ho a che fare con il famigerato se.dll ho provato di tutto,ho cancellato alcune righe che pensavo potessero essere il problema(in modalita' provvisoria)comunque poi ritornano sempre
comunque cosa dovrei eliminare?
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\AALVOL.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\MSYSTEM.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAMMI\CRAZY BROWSER\CRAZY BROWSER.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\DOWNLOADS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.motor-search.info/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://c:\windows\TEMP\se.dll/spage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL =
http://www.motor-search.info/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.motor-search.info/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://c:\windows\TEMP\se.dll/spage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL =
http://www.motor-search.info/R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://ewizard.cc/cn/?r=f6e31777a72fc023&pin=314R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Virgilio
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {39331F41-C854-11D9-82E2-4445B7D228B8} - C:\WINDOWS\SYSTEM\OBAJ.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1040,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Hidserv] Hidserv.exe run
O4 - HKLM\..\Run: [IOMON98.EXE] C:\Programmi\VirusBuster\IOMON98.EXE
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [MAGICKB] MagStart.exe
O4 - HKLM\..\Run: [ATIGART] c:\ati\gart\atigart.exe
O4 - HKLM\..\Run: [AtiPTA] Atiptaaa.exe
O4 - HKLM\..\Run: [NAV DefAlert] C:\PROGRA~1\NORTON~1\DEFALERT.EXE
O4 - HKLM\..\Run: [Eac_Download] C:\PROGRAMMI\FILE COMUNI\EACCELERATION\DOWNLOAD.EXE -k
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\SYSTEM\QTTASK.EXE
O4 - HKLM\..\Run: [AVGCtrl] C:\PROGRAMMI\AVPERSONAL\AVGCtrl.EXE /min
O4 - HKLM\..\Run: [F-STOPW.EXE] C:\Programmi\FSI\F-Prot\F-STOPW.EXE
O4 - HKLM\..\Run: [IST Service] \ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [dnscleaner] C:\WINDOWS\DNSCLEANER.EXE
O4 - HKLM\..\Run: [VsecomrEXE] C:\Programmi\Network Associates\McAfee VirusScan\VSEcomR.EXE
O4 - HKLM\..\Run: [AVPCC] C:\PROGRA~1\ANTIVI~1\_avpcc.exe
O4 - HKLM\..\Run: [AvconsoleEXE] C:\Programmi\Network Associates\McAfee VirusScan\avconsol.exe /minimize
O4 - HKLM\..\Run: [Vshwin32EXE] C:\Programmi\Network Associates\McAfee VirusScan\VSHWIN32.EXE
O4 - HKLM\..\Run: [VsStatEXE] C:\Programmi\Network Associates\McAfee VirusScan\VSSTAT.EXE /SHOWWARNING
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Programmi\WildTangent\Apps\CDA\GameDrvr.exe" /startup C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [Windows Security Assistant] C:\WINDOWS\system32\rundll32.vbe
O4 - HKLM\..\Run: [TrojanScanner] C:\Programmi\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [System Backup] msystem.exe
O4 - HKLM\..\Run: [sp] rundll32 C:\WINDOWS\TEMP\SE.DLL,DllInstall
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Vshwin32EXE] C:\Programmi\Network Associates\McAfee VirusScan\VSHWIN32.EXE
O4 - HKLM\..\RunServices: [IOMON98.EXE] C:\Programmi\VirusBuster\IOMON98.EXE
O4 - HKLM\..\RunServices: [AVPCC Service] C:\PROGRA~1\ANTIVI~1\avpcc.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Windows Security Assistant] C:\WINDOWS\system32\rundll32.vbe
O4 - HKCU\..\Run: [Attune Download] C:\PROGRA~2\AVEO\ATTUNE\UPDATER1\ATTUNEL.EXE
O4 - HKCU\..\Run: [Trash it Scheduler] C:\PROGRAMMI\TRASH IT!\Trash it Scheduler.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [WindowsFY] C:\WP.EXE
O4 - HKCU\..\Run: [eZulaMain] C:\PROGRA~1\ezula\eZulaMain.exe
O4 - HKCU\..\Run: [Windows Security Assistant] C:\WINDOWS\system32\rundll32.vbe
O4 - Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM\E_SRCV03.EXE
O4 - Startup: Webshots.lnk = C:\Programmi\Webshots\WebshotsTray.exe
O4 - Startup: C6 Client.LNK = C:\TinMessenger\TinMessenger.exe
O4 - Startup: GStartup.lnk = C:\Programmi\File comuni\Microsoft Shared\MSINFO\MSINFO32.EXE
O4 - Startup: C6 Messenger.lnk = C:\Programmi\C6 Messenger\c6Messenger.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download with GetRight - C:\Programmi\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Programmi\GetRight\GRbrowse.htm
O9 - Extra button: Microsoft AntiSpyware helper - {99B763C0-E7E5-11D9-82E3-D9AE2871C236} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {99B763C0-E7E5-11D9-82E3-D9AE2871C236} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {DF44A780-09B5-11DA-82E3-C8323422C763} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DF44A780-09B5-11DA-82E3-C8323422C763} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {99B763C0-E7E5-11D9-82E3-D9AE2871C236} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {99B763C0-E7E5-11D9-82E3-D9AE2871C236} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DF44A780-09B5-11DA-82E3-C8323422C763} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DF44A780-09B5-11DA-82E3-C8323422C763} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O12 - Plugin for .dat: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
O12 - Plugin for .tvt: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
O14 - IERESET.INF: START_PAGE_URL=http://gw.virgilio.it/vie/55/200010smau.home
O16 - DPF: {AE775D48-49AA-11D1-8F1C-00C04FB67063} (MS Investor Ticker) -
http://fdl.msn.com/public/investor/v5/ticker.cabO16 - DPF: {8D37126F-C08C-11D4-A248-005056BF3741} (plug Class) -
http://dist02.chargitdial.com/chargitplug.dllO16 - DPF: {D22AC3EF-B7D8-11D5-A281-005056BF0101} (plug Class) -
http://dist02.chargitdial.com/chargitplug.dllO16 - DPF: {45231111-1111-1111-1111-111111113458} - file://C:\WINDOWS\Tempor~1\Content.IE5\C78RYT2P\epl2[1].cab
O18 - Filter: text/html - {39331F40-C854-11D9-82E2-4445D89E8D23} - C:\WINDOWS\SYSTEM\OBAJ.DLL
O18 - Filter: text/plain - {39331F40-C854-11D9-82E2-4445D89E8D23} - C:\WINDOWS\SYSTEM\OBAJ.DLL