Pagina 1 di 9 1 2 3 ... ultimoultimo
Visualizzazione dei risultati da 1 a 10 su 87
  1. #1

    virus che non riesco ad eliminare

    Salve, vi chiedo un aiuto perchè credo ti aver preso un virus; mi compaiono sempre delle finestrelle a nome Symantec Email Proxy con un messaggio che dice così:
    "Non è stato possibile inviare il messaggio e-mail perchè il server di posta ha rifiutato il messaggio:
    554 delivery error: dd this user doesn't have a yahoo.com
    accouny(bart_105@yahoo.com) (-5) - mta347.mail.re4.yahoo.com"

    Va avanti così da qualche giorno continuamente ... si aprono tremila finestre continuamente con messaggi tutti simili a quello sopra, e non riesco a risolvere il problema. Ho già fatto una scansione completa in modalità provvisoria sia con Ad-AWARE e Norton e di virus non ne rileva. Cosa può essere? io credo sia comunque un virus, voi ne avete un'idea? vi preogo aiutooooooooo..
    - quanto costa una mela?
    - COSTA UN SACCO DI BOTTE!
    - se mi faccio picchiare un pochino la darebbe al bambino?...

  2. #2
    Utente di HTML.it L'avatar di OYS
    Registrato dal
    Apr 2006
    Messaggi
    3,142
    Non credo sia un virus... Cmq posta un log di hijackthis così vediamo se ce ne sono attivi.

  3. #3
    cavolo ho fatto il log ma non risco a farcelo stare tutto qui dentro ... mi dice che al massimo devono essere 13000 caratteri. Mi tocca mandarlo in due post.

    comunque eccone una parte:

    Logfile of HijackThis v1.99.1
    Scan saved at 17.37.58, on 18/02/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
    C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
    C:\Programmi\File comuni\Symantec Shared\AppCore\AppSvc32.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Programmi\Power Translator\LogoMedia TranslateDotNet Server.exe
    C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\TODDSrv.exe
    C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.e xe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Programmi\Apoint2K\Apoint.exe
    C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
    C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
    C:\Programmi\TOSHIBA\TouchPad\TPTray.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\WINDOWS\system32\ZoomingHook.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\WINDOWS\system32\TCtrlIOHook.exe
    C:\Programmi\TOSHIBA\TOSHIBA Controls\TFncKy.exe
    C:\Programmi\TOSHIBA\Tvs\TvsTray.exe
    C:\Programmi\Apoint2K\Apntex.exe
    C:\Programmi\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
    C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe
    C:\Programmi\iTunes\iTunesHelper.exe
    C:\Programmi\File comuni\Real\Update_OB\realsched.exe
    C:\Programmi\File comuni\Symantec Shared\ccApp.exe
    C:\WINDOWS\System32\drivers\svchost.exe
    C:\Programmi\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
    C:\Programmi\EPSON\EPSON SMART PANEL for Scanner\EspMain.exe
    C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Programmi\Mozilla Firefox\firefox.exe
    C:\Programmi\MSN Messenger\usnsvc.exe
    C:\Programmi\BitLord\BitLord.exe
    C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Programmi\IMVU\IMVUClient.exe
    C:\Programmi\VideoLAN\VLC\vlc.exe
    C:\PROGRA~1\WINZIP\winzip32.exe
    C:\Documents and Settings\lisa milo\Impostazioni locali\Temp\wzf4ac\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programmi\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.D LL (file missing)
    O1 - Hosts: 108.112.42.206 ad.doubleclick.net
    O1 - Hosts: 184.169.44.29 upgrade.bitdefender.com
    O1 - Hosts: 106.62.59.13 report.bitdefender.com
    O1 - Hosts: 178.95.95.213 ad.fastclick.net
    O1 - Hosts: 107.116.117.138 ads.fastclick.net
    O1 - Hosts: 174.15.27.94 ar.atwola.com
    O1 - Hosts: 115.27.183.221 atdmt.com
    O1 - Hosts: 183.97.110.57 avp.ch
    O1 - Hosts: 114.153.7.176 avp.com
    O1 - Hosts: 179.51.181.210 avp.ru
    O1 - Hosts: 108.15.197.227 awaps.net
    O1 - Hosts: 180.66.164.240 banner.fastclick.net
    O1 - Hosts: 112.56.109.230 banners.fastclick.net
    O1 - Hosts: 177.137.61.67 ca.com
    O1 - Hosts: 111.18.29.102 www.ca.com
    O1 - Hosts: 180.140.140.115 click.atdmt.com
    O1 - Hosts: 104.148.31.185 clicks.atdmt.com
    O1 - Hosts: 186.213.124.100 customer.symantec.com
    O1 - Hosts: 100.96.64.129 dispatch.mcafee.com
    O1 - Hosts: 183.2.101.136 download.mcafee.com
    O1 - Hosts: 104.210.98.148 download.microsoft.com
    O1 - Hosts: 181.159.189.68 downloads.microsoft.com
    O1 - Hosts: 112.218.150.78 downloads-eu1.kaspersky-labs.com
    O1 - Hosts: 181.65.170.225 downloads-eu2.kaspersky-labs.com
    O1 - Hosts: 115.202.138.212 downloads-eu3.kaspersky-labs.com
    O1 - Hosts: 185.37.50.218 downloads-us1.kaspersky-labs.com
    O1 - Hosts: 109.114.81.80 downloads-us2.kaspersky-labs.com
    O1 - Hosts: 180.183.191.200 downloads-us3.kaspersky-labs.com
    O1 - Hosts: 111.63.81.72 downloads1.kaspersky-labs.com
    O1 - Hosts: 187.45.123.197 downloads2.kaspersky-labs.com
    O1 - Hosts: 102.48.18.192 downloads3.kaspersky-labs.com
    O1 - Hosts: 180.188.144.114 downloads4.kaspersky-labs.com
    O1 - Hosts: 111.57.62.146 engine.awaps.net
    O1 - Hosts: 179.113.96.3 f-secure.com
    O1 - Hosts: 100.178.73.135 fastclick.net
    O1 - Hosts: 182.38.71.88 ftp.avp.ch
    O1 - Hosts: 107.152.141.111 ftp.downloads2.kaspersky-labs.com
    O1 - Hosts: 186.39.46.12 ftp.f-secure.com
    O1 - Hosts: 106.65.181.226 ftp.kasperskylab.ru
    O1 - Hosts: 174.100.75.218 ftp.sophos.com
    O1 - Hosts: 111.138.97.30 go.microsoft.com
    O1 - Hosts: 174.194.28.31 ids.kaspersky-labs.com
    O1 - Hosts: 110.101.147.64 kaspersky-labs.com
    O1 - Hosts: 182.218.134.18 kaspersky.com
    O1 - Hosts: 110.50.113.133 liveupdate.symantec.com
    O1 - Hosts: 178.160.128.199 liveupdate.symantecliveupdate.com
    O1 - Hosts: 115.84.151.31 mast.mcafee.com
    O1 - Hosts: 185.0.220.131 mcafee.com
    O1 - Hosts: 109.92.142.185 media.fastclick.net
    O1 - Hosts: 176.171.191.233 msdn.microsoft.com
    O1 - Hosts: 103.113.37.211 my-etrust.com
    O1 - Hosts: 180.172.202.29 nai.com
    O1 - Hosts: 115.89.143.98 networkassociates.com
    O1 - Hosts: 174.46.37.27 office.microsoft.com
    O1 - Hosts: 109.188.51.100 phx.corporate-ir.net
    O1 - Hosts: 185.45.204.116 rads.mcafee.com
    O1 - Hosts: 109.120.41.223 secure.nai.com
    O1 - Hosts: 177.7.179.127 securityresponse.symantec.com
    O1 - Hosts: 108.217.74.1 service1.symantec.com
    O1 - Hosts: 183.50.26.181 sophos.com
    O1 - Hosts: 109.170.21.186 spd.atdmt.com
    O1 - Hosts: 187.58.188.136 support.microsoft.com
    O1 - Hosts: 101.13.209.239 symantec.com
    O1 - Hosts: 176.188.88.223 trendmicro.com
    O1 - Hosts: 105.130.169.168 update.symantec.com
    O1 - Hosts: 182.123.36.37 updates.symantec.com
    O1 - Hosts: 108.110.33.59 updates1.kaspersky-labs.com
    O1 - Hosts: 183.59.213.85 updates2.kaspersky-labs.com
    O1 - Hosts: 100.8.14.248 updates3.kaspersky-labs.com
    O1 - Hosts: 177.203.115.101 updates4.kaspersky-labs.com
    O1 - Hosts: 115.99.75.57 updates5.kaspersky-labs.com
    O1 - Hosts: 177.164.21.164 us.mcafee.com
    O1 - Hosts: 104.191.68.232 vil.nai.com
    O1 - Hosts: 178.104.12.229 viruslist.com
    O1 - Hosts: 115.45.29.170 viruslist.ru
    O1 - Hosts: 180.17.225.124 windowsupdate.microsoft.com
    O1 - Hosts: 101.14.104.106 www.avp.ch
    O1 - Hosts: 187.220.183.234 www.avp.com
    O1 - Hosts: 106.32.32.175 www.avp.ru
    O1 - Hosts: 186.54.74.45 www.awaps.net
    O1 - Hosts: 101.143.19.123 www.ca.com
    O1 - Hosts: 174.32.86.13 www.f-secure.com
    O1 - Hosts: 105.116.161.207 www.fastclick.net
    O1 - Hosts: 181.161.67.179 www.grisoft.com
    O1 - Hosts: 112.172.26.189 www.kaspersky-labs.com
    O1 - Hosts: 184.209.149.39 www.kaspersky.com
    O1 - Hosts: 101.182.189.240 www.kaspersky.ru
    O1 - Hosts: 173.37.26.35 www.mcafee.com
    O1 - Hosts: 112.46.139.229 www.my-etrust.com
    O1 - Hosts: 178.225.214.176 www.nai.com
    O1 - Hosts: 108.150.114.26 www.networkassociates.com
    O1 - Hosts: 178.182.181.42 www.sophos.com
    O1 - Hosts: 109.208.204.78 www.symantec.com
    O1 - Hosts: 185.128.102.236 www.trendmicro.com
    O1 - Hosts: 106.65.196.108 www.viruslist.com
    O1 - Hosts: 179.223.125.67 www.viruslist.ru
    O1 - Hosts: 103.38.35.138 www3.ca.com
    O1 - Hosts: 175.24.52.173 avp.ch
    O1 - Hosts: 112.167.176.41 avp.com
    O1 - Hosts: 181.132.72.29 avp.ru
    O1 - Hosts: 108.51.94.92 awaps.net
    O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} -
    - quanto costa una mela?
    - COSTA UN SACCO DI BOTTE!
    - se mi faccio picchiare un pochino la darebbe al bambino?...

  4. #4
    ecco l'altro pezzo e grazie milleeeeeeee:


    C:\Programmi\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.D LL (file missing)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programmi\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programmi\File comuni\Symantec Shared\coShared\Browser\1.0\NppBho.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: (no name) - {7b4d79df-9ef0-429d-a0e9-d9b138c6a53b} - C:\Programmi\VideoCompressionCodec\isaddon.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Protection Bar - {8aed5df3-6e0b-4930-b1a5-f8aa8d757497} - C:\Programmi\VideoCompressionCodec\iesplugin.dll (file missing)
    O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Programmi\Power Translator\Applications\LEC IE Translation Extension.dll
    O3 - Toolbar: Mostra Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programmi\File comuni\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
    O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Programmi\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [PadTouch] C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
    O4 - HKLM\..\Run: [CeEKEY] C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
    O4 - HKLM\..\Run: [HWSetup] C:\Programmi\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
    O4 - HKLM\..\Run: [SVPWUTIL] C:\Programmi\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
    O4 - HKLM\..\Run: [TPNF] C:\Programmi\TOSHIBA\TouchPad\TPTray.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [Tvs] C:\Programmi\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [DDWMon] C:\Programmi\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe "
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Babylon Client] C:\Programmi\Babylon\Babylon-Pro\Babylon.exe -AutoStart
    O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Programmi\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
    O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
    O4 - HKLM\..\Run: [Windows Firewall] C:\WINDOWS\System32\drivers\svchost.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [BitTorrent] "C:\Programmi\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
    O4 - HKCU\..\Run: [Windows Firewall] C:\WINDOWS\System32\drivers\svchost.exe
    O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Programmi\Microsoft Office\OFFICE11\ONENOTEM.EXE
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
    O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: EPSON SMART PANEL for Scanner.lnk = C:\Programmi\EPSON\EPSON SMART PANEL for Scanner\EspMain.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1
    O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZNxdm119YYIT
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Translate with &Babylon - res://C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - http://www.net2phone.com/ (file missing)
    O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - http://www.net2phone.com/ (file missing)
    O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\lisa milo\Menu Avvio\Programmi\Accessori\IMVU\Run IMVU.lnk
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...1.0.0.15-3.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/.../GAME_UNO1.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1161161021640
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{60EA7D95-2BA4-4590-85D0-EF69AB1FEC04}: NameServer = 85.37.17.47 85.38.28.82
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: winjgf32 - winjgf32.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
    O23 - Service: Convalida password di Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\isPwdSvc.exe
    O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Programmi\Power Translator\LogoMedia TranslateDotNet Server.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\AppCore\AppSvc32.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
    O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.e xe
    - quanto costa una mela?
    - COSTA UN SACCO DI BOTTE!
    - se mi faccio picchiare un pochino la darebbe al bambino?...

  5. #5
    Utente di HTML.it L'avatar di OYS
    Registrato dal
    Apr 2006
    Messaggi
    3,142
    Uhm, fixa queste:

    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programmi\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.D LL (file missing)

    O2 - BHO: (no name) - {7b4d79df-9ef0-429d-a0e9-d9b138c6a53b} - C:\Programmi\VideoCompressionCodec\isaddon.dll (file missing)

    O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programmi\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O3 - Toolbar: Protection Bar - {8aed5df3-6e0b-4930-b1a5-f8aa8d757497} - C:\Programmi\VideoCompressionCodec\iesplugin.dll (file missing)

    O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Programmi\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)

    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

    O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

    O4 - HKLM\..\Run: [Windows Firewall] C:\WINDOWS\System32\drivers\svchost.exe (sembra strano ma è un worm)

    C:\WINDOWS\System32\drivers\svchost.exe

    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1

    O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1

    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolba...?p=ZNxdm119YYIT

    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/no...p1.0.0.15-3.cab

    O20 - Winlogon Notify: winjgf32 - winjgf32.dll (file missing)



    Devi fixare tutte quelle con "O1 - Hosts" solo se non le conosci
    (per esempio fastclick fixalo di sicuro)



    Spero ke nn mi sia sfuggito niente

  6. #6
    Moderatore di Sicurezza informatica e virus L'avatar di Habanero
    Registrato dal
    Jun 2001
    Messaggi
    9,782
    Le voci O1 devi fixarle tutte.
    Gli IP indicati puntano tutti a classi riservate in cui non è presente alcun server. Per questo motivo tutti i siti indicati risultano attualmente inutilizzabili.
    Leggi il REGOLAMENTO!

    E' molto complicato, un mucchio di input e output, una quantità di informazioni, un mucchio di elementi da considerare, ho una quantità di elementi da tener presente...
    Drugo

  7. #7
    ragazzi siete dei grandi!! per ora sembra tutto risolto.
    Vi mando un assegno da 1 milione di dollari?

    Comunque mi sembra di aver capito che oltre alle cartelle O1 devo fixare anche tutte quelle contraddistinte da (file missing), se è così ce ne sono delle altre che non avete segnalato, devo fixare anche quelle?

    grazieee
    - quanto costa una mela?
    - COSTA UN SACCO DI BOTTE!
    - se mi faccio picchiare un pochino la darebbe al bambino?...

  8. #8
    Utente di HTML.it L'avatar di OYS
    Registrato dal
    Apr 2006
    Messaggi
    3,142
    Originariamente inviato da milo25
    Comunque mi sembra di aver capito che oltre alle cartelle O1 devo fixare anche tutte quelle contraddistinte da (file missing), se è così ce ne sono delle altre che non avete segnalato, devo fixare anche quelle?
    In teoria si perchè gli elementi non necessari (disattivati) dovrebbero essere eliminati...

  9. #9
    Ciao a tutti Mi chiamo Valentina, e chiedo il vostro aiuto!
    Ho lo stesso problema dell'utente qua sopra; ho provato a ripristinare il sistema ad un punto preciso, ma dopo la scansione dell'antivirus ritrova quel file e quando lo sposto nel cestino mi si ricrea questo problema ad ogni avvio.
    Vi mando i rulsutati con Hijack This....

    Parte uno:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 15:43:31, on 15/10/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
    C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
    C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
    C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    C:\Users\Public\Documents\PowerOffer\POService.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/6
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/6
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Messenger Plus Live Italy Toolbar - {08d495ab-a86c-47b0-82ef-da87bf92f730} - C:\Program Files (x86)\Messenger_Plus_Live_Italy\tbMes1.dll
    R3 - URLSearchHook: Softonic Italia Toolbar - {4edd5c14-2d22-4d7a-9748-c975a7fd933b} - C:\Program Files (x86)\Softonic_Italia\tbSoft.dll
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (file missing)
    R3 - URLSearchHook: PHPNukeIT Toolbar - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - C:\Program Files (x86)\PHPNukeIT\tbPHPN.dll
    R3 - URLSearchHook: Messenger Plus Toolbar - {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - C:\Program Files (x86)\Messenger_Plus\prxtbMess.dll
    F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
    O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Messenger Plus Live Italy Toolbar - {08d495ab-a86c-47b0-82ef-da87bf92f730} - C:\Program Files (x86)\Messenger_Plus_Live_Italy\tbMes1.dll
    O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files (x86)\ShoppingReport\Bin\2.6.79\ShoppingReport.dll (file missing)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: PHPNukeIT Toolbar - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - C:\Program Files (x86)\PHPNukeIT\tbPHPN.dll
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    O2 - BHO: PowerOffer - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\Public\Documents\PowerOffer\PowerOfferBHO .dll
    O2 - BHO: Softonic Italia Toolbar - {4edd5c14-2d22-4d7a-9748-c975a7fd933b} - C:\Program Files (x86)\Softonic_Italia\tbSoft.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files (x86)\Hotbar\bin\11.0.175.0\HostIE.dll (file missing)
    O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx. dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: UrlHelper Class - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
    O2 - BHO: Messenger Plus - {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - C:\Program Files (x86)\Messenger_Plus\prxtbMess.dll
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstan ce.dll
    O3 - Toolbar: Messenger Plus Live Italy Toolbar - {08d495ab-a86c-47b0-82ef-da87bf92f730} - C:\Program Files (x86)\Messenger_Plus_Live_Italy\tbMes1.dll
    O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files (x86)\Hotbar\bin\11.0.175.0\HostIE.dll (file missing)
    O3 - Toolbar: Softonic Italia Toolbar - {4edd5c14-2d22-4d7a-9748-c975a7fd933b} - C:\Program Files (x86)\Softonic_Italia\tbSoft.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
    O3 - Toolbar: PHPNukeIT Toolbar - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - C:\Program Files (x86)\PHPNukeIT\tbPHPN.dll
    O3 - Toolbar: Messenger Plus Toolbar - {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - C:\Program Files (x86)\Messenger_Plus\prxtbMess.dll
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
    O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx. dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

  10. #10
    Parte 2:

    O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    O4 - HKLM\..\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
    O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
    O4 - HKLM\..\Run: [HotbarSA] "C:\Program Files (x86)\Hotbar\bin\11.0.175.0\HotbarSA.exe"
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero BackItUp 4\NBKeyScan.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
    O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
    O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\3.bin\mwsoemon.exe
    O4 - HKCU\..\Run: [PopularScreensaversWallpaper] rundll32 C:\PROGRA~2\MYWEBS~1\bar\3.bin\F3SCRCTR.DLL,LES
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
    O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    O4 - Startup: Widget vodafone.lnk = C:\Program Files (x86)\Widget vodafone.it\Widget vodafone.it.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
    O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
    O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
    O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6 FF0C6D236BF8.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O9 - Extra 'Tools' menuitem: &Impostazioni di Google Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll
    O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
    O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
    O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
    O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files (x86)\ShoppingReport\Bin\2.6.79\ShoppingReport.dll (file missing)
    O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files (x86)\ShoppingReport\Bin\2.6.79\ShoppingReport.dll (file missing)
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
    O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-31-0.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Dat

Permessi di invio

  • Non puoi inserire discussioni
  • Non puoi inserire repliche
  • Non puoi inserire allegati
  • Non puoi modificare i tuoi messaggi
  •  
Powered by vBulletin® Version 4.2.1
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.