|
| HOMEPAGE | INDICE FORUM | REGOLAMENTO | ::. | NEI PREFERITI | .:: | RSS Forum | RSS News | NEWS web | NEWS software | |
| PUBBLICITA' | | | ARTICOLI | WIN XP | VISTA | WIN 7 | REGISTRI | SOFTWARE | MANUALI | RECENSIONI | LINUX | HUMOR | HARDWARE | DOWNLOAD | | | CERCA nel FORUM » | |
16-08-2006, 17.20.25 | #61 |
Newbie
Registrato: 15-08-2006
Loc.: Udine
Messaggi: 6
|
|
16-08-2006, 21.12.23 | #62 |
Hero Member
Registrato: 11-04-2001
Loc.: vicenza
Messaggi: 921
|
a questo punto penso sia meglio un bel format...
|
17-08-2006, 12.01.27 | #63 |
Gold Member
Top Poster
Registrato: 03-05-2001
Loc.: Trapani
Messaggi: 11.639
|
rifai il log e postalo... l'eliminazione delle righe consigliate da crazy.cat non portano a problemi simili, piuttosto mi sembra che l'ospite sia in compagnia e sta cercando di sopravvivere
PS: il tuo explorer.exe che data ha e che versione è?? che SO hai installato?? hai effettuato l'update?? fino a quale KB??
___________________________________
... questi politicanti, ex fascisti, ex leghisti, piduisti a tempo pieno usano la crisi per rafforzare il loro potere ed eliminare gli altri, dalla magistratura, al Parlamento, alla Corte dei conti, alla presidenza della Repubblica.... Beppe Grillo |
28-08-2006, 14.57.57 | #64 |
Newbie
Registrato: 28-08-2006
Messaggi: 1
|
salve a tutti,
sono incappata in questo forum perchè anche io ho questo problema di XXX ADULT KEY... vi prego aiutatemi. ho già fatto la scansioen con hijack e ho rimosso i file in rosso che il sito di hijack mi consigliava di togliere. Ora quei file che hijack segnbala in rosso non ci sono più ma la maledetta finsetra di XXX ADULT KEY continua a esserci ancora!!! Vi prego ditemi qualcosa, sto scrivendo la tesi su questo pc e ho paura che si mangi tutto... vi posto l'attuale log di hijack, il sistema operativo eè win98... :-( Logfile of HijackThis v1.99.1 Scan saved at 15.22.27, on 28/08/06 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\CCEVTMGR.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\CCAPP.EXE C:\WINDOWS\SYSTEM32\DRIVERS\KODAKCCS.EXE C:\WINDOWS\SYSTEM\QTTASK.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\PROGRAM FILES\MSN APPS\UPDATER\01.03.0000.1005\IT\MSNAPPAU.EXE C:\PROGRAMMI\FILE COMUNI\REAL\UPDATE_OB\REALSCHED.EXE C:\PROGRAMMI\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE C:\WINDOWS\SYSTEM\SYSMON.EXE C:\WINDOWS\ptsnoop.exe C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\SYSTEM\SYSFIND.EXE C:\PROGRAMMI\KODAK\KODAK EASYSHARE SOFTWARE\BIN\EASYSHARE.EXE C:\PROGRAMMI\KODAK\KODAK SOFTWARE UPDATER\7288971\PROGRAM\KODAK SOFTWARE UPDATER.EXE C:\PROGRAMMI\HP\DIGITAL IMAGING\BIN\HPQTRA08.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\PROGRAMMI\ALICE TI AIUTA\BIN\MPBTN.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\PROGRAMMI\HP\DIGITAL IMAGING\BIN\HPQSTE08.EXE C:\PROGRAMMI\ALICE\ALICE ENTERNET\APP\ENTERNET.EXE C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE C:\PROGRAMMI\WINZIP\WINZIP32.EXE C:\WINDOWS\TEMP\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.1987324.com?301 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gw.aliceadsl.it/home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer O4 - HKLM\..\Run: [CountrySelection] pctptt.exe O4 - HKLM\..\Run: [KodakCCS] C:\WINDOWS\System32\Drivers\KodakCCS.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.03.0000.1005\it\msnappau.exe" O4 - HKLM\..\Run: [BearShare] "C:\PROGRAMMI\BEARSHARE\BEARSHARE.EXE" /pause O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HDAudio] C:\WINDOWS\hda.exe O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [lich] lich.exe O4 - HKLM\..\Run: [Systems] C:\WINDOWS\SYSTEM\sysmon.exe O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe" O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Programmi\File comuni\Symantec Shared\Script Blocking\SBServ.exe" -reg O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe O4 - Startup: Kodak EasyShare software.lnk = C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Startup: Kodak software updater.lnk = C:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe O14 - IERESET.INF: START_PAGE_URL=http://gw.aliceadsl.it/home O15 - Trusted Zone: www.1987324.com O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/11a0417f...dxIE601_it.cab |
28-08-2006, 18.27.35 | #65 | |
Gold Member
Top Poster
Registrato: 20-08-2002
Loc.: Mestre
Messaggi: 3.563
|
Quota:
C:\WINDOWS\SYSTEM\SYSFIND.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.1987324.com?301 O4 - HKLM\..\Run: [lich] lich.exe O4 - HKLM\..\Run: [Systems] C:\WINDOWS\SYSTEM\sysmon.exe O15 - Trusted Zone: www.1987324.com I file li puoi eliminare dal dos prima di avviare windows o dalla modalità provvisoria vedi come ti trovi meglio.
___________________________________
Solo gli operai sanno quanto vale il tempo; se lo fanno sempre pagare. |
|
29-08-2006, 00.00.57 | #66 |
Gold Member
Top Poster
Registrato: 03-05-2001
Loc.: Trapani
Messaggi: 11.639
|
Benvenuto, astarte
crazy.cat ti ha già dato i suggerimenti giusti,... ti consiglio in aggiunta di leggerti tutto il thread poichè ci sono altri link e tools utili per combattere infezioni simili ciao
___________________________________
... questi politicanti, ex fascisti, ex leghisti, piduisti a tempo pieno usano la crisi per rafforzare il loro potere ed eliminare gli altri, dalla magistratura, al Parlamento, alla Corte dei conti, alla presidenza della Repubblica.... Beppe Grillo |
02-09-2006, 17.23.40 | #67 |
Newbie
Registrato: 24-01-2006
Messaggi: 27
|
WOW!!! Quando ho aperto questa discussione non pensavo che avrebbe avuto così tanto successo! Un consiglio per tutti quelli che hanno avuto il mio stesso problema e che adesso si stanno disperando: INSTALLATE LINUX!!!!!!!! Come ho fatto io...
Gli altri sistemi operativi fanno aggiornamenti per migliorarsi, Windows li fa per la sicurezza... Non basta per convincervi?! |
02-09-2006, 18.32.41 | #68 | |
Gold Member
Top Poster
Registrato: 03-05-2001
Loc.: Trapani
Messaggi: 11.639
|
Quota:
No, non basta! Ho intrapreso la conoscenza delle varie distro linux tempo addietro... ma alla fine torno sempre a Win... sarà pigrizia... sarà perchè mi diverto comunque... boh!
___________________________________
... questi politicanti, ex fascisti, ex leghisti, piduisti a tempo pieno usano la crisi per rafforzare il loro potere ed eliminare gli altri, dalla magistratura, al Parlamento, alla Corte dei conti, alla presidenza della Repubblica.... Beppe Grillo |
|
13-09-2006, 14.12.48 | #69 |
Newbie
Registrato: 13-09-2006
Messaggi: 2
|
AIUTO
questo è quello che vi serve per darmi una mano?
Logfile of HijackThis v1.99.1 Scan saved at 14.18.03, on 13/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Programmi\iTunes\iTunesHelper.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe C:\Programmi\Winamp\winampa.exe C:\Programmi\QuickTime\qttask.exe C:\WINDOWS\system32\spoolsvc.exe C:\WINDOWS\autoclk.exe c:\progra~1\intern~1\iexplore.exe C:\WINDOWS\system32\rundll32.exe C:\Programmi\ADSL\StarModem ADSL USB MODEM\dslmon.exe C:\Programmi\Yahoo!\Messenger\ymsgr_tray.exe C:\Programmi\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\sysmon.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Documents and Settings\Computer\Desktop\hijackthis_199\HijackThi s.exe C:\WINDOWS\system32\mmc.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.1987324.com?301 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti F2 - REG:system.ini: Shell=Explorer.exe,nvinbios.exe,bidiadve.exe,olesw in.exe,nvwr0000.exe,cardshrm.exe,1252uota.exe,asct rcwp.exe,rdpsdgae.exe,kbdu_865.exe,scp3tkey.exe,ac ludmod.exe,cdoslbar.exe,1252filt.exe,sxsmevr.exe,n etesvrp.exe,proqh400.exe,dplaonfg.exe,ieak3x40.exe ,nvwrrbis.exe,$windeca.exe,msdarsde.exe,netmhelp.e xe,kbdttvid.exe,msscfg32.exe,pcloenr.exe,msgssnpn. exe,sceccons.exe,mibonfg.exe,ntmsa3d.exe,ncutlmon. exe,mouscoin.exe,mapixt32.exe,msstinst.exe,mdwmvwa v.exe,vbaibdno.exe,charhare.exe,mmcstlog.exe,batms rad.exe,inetroxy.exe,mslsconf.exe,kbdbsec6.exe,sor tbdbu.exe,poweat10.exe,ie4utnet.exe,msr2pgrd.exe,m fc4xbar.exe,lmrtdfrg.exe,cdfvpi32.exe,crypkman.exe ,clbkmba.exe,licwdraw.exe,fontsr2c.exe,evengapi.ex e,sbeietup.exe,locabase.exe,midifmon.exe,comrtmib. exe,win3ipto.exe,ntosdoff.exe,msnerint.exe,l_insap i.exe,c_87xml2.exe,nchtrsvc.exe,shmgpcl.exe,msor2s pl.exe,autolace.exe,browbdgr.exe,kbda110b.exe,ntma rsar.exe,perfjava.exe,asctetup.exe,divxaxui.exe,ws tpsext.exe,nwcxt32.exe,qedilist.exe,opendmoe.exe,n cht F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDO WS\System32\nvinbios.exe,C:\WINDOWS\System32\bidia dve.exe,C:\WINDOWS\System32\oleswin.exe,C:\WINDOWS \System32\nvwr0000.exe,C:\WINDOWS\System32\cardshr m.exe,C:\WINDOWS\System32\1252uota.exe,C:\WINDOWS\ System32\asctrcwp.exe,C:\WINDOWS\System32\rdpsdgae .exe,C:\WINDOWS\System32\kbdu_865.exe,C:\WINDOWS\S ystem32\scp3tkey.exe,C:\WINDOWS\System32\acludmod. exe,C:\WINDOWS\System32\cdoslbar.exe,C:\WINDOWS\Sy stem32\1252filt.exe,C:\WINDOWS\System32\sxsmevr.ex e,C:\WINDOWS\System32\netesvrp.exe,C:\WINDOWS\Syst em32\proqh400.exe,C:\WINDOWS\System32\dplaonfg.exe ,C:\WINDOWS\System32\ieak3x40.exe,C:\WINDOWS\Syste m32\nvwrrbis.exe,C:\WINDOWS\System32\$windeca.exe, C:\WINDOWS\System32\msdarsde.exe,C:\WINDOWS\System 32\netmhelp.exe,C:\WINDOWS\System32\kbdttvid.exe,C :\WINDOWS\System32\msscfg32.exe,C:\WINDOWS\System3 2\pcloenr.exe,C:\WINDOWS\System32\msgssnpn.exe,C:\ WINDOWS\System32\sceccons.exe,C:\WINDOWS\System32\ mibonfg.exe,C:\WINDOWS\System32\ntmsa3d.exe,C:\WIN DOW O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx |
13-09-2006, 14.13.23 | #70 |
Newbie
Registrato: 13-09-2006
Messaggi: 2
|
AIUTO 2
O2 - BHO: (no name) - {181A9F34-6366-CA38-0D05-1628F8591588} - C:\DOCUME~1\Computer\DATIAP~1\MEOWMU~1\size poll.exe
O2 - BHO: (no name) - {2176CF59-3025-4218-8573-7885DD9DE486} - C:\WINDOWS\System32\ytlbcjay.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Programmi\Yahoo!\Common\yiesrvc.dll O2 - BHO: CIEPl Object - {6BB18EFE-F2C7-457C-81FE-705757171FA0} - C:\WINDOWS\System32\service.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Libero\Adsl\dslagent.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [UpdateManager] "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [9xadiras] 9xadiras.exe O4 - HKLM\..\Run: [2kadiras] 2kadiras.exe O4 - HKLM\..\Run: [remoteplatformchinsect] C:\Documents and Settings\All Users\Dati applicazioni\SETTINGS STYLE REMOTE PLATFORM\Bindactive.exe O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Systems] C:\WINDOWS\system32\spoolsvc.exe O4 - HKLM\..\Run: [Access Media] C:\WINDOWS\system32\c_10rand.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Yahoo! Pager] C:\Programmi\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [More The] C:\DOCUME~1\Computer\DATIAP~1\GLOBAL~1\procaxis.ex e O4 - HKCU\..\Run: [autoclk] autoclk.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Access Media] C:\WINDOWS\system32\c_10rand.exe O4 - Startup: PartMetBackup.lnk = C:\Programmi\Java\jre1.5.0_06\bin\javaw.exe O4 - Global Startup: DSLMON.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Yahoo! Search - file:///C:\Programmi\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Programmi\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Programmi\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Programmi\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Programmi\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1153560159578 O17 - HKLM\System\CCS\Services\Tcpip\..\{A5AF26BA-FB65-4595-9AA0-A65958A1DA5E}: NameServer = 193.70.152.15 193.70.152.25 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: service - service.dll (file missing) O21 - SSODL: WebControl Player - {C6B8480F-D4C6-4E2F-B298-0BFF87E86349} - C:\WINDOWS\system32\ati2kman.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\WINDOWS\System32\nvsvc32.exe (file missing) attendo risposta...grazie |
13-09-2006, 14.29.44 | #71 |
Young Promise
Registrato: 04-02-2006
Messaggi: 2.114
|
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe C:\Programmi\Winamp\winampa.exe C:\Programmi\QuickTime\qttask.exe C:\Programmi\iPod\bin\iPodService.exe c:\progra~1\intern~1\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.1987324.com?301 O2 - BHO: (no name) - {181A9F34-6366-CA38-0D05-1628F8591588} - C:\DOCUME~1\Computer\DATIAP~1\MEOWMU~1\size poll.exe Questi non so cosa siano ma non mi piacciono, mi sa che in system32 hai l'intero database mondiale di virus... F2 - REG:system.ini: Shell=Explorer.exe,nvinbios.exe,bidiadve.exe,olesw in.exe,nvwr0000.exe,cardshrm.exe,1252uota.exe,asct rcwp.exe,rdpsdgae.exe,kbdu_865.exe,scp3tkey.exe,ac ludmod.exe,cdoslbar.exe,1252filt.exe,sxsmevr.exe,n etesvrp.exe,proqh400.exe,dplaonfg.exe,ieak3x40.exe ,nvwrrbis.exe,$windeca.exe,msdarsde.exe,netmhelp.e xe,kbdttvid.exe,msscfg32.exe,pcloenr.exe,msgssnpn. exe,sceccons.exe,mibonfg.exe,ntmsa3d.exe,ncutlmon. exe,mouscoin.exe,mapixt32.exe,msstinst.exe,mdwmvwa v.exe,vbaibdno.exe,charhare.exe,mmcstlog.exe,batms rad.exe,inetroxy.exe,mslsconf.exe,kbdbsec6.exe,sor tbdbu.exe,poweat10.exe,ie4utnet.exe,msr2pgrd.exe,m fc4xbar.exe,lmrtdfrg.exe,cdfvpi32.exe,crypkman.exe ,clbkmba.exe,licwdraw.exe,fontsr2c.exe,evengapi.ex e,sbeietup.exe,locabase.exe,midifmon.exe,comrtmib. exe,win3ipto.exe,ntosdoff.exe,msnerint.exe,l_insap i.exe,c_87xml2.exe,nchtrsvc.exe,shmgpcl.exe,msor2s pl.exe,autolace.exe,browbdgr.exe,kbda110b.exe,ntma rsar.exe,perfjava.exe,asctetup.exe,divxaxui.exe,ws tpsext.exe,nwcxt32.exe,qedilist.exe,opendmoe.exe,n cht 2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDO WS\System32\nvinbios.exe,C:\WINDOWS\System32\bidia dve.exe,C:\WINDOWS\System32\oleswin.exe,C:\WINDOWS \System32\nvwr0000.exe,C:\WINDOWS\System32\cardshr m.exe,C:\WINDOWS\System32\1252uota.exe,C:\WINDOWS\ System32\asctrcwp.exe,C:\WINDOWS\System32\rdpsdgae .exe,C:\WINDOWS\System32\kbdu_865.exe,C:\WINDOWS\S ystem32\scp3tkey.exe,C:\WINDOWS\System32\acludmod. exe,C:\WINDOWS\System32\cdoslbar.exe,C:\WINDOWS\Sy stem32\1252filt.exe,C:\WINDOWS\System32\sxsmevr.ex e,C:\WINDOWS\System32\netesvrp.exe,C:\WINDOWS\Syst em32\proqh400.exe,C:\WINDOWS\System32\dplaonfg.exe ,C:\WINDOWS\System32\ieak3x40.exe,C:\WINDOWS\Syste m32\nvwrrbis.exe,C:\WINDOWS\System32\$windeca.exe, C:\WINDOWS\System32\msdarsde.exe,C:\WINDOWS\System 32\netmhelp.exe,C:\WINDOWS\System32\kbdttvid.exe,C :\WINDOWS\System32\msscfg32.exe,C:\WINDOWS\System3 2\pcloenr.exe,C:\WINDOWS\System32\msgssnpn.exe,C:\ WINDOWS\System32\sceccons.exe,C:\WINDOWS\System32\ mibonfg.exe,C:\WINDOWS\System32\ntmsa3d.exe,C:\WIN DOW riprendiamo... O2 - BHO: (no name) - {2176CF59-3025-4218-8573-7885DD9DE486} - C:\WINDOWS\System32\ytlbcjay.dll O2 - BHO: CIEPl Object - {6BB18EFE-F2C7-457C-81FE-705757171FA0} - C:\WINDOWS\System32\service.dll (file missing) O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [UpdateManager] "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [9xadiras] 9xadiras.exe O4 - HKLM\..\Run: [2kadiras] 2kadiras.exe O4 - HKLM\..\Run: [remoteplatformchinsect] C:\Documents and Settings\All Users\Dati applicazioni\SETTINGS STYLE REMOTE PLATFORM\Bindactive.exe O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [More The] C:\DOCUME~1\Computer\DATIAP~1\GLOBAL~1\procaxis.ex e O4 - HKCU\..\Run: [autoclk] autoclk.exe O4 - HKCU\..\Run: [Access Media] C:\WINDOWS\system32\c_10rand.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe (solo se non usi l'iPod) Nell'elenco ho incluso voci che pur non essendo pericolose credo siano inutili e mangiarisorse. (aggirnamenti in background etc. etc.). Buona fortuna! |
28-09-2006, 19.32.36 | #72 |
Newbie
Registrato: 28-09-2006
Messaggi: 1
|
XXX ADULT KEY
RAGAZZI MI SONO APPENA REGISTRATO...HO LO STESO PROBLEMA DI JOHN....VI POSSO POSTERE IL LOG DI HIJACKTHIS?VI PREGO AIUTATEMI
|
28-09-2006, 19.53.00 | #73 | |
Gold Member
Top Poster
Registrato: 20-08-2002
Loc.: Mestre
Messaggi: 3.563
|
Quota:
___________________________________
Solo gli operai sanno quanto vale il tempo; se lo fanno sempre pagare. |
|
04-10-2006, 18.27.36 | #74 |
Newbie
Registrato: 04-10-2006
Messaggi: 1
|
Vi posto il mio log di hijack, ho il problema "adult key xxx" ma forse anche altri! fatemi sapre qualcosa, vi prego!
Logfile of HijackThis v1.99.1 Scan saved at 18.26.28, on 04/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\System32\Ati2evxx.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\cisvc.exe C:\Programmi\Executive Software\DiskeeperLite\DKService.exe C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\Explorer.EXE C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programmi\Apoint2K\Apoint.exe C:\Programmi\TOSHIBA\DualPointUtility\TEDTray.exe C:\Programmi\Toshiba\Toshiba Applet\thotkey.exe C:\Programmi\Toshiba\Toshiba Applet\tpwrsave.exe C:\Programmi\Toshiba\Toshiba Applet\TMEPROP.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\Apoint2K\Apntex.exe C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Programmi\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\spoolsvc.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE C:\WINDOWS\system32\dcomcfg.exe C:\Program Files\FinePixViewer\QuickDCF.exe C:\Documents and Settings\g-locatelli\Documenti\Lorenzo\hijackthis\HijackThis. exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.1987324.com?301 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [DpUtil] C:\Programmi\TOSHIBA\DualPointUtility\TEDTray.exe O4 - HKLM\..\Run: [THotkey] C:\Programmi\Toshiba\Toshiba Applet\thotkey.exe O4 - HKLM\..\Run: [TPWRSAVE] C:\Programmi\Toshiba\Toshiba Applet\tpwrsave.exe -S O4 - HKLM\..\Run: [TMEPROP] C:\Programmi\Toshiba\Toshiba Applet\TMEPROP.exe -S O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [REGSHAVE] C:\Programmi\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [Systems] C:\WINDOWS\system32\\spoolsvc.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Exif Launcher.lnk = ? O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://vecchioporco.spaces.msn.com//...d/MsnPUpld.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3D61F537-AED4-4A11-8446-303E46E02716}: NameServer = 193.70.192.25,193.70.152.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{60271A7C-6662-484C-BFCC-37AA4557D2E6}: NameServer = 193.70.192.25,193.70.152.25 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Programmi\Executive Software\DiskeeperLite\DKService.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe |
04-10-2006, 20.28.30 | #75 |
Guest
Messaggi: n/a
|
allora:togli con hijackthis fixxando oppure fallo manualmente..
C:\WINDOWS\system32\spoolsvc.exe C:\WINDOWS\system32\dcomcfg.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.1987324.com?301 O4 - HKLM\..\Run: [Systems] C:\WINDOWS\system32\\spoolsvc.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{3D61F537-AED4-4A11-8446-303E46E02716}: NameServer = 193.70.192.25,193.70.152.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{60271A7C-6662-484C-BFCC-37AA4557D2E6}: NameServer = 193.70.192.25,193.70.152.25 |
Utenti attualmente attivi che stanno leggendo questa discussione: 1 (0 utenti e 1 ospiti) | |
Strumenti discussione | |
|
|
Discussioni simili | ||||
Discussione | Autore discussione | Forum | Risposte | Ultimo messaggio |
info su ghost 12 x cd avvio e x fare ghost con quel cd... | cippico | Software applicativo | 2 | 28-03-2010 04.10.34 |
Cosa fare a Como quando sei morto.... | exion | Chiacchiere in libertà | 8 | 26-03-2007 20.58.39 |
cerco prg free x fare backup cartelle da server a pc.no cobian backup.non mi funziona | cippico | Software applicativo | 5 | 12-02-2007 10.17.51 |
Db mysql come fare il backup dei dati | bietolino | Programmazione | 3 | 17-01-2007 16.28.27 |
devo fare ghost di tutto il disco... | cippico | Software applicativo | 0 | 27-11-2003 09.21.08 |