Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » sconnessione adsl

2 pages: [1] 2
sconnessione adsl Opzioni
Topic Precedente · Topic Sucessivo
alfius
Inviato: Friday, May 13, 2005 10:40:58 AM
Rank: Member

Iscritto dal : 11/24/2001
Posts: 2
Salve da stamattina mi capita che si sconnette da solo e se impostato in automatico si riconnette.
Ho letto che qualcuno invia il log, scusate la mia ignoranza non so cosa sia e come si tira fuori .
Grazie se qualcuno ne capisce qualcosa inpiù.
Torna in alto
 
Sponsor
Inviato: Friday, May 13, 2005 10:40:58 AM

 
Torna in alto
 
alfonso
Inviato: Friday, May 13, 2005 11:05:00 AM

Rank: AiutAmico

Iscritto dal : 10/5/2000
Posts: 19,132
Ciao Alfius,
scarica questo programma e leggi le istruzioni
http://www.aiutamici.com/software/descrizione.asp?CodSw=1175
Collaboratore Aiutamici
Torna in alto
 
alfius
Inviato: Friday, May 13, 2005 11:22:57 AM
Rank: Member

Iscritto dal : 11/24/2001
Posts: 2
grazie ci provo prima che mi caccia fuori vi farò sapere
grazie veramente
Torna in alto
 
alfius
Inviato: Friday, May 13, 2005 11:25:55 AM
Rank: Member

Iscritto dal : 11/24/2001
Posts: 2
Ho scoperto dal task manager che è attiva la scheda di rete che prima non lo era
Torna in alto
 
alfius
Inviato: Friday, May 13, 2005 11:28:25 AM
Rank: Member

Iscritto dal : 11/24/2001
Posts: 2
ecco il log
Logfile of HijackThis v1.99.1
Scan saved at 11.28.03, on 13/05/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\SYSTEM32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
E:\Programmi\Alwil Software\Avast4\ashServ.exe
E:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\SYSTEM32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\GSICON.EXE
E:\WINDOWS\system32\dslagent.exe
E:\WINDOWS\soundman.exe
E:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe
E:\Programmi\Microsoft IntelliPoint\point32.exe
E:\Programmi\File comuni\Real\Update_OB\realsched.exe
E:\Programmi\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
E:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
E:\WINDOWS\system32\LVCOMSX.EXE
E:\Programmi\Muiltmedia keyboard utility\KbdAp32A.exe
E:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
E:\Programmi\Logitech\Video\LogiTray.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Programmi\Microsoft ActiveSync\WCESCOMM.EXE
E:\Programmi\Logitech\Video\FxSvr2.exe
E:\PROGRA~1\INCRED~1\bin\IMApp.exe
E:\Programmi\File comuni\Real\Update_OB\rnathchk.exe
c:\winamp.exe
E:\WINDOWS\system32\taskmgr.exe
E:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
E:\Programmi\Alwil Software\Avast4\ashWebSv.exe
E:\Programmi\Internet Explorer\iexplore.exe
E:\Documents and Settings\alfio\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

http://g.msn.it/0SEITIT/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://perso.photos-animaux.com/p22240,FRA.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet

Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -

E:\Programmi\Spybot - Search and Destroy\SDHelper.dll
O2 - BHO: CDllBho Object - {5A5B6916-ED71-4531-8018-E792DD44156E}

- E:\WINDOWS\svchost.dll
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched]

E:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [IntelliPoint] "E:\Programmi\Microsoft

IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [TkBellExe] "E:\Programmi\File

comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PinnacleDriverCheck]

E:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [QuickTime Task]

"E:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CamMonitor]

E:\Programmi\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon]

E:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [ImInstaller_IncrediMail]

E:\DOCUME~1\alfio\IMPOST~1\Temp\ImInstaller\IncrediMail\incredimai

l_install[1].exe -startup -product IncrediMail -skip_dialog

language -skip_dialog info
O4 - HKLM\..\Run: [FLMK08KB] E:\Programmi\Muiltmedia keyboard

utility\MMKEYBD.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] :systemroot:\system32\dumprep

0 -k
O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair]

E:\Programmi\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray]

E:\Programmi\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [JVM0.14] E:\WINDOWS\system32\xdzd.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Programmi\Microsoft

ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [IncrediMail]

E:\Programmi\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [LDM] \ProgramO4 - HKCU\..\Run: [LogitechSoftwareUpdate]

E:\Programmi\Logitech\Video\ManifestEngine.exe boot
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: andAdd animation to IncrediMail Style

Box - E:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

E:\Programmi\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

E:\Programmi\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Crea preferiti portatile -

{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\Programmi\Microsoft

ActiveSync\INetRepl.dll
O9 - Extra button: (no name) -

{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Programmi\Microsoft

ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... -

{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Programmi\Microsoft

ActiveSync\INetRepl.dll
O9 - Extra button: Net2Phone -

{4B30061A-5B39-11D3-80F8-0090276F843F} - http://www.net2phone.com/

(file missing)
O9 - Extra 'Tools' menuitem: Net2Phone -

{4B30061A-5B39-11D3-80F8-0090276F843F} - http://www.net2phone.com/

(file missing)
O9 - Extra button: (no name) -

{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger -

{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

E:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -

{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

E:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

E:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

E:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo

Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -

http://software-dl.real.com/11ead797c43a7e900206/netzip/RdxIE601_i

t.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall

Control) -

http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro

.com/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan

Installer Class) -

http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX

Control) -

https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.

ocx
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier

Class) -

http://help.virgilio.it/helpexpress/files/MotivePreQual.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} -

http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat

Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O17 -

HKLM\System\CCS\Services\Tcpip\..\{A88493D6-8218-4A43-A53F-BB47495

6BB8A}: NameServer = 212.216.112.112 212.216.172.62
O18 - Protocol: bw+0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 -

{9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} -

C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 -

{AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown

owner - E:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -

E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner -

E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner -

E:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner -

E:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file

missing)
O23 - Service: avast! Web Scanner - Unknown owner -

E:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file

missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) -

SEIKO EPSON CORPORATION - E:\Programmi\File

comuni\EPSON\EBAPI\SAgent2.exe
Torna in alto
 
alfonso
Inviato: Friday, May 13, 2005 11:54:18 AM

Rank: AiutAmico

Iscritto dal : 10/5/2000
Posts: 19,132
Ciao ,
esegui queste operazioni

1) Disattiva il ripristino di configurazione, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=257&SH=N

2) riavvia in modalità provvisoria, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=344&SH=N

apri HIJAC THIS ed elimina come indicato in questo articolo
http://www.aiutamici.com/software/descrizione.asp?CodSw=1175
le righe che seguono, (nel caso le righe da eliminare non compaiono in modalità provvisoria, eliminale dalla modalità normale e riavvia il computer).

==================================
O2 - BHO: CDllBho Object - {5A5B6916-ED71-4531-8018-E792DD44156E} - E:\WINDOWS\svchost.dll
-
O4 - HKLM\..\Run: [JVM0.14] E:\WINDOWS\system32\xdzd.exe
-
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - http://www.net2phone.com/ (file missing)
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - http://www.net2phone.com/ (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
-
<font color=red>ELIMINA TUTTE LE VOCI CHE INIZIANO PER --- O18 --- come quella che seque</font id=red>
O18 - Protocol: bw+0 - {AFF7DCBE-0D9B-4F46-A8FB-F76CC5C0F4E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
-
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
==================================

Con la funzione TROVA di Windows, cerca ed elimina questi file,

==================================
svchost.dll
xdzd.exe
==================================

Vai a PANNELLO DI CONTROLLO e clicca su OPZIONI INTERNET
nella finestra che si apre clicca i tre pulsanti
ELIMINA COOKIES - ELIMINA FILE . CANCELLA CRONOOLOGIA


al termine utilizza i programmi AD-AWARE e SPYBOT indicati in questo articolo
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=388&SH=N

sempre in modalità provvisoria fai una scansione Antivirus

quindi riavvia il computer e controlla se il problema e risolto, se e tutto OK riattiva il ripristino configurazione disattivato all'inizio di questa procedura.

Fai un ulteriore controllo Antivirus on line da questo indirizzo per verificare se il tuo antivirus non é infetto
http://security.symantec.com/default.asp?productid=symhome&langid=it&venid=sym

Inoltre devi installare un programma Firewall.
Collaboratore Aiutamici
Torna in alto
 
alfius
Inviato: Friday, May 13, 2005 11:56:26 AM
Rank: Member

Iscritto dal : 11/24/2001
Posts: 2
oh mamma mia...sono sull'altro disco con win 98 perchè non si connetteva più .
copierò tutto e spero di farmi risentire con notizie positive
grazie di tutto
Torna in alto
 
alfius
Inviato: Friday, May 13, 2005 3:31:30 PM
Rank: Member

Iscritto dal : 11/24/2001
Posts: 2
eccomi qui.
Non so allo stato attuale se è tutto ok, pero avast in modalità privvisoria non ha trovato niente mentre in normale appena collegato si
Per quanto riguarda il firewall quello di window allora non serve a niente .
Nel tasmanager c'è sempre l'indicazione che la rete è attiva .
scaricherò immediatamente un firewall da questo sito.
Incrociando le dita sembrerebbe essere più stabile .
Grazie di tutto
Torna in alto
 
alfonso
Inviato: Saturday, May 14, 2005 11:32:47 AM

Rank: AiutAmico

Iscritto dal : 10/5/2000
Posts: 19,132
Per il firewall di windows leggi questo articolo
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=160&SH=N


Prova a fare una scansione antivirus on line da questo indirizzo
http://security.symantec.com/default.asp?productid=symhome&langid=it&venid=sym

se vengono trovati virus e il tuo antivirus non li vede o non riesce a correggere, non ti rimane che formattare e reinstallare tutto.

Antivirus e Firewall gratuiti non offrono la massima protezione, metti qualche soldino da parte e appena possibile acquista un prodotto completo.


Fai un altro log dal sistema aggiornato cosi vediamo se hai eliminato tutto.
Collaboratore Aiutamici
Torna in alto
 
alfius
Inviato: Saturday, May 14, 2005 12:54:51 PM
Rank: Member

Iscritto dal : 11/24/2001
Posts: 2
Eccomi, ho installato zone alarm ; penso di aver capito che la scheda di rete che trova è la connessione 1394 .
Logfile of HijackThis v1.99.1
Scan saved at 12.52.35, on 14/05/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\SYSTEM32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
E:\Programmi\Alwil Software\Avast4\ashServ.exe
E:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\ZoneLabs\vsmon.exe
E:\WINDOWS\SYSTEM32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\GSICON.EXE
E:\WINDOWS\system32\dslagent.exe
E:\WINDOWS\soundman.exe
E:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe
E:\Programmi\Microsoft IntelliPoint\point32.exe
E:\Programmi\File comuni\Real\Update_OB\realsched.exe
E:\Programmi\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
E:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
E:\WINDOWS\system32\LVCOMSX.EXE
E:\Programmi\Muiltmedia keyboard utility\KbdAp32A.exe
E:\Programmi\Logitech\Video\LogiTray.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
E:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
E:\Programmi\Microsoft ActiveSync\WCESCOMM.EXE
E:\Programmi\Logitech\Video\FxSvr2.exe
E:\PROGRA~1\INCRED~1\bin\IMApp.exe
E:\Programmi\File comuni\Real\Update_OB\rnathchk.exe
E:\Programmi\Internet Explorer\iexplore.exe
E:\Programmi\IncrediMail\bin\IncMail.exe
E:\Documents and Settings\alfio\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

http://g.msn.it/0SEITIT/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://perso.photos-animaux.com/p22240,FRA.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet

Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -

E:\Programmi\Spybot - Search and Destroy\SDHelper.dll
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched]

E:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [IntelliPoint] "E:\Programmi\Microsoft

IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [TkBellExe] "E:\Programmi\File

comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PinnacleDriverCheck]

E:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [QuickTime Task]

"E:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CamMonitor]

E:\Programmi\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon]

E:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [ImInstaller_IncrediMail]

E:\DOCUME~1\alfio\IMPOST~1\Temp\ImInstaller\IncrediMail\incredimai

l_install[1].exe -startup -product IncrediMail -skip_dialog

language -skip_dialog info
O4 - HKLM\..\Run: [FLMK08KB] E:\Programmi\Muiltmedia keyboard

utility\MMKEYBD.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] :systemroot:\system32\dumprep

0 -k
O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair]

E:\Programmi\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray]

E:\Programmi\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] "E:\Programmi\Zone

Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Programmi\Microsoft

ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [IncrediMail]

E:\Programmi\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [LDM] \ProgramO4 - HKCU\..\Run: [LogitechSoftwareUpdate]

E:\Programmi\Logitech\Video\ManifestEngine.exe boot
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: andAdd animation to IncrediMail Style

Box - E:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

E:\Programmi\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

E:\Programmi\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Crea preferiti portatile -

{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\Programmi\Microsoft

ActiveSync\INetRepl.dll
O9 - Extra button: (no name) -

{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Programmi\Microsoft

ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... -

{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Programmi\Microsoft

ActiveSync\INetRepl.dll
O9 - Extra button: Yahoo! Messenger -

{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

E:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -

{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

E:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

E:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

E:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec

AntiVirus scanner) -

http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.ca

b
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo

Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -

http://software-dl.real.com/11ead797c43a7e900206/netzip/RdxIE601_i

t.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI

Utility Class) -

http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.

cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall

Control) -

http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro

.com/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan

Installer Class) -

http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX

Control) -

https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.

ocx
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier

Class) -

http://help.virgilio.it/helpexpress/files/MotivePreQual.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} -

http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat

Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O17 -

HKLM\System\CCS\Services\Tcpip\..\{A88493D6-8218-4A43-A53F-BB47495

6BB8A}: NameServer = 212.216.112.112 212.216.172.62
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown

owner - E:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -

E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner -

E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner -

E:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) -

SEIKO EPSON CORPORATION - E:\Programmi\File

comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC

- E:\WINDOWS\system32\ZoneLabs\vsmon.exe
Torna in alto
 
alfius
Inviato: Saturday, May 14, 2005 12:58:24 PM
Rank: Member

Iscritto dal : 11/24/2001
Posts: 2
Per il prodotto completo quale potrebbe essere il consiglio .
Il Norton ? Il Panda ? forse ci sono troppi antivirus per cui non è questione di acquistare , ma di sapere cosa acquistare e stare tranquillo; esiste un combinato che faccia da antivirus e firewall ??
Torna in alto
 
alfius
Inviato: Saturday, May 14, 2005 2:26:30 PM
Rank: Member

Iscritto dal : 11/24/2001
Posts: 2
symantec non ha trovato niente sul disco di xp ma su win 98 ha trovato questo che non riesco ad eliminare perchè non vedo la cartella:
C:\RECYCLED\Dc1\finger.exe è infettato con Joke.Nonsense
Torna in alto
 
alfius
Inviato: Saturday, May 14, 2005 3:09:07 PM
Rank: Member

Iscritto dal : 11/24/2001
Posts: 2
Anche la security risk di Simantec è ok.
Aiutamici non si smentisce , a distanza di anni dalle mie prime richieste di aiuto Alfonso Roselli è il suo team è sempre l'unica speranza che resta a chi come me a volte incappa in guai grossi.
Grazie di cuore
Alfio
Torna in alto
 
alfonso
Inviato: Saturday, May 14, 2005 3:46:01 PM

Rank: AiutAmico

Iscritto dal : 10/5/2000
Posts: 19,132
Il log attuale mi sembra pulito e se la scansione antivirus on line non ti ha segnalato problemi, dovrebbe essere tutto a posto. Che problemi riscontri?

Per Antivirus e Firewall in unico pacchetto, personalmente ho sempre utilizzato il Norton Security, ma per utilizzarlo dovresti avere almeno un Pentium 3 a 1 GHz di frequenza, su computer più vecchi diventa troppo pesante.

Per il Windows 98 mandami il log, da fare sempre in avvio normale.
Collaboratore Aiutamici
Torna in alto
 
alfius
Inviato: Saturday, May 14, 2005 5:07:12 PM
Rank: Member

Iscritto dal : 11/24/2001
Posts: 2
Nessun problema,
ho lasciato il pc acceso e collegato apposta per vedere se c'erano problemi.
Farò il log del 98 subito dopo aver inviato questo mex, per adesso grazie.
Torna in alto
 
alfius
Inviato: Saturday, May 14, 2005 5:14:40 PM
Rank: Member

Iscritto dal : 11/24/2001
Posts: 2
Eccolo:
Logfile of HijackThis v1.99.1
Scan saved at 17.12.21, on 14/05/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAMMI\FILE COMUNI\EPSON\EBAPI\SAGENT2.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\GSICON.EXE
C:\WINDOWS\SYSTEM\DSLAGENT.EXE
C:\PROGRAMMI\TRUST\INTERNET KEYBOARD\MMKEYBD.EXE
C:\PROGRAMMI\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\E_S10IC2.EXE
C:\WINDOWS\SYSTEM\LVCOMSX.EXE
C:\PROGRAMMI\LOGITECH\VIDEO\LOGITRAY.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\PROGRAMMI\LOGITECH\VIDEO\MANIFESTENGINE.EXE
C:\PROGRAMMI\TRUST\ONSCREEN DISPLAY\OSD.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMMI\LOGITECH\VIDEO\FXSVR2.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.photos-animaux.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [INTERNET KEYBOARD] C:\Programmi\Trust\Internet Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\SYSTEM\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O7 "EPUSB1:" /M "Stylus C42"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\SYSTEM\PSDrvCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmi\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmi\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\RunServices: [SAgent2ExePath] C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [avast!] C:\Programmi\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\PROGRAMMI\LOGITECH\VIDEO\MANIFESTENGINE.EXE boot
O4 - Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: (no name) - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - http://ricercaperfetta.com/ (file missing)
O9 - Extra 'Tools' menuitem: Loghi e suonerie - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - http://ricercaperfetta.com/ (file missing)
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
Torna in alto
 
alfonso
Inviato: Sunday, May 15, 2005 3:50:48 PM

Rank: AiutAmico

Iscritto dal : 10/5/2000
Posts: 19,132
Il log e pulito, comunque fai queste operazioni per eliminare due righe inutili e per controllare il tutto

esegui queste operazioni

riavvia in modalità provvisoria, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=344&SH=N

apri HIJAC THIS ed elimina come indicato in questo articolo
http://www.aiutamici.com/software/descrizione.asp?CodSw=1175
le righe che seguono, (nel caso le righe da eliminare non compaiono in modalità provvisoria, eliminale dalla modalità normale e riavvia il computer).

==================================
O9 - Extra button: (no name) - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - http://ricercaperfetta.com/ (file missing)
O9 - Extra 'Tools' menuitem: Loghi e suonerie - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - http://ricercaperfetta.com/ (file missing)
==================================


Vai a PANNELLO DI CONTROLLO e clicca su OPZIONI INTERNET
nella finestra che si apre clicca i tre pulsanti
ELIMINA COOKIES - ELIMINA FILE . CANCELLA CRONOOLOGIA


al termine utilizza i programmi AD-AWARE e SPYBOT indicati in questo articolo
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=388&SH=N

sempre in modalità provvisoria fai una scansione Antivirus.


Installa un programma Firewall.
Collaboratore Aiutamici
Torna in alto
 
alfius
Inviato: Sunday, May 15, 2005 8:08:45 PM
Rank: Member

Iscritto dal : 11/24/2001
Posts: 2
Eccomi qui, è possibile un ultimo controllo ?Ahh...un'altra domanda ...se volessi riformattare il disco C dove c'è win 98 c'è su aiutamici la procedura per farlo senza combinare guai all'altro disco con xp ?

Logfile of HijackThis v1.99.1
Scan saved at 20.06.02, on 15/05/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAMMI\FILE COMUNI\EPSON\EBAPI\SAGENT2.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\GSICON.EXE
C:\WINDOWS\SYSTEM\DSLAGENT.EXE
C:\PROGRAMMI\TRUST\INTERNET KEYBOARD\MMKEYBD.EXE
C:\PROGRAMMI\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\E_S10IC2.EXE
C:\WINDOWS\SYSTEM\LVCOMSX.EXE
C:\PROGRAMMI\LOGITECH\VIDEO\LOGITRAY.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\PROGRAMMI\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAMMI\LOGITECH\VIDEO\MANIFESTENGINE.EXE
C:\PROGRAMMI\TRUST\ONSCREEN DISPLAY\OSD.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAMMI\LOGITECH\VIDEO\FXSVR2.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.photos-animaux.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [INTERNET KEYBOARD] C:\Programmi\Trust\Internet Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\SYSTEM\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O7 "EPUSB1:" /M "Stylus C42"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\SYSTEM\PSDrvCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmi\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmi\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunServices: [SAgent2ExePath] C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [avast!] C:\Programmi\Alwil Software\Avast4\ashServ.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\PROGRAMMI\LOGITECH\VIDEO\MANIFESTENGINE.EXE boot
O4 - Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
Torna in alto
 
alfonso
Inviato: Monday, May 16, 2005 7:43:30 AM

Rank: AiutAmico

Iscritto dal : 10/5/2000
Posts: 19,132
Il log e pulito.

<font color=red>Se nel disco C: di Windows 98 c'é il menu di scelta per Windows 98/XP, formattando il disco perderai il menu di avvio e quindi XP non si avvierà più, non puoi formattare il 98 senza formattare anche XP.</font id=red>

Per formattare il disco fisso e reinstallare Windows 95/98/ME esegui queste operazioni:

1) Formatta un floppy disk facendo attenzione che non abbia settori danneggiati.

2) vai a PANNELLO DI CONTROLLO - INSTALLAZIONE APPLICAZIONI, nella finestra che si apre clicca in alto a destra su DISCO DI RIPRISTINO e poi clicca su CREA DISCO

3) riavviare il computer con il disco di ripristino inserito nel lettore floppy, nel menu che compare selezionare AVVIO CON SUPPORTO CD-ROM
prestare attenzione alla lettera unità dedicata al CD-ROM che viene mostrato, se si possiede una sola partizione e un solo disco fisso la lettera C: sarà quello del disco fisso, la lettera D: quella del disco virtuale di installazione di windows e la lettera E: quella del CD-ROM

4) inserisci il CD-ROM di windows nel lettore, quindi digita:
<b>
E: Invio
</b>
se nel prompt del DOS compare la lettera E:\ digita
<b>
DIR invio
</b>
dovrebbe comparire la lista dei file contenuti nel CD-ROM, se questo avviene, significa che possiamo procedere alla formattazione, se invece il lettore CD-ROM non viene riconosciuto, togliamo il floppy dal computer e riavviamo normalmente, dovremmo inserire il drivers del CD-ROM nel disco di ripristino, leggi qui come fare
http://www.zanezane.net/articoli.asp?id=64

Se invece il CD-ROM viene riconosciuto, digitiamo
<b>
A: invio
</b>
quindi diamo il comando per formattare il disco fisso
<b>
FORMAT C:
</b>
al termine della formattazione del disco fisso digitiamo

per windows ME
<b>
E: Invio
SETUP invio
</b>
per Windows 95/98
<b>
E: Invio
CD WIN invio
SETUP invio
</b>

Nel caso non possiedi un disco Floppy di ripristino di windows o se quello che hai e danneggiato, vai a questo indirizzo http://www.bootdisk.com/bootdisk.htm e scarica il programma per il tuo sistema operativo, quindi formatta un floppy disk e lancia il programma, dal disco fisso ti creerà una copia direttamente sul floppy. L'unico problema e che questi hanno l'impostazione della tastiera americana, per digitare i due punti premi il tasto ò (o accentata)


<img src="http://www.aiutamici.com/ftp/images/avvi1.gif" border=0><img src="http://www.aiutamici.com/ftp/images/avvi2.gif" border=0><img src="http://www.aiutamici.com/ftp/images/avvi3.gif" border=0><img src="http://www.aiutamici.com/ftp/images/avvi4.gif" border=0>
Collaboratore Aiutamici
Torna in alto
 
Utenti presenti in questo topic
Guest

2 pages: [1] 2

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » sconnessione adsl


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.