Ho problemi con internet...mi si aggiorna sempre la pagina web...non si vedono le immagini jpeg e gif questo e' il log chi puo' controllarlo...grazie
Logfile of HijackThis v1.98.2
Scan saved at 12.05.29, on 25/11/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAMMI\CHECKPOINT\SECUREMOTE\BIN\SR_WATCHDOG.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAMMI\CHECKPOINT\SECUREMOTE\BIN\SR_SERVICE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\KHOOKER.EXE
C:\WINDOWS\MIXER.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\LOGITECH\ITOUCH\ITOUCH.EXE
C:\PROGRAMMI\FILEZILLA SERVER\FILEZILLA SERVER.EXE
C:\PROGRAMMI\FILEZILLA SERVER\FILEZILLA SERVER INTERFACE.EXE
C:\PROGRAMMI\CHECKPOINT\SECUREMOTE\BIN\SR_GUI.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAMMI\MICROSOFT ACTIVESYNC\WCESCOMM.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAMMI\MICROSOFT OFFICE\OFFICE\OUTLOOK.EXE
C:\PROGRAMMI\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PTW525\PT525.EXE
C:\PTW525\PT525.EXE
C:\DOCUMENTI\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=10.35.2.30:8000
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\SYSTEM\khooker.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [Remote Access] rnaapp.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [FileZilla Server] "C:\Programmi\FileZilla Server\FileZilla Server.exe" /compat /start
O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Programmi\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [AVGCtrl] C:\PROGRAMMI\AVPERSONAL\AVGCTRL.EXE /min
O4 - HKLM\..\Run: [VERBATIM STORE 'N' G] c:\programmi\verbatim store n go\verbatim store 'n' go.exe sys_auto_run C:\Programmi\Verbatim Store N Go
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [WinVNC] "C:\PROGRAMMI\TIGHTVNC\WINVNC.EXE" -service
O4 - HKLM\..\RunServices: [SR_Service] C:\Programmi\CheckPoint\SecuRemote\bin\SR_Watchdog.exe
O4 - HKLM\..\RunServices: [PersFw] C:\Programmi\Tiny Personal Firewall\persfw.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRAMMI\MICROSOFT ACTIVESYNC\WCESCOMM.EXE"
O4 - Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Startup: DpeInstaller.lnk = C:\Programmi\DpeInstaller\DpeInstaller.exe
O9 - Extra button: Crea preferiti portatile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INETREPL.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Unknown file in Winsock LSP: c:\windows\system\pws2dnet.wsp
O10 - Unknown file in Winsock LSP: c:\windows\system\pws2dnet.wsp
O10 - Unknown file in Winsock LSP: c:\windows\system\pws2dnet.wsp
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/20011223/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://sc.communities.msn.com/controls/chat/msnchat45.cab
O16 - DPF: ChatSpace Full Java Client 3.1.0.229 - http://surechat.com:9000/Java/cfs31229.cab
O16 - DPF: {48C20DEE-B00A-11D4-9B2F-0060975D990E} (Hi2Lobby Class) - http://62.27.8.33/lobby/atlclient.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://cs8.chat.sc5.yahoo.com/v45/yacscom.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) - http://ww3.atlanteitaliano.it/ecwplugins/ncs.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = tin.it
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 151.99.125.2,151.99.125.3
O18 - Filter: text/html - {FB1210A0-0EA8-11D9-83FD-545543445200} - C:\WINDOWS\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\V0.26.DAT

Ciao taurus,
esegui queste operazioni

riavvia in modalità provvisoria, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=344&SH=N

apri HIJAC THIS ed elimina come indicato in questo articolo
http://www.aiutamici.com/software/descrizione.asp?CodSw=1175
le righe che seguono, se le righe non compaiono in modalità provvisoria, eliminale dalla modalità normale

==================================
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=10.35.2.30:8000
-
O4 - HKLM\..\Run: [VERBATIM STORE 'N' G] c:\programmi\verbatim store n go\verbatim store 'n' go.exe sys_auto_run C:\Programmi\Verbatim Store N Go
-
O4 - HKLM\..\RunServices: [WinVNC] "C:\PROGRAMMI\TIGHTVNC\WINVNC.EXE" -service
-
O4 - Startup: DpeInstaller.lnk = C:\Programmi\DpeInstaller\DpeInstaller.exe
-
O10 - Unknown file in Winsock LSP: c:\windows\system\pws2dnet.wsp
O10 - Unknown file in Winsock LSP: c:\windows\system\pws2dnet.wsp
O10 - Unknown file in Winsock LSP: c:\windows\system\pws2dnet.wsp
-
O16 - DPF: {48C20DEE-B00A-11D4-9B2F-0060975D990E} (Hi2Lobby Class) - http://62.27.8.33/lobby/atlclient.cab
-
O18 - Filter: text/html - {FB1210A0-0EA8-11D9-83FD-545543445200} - C:\WINDOWS\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\V0.26.DAT
==================================

con la funzione TROVA di windows, cerca ed elimina i seguenti file

==================================
verbatim store 'n' go.exe
WINVNC.EXE
DpeInstaller.exe
pws2dnet.wsp
V0.26.DAT
==================================

al termine utilizza i programma AD-AWARE e SPYBOT indicati in questo articolo
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=388&SH=N

fai una scansione antivirus sempre in modalità provvisoria.

---

Collaboratore Aiutamici

Esattamente quali sono i problemi?

In che senso si aggiorna sempre la pagina web?

Se non si vedono le immagini, vai nel menu di Internet Explorer - STRUMENTI - OPZIONI INTERNET - AVANZATE - e qui spunta la voce MOSTRA IMMAGINI altrimenti prova a svuotare la cartella dei file temporanei e dei cookies.

---

Collaboratore Aiutamici