| Autore |
 Discussione  |
|
Er-Gladiatore
Advanced Member
Cittā: Roma
2540 Messaggi |
 Inserito il - 29/11/2005 : 18:52:50
|
Allora Bart disinstalla Norton e mettiti Antivir PE.
Antivir PE č un eccellente Antivirus gratuito, ha il controllo real time (Tempo Reale) e gli aggiornamenti.
La velocitā č pari a quella del famoso NOD32 ed occupa pochissime risorse di sistema (A differenza del Norton che impalla il PC  ).
Installato Antivir riavvia ed antra in modalitā provissaria (Premendo ripetutamente F8 all'avvio del Sistema), da qui lancia una scansione con:
Antivir PE htt*://[www].filehippo[.com]/download_antivir.html
Ad-aware SE htt*://[www].pianetapc.it/downloads.php?id=15 (AntiSpy)
SpyBot S&D htt*://[www].pianetapc.it/downloads.php?id=17 (AntiSpy)
Elite Toolbar Remover htt*://[www].simplytech.it/ETRemover/ETRemover_v212.zip (Non vā installato [AntiMalware])
Ora sempre da provissoria pulisci il tuo registro con:
Clean System 1.7 htt*://[www].theabsolute.net/sware/files/clnsysdr.zip (Non vā installato)
RegSeeker htt*://[www].pianetapc.it/downloads.php?id=96 (Non vā installato)
Clean System ti ripulisce il registro da .DLL inutili.
Ora riavvia e posta un'altro log di Hijacklist (Non dalla provvisoria).
|
 |
|
|
Bart
Senior Member
Cittā: Castellammare di Stabia
110 Messaggi |
Inserito il - 30/11/2005 : 14:01:43
|
ma norton non e l'antivirus e norton ghost il ripristino di immagini capito come antivirus cio nod32
|
|
|
|
Er-Gladiatore
Advanced Member
Cittā: Roma
2540 Messaggi |
Inserito il - 30/11/2005 : 16:31:58
|
Scusa mi ero confuso.
Fai quello che ti ho detto levando antivir PE. |
|
|
|
Bart
Senior Member
Cittā: Castellammare di Stabia
110 Messaggi |
 Inserito il - 01/12/2005 : 15:53:30
|
ho fatto tutto quello che mi hai detto e questo e il risultato
Logfile of HijackThis v1.99.1
Scan saved at 15.50.59, on 01/12/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Programmi\Executive Software\Diskeeper\DkService.exe
G:\WINDOWS\System32\GEARSec.exe
G:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe
G:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
G:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe
G:\Programmi\Eset\nod32krn.exe
G:\Programmi\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
G:\WINDOWS\System32\nvsvc32.exe
G:\Programmi\Prevx Home\PXAgent.exe
G:\WINDOWS\Explorer.EXE
G:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe
G:\WINDOWS\SOUNDMAN.EXE
G:\Programmi\SlySoft\CloneCD\CloneCDTray.exe
G:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
G:\Programmi\Symantec\Norton Ghost\Agent\GhostTray.exe
G:\Programmi\Eset\nod32kui.exe
G:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
G:\WINDOWS\System32\rundll32.exe
G:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
G:\Programmi\Winamp\winampa.exe
G:\Programmi\Prevx Home\SAGUI.exe
G:\Programmi\MSN Messenger\msnmsgr.exe
G:\WINDOWS\System32\wuauclt.exe
G:\Programmi\ARESCOM\Modem Telindus Arescom ND220\dslmon.exe
G:\Programmi\SpeedFan\speedfan.exe
G:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
G:\Programmi\eMule\eMule.exe
G:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
G:\PROGRA~1\DVDIDL~1\DVDIdlePro.exe
G:\Programmi\Winamp\Winamp.exe
G:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\Rar$EX00.281\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = htt*://g.msn.it/0SEITIT/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = htt*://[www].virgilio.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CloneCDTray] "G:\Programmi\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualCloneDrive] "G:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Norton Ghost 9.0] G:\Programmi\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [nod32kui] G:\Programmi\Eset\nod32kui.exe /WAITSERVICE
O4 - HKLM\..\Run: [RemoteControl] G:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AnyDVD] G:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "G:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [WinampAgent] G:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [PrevxHome] G:\Programmi\Prevx Home\SAGUI.exe
O4 - HKCU\..\Run: [msnmsgr] "G:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: SpeedFan.lnk = G:\Programmi\SpeedFan\speedfan.exe
O4 - Startup: Stardock ObjectDock.lnk = G:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: Y'z ToolBar.lnk = G:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = G:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programmi\Messenger\MSMSGS.EXE
O15 - Trusted Zone: [www].archiviosex.net
O15 - Trusted Zone: [www].redfunny[.com]
O15 - Trusted Zone: [www].skymasters.biz
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - htt*://messenger.zone.msn[.com]/binary/msgrchkr .cab31267 .cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - htt*://messenger.zone.msn[.com]/binary/MessengerStatsPAClient .cab31267 .cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - htt*://messenger.zone.msn[.com]/binary/MessengerStatsClient .cab31267 .cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - htt*://messenger.msn[.com]/download/MsnMessengerSetupDownloader .cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - htt*://messenger.zone.msn[.com]/binary/ZIntro .cab32846 .cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - htt*://c6[.com]munity.virgilio.it/download/DownloaderActiveX .cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - htt*://messenger.zone.msn[.com]/binary/Chess .cab31267 .cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - htt*://messenger.zone.msn[.com]/binary/SolitaireShowdown .cab31267 .cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{007610F8-EDE0-44F2-8B1C-9FC059443BF7}: NameServer = 85.37.17.11 151.99.125.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{007610F8-EDE0-44F2-8B1C-9FC059443BF7}: NameServer = 85.37.17.11 151.99.125.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "G:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - G:\Programmi\Executive Software\Diskeeper\DkService.exe
O23 - Service: GEARSecurity - GEAR Software - G:\WINDOWS\System32\GEARSec.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - G:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - G:\Programmi\Eset\nod32krn.exe
O23 - Service: Norton Ghost - Symantec Corporation - G:\Programmi\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Prevx Agent (PrevxAgent) - Unknown owner - G:\Programmi\Prevx Home\PXAgent.exe" -f (file missing)
PS non mi sta apparendo piu quello finistra e credo mi abbiamo risolto il problema e grazie di tutto alla prossima |
|
|
|
Er-Gladiatore
Advanced Member
Cittā: Roma
2540 Messaggi |
Inserito il - 01/12/2005 : 16:02:50
|
Ti piacerebbe avere un PC pulito,ma purtroppo č ancora Zozzo
Ora riavvia in modalitā provissaria,apri Hijackthis e fixa questi:
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINDOWS\System32\msdxm.ocx
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programmi\Messenger\MSMSGS.EXE
O15 - Trusted Zone: [www].archiviosex.net
O15 - Trusted Zone: [www].redfunny[.com]
O15 - Trusted Zone: [www].skymasters.biz
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - htt*://messenger.zone.msn[.com]/binary/msgrchkr .cab31267 .cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - htt*://messenger.zone.msn[.com]/binary/MessengerStatsPAClient .cab31267 .cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - htt*://messenger.zone.msn[.com]/binary/MessengerStatsClient .cab31267 .cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - htt*://messenger.msn[.com]/download/MsnMessengerSetupDownloader .cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - htt*://messenger.zone.msn[.com]/binary/ZIntro .cab32846 .cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - htt*://c6[.com]munity.virgilio.it/download/DownloaderActiveX .cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - htt*://messenger.zone.msn[.com]/binary/Chess .cab31267 .cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - htt*://messenger.zone.msn[.com]/binary/SolitaireShowdown .cab31267 .cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "G:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Prevx Agent (PrevxAgent) - Unknown owner - G:\Programmi\Prevx Home\PXAgent.exe" -f (file missing)
Dopo di che riposta un nuovo log che dovrebbe essere pulito
Ciao
|
Modificato da - Er-Gladiatore in data 01/12/2005 16:03:58 |
|
|
|
Bart
Senior Member
Cittā: Castellammare di Stabia
110 Messaggi |
Inserito il - 06/12/2005 : 13:56:48
|
| alla fine o risolto il problema e grazie di essermi stavo dietro grazie e alla prossima |
|
|
|
Discussione |
|
Bear Share
Forum Bloccato
