| Autore |
 Discussione  |
|
Bart
Senior Member
Cittā: Castellammare di Stabia
110 Messaggi |
 Inserito il - 27/11/2005 : 22:51:30
|
|
e cosa mi consigli?? |
 |
|
|
Er-Gladiatore
Advanced Member
Cittā: Roma
2540 Messaggi |
Inserito il - 28/11/2005 : 07:01:20
|
Ti consiglio:
Ad-aware SE htt*://[www].pianetapc.it/downloads.php?id=15 (AntiSpy)
SpyBot S&D htt*://[www].pianetapc.it/downloads.php?id=17 (AntiSpy)
Sono tutti e due ottimi prodotti free.
P.S
Fammi sapere |
|
|
|
Bart
Senior Member
Cittā: Castellammare di Stabia
110 Messaggi |
 Inserito il - 28/11/2005 : 21:07:42
|
| li ho scaricati e anche installati e aggiornati non ho concluso niente il problema c'e ancora esce sempre il dialer cosa posso fare aiutatemi vi prego |
|
|
|
Er-Gladiatore
Advanced Member
Cittā: Roma
2540 Messaggi |
Inserito il - 28/11/2005 : 21:22:16
|
Scansiona con questo: Elite Toolbar Remover htt*://[www].simplytech.it/ETRemover/ETRemover_v212.zip (Non vā installato [AntiMalware])
Se ancora non hai risolto postaci un log di Hijackthis:
Hijackthis htt*://[www].download[.com]/HijackThis/3000-8022_4-10379544.html?tag=lst-0-1 (Non vā installato) |
|
|
|
Er-Gladiatore
Advanced Member
Cittā: Roma
2540 Messaggi |
Inserito il - 28/11/2005 : 21:23:29
|
| Cosa ti esce? Che finestra?All'avvio di Windows? |
|
|
|
Bart
Senior Member
Cittā: Castellammare di Stabia
110 Messaggi |
Inserito il - 29/11/2005 : 16:56:46
|
| non e una finestra che esce all'inizio ma esce ogni tanto all'improvviso e dice private zone se sei minorenne hai 30 min di regalo se vuoi accettare fai si altrimenti fai no se io faccio no cmq mi fa accerede alla pagina ho provato con etnremover ma niente l'altro prog non lo so usare se mi potresti spiegare passo passo te ne sarei grado |
|
|
|
Er-Gladiatore
Advanced Member
Cittā: Roma
2540 Messaggi |
Inserito il - 29/11/2005 : 17:02:10
|
Per quanto riguarda Hijackthis basta aprirlo cliccare sulla prima opzione copiare il file che ti esce ed incollarlo sul forum.
Per Elite Toolbar Remover clicca su Scan and Kill malwares. |
|
|
|
Bart
Senior Member
Cittā: Castellammare di Stabia
110 Messaggi |
Inserito il - 29/11/2005 : 17:03:48
|
Logfile of HijackThis v1.99.1
Scan saved at 17.04.01, on 29/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Programmi\Executive Software\Diskeeper\DkService.exe
G:\WINDOWS\System32\GEARSec.exe
G:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe
G:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
G:\Programmi\Eset\nod32krn.exe
G:\Programmi\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
G:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe
G:\WINDOWS\System32\nvsvc32.exe
G:\WINDOWS\Explorer.EXE
G:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe
G:\WINDOWS\SOUNDMAN.EXE
G:\WINDOWS\System32\rundll32.exe
G:\Programmi\SlySoft\CloneCD\CloneCDTray.exe
G:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
G:\Programmi\Symantec\Norton Ghost\Agent\GhostTray.exe
G:\Programmi\Eset\nod32kui.exe
G:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
G:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
G:\Programmi\MSN Messenger\msnmsgr.exe
G:\Programmi\ARESCOM\Modem Telindus Arescom ND220\dslmon.exe
G:\Programmi\SpeedFan\speedfan.exe
G:\Programmi\eMule\eMule.exe
G:\WINDOWS\System32\wuauclt.exe
G:\PROGRA~1\DVDIDL~1\DVDIdlePro.exe
G:\Programmi\Windows Media Player\wmplayer.exe
G:\Programmi\Internet Explorer\IEXPLORE.EXE
G:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\Rar$EX00.375\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = htt*://g.msn.it/0SEITIT/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = htt*://[www].virgilio.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CloneCDTray] "G:\Programmi\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualCloneDrive] "G:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Norton Ghost 9.0] G:\Programmi\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [nod32kui] G:\Programmi\Eset\nod32kui.exe /WAITSERVICE
O4 - HKLM\..\Run: [RemoteControl] G:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AnyDVD] G:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "G:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKCU\..\Run: [msnmsgr] "G:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: SpeedFan.lnk = G:\Programmi\SpeedFan\speedfan.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = G:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programmi\Messenger\MSMSGS.EXE
O15 - Trusted Zone: [www].archiviosex.net
O15 - Trusted Zone: [www].redfunny[.com]
O15 - Trusted Zone: [www].skymasters.biz
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - htt*://messenger.zone.msn[.com]/binary/msgrchkr .cab31267 .cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - htt*://messenger.zone.msn[.com]/binary/MessengerStatsPAClient .cab31267 .cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - htt*://messenger.zone.msn[.com]/binary/MessengerStatsClient .cab31267 .cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - htt*://messenger.msn[.com]/download/MsnMessengerSetupDownloader .cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - htt*://messenger.zone.msn[.com]/binary/ZIntro .cab32846 .cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - htt*://c6[.com]munity.virgilio.it/download/DownloaderActiveX .cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - htt*://messenger.zone.msn[.com]/binary/Chess .cab31267 .cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - htt*://messenger.zone.msn[.com]/binary/SolitaireShowdown .cab31267 .cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{007610F8-EDE0-44F2-8B1C-9FC059443BF7}: NameServer = 85.37.17.11 151.99.125.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{007610F8-EDE0-44F2-8B1C-9FC059443BF7}: NameServer = 85.37.17.11 151.99.125.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "G:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - G:\Programmi\Executive Software\Diskeeper\DkService.exe
O23 - Service: GEARSecurity - GEAR Software - G:\WINDOWS\System32\GEARSec.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - G:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - G:\Programmi\Eset\nod32krn.exe
O23 - Service: Norton Ghost - Symantec Corporation - G:\Programmi\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\System32\nvsvc32.exe
questo e quello che mi esce con hijackthis dopo che devo fare??? |
|
|
|
Er-Gladiatore
Advanced Member
Cittā: Roma
2540 Messaggi |
Inserito il - 29/11/2005 : 17:07:06
|
| L'hai lanciata la scansione con Elite Toolbar Remover? |
|
|
|
Er-Gladiatore
Advanced Member
Cittā: Roma
2540 Messaggi |
Inserito il - 29/11/2005 : 17:10:16
|
Se vuoi usare Explorer almeno aggiornalo all'ultima versione 6.00.2900.2180!
Fixa questi:
O15 - Trusted Zone: [www].skymasters.biz
O15 - Trusted Zone: [www].archiviosex.net
O15 - Trusted Zone: [www].redfunny[.com]
Comunque hai parecchia robaccia all'avvio automatico eliminala con RegSeeker. |
|
|
|
Bart
Senior Member
Cittā: Castellammare di Stabia
110 Messaggi |
Inserito il - 29/11/2005 : 17:10:34
|
Logfile of HijackThis v1.99.1
Scan saved at 17.08.21, on 29/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Programmi\Executive Software\Diskeeper\DkService.exe
G:\WINDOWS\System32\GEARSec.exe
G:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe
G:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
G:\Programmi\Eset\nod32krn.exe
G:\Programmi\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
G:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe
G:\WINDOWS\System32\nvsvc32.exe
G:\WINDOWS\Explorer.EXE
G:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe
G:\WINDOWS\SOUNDMAN.EXE
G:\WINDOWS\System32\rundll32.exe
G:\Programmi\SlySoft\CloneCD\CloneCDTray.exe
G:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
G:\Programmi\Symantec\Norton Ghost\Agent\GhostTray.exe
G:\Programmi\Eset\nod32kui.exe
G:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
G:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
G:\Programmi\MSN Messenger\msnmsgr.exe
G:\Programmi\ARESCOM\Modem Telindus Arescom ND220\dslmon.exe
G:\Programmi\SpeedFan\speedfan.exe
G:\Programmi\eMule\eMule.exe
G:\WINDOWS\System32\wuauclt.exe
G:\PROGRA~1\DVDIDL~1\DVDIdlePro.exe
G:\Programmi\Windows Media Player\wmplayer.exe
G:\Programmi\Internet Explorer\IEXPLORE.EXE
G:\Programmi\BearShare\BearShare.exe
G:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\Rar$EX00.172\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = htt*://g.msn.it/0SEITIT/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = htt*://[www].virgilio.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CloneCDTray] "G:\Programmi\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualCloneDrive] "G:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Norton Ghost 9.0] G:\Programmi\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [nod32kui] G:\Programmi\Eset\nod32kui.exe /WAITSERVICE
O4 - HKLM\..\Run: [RemoteControl] G:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AnyDVD] G:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "G:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKCU\..\Run: [msnmsgr] "G:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: SpeedFan.lnk = G:\Programmi\SpeedFan\speedfan.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = G:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programmi\Messenger\MSMSGS.EXE
O15 - Trusted Zone: [www].archiviosex.net
O15 - Trusted Zone: [www].redfunny[.com]
O15 - Trusted Zone: [www].skymasters.biz
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - htt*://messenger.zone.msn[.com]/binary/msgrchkr .cab31267 .cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - htt*://messenger.zone.msn[.com]/binary/MessengerStatsPAClient .cab31267 .cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - htt*://messenger.zone.msn[.com]/binary/MessengerStatsClient .cab31267 .cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - htt*://messenger.msn[.com]/download/MsnMessengerSetupDownloader .cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - htt*://messenger.zone.msn[.com]/binary/ZIntro .cab32846 .cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - htt*://c6[.com]munity.virgilio.it/download/DownloaderActiveX .cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - htt*://messenger.zone.msn[.com]/binary/Chess .cab31267 .cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - htt*://messenger.zone.msn[.com]/binary/SolitaireShowdown .cab31267 .cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{007610F8-EDE0-44F2-8B1C-9FC059443BF7}: NameServer = 85.37.17.11 151.99.125.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{007610F8-EDE0-44F2-8B1C-9FC059443BF7}: NameServer = 85.37.17.11 151.99.125.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "G:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - G:\Programmi\Executive Software\Diskeeper\DkService.exe
O23 - Service: GEARSecurity - GEAR Software - G:\WINDOWS\System32\GEARSec.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - G:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - G:\Programmi\Eset\nod32krn.exe
O23 - Service: Norton Ghost - Symantec Corporation - G:\Programmi\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\System32\nvsvc32.exe
questo e il risultato di Hijackthis poi che devo fare??
ho fatto la scansione con SpyBot S&D e ho trovato qualcosa e li ho corretti ma mi da sempre la stesso problema..
e una finestra che mi appare l'improvviso e i dici che ho 30 min ad un prezzo speciale per connettermi ma se io rifiuto mi connettere lo stesso |
|
|
|
Er-Gladiatore
Advanced Member
Cittā: Roma
2540 Messaggi |
Inserito il - 29/11/2005 : 17:17:05
|
Secondo me questa roba si puō fixare ma aspetta il parere di qulcun'altro:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = htt*://g.msn.it/0SEITIT/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINDOWS\System32\msdxm.ocx
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - htt*://messenger.zone.msn[.com]/binary/msgrchkr .cab31267 .cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - htt*://messenger.zone.msn[.com]/binary/MessengerStatsPAClient .cab31267 .cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - htt*://messenger.zone.msn[.com]/binary/MessengerStatsClient .cab31267 .cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - htt*://messenger.msn[.com]/download/MsnMessengerSetupDownloader .cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - htt*://messenger.zone.msn[.com]/binary/ZIntro .cab32846 .cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - htt*://messenger.zone.msn[.com]/binary/Chess .cab31267 .cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - htt*://messenger.zone.msn[.com]/binary/SolitaireShowdown .cab31267 .cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "G:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) |
|
|
|
Er-Gladiatore
Advanced Member
Cittā: Roma
2540 Messaggi |
Inserito il - 29/11/2005 : 17:20:45
|
Bart allora:
1)L'hai lanciata la scansione con Elite Toolbar Remover?
2)Scaricati RegSeeker ed elimina un pō di schifezza all'avio automatico.
3)Levati Norton se puoi.
4)Hai navigati su siti "Zozzi" per caso? |
|
|
|
Bart
Senior Member
Cittā: Castellammare di Stabia
110 Messaggi |
Inserito il - 29/11/2005 : 18:02:17
|
Elite Toolbar Remover ha trovato
Deleting: HKEY_CLASSES_ROOT\clsid\{B8BE5E93-A60C-4D26-A2DC-220313175592}
Deleting: HKEY_CLASSES_ROOT\clsid\{B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
poi l'ho fatto il RegSeeker e li ho cancellati tutti ho anche tolto norton, si mi e capitato ultimamente di andare su questi siti per caso poi ho ricontrollato con hijackthis e questo e il risultato:
Logfile of HijackThis v1.99.1
Scan saved at 18.04.15, on 29/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Programmi\Executive Software\Diskeeper\DkService.exe
G:\WINDOWS\System32\GEARSec.exe
G:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe
G:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
G:\Programmi\Eset\nod32krn.exe
G:\Programmi\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
G:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe
G:\WINDOWS\System32\nvsvc32.exe
G:\WINDOWS\Explorer.EXE
G:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe
G:\WINDOWS\SOUNDMAN.EXE
G:\WINDOWS\System32\rundll32.exe
G:\Programmi\SlySoft\CloneCD\CloneCDTray.exe
G:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
G:\Programmi\Eset\nod32kui.exe
G:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
G:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
G:\Programmi\MSN Messenger\msnmsgr.exe
G:\Programmi\ARESCOM\Modem Telindus Arescom ND220\dslmon.exe
G:\Programmi\SpeedFan\speedfan.exe
G:\Programmi\eMule\eMule.exe
G:\WINDOWS\System32\wuauclt.exe
G:\PROGRA~1\DVDIDL~1\DVDIdlePro.exe
G:\Programmi\Windows Media Player\wmplayer.exe
G:\Programmi\Internet Explorer\IEXPLORE.EXE
G:\Programmi\BearShare\BearShare.exe
G:\WINDOWS\System32\wuauclt.exe
G:\WINDOWS\System32\msiexec.exe
G:\Programmi\WinRAR\WinRAR.exe
G:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\Rar$EX00.484\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = htt*://g.msn.it/0SEITIT/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = htt*://[www].virgilio.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CloneCDTray] "G:\Programmi\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualCloneDrive] "G:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Norton Ghost 9.0] G:\Programmi\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [nod32kui] G:\Programmi\Eset\nod32kui.exe /WAITSERVICE
O4 - HKLM\..\Run: [RemoteControl] G:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AnyDVD] G:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "G:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKCU\..\Run: [msnmsgr] "G:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: SpeedFan.lnk = G:\Programmi\SpeedFan\speedfan.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = G:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programmi\Messenger\MSMSGS.EXE
O15 - Trusted Zone: [www].archiviosex.net
O15 - Trusted Zone: [www].redfunny[.com]
O15 - Trusted Zone: [www].skymasters.biz
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - htt*://messenger.zone.msn[.com]/binary/msgrchkr .cab31267 .cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - htt*://messenger.zone.msn[.com]/binary/MessengerStatsPAClient .cab31267 .cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - htt*://messenger.zone.msn[.com]/binary/MessengerStatsClient .cab31267 .cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - htt*://messenger.msn[.com]/download/MsnMessengerSetupDownloader .cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - htt*://messenger.zone.msn[.com]/binary/ZIntro .cab32846 .cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - htt*://c6[.com]munity.virgilio.it/download/DownloaderActiveX .cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - htt*://messenger.zone.msn[.com]/binary/Chess .cab31267 .cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - htt*://messenger.zone.msn[.com]/binary/SolitaireShowdown .cab31267 .cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{007610F8-EDE0-44F2-8B1C-9FC059443BF7}: NameServer = 85.37.17.11 151.99.125.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{007610F8-EDE0-44F2-8B1C-9FC059443BF7}: NameServer = 85.37.17.11 151.99.125.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "G:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - G:\Programmi\Executive Software\Diskeeper\DkService.exe
O23 - Service: GEARSecurity - GEAR Software - G:\WINDOWS\System32\GEARSec.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - G:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - G:\Programmi\Eset\nod32krn.exe
O23 - Service: Norton Ghost - Symantec Corporation - G:\Programmi\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\System32\nvsvc32.exe
poi che devo fare?? |
|
|
|
n/a
deleted
Cittā: Nascosta
1310 Messaggi |
Inserito il - 29/11/2005 : 18:31:38
|
Citazione:
Messaggio inserito da Lollo
scusa non ho capito bene, io uso bearshare ti puoi spiegare meglio ,bearshare purtroppo contiene un sacco di "schifezze" spyware adware e vari programmi mi hanno eliminato bearshare fammi sapere
W il file sharing!
P.S> La risposta ve la siete giā data da soli ai problemi inerenti al programma e al vostro SO. Perchč continuate ad usarlo??! |
|
|
|
Discussione |
|
Bear Share
Forum Bloccato
