Ragazzi aiutatemi.
Spesso è due giorni circa, che accendo il pc e quando spessissimo, quando meno di frequente mi appare una pubblicità di incontri con ragazze che si chiama WEBPOPOUP MARRY.... e così via.
Io tento di chiudere la finestra, mi da tre tentativi, chiaramente dicendo ogni volta se sono sicuro ecc...
Poi in fondo mi dice che sta tentando di chiudere la pagina, ma pur scomparendo le foto di ste ragazze mi rimane questa paginabianca intoccabile, non va via e non si sposta, proprio nel bel mezzo del pc.
ogni volta devo riavviare, come posso fare????
E se formatto, siccome in un'allagamento mi si sono sciupati i dichi della scheda madre video, audio eccetterà, windows xp tramite internet le reinstalla da solo?
Vi prego aiutatemi :-(
grazie comunque
Sentite ho fatto la scansione, ma non in modalità provvisoria perchè col mio pc, avendo come già detto perso le istruzioni non riesco ad accedere al bios.
Comunque ora riesco a togliere questa fastidiosa pubblicità senza riavviare il pc, tramite il task manager che prima mi si era bloccato, ignoro il motivo.
ma la pubblicità riappare, identificando il processo mediante task manager, cosa che ho fatto, c'è possibilità con qualche programma di toglierlo? o con qualche funzione del PC?
Vi ringrazio, siete stati veramente preziosi oggi per me
ciao
Scusa ma sono duretto il programma ce l'ho ma devo copiare e incollare il nome dell'applicazione fastidiosa dal task e inserirlo sul programma, poi spuntarlo e quindi cancellarlo?
Questo devo fare?
non sono pratico di pc e non so cosa voglia dire in termini informatici posta il LOG
scusate se vi creo disturbo ragazzi
Logfile of HijackThis v1.99.1
Scan saved at 21.20.13, on 04/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\E-nrgyPlus\E-nrgyPlus.exe
C:\Programmi\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\ctfmon.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Microsoft AntiSpyware\gcasDtServ.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://myhomepage.capitan-trash.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.rvchyyngrzuoqrafypghw.com/jgKe_mBMIq2FOKUdaQSiBpa pTPZXiUgL05SG0QpwuYDqHhua0E1dTZCn8oVCSGXW.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://myhomepage.capitan-trash.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.rvchyyngrzuoqrafypghw.com/jgKe_mBMIq2FOKUdaQSiBpa pTPZXiUgL05SG0QpwuYDqHhua0E1dTZCn8oVCSGXW.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O1 - Hosts: 127.0.0.4 www.vparivalka.com
O1 - Hosts: 127.0.0.4 iframeprofit.com
O1 - Hosts: 127.0.0.4 www.iframeprofit.com
O1 - Hosts: 127.0.0.4 topsearch10.com
O1 - Hosts: 127.0.0.4 www.topsearch10.com
O1 - Hosts: 127.0.0.4 statscash.biz
O1 - Hosts: 127.0.0.4 www.statscash.biz
O1 - Hosts: 127.0.0.4 vxiframe.biz
O1 - Hosts: 127.0.0.4 www.vxiframe.biz
O1 - Hosts: 127.0.0.4 crazy-toolbar.com
O1 - Hosts: 127.0.0.4 www.crazy-toolbar.com
O1 - Hosts: 127.0.0.4 topcash.biz
O1 - Hosts: 127.0.0.4 www.topcash.biz
O1 - Hosts: 127.0.0.4 loadcash.biz
O1 - Hosts: 127.0.0.4 www.loadcash.biz
O1 - Hosts: 127.0.0.4 txiframe.biz
O1 - Hosts: 127.0.0.4 www.txiframe.biz
O1 - Hosts: 127.0.0.4 procounter.biz
O1 - Hosts: 127.0.0.4 www.procounter.biz
O1 - Hosts: 127.0.0.4 advadmin.biz
O1 - Hosts: 127.0.0.4 www.advadmin.biz
O1 - Hosts: 127.0.0.4 trafficbest.net
O1 - Hosts: 127.0.0.4 www.trafficbest.net
O1 - Hosts: 127.0.0.4 besthvac.com
O1 - Hosts: 127.0.0.4 www.besthvac.com
O1 - Hosts: 127.0.0.4 traff4.com
O1 - Hosts: 127.0.0.4 www.traff4.com
O1 - Hosts: 127.0.0.4 ambush-script.com
O1 - Hosts: 127.0.0.4 www.ambush-script.com
O1 - Hosts: 127.0.0.4 beehappyy.biz
O1 - Hosts: 127.0.0.4 www.beehappyy.biz
O1 - Hosts: 127.0.0.4 tracktraff.cc
O1 - Hosts: 127.0.0.4 www.tracktraff.cc
O1 - Hosts: 127.0.0.4 allcount.net
O1 - Hosts: 127.0.0.4 www.allcount.net
O1 - Hosts: 127.0.0.4 onedayoffer.biz
O1 - Hosts: 127.0.0.4 www.onedayoffer.biz
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {CD70482B-0A0C-1EB2-E208-7AAF3B05C706} - C:\DOCUME~1\Daniele\DATIAP~1\EQFILE~1\Global Pop.exe
O2 - BHO: (no name) - {CD9B1116-B85C-752E-0995-8F165695473C} - C:\DOCUME~1\Daniele\DATIAP~1\EQFILE~1\Global Pop.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Programmi\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [NI.UWFX5T] "C:\Documents and Settings\Daniele\Impostazioni locali\Temporary Internet Files\Content.IE5\4HIZ0HYJ\WinFixer2005ScannerInstallITA[1].exe"
O4 - HKLM\..\Run: [inter pile junk hide] C:\Documents and Settings\All Users\Dati applicazioni\Blah Start Inter Pile\locks start.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [BearShare] "C:\Programmi\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [AVG7_RegCleaner] C:\PROGRA~1\Grisoft\AVGFRE~1\avgregcl.exe /BOOT
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IntraSecondAceDefault] C:\Documents and Settings\All Users\Dati applicazioni\View locks intra second\Inter Bike.exe
O4 - HKLM\..\Run: [E-nrgyPlus] C:\Programmi\E-nrgyPlus\E-nrgyPlus.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Programmi\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [book ante] C:\DOCUME~1\Daniele\DATIAP~1\ELSEPL~1\AXISNEW.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.ca b
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.ca b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloade r.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31 267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{61B87D8F-229B-4048-828B-C D7E0ABBC125}: NameServer = 85.37.17.55 151.99.125.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
spero che abbia fatto la cosa giusta
tutto mi torna in teoria ma come faccio a recarmi sulla cartella system 32? vado su C apro windowos ma non trovo la cartella System32. Come faccio?
Non vedo ugualmente le cartelle, comunque ti posto quello che mi hai detto di eliminare con Hijackthis vedi un pò
grazie comunque
Logfile of HijackThis v1.99.1
Scan saved at 22.49.07, on 04/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\ctfmon.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Microsoft AntiSpyware\gcasDtServ.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\WINDOWS\system32\rsvp.exe
C:\Programmi\SlimBrowser\sbrowser.exe
C:\Programmi\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://myhomepage.capitan-trash.com - http://myhomepage.capitan-trash.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ - http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://myhomepage.capitan-trash.com - http://myhomepage.capitan-trash.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.rvchyyngrzuoqrafypghw.com/jgKe_mBMIq2FOKUdaQSiBpapTPZXiUgL05SG0QpwuYDqHhua0E1dTZCn8oVCSGXW.htm - http://www.rvchyyngrzuoqrafypghw.com/jgKe_mBMIq2FOKUdaQSiBpa pTPZXiUgL05SG0QpwuYDqHhua0E1dTZCn8oVCSGXW.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ - http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O1 - Hosts: 127.0.0.4 http://www.vparivalka.com - www.vparivalka.com
O1 - Hosts: 127.0.0.4 iframeprofit.com
O1 - Hosts: 127.0.0.4 http://www.iframeprofit.com - www.iframeprofit.com
O1 - Hosts: 127.0.0.4 topsearch10.com
O1 - Hosts: 127.0.0.4 http://www.topsearch10.com - www.topsearch10.com
O1 - Hosts: 127.0.0.4 statscash.biz
O1 - Hosts: 127.0.0.4 http://www.statscash.biz - www.statscash.biz
O1 - Hosts: 127.0.0.4 vxiframe.biz
O1 - Hosts: 127.0.0.4 http://www.vxiframe.biz - www.vxiframe.biz
O1 - Hosts: 127.0.0.4 crazy-toolbar.com
O1 - Hosts: 127.0.0.4 http://www.crazy-toolbar.com - www.crazy-toolbar.com
O1 - Hosts: 127.0.0.4 topcash.biz
O1 - Hosts: 127.0.0.4 http://www.topcash.biz - www.topcash.biz
O1 - Hosts: 127.0.0.4 loadcash.biz
O1 - Hosts: 127.0.0.4 http://www.loadcash.biz - www.loadcash.biz
O1 - Hosts: 127.0.0.4 txiframe.biz
O1 - Hosts: 127.0.0.4 http://www.txiframe.biz - www.txiframe.biz
O1 - Hosts: 127.0.0.4 procounter.biz
O1 - Hosts: 127.0.0.4 http://www.procounter.biz - www.procounter.biz
O1 - Hosts: 127.0.0.4 advadmin.biz
O1 - Hosts: 127.0.0.4 http://www.advadmin.biz - www.advadmin.biz
O1 - Hosts: 127.0.0.4 trafficbest.net
O1 - Hosts: 127.0.0.4 http://www.trafficbest.net - www.trafficbest.net
O1 - Hosts: 127.0.0.4 besthvac.com
O1 - Hosts: 127.0.0.4 http://www.besthvac.com - www.besthvac.com
O1 - Hosts: 127.0.0.4 traff4.com
O1 - Hosts: 127.0.0.4 http://www.traff4.com - www.traff4.com
O1 - Hosts: 127.0.0.4 ambush-script.com
O1 - Hosts: 127.0.0.4 http://www.ambush-script.com - www.ambush-script.com
O1 - Hosts: 127.0.0.4 beehappyy.biz
O1 - Hosts: 127.0.0.4 http://www.beehappyy.biz - www.beehappyy.biz
O1 - Hosts: 127.0.0.4 tracktraff.cc
O1 - Hosts: 127.0.0.4 http://www.tracktraff.cc - www.tracktraff.cc
O1 - Hosts: 127.0.0.4 allcount.net
O1 - Hosts: 127.0.0.4 http://www.allcount.net - www.allcount.net
O1 - Hosts: 127.0.0.4 onedayoffer.biz
O1 - Hosts: 127.0.0.4 http://www.onedayoffer.biz - www.onedayoffer.biz
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Programmi\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [NI.UWFX5T] "C:\Documents and Settings\Daniele\Impostazioni locali\Temporary Internet Files\Content.IE5\4HIZ0HYJ\WinFixer2005ScannerInstallITA[1].exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [BearShare] "C:\Programmi\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [AVG7_RegCleaner] C:\PROGRA~1\Grisoft\AVGFRE~1\avgregcl.exe /BOOT
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Programmi\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.ca b
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab - http://messenger.zone.msn.com/binary/MessengerStatsClient.ca b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab - http://messenger.msn.com/download/msnmessengersetupdownloade r.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31 267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{61B87D8F-229B-4048-828B-C D7E0ABBC125}: NameServer = 85.37.17.55 151.99.125.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
Fammi sapere quando puoi sei stato anche troppo gentile
ed è possibile ripristinare questa cartella?
Comunque grazie perchè mi hai fatto risolvere molti problemi, adesso pare non apparire più alcuna pubblicità.
Lucas...scusa se ti disturbo....ma ho visto che sei stato molto d'aiuto a Mission, mi sono registrato perchè anche a me succede lo stesso problema....PUBBLICITA'...e in piu' mi si avverte di spy nel mio pc...
Ho lanciato spybot e adaware ma mi rimane un problema....AVENUE a.inc....che sembra non essere eliminabile da spybot...
Premetto che non ci capisco quasi nulla di pc, ho scaricato il programma da te consigliato "hijakthis"... ma ho un po' paura di combinare qualche casino...se puoi aiutarmi...ti spedisco volentieri un panettone :)
ECCOMI.....con a fianco un pandoro....
E' TUTTO il giorno che provo a debellarlo...ora i pop di audaci signorine non appaiono piu'...ma rimane sempra il problema rilevato da spybot: VCODEC, ieri era affiancato da Avenue...
L'amico Pandantivirus ha debellato( non credo in toto) TRJ zlob.av
cmq....questo il rapporto....GRAZIE PER L'AIUTO
Logfile of HijackThis v1.99.1
Scan saved at 14.10.47, on 16/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
C:\Programmi\File comuni\Panda Software\PavShld\pavprsrv.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\mssearchnet.exe
C:\WINDOWS\system32\S3hotkey.exe
C:\WINDOWS\system32\S3tray2.exe
C:\Programmi\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Programmi\Winamp\winampa.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe
C:\Programmi\CASIO\Photo Loader\Plauto.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\WebProxy.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\AVENGINE.EXE
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\Proprietario\Desktop\PRG\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php - http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com - http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ - http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programmi\ICQToolbar\toolbaru.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programmi\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [S3hotkey] S3hotkey.exe
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [VOBID] C:\Programmi\Pinnacle\InstantCDDVD\InstantDrive\InstantDrive .exe /remount
O4 - HKLM\..\Run: [IW ControlCenter] C:\Programmi\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [Lexmark X84-X85 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe
O4 - HKLM\..\Run: [Lexmark X84-X85 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [PopUpKiller] C:\Programmi\PopUp Killer\popupkiller.EXE
O4 - HKLM\..\Run: [SCANINICIO] "C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\RunServices: [ComPlus Applications] C:\windows\ComPlus Applications.exe
O4 - HKLM\..\RunServices: [Common Files] C:\windows\Common Files.exe
O4 - HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Programmi\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ComPlus Applications] C:\windows\ComPlus Applications.exe
O4 - HKCU\..\Run: [Common Files] C:\windows\Common Files.exe
O4 - Global Startup: LG SyncManager.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Photo Loader residente.lnk = C:\Programmi\CASIO\Photo Loader\Plauto.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programmi\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {11111111-1111-1111-1111-111111111123} - file://C:\Documents - file://C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\WAS545.tmp\html\painter.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab - http://messenger.msn.com/download/MsnMessengerSetupDownloade r.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: PAVWAIT.DLL
O23 - Service: Windows Login (MpR) - Unknown owner - C:\WINDOWS\System32\explored.exe" -service (file missing)
O23 - Service: Panda Antispam Server Service (PASSRV) - Unknown owner - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Programmi\File comuni\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
ho parlato troppo in fretta...mi sono apparse due icone di collegamento sul desktop "ONLINE SECURITY GUIDE" E "SECURITY TROUBLE SHOTING"...in poche parole il sistema mi avvisa che ci sono delle infezioni e mi consiglia di acquistare qualche spyware o antimalware...HELP
Devo ringraziarti Lucas, perchè da quando mi hai fatto usare highjackthis (sotto tua guida) il PC va piu' veloce e le pubblicita' fastidioso non ci sono più, inoltre ho risolto anche quel problemino del sito sempre grazie a te e a tutti voi ragazzi.
grazie ancora
Mission
Scusami....non ho capito l'ultimo passaggio.....d
opo averlo salvato sul desktop...cosa intendi x salvalo come "tutti i files"...ecc?
piccolo...problema....non entra in modalità provvisoria...
almeno con f8....come posso fare?
Scusa ancora...
La situazione pare precipitare, si chiudonjo e aprono le pagini di internet a caso
Lucas....sono entrato e ho spuntato il primo passaggio...ma delle cartelle che mi dicevi (C:windows) nessuna traccia....Eppure avevo messo anche visibili le cartella di sistema...
Ho riavviato senza fare il terzo passaggio...DEL.REG...
AIUTO...so che mi odi, ma pensa che ti stai assicurando un passaggio in paradiso...perchè stai aiutando un bisognoso
si si...avevo già spuntato...girando per la rete ho trovato un altro sito....dove consigliavano con hijackthis di cancellare anche
C/windows/system32/mssearchnet.exe
O4 - Global Startup: Reality Fusion GameCam SE.lnk = ? (qs non c'è)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) – è un file inutile –
Cosa pensi?...Se credi che sia sbagliato, avendo fatto un backup, posso recuperarlo...no?...
Prima di ritentare a cercare quelle cartelle...aspetto di sapere se ho fatto una cazzata:)
Questa la situazione attuale....prima di provare a cercare le cartelle windows....O volevi che cercassi e facessi il terzo passaggio "DEL.REG"?
Per me è un universo parallelo
Logfile of HijackThis v1.99.1
Scan saved at 22.29.27, on 16/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\S3hotkey.exe
C:\WINDOWS\system32\S3tray2.exe
C:\Programmi\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Programmi\Winamp\winampa.exe
C:\Programmi\PopUp Killer\popupkiller.EXE
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe
C:\Programmi\CASIO\Photo Loader\Plauto.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\SRVLOAD.EXE
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
C:\Programmi\File comuni\Panda Software\PavShld\pavprsrv.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\AVENGINE.EXE
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\WebProxy.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\mssearchnet.exe
C:\Documents and Settings\Proprietario\Desktop\PRG\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php - http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com - http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/ - http://www.yahoo.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programmi\ICQToolbar\toolbaru.dll
O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\WINDOWS\system32\hpA067.tmp
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programmi\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [S3hotkey] S3hotkey.exe
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [VOBID] C:\Programmi\Pinnacle\InstantCDDVD\InstantDrive\InstantDrive .exe /remount
O4 - HKLM\..\Run: [IW ControlCenter] C:\Programmi\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [Lexmark X84-X85 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe
O4 - HKLM\..\Run: [Lexmark X84-X85 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [PopUpKiller] C:\Programmi\PopUp Killer\popupkiller.EXE
O4 - HKLM\..\Run: [SCANINICIO] "C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: LG SyncManager.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Photo Loader residente.lnk = C:\Programmi\CASIO\Photo Loader\Plauto.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programmi\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab - http://messenger.msn.com/download/MsnMessengerSetupDownloade r.cab
O20 - AppInit_DLLs: PAVWAIT.DLL
O23 - Service: Windows Login (MpR) - Unknown owner - C:\WINDOWS\System32\explored.exe" -service (file missing)
O23 - Service: Panda Antispam Server Service (PASSRV) - Unknown owner - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Programmi\File comuni\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
Non so cosa tu mi abbia fatto fare...ma i segnali sembrano positivi...per prima cosa è ritornata la classica pagina iniziale....
Questo il responso....
smitRem © log file
version 2.8
by noahdfear
Microsoft Windows XP [Versione 5.1.2600]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
checking for ShudderLTD key
ShudderLTD key not present!
checking for PSGuard.com key
PSGuard.com key not present!
checking for WinHound.com key
WinHound.com key not present!
spyaxe uninstaller NOT present
Winhound uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Existing Pre-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
1024 dir
msvol.tlb
ld****.tmp
mssearchnet.exe
ncompat.tlb
nvctrl.exe
mscornet.exe
hp***.tmp
~~~ Icons in System32 ~~~
ot.ico
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 mailto:Craig.Peacock@beyondlogic.org - Craig.Peacock@beyondlogic.org
Killing PID 768 'explorer.exe'
Killing PID 768 'explorer.exe'
Starting registry repairs
Deleting files
Remaining Post-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~ Wininet.dll ~~~
CLEAN! :)
NON SO PROPRIO COME FARE A RINGRAZIARTI X LA PAZIENZA...il mio settore è la cinofilia...l'unica mano che ti posso dare è quella di farti comunicare con il tuo cane , se ne hai uno, visto che tu mi hai fatto comunicare con il pc:)
Logfile of HijackThis v1.99.1
Scan saved at 23.39.55, on 16/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\S3hotkey.exe
C:\WINDOWS\system32\S3tray2.exe
C:\Programmi\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Programmi\Winamp\winampa.exe
C:\Programmi\PopUp Killer\popupkiller.EXE
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe
C:\Programmi\CASIO\Photo Loader\Plauto.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\SRVLOAD.EXE
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
C:\Programmi\File comuni\Panda Software\PavShld\pavprsrv.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\AVENGINE.EXE
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\WebProxy.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\Proprietario\Desktop\PRG\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ - http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programmi\ICQToolbar\toolbaru.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programmi\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [S3hotkey] S3hotkey.exe
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [VOBID] C:\Programmi\Pinnacle\InstantCDDVD\InstantDrive\InstantDrive .exe /remount
O4 - HKLM\..\Run: [IW ControlCenter] C:\Programmi\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [Lexmark X84-X85 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe
O4 - HKLM\..\Run: [Lexmark X84-X85 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [PopUpKiller] C:\Programmi\PopUp Killer\popupkiller.EXE
O4 - HKLM\..\Run: [SCANINICIO] "C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: LG SyncManager.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Photo Loader residente.lnk = C:\Programmi\CASIO\Photo Loader\Plauto.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programmi\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O20 - AppInit_DLLs: PAVWAIT.DLL
O23 - Service: Windows Login (MpR) - Unknown owner - C:\WINDOWS\System32\explored.exe" -service (file missing)
O23 - Service: Panda Antispam Server Service (PASSRV) - Unknown owner - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Programmi\File comuni\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Programmi\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
Il dogo lo conosco molto bene, ho scritto anche qualche articolo sulla razza e consosco molti allevatori...Inutile dirti...POLSO, POLSO, POLSO per l'educazione...se hai bisogno di qualche consiglio...fischiaE grazie!!!!!
Ok....fatto....allora ti posto il club...( anche se penso che tu lo sappia) e il sito dei Falchi bianchi dove troverai qualche articolo tra cui il mio.... http://www.dogoargentinoclub.com/ - http://www.dogoargentinoclub.com/
http://www.falchibianchi.it/pagine%20italiano/articoli-1.htm - http://www.falchibianchi.it/pagine%20italiano/articoli-1.htm
p.s....quando fa lo stronzetto...non metterla sulla forza, anche se puo' servire...mettilo in uno stanzino ( uno sgabuzzino) e lascialo li' per un po' di tempo...quando esce non guardarlo...e dopo un po' ritorna a festeggiarlo...fai tutto sul tempo!
E' un molosso...una sorta di bambinone...e qs castighi li sentono piu' della mano....