

*Deregistered* - NDISRD

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b1373b4-a5d0-11dc-b955-0013c85f3d82}]
\Shell\AutoRun\command - E:\sidstick.exe
.
Contenuto della cartella 'Scheduled Tasks'

2009-04-22 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-04-23 15:17]

2009-04-22 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-04-23 15:17]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

Notify-WgaLogon - (no file)


.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\imon.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\schip\Dati applicazioni\Mozilla\Firefox\Profiles\3wzh5kuo.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - component: c:\programmi\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\programmi\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\programmi\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\programmi\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-22 21:07
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|þ»Ñw*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(692)
c:\windows\system32\SHSVCS.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\CLBCATQ.DLL

- - - - - - - > 'lsass.exe'(748)
c:\windows\system32\WLDAP32.dll
c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\ipsecsvc.dll
c:\windows\system32\imon.dll
c:\programmi\Eset\pr_imon.dll
.
Ora fine scansione: 2009-04-22 21.10.34
ComboFix-quarantined-files.txt 2009-04-22 19:09

Pre-Run: 134.216.794.112 byte disponibili
Post-Run: 134.210.932.736 byte disponibili

WindowsXP-KB310994-SP2-Pro-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

261 --- E O F --- 2008-09-04 19:05


fatto eccolo
Avatar utente
shiny deoxys
Neo Iscritto
Neo Iscritto
 
Messaggi: 16
Iscritto il: mer apr 22, 2009 7:35 pm


Re: Pagine Pubblicitarie

Messaggioda ste_95 » mer apr 22, 2009 8:19 pm

Scarica Avenger
Estrailo in una cartella a tua scelta
Esegui il file avenger.exe con la figura di una spada
Ora incolla queste righe nella box bianca che si è aperta:

Codice: Seleziona tutto
Files to delete:
c:\documents and settings\schip\impostazioni locali\dati applicazioni\mesyiok.exe
c:\documents and settings\schip\impostazioni locali\dati applicazioni\mesyiok.dat
c:\documents and settings\schip\impostazioni locali\dati applicazioni\mesyiok_nav.dat
c:\documents and settings\schip\impostazioni locali\dati applicazioni\mesyiok_navps.dat


Togli il segno di spunta dalla voce Scan for Rootkits
Premi il pulsante Execute
Rispondi di Si alle due richieste di Avenger
Adesso il tuo computer dovrebbe riavviarsi, nel caso non succedesse, riavvialo tu manualmente
Al riavvio del computer, copia e incolla qui il contenuto del blocco note che apparirà.

Se Avenger riporta un errore, prova a riscrivere manualmente la prima riga (Files to delete:) ricordando i due punti.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: Pagine Pubblicitarie

Messaggioda shiny deoxys » mer apr 22, 2009 8:30 pm

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:


Error: file "c:\documents and settings\schip\impostazioni locali\dati applicazioni\mesyiok.exe" not found!
Deletion of file "c:\documents and settings\schip\impostazioni locali\dati applicazioni\mesyiok.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\documents and settings\schip\impostazioni locali\dati applicazioni\mesyiok.dat" not found!
Deletion of file "c:\documents and settings\schip\impostazioni locali\dati applicazioni\mesyiok.dat" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\documents and settings\schip\impostazioni locali\dati applicazioni\mesyiok_nav.dat" not found!
Deletion of file "c:\documents and settings\schip\impostazioni locali\dati applicazioni\mesyiok_nav.dat" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\documents and settings\schip\impostazioni locali\dati applicazioni\mesyiok_navps.dat" not found!
Deletion of file "c:\documents and settings\schip\impostazioni locali\dati applicazioni\mesyiok_navps.dat" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.


fatto
Avatar utente
shiny deoxys
Neo Iscritto
Neo Iscritto
 
Messaggi: 16
Iscritto il: mer apr 22, 2009 7:35 pm

Re: Pagine Pubblicitarie

Messaggioda ste_95 » mer apr 22, 2009 8:59 pm

Hai ancora il problema delle pagine pubblicitarie? I log sono tutti puliti...
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: Pagine Pubblicitarie

Messaggioda shiny deoxys » mer apr 22, 2009 9:07 pm

ora di meno pero qualcuna si, comunque dopo aver usato avenger mi è usciata una finestrella (dopo il riavvio) "protezione file windows" ho fatto ripristino configurazione di sistema e sono riuscito a cacciare la scritta [:)]
Avatar utente
shiny deoxys
Neo Iscritto
Neo Iscritto
 
Messaggi: 16
Iscritto il: mer apr 22, 2009 7:35 pm

Re: Pagine Pubblicitarie

Messaggioda ste_95 » mer apr 22, 2009 9:17 pm

Protezione file Windows non è malevolo, qualche file dev'essere semplicemente stato modificato/corrotto, e Windows vuole ripristinarlo tramite il suo CD d'installazione.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: Pagine Pubblicitarie

Messaggioda shiny deoxys » gio apr 23, 2009 2:22 pm

ora cos'altro potrei fare per provare a eliminare ste fastidiosissime pagine pubblicitarie?
Avatar utente
shiny deoxys
Neo Iscritto
Neo Iscritto
 
Messaggi: 16
Iscritto il: mer apr 22, 2009 7:35 pm

Re: Pagine Pubblicitarie

Messaggioda ste_95 » gio apr 23, 2009 2:24 pm

Scarica ComboFix , salvandolo sul desktop con un nome di fantasia, ed esegui la scansione seguendo queste istruzioni (giù in fondo). Al termine della scansione verrà creato il file di report C:\combofix.txt, copia qui il suo contenuto inserendolo tra i tag LOG, in questo modo:
Codice: Seleziona tutto
[LOG]qui va inserito il log[/LOG]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising