vi prego aiutatemi:ho passato il fine settimana a cercare di liberarmi di faststat.net,zedo e altri...sono disperata:le ho provate tutte,tutti i tool di rimozione,in modalità provvisoria, ad aware, spybot,ccleaner avg antispyware...mi manca solo la formattazione ma proprio non posso arrivarci vi posto il mio file log di hijackthis anche se non mi sembra strano...fate qualcosa per favore sono disperata ed internet mi serve per lavorare:
Logfile of HijackThis v1.99.1
Scan saved at 9.33.11, on 12/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
F:\elements 4\apdproxy.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\StartupMonitor.exe
C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
F:\elements 4\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Documents and Settings\Patrizia\Desktop\software\html2pop3232win 32\html2pop3.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\HDDSvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\SolidDocuments\SolidConverterPDF\SCPD F\SolidPdfService.exe
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\UPHClean\uphclean.exe
C:\Programmi\Viewpoint\Common\ViewpointService.exe
C:\VEXPLITE\viritsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programmi\File comuni\InstallShield\UpdateService\ISDM.exe
C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Patrizia\Desktop\hijackthis\HijackThis.ex e
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programmi\Crawler\ctbr.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPD F\ExploreExtPDF.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.1.615. 5858\swg.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPD F\ExploreExtPDF.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: Toolbar &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programmi\Crawler\ctbr.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\elements 4\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\programmi\adobe 8\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programmi\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Controllo dello stato] C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe
O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe "
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Programmi\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
O4 - Startup: html2pop3.lnk = C:\Documents and Settings\Patrizia\Desktop\software\html2pop3232win 32\html2pop3.exe
O4 - Global Startup: Controllo dello stato.lnk = C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://F:\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open PDF in Word (PDF Converter 2.0) - res://C:\Programmi\ScanSoft\PDF Converter 2.0 Professional\PDFConv\IEShellExt.dll /100
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Programmi\Crawler\ctbr.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - F:\elements 4\PhotoshopElementsFileAgent.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/) - C:\WINDOWS\system32\HDDSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPD F\SolidPdfService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Programmi\Viewpoint\Common\ViewpointService.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
questo, invece è il log file di Virtumundo:
[02/12/2008, 8:58:28] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Patrizia\Desktop\avg\spy\VirtumundoBeGone .exe" )
[02/12/2008, 8:58:34] - Detected System Information:
[02/12/2008, 8:58:34] - Windows Version: 5.1.2600, Service Pack 2
[02/12/2008, 8:58:34] - Current Username: Patrizia (Admin)
[02/12/2008, 8:58:34] - Windows is in NORMAL mode.
[02/12/2008, 8:58:34] - Searching for Browser Helper Objects:
[02/12/2008, 8:58:34] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Supporto di collegamento per Adobe PDF Reader)
[02/12/2008, 8:58:34] - BHO 2: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} ()
[02/12/2008, 8:58:34] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/12/2008, 8:58:34] - Checking for HKLM\...\Winlogon\Notify\ctbr
[02/12/2008, 8:58:34] - Key not found: HKLM\...\Winlogon\Notify\ctbr, continuing.
[02/12/2008, 8:58:34] - BHO 3: {259F616C-A300-44F5-B04A-ED001A26C85C} (Solid Converter PDF)
[02/12/2008, 8:58:34] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[02/12/2008, 8:58:34] - BHO 5: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/12/2008, 8:58:34] - BHO 6: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/12/2008, 8:58:34] - Finished Searching Browser Helper Objects
[02/12/2008, 8:58:34] - Finishing up...
[02/12/2008, 8:58:34] - Nothing found! Exiting...
per favore AIUTO!!!!
Rispondi quotando
