Benvenuto Ospite

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » finestre che si aprono in continuazione, reindirizzamenti.. Mi controllate il Log ? grazie

finestre che si aprono in continuazione, reindirizzamenti.. Mi controllate il Log ? grazie

Opzioni

Topic Precedente · Topic Sucessivo

sonia77

Inviato: Friday, July 11, 2014 2:55:37 PM

Rank: Member

Iscritto dal : 9/1/2009
Posts: 16

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22.15.28, on 10/07/2014
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

FIREFOX: 30.0 (it)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\AVAST Software\Avast\AvastSvc.exe
C:\Documents and Settings\All Users\Dati applicazioni\IePluginServices\PluginService.exe
C:\Documents and Settings\All Users\Dati applicazioni\WindowsMangerProtect\ProtectWindowsManager.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\di4BlockAndSurf\di6BlockAndSurfM.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\HP DigitalMedia Archive\DMAScheduler.exe
C:\Programmi\HP\HP Software Update\HPwuSchd2.exe
C:\Programmi\AVAST Software\Avast\AvastUI.exe
C:\Programmi\Canon\MyPrinter\BJMyPrt.exe
C:\Programmi\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\WINDOWS\arservice.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\fst_it_172\fst_it_172.exe
C:\Documents and Settings\HP_Administrator\Impostazioni locali\Dati applicazioni\fst_it_172\upfst_it_172.exe
C:\Programmi\fst_it_193\fst_it_193.exe
C:\Programmi\Spybot - Search & Destroy 2\SDTray.exe
C:\Programmi\di4BlockAndSurf\di0BlockAndSurfyv175.exe
C:\Programmi\Messenger\msmsgs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Programmi\di4BlockAndSurf\BlockAndSurf.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\IBM\Lotus\Symphony\framework\rcp\eclipse\plugins\com.ibm.rcp.base_6.2.3.20110915-1350\win32\x86\symphony.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Programmi\IBM\Lotus\Symphony\framework\shared\eclipse\plugins\com.ibm.symphony.brand.win32_3.0.1.20120110-2000\program\soffice.bin
C:\Programmi\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\focusbase\updatefocusbase.exe
C:\Programmi\focusbase\bin\utilfocusbase.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Programmi\focusbase\bin\focusbase.PurBrowse.exe
C:\Programmi\focusbase\bin\focusbase.BrowserAdapter.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Administrator\Documenti\Download\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1404166427&from=tt4u&uid=SAMSUNGXSP2504C_S09QJ1TLA07094
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1404166427&from=tt4u&uid=SAMSUNGXSP2504C_S09QJ1TLA07094&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://gw.aliceadsl.it/minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1404166427&from=tt4u&uid=SAMSUNGXSP2504C_S09QJ1TLA07094&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rocket-find.com/?f=1&a=rckt_cmi_14_28_ch&cd=2XzuyEtN2Y1L1QzutDtDtCzz0FtAyB0A0Czz0EzztCzyzztAtN0D0Tzu0SzytCzztN1L2XzutBtFtBtCtFtCtCtFtBtN1L1CzutCyEtBzytDyD1V1PtN1L1G1B1V1N2Y1L1Qzu2StD0A0D0FtAyCtAzytG0AtDyEtAtG0CtByDyCtGyBtCtC0EtGyE0BtB0A0A0F0EyByBtAzytC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0DtAtA0A0F0A0AtGyB0B0D0CtGzyyB0FtAtGyCyD0EzztGtDzyzztA0F0C0Czz0DzzyCyC2Q&cr=144594388&ir=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1404166427&from=tt4u&uid=SAMSUNGXSP2504C_S09QJ1TLA07094
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=IT_IT&c=64&bd=PAVILION&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=IT_IT&c=64&bd=PAVILION&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=IT_IT&c=64&bd=PAVILION&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1404166427&from=tt4u&uid=SAMSUNGXSP2504C_S09QJ1TLA07094
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://isearch.omiga-plus.com/web/?type=ds&ts=1404166427&from=tt4u&uid=SAMSUNGXSP2504C_S09QJ1TLA07094&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://isearch.omiga-plus.com/web/?type=ds&ts=1404166427&from=tt4u&uid=SAMSUNGXSP2504C_S09QJ1TLA07094&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Programmi\SupTab\SupTab.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: BlockAndSurf - {932223CA-E363-89BE-9BD1-5CCC44FDE039} - C:\Programmi\di4BlockAndSurf\175.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [DMAScheduler] "c:\Programmi\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Programmi\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Programmi\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Programmi\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Programmi\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [fst_it_172] "C:\Programmi\fst_it_172\fst_it_172.exe"
O4 - HKLM\..\Run: [upfst_it_172.exe] C:\Documents and Settings\HP_Administrator\Impostazioni locali\Dati applicazioni\fst_it_172\upfst_it_172.exe -runhelper
O4 - HKLM\..\Run: [fst_it_180] "C:\Programmi\fst_it_180\fst_it_180.exe"
O4 - HKLM\..\Run: [upfst_it_180.exe] C:\Documents and Settings\HP_Administrator\Impostazioni locali\Dati applicazioni\fst_it_172\upfst_it_180.exe -runhelper
O4 - HKLM\..\Run: [fst_it_193] "C:\Programmi\fst_it_193\fst_it_193.exe"
O4 - HKLM\..\Run: [upfst_it_193.exe] C:\Documents and Settings\HP_Administrator\Impostazioni locali\Dati applicazioni\fst_it_172\upfst_it_193.exe -runhelper
O4 - HKLM\..\Run: [AnyProtect Scanner] "C:\Programmi\AnyProtectEx\AnyProtect.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Programmi\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SymphonyPreLoad] "C:\Programmi\IBM\Lotus\Symphony\framework\shared\eclipse\plugins\com.ibm.symphony.standard.launcher.win32.x86_3.0.1.20120110-2000\IBM Lotus Symphony" -nogui -nosplash
O4 - HKCU\..\Run: [BlockAndSurf] C:\Programmi\di4BlockAndSurf\BlockAndSurf.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O8 - Extra context menu item: &Cerca con Google - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Traduci parola in italiano - res://C:\Programmi\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Link a ritroso - res://C:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pagine simili - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Versione cache della pagina - res://C:\Programmi\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: Alice - {C23187E2-F6AF-4233-A4BA-C22FCAEE6B7D} - http://gw.aliceadsl.it/alice (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://gw.aliceadsl.it/home
O17 - HKLM\System\CCS\Services\Tcpip\..\{410FE0F5-99D6-4818-B8BD-06EBB77831F2}: NameServer = 85.37.17.43 85.38.28.96
O20 - AppInit_DLLs: C:\PROGRA~1\SupTab\SEARCH~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlockAndSurf - Unknown owner - C:\Programmi\di4BlockAndSurf\di0BlockAndSurfyv175.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\Documents and Settings\All Users\Dati applicazioni\IePluginServices\PluginService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Programmi\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Programmi\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Programmi\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Update focusbase - Unknown owner - C:\Programmi\focusbase\updatefocusbase.exe
O23 - Service: Util focusbase - Unknown owner - C:\Programmi\focusbase\bin\utilfocusbase.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\Documents and Settings\All Users\Dati applicazioni\WindowsMangerProtect\ProtectWindowsManager.exe

--
End of file - 12866 bytes

Torna in alto

Sponsor

Inviato: Friday, July 11, 2014 2:55:37 PM

Torna in alto

Utenti presenti in questo topic

Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » finestre che si aprono in continuazione, reindirizzamenti.. Mi controllate il Log ? grazie

Salta al Forum

Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Invia topic via Email

RSS Feed

Watch this topic

Stampa topic

Normale

Threaded