Lucifero1

Ehi Bear ma come mai sai tutto ? come fai a sapere tutte queste cosille sul mondo sadico del Web e compagnia bella? :angel_not:

:dia: come tu sai Lucifero conosce tutte le lingue Ma come vivi in giappone ma non è possibile ! sei un pazzo scatenato ? li non hanno nemmeno i nomi delle vie come fai a non perderti... Cmq ho timore a mettere mani nelle chiavi di registro,winuwh32.dll l'ho eliminato manualmente andando su WINNT/System32/ ma non si cancellava allora l'ho rinominato e al riavvio l'ho cancellato.. Ho fatto la caz..ta vero ?

Ecco qui :omaggi: Logfile of HijackThis v1.99.1 Scan saved at 15.51.08, on 04/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\svchost.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\WINNT\system32\TrayIcon.exe C:\Programmi\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Programmi\I-Storm USB ADSL Modem\CnxDslTb.exe C:\Programmi\D-Tools\daemon.exe C:\Programmi\Softwin\BitDefender8\bdnagent.exe C:\Programmi\PGP Corporation\PGP for Windows 2000\PGPtray.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Programmi\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe C:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe C:\WINNT\system32\nvsvc32.exe C:\WINNT\system32\PGPserv.exe C:\WINNT\system32\svchost.exe C:\Programmi\File comuni\Softwin\BitDefender Communicator\xcommsvr.exe C:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe C:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Documents and Settings\ax\Documenti\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virgilio.it/oggi/index.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DisplayTrayIcon] C:\WINNT\system32\TrayIcon.exe O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [statusClient] C:\Programmi\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto O4 - HKLM\..\Run: [TomcatStartup] C:\Programmi\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Programmi\I-Storm USB ADSL Modem\CnxDslTb.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmi\D-Tools\daemon.exe" -lang 1033 -lock O4 - HKLM\..\Run: [bDMCon] "C:\Programmi\Softwin\BitDefender8\bdmcon.exe" O4 - HKLM\..\Run: [bDNewsAgent] "C:\Programmi\Softwin\BitDefender8\bdnagent.exe" O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: PGPtray.lnk = C:\Programmi\PGP Corporation\PGP for Windows 2000\PGPtray.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINNT\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINNT\system32\shdocvw.dll O12 - Plugin for .mov: C:\Programmi\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .mp4: C:\Programmi\Internet Explorer\PLUGINS\npqtplugin4.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{980843FA-8047-44C7-BD0C-B5D176BBF4F5}: NameServer = 193.70.152.15 193.70.152.25 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: winuwh32 - winuwh32.dll (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programmi\File comuni\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe O23 - Service: PGPserv - PGP Corporation - C:\WINNT\system32\PGPserv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Programmi\File comuni\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Certo è proprio il caso di dire che leggi fra le righe azz che battuta

Ma kuma sei un uomo o una macchina ? o un orso Non vorrei cantar vittoria troppo presto ma mi sembra di aver debellato il problema FENOMENALE !

Domanda ma Spyblaster a che serve ? cioè cosa devo selezionare? per applicare le protezioni?

Ragazzi ho lo stesso indentico Dialer di orangesky vi posto il mio log Ps ma come funziona Spyware blaster non ho capito come rimuovere i file -.- Logfile of HijackThis v1.99.1 Scan saved at 19.21.05, on 03/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\svchost.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINNT\SOUNDMAN.EXE C:\WINNT\system32\TrayIcon.exe C:\Programmi\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe C:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Programmi\I-Storm USB ADSL Modem\CnxDslTb.exe C:\WINNT\system32\nvsvc32.exe C:\Programmi\D-Tools\daemon.exe C:\WINNT\system32\PGPserv.exe C:\Programmi\PGP Corporation\PGP for Windows 2000\PGPtray.exe C:\WINNT\system32\svchost.exe C:\Programmi\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe C:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe C:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe C:\Programmi\eMule\emule.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\DOCUME~1\ax\IMPOST~1\Temp\Rar$EX00.362\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virgilio.it/oggi/index.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {424351BC-9C49-4D9D-A334-D09CA4C7ACA9} - (no file) O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DisplayTrayIcon] C:\WINNT\system32\TrayIcon.exe O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [statusClient] C:\Programmi\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto O4 - HKLM\..\Run: [TomcatStartup] C:\Programmi\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe O4 - HKLM\..\Run: [Ms Task Manager] tskmgr.exe O4 - HKLM\..\Run: [Norton Antivirus CCDebug] CCSEVRT.exe O4 - HKLM\..\Run: [secure Microsoft Windows] integitor.exe O4 - HKLM\..\Run: [Configuration Loaders For Device XT] itunesa.exe O4 - HKLM\..\Run: [Configuration Loader321] winamp.exe O4 - HKLM\..\Run: [Microsoft Office Studio] scvhvst.exe O4 - HKLM\..\Run: [msword] msword.exe O4 - HKLM\..\Run: [Configuration Firewall Loader] msgfix32.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Programmi\I-Storm USB ADSL Modem\CnxDslTb.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmi\D-Tools\daemon.exe" -lang 1033 -lock O4 - HKLM\..\RunServices: [Ms Task Manager] tskmgr.exe O4 - HKLM\..\RunServices: [Norton Antivirus CCDebug] CCSEVRT.exe O4 - HKLM\..\RunServices: [secure Microsoft Windows] integitor.exe O4 - HKLM\..\RunServices: [Configuration Loaders For Device XT] itunesa.exe O4 - HKLM\..\RunServices: [Configuration Loader321] winamp.exe O4 - HKLM\..\RunServices: [stone] stone.exe O4 - HKLM\..\RunServices: [Configuration Firewall Loader] msgfix32.exe O4 - HKCU\..\Run: [Ms Task Manager] tskmgr.exe O4 - HKCU\..\Run: [secure Microsoft Windows] integitor.exe O4 - HKCU\..\Run: [Configuration Loader321] winamp.exe O4 - HKCU\..\Run: [msword] msword.exe O4 - HKCU\..\Run: [Microsoft Office Studio] scvhvst.exe O4 - HKCU\..\Run: [Configuration Firewall Loader] msgfix32.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: PGPtray.lnk = C:\Programmi\PGP Corporation\PGP for Windows 2000\PGPtray.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINNT\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINNT\system32\shdocvw.dll O12 - Plugin for .mov: C:\Programmi\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .mp4: C:\Programmi\Internet Explorer\PLUGINS\npqtplugin4.dll O15 - Trusted Zone: www.1987324.com O17 - HKLM\System\CCS\Services\Tcpip\..\{980843FA-8047-44C7-BD0C-B5D176BBF4F5}: NameServer = 193.70.152.15 193.70.152.25 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: winuwh32 - C:\WINNT\SYSTEM32\winuwh32.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe O23 - Service: PGPserv - PGP Corporation - C:\WINNT\system32\PGPserv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe O23 - Service: PsExec (PSEXESVC) - Sysinternals - C:\WINNT\System32\PSEXESVC.EXE