Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

LOG Opzioni
sitoweb
Inviato: Tuesday, December 27, 2005 2:10:11 AM
Rank: Member

Iscritto dal : 7/10/2001
Posts: 0
Logfile of HijackThis v1.99.1
Scan saved at 2.11.05, on 27/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
E:\Programmi\Hand-Crafted Software\FreeProxy\FreeProxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Daily Weather Forecast\weather.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Programmi\Bluetack\Blocklist Manager\BlockMgr.exe
E:\Programmi\ISS\BlackICE\blackice.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\devldr32.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Utente Windows\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.skymasters.biz?4289
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~2\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [AVGCtrl] d:\PROGRA~1\AVPERS~1\AVGCTRL.EXE /min
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM32\WUCRTUPD.EXE -startup
O4 - HKLM\..\Run: [ScanRegistry] D:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] D:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] D:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Vet Alert] D:\WINDOWS\System\VetMsg9x.exe
O4 - HKLM\..\Run: [VetTray] D:\PROGRA~1\INOCUL~1\VETTRAY.EXE
O4 - HKLM\..\Run: [Vet Start Up] D:\PROGRA~1\INOCUL~1\VET98.EXE /PROGRESSIVE
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Programmi\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Programmi\Daily Weather Forecast\weather.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ProtoWall] c:\Programmi\Dudez\ProtoWall\ProtoWall.exe
O4 - HKCU\..\Run: [ProxyWay] E:\Programmi\ProxyWay\proxyway.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] e:\Programmi\Spybot - Search & Destroy2\TeaTimer.exe
O4 - Startup: BlackICE PC Protection.lnk = E:\Programmi\ISS\BlackICE\blackice.exe
O4 - Global Startup: Collegamento a BlockMgr.lnk = E:\Programmi\Bluetack\Blocklist Manager\BlockMgr.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Scarica con Download &Express - e:\Programmi\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1123983646836
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{905CD4BB-F7F9-4D60-B70F-8E359D05FE72}: NameServer = 193.70.152.25 193.70.192.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{905CD4BB-F7F9-4D60-B70F-8E359D05FE72}: NameServer = 193.70.152.25 193.70.192.25
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\FILECO~1\Stardock\mcpstub.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AntiVir Update (AVWUpSrv) - Unknown owner - d:\Programmi\AVPersonal\AVWUPSRV.EXE (file missing)
O23 - Service: BlackICE - Internet Security Systems, Inc. - e:\Programmi\ISS\BlackICE\blackd.exe
O23 - Service: Free Proxy Service (FreeProxy) - Hand-Crafted Software - E:\Programmi\Hand-Crafted Software\FreeProxy\FreeProxy.exe
O23 - Service: RapApp - Internet Security Systems, Inc. - e:\Programmi\ISS\BlackICE\rapapp.exe
O23 - Service: ZorroPCProtector - Unknown owner - e:\Program Files\PCProtector\zorlanc.exe (file missing)

HO TOLTO 015 PRIMA ERA
Logfile of HijackThis v1.99.1
Scan saved at 1.01.55, on 27/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
E:\Programmi\Hand-Crafted Software\FreeProxy\FreeProxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Daily Weather Forecast\weather.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Programmi\Bluetack\Blocklist Manager\BlockMgr.exe
E:\Programmi\ISS\BlackICE\blackice.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\devldr32.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Utente Windows\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.skymasters.biz?4289
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~2\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [AVGCtrl] d:\PROGRA~1\AVPERS~1\AVGCTRL.EXE /min
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM32\WUCRTUPD.EXE -startup
O4 - HKLM\..\Run: [ScanRegistry] D:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] D:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] D:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Vet Alert] D:\WINDOWS\System\VetMsg9x.exe
O4 - HKLM\..\Run: [VetTray] D:\PROGRA~1\INOCUL~1\VETTRAY.EXE
O4 - HKLM\..\Run: [Vet Start Up] D:\PROGRA~1\INOCUL~1\VET98.EXE /PROGRESSIVE
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Programmi\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Programmi\Daily Weather Forecast\weather.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ProtoWall] c:\Programmi\Dudez\ProtoWall\ProtoWall.exe
O4 - HKCU\..\Run: [ProxyWay] E:\Programmi\ProxyWay\proxyway.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] e:\Programmi\Spybot - Search & Destroy2\TeaTimer.exe
O4 - Startup: BlackICE PC Protection.lnk = E:\Programmi\ISS\BlackICE\blackice.exe
O4 - Global Startup: Collegamento a BlockMgr.lnk = E:\Programmi\Bluetack\Blocklist Manager\BlockMgr.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Scarica con Download &Express - e:\Programmi\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1123983646836
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{905CD4BB-F7F9-4D60-B70F-8E359D05FE72}: NameServer = 193.70.152.25 193.70.192.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{905CD4BB-F7F9-4D60-B70F-8E359D05FE72}: NameServer = 193.70.152.25 193.70.192.25
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\FILECO~1\Stardock\mcpstub.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AntiVir Update (AVWUpSrv) - Unknown owner - d:\Programmi\AVPersonal\AVWUPSRV.EXE (file missing)
O23 - Service: BlackICE - Internet Security Systems, Inc. - e:\Programmi\ISS\BlackICE\blackd.exe
O23 - Service: Free Proxy Service (FreeProxy) - Hand-Crafted Software - E:\Programmi\Hand-Crafted Software\FreeProxy\FreeProxy.exe
O23 - Service: RapApp - Internet Security Systems, Inc. - e:\Programmi\ISS\BlackICE\rapapp.exe
O23 - Service: ZorroPCProtector - Unknown owner - e:\Program Files\PCProtector\zorlanc.exe (file missing)

MA NON è CAMBIATO NULLA

AUGURI DI BUON ANNO
PER RINGRAZIARE TROVATE UTILI INFO QUI
http://www.internetmonitor.it/forum/topic.asp?TOPIC_ID=594&whichpage=4
Sponsor
Inviato: Tuesday, December 27, 2005 2:10:11 AM

 
alfonso
Inviato: Tuesday, December 27, 2005 11:09:53 AM

Rank: AiutAmico

Iscritto dal : 10/5/2000
Posts: 19,132
Ciao ,
esegui queste operazioni

Disattiva il ripristino di configurazione, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=257&SH=N

Riavvia in modalità provvisoria, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=344&SH=N

apri HIJAC THIS ed elimina come indicato in questo articolo
http://www.aiutamici.com/software/descrizione.asp?CodSw=1175
le righe che seguono, (nel caso le righe da eliminare non compaiono in modalità provvisoria, eliminale dalla modalità normale e riavvia il computer).

==================================
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.skymasters.biz?4289
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
-
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
-
O23 - Service: ZorroPCProtector - Unknown owner - e:\Program Files\PCProtector\zorlanc.exe (file missing)
==================================

Con la funzione TROVA di Windows, cerca ed elimina questi file,
==================================
zorlanc.exe
==================================

Vai a PANNELLO DI CONTROLLO e clicca su OPZIONI INTERNET
nella finestra che si apre clicca i tre pulsanti
ELIMINA COOKIES - ELIMINA FILE - CANCELLA CRONOOLOGIA
poi clicca il pulsante PAGINA PREDEFINITA e su OK

al termine utilizza i programmi AD-AWARE e SPYBOT indicati in questo articolo
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=388&SH=N

Fai una scansione con questo programma
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=1286

sempre in modalità provvisoria fai una scansione Antivirus

quindi riavvia il computer e controlla se il problema e risolto, se e tutto OK riattiva il ripristino configurazione disattivato all'inizio di questa procedura.

Collaboratore Aiutamici
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.