MI UNISCO A QUESTA DISCUSSIONE AVENDO ANCHE IO UN POST DI HIJACKTHIS DA MOSTRARVI ::::
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19.31.17, on 03/03/2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\SYSTEM32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\Programmi\Sandboxie\SbieSvc.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Programmi\Avira\AntiVir Desktop\sched.exe
F:\WINDOWS\Explorer.EXE
F:\Programmi\Avira\AntiVir Desktop\avguard.exe
F:\Programmi\Hotspot Shield\bin\openvpnas.exe
F:\Programmi\Avira\AntiVir Desktop\avshadow.exe
F:\Programmi\Hotspot Shield\HssWPR\hsssrv.exe
F:\Programmi\Hotspot Shield\bin\hsswd.exe
F:\Programmi\Java\jre6\bin\jqs.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\wuauclt.exe
F:\WINDOWS\system32\wbem\wmiapsrv.exe
F:\WINDOWS\RTHDCPL.EXE
F:\WINDOWS\Philips\SPC230NC\Monitor.exe
F:\Programmi\Winamp\winampa.exe
F:\Programmi\Canon\MyPrinter\BJMyPrt.exe
F:\Programmi\Canon\Solution Menu EX\CNSEMAIN.EXE
F:\Programmi\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe
F:\Programmi\DivX\DivX Update\DivXUpdate.exe
F:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe
F:\Programmi\Avira\AntiVir Desktop\avgnt.exe
F:\Programmi\Real\RealPlayer\update\realsched.exe
F:\Programmi\File comuni\Java\Java Update\jusched.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Programmi\Internet Explorer\iexplore.exe
F:\Programmi\Sandboxie\SbieCtrl.exe
F:\Programmi\Hotspot Shield\bin\openvpntray.exe
F:\Programmi\MP3 Skype Recorder\MP3 Skype Recorder.exe
F:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Programmi\Internet Explorer\iexplore.exe
F:\hjt\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/splitcam/{8E0AF32E-6DA9-4D59-93D4-8D244C9E9EAF}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - F:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\I E\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - F:\Programmi\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - F:\Programmi\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - F:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugi n.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - F:\Programmi\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - F:\Programmi\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SPC230NC_Monitor] F:\WINDOWS\Philips\SPC230NC\Monitor.exe
O4 - HKLM\..\Run: [SPC_Monitor] F:\WINDOWS\Philips\SPC230NC\Monitor.exe
O4 - HKLM\..\Run: [WinampAgent] F:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [CanonMyPrinter] F:\Programmi\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] F:\Programmi\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] F:\Programmi\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe
O4 - HKLM\..\Run: [DivXUpdate] "F:\Programmi\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "F:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "F:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [MySpy] F:\PROGRA~1\MySpy\MySpy.exe
O4 - HKLM\..\Run: [TkBellExe] "F:\Programmi\Real\RealPlayer\update\realsched.exe " -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SandboxieControl] "F:\Programmi\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "F:\Programmi\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [SplitCam] F:\Programmi\SplitCam\SplitCam.exe
O4 - HKCU\..\Run: [MP3 Skype Recorder] F:\Programmi\MP3 Skype Recorder\MP3 Skype Recorder.exe
O4 - HKCU\..\Run: [SpeedUpMyPC] "F:\Programmi\Uniblue\SpeedUpMyPC\launcher.exe " -d 20000
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: Cerca nel web - F:\Programmi\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - F:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - F:\WINDOWS\bdoscandel.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - F:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - F:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: f:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: f:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: f:\windows\system32\prxerdrv.dll
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - F:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\Programmi\MP3 Skype Recorder\Skype4COM.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - F:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - F:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - F:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - F:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - F:\Programmi\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - F:\Programmi\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - F:\Programmi\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - F:\Programmi\Hotspot Shield\bin\hsswd.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - F:\Programmi\Sandboxie\SbieSvc.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - F:\Programmi\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
--
End of file - 10822 bytes
HO DEI PROBLEMI CON ALCUNI PROGRAMMI E A VOLTE MI S'IMPALLA INTERNET, HO FATTO ALCUNE SCANSIONI E HO ELIMINATO DIVERSI VIRUS MA PENSO DI AVERE QUALCOSA CARICATO IN MEMORIA E UNA DLL DI SISTEMA CORROTTA .. CHE POSSO FARE ? HO PROVATO IL RIPRISTINO DI SISTEMA MA HA FUNZIONATO UNA VOLTA SOLA .. ORA DOVREI DISATTIVARLO MA POI ? NON POSSO FORMATTARE PER ORA .. HELP
Rispondi quotando