Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

Finestre pop up che si aprono....grrrrrrrr

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

Finestre pop up che si aprono....grrrrrrrr

Postdi FilippoAlterEgo » 19/01/06 13:50

Salve a tutti!
Sono nuovo qui e purtroppo è da poco che conosco anche questo sito che mi sembra che sia veramente ben fatto. Io ho diversi anni passati sul pc anche se non mi considero un esperto visto che c'è sempre molto da imparare...soprattutto da quando sono venuto a conoscenza di questo forum!!!!
Sono qua per sottoporvi il mio problema che sembra non avere fine...
Mentre navigo si aprono delle finestre popup (o di casino o di programmi per sistemare errori nel pc o di donnine nude) e non riesco ad eliminarle... Credo di aver usato tutto l'utilizzabile, io ho norton come base, ho fatto scansioni con ADware,search&destroy,Bazooka, Spywareblaster,microsoft antispyware,ewido (seguendo le istruzioni descritte negli altri vari post)... non so piu che fare... io provo a postarvi anche il log di hija... ah, un altra cosa... a volte mi si avvia il pc senza protezione antivirus Norton e non me la fa attivare... se potete darmi una mano ve ne sarei molto grato...
Un saluto a tutti

Filippo



Your used version of a-squared HiJackFree: 1.20
The current version of a-squared HiJackFree: 1.20

Your used operating system version: Windows XP Service Pack 2
The current version of your operating system: Windows XP Service Pack 2

Registry Autoruns: Result ToDo
Name: ATIPTA
Path: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 4 - Bad: 0
View Details
Name: ATICCC
Path: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe runtime
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: CTSysVol
Path: C:\Programmi\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: CTDVDDET
Path: C:\Programmi\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 0
View Details
Name: UpdReg
Path: C:\WINDOWS\UpdReg.EXE
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: iamapp
Path: C:\Programmi\Norton Internet Security\IAMAPP.EXE
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: NAV Agent
Path: C:\PROGRA~1\NORTON~1\navapw32.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 3 - Bad: 4
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: Symantec NetDriver Monitor
Path: C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 0
View Details
Name: SunJavaUpdateSched
Path: C:\Programmi\Java\jre1.5.0_01\bin\jusched.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: BluetoothAuthenticationAgent
Path: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 14
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: SBDrvDet
Path: C:\Programmi\Creative\SB Drive Det\SBDrvDet.exe /r
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 0
View Details
Name: QuickTime Task
Path: C:\Programmi\QuickTime\qttask.exe -atboottime
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 3 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: Diagnostica SpeedTouch USB
Path: C:\Programmi\Alcatel\SpeedTouch USB\Dragdiag.exe /icon
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: WinampAgent
Path: C:\Programmi\Winamp\winampa.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 8
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: HydraVisionDesktopManager
Path: C:\Programmi\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: Draw Info Idle Bleh
Path: C:\Documents and Settings\All Users\Dati applicazioni\joy16drawinfo\Junk Loud.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 0 - Bad: 0
Unknown Item
Search at Google
Name: TkBellExe
Path: C:\Programmi\File comuni\Real\Update_OB\realsched.exe -osboot
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 5 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: gcasServ
Path: C:\Programmi\Microsoft AntiSpyware\gcasServ.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: MessengerPlus3
Path: C:\Programmi\MessengerPlus! 3\MsgPlus.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 3 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: CTFMON.EXE
Path: C:\WINDOWS\system32\ctfmon.exe
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: RemoteCenter
Path: C:\Programmi\Creative\MediaSource\RemoteControl\RcMan.exe
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: BIAS README
Path: C:\DOCUME~1\gnutti\DATIAP~1\CLOCKD~1\internet else manager.exe
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 0 - Bad: 0
Unknown Item
Search at Google
Name: TuneUp MemOptimizer
Path: C:\Programmi\TuneUp Utilities 2004\MemOptimizer.exe autostart
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: MessengerPlus3
Path: C:\Programmi\MessengerPlus! 3\MsgPlus.exe /WinStart
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 3 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: msnmsgr
Path: C:\Programmi\MSN Messenger\msnmsgr.exe /background
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 6
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Tricky and Other Autoruns: Result ToDo
Name: load
Path:
Location: win.ini
Not checked Unknown Item
Search at Google
Name: run
Path:
Location: win.ini
Not checked Unknown Item
Search at Google
Name: shell
Path: Explorer.exe
Location: win.ini
Not checked Unknown Item
Search at Google
Name: scrnsave.exe
Path:
Location: win.ini
Not checked Unknown Item
Search at Google
Name: nul
Path: C:\DOCUME~1\gnutti\IMPOST~1\Temp\~ef7194.tmp
Location: win.ini
Not checked Unknown Item
Search at Google
Name: nul
Path: C:\DOCUME~1\gnutti\IMPOST~1\Temp\~ef7194.tmp
Location: win.ini
Not checked Unknown Item
Search at Google
Name: nul
Path: C:\DOCUME~1\gnutti\IMPOST~1\Temp\~ef7194.tmp
Location: win.ini
Not checked Unknown Item
Search at Google
Name: Adobe Gamma
Path:
Location: C:\Documents and Settings\gnutti\Menu Avvio\Programmi\Esecuzione automatica\
Not checked Unknown Item
Search at Google
Name: ATI CATALYST System Tray
Path:
Location: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Not checked Unknown Item
Search at Google
Name: Avvio veloce di Adobe Reader
Path:
Location: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Not checked Unknown Item
Search at Google
Name: BTTray
Path:
Location: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Not checked Unknown Item
Search at Google
Name: 1-Click Maintenance
Path:
Location: C:\WINDOWS\tasks\
Not checked Unknown Item
Search at Google
Name: Norton AntiVirus - Scansione del computer
Path:
Location: C:\WINDOWS\tasks\
Not checked Unknown Item
Search at Google
Name: Symantec NetDetect
Path:
Location: C:\WINDOWS\tasks\
Not checked Unknown Item
Search at Google
Name: CTFMON.EXE
Path: C:\WINDOWS\system32\CTFMON.EXE
Location: HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run\
Not checked Unknown Item
Search at Google
Name: ATICCC
Path: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe runtime
Location: HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run\
Not checked Unknown Item
Search at Google
Name: Shell
Path: Explorer.exe
Location: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\
Not checked Unknown Item
Search at Google
Name: {22d6f312-b0f6-11d0-94ab-0080c74c7e95}
Path: C:\WINDOWS\inf\unregmp2.exe /ShowWMP
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {26923b43-4d38-484f-9b9e-de460746276c}
Path: C:\WINDOWS\system32\system32\shmgrate.exe OCInstallUserConfigIE
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {881dd1c5-3dcf-431b-b061-f3f88e8be88a}
Path: C:\WINDOWS\system32\system32\shmgrate.exe OCInstallUserConfigOE
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {2C7339CF-2B09-4501-B3F3-F3508C9228ED}
Path: C:\WINDOWS\system32\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\system32\themeui.dll
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
Path: C:\Programmi\Outlook Express\setup50.exe /APP:OE /CALLER:WINNT /user /install
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {44BBA842-CC51-11CF-AAFA-00AA00B6015B}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {5945c046-1e7d-11d1-bc44-00c04fd912be}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {6BF52A52-394A-11d3-B153-00C04F79FAA6}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {7790769C-0471-11d2-AF11-00C04FA35D02}
Path: C:\Programmi\Outlook Express\setup50.exe /APP:WAB /CALLER:WINNT /user /install
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {89820200-ECBD-11cf-8B85-00AA005B4340}
Path: regsvr32.exe /s /n /i:U shell32.dll
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {89820200-ECBD-11cf-8B85-00AA005B4383}
Path: C:\WINDOWS\system32\system32\ie4uinit.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {89B4C1CD-B018-4511-B0A1-5476DBF70820}
Path: C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: File di script VBScript
Path: C:\WINDOWS\system32\System32\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\vbsfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: File di script codificato in VBScript
Path: C:\WINDOWS\system32\System32\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\vbefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: File di script JScript
Path: C:\WINDOWS\system32\System32\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\jsfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: File di script codificato in JScript
Path: C:\WINDOWS\system32\System32\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\jsefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: File di impostazioni di Windows Script Host
Path: C:\WINDOWS\system32\System32\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\wshfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: File di script Windows
Path: C:\WINDOWS\system32\System32\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\wsffile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Applicazione
Path: %1 %*
Location: HKEY_CLASSES_ROOT\exefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Applicazione per MS-DOS
Path: %1 %*
Location: HKEY_CLASSES_ROOT\comfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: File batch MS-DOS
Path: %1 %*
Location: HKEY_CLASSES_ROOT\batfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Screen saver
Path: %1 /S
Location: HKEY_CLASSES_ROOT\scrfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Collegamento ad un programma per MS-DOS
Path: %1 %*
Location: HKEY_CLASSES_ROOT\piffile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: BootExecute
Path: autocheck autochk *
Location: HKLM\System\CurrentControlSet\Control\Session Manager\
Not checked Unknown Item
Search at Google
Name: PostBootReminder
Path: C:\WINDOWS\system32\system32\SHELL32.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Name: CDBurn
Path: C:\WINDOWS\system32\system32\SHELL32.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Name: WebCheck
Path: C:\WINDOWS\system32\System32\webcheck.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Name: SysTray
Path: C:\WINDOWS\system32\stobject.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Layered Service Providers (LSP): Result ToDo
Name: mswsock.dll
Path: C:\WINDOWS\system32\system32\
Location: HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\
Good: 1 - Bad: 0
View Details
Name: rsvpsp.dll
Path: C:\WINDOWS\system32\system32\
Location: HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\
Good: 1 - Bad: 0
View Details
Explorer And Browser Addons: Result ToDo
Name: AcroIEHlprObj Class
Path: C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
ClsID: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
Good: 1 - Bad: 0
View Details
Name:
Path: C:\Programmi\Spybot - Search Destroy\SDHelper.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
ClsID: {53707962-6F74-2D53-2644-206D7942484F}
Good: 1 - Bad: 0
View Details
Name:
Path:
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
ClsID: {5CD448F4-8A09-F1EA-05E6-2FF6D406980F}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Name: CNavExtBho Class
Path: C:\Programmi\Norton AntiVirus\NavShExt.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
ClsID: {BDF3E430-B101-42AD-A544-FADC6B084872}
Good: 1 - Bad: 0
View Details
Name: Hook per lesecuzione degli URL
Path: shell32.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
ClsID: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Name: Microsoft.AntiSpyware.ShellExecuteHook.1
Path: C:\Programmi\Microsoft AntiSpyware\shellextension.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
ClsID: {9EF34FF2-3396-4527-9D27-04C8C1C67806}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Name: CShellExecuteHookImpl Object
Path: C:\Programmi\ewido anti-malware\shellhook.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
ClsID: {54D9498B-CF93-414F-8984-8CE7FDE0D391}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Name: Norton AntiVirus
Path: C:\Programmi\Norton AntiVirus\NavShExt.dll
Location: HKLM\Software\Microsoft\Internet Explorer\Toolbar\
ClsID: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}
Good: 1 - Bad: 0
View Details
Local Open Ports: Result ToDo
Port: 135 TCP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1012)
Good: 1 - Bad: 0
View Details
Port: 139 TCP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1108)
Good: 1 - Bad: 0
View Details
Port: 445 TCP
Path: ? (Process ID: 4)
Good: 1 - Bad: 0
View Details
Port: 1025 TCP
Path: C:\Programmi\Norton AntiVirus\navapw32.exe (Process ID: 320)
Good: 1 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Port: 1035 TCP
Path: C:\Programmi\Norton Internet Security\SymProxySvc.exe (Process ID: 2292)
Good: 1 - Bad: 0
View Details
Port: 1035 TCP
Path: C:\Programmi\Norton Internet Security\SymProxySvc.exe (Process ID: 2292)
Good: 1 - Bad: 0
View Details
Port: 1041 TCP
Path: C:\WINDOWS\system32\alg.exe (Process ID: 2864)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 1097 TCP
Path: C:\Programmi\MSN Messenger\msnmsgr.exe (Process ID: 2184)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Port: 1098 TCP
Path: C:\Programmi\Norton Internet Security\SymProxySvc.exe (Process ID: 2292)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Port: 1117 TCP
Path: C:\Programmi\MSN Messenger\msnmsgr.exe (Process ID: 2184)
Good: 1 - Bad: 0
View Details
Port: 1124 TCP
Path: C:\Programmi\MSN Messenger\msnmsgr.exe (Process ID: 2184)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 1200 TCP
Path: ? (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 1203 TCP
Path: ? (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 9 UDP
Path: C:\Programmi\MSN Messenger\msnmsgr.exe (Process ID: 2184)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 123 UDP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1108)
Good: 1 - Bad: 0
View Details
Port: 123 UDP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1108)
Good: 1 - Bad: 0
View Details
Port: 137 UDP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1108)
Good: 1 - Bad: 0
View Details
Port: 138 UDP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1108)
Good: 1 - Bad: 0
View Details
Port: 445 UDP
Path: ? (Process ID: 4)
Good: 1 - Bad: 0
View Details
Port: 500 UDP
Path: C:\WINDOWS\system32\lsass.exe (Process ID: 776)
Good: 1 - Bad: 0
View Details
Port: 1094 UDP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1220)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 1100 UDP
Path: C:\Programmi\MSN Messenger\msnmsgr.exe (Process ID: 2184)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 1101 UDP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1220)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 1121 UDP
Path: C:\Programmi\Internet Explorer\iexplore.exe (Process ID: 1172)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 4500 UDP
Path: C:\WINDOWS\system32\lsass.exe (Process ID: 776)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Running Processes: Result ToDo
Name: [System Process]
Process ID: 0
Path:
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: System
Process ID: 4
Path:
Info: Threads: 65 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: ewidoctrl.exe
Process ID: 148
Path: C:\Programmi\ewido anti-malware\
Info: Threads: 5 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: ewidoguard.exe
Process ID: 184
Path: C:\Programmi\ewido anti-malware\
Info: Threads: 9 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: CTSysVol.exe
Process ID: 248
Path: C:\Programmi\Creative\SBAudigy2ZS\Surround Mixer\
Info: Threads: 2 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: CTDVDDet.EXE
Process ID: 256
Path: C:\Programmi\Creative\SBAudigy2ZS\DVDAudio\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: IAMAPP.EXE
Process ID: 284
Path: C:\Programmi\Norton Internet Security\
Info: Threads: 7 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: navapw32.exe
Process ID: 320
Path: C:\Programmi\Norton AntiVirus\
Info: Threads: 10 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: jusched.exe
Process ID: 340
Path: C:\Programmi\Java\jre1.5.0_01\bin\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: rundll32.exe
Process ID: 344
Path: C:\WINDOWS\system32\
Info: Threads: 4 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: qttask.exe
Process ID: 484
Path: C:\Programmi\QuickTime\
Info: Threads: 2 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: realsched.exe
Process ID: 488
Path: C:\Programmi\File comuni\Real\Update_OB\
Info: Threads: 4 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: Dragdiag.exe
Process ID: 496
Path: C:\Programmi\Alcatel\SpeedTouch USB\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: winampa.exe
Process ID: 512
Path: C:\Programmi\Winamp\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: HydraDM.exe
Process ID: 520
Path: C:\Programmi\ATI Technologies\ATI HYDRAVISION\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: gcasServ.exe
Process ID: 576
Path: C:\Programmi\Microsoft AntiSpyware\
Info: Threads: 5 - Priority: Low - Visible: No
Good: 1 - Bad: 0
View Details
Name: smss.exe
Process ID: 616
Path: C:\WINDOWS\system32\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: navapsvc.exe
Process ID: 632
Path: C:\Programmi\Norton AntiVirus\
Info: Threads: 10 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: MsgPlus.exe
Process ID: 684
Path: C:\Programmi\MessengerPlus! 3\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: csrss.exe
Process ID: 696
Path: C:\WINDOWS\system32\
Info: Threads: 11 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: winlogon.exe
Process ID: 720
Path: C:\WINDOWS\system32\
Info: Threads: 25 - Priority: High - Visible: No
Good: 1 - Bad: 0
View Details
Name: services.exe
Process ID: 764
Path: C:\WINDOWS\system32\
Info: Threads: 16 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: lsass.exe
Process ID: 776
Path: C:\WINDOWS\system32\
Info: Threads: 19 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: NISUM.EXE
Process ID: 828
Path: C:\Programmi\Norton Internet Security\
Info: Threads: 5 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: Ati2evxx.exe
Process ID: 940
Path: C:\WINDOWS\system32\
Info: Threads: 4 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: svchost.exe
Process ID: 956
Path: C:\WINDOWS\system32\
Info: Threads: 15 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: svchost.exe
Process ID: 1012
Path: C:\WINDOWS\system32\
Info: Threads: 11 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: WinStylerThemeSvc.exe
Process ID: 1024
Path: C:\Programmi\TuneUp Utilities 2004\
Info: Threads: 4 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: svchost.exe
Process ID: 1108
Path: C:\WINDOWS\system32\
Info: Threads: 71 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: ctfmon.exe
Process ID: 1164
Path: C:\WINDOWS\system32\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: iexplore.exe
Process ID: 1172
Path: C:\Programmi\Internet Explorer\
Info: Threads: 11 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: RcMan.exe
Process ID: 1192
Path: C:\Programmi\Creative\MediaSource\RemoteControl\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: svchost.exe
Process ID: 1220
Path: C:\WINDOWS\system32\
Info: Threads: 6 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: iexplore.exe
Process ID: 1228
Path: C:\Programmi\Internet Explorer\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: svchost.exe
Process ID: 1244
Path: C:\WINDOWS\system32\
Info: Threads: 8 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: svchost.exe
Process ID: 1280
Path: C:\WINDOWS\system32\
Info: Threads: 6 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: MemOptimizer.exe
Process ID: 1304
Path: C:\Programmi\TuneUp Utilities 2004\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: spoolsv.exe
Process ID: 1396
Path: C:\WINDOWS\system32\
Info: Threads: 12 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: BTTray.exe
Process ID: 1564
Path: C:\Programmi\WIDCOMM\Software Bluetooth\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: gcasDtServ.exe
Process ID: 1676
Path: C:\Programmi\Microsoft AntiSpyware\
Info: Threads: 6 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: Ati2evxx.exe
Process ID: 1792
Path: C:\WINDOWS\system32\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: Explorer.EXE
Process ID: 1844
Path: C:\WINDOWS\
Info: Threads: 14 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: svchost.exe
Process ID: 1920
Path: C:\WINDOWS\system32\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: btwdins.exe
Process ID: 1968
Path: C:\Programmi\WIDCOMM\Software Bluetooth\bin\
Info: Threads: 4 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: CDAC11BA.EXE
Process ID: 1984
Path: C:\WINDOWS\system32\drivers\
Info: Threads: 4 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: CTsvcCDA.exe
Process ID: 2012
Path: C:\WINDOWS\system32\
Info: Threads: 2 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: wdfmgr.exe
Process ID: 2068
Path: C:\WINDOWS\system32\
Info: Threads: 4 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: MsPMSPSv.exe
Process ID: 2112
Path: C:\WINDOWS\system32\
Info: Threads: 2 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: NISSERV.EXE
Process ID: 2172
Path: C:\Programmi\Norton Internet Security\
Info: Threads: 10 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: msnmsgr.exe
Process ID: 2184
Path: C:\Programmi\MSN Messenger\
Info: Threads: 12 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: SymProxySvc.exe
Process ID: 2292
Path: C:\Programmi\Norton Internet Security\
Info: Threads: 20 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: SymWSC.exe
Process ID: 2332
Path: C:\Programmi\File comuni\Symantec Shared\Security Center\
Info: Threads: 10 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: alg.exe
Process ID: 2864
Path: C:\WINDOWS\system32\
Info: Threads: 6 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: wmiprvse.exe
Process ID: 3768
Path: C:\WINDOWS\system32\wbem\
Info: Threads: 6 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: a2hijackfree.exe (a-squared HiJackFree)
Process ID: 3908
Path: C:\Documents and Settings\gnutti\Desktop\
Info: Threads: 2 - Priority: Normal - Visible: Yes
Good: 1 - Bad: 0
View Details
This analysis is saved and available for at least 7 days at this website address.

Analysis generated on 1/19/2006 1:48:02 PM
FilippoAlterEgo
Utente Junior
 
Post: 29
Iscritto il: 19/01/06 04:24

Sponsor
 

Postdi FilippoAlterEgo » 19/01/06 13:50

mi sa che ho postato male il log... mi dite come si fa in maniera corretta? grazie....

Filippo
FilippoAlterEgo
Utente Junior
 
Post: 29
Iscritto il: 19/01/06 04:24

Postdi FilippoAlterEgo » 19/01/06 13:58

eccolo...scusate l'ignoranza.... non è bel modo per presentarsi, ma spero di migliorare!

Logfile of HijackThis v1.99.1
Scan saved at 13.56.37, on 19/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\TuneUp Utilities 2004\WinStylerThemeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programmi\ewido anti-malware\ewidoctrl.exe
C:\Programmi\ewido anti-malware\ewidoguard.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\Programmi\Norton Internet Security\NISUM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Norton Internet Security\SymProxySvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Programmi\Norton Internet Security\NISSERV.EXE
C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Programmi\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Programmi\Java\jre1.5.0_01\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Programmi\Winamp\winampa.exe
C:\Programmi\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Microsoft AntiSpyware\gcasServ.exe
C:\Programmi\MessengerPlus! 3\MsgPlus.exe
C:\Programmi\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Creative\MediaSource\RemoteControl\RcMan.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programmi\TuneUp Utilities 2004\MemOptimizer.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\ATI Technologies\ATI.ACE\CLI.exe
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\Winamp\winamp.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\gnutti\Desktop\a2hijackfree.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\gnutti\IMPOST~1\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Filippo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5CD448F4-8A09-F1EA-05E6-2FF6D406980F} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CTSysVol] C:\Programmi\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Programmi\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [iamapp] C:\Programmi\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SBDrvDet] C:\Programmi\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Diagnostica SpeedTouch USB] "C:\Programmi\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Programmi\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gcasServ] "C:\Programmi\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Programmi\Creative\MediaSource\RemoteControl\RcMan.exe
O4 - HKCU\..\Run: [BIAS README] C:\DOCUME~1\gnutti\DATIAP~1\CLOCKD~1\internet else manager.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programmi\TuneUp Utilities 2004\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Programmi\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay102.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.pcpitstop.com/pestscan/pestscan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8534776218
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8535180218
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b32846.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.shockwave.com/content/zuma/p ... der_v5.cab
O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{98A8389E-432B-43F0-A8B1-D68F8F05AA92}: NameServer = 62.94.0.1 62.94.0.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF049D09-8389-4408-817E-8C9249886AAE}: NameServer = 151.99.125.2,151.99.250.2
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Boonty Games - BOONTY - C:\Programmi\File comuni\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmi\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmi\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Programmi\Norton Internet Security\NISSERV.EXE
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Programmi\Norton Internet Security\NISUM.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\SymProxySvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programmi\TuneUp Utilities 2004\WinStylerThemeSvc.exe
FilippoAlterEgo
Utente Junior
 
Post: 29
Iscritto il: 19/01/06 04:24


Torna a Sicurezza e Privacy


Topic correlati a "Finestre pop up che si aprono....grrrrrrrr":


Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti