|
| Precedente :: Successivo |
| Autore |
Messaggio |
enricozzo
Mortale pio
Registrato: 17/05/07 22:07
Messaggi: 21
|
 Inviato: 17 Mag 2007 22:20 Oggetto: SPYWARE DEL CA**O |
 |
|
Ciao a tutti,
ho un problema con il mio computer portatile acquistato da poco(un hp pavillion con 2 gb di ram e un centrino duo2 1,66 gh )..
Fino a poco tempo fa avevo la versione freeware di avg...da un paio di giorni ho installato la versione completa e dopo una scansione completa ha trovato qualcosa come 180 tra spyware,trojan e cookies indesiderati..
dopo quella scansione ne ho fatte altre 2 e ogni volta mi trova comee minimo una 10 di spyware..
E' una cosa normale? Devo preoccuparmi?
Inoltre mi sembra che il pc nn va più come all'inizio...mi sembra abbastanza impallato...è dovuto a 'sti spyware?
AIUTO...
 |
|
| Top |
|
 |
kevin
Moderatore Caffè dell'Olimpo
Registrato: 08/02/07 10:52
Messaggi: 15785
Residenza: Qui se guardi da lì
|
| Inviato: 18 Mag 2007 08:34 Oggetto: |
|
|
bel titolo! 
(  ) |
|
| Top |
|
|
Orange
Dio maturo
Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
|
| Inviato: 18 Mag 2007 08:41 Oggetto: |
|
|
| kevin ha scritto: | bel titolo!
( ) |
già.....
enricozzo comincia con postare il log di HJT. |
|
| Top |
|
|
enricozzo
Mortale pio
Registrato: 17/05/07 22:07
Messaggi: 21
|
| Inviato: 18 Mag 2007 12:32 Oggetto: |
|
|
Ciao ragà 
grazie di avermi preso in considerazione.....
posto di seguito il log di hjt:
Logfile of HijackThis v1.99.1
Scan saved at 12.25.14, on 18/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Sygate\SPF\smc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\HP\QuickPlay\QPService.exe
C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
C:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Programmi\Windows Media Player\WMPNSCFG.exe
C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Programmi\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Enrico\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=28809
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ohb - {999A06FF-10EF-4A29-8640-69E99882C26B} - C:\WINDOWS\system32\rtneg3.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Programmi\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Programmi\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmi\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio rapido HP Photosmart Premier.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = C:\Programmi\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?44dd358ce36247fa9c10d41d2445a705
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?44dd358ce36247fa9c10d41d2445a705
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=IT_IT&c=64&bd=pavilion&pf=laptop
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA24B9CF-8B8E-461B-824C-7F2ED9580030}: NameServer = 85.37.17.11 85.38.28.69
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programmi\Sygate\SPF\smc.exe
io nn ci capisco na mazza aiutatemi voi 
grazie ancora |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 18 Mag 2007 13:17 Oggetto: |
|
|
Disabilita il ripristino configurazione di sistema e avvia in modalità provvisoria. Qui trovi come fare.
Avvia hjt e clicca su do a system scan only
metti il segno di spunta alle voci seguenti:
| Citazione: | O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ohb - {999A06FF-10EF-4A29-8640-69E99882C26B} - C:\WINDOWS\system32\rtneg3.dll (file missing)
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
|
clicca su fix checked
riavvia il pc e riposta un log aggiornato di hjt. |
|
| Top |
|
|
enricozzo
Mortale pio
Registrato: 17/05/07 22:07
Messaggi: 21
|
| Inviato: 18 Mag 2007 14:33 Oggetto: |
|
|
Grazie ragà...
posto qui il log aggiornato:
Logfile of HijackThis v1.99.1
Scan saved at 14.27.35, on 18/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Sygate\SPF\smc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\HP\QuickPlay\QPService.exe
C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
C:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Programmi\Windows Media Player\WMPNSCFG.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmi\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\Enrico\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=28809
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Programmi\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Programmi\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmi\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio rapido HP Photosmart Premier.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = C:\Programmi\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?44dd358ce36247fa9c10d41d2445a705
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?44dd358ce36247fa9c10d41d2445a705
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=IT_IT&c=64&bd=pavilion&pf=laptop
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programmi\Sygate\SPF\smc.exe
Una domanda...
Riattivo il ripristino configurazione di sistema?
Grazie ancora saluti e baci |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 18 Mag 2007 15:06 Oggetto: |
|
|
Ora il log sembra pulito.
Ti sembra che il pc abbia ancora problemi?
Se vuoi, puoi riattivare il ripristino configurazione di sistema. |
|
| Top |
|
|
enricozzo
Mortale pio
Registrato: 17/05/07 22:07
Messaggi: 21
|
| Inviato: 18 Mag 2007 16:17 Oggetto: |
|
|
Ciao BDoriano,
il pc sembra abbastanza in forma...
persiste il problema degli spyware...l'ultima scansione con avg ne ha trovati 31....
è normale? 
come posso risolvere il problema??
puoi darmi na mano?
grazie ancora |
|
| Top |
|
|
alessandro.polo
Dio maturo
Registrato: 17/02/07 19:08
Messaggi: 2043
Residenza: Al di sotto di Zeus Thor e Anubis
|
| Inviato: 18 Mag 2007 17:20 Oggetto: Re: SPYWARE DEL CA**O |
|
|
| enricozzo ha scritto: | dopo quella scansione ne ho fatte altre 2 e ogni volta mi trova come minimo 10 di spyware..
E' una cosa normale? Devo preoccuparmi? |
dovresi, sono un tantino sopra la media dose di spyware annui (gli spyware sono piùttosto rari) |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 18 Mag 2007 17:27 Oggetto: |
|
|
Quindi è AVG che li rileva.
Potresti postare un log di AVG con l'elenco degli spyware che ha trovato e la relativa posizione?
edit: dimenticavo, prima prova a fare una pulizia con ATFCleaner. |
|
| Top |
|
|
enricozzo
Mortale pio
Registrato: 17/05/07 22:07
Messaggi: 21
|
| Inviato: 18 Mag 2007 18:16 Oggetto: |
|
|
Bdoriano ti posto l'elenco di amici che avg mi rileva quotidianamente...
Adware Generic.AJJ
Adware Generic.AJJ
Adware Generic.GOP
Adware Generic.RRX
Adware Generic.RRX
Adware.Begin2Search Famiglia
Adware.Begin2Search Famiglia
Adware.Begin2Search Famiglia
Adware.Begin2Search Famiglia
Adware.Begin2Search Famiglia
Adware.Begin2Search Famiglia
Adware.Begin2Search Famiglia
Adware.Begin2Search Famiglia
Adware.Begin2Search Famiglia
Backdoor.Ciadoor.13
Backdoor.Ciadoor.13
Cavallo di troia Generic.VDT
Cavallo di troia Generic.VDT
Cavallo di troia Generic.VDU
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.2o7
TrackingCookie.Abcsearch
TrackingCookie.Adbrite
TrackingCookie.Adbrite
TrackingCookie.Adengage
TrackingCookie.Adrevolver
TrackingCookie.Adrevolver
TrackingCookie.Adrevolver
TrackingCookie.Adtech
TrackingCookie.Advertising
TrackingCookie.Atdmt
TrackingCookie.Atdmt
TrackingCookie.Atdmt
TrackingCookie.Atdmt
TrackingCookie.Atdmt
TrackingCookie.Atdmt
TrackingCookie.Casalemedia
TrackingCookie.Casalemedia
TrackingCookie.Casalemedia
TrackingCookie.Casalemedia
TrackingCookie.Casalemedia
TrackingCookie.Clickhype
TrackingCookie.Clickzs
TrackingCookie.Clickzs
TrackingCookie.Clickzs
TrackingCookie.Com
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Connextra
TrackingCookie.Coremetrics
TrackingCookie.Doubleclick
TrackingCookie.Doubleclick
TrackingCookie.Doubleclick
TrackingCookie.Doubleclick
TrackingCookie.Doubleclick
TrackingCookie.Estat
TrackingCookie.Fastclick
TrackingCookie.Gemius
TrackingCookie.Hitbox
TrackingCookie.Hitbox
TrackingCookie.Imrworldwide
TrackingCookie.Information
TrackingCookie.Masterstats
TrackingCookie.Mediaplex
TrackingCookie.Mediaplex
TrackingCookie.Mediaplex
TrackingCookie.Netflame
TrackingCookie.Paypal
TrackingCookie.Planetactive
TrackingCookie.Pointroll
TrackingCookie.Pointroll
TrackingCookie.Pointroll
TrackingCookie.Real
TrackingCookie.Real
TrackingCookie.Real
TrackingCookie.Real
TrackingCookie.Real
TrackingCookie.Real
TrackingCookie.Real
TrackingCookie.Real
TrackingCookie.Realmedia
TrackingCookie.Reliablestats
TrackingCookie.Reliablestats
TrackingCookie.Reliablestats
TrackingCookie.Reliablestats
TrackingCookie.Reliablestats
TrackingCookie.Reliablestats
TrackingCookie.Reliablestats
TrackingCookie.Reliablestats
TrackingCookie.Reliablestats
TrackingCookie.Revenue
TrackingCookie.Revsci
TrackingCookie.Revsci
TrackingCookie.Revsci
TrackingCookie.Revsci
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Serving-sys
TrackingCookie.Sexcounter
TrackingCookie.Sexcounter
TrackingCookie.Sexcounter
TrackingCookie.Sexcounter
TrackingCookie.Sexcounter
TrackingCookie.Sexcounter
TrackingCookie.Sexcounter
TrackingCookie.Sextracker
TrackingCookie.Specificclick
TrackingCookie.Specificclick
TrackingCookie.Specificclick
TrackingCookie.Specificclick
TrackingCookie.Statcounter
TrackingCookie.Statcounter
TrackingCookie.Statcounter
TrackingCookie.Statcounter
TrackingCookie.Statcounter
TrackingCookie.Tacoda
TrackingCookie.Tacoda
TrackingCookie.Tradedoubler
TrackingCookie.Tradedoubler
TrackingCookie.Tradedoubler
TrackingCookie.Tradedoubler
TrackingCookie.Tradedoubler
TrackingCookie.Tribalfusion
TrackingCookie.Tribalfusion
TrackingCookie.Webtrends
TrackingCookie.Webtrends
TrackingCookie.Yieldmanager
TrackingCookie.Yieldmanager
TrackingCookie.Yieldmanager
TrackingCookie.Yieldmanager
TrackingCookie.Zedo
TrackingCookie.Zedo
TrackingCookie.Zedo
TrackingCookie.Zedo
TrackingCookie.Zedo
TrackingCookie.Zedo
TrackingCookie.Zedo
TrackingCookie.Zedo
TrackingCookie.Zedo
TrackingCookie.Zedo
TrackingCookie.Zedo
Trojan.Small
TI volevo chiedere poi come devo usare ATFCleaner...cosa devo selezionare nell'elenco?
Fammi sapere
Grazie ancora |
|
| Top |
|
|
enricozzo
Mortale pio
Registrato: 17/05/07 22:07
Messaggi: 21
|
| Inviato: 18 Mag 2007 18:20 Oggetto: |
|
|
Mi ero dimenticato di postarti anche la posizione di sti cosi...
C:\WINDOWS\system32\rtneg3.dll
C:\System Volume Information\_restore{24E79716-F0B0-4755-B863-29B97FEC1C3C}\RP113\A0012837.dll
C:\System Volume Information\_restore{24E79716-F0B0-4755-B863-29B97FEC1C3C}\RP76\A0008261.exe
C:\System Volume Information\_restore{24E79716-F0B0-4755-B863-29B97FEC1C3C}\RP114\A0013015.exe
C:\Programmi\DAEMON Tools\SetupDTSB.exe
Registro di sistema HKLM\SOFTWARE\Classes\
Registro di sistema HKLM\SOFTWARE\Classes\
Registro di sistema HKLM\SOFTWARE\Classes\
Registro di sistema HKU\S-1-5-21-1132519724-591023158-329742161-1005\Software\
Registro di sistema HKLM\SOFTWARE\Classes\
Registro di sistema HKLM\SOFTWARE\Classes\
Registro di sistema HKLM\SOFTWARE\Classes\
Registro di sistema HKLM\SOFTWARE\Classes\
Registro di sistema HKLM\SOFTWARE\Classes\
C:\Programmi\MagicISO\MagicISO.exe
C:\System Volume Information\_restore{24E79716-F0B0-4755-B863-29B97FEC1C3C}\RP114\A0013016.exe
G:\copy.exe
G:\copy.exe
G:\host.exe
C:\Documents and Settings\Enrico\Cookies\enrico@msnportal.112.2o7[1].txt
C:\Documents and Settings\Enrico\Cookies\enrico@msnaccountservices.112.2o7[1].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Cookies\enrico@msnportal.112.2o7[1].txt
C:\Documents and Settings\Enrico\Cookies\enrico@2o7[2].txt
C:\Documents and Settings\Enrico\Cookies\enrico@msnportal.112.2o7[1].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Cookies\enrico@2o7[1].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Cookies\enrico@atdmt[2].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Cookies\enrico@atdmt[2].txt
C:\Documents and Settings\Enrico\Cookies\enrico@atdmt[2].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Cookies\enrico@doubleclick[2].txt
C:\Documents and Settings\Enrico\Cookies\enrico@doubleclick[1].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Cookies\enrico@mediaplex[1].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Cookies\enrico@realguide.real[1].txt
C:\Documents and Settings\Enrico\Cookies\enrico@real[1].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Cookies\enrico@realmedia[1].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Cookies\enrico@stats1.reliablestats[1].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Cookies\enrico@serving-sys[1].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Cookies\enrico@serving-sys[2].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Cookies\enrico@bs.serving-sys[2].txt
C:\Documents and Settings\Enrico\Cookies\enrico@bs.serving-sys[1].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Cookies\enrico@tradedoubler[1].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Cookies\enrico@ad.yieldmanager[1].txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt
C:\System Volume Information\_restore{24E79716-F0B0-4755-B863-29B97FEC1C3C}\RP86\A0011229.exe
Grazie ancora |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 18 Mag 2007 18:45 Oggetto: |
|
|
La maggior parte sono cookies lasciati dai siti visitati e ce n'è qualcuno nel ripristino configurazione di sistema.
Per l'utilizzo di ATF Cleaner:
clicca su Select All
e poi togli il segno di spunta a Recycle Bin (per non svuotare il cestino).
clicca su Empty Selected.
Adesso azzera la cache del ripristino configurazione di sistema.
Vedo che il nostro amico rtneg3.dll è ancora in giro
Scarica killbox ed eseguilo, seleziona delete on reboot
inserisci il nome del file
C:\WINDOWS\system32\rtneg3.dll
e clicca sul pallino rosso
Riavvia il pc e rifai il log di hjt |
|
| Top |
|
|
enricozzo
Mortale pio
Registrato: 17/05/07 22:07
Messaggi: 21
|
| Inviato: 18 Mag 2007 19:05 Oggetto: |
|
|
Scusa per l'ignoranza....forse ti sto scocciando troppo...
ma cosa vuol dire:
azzera la cache del ripristino configurazione di sistema?????
Fammi sapere...
Ma hai idea di cosa possa essere questo rrtneg3.dll??
 |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
|
| Top |
|
|
enricozzo
Mortale pio
Registrato: 17/05/07 22:07
Messaggi: 21
|
| Inviato: 19 Mag 2007 00:10 Oggetto: |
|
|
Grazie dell'aiuto Bdoriano..
Ho fatto tutto quello che mi avevi detto...
Ti posto il log di hjt:
Logfile of HijackThis v1.99.1
Scan saved at 0.05.32, on 19/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Sygate\SPF\smc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\HP\QuickPlay\QPService.exe
C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
C:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Programmi\Windows Media Player\WMPNSCFG.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmi\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
C:\Programmi\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Enrico\Desktop\Utility\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=28809
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Programmi\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Programmi\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmi\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio rapido HP Photosmart Premier.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = C:\Programmi\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?44dd358ce36247fa9c10d41d2445a705
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?44dd358ce36247fa9c10d41d2445a705
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=IT_IT&c=64&bd=pavilion&pf=laptop
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA24B9CF-8B8E-461B-824C-7F2ED9580030}: NameServer = 85.37.17.11 85.38.28.69
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programmi\Sygate\SPF\smc.exe
Tuttappost?
érisolto il problema?
fammi sapere e grazie infinite... |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 19 Mag 2007 09:05 Oggetto: |
|
|
Il log di hjt sembra pulito.
Hai riprovato a fare una scansione con AVG dopo i passaggi che ti ho detto?
Così verifichiamo se trova ancora qualcosa che non gli piace. |
|
| Top |
|
|
enricozzo
Mortale pio
Registrato: 17/05/07 22:07
Messaggi: 21
|
| Inviato: 19 Mag 2007 23:44 Oggetto: |
 |
|
Ciao
scusa se ti rispondo solo ora ma sono stato un po preso da altre cose
grazie ancora per l'infinita pazienza che stai avendo con me sei davvero una persona capace e disponibile 
cmq ho fatto tutto quello che mi hai detto l'ultima scansione con avg mi ha rilevato una trentina di cookie
te li posto..
Riepilogo oggetti,""
Esaminato/i,"82534"
Minacce rilevate,"33"
Ripulito/i,"0"
Spostato/i in Quarantena,"33"
Eliminato/i,"0"
Errore/i,"0"
TrackingCookie.Doubleclick Famiglia,"TrackingCookie.Doubleclick","Famiglia di spyware"
TrackingCookie.Mediaplex Famiglia,"TrackingCookie.Mediaplex","Famiglia di spyware"
TrackingCookie.247realmedia Famiglia,"TrackingCookie.247realmedia","Famiglia di spyware"
TrackingCookie.Netflame Famiglia,"TrackingCookie.Netflame","Famiglia di spyware"
TrackingCookie.Connextra Famiglia,"TrackingCookie.Connextra","Famiglia di spyware"
TrackingCookie.Yieldmanager Famiglia,"TrackingCookie.Yieldmanager","Famiglia di spyware"
TrackingCookie.Casalemedia Famiglia,"TrackingCookie.Casalemedia","Famiglia di spyware"
TrackingCookie.Fastclick Famiglia,"TrackingCookie.Fastclick","Famiglia di spyware"
TrackingCookie.Serving-sys Famiglia,"TrackingCookie.Serving-sys","Famiglia di spyware"
TrackingCookie.Atdmt Famiglia,"TrackingCookie.Atdmt","Famiglia di spyware"
:mozilla.6:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.24:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.25:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.26:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.27:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.59:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.65:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.66:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.67:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.68:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.69:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.70:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.71:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.72:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.81:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.82:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.83:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.86:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.87:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.88:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.89:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.90:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.91:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.92:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.93:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.97:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.98:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.99:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.100:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.101:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
:mozilla.102:C:\Documents and Settings\Enrico\Application Data\Mozilla\Firefox\Profiles\qzvdp4si.default\cookies.txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
C:\Documents and Settings\Enrico\Cookies\enrico@atdmt[2].txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
C:\Documents and Settings\Enrico\Cookies\enrico@doubleclick[1].txt,"","Programma Potenzialmente Indesiderato, Spostato in Quarantena"
Grazie ancora per l'aiuto |
|
| Top |
|
|
|
|
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi
|
|
FAQ
Cerca
Lista utenti
Gruppi
Registrati
Profilo
Messaggi privati
Log in
