AnnaLucia
WinGirls-
Numero contenuti
75 -
Iscritto
-
Ultima visita
Risposte inseriti da AnnaLucia
-
-
E invece non lo fa spiug
non solo non riconosce il mittene degli sms come fa suo cugino LG 250 xeries ma quando arriva un sms non lo segnala tranne che con una minuscola bustina in alto....c'è qualche programma che posso installare spiug? E' della 3 per cui vorrei togliergli tutte le impostazioni tipo pianeta 3 ecc...come faccio? 
-
in Nokia
Ricordo male o sul nokia 6630 c'è la tv? io ricordo che c'era ma mi sa che l'ho cancellata!
-
Non preoccuparti, non ci sono problemi!
Questo è il log in modalità normale:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19.27.10, on 11/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe
C:\Programmi\Eset\nod32kui.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe
C:\Programmi\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Programmi\internet explorer\iexplore.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programmi\File comuni\Real\Update_OB\RealOneMessageCenter.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\user\IMPOST~1\Temp\Rar$EX00.328\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [indexSearch] C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [setDefPrt] C:\Programmi\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programmi\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Controllo dello stato.lnk = C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C3219B8D-09D0-4BB2-86F7-2416CE69258B}: NameServer = 193.70.152.15 193.70.152.25
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
--
End of file - 7861 bytes
-
Grazie per la risposta...quello che interessava a me era sapere se riconosce il nome di chi manda un sms e dato che tra 3 giorni sarà nelle mie mani lo saprò!
-
L'ho già fatta in modalità provvisoria, guarsa bene insieme alle altre che t'ho loggato.
Grazie ancora!
-
Innanzitutto grazie ad entrabi per i preziosi consigli. In particolare ad Angelique per la risposta esauriente e veloce e a dinop per l'importate precisazione!
Bene, ho fatto tutto come mi avete detto e ora posto i log.....spero di aver risolto! Ma cos'ho? Sono grave?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14.19.36, on 08/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Safe mode
-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : user ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 08/05/2008 | 14.13.37,02 ] [ PC : NETGEAR ]
[ MAJ : 06-05-2008 | 21:45 ]
-------------[ Listing folders in Application Data ]------------
[25/07/2007|21.27] C:\DOCUME~1\ADMINI~1\DATIAP~1\desktop.ini
[10/05/2007|01.06] C:\DOCUME~1\ADMINI~1\DATIAP~1\Microsoft
[07/05/2008|12.04] C:\DOCUME~1\ADMINI~1\DATIAP~1\WinRAR
[1|File] C:\DOCUME~1\ADMINI~1\DATIAP~1\byte
[4|Directory] C:\DOCUME~1\ADMINI~1\DATIAP~1\byte disponibili
[16/07/2007|10.31] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe
[30/08/2007|12.04] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Ahead
[07/06/2007|09.42] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Brother
[25/07/2007|21.27] C:\DOCUME~1\ALLUSE~1\DATIAP~1\desktop.ini
[08/04/2008|13.22] C:\DOCUME~1\ALLUSE~1\DATIAP~1\DVD Shrink
[20/11/2007|18.42] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Google
[07/06/2007|09.43] C:\DOCUME~1\ALLUSE~1\DATIAP~1\InstallShield
[18/04/2008|15.30] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft
[05/05/2008|09.52] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft Help
[20/11/2007|18.13] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Mozilla
[07/06/2007|09.42] C:\DOCUME~1\ALLUSE~1\DATIAP~1\ScanSoft
[26/06/2007|20.55] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Windows Genuine Advantage
[18/04/2008|15.04] C:\DOCUME~1\ALLUSE~1\DATIAP~1\WLInstaller
[21/04/2008|12.17] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Zylom
[1|File] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte
[15|Directory] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte disponibili
[25/07/2007|21.27] C:\DOCUME~1\DEFAUL~1\DATIAP~1\desktop.ini
[10/05/2007|01.06] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Microsoft
[1|File] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte disponibili
[10/05/2007|01.06] C:\DOCUME~1\LOCALS~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte disponibili
[25/07/2007|19.52] C:\DOCUME~1\NETWOR~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte disponibili
[11/12/2007|20.49] C:\DOCUME~1\user\DATIAP~1\Adobe
[30/08/2007|12.04] C:\DOCUME~1\user\DATIAP~1\Ahead
[17/06/2007|16.16] C:\DOCUME~1\user\DATIAP~1\Brother
[10/05/2007|02.59] C:\DOCUME~1\user\DATIAP~1\desktop.ini
[20/11/2007|20.55] C:\DOCUME~1\user\DATIAP~1\DivX
[23/02/2008|13.56] C:\DOCUME~1\user\DATIAP~1\dvdcss
[11/12/2007|23.13] C:\DOCUME~1\user\DATIAP~1\Google
[09/05/2007|19.12] C:\DOCUME~1\user\DATIAP~1\Identities
[21/11/2007|20.56] C:\DOCUME~1\user\DATIAP~1\InstallShield
[20/06/2007|14.52] C:\DOCUME~1\user\DATIAP~1\Macromedia
[19/06/2007|12.57] C:\DOCUME~1\user\DATIAP~1\MicroHard
[05/05/2008|09.45] C:\DOCUME~1\user\DATIAP~1\Microsoft
[20/11/2007|18.14] C:\DOCUME~1\user\DATIAP~1\Mozilla
[17/04/2008|20.37] C:\DOCUME~1\user\DATIAP~1\Real
[05/05/2008|12.21] C:\DOCUME~1\user\DATIAP~1\Rinera Networks
[25/07/2007|19.51] C:\DOCUME~1\user\DATIAP~1\Sun
[20/11/2007|18.14] C:\DOCUME~1\user\DATIAP~1\Talkback
[08/05/2008|14.13] C:\DOCUME~1\user\DATIAP~1\uTorrent
[11/06/2007|10.22] C:\DOCUME~1\user\DATIAP~1\vlc
[20/11/2007|18.27] C:\DOCUME~1\user\DATIAP~1\WinRAR
[20/11/2007|18.57] C:\DOCUME~1\user\DATIAP~1\wsInspector
[1|File] C:\DOCUME~1\user\DATIAP~1\byte
[22|Directory] C:\DOCUME~1\user\DATIAP~1\byte disponibili
----------------[ Scheduled Tasks located in C:\WINDOWS\Tasks ]---------------
[08/05/2008 08.54][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 14.00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
[02/03/2006 14.00][--ahs----] C:\WINDOWS\tasks\FOLDER.TSX
---------------[ Listing Folders in C:\Programmi ]--------------
[09/05/2007|19.31] C:\Programmi\7-Zip
[16/07/2007|10.31] C:\Programmi\Adobe
[07/06/2007|10.04] C:\Programmi\Brother
[09/05/2007|19.16] C:\Programmi\C-Media 3D Audio
[07/06/2007|10.04] C:\Programmi\Common Files
[10/05/2007|01.04] C:\Programmi\ComPlus Applications
[21/11/2007|20.57] C:\Programmi\CONITECH
[29/04/2008|09.31] C:\Programmi\DivX
[07/07/2007|23.44] C:\Programmi\DVD Shrink
[07/07/2007|23.45] C:\Programmi\DVDFab HD Decrypter 3
[29/04/2008|10.12] C:\Programmi\eMule
[17/04/2008|15.00] C:\Programmi\ESET
[18/04/2008|14.39] C:\Programmi\File comuni
[11/12/2007|23.12] C:\Programmi\Google
[09/05/2007|19.38] C:\Programmi\InfraRecorder
[07/05/2008|14.06] C:\Programmi\InstallShield Installation Information
[09/05/2007|19.15] C:\Programmi\Intel
[18/04/2008|09.22] C:\Programmi\Internet Explorer
[26/04/2008|17.29] C:\Programmi\Java
[01/07/2007|11.20] C:\Programmi\Messenger
[17/04/2008|15.07] C:\Programmi\MessengerPlus! 3
[20/08/2007|22.45] C:\Programmi\MicroHard
[10/05/2007|01.07] C:\Programmi\microsoft frontpage
[09/05/2007|19.46] C:\Programmi\Microsoft Office
[09/05/2007|19.46] C:\Programmi\Microsoft Visual Studio
[09/05/2007|19.46] C:\Programmi\Microsoft Works
[21/12/2007|11.45] C:\Programmi\Monte Cristo
[10/05/2007|01.05] C:\Programmi\Movie Maker
[08/05/2008|13.59] C:\Programmi\Mozilla Firefox
[10/05/2007|01.04] C:\Programmi\MSN Gaming Zone
[16/06/2007|12.18] C:\Programmi\Nero
[10/05/2007|01.05] C:\Programmi\NetMeeting
[31/07/2007|13.01] C:\Programmi\Outlook Express
[21/04/2008|18.01] C:\Programmi\QuickTime
[25/07/2007|19.06] C:\Programmi\Registry Mechanic
[07/06/2007|09.42] C:\Programmi\ScanSoft
[10/05/2007|01.05] C:\Programmi\Servizi in linea
[07/05/2008|14.14] C:\Programmi\Startup Inspector for Windows
[16/04/2008|12.35] C:\Programmi\Telecom Italia
[09/05/2007|19.12] C:\Programmi\Uninstall Information
[29/04/2008|10.04] C:\Programmi\uTorrent
[09/05/2007|19.30] C:\Programmi\VideoLAN
[18/04/2008|15.29] C:\Programmi\Windows Live
[31/07/2007|13.01] C:\Programmi\Windows Media Player
[10/05/2007|01.03] C:\Programmi\Windows NT
[10/05/2007|01.06] C:\Programmi\WindowsUpdate
[20/11/2007|18.27] C:\Programmi\WinRAR
[10/05/2007|01.07] C:\Programmi\xerox
[0|File] C:\Programmi\byte
[50|Directory] C:\Programmi\byte disponibili
------[ Listing Folders in C:\Programmi\File comuni ]------
[09/05/2007|19.26] C:\Programmi\File comuni\Adobe
[16/06/2007|12.19] C:\Programmi\File comuni\Ahead
[28/11/2007|21.02] C:\Programmi\File comuni\Borland Shared
[09/05/2007|19.46] C:\Programmi\File comuni\DESIGNER
[07/06/2007|10.04] C:\Programmi\File comuni\InstallShield
[20/11/2007|18.58] C:\Programmi\File comuni\Java
[18/04/2008|15.30] C:\Programmi\File comuni\Microsoft Shared
[10/05/2007|01.05] C:\Programmi\File comuni\MSSoap
[10/05/2007|02.59] C:\Programmi\File comuni\ODBC
[17/04/2008|20.10] C:\Programmi\File comuni\Real
[07/06/2007|09.42] C:\Programmi\File comuni\ScanSoft Shared
[10/05/2007|01.05] C:\Programmi\File comuni\Services
[10/05/2007|02.59] C:\Programmi\File comuni\SpeechEngines
[31/07/2007|13.01] C:\Programmi\File comuni\System
[18/04/2008|15.29] C:\Programmi\File comuni\WindowsLiveInstaller
[17/04/2008|20.10] C:\Programmi\File comuni\xing shared
[0|File] C:\Programmi\File comuni\byte
[18|Directory] C:\Programmi\File comuni\byte disponibili
---------------------------[ Process ]--------------------------
... 38
MsgPlus.exe ~ [2316]
----------------------[ Searching with S_Lop ]---------------------
No Lop folder found !
-----------------[ Searching for Lop Files - Folders ]-----------------
No Lop folder found !
----------------------[ Searching within the Registry ]----------------------
..... OK !
--------------------[ Checking the Hosts file ]---------------------
Hosts file CLEAN
----------------[ Searching for hidden files with Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-08 14:14:28
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Searching for other infections ]---------------------
No other infections found !
/!\ [Fich:694][Doss:0] C:\DOCUME~1\user\Cookies
/!\ [Fich:2][Doss:0] C:\DOCUME~1\user\IMPOST~1\TEMPOR~1\content.IE5
--------------------[ Scan completed at 14.14.52,97 ]----------------------
ComboFix 08-05-07.1 - user 2008-05-08 13.44.42.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.603 [GMT 2:00]
Eseguito da: C:\Documents and Settings\user\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\DOCUME~1\user\IMPOST~1\Temp\1.html
C:\Documents and Settings\All Users\Desktop\webmediaplayer.lnk
C:\Documents and Settings\All Users\Menu Avvio\Programmi\WebMediaPlayer
C:\Documents and Settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\Condizioni generali.url
C:\Documents and Settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\Disinstalla.lnk
C:\Documents and Settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\Riservatezza.url
C:\Documents and Settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\WebMediaPlayer.lnk
C:\Documents and Settings\All Users\Menu Avvio\Programmi\WebMediaPlayer\Website.url
C:\Programmi\webmediaplayer
C:\Programmi\webmediaplayer\resources\languages_v2.xml
C:\Programmi\webmediaplayer\resources\webmedias
C:\Programmi\webmediaplayer\skins\classic.skn
C:\Programmi\webmediaplayer\sqlite3.dll
C:\Programmi\webmediaplayer\uninst.exe
C:\Programmi\webmediaplayer\WebMediaPlayer.exe
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\system32\nvs2.inf
.
((((((((((((((((((((((((( Files Creati Da 2008-04-08 al 2008-05-08 )))))))))))))))))))))))))))))))))))
.
2008-05-08 13:44 . 2008-05-08 13:44 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
2008-05-07 12:54 . 2008-05-07 14:16 <DIR> d-------- C:\Documents and Settings\user\.housecall6.6
2008-05-05 12:21 . 2008-05-05 12:21 <DIR> d-------- C:\Documents and Settings\user\Dati applicazioni\Rinera Networks
2008-04-28 20:13 . 2008-04-29 10:04 <DIR> d-------- C:\Programmi\uTorrent
2008-04-28 20:13 . 2008-05-08 13:44 <DIR> d-------- C:\Documents and Settings\user\Dati applicazioni\uTorrent
2008-04-26 18:59 . 2008-04-26 19:47 <DIR> d-------- C:\AVOneExport
2008-04-26 18:58 . 2008-04-30 18:49 79 --a------ C:\WINDOWS\buyurl0501.dat
2008-04-21 18:01 . 2008-04-21 18:01 <DIR> d-------- C:\Programmi\QuickTime
2008-04-21 16:29 . 2008-04-21 16:29 158,456 --------- C:\WINDOWS\system32\pxwma.dll
2008-04-21 12:17 . 2008-04-21 12:17 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Zylom
2008-04-19 09:28 . 2008-05-07 23:02 77 --a------ C:\WINDOWS\cdplayer.ini
2008-04-19 09:19 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-04-18 15:30 . 2008-04-18 15:31 <DIR> d-------- C:\Documents and Settings\user\Contacts
2008-04-18 15:29 . 2008-04-18 15:29 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-04-18 14:39 . 2008-04-18 15:29 <DIR> d-------- C:\Programmi\Windows Live
2008-04-18 14:39 . 2008-04-18 15:29 <DIR> d--hsc--- C:\Programmi\File comuni\WindowsLiveInstaller
2008-04-18 14:39 . 2008-04-18 15:04 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2008-04-17 20:10 . 2008-04-17 20:10 <DIR> d-------- C:\Programmi\File comuni\xing shared
2008-04-17 20:10 . 2008-04-17 20:10 <DIR> d-------- C:\Programmi\File comuni\Real
2008-04-17 20:10 . 2008-04-17 20:10 <DIR> d-------- C:\Program Files
2008-04-17 20:10 . 2008-04-17 20:10 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-04-17 20:10 . 2008-04-17 20:10 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-04-17 17:41 . 2008-04-29 10:12 <DIR> d-------- C:\Programmi\eMule
2008-04-17 15:06 . 2008-04-17 15:07 <DIR> d-------- C:\Programmi\MessengerPlus! 3
2008-04-16 12:40 . 2004-08-03 22:31 20,992 --a------ C:\WINDOWS\system32\drivers\RTL8139.sys
2008-04-16 12:40 . 2004-08-03 22:31 20,992 --a--c--- C:\WINDOWS\system32\dllcache\rtl8139.sys
2008-04-16 12:35 . 2008-04-16 12:35 <DIR> d-------- C:\Programmi\Telecom Italia
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-07 12:14 --------- d-----w C:\Programmi\Startup Inspector for Windows
2008-05-07 12:06 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-05-05 07:52 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Microsoft Help
2008-04-29 07:31 --------- d-----w C:\Programmi\DivX
2008-04-26 15:29 --------- d-----w C:\Programmi\Java
2008-04-17 13:00 --------- d-----w C:\Programmi\ESET
2008-04-08 11:22 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\DVD Shrink
2008-03-31 21:25 831,488 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-03-31 21:25 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-03-31 21:25 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-03-31 21:25 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-03-31 21:25 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2008-03-31 21:25 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-03-21 20:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-03-21 20:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-03-21 20:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-03-21 20:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-03-21 20:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-03-21 20:28 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-03-21 20:28 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-03-21 20:28 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-03-21 20:28 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-03-21 20:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-03-21 20:28 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-03-20 08:06 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-17 17:23 39,808 ----a-w C:\WINDOWS\system32\drivers\VIRAGTLT.SYS
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-23 11:54 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-02-20 06:50 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:33 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-03-20 13:09 86,070 ----a-w C:\Programmi\mozilla firefox\plugins\pthreadVC2.dll
2008-03-20 13:09 1,516,280 ----a-w C:\Programmi\mozilla firefox\plugins\RineraProxy.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 11:28 139264]
"swg"="C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-21 11:34 68856]
"MessengerPlus3"="C:\Programmi\MessengerPlus! 3\MsgPlus.exe" [2008-04-17 15:06 190024]
"msnmsgr"="C:\Programmi\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="cmicnfg.cpl" []
"SSBkgdUpdate"="C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
"PaperPort PTD"="C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-11 01:01 57393]
"IndexSearch"="C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-11 01:28 40960]
"SetDefPrt"="C:\Programmi\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"ControlCenter2.0"="C:\Programmi\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888]
"NeroFilterCheck"="C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"nod32kui"="C:\Programmi\Eset\nod32kui.exe" [2007-07-01 10:14 921600]
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 04:35 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 04:32 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 04:36 114688]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2006-03-02 14:00 110592 C:\WINDOWS\system32\bthprops.cpl]
"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"MessengerPlus3"="C:\Programmi\MessengerPlus! 3\MsgPlus.exe" [2008-04-17 15:06 190024]
"TkBellExe"="C:\Programmi\File comuni\Real\Update_OB\realsched.exe" [2008-04-17 20:10 185896]
"QuickTime Task"="C:\Programmi\QuickTime\qttask.exe" [2008-04-21 18:01 413696]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]
"DWQueuedReporting"="C:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 09:01 437160]
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Controllo dello stato.lnk - C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe [2007-06-07 10:04:32 802816]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Programmi\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"C:\\Programmi\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programmi\\Messenger\\msmsgs.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Programmi\\uTorrent\\uTorrent.exe"=
"C:\\Programmi\\Mozilla Firefox\\firefox.exe"=
R2 ZDCNDIS5;ZDCNDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\ZDCNDIS5.sys [2007-04-19 11:16]
R3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
S3 XG762_XP;CONITECH 802.11g XG762N Driver;C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2007-04-19 11:16]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6da02af-b639-11dc-a0e5-00138ff04cf7}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(&0)\command - Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6da02b0-b639-11dc-a0e5-00138ff04cf7}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(&0)\command - Recycled\ctfmon.exe
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-08 13:48:15
Windows 5.1.2600 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\Programmi\Eset\pr_imon.dll
.
Ora fine scansione: 2008-05-08 13.48.59
ComboFix-quarantined-files.txt 2008-05-08 11:48:52
11 Directory 55,863,447,552 byte disponibili
14 Directory 57,558,962,176 byte disponibili
170 --- E O F --- 2008-04-19 11:39:32
-
Cosa mi sapete dire di questo lg? Riconosce come il suo predecessore il nome di chi ti manda un sms? Ditemi tutto!!!!!
-
Da quache giorno mi si aprono le pagine di internet da sole....in particolare se ne apre una in cui c'è scritto che il mio pc ha dei problemi e che per risolverli devo cliccare su quella pagina. Cosa può essere successo? E' inutile dire che ho fatto già varie scansioni del pc con programmi antimalware e altro...vi posto il log, se qualcuno gli può dare un'occhiata e dirmi cosa eliminare gliene sarei grata!
Logfile of HijackThis v1.99.1
Scan saved at 12.14.20, on 07/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\DOCUME~1\user\IMPOST~1\Temp\Rar$EX00.860\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [indexSearch] C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [setDefPrt] C:\Programmi\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programmi\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [nbmfrj] c:\documents and settings\user\impostazioni locali\dati applicazioni\nbmfrj.exe nbmfrj
O4 - Global Startup: Controllo dello stato.lnk = C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [iNTERNATIONAL] International*
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
-
Ho risolto grazie! Che differenza c'è tra una connessione lan NVIDIA nForce MCP Networking Controller e una lan Access Gateway USB Network Adapter? Ho una connessione adsl rosso alice...quale delle 2 reti lan devo lasciare attiva?
-
Grzie! Ora ci povo....mi sai spiegare la differenza tra un arete lan creata con Access Gateway USB Network Adapter e un arete lan creata con NVIDIA nForce MCP Networking Controller? Quale devo usare per la connessione adsl? Devono essere entrambe attive? Grazie!!
-
Salve! Mi interessava la vostra discussione così me la sono letta e ho seguito il consiglio di disattivare il mio modem interno (Conexant hsf v90 59k pci modem) ma ora come si fa a riattivarlo? Non lo trova più!!!! Io ho una connessione adsl con rosso alice, sono immune dai dialer?
-
Ho fatto tutto e ora posto i risultati:
1. Symantec Trojan.Linkoptimizer Removal Tool 1.0.8
Trojan.Linkoptimizer has not been found on your computer.
2. Lanciando la stringa control userpasswords2 compaiono i nomi Administrator e Proprietario
La versione di VirIt è la 6.1.96 (tra l’altro mi è scaduta) e questi sono i trojan che ha trovato dopo che ho fatto pulizia con i vari programmi che mi hai consigliato di installare e lanciare:
[sCANSIONE DEL REGISTRO]
OK
[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK
C:\hp\KBD\KBD.EXE Possibile variante da Trojan.Win32.Agent.DW
C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe Possibile variante da Trojan.Win32.Agent.DW
C:\Programmi\ClamWin\bin\ClamTray.exe Possibile variante da Trojan.Win32.Agent.DW
C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe Possibile variante da Trojan.Win32.Agent.DW
C:\Programmi\HP\Digital Imaging\bin\backupnotify.exe Possibile variante da Trojan.Win32.Agent.DW
C:\Programmi\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe Possibile variante da Trojan.Win32.Agent.DW
C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe Possibile variante da Trojan.Win32.Agent.DW
C:\Programmi\Multimedia Card Reader\shwicon2k.exe Possibile variante da Trojan.Win32.Agent.DW
C:\WINDOWS\system32\lzx32.sys Infetto da Trojan.Win32.Costrat.D
[D:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK
[E:]
[F:]
[H:]
BOOT SECTOR: OK
[i:]
BOOT SECTOR: OK
[J:]
BOOT SECTOR: OK
[K:]
BOOT SECTOR: OK
[L:]
BOOT SECTOR: OK
Chiavi Registro infette: 0.
Files Infetti: 9.
Files Sospetti: 0.
Files Analizzati: 128288.
Files Totali: 128288.
Chiavi Registro rimosse: 0.
Virus Rimossi: 0.
HIjackthis purtroppo in modalità provvisoria mi salva il log in un formato non riconosciuto dal mio pc perciò ti allego il log fatto in modalità normale:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 15.05.13, on 02/04/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\windows\system32\svchost.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmi\Prevx1\PXAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\VEXPLITE\viritsvc.exe
C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\VEXPLITE\MONLITE.EXE
C:\Programmi\Prevx1\PXConsole.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\VEXPLITE\viritexp.exe
C:\Programmi\Java\j2re1.4.2_03\bin\bak\jusched.exe
C:\WINDOWS\System32\HPZipm12.exe
c:\programmi\internet explorer\iexplore.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\Microsoft Office\Office10\WINWORD.EXE
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\PROPRI~1\IMPOST~1\Temp\Rar$EX01.297\HiJackThis_v2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.symantec.com/techsupp/servlet/P...;build=STANDARD
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Dati applicazioni\Prevx\pxbho.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Vista HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Programmi\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Programmi\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [updateManager] "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [sunkist2k] C:\Programmi\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKLM\..\Run: [PrevxOne] "C:\Programmi\Prevx1\PXConsole.exe"
O4 - HKCU\..\Run: [backupNotify] c:\Programmi\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\MSMSGS.EXE" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica con Download &Express - C:\Programmi\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.alice.it
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1164635504972
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Prevx Agent (PREVXAgent) - Prevx - C:\Programmi\Prevx1\PXAgent.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
--
End of file - 8789 bytes
-
Scusa, hai ragione, è questo il log in modalità normale:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 2.18.08, on 31/03/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\VEXPLITE\viritsvc.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\VEXPLITE\MONLITE.EXE
C:\Programmi\Messenger\MSMSGS.EXE
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\Programmi\Java\j2re1.4.2_03\bin\bak\jusched.exe
C:\VEXPLITE\VIRITEXP.EXE
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\PROPRI~1\IMPOST~1\Temp\Rar$EX00.875\HiJackThis_v2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.symantec.com/techsupp/servlet/P...;build=STANDARD
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Vista HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Programmi\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Programmi\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [updateManager] "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [sunkist2k] C:\Programmi\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MS System Call Function] MSSCF32.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKLM\..\Run: [tzycfa.exe] C:\DOCUME~1\PROPRI~1\IMPOST~1\Temp\tzycfa.exe
O4 - HKLM\..\RunServices: [MS System Call Function] MSSCF32.exe
O4 - HKCU\..\Run: [backupNotify] c:\Programmi\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\MSMSGS.EXE" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [MS System Call Function] MSSCF32.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MS System Call Function] MSSCF32.exe (User 'Default user')
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica con Download &Express - C:\Programmi\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.alice.it
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1164635504972
O17 - HKLM\System\CCS\Services\Tcpip\..\{2EBC1033-497D-428E-ABA1-22847122E3A7}: NameServer = 85.37.17.9 85.38.28.75
O17 - HKLM\System\CS1\Services\Tcpip\..\{2EBC1033-497D-428E-ABA1-22847122E3A7}: NameServer = 85.37.17.9 85.38.28.75
O20 - AppInit_DLLs: Prova.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
--
End of file - 8366 bytes
-
Ciao! In verità li ho eseguiti in moadlità normale entrambi e comunque virit mi è scaduto quindi trova i virus ma non li limina.....
in più ho scoperto che si sono installate 2 connesioni strane che tentavano di connettersi da sole e mi staccavano l'adsl, ora le ho eliminate. Mi puoi aiutare? puoi controllarmi il log di hijack e dirmi cosa eliminare per favore? Aspetto tue notizie! Anna
-
VirIt mi ha trovato questi virus:
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\tzycfa.exe Infetto da Trojan.Win32.Dialer.IH
C:\WINDOWS\system32\irdvxc.exe Infetto da Worm.Allaple.D
C:\WINDOWS\system32\lzx32.sys Infetto da Trojan.Win32.Costrat.D
Ma non riesco ad eliminarli....
Allora ho lanciato hijackthis...Per favore mi controllate questo log?
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 16.33.10, on 30/03/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\PROPRI~1\IMPOST~1\Temp\Rar$EX00.781\HiJackThis_v2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.symantec.com/techsupp/servlet/P...;build=STANDARD
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Vista HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Programmi\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Programmi\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [updateManager] "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [sunkist2k] C:\Programmi\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MS System Call Function] MSSCF32.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKLM\..\Run: [tzycfa.exe] C:\DOCUME~1\PROPRI~1\IMPOST~1\Temp\tzycfa.exe
O4 - HKLM\..\RunServices: [MS System Call Function] MSSCF32.exe
O4 - HKCU\..\Run: [backupNotify] c:\Programmi\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\MSMSGS.EXE" /background
O4 - HKUS\S-1-5-18\..\Run: [MS System Call Function] MSSCF32.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MS System Call Function] MSSCF32.exe (User 'Default user')
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ?
O4 - Global Startup: Digisoft AntiDialer.lnk = C:\Programmi\Digisoft AntiDialer\AntiDialer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica con Download &Express - C:\Programmi\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.alice.it
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1164635504972
O20 - AppInit_DLLs: Prova.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
--
End of file - 7767 bytes
-
in Nokia
Fa niente, grazie lo stesso!!! Comunque non mi sta dando più problemi....speriamo bene!!!
-
in Nokia
L'ho subito scaricato anche in italiano e funziona benissimo ora pc suit! Ho già fatto una copia di backup ieri....comunque ho letto un paio di discussioni sul forum di wininizio riguardo il mio problema dello schermo e parlavano di un gommino che si sposta come conseguenza alle cadute...dici che potrebbe essere questo? Ho letto che basta aprire il telefono, individuare questo gommino che ha funzione isolante e tutto funziona come prima....sai come posso capire di quale gommino si tratta?
-
in Nokia
Ho instalto questa versione ma è in inglese....comunque ora legge correttamente il cellulare! Per quanto riguarda il problema che si spegne non so dire per quanto tempo resta spento...per pochissimo...qualche secondo...sarà perchè in uesti giorni mi è caduta 2 volte a terra la borsa in cui lo tenevo???? che faccio???
-
in Nokia
Aiuto!!!! Pc Suit non "legge" più nel cellualre! Praticamente si è fernmato a quest'estate, vede i messaggi vecchi e no quelli nuovi! Che faccio??
In più oggi il cellualre, 6630, si spegne e si riaccende da solo abbastanza di continuo, che si fa? In pratica diventa bianco lo schermo con solo la scritta NOKIA e si riaccende senza il logo della Nokia (quello delle mani per intenderci), che faccio Spiug?
-
Allora quando hai tempo dilettati pure a creare un sw del genere!
Ho già inoltrato una richiesta del genere a quel sito ma niente....per la fattura invece la conatterà al più presto il mio ufficio amministrativo per chiederle i dati per il bonifico! Grazie di tutto!
-
Che voi sappiate c'è un modo per "commissionare" la realizzazione di software per symbian? Stò ancora cercando un sw che avvisi in qualsiasi modo quando il cellulare è fuori copertura ma non lo trovo....ho trovato i sw più assurdi e inutili ma quello proprio no! Un Siemens che ho per esempio avvisa con una lucetta...altri con un suono....a me basta che il mio 6630 mi avvisi in qualunque modo! Chiedo troppo?
Ah, come si fa a mettere una foto come sfondo coprendo però tutto il display? sapete se c'è un modo o un software per farlo? Poi mi mandate la fattura per queste consulenze!
Grazie!
-
Avevo letto una recensione che gli attribuiva 11 giorni di autonomia....a me dura circa 3 giorni. Grazie ancora per la tua consulenza Spiug!!! Ma c'è un modo per "commissionare" la realizzazione di software per symbian? Stò ancora cercando un sw che avvisi in qualsiasi modo quando il cellulare è fuori copertura ma non lo trovo....ho trovato i sw più assurdi e inutili ma quello proprio no! Un Siemens che ho per esempio avvisa con una lucetta...altri con un suono....a me basta che il mio 6630 mi avvisi in qualunque modo! Chiedo troppo?
Ah, come si fa a mettere una foto come sfondo coprendo però tutto il display? sai se c'è un modo o un sw per farlo? Poi mi mandi la fattura per queste consulenze!
Grazie ancora!
-
Purtroppo non funzionava così ho scaricato la versione per il 6630 dal sito della Nokia e ora funziona, grazie! Ma che differenza c'è tra la rete duale e quella GSM? Ora l'ho impostata su GSM, magari la batteria mi dura di più (ora ricarico ogni 2 o 3 giorni e non 11 come riporta il produttore). Con la rete GSM posso trasmettere e ricevere mms?
-
Grazie Spiug per la tua celerità e il tuo aiuto! Proverò ad istallarlo....speriamo funzioni anche sul mio 6630 perchè ho visto che è per l'N70. Ti farò sapere!
in LG Electronics
Inviato
Allora? Possibile che nessuno sappia aiutatmi? non ci credo!