internet connection000 anche a me :-( aiuto !!!

[Paolissima91]

Innanzi tutto ciao a tutti
Ho girato un po per il forum ma poi ho capito che se voglio risolvere il mio problema devo scrivere a voi .
Chi riesce ad aiutarmi?

Ho scaricato tutto ciò che serve ma solo l'idea di cancellare qualcosa e far danni ..... mi spaventa.

Ho da qualche giorno una connessione che si chiama Internet Connection e chiama lo 000

Ho l'ADSL a casa ma quando voglio leggere la posta devo usare la vecchia linea, ho fatto una scansione con il programma spybot ma la situazione è invariata anche per me .

Potreste aiutarmi ?


GRAZIE A TUTTI !!!

Ecco i log

Find AWF report by noahdfear ©2006
Version 1.40



bak folders found
~~~~~~~~~~~

Il volume nell'unit… C Š disco c
Numero di serie del volume: 8C27-6516

Directory di C:\PROGRA~1\MICROS~3\BAK

05/02/2007 14.52 849.280 ipoint.exe
1 File 849.280 byte
2 Directory 45.476.925.440 byte disponibili
Il volume nell'unit… C Š disco c
Numero di serie del volume: 8C27-6516

Directory di C:\WINDOWS\SYSTEM32\BAK

19/08/2004 14.39 15.360 ctfmon.exe
09/07/2001 10.50 155.648 NeroCheck.exe
2 File 171.008 byte
2 Directory 45.476.925.440 byte disponibili
Il volume nell'unit… C Š disco c
Numero di serie del volume: 8C27-6516

Directory di C:\PROGRA~1\AHEAD\INCD\BAK

17/01/2003 18.08 1.224.704 InCD.exe
1 File 1.224.704 byte
2 Directory 45.476.921.344 byte disponibili
Il volume nell'unit… C Š disco c
Numero di serie del volume: 8C27-6516

Directory di C:\PROGRA~1\AHEAD\NEROBA~1\BAK

11/10/2005 18.25 1.961.984 NBJ.exe
1 File 1.961.984 byte
2 Directory 45.476.921.344 byte disponibili
Il volume nell'unit… C Š disco c
Numero di serie del volume: 8C27-6516

Directory di C:\PROGRA~1\ATITEC~1\ATICON~1\BAK

28/10/2003 21.10 335.872 atiptaxx.exe
1 File 335.872 byte
2 Directory 45.476.921.344 byte disponibili
Il volume nell'unit… C Š disco c
Numero di serie del volume: 8C27-6516

Directory di C:\PROGRA~1\FILECO~1\SYMANT~1\BAK

0 File 0 byte
2 Directory 45.476.921.344 byte disponibili
Il volume nell'unit… C Š disco c
Numero di serie del volume: 8C27-6516

Directory di C:\PROGRA~1\GOOGLE\GOOGLE~2\BAK

14/09/2007 10.38 68.856 GoogleToolbarNotifier.exe
1 File 68.856 byte
2 Directory 45.476.921.344 byte disponibili
Il volume nell'unit… C Š disco c
Numero di serie del volume: 8C27-6516

Directory di C:\PROGRA~1\TIN.IT\FAST\BAK

0 File 0 byte
2 Directory 45.476.921.344 byte disponibili
Il volume nell'unit… C Š disco c
Numero di serie del volume: 8C27-6516

Directory di C:\PROGRA~1\ADOBE\ACROBA~2.0\READER\BAK

24/10/2005 15.53 307.200 AdobeUpdateManager.exe
1 File 307.200 byte
2 Directory 45.476.921.344 byte disponibili


Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

C:\Programmi\Microsoft IntelliPoint\ipoint.exe
C:\Programmi\Microsoft IntelliPoint\bak\ipoint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\bak\ctfmon.exe
C:\WINDOWS\system32\NeroCheck.exe
C:\WINDOWS\system32\bak\NeroCheck.exe
C:\Programmi\Ahead\InCD\InCD.exe
C:\Programmi\Ahead\InCD\bak\InCD.exe
C:\Programmi\Ahead\Nero BackItUp\NBJ.exe
C:\Programmi\Ahead\Nero BackItUp\bak\NBJ.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe
C:\Programmi\GoogleEarth.exe
C:\Programmi\Google\googletoolbar3user.exe
C:\Programmi\Google\Google Earth\GoogleEarth.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programmi\Google\GoogleToolbarNotifier\bak\Goog leToolbarNotifier.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\bak\AdobeUpdateManager.exe

end of report

[Paolissima91]

Logfile of HijackThis v1.99.1
Scan saved at 12.10.33, on 22/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
C:\Programmi\File comuni\Symantec Shared\AppCore\AppSvc32.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\BITWARE\NT\bwprnmon.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\System32\bmwebcfg.exe
C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.e xe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\msiexec.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\DOCUME~1\winxp\IMPOST~1\Temp\Directory temporanea 2 per hijackthis_199.zip\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = http://pacsrv/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301. 7164\swg.dll
O2 - BHO: Bytemobile BHO - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - C:\WINDOWS\System32\bmbho.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [InCD] C:\Programmi\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [{4FD4C989-FA02-4743-A1FD-7FC2CABB244A}] "C:\Programmi\tin.it\Fast\bmoc" -d
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programmi\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programmi\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe "
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Programmi\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Avvio Office.lnk = C:\Programmi\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BitWare Print Monitor.lnk = C:\BITWARE\NT\bwprnmon.exe
O4 - Global Startup: Ricerca rapida.lnk = C:\Programmi\Microsoft Office\Office\FINDFAST.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: Umail - {B37EDB8A-7066-4200-A3B4-E8C7D77BE631} - http://www.umail.it (file missing) (HKCU)
O10 - Broken Internet access because of LSP provider 'bmnet.dll' missing
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.virgilio.it/free
O16 - DPF: {08FD87EF-2A15-11D1-AF00-00A0C91F4B89} (WebPlotCtl Class) - http://cartogis.provincia.genova.it/...eX/webplot.cab
O16 - DPF: {1F831FA9-42FC-11D4-95A6-0080AD30DCE1} (InstaFred Control) - file://C:\Programmi\AutoCAD LT 2000i Ita\InstFred.ocx
O16 - DPF: {42C559C0-2E84-11D5-A3C6-00010219529D} (siacapi-core-install) - https://portal.actalis.it/CA/Environ...re-install.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1139218612171
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Controllo AcDc oggi) - file://C:\Programmi\AutoCAD LT 2000i Ita\AcDcToday.ocx
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) - http://ecozero.liguriainrete.it/ecwplugins/ncs.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Controllo AcPreview) - file://C:\Programmi\AutoCAD LT 2000i Ita\AcPreview.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F7CA55B-FC8D-4A48-BB17-58B5FB4E89B5}: Domain = gruppo.autostrade.it
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F7CA55B-FC8D-4A48-BB17-58B5FB4E89B5}: NameServer = 100.31.2.239
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\System32\bmwebcfg.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe" /h cltCommon (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.e xe

[Deifobe]

Scarica Scarica Avenger
Eseguilo e seleziona l'opzione "Input Script Manually".
Clicca sulla lente d'ingrandimento e all'interno della finestra "Wiew/edit script", nel box bianco, copia/incolla:

files to delete:
C:\Programmi\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\NeroCheck.exe
C:\Programmi\Ahead\InCD\InCD.exe
C:\Programmi\Ahead\Nero BackItUp\NBJ.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

files to move:
C:\Programmi\Microsoft IntelliPoint\bak\ipoint.exe | C:\Programmi\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\bak\ctfmon.exe | C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\bak\NeroCheck.exe | C:\WINDOWS\system32\NeroCheck.exe
C:\Programmi\Ahead\InCD\bak\InCD.exe | C:\Programmi\Ahead\InCD\InCD.exe
C:\Programmi\Ahead\Nero BackItUp\bak\NBJ.exe | C:\Programmi\Ahead\Nero BackItUp\NBJ.exe
C:\Programmi\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe | C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\Google\GoogleToolbarNotifier\bak\Goog leToolbarNotifier.exe | C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\bak\AdobeUpdateManager.exe | C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

Clicca sul pulsante "Done", poi sul semaforo verde.
Rispondi 2 volte Yes.
Il pc dovrebbe riavviarsi da solo, altrimenti riavvialo tu.
Posta il report rilasciato caricandolo su Sendmefile e postando il link ottenuto