Pagina 1 di 2 1 2 ultimoultimo
Visualizzazione dei risultati da 1 a 10 su 14
  1. #1

    impossibile accedere a siti microsoft

    ciao a tutti,mi sono appena iscritto,ho un bel problema.
    Non riesco ad accedere ai siti windows live,non mi fa scaricare ad esempio il pacchetto di windows live messenger,non funzionano gli aggiornamenti ne di windows ne di nod32...sarà sicuramente un virus,come faccio ad eliminarlo?leggendo un pò in giro ho visto che devo fare una scansione con HijackThis. Questo è il log ma non ho idea di dove mettere mani...potreste aiutarmi per favore?

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14.40.27, on 14/01/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20935)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
    C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programmi\RocketDock\RocketDock.exe
    c:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
    C:\Documents and Settings\Peppe\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe
    C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
    C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
    C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Programmi\PC Connectivity Solution\Transports\NclToBTSrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Documents and Settings\Peppe\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
    C:\Programmi\Windows Live\Messenger\usnsvc.exe
    C:\Documents and Settings\Peppe\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Peppe\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Peppe\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Peppe\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Peppe\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Peppe\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Peppe\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
    C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\Programmi\MegauploadToolbar\megauploadtoolbar.d ll
    O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Programmi\Megaupload\Mega Manager\MegaIEMn.dll
    O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\Programmi\MegauploadToolbar\megauploadtoolbar.d ll
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [egui] "C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime Alternative\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Programmi\Canon\SolutionMenu\CNSLMAIN.exe /logon
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Programmi\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [Remote] "C:\Programmi\LifeView TVR\remote.exe"
    O4 - HKLM\..\Run: [RecSche] "C:\Programmi\LifeView TVR\RecSche.exe"
    O4 - HKLM\..\Run: [WinDVRCtrl] C:\WINDOWS\WDVRCtrl.exe
    O4 - HKLM\..\Run: [ScanRegistry] C:\W
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RocketDock] "C:\Programmi\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [NetMeter] C:\Programmi\HooTech\NetMeter\HooNetMeter.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Peppe\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO DI RETE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O4 - Startup: NetMeeting.exe.lnk = C:\Documents and Settings\All Users\NetMeeting.exe
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Scarica link utilizzando Mega Manager... - C:\Programmi\Megaupload\Mega Manager\mm_file.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Programmi\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/.../GAME_UNO1.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{15D5C627-A904-424B-814E-81245B8C4DED}: NameServer = 85.255.116.25,85.255.112.94
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9F4C6F75-653C-40FB-99C2-9AC2F3A6D09C}: NameServer = 85.255.116.25,85.255.112.94
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.25,85.255.112.94
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.25,85.255.112.94
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.25,85.255.112.94
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe

  2. #2
    Fixa queste voci:
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.25,85.255.112.94
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.25,85.255.112.94
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.25,85.255.112.94
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9F4C6F75-653C-40FB-99C2-9AC2F3A6D09C}: NameServer = 85.255.116.25,85.255.112.94
    O17 - HKLM\System\CCS\Services\Tcpip\..\{15D5C627-A904-424B-814E-81245B8C4DED}: NameServer = 85.255.116.25,85.255.112.94
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    Poi esegui una scansione completa del PC da ActiveScan
    Posta il risultato.
    Poi effettua una scansione con Malwarebytes
    aggiornalo
    esegui la scansione completa del PC
    Posta il risultato su Savefile
    non rimuovore eventuali virus che rileva, potrebbero trattarsi di falsi virus
    Il mio Portfolio Flickr

  3. #3
    allora active scan dice che non ci sono infezione mentre non riesco ad accedere alla pagine dell'altro software...nemmeno da google...cosa faccio?ho fixato quelle voci

  4. #4
    niente?

  5. #5
    Prova così: fai una scansione online con Kasperky
    Posta il risultato
    Il mio Portfolio Flickr

  6. #6
    non va neanche con kaspersky...si blocca agli aggiornamenti

  7. #7
    fai una scansione con Ewido
    Se non ti parte scarica Systemscan
    esegui la scansione
    Posta il risultato su Savefile
    Il mio Portfolio Flickr

  8. #8
    Prova a scaricare Malwarebytes
    P.S
    Da quel sito si dovrebbe scaricare!!!!
    Il mio Portfolio Flickr

  9. #9
    ora sto facendo la scansione con ewido,sono a metà...devo farla anche con malwarebytes se me lo fa scaricare?

  10. #10
    si!!!
    Poi vediamo quello che trova
    Il mio Portfolio Flickr

Permessi di invio

  • Non puoi inserire discussioni
  • Non puoi inserire repliche
  • Non puoi inserire allegati
  • Non puoi modificare i tuoi messaggi
  •  
Powered by vBulletin® Version 4.2.1
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved.