AnnaLucia

WinGirls
 Visualizza profilo  Vedi la sua attività

  • Numero contenuti

    75

  • Iscritto

  • Ultima visita

Tutti i contenuti di AnnaLucia

  1. Lg U970

    AnnaLucia ha aggiunto un topic in LG Electronics

    Cosa mi sapete dire di questo lg? Riconosce come il suo predecessore il nome di chi ti manda un sms? Ditemi tutto!!!!!

  2. Lg U970

    AnnaLucia ha risposto a AnnaLucia nel forum LG Electronics

    Allora? Possibile che nessuno sappia aiutatmi? non ci credo!

  3. Lg U970

    AnnaLucia ha risposto a AnnaLucia nel forum LG Electronics

    E invece non lo fa spiug non solo non riconosce il mittene degli sms come fa suo cugino LG 250 xeries ma quando arriva un sms non lo segnala tranne che con una minuscola bustina in alto....c'è qualche programma che posso installare spiug? E' della 3 per cui vorrei togliergli tutte le impostazioni tipo pianeta 3 ecc...come faccio?

  4. Nokia 6630

    AnnaLucia ha aggiunto un topic in Nokia

    Ricordo male o sul nokia 6630 c'è la tv? io ricordo che c'era ma mi sa che l'ho cancellata!
  5. Da quache giorno mi si aprono le pagine di internet da sole....in particolare se ne apre una in cui c'è scritto che il mio pc ha dei problemi e che per risolverli devo cliccare su quella pagina. Cosa può essere successo? E' inutile dire che ho fatto già varie scansioni del pc con programmi antimalware e altro...vi posto il log, se qualcuno gli può dare un'occhiata e dirmi cosa eliminare gliene sarei grata! Logfile of HijackThis v1.99.1 Scan saved at 12.14.20, on 07/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\DOCUME~1\user\IMPOST~1\Temp\Rar$EX00.860\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [setDefPrt] C:\Programmi\Brother\Brmfl05a\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programmi\Brother\ControlCenter2\brctrcen.exe /autorun O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [nbmfrj] c:\documents and settings\user\impostazioni locali\dati applicazioni\nbmfrj.exe nbmfrj O4 - Global Startup: Controllo dello stato.lnk = C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
  6. Non preoccuparti, non ci sono problemi! Questo è il log in modalità normale: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19.27.10, on 11/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDll32.exe C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe C:\Programmi\Eset\nod32kui.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\rundll32.exe C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe C:\Programmi\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe C:\Programmi\Windows Live\Messenger\msnmsgr.exe C:\Programmi\Eset\nod32krn.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Windows Live\Messenger\usnsvc.exe C:\Programmi\internet explorer\iexplore.exe C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Programmi\File comuni\Real\Update_OB\RealOneMessageCenter.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\Mozilla Firefox\firefox.exe C:\Programmi\WinRAR\WinRAR.exe C:\DOCUME~1\user\IMPOST~1\Temp\Rar$EX00.328\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [setDefPrt] C:\Programmi\Brother\Brmfl05a\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programmi\Brother\ControlCenter2\brctrcen.exe /autorun O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Controllo dello stato.lnk = C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C3219B8D-09D0-4BB2-86F7-2416CE69258B}: NameServer = 193.70.152.15 193.70.152.25 O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe -- End of file - 7861 bytes

  7. Lg U970

    AnnaLucia ha risposto a AnnaLucia nel forum LG Electronics

    Grazie per la risposta...quello che interessava a me era sapere se riconosce il nome di chi manda un sms e dato che tra 3 giorni sarà nelle mie mani lo saprò!
  8. L'ho già fatta in modalità provvisoria, guarsa bene insieme alle altre che t'ho loggato. Grazie ancora!
  9. Innanzitutto grazie ad entrabi per i preziosi consigli. In particolare ad Angelique per la risposta esauriente e veloce e a dinop per l'importate precisazione! Bene, ho fatto tutto come mi avete detto e ora posto i log.....spero di aver risolto! Ma cos'ho? Sono grave? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14.19.36, on 08/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Safe mode -----------------------[ Lop S&D 4.2.0-7 XP/Vista ]--------------------- [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : user ] [ "C:\Lop SD" ] [ Selection : 1 ] [ 08/05/2008 | 14.13.37,02 ] [ PC : NETGEAR ] [ MAJ : 06-05-2008 | 21:45 ] -------------[ Listing folders in Application Data ]------------ [25/07/2007|21.27] C:\DOCUME~1\ADMINI~1\DATIAP~1\desktop.ini [10/05/2007|01.06] C:\DOCUME~1\ADMINI~1\DATIAP~1\Microsoft [07/05/2008|12.04] C:\DOCUME~1\ADMINI~1\DATIAP~1\WinRAR [1|File] C:\DOCUME~1\ADMINI~1\DATIAP~1\byte [4|Directory] C:\DOCUME~1\ADMINI~1\DATIAP~1\byte disponibili [16/07/2007|10.31] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe [30/08/2007|12.04] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Ahead [07/06/2007|09.42] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Brother [25/07/2007|21.27] C:\DOCUME~1\ALLUSE~1\DATIAP~1\desktop.ini [08/04/2008|13.22] C:\DOCUME~1\ALLUSE~1\DATIAP~1\DVD Shrink [20/11/2007|18.42] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Google [07/06/2007|09.43] C:\DOCUME~1\ALLUSE~1\DATIAP~1\InstallShield [18/04/2008|15.30] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft [05/05/2008|09.52] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft Help [20/11/2007|18.13] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Mozilla [07/06/2007|09.42] C:\DOCUME~1\ALLUSE~1\DATIAP~1\ScanSoft [26/06/2007|20.55] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Windows Genuine Advantage [18/04/2008|15.04] C:\DOCUME~1\ALLUSE~1\DATIAP~1\WLInstaller [21/04/2008|12.17] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Zylom [1|File] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte [15|Directory] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte disponibili [25/07/2007|21.27] C:\DOCUME~1\DEFAUL~1\DATIAP~1\desktop.ini [10/05/2007|01.06] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Microsoft [1|File] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte [3|Directory] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte disponibili [10/05/2007|01.06] C:\DOCUME~1\LOCALS~1\DATIAP~1\Microsoft [0|File] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte [3|Directory] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte disponibili [25/07/2007|19.52] C:\DOCUME~1\NETWOR~1\DATIAP~1\Microsoft [0|File] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte [3|Directory] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte disponibili [11/12/2007|20.49] C:\DOCUME~1\user\DATIAP~1\Adobe [30/08/2007|12.04] C:\DOCUME~1\user\DATIAP~1\Ahead [17/06/2007|16.16] C:\DOCUME~1\user\DATIAP~1\Brother [10/05/2007|02.59] C:\DOCUME~1\user\DATIAP~1\desktop.ini [20/11/2007|20.55] C:\DOCUME~1\user\DATIAP~1\DivX [23/02/2008|13.56] C:\DOCUME~1\user\DATIAP~1\dvdcss [11/12/2007|23.13] C:\DOCUME~1\user\DATIAP~1\Google [09/05/2007|19.12] C:\DOCUME~1\user\DATIAP~1\Identities [21/11/2007|20.56] C:\DOCUME~1\user\DATIAP~1\InstallShield [20/06/2007|14.52] C:\DOCUME~1\user\DATIAP~1\Macromedia [19/06/2007|12.57] C:\DOCUME~1\user\DATIAP~1\MicroHard [05/05/2008|09.45] C:\DOCUME~1\user\DATIAP~1\Microsoft [20/11/2007|18.14] C:\DOCUME~1\user\DATIAP~1\Mozilla [17/04/2008|20.37] C:\DOCUME~1\user\DATIAP~1\Real [05/05/2008|12.21] C:\DOCUME~1\user\DATIAP~1\Rinera Networks [25/07/2007|19.51] C:\DOCUME~1\user\DATIAP~1\Sun [20/11/2007|18.14] C:\DOCUME~1\user\DATIAP~1\Talkback [08/05/2008|14.13] C:\DOCUME~1\user\DATIAP~1\uTorrent [11/06/2007|10.22] C:\DOCUME~1\user\DATIAP~1\vlc [20/11/2007|18.27] C:\DOCUME~1\user\DATIAP~1\WinRAR [20/11/2007|18.57] C:\DOCUME~1\user\DATIAP~1\wsInspector [1|File] C:\DOCUME~1\user\DATIAP~1\byte [22|Directory] C:\DOCUME~1\user\DATIAP~1\byte disponibili ----------------[ Scheduled Tasks located in C:\WINDOWS\Tasks ]--------------- [08/05/2008 08.54][--ah-----] C:\WINDOWS\tasks\SA.DAT [02/03/2006 14.00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [02/03/2006 14.00][--ahs----] C:\WINDOWS\tasks\FOLDER.TSX ---------------[ Listing Folders in C:\Programmi ]-------------- [09/05/2007|19.31] C:\Programmi\7-Zip [16/07/2007|10.31] C:\Programmi\Adobe [07/06/2007|10.04] C:\Programmi\Brother [09/05/2007|19.16] C:\Programmi\C-Media 3D Audio [07/06/2007|10.04] C:\Programmi\Common Files [10/05/2007|01.04] C:\Programmi\ComPlus Applications [21/11/2007|20.57] C:\Programmi\CONITECH [29/04/2008|09.31] C:\Programmi\DivX [07/07/2007|23.44] C:\Programmi\DVD Shrink [07/07/2007|23.45] C:\Programmi\DVDFab HD Decrypter 3 [29/04/2008|10.12] C:\Programmi\eMule [17/04/2008|15.00] C:\Programmi\ESET [18/04/2008|14.39] C:\Programmi\File comuni [11/12/2007|23.12] C:\Programmi\Google [09/05/2007|19.38] C:\Programmi\InfraRecorder [07/05/2008|14.06] C:\Programmi\InstallShield Installation Information [09/05/2007|19.15] C:\Programmi\Intel [18/04/2008|09.22] C:\Programmi\Internet Explorer [26/04/2008|17.29] C:\Programmi\Java [01/07/2007|11.20] C:\Programmi\Messenger [17/04/2008|15.07] C:\Programmi\MessengerPlus! 3 [20/08/2007|22.45] C:\Programmi\MicroHard [10/05/2007|01.07] C:\Programmi\microsoft frontpage [09/05/2007|19.46] C:\Programmi\Microsoft Office [09/05/2007|19.46] C:\Programmi\Microsoft Visual Studio [09/05/2007|19.46] C:\Programmi\Microsoft Works [21/12/2007|11.45] C:\Programmi\Monte Cristo [10/05/2007|01.05] C:\Programmi\Movie Maker [08/05/2008|13.59] C:\Programmi\Mozilla Firefox [10/05/2007|01.04] C:\Programmi\MSN Gaming Zone [16/06/2007|12.18] C:\Programmi\Nero [10/05/2007|01.05] C:\Programmi\NetMeeting [31/07/2007|13.01] C:\Programmi\Outlook Express [21/04/2008|18.01] C:\Programmi\QuickTime [25/07/2007|19.06] C:\Programmi\Registry Mechanic [07/06/2007|09.42] C:\Programmi\ScanSoft [10/05/2007|01.05] C:\Programmi\Servizi in linea [07/05/2008|14.14] C:\Programmi\Startup Inspector for Windows [16/04/2008|12.35] C:\Programmi\Telecom Italia [09/05/2007|19.12] C:\Programmi\Uninstall Information [29/04/2008|10.04] C:\Programmi\uTorrent [09/05/2007|19.30] C:\Programmi\VideoLAN [18/04/2008|15.29] C:\Programmi\Windows Live [31/07/2007|13.01] C:\Programmi\Windows Media Player [10/05/2007|01.03] C:\Programmi\Windows NT [10/05/2007|01.06] C:\Programmi\WindowsUpdate [20/11/2007|18.27] C:\Programmi\WinRAR [10/05/2007|01.07] C:\Programmi\xerox [0|File] C:\Programmi\byte [50|Directory] C:\Programmi\byte disponibili ------[ Listing Folders in C:\Programmi\File comuni ]------ [09/05/2007|19.26] C:\Programmi\File comuni\Adobe [16/06/2007|12.19] C:\Programmi\File comuni\Ahead [28/11/2007|21.02] C:\Programmi\File comuni\Borland Shared [09/05/2007|19.46] C:\Programmi\File comuni\DESIGNER [07/06/2007|10.04] C:\Programmi\File comuni\InstallShield [20/11/2007|18.58] C:\Programmi\File comuni\Java [18/04/2008|15.30] C:\Programmi\File comuni\Microsoft Shared [10/05/2007|01.05] C:\Programmi\File comuni\MSSoap [10/05/2007|02.59] C:\Programmi\File comuni\ODBC [17/04/2008|20.10] C:\Programmi\File comuni\Real [07/06/2007|09.42] C:\Programmi\File comuni\ScanSoft Shared [10/05/2007|01.05] C:\Programmi\File comuni\Services [10/05/2007|02.59] C:\Programmi\File comuni\SpeechEngines [31/07/2007|13.01] C:\Programmi\File comuni\System [18/04/2008|15.29] C:\Programmi\File comuni\WindowsLiveInstaller [17/04/2008|20.10] C:\Programmi\File comuni\xing shared [0|File] C:\Programmi\File comuni\byte [18|Directory] C:\Programmi\File comuni\byte disponibili ---------------------------[ Process ]-------------------------- ... 38 MsgPlus.exe ~ [2316] ----------------------[ Searching with S_Lop ]--------------------- No Lop folder found ! -----------------[ Searching for Lop Files - Folders ]----------------- No Lop folder found ! ----------------------[ Searching within the Registry ]---------------------- ..... OK ! --------------------[ Checking the Hosts file ]--------------------- Hosts file CLEAN ----------------[ Searching for hidden files with Catchme ]----------------- catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-08 14:14:28 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------[ Searching for other infections ]--------------------- No other infections found ! /!\ [Fich:694][Doss:0] C:\DOCUME~1\user\Cookies /!\ [Fich:2][Doss:0] C:\DOCUME~1\user\IMPOST~1\TEMPOR~1\content.IE5 --------------------[ Scan completed at 14.14.52,97 ]---------------------- ComboFix 08-05-07.1 - user 2008-05-08 13.44.42.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.603 [GMT 2:00] Eseguito da: C:\Documents and Settings\user\Desktop\ComboFix.exe * Creato nuovo punto di ripristino * Resident AV is active WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\DOCUME~1\user\IMPOST~1\Temp\1.html C:\Documents and Settings\All Users\Desktop\webmediaplayer.lnk C:\Documents and Settings\All Users\Menu Avvio\Programmi\WebMediaPlayer C:\Documents and Settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\Condizioni generali.url C:\Documents and Settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\Disinstalla.lnk C:\Documents and Settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\Riservatezza.url C:\Documents and Settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\WebMediaPlayer.lnk C:\Documents and Settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\Website.url C:\Programmi\webmediaplayer C:\Programmi\webmediaplayer\resources\languages_v2.xml C:\Programmi\webmediaplayer\resources\webmedias C:\Programmi\webmediaplayer\skins\classic.skn C:\Programmi\webmediaplayer\sqlite3.dll C:\Programmi\webmediaplayer\uninst.exe C:\Programmi\webmediaplayer\WebMediaPlayer.exe C:\WINDOWS\Downloaded Program Files\setup.inf C:\WINDOWS\system32\nvs2.inf . ((((((((((((((((((((((((( Files Creati Da 2008-04-08 al 2008-05-08 ))))))))))))))))))))))))))))))))))) . 2008-05-08 13:44 . 2008-05-08 13:44 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG 2008-05-07 12:54 . 2008-05-07 14:16 <DIR> d-------- C:\Documents and Settings\user\.housecall6.6 2008-05-05 12:21 . 2008-05-05 12:21 <DIR> d-------- C:\Documents and Settings\user\Dati applicazioni\Rinera Networks 2008-04-28 20:13 . 2008-04-29 10:04 <DIR> d-------- C:\Programmi\uTorrent 2008-04-28 20:13 . 2008-05-08 13:44 <DIR> d-------- C:\Documents and Settings\user\Dati applicazioni\uTorrent 2008-04-26 18:59 . 2008-04-26 19:47 <DIR> d-------- C:\AVOneExport 2008-04-26 18:58 . 2008-04-30 18:49 79 --a------ C:\WINDOWS\buyurl0501.dat 2008-04-21 18:01 . 2008-04-21 18:01 <DIR> d-------- C:\Programmi\QuickTime 2008-04-21 16:29 . 2008-04-21 16:29 158,456 --------- C:\WINDOWS\system32\pxwma.dll 2008-04-21 12:17 . 2008-04-21 12:17 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Zylom 2008-04-19 09:28 . 2008-05-07 23:02 77 --a------ C:\WINDOWS\cdplayer.ini 2008-04-19 09:19 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-04-18 15:30 . 2008-04-18 15:31 <DIR> d-------- C:\Documents and Settings\user\Contacts 2008-04-18 15:29 . 2008-04-18 15:29 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2008-04-18 14:39 . 2008-04-18 15:29 <DIR> d-------- C:\Programmi\Windows Live 2008-04-18 14:39 . 2008-04-18 15:29 <DIR> d--hsc--- C:\Programmi\File comuni\WindowsLiveInstaller 2008-04-18 14:39 . 2008-04-18 15:04 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller 2008-04-17 20:10 . 2008-04-17 20:10 <DIR> d-------- C:\Programmi\File comuni\xing shared 2008-04-17 20:10 . 2008-04-17 20:10 <DIR> d-------- C:\Programmi\File comuni\Real 2008-04-17 20:10 . 2008-04-17 20:10 <DIR> d-------- C:\Program Files 2008-04-17 20:10 . 2008-04-17 20:10 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll 2008-04-17 20:10 . 2008-04-17 20:10 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll 2008-04-17 17:41 . 2008-04-29 10:12 <DIR> d-------- C:\Programmi\eMule 2008-04-17 15:06 . 2008-04-17 15:07 <DIR> d-------- C:\Programmi\MessengerPlus! 3 2008-04-16 12:40 . 2004-08-03 22:31 20,992 --a------ C:\WINDOWS\system32\drivers\RTL8139.sys 2008-04-16 12:40 . 2004-08-03 22:31 20,992 --a--c--- C:\WINDOWS\system32\dllcache\rtl8139.sys 2008-04-16 12:35 . 2008-04-16 12:35 <DIR> d-------- C:\Programmi\Telecom Italia . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-07 12:14 --------- d-----w C:\Programmi\Startup Inspector for Windows 2008-05-07 12:06 --------- d--h--w C:\Programmi\InstallShield Installation Information 2008-05-05 07:52 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Microsoft Help 2008-04-29 07:31 --------- d-----w C:\Programmi\DivX 2008-04-26 15:29 --------- d-----w C:\Programmi\Java 2008-04-17 13:00 --------- d-----w C:\Programmi\ESET 2008-04-08 11:22 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\DVD Shrink 2008-03-31 21:25 831,488 ----a-w C:\WINDOWS\system32\divx_xx0a.dll 2008-03-31 21:25 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll 2008-03-31 21:25 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll 2008-03-31 21:25 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll 2008-03-31 21:25 682,496 ----a-w C:\WINDOWS\system32\DivX.dll 2008-03-31 21:25 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe 2008-03-21 20:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe 2008-03-21 20:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll 2008-03-21 20:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll 2008-03-21 20:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll 2008-03-21 20:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll 2008-03-21 20:28 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll 2008-03-21 20:28 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll 2008-03-21 20:28 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll 2008-03-21 20:28 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll 2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll 2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll 2008-03-21 20:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll 2008-03-21 20:28 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll 2008-03-20 08:06 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys 2008-03-17 17:23 39,808 ----a-w C:\WINDOWS\system32\drivers\VIRAGTLT.SYS 2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-02-23 11:54 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2008-02-20 06:50 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll 2008-02-20 05:33 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll 2008-03-20 13:09 86,070 ----a-w C:\Programmi\mozilla firefox\plugins\pthreadVC2.dll 2008-03-20 13:09 1,516,280 ----a-w C:\Programmi\mozilla firefox\plugins\RineraProxy.dll . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* i valori vuoti & legittimi/default non sono visualizzati. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 11:28 139264] "swg"="C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-21 11:34 68856] "MessengerPlus3"="C:\Programmi\MessengerPlus! 3\MsgPlus.exe" [2008-04-17 15:06 190024] "msnmsgr"="C:\Programmi\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"="cmicnfg.cpl" [] "SSBkgdUpdate"="C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648] "PaperPort PTD"="C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-11 01:01 57393] "IndexSearch"="C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-11 01:28 40960] "SetDefPrt"="C:\Programmi\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152] "ControlCenter2.0"="C:\Programmi\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888] "NeroFilterCheck"="C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] "nod32kui"="C:\Programmi\Eset\nod32kui.exe" [2007-07-01 10:14 921600] "Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 04:35 94208] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 04:32 77824] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 04:36 114688] "BluetoothAuthenticationAgent"="bthprops.cpl" [2006-03-02 14:00 110592 C:\WINDOWS\system32\bthprops.cpl] "SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "MessengerPlus3"="C:\Programmi\MessengerPlus! 3\MsgPlus.exe" [2008-04-17 15:06 190024] "TkBellExe"="C:\Programmi\File comuni\Real\Update_OB\realsched.exe" [2008-04-17 20:10 185896] "QuickTime Task"="C:\Programmi\QuickTime\qttask.exe" [2008-04-21 18:01 413696] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360] "DWQueuedReporting"="C:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 09:01 437160] C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\ Controllo dello stato.lnk - C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe [2007-06-07 10:04:32 802816] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Programmi\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"= "C:\\Programmi\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Programmi\\Messenger\\msmsgs.exe"= "C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Programmi\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "C:\\Programmi\\uTorrent\\uTorrent.exe"= "C:\\Programmi\\Mozilla Firefox\\firefox.exe"= R2 ZDCNDIS5;ZDCNDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\ZDCNDIS5.sys [2007-04-19 11:16] R3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50] S3 XG762_XP;CONITECH 802.11g XG762N Driver;C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2007-04-19 11:16] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6da02af-b639-11dc-a0e5-00138ff04cf7}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe \Shell\Open(&0)\command - Recycled\ctfmon.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6da02b0-b639-11dc-a0e5-00138ff04cf7}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe \Shell\Open(&0)\command - Recycled\ctfmon.exe *Newly Created Service* - CATCHME . ************************************************************************** catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-08 13:48:15 Windows 5.1.2600 Service Pack 2 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\system32\lsass.exe -> C:\Programmi\Eset\pr_imon.dll . Ora fine scansione: 2008-05-08 13.48.59 ComboFix-quarantined-files.txt 2008-05-08 11:48:52 11 Directory 55,863,447,552 byte disponibili 14 Directory 57,558,962,176 byte disponibili 170 --- E O F --- 2008-04-19 11:39:32

  10. Antenna Gps

    AnnaLucia ha aggiunto un topic in Nokia

    Salve, ho un nokia 6630 e il tomtom....che modello di antenna GPS mi consigliate di acquistare?

  11. Dialer E Adsl

    AnnaLucia ha risposto a ariel nel forum Altri problemi legati alla Sicurezza

    Ho risolto grazie! Che differenza c'è tra una connessione lan NVIDIA nForce MCP Networking Controller e una lan Access Gateway USB Network Adapter? Ho una connessione adsl rosso alice...quale delle 2 reti lan devo lasciare attiva?

  12. Dialer E Adsl

    AnnaLucia ha risposto a ariel nel forum Altri problemi legati alla Sicurezza

    Grzie! Ora ci povo....mi sai spiegare la differenza tra un arete lan creata con Access Gateway USB Network Adapter e un arete lan creata con NVIDIA nForce MCP Networking Controller? Quale devo usare per la connessione adsl? Devono essere entrambe attive? Grazie!!

  13. Dialer E Adsl

    AnnaLucia ha risposto a ariel nel forum Altri problemi legati alla Sicurezza

    Salve! Mi interessava la vostra discussione così me la sono letta e ho seguito il consiglio di disattivare il mio modem interno (Conexant hsf v90 59k pci modem) ma ora come si fa a riattivarlo? Non lo trova più!!!! Io ho una connessione adsl con rosso alice, sono immune dai dialer?

  14. Spig Aiuto!

    AnnaLucia ha aggiunto un topic in Nokia

    Aiuto!!!! Pc Suit non "legge" più nel cellualre! Praticamente si è fernmato a quest'estate, vede i messaggi vecchi e no quelli nuovi! Che faccio?? In più oggi il cellualre, 6630, si spegne e si riaccende da solo abbastanza di continuo, che si fa? In pratica diventa bianco lo schermo con solo la scritta NOKIA e si riaccende senza il logo della Nokia (quello delle mani per intenderci), che faccio Spiug?
  15. VirIt mi ha trovato questi virus: C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\tzycfa.exe Infetto da Trojan.Win32.Dialer.IH C:\WINDOWS\system32\irdvxc.exe Infetto da Worm.Allaple.D C:\WINDOWS\system32\lzx32.sys Infetto da Trojan.Win32.Costrat.D Ma non riesco ad eliminarli.... Allora ho lanciato hijackthis...Per favore mi controllate questo log? Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 16.33.10, on 30/03/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Programmi\WinRAR\WinRAR.exe C:\DOCUME~1\PROPRI~1\IMPOST~1\Temp\Rar$EX00.781\HiJackThis_v2.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.symantec.com/techsupp/servlet/P...;build=STANDARD R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Vista HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Programmi\HP\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Programmi\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [updateManager] "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [sunkist2k] C:\Programmi\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [MS System Call Function] MSSCF32.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE O4 - HKLM\..\Run: [tzycfa.exe] C:\DOCUME~1\PROPRI~1\IMPOST~1\Temp\tzycfa.exe O4 - HKLM\..\RunServices: [MS System Call Function] MSSCF32.exe O4 - HKCU\..\Run: [backupNotify] c:\Programmi\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\MSMSGS.EXE" /background O4 - HKUS\S-1-5-18\..\Run: [MS System Call Function] MSSCF32.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [MS System Call Function] MSSCF32.exe (User 'Default user') O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ? O4 - Global Startup: Digisoft AntiDialer.lnk = C:\Programmi\Digisoft AntiDialer\AntiDialer.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Scarica con Download &Express - C:\Programmi\Download Express\Add_Url.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.alice.it O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1164635504972 O20 - AppInit_DLLs: Prova.dll O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe -- End of file - 7767 bytes

  16. Mi Controllate Questo Log Per Favore

    AnnaLucia ha risposto a AnnaLucia nel forum HiJackThis - Posta qui i Log

    Ho fatto tutto e ora posto i risultati: 1. Symantec Trojan.Linkoptimizer Removal Tool 1.0.8 Trojan.Linkoptimizer has not been found on your computer. 2. Lanciando la stringa control userpasswords2 compaiono i nomi Administrator e Proprietario La versione di VirIt è la 6.1.96 (tra l’altro mi è scaduta) e questi sono i trojan che ha trovato dopo che ho fatto pulizia con i vari programmi che mi hai consigliato di installare e lanciare: [sCANSIONE DEL REGISTRO] OK [C:] MASTER BOOT RECORD: OK BOOT SECTOR: OK C:\hp\KBD\KBD.EXE Possibile variante da Trojan.Win32.Agent.DW C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe Possibile variante da Trojan.Win32.Agent.DW C:\Programmi\ClamWin\bin\ClamTray.exe Possibile variante da Trojan.Win32.Agent.DW C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe Possibile variante da Trojan.Win32.Agent.DW C:\Programmi\HP\Digital Imaging\bin\backupnotify.exe Possibile variante da Trojan.Win32.Agent.DW C:\Programmi\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe Possibile variante da Trojan.Win32.Agent.DW C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe Possibile variante da Trojan.Win32.Agent.DW C:\Programmi\Multimedia Card Reader\shwicon2k.exe Possibile variante da Trojan.Win32.Agent.DW C:\WINDOWS\system32\lzx32.sys Infetto da Trojan.Win32.Costrat.D [D:] MASTER BOOT RECORD: OK BOOT SECTOR: OK [E:] [F:] [H:] BOOT SECTOR: OK [i:] BOOT SECTOR: OK [J:] BOOT SECTOR: OK [K:] BOOT SECTOR: OK [L:] BOOT SECTOR: OK Chiavi Registro infette: 0. Files Infetti: 9. Files Sospetti: 0. Files Analizzati: 128288. Files Totali: 128288. Chiavi Registro rimosse: 0. Virus Rimossi: 0. HIjackthis purtroppo in modalità provvisoria mi salva il log in un formato non riconosciuto dal mio pc perciò ti allego il log fatto in modalità normale: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 15.05.13, on 02/04/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe c:\windows\system32\svchost.exe C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\Programmi\Prevx1\PXAgent.exe C:\WINDOWS\System32\svchost.exe C:\VEXPLITE\viritsvc.exe C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\VEXPLITE\MONLITE.EXE C:\Programmi\Prevx1\PXConsole.exe C:\Programmi\PC Connectivity Solution\ServiceLayer.exe C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe C:\Programmi\Alice ti aiuta\bin\mpbtn.exe C:\VEXPLITE\viritexp.exe C:\Programmi\Java\j2re1.4.2_03\bin\bak\jusched.exe C:\WINDOWS\System32\HPZipm12.exe c:\programmi\internet explorer\iexplore.exe C:\WINDOWS\System32\ctfmon.exe C:\Programmi\Microsoft Office\Office10\WINWORD.EXE C:\Programmi\WinRAR\WinRAR.exe C:\DOCUME~1\PROPRI~1\IMPOST~1\Temp\Rar$EX01.297\HiJackThis_v2.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.symantec.com/techsupp/servlet/P...;build=STANDARD R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Dati applicazioni\Prevx\pxbho.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Vista HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Programmi\HP\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Programmi\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [updateManager] "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [sunkist2k] C:\Programmi\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE O4 - HKLM\..\Run: [PrevxOne] "C:\Programmi\Prevx1\PXConsole.exe" O4 - HKCU\..\Run: [backupNotify] c:\Programmi\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\MSMSGS.EXE" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user') O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Scarica con Download &Express - C:\Programmi\Download Express\Add_Url.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.alice.it O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1164635504972 O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Prevx Agent (PREVXAgent) - Prevx - C:\Programmi\Prevx1\PXAgent.exe O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe -- End of file - 8789 bytes

  17. Mi Controllate Questo Log Per Favore

    AnnaLucia ha risposto a AnnaLucia nel forum HiJackThis - Posta qui i Log

    Scusa, hai ragione, è questo il log in modalità normale: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 2.18.08, on 31/03/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\VEXPLITE\viritsvc.exe C:\WINDOWS\ALCXMNTR.EXE C:\VEXPLITE\MONLITE.EXE C:\Programmi\Messenger\MSMSGS.EXE C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe C:\Programmi\Alice ti aiuta\bin\mpbtn.exe C:\Programmi\Java\j2re1.4.2_03\bin\bak\jusched.exe C:\VEXPLITE\VIRITEXP.EXE C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\WinRAR\WinRAR.exe C:\DOCUME~1\PROPRI~1\IMPOST~1\Temp\Rar$EX00.875\HiJackThis_v2.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.symantec.com/techsupp/servlet/P...;build=STANDARD R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Vista HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Programmi\HP\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Programmi\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [updateManager] "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [sunkist2k] C:\Programmi\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [MS System Call Function] MSSCF32.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE O4 - HKLM\..\Run: [tzycfa.exe] C:\DOCUME~1\PROPRI~1\IMPOST~1\Temp\tzycfa.exe O4 - HKLM\..\RunServices: [MS System Call Function] MSSCF32.exe O4 - HKCU\..\Run: [backupNotify] c:\Programmi\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\MSMSGS.EXE" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [MS System Call Function] MSSCF32.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [MS System Call Function] MSSCF32.exe (User 'Default user') O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Scarica con Download &Express - C:\Programmi\Download Express\Add_Url.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.alice.it O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1164635504972 O17 - HKLM\System\CCS\Services\Tcpip\..\{2EBC1033-497D-428E-ABA1-22847122E3A7}: NameServer = 85.37.17.9 85.38.28.75 O17 - HKLM\System\CS1\Services\Tcpip\..\{2EBC1033-497D-428E-ABA1-22847122E3A7}: NameServer = 85.37.17.9 85.38.28.75 O20 - AppInit_DLLs: Prova.dll O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe -- End of file - 8366 bytes

  18. Mi Controllate Questo Log Per Favore

    AnnaLucia ha risposto a AnnaLucia nel forum HiJackThis - Posta qui i Log

    Ciao! In verità li ho eseguiti in moadlità normale entrambi e comunque virit mi è scaduto quindi trova i virus ma non li limina..... in più ho scoperto che si sono installate 2 connesioni strane che tentavano di connettersi da sole e mi staccavano l'adsl, ora le ho eliminate. Mi puoi aiutare? puoi controllarmi il log di hijack e dirmi cosa eliminare per favore? Aspetto tue notizie! Anna

  19. Spig Aiuto!

    AnnaLucia ha risposto a AnnaLucia nel forum Nokia

    Fa niente, grazie lo stesso!!! Comunque non mi sta dando più problemi....speriamo bene!!!

  20. Spig Aiuto!

    AnnaLucia ha risposto a AnnaLucia nel forum Nokia

    L'ho subito scaricato anche in italiano e funziona benissimo ora pc suit! Ho già fatto una copia di backup ieri....comunque ho letto un paio di discussioni sul forum di wininizio riguardo il mio problema dello schermo e parlavano di un gommino che si sposta come conseguenza alle cadute...dici che potrebbe essere questo? Ho letto che basta aprire il telefono, individuare questo gommino che ha funzione isolante e tutto funziona come prima....sai come posso capire di quale gommino si tratta?

  21. Spig Aiuto!

    AnnaLucia ha risposto a AnnaLucia nel forum Nokia

    Ho instalto questa versione ma è in inglese....comunque ora legge correttamente il cellulare! Per quanto riguarda il problema che si spegne non so dire per quanto tempo resta spento...per pochissimo...qualche secondo...sarà perchè in uesti giorni mi è caduta 2 volte a terra la borsa in cui lo tenevo???? che faccio???

  22. Software Per Nokia 6630

    AnnaLucia ha aggiunto un topic in Nokia

    Che voi sappiate c'è un modo per "commissionare" la realizzazione di software per symbian? Stò ancora cercando un sw che avvisi in qualsiasi modo quando il cellulare è fuori copertura ma non lo trovo....ho trovato i sw più assurdi e inutili ma quello proprio no! Un Siemens che ho per esempio avvisa con una lucetta...altri con un suono....a me basta che il mio 6630 mi avvisi in qualunque modo! Chiedo troppo? Ah, come si fa a mettere una foto come sfondo coprendo però tutto il display? sapete se c'è un modo o un software per farlo? Poi mi mandate la fattura per queste consulenze! Grazie!

  23. Software Per Nokia 6630

    AnnaLucia ha risposto a AnnaLucia nel forum Nokia

    Allora quando hai tempo dilettati pure a creare un sw del genere! Ho già inoltrato una richiesta del genere a quel sito ma niente....per la fattura invece la conatterà al più presto il mio ufficio amministrativo per chiederle i dati per il bonifico! Grazie di tutto!

  24. Quick Word Su 6630

    AnnaLucia ha aggiunto un topic in Nokia

    Salve...sono sempre io....questa volta vi chiedo aiuto per quick word...non funziona più sul 6630, non riconosce più i file word....come faccio ora? Lo si può scaricare? Non riesco nemmeno a caricare una cartina, la nuova versione della cartina d'italia....forse è perchè è per il tom tom one? AIUTATEMI!

  25. Quick Word Su 6630

    AnnaLucia ha risposto a AnnaLucia nel forum Nokia

    Avevo letto una recensione che gli attribuiva 11 giorni di autonomia....a me dura circa 3 giorni. Grazie ancora per la tua consulenza Spiug!!! Ma c'è un modo per "commissionare" la realizzazione di software per symbian? Stò ancora cercando un sw che avvisi in qualsiasi modo quando il cellulare è fuori copertura ma non lo trovo....ho trovato i sw più assurdi e inutili ma quello proprio no! Un Siemens che ho per esempio avvisa con una lucetta...altri con un suono....a me basta che il mio 6630 mi avvisi in qualunque modo! Chiedo troppo? Ah, come si fa a mettere una foto come sfondo coprendo però tutto il display? sai se c'è un modo o un sw per farlo? Poi mi mandi la fattura per queste consulenze! Grazie ancora!