lallyk

WinGirls
  • Numero contenuti

    19
  • Iscritto

  • Ultima visita

Tutti i contenuti di lallyk

  1. salve a tutti, recentemente ho notato un notevole rallentamento del mio pc, in particolare di firefox, forse dovuto al fatto che molto spesso si aprono pop up di spam indesiderati. ho effettuato tutte le operazioni necessarie (ccleaner, combofix, malwarebytes, ecc) tranne kaspersky che purtroppo mi dice che non è disponibile la scan on line. comunque l'antivirus non rileva alcun virus. detto questo allego il log di hijack e combofix sperando che possa esere utile. hijack Logfile of HijackThis v1.99.1 Scan saved at 18.56.28, on 26/04/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programmi\File comuni\ArcSoft\Connection Service\Bin\ACService.exe C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe C:\Programmi\Bonjour\mDNSResponder.exe C:\WINDOWS\RTHDCPL.EXE C:\Programmi\D-Link\AirPlus XtremeG DWL-G122\AirGCFG.exe C:\Programmi\Java\jre6\bin\jqs.exe C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Programmi\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe C:\Programmi\ATI Technologies\ATI.ACE\CLI.EXE C:\Programmi\Roxio Creator 2009\5.0\CPMonitor.exe C:\WINDOWS\system32\rundll32.exe C:\Programmi\File comuni\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Programmi\File comuni\Java\Java Update\jusched.exe C:\Programmi\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\documents and settings\lally\impostazioni locali\dati applicazioni\iyldcp.exe C:\Programmi\3M\PSNLite\PsnLite.exe C:\Programmi\MSI\ArcSoft TotalMedia\TMMonitor.exe C:\PROGRA~1\3M\PSNLite\PSNGive.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe C:\Programmi\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe C:\WINDOWS\system32\PSIService.exe C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Programmi\iPod\bin\iPodService.exe C:\Programmi\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe C:\Programmi\ATI Technologies\ATI.ACE\cli.exe C:\Documents and Settings\Lally\Documenti\Altro\hijack\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Programmi\WS_FTP Pro\wsbho2K0.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programmi\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programmi\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programmi\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [D-Link AirPlus XtremeG DWL-G122] C:\Programmi\D-Link\AirPlus XtremeG DWL-G122\AirGCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Programmi\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Programmi\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [ISUSPM] "C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKLM\..\Run: [RoxWatchTray] "C:\Programmi\File comuni\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe" O4 - HKLM\..\Run: [CPMonitor] "C:\Programmi\Roxio Creator 2009\5.0\CPMonitor.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Programmi\File comuni\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [iyldcp] "c:\documents and settings\lally\impostazioni locali\dati applicazioni\iyldcp.exe" iyldcp O4 - Startup: TMMonitor.lnk = C:\Programmi\MSI\ArcSoft TotalMedia\TMMonitor.exe O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Programmi\3M\PSNLite\PsnLite.exe O8 - Extra context menu item: Aggiungi a PDF esistente - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Aggiungi destinazione link a PDF esistente - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: Barra di ricerca di Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O10 - Unknown file in Winsock LSP: c:\programmi\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International O11 - Options group: [TABS] Tabbed Browsing O13 - Gopher Prefix: O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1253807964593 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1253807948031 O17 - HKLM\System\CCS\Services\Tcpip\..\{A758098C-5503-4065-B400-4B8F722211BE}: NameServer = 212.216.112.112,212.216.172.62 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Programmi\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll O20 - AppInit_DLLs: acaptuser32.dll O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Programmi\File comuni\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Programmi\Java\jre6\bin\jqs.exe" -service -config "C:\Programmi\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) O23 - Service: Norton Internet Security - Unknown owner - C:\Programmi\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Programmi\Norton Internet Security\Engine\16.8.0.41\diMaster.dll" /prefetch:1 (file missing) O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Programmi\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Programmi\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe combofix ComboFix 10-04-26.02 - Lally 26/04/2010 21.48.59.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2943.2527 [GMT 2:00] Eseguito da: c:\documents and settings\Lally\Documenti\Immagini\ComboFix.exe AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !! . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Lally\Impostazioni locali\Dati applicazioni\iyldcp.dat c:\documents and settings\Lally\Impostazioni locali\Dati applicazioni\iyldcp.exe c:\documents and settings\Lally\Impostazioni locali\Dati applicazioni\iyldcp_nav.dat c:\documents and settings\Lally\Impostazioni locali\Dati applicazioni\iyldcp_navps.dat c:\documents and settings\Lally\Menu Avvio\Programmi\Esecuzione automatica\TMMonitor.lnk c:\windows\eSellerateEngine.dll c:\windows\ktkm2.dll c:\windows\ktkm3.dll c:\windows\ktkm34.dll c:\windows\ktkm36.dll c:\windows\ktkm4.dll c:\windows\ktkm8.dll . ((((((((((((((((((((((((( Files Creati Da 2010-03-26 al 2010-04-26 ))))))))))))))))))))))))))))))))))) . 2010-04-26 18:36 . 2010-04-26 18:36 -------- d-----w- c:\documents and settings\Lally\Dati applicazioni\IObit 2010-04-26 18:36 . 2010-04-26 18:36 -------- d-----w- c:\programmi\IObit 2010-04-26 18:32 . 2010-04-26 18:32 -------- d-----w- c:\documents and settings\Lally\Dati applicazioni\Malwarebytes 2010-04-26 18:31 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-26 18:30 . 2010-04-26 18:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes 2010-04-26 18:30 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-26 18:30 . 2010-04-26 18:31 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware 2010-04-26 16:52 . 2010-03-25 08:00 84912 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100426.003\NAVENG.SYS 2010-04-26 16:52 . 2010-03-25 08:00 371248 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100426.003\EECTRL.SYS 2010-04-26 16:52 . 2010-03-25 08:00 2747440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100426.003\CCERASER.DLL 2010-04-26 16:52 . 2010-03-25 08:00 259440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100426.003\ECMSVR32.DLL 2010-04-26 16:52 . 2010-03-25 08:00 177520 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100426.003\NAVENG32.DLL 2010-04-26 16:52 . 2010-03-25 08:00 1647984 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100426.003\NAVEX32A.DLL 2010-04-26 16:52 . 2010-03-25 08:00 1324720 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100426.003\NAVEX15.SYS 2010-04-26 16:52 . 2010-03-25 08:00 102448 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100426.003\ERASER.SYS 2010-04-24 12:14 . 2010-03-05 17:55 811896 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\Scxpx86.dll 2010-04-24 12:14 . 2010-03-05 17:55 488312 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSxpx86.dll 2010-04-24 12:14 . 2010-03-05 17:55 343088 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSvix86.sys 2010-04-24 12:14 . 2010-03-05 17:55 329592 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSXpx86.sys 2010-04-24 12:14 . 2010-03-05 17:55 466992 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSviA64.sys 2010-04-06 15:20 . 2010-04-06 15:20 -------- d-----w- c:\documents and settings\Lally\Dati applicazioni\inkscape 2010-04-06 14:56 . 2010-04-06 15:17 -------- d-----w- c:\programmi\Inkscape 2010-03-31 19:51 . 2010-03-31 19:51 -------- d-----w- c:\programmi\iPod 2010-03-31 19:47 . 2010-03-31 20:16 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-03-31 19:25 . 2010-03-31 19:25 -------- d-----w- c:\programmi\QuickTime 2010-03-31 19:18 . 2010-03-31 19:18 -------- d-----w- c:\programmi\Bonjour 2010-03-31 19:14 . 2010-03-31 19:14 73000 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\iTunes 9.1.0.79\SetupAdmin.exe 2010-03-31 19:06 . 2010-03-31 19:06 79144 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe 2010-03-31 16:35 . 2010-03-31 16:35 -------- d-----w- c:\programmi\File comuni\Java 2010-03-31 16:34 . 2010-03-31 16:34 503808 ----a-w- c:\documents and settings\Lally\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4a388a65-n\msvcp71.dll 2010-03-31 16:34 . 2010-03-31 16:34 499712 ----a-w- c:\documents and settings\Lally\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4a388a65-n\jmc.dll 2010-03-31 16:34 . 2010-03-31 16:34 348160 ----a-w- c:\documents and settings\Lally\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4a388a65-n\msvcr71.dll 2010-03-31 16:34 . 2010-03-31 16:34 61440 ----a-w- c:\documents and settings\Lally\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-10e83ff2-n\decora-sse.dll 2010-03-31 16:34 . 2010-03-31 16:34 12800 ----a-w- c:\documents and settings\Lally\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-10e83ff2-n\decora-d3d.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-26 19:34 . 2009-09-24 18:41 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Sonic 2010-04-16 14:43 . 2009-09-24 11:21 176880 ----a-w- c:\documents and settings\Default User\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT 2010-04-14 15:38 . 2009-09-24 18:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help 2010-04-13 13:43 . 2009-09-24 17:28 10 ----a-w- c:\windows\popcinfo.dat 2010-04-10 10:57 . 2009-09-28 15:46 848 --sha-w- c:\windows\system32\KGyGaAvL.sys 2010-03-31 20:16 . 2009-09-25 00:12 -------- d-----w- c:\programmi\iTunes 2010-03-31 19:49 . 2009-09-25 00:10 -------- d-----w- c:\programmi\File comuni\Apple 2010-03-31 19:10 . 2009-09-28 12:41 -------- d-----w- c:\programmi\Safari 2010-03-31 16:33 . 2009-10-23 14:13 -------- d-----w- c:\programmi\Java 2010-03-28 06:49 . 2001-08-31 11:00 84020 ----a-w- c:\windows\system32\perfc010.dat 2010-03-28 06:49 . 2001-08-31 11:00 488582 ----a-w- c:\windows\system32\perfh010.dat 2010-03-27 10:14 . 2010-03-26 18:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Symantec 2010-03-26 21:53 . 2010-03-26 18:50 -------- d-----w- c:\programmi\File comuni\Symantec Shared 2010-03-26 21:30 . 2010-03-26 18:50 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF 2010-03-26 21:30 . 2010-03-26 18:50 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT 2010-03-26 21:30 . 2010-03-26 18:50 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL 2010-03-26 21:30 . 2010-03-26 18:50 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2010-03-26 21:30 . 2010-03-26 18:50 -------- d-----w- c:\programmi\Symantec 2010-03-26 21:29 . 2010-03-26 18:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NortonInstaller 2010-03-26 19:00 . 2010-03-26 18:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Norton 2010-03-26 19:00 . 2010-03-26 19:00 796016 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll 2010-03-26 18:50 . 2010-03-26 18:50 1290592 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\SyKnAppS.dll 2010-03-26 18:50 . 2010-03-26 18:50 136840 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\patch25.dll 2010-03-26 18:50 . 2010-03-26 18:50 -------- d-----w- c:\programmi\Norton Internet Security 2010-03-26 18:50 . 2010-03-26 18:50 -------- d-----w- c:\programmi\Windows Sidebar 2010-03-26 18:50 . 2010-03-26 18:50 -------- d-----w- c:\programmi\NortonInstaller 2010-03-10 20:30 . 2009-09-24 22:43 -------- d-----w- c:\documents and settings\Lally\Dati applicazioni\Any Video Converter 2010-03-10 06:15 . 2008-11-14 09:05 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-03-09 02:28 . 2009-10-23 14:14 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-03-05 17:55 . 2010-03-26 19:14 811896 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll 2010-03-05 17:55 . 2010-03-26 19:14 488312 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll 2010-03-05 17:55 . 2010-03-26 19:14 343088 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys 2010-03-05 17:55 . 2010-03-26 19:14 329592 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys 2010-03-05 17:55 . 2010-03-26 19:14 466992 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys 2010-03-05 00:10 . 2009-09-25 00:29 1576776 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat 2010-03-03 21:49 . 2010-03-03 21:49 50354 ----a-w- c:\documents and settings\Lally\Dati applicazioni\Facebook\uninstall.exe 2010-03-03 21:49 . 2010-03-03 21:49 -------- d-----w- c:\documents and settings\Lally\Dati applicazioni\Facebook 2010-03-02 12:58 . 2009-09-24 20:04 704 ----a-w- C:\Dionakra.DAT 2010-02-26 06:41 . 2010-02-26 06:41 847040 ----a-w- c:\documents and settings\Lally\Dati applicazioni\Facebook\axfbootloader.dll 2010-02-26 06:41 . 2010-02-26 06:41 5582848 ----a-w- c:\documents and settings\Lally\Dati applicazioni\Facebook\npfbplugin_1_0_3.dll 2010-02-25 06:16 . 2008-11-14 09:06 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 11:57 . 2008-11-14 09:04 457216 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-16 18:59 . 2008-11-14 09:05 2193792 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 18:59 . 2008-08-14 17:25 2070656 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-12 16:41 . 2010-04-26 19:47 558448 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll 2010-02-12 10:03 . 2010-03-07 20:11 293376 ------w- c:\windows\system32\browserchoice.exe 2010-02-12 09:46 . 2010-02-12 09:46 91424 ----a-w- c:\windows\system32\dnssd.dll 2010-02-12 09:46 . 2010-02-12 09:46 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-02-12 04:28 . 2008-04-13 16:13 100864 ----a-w- c:\windows\system32\6to4svc.dll 2010-02-11 11:36 . 2008-11-14 09:05 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys 2010-02-01 18:20 . 2010-04-26 19:46 165240 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll . ------- Sigcheck ------- [-] 2008-11-14 . 5AE1C2695F6523AD98B948F2887D8C5E . 361600 . . [5.1.2600.5649] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-11-14 . 902E0A75C51196A82BED9CC0E3AC8756 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 3"="c:\programmi\IObit\Advanced SystemCare 3\AWC.exe" [2010-03-29 2343120] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-13 208952] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168] "RTHDCPL"="RTHDCPL.EXE" [2006-06-28 16248320] "SkyTel"="SkyTel.EXE" [2006-05-16 2879488] "ATICCC"="c:\programmi\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112] "PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016] "D-Link AirPlus XtremeG DWL-G122"="c:\programmi\D-Link\AirPlus XtremeG DWL-G122\AirGCFG.exe" [2008-12-18 1556480] "ANIWZCS2Service"="c:\programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152] "Adobe Acrobat Speed Launcher"="c:\programmi\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232] "Acrobat Assistant 8.0"="c:\programmi\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376] "ISUSPM"="c:\programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" [2006-05-16 213936] "RoxWatchTray"="c:\programmi\File comuni\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe" [2008-08-13 240112] "CPMonitor"="c:\programmi\Roxio Creator 2009\5.0\CPMonitor.exe" [2009-04-20 84464] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 110592] "ArcSoft Connection Service"="c:\programmi\File comuni\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2008-01-16 72192] "AdobeCS4ServiceManager"="c:\programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-02-18 248040] "QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2010-03-17 421888] "iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2010-03-25 142120] c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\ Post-it© Software Notes Lite.lnk - c:\programmi\3M\PSNLite\PsnLite.exe [2004-10-15 2080768] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\acaptuser32.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Programmi\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programmi\\File comuni\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Programmi\\eMule\\emule.exe"= "c:\\Programmi\\Bonjour\\mDNSResponder.exe"= "c:\\Programmi\\iTunes\\iTunes.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1008000.029\SymEFA.sys [26/03/2010 23.30.01 310320] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1008000.029\BHDrvx86.sys [26/03/2010 23.30.01 259632] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1008000.029\cchpx86.sys [26/03/2010 23.29.37 482432] R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSXpx86.sys [24/04/2010 14.14.20 329592] R2 Norton Internet Security;Norton Internet Security;c:\programmi\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe [26/03/2010 23.29.46 117640] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programmi\File comuni\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [26/03/2010 21.14.46 102448] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24/09/2009 19.40.42 721904] S2 Roxio Upnp Server 11;Roxio Upnp Server 11;c:\programmi\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe [14/08/2008 0.25.24 367088] S2 RoxLiveShare11;LiveShare P2P Server 11;c:\programmi\File comuni\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe [14/08/2008 0.24.06 309744] S2 RoxWatch11;Roxio Hard Drive Watcher 11;c:\programmi\File comuni\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe [14/08/2008 0.24.02 170480] S3 3xHybrid;Pinnacle PCTV 110i service;c:\windows\system32\drivers\3xHybrid.sys [24/09/2009 15.19.09 827008] S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;c:\programmi\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe [14/08/2008 0.25.20 313840] S3 RoxMediaDB11;RoxMediaDB11;c:\programmi\File comuni\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [04/03/2009 4.58.36 1122304] . Contenuto della cartella 'Scheduled Tasks' 2010-04-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . . ------- Scansione supplementare ------- . uStart Page = hxxp://www.google.it/ uInternet Settings,ProxyOverride = local;*.local IE: Aggiungi a PDF esistente - c:\programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Aggiungi destinazione link a PDF esistente - c:\programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Converti destinazione link in Adobe PDF - c:\programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Converti in Adobe PDF - c:\programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 TCP: {A758098C-5503-4065-B400-4B8F722211BE} = 212.216.112.112,212.216.172.62 FF - ProfilePath - c:\documents and settings\Lally\Dati applicazioni\Mozilla\Firefox\Profiles\45ya4lja.default\ FF - prefs.js: browser.startup.homepage - hxxp://it.msn.com/?ocid=iehp FF - component: c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll FF - component: c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll FF - component: c:\documents and settings\Lally\Dati applicazioni\Mozilla\Firefox\Profiles\45ya4lja.default\extensions\piclens@cooliris.com\components\coolirisstub.dll FF - plugin: c:\documents and settings\Lally\Dati applicazioni\Facebook\npfbplugin_1_0_3.dll FF - plugin: c:\documents and settings\Lally\Dati applicazioni\Mozilla\Firefox\Profiles\45ya4lja.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll FF - plugin: c:\documents and settings\Lally\Dati applicazioni\Mozilla\plugins\npcoolirisplugin.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pre f", true); c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . - - - - CHIAVI ORFANE RIMOSSE - - - - HKCU-Run-iyldcp - c:\documents and settings\lally\impostazioni locali\dati applicazioni\iyldcp.exe AddRemove-iyldcp - c:\documents and settings\lally\impostazioni locali\dati applicazioni\iyldcp.exe AddRemove-{6304587B-3C05-4031-A8E7-7938CB9162E7}_is1 - c:\programmi\meta-iPod ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-04-26 21:55 Windows 5.1.2600 Service Pack 3 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security] "ImagePath"="\"c:\programmi\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\programmi\Norton Internet Security\Engine\16.8.0.41\diMaster.dll\" /prefetch:1" . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- [HKEY_USERS\S-1-5-21-1292428093-484061587-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID] @Denied: (Full) (LocalSystem) [HKEY_USERS\S-1-5-21-1292428093-484061587-1644491937-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:f3,4a,19,66,f5,f3,18,ef,17,89,db,bd,0f,ce,70,1e,84,d6,63,b5,8a,42,ff, 2c,1a,64,77,a3,03,98,a8,20,f9,e8,9f,08,0f,11,8b,da,27,a7,24,61,fe,e5,78,d4,\ "??"=hex:21,8c,66,7a,88,f0,b0,76,42,f3,52,cc,cd,ed,d7,29 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*] "0140710900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- Dlls caricate dai processi in esecuzione --------------------- - - - - - - - > 'winlogon.exe'(636) c:\windows\system32\Ati2evxx.dll . Ora fine scansione: 2010-04-26 21:58:07 ComboFix-quarantined-files.txt 2010-04-26 19:58 Pre-Run: 56.674.603.008 byte disponibili Post-Run: 56.668.717.056 byte disponibili - - End Of File - - 3750975A15BCDFBE03043F858597D468 grazie in anticipo
  2. adesso va molto meglio grazie!!
  3. infatti sembra che ho risolto ho fatto tutta la procedura ecco il log hijackthis.log
  4. ciao a tutti, vorrei acquistare un cellulare nuovo ma sono un po' indecisa...ho visto in giro il nokia 7373 che oltre ad essere molto molto carino sembra avere anke abbastanza funzionalità, solo che nn ha il symbian...l'unica cosa che mi interessa a me però è che sia in grado di aprire ed installare i file .jar!? help mee!! grazie in anticipo!!
  5. ciao a tutti, tempo fa ho aperto una discussione sul 7373 ma alla fine ho deciso di acquistare l'n73. lo ho solo da un giorno ma ho notato uno strano problema (se cosi si puo kiamare!!) riguardo la rubrica. ho copiato i numeri dalla sim sul cellulare, ma quando mi kiama un numero di casa nn mi visualizza il nome..mentre se mi kiama un numero di cellulare sì...! se sapete aiutarmi, ne sarei molto grata!!
  6. ciao a tutti! in questi giorni mi sono accorta che il mio pc è piuttosto lento del solito, così oggi ho fatto un po' di pulizia con Ccleaner e Free Registry Cleaner e ho fatto una scansione con Hijack, la posto per un controllo..(l'ho fatta in modalità provvisoria): Logfile of HijackThis v1.99.1 Scan saved at 12.09.16, on 09/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Administrator\Documenti\hijack\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.msn.com/ O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Programmi\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Programmi\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROProj.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CCS\Services\Tcpip\..\{6EECCC12-B8BC-4F93-B35D-5B11BADFB96F}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CS2\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CS3\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - (no file) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmi\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmi\Norton Internet Security\comHost.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Programmi\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
  7. ok, grazie!! allora vedo di eliminare qualke file superfluo ^^
  8. scusate x l'assenza! cmq ho letto che dovevo fare la scansione in modalità normale ed ecco il log: Logfile of HijackThis v1.99.1 Scan saved at 23.36.55, on 18/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\Programmi\File comuni\Symantec Shared\ccProxy.exe C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxWatch.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programmi\Canon\CAL\CALMAIN.exe C:\WINDOWS\RTHDCPL.EXE C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\Programmi\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\NCLAUNCH.EXe C:\Programmi\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe C:\Programmi\File comuni\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Programmi\MSN Messenger\usnsvc.exe C:\Programmi\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Documents and Settings\Administrator\Documenti\hijack\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.msn.com/ O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Programmi\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Programmi\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROProj.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CCS\Services\Tcpip\..\{6EECCC12-B8BC-4F93-B35D-5B11BADFB96F}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CS2\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CS3\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - (no file) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmi\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmi\Norton Internet Security\comHost.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Programmi\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
  9. ciao a tutti.. avrei bisogno urgentemente di un dizionario x cell..premetto che ho 2 cell (e meno male che ne ho 2!!mi sa che sn 1 peggio dell'altro ) ovvero 1 samsung sgh-p910 (nuovo tvfonino della 3) e 1 sony ericsson z520i cn la scheda tim (1po + vekkiotto..ma buono). Ho scaricato slovoed da 1 sito in cui diceva che l'applicazione sarebbe stata compatibile cn qualsiasi cell cn il supporto java (che di fatto hanno entrambi i cell). cn il samsung ho passato l'applicazione .jar cn il programma originale del cell samsung pc studio 3 ma purtroppo nn facendomi creare altre cartelle il file l'ho dovuto mettere x forza nella cartella "altro" e quando vado ad aprire il file nel cell mi dice "impossibile aprire tipo di file nn supportato" . cn il sony ericsson sembra che ho fatto 1 passo avanti, ma nn va ugualmente.. ho passato il file .jar cn la penna usb bluetooth e nonostante anke qsta volta il file l'ho dovuto mettere x forza nella cartella "altro" qndo apro il file sul cell me lo sposta automaticamente nella cartella applicazioni ( e lo ha anke installato). ma qndo lo apro mi dice che "x la prima volta x il corretto funzionamento dell'applicazione è rikiesta la connessione ad internet" cosi do l'ok, e mi da una scelta tra "compra" e "prova". ho clikkato su "prova" (xke so che la versione prova di slovoed funziona cmq, compare solo 1 msg fastidioso ogni tanto) ma mi dice "impossibile collegarsi al server controllare le impostazioni di connessione java internet" ho visto i profili internet java e c sono : mms gsm, mms gprs, tim, tim gprs. ho provato cn tutti ma nn va! devo creare 1 nuovo profilo e 1 nuovo account??mi consigliate 1 altro vocabolario?? x favore help me.. :sigh: grazie x l'attenzione
  10. ok infatti volevo solo sapere se era consentita la firma con l'immagine del banner !! beh scusa siamo andati fuori topic!
  11. benee mi devo comprare il terzo??? :bored: comunque credo che davvero il programma sia troppo pesante per il sony ericsson dato che è un semplice z520, ma secondo me il samsung potrebbe farcela (e che k :locked: ! il nuovo tivufonino uscito a febbraio...!) se solo aprisse i jar!! ho letto anche su questo forum che i jar non li apre nessun samsung, e ci sono dei metodi particolari e dei codici da inserire per ovviare al problema...ma a quanto pare per il p910 ancora lo devono inventare!!! :sigh: grazie cmq! cmq volevo sapere se è consentito mettere il banner del proprio sito accanto alla firma
  12. novità....oggi ho trovato sul "mulo" il file midp20_slovoed.jar che mi ha scaricato, l'ho passato sempre sul sony ericsson e me l'ha installato. Questa volta si è connesso ad internet senza fare nessun messagio di errore, solo che per tradurre ogni parola si connette ad internet..io pensavo che si connetteva solo per "acquisire" la versione prova...e così per provare 3 o 4 parole ho quasi finito il credito Insomma, possibile che non trovo il programma giusto?? :sigh:
  13. Quando apro l'applicazione, dopo averla installata (nel sony ericsson) mi da 3 opzioni: compra, prova, registra. Quando vado sia su prova che registra dice che vuole connettersi ad internet, mentre quando vado su registra mi dice di inserire una key..ma secondo me se la inserisco mi riporta alla schermata che devo connettermi!e comunque le key per slovoed non si trovano dato che tutti lo usano senza problemi in versione prova..!Comunque, se trovi il file jar completo..puoi darmi il link..?.. ps. una cosa che non c'entra ma non so dove chiedere..se metto il banner del mio sito accanto alla firma è "spam"??
  14. ..neanche a passo di mulo ho trovato niente!! non so quanti ne ho scaricati..ma sono tutti .sis (per i symbian..giusto??) che nessuno dei 2 cell supporta, non me li apre. comunque il samsung ti sembra in gamba ma non lo è...non apre nessun file .jar, mentre il sony ericsson sì, infatti oggi ho installato un gioco sempre in jar e mi funziona. quindi se qualcuno riesce a trovare la versione intera java senza bisogno di connessione o sa come impostare le impostazioni di connessione java mi sarebbe di grande aiuto!! grazie per l'attenzione, aspetto risposte!!
  15. Mi scuso innanzitutto per il linguaggio sms (ma sono abituata!!) Comunque nel Sony Ericsson ho una scheda TIM (con la quale riesco a "wappare") e nel Samsung ho la scheda 3 (non funzionerebbero altre..ho aderito ad una promozione). Il dizionario che cercavo di installare, Slovoed, traduce 5 lingue (inglese, francese, tedesco, spagnolo e portoghese) e mi servirebbe soprattutto per inglese, francese e tedesco!! Spero di essere stata chiara..E spero soprattutto di risolvere anche se ne dubito
  16. ciao a tutti, premetto che è la seconda volta che mi accade 1 problema del genere..ma stavolta nn riesco a risolvere!! credo che il problema stia nel fatto che mio fratello ha scaricato 1 file .zip da emule (che era 1 fake) e ha installato "bitdownload" <_< ..da allora internet explorer è lento e mi apre automaticamente finestre popup che pubblicizzano sempre cose diverse. Ho fatto pulizia con Ccleaner e Eusing Free Registry Cleaner, ma nn ho risolto. Inoltre ho Norton Internet Security 2006 e nn mi ha rilevato nessun virus..e dal log di hijack nn sembra ci sia qualcosa in particolare ma lascio fare agli esperti!! Logfile of HijackThis v1.99.1 Scan saved at 23.57.51, on 10/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\Programmi\File comuni\Symantec Shared\ccProxy.exe C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxWatch.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programmi\Canon\CAL\CALMAIN.exe C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\WINDOWS\RTHDCPL.EXE C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\Programmi\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Internet Explorer\iexplore.exe c:\progra~1\intern~1\iexplore.exe C:\Programmi\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe C:\Programmi\File comuni\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\Programmi\MSN Messenger\usnsvc.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Programmi\MSN Messenger\livecall.exe C:\Documents and Settings\Administrator\Documenti\hijack\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Programmi\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [win ante shim grid] C:\Documents and Settings\All Users\Dati applicazioni\2 Logo Win Ante\FlapBlue.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bind burn] C:\DOCUME~1\ADMINI~1\DATIAP~1\KNOBBL~1\Send five hope.exe O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Programmi\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROProj.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CCS\Services\Tcpip\..\{6EECCC12-B8BC-4F93-B35D-5B11BADFB96F}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CS2\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CS3\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - (no file) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmi\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmi\Norton Internet Security\comHost.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Programmi\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe Ciao e grazie in anticipo!
  17. ciao a tutti! aiutoo ho 1 problema.... mi si aprono automaticamente alcune pagine di internet explorer dicendo che ho 1 virus e che x risolverlo devo installare winantivirus.. <_< ma so che in realtà questo è 1 ulteriore virus..poi qndo si aprono qste pagine norton internet security mi avvisa che vuole cambiare home page e che ho 1 virus "winfixer" a cui è stato negato l'accesso.... ho fatto la scansione e mi ha trovato 5 virus che ha risolto ma il problema persiste sempre qndo sn connessa ad internet.. :sigh: questo è il log di hijakthis..ho gia fixato alcuni sospetti ma niente da fare...inoltre da qndo ho questo problema il pc sembra +lento e sopratutto msn messenger si blocca spesso.. ho provato anke a disinstallarlo e reinstallarlo...ho anke fatto il punto di ripristino di una settimana indietro ma niente.. x favore help me!! Logfile of HijackThis v1.99.1 Scan saved at 17.15.39, on 13/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\Programmi\File comuni\Symantec Shared\ccProxy.exe C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programmi\Canon\CAL\CALMAIN.exe C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\rundll32.exe C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\WINDOWS\svchost.exe C:\Programmi\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\Programmi\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Documents and Settings\Administrator\Documenti\hijack\HijackThis.exe C:\Programmi\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.msn.com/ O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Programmi\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROProj.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O12 - Plugin for .mid: C:\Programmi\Internet Explorer\PLUGINS\npvmidi.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CCS\Services\Tcpip\..\{6EECCC12-B8BC-4F93-B35D-5B11BADFB96F}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CS2\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CS3\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing) O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmi\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmi\Norton Internet Security\comHost.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe questo è il link dell immagine della pagina che mi compare... http://i81.photobucket.com/albums/j238/lallyk/Immagine.jpg grazie in anticipo!
  18. ciao, volevo dire che ora è tutto ok....graziee questo è il log dopo che ho risolto : Logfile of HijackThis v1.99.1 Scan saved at 18.38.10, on 13/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\Programmi\File comuni\Symantec Shared\ccProxy.exe C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programmi\Canon\CAL\CALMAIN.exe C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\rundll32.exe C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\Programmi\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Administrator\Documenti\hijack\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Programmi\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROProj.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O12 - Plugin for .mid: C:\Programmi\Internet Explorer\PLUGINS\npvmidi.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CCS\Services\Tcpip\..\{6EECCC12-B8BC-4F93-B35D-5B11BADFB96F}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CS2\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O17 - HKLM\System\CS3\Services\Tcpip\..\{054C214F-66AB-4005-89A4-D5CD20A4B52E}: NameServer = 212.216.112.112,212.216.172.62 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - (no file) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmi\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmi\Norton Internet Security\comHost.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe byebye
  19. grazie 1000 ora provo a fare tutto..ti farò sapere...bye ;-)