Condividi:        

Di nuovo LinkOptimizer????

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Di nuovo LinkOptimizer????

Postdi Angie » 11/12/06 10:05

Salve a tutti. Un mese fa, grazie al preziosissimo aiuto di Luke, ho eliminato LinkOptimizer dal mio PC. Almeno credevo di averlo fatto! Ieri sera il mio computer ha ripreso ad andare molto lentamente. Insospettita ho avviato l'Ad-Aware e ho trovato quattro maleware che ho subito eliminato. Posto il log della scansione:


Ad-Aware SE Build 1.05
Logfile Created on:domenica 10 dicembre 2006 21.35.47
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R137 06.12.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.LinkOptimizer(TAC index:4):4 total references
MRU List(TAC index:0):26 total references
Tracking Cookie(TAC index:3):38 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


10-12-2006 21.35.47 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Cicciog\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles
Description : list of recently used files in adobe reader


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\adobe\photoshop\7.0\visiteddirs
Description : adobe photoshop 7 recent work folders


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\frontpage\editor
Description : default add image directory for microsoft frontpage


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\frontpage\editor\per-web image save directories
Description : list of image save directories per web in microsoft frontpage


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\frontpage\explorer\frontpage explorer\recent file list
Description : list of recently used files in microsoft frontpage


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\frontpage\explorer\frontpage explorer\recent page list
Description : list of recently used pages in microsoft frontpage


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\frontpage\explorer\frontpage explorer\recent web list
Description : list of recently used webs in microsoft frontpage


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\nico mak computing\winzip\filemenu
Description : winzip recently used archives


MRU List Object Recognized!
Location: : S-1-5-21-73586283-1972579041-682003330-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 576
ThreadCreationTime : 10-12-2006 20.31.02
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 640
ThreadCreationTime : 10-12-2006 20.31.06
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 664
ThreadCreationTime : 10-12-2006 20.31.06
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 708
ThreadCreationTime : 10-12-2006 20.31.06
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applicazione Servizi e Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tutti i diritti riservati.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 720
ThreadCreationTime : 10-12-2006 20.31.06
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 904
ThreadCreationTime : 10-12-2006 20.31.07
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 996
ThreadCreationTime : 10-12-2006 20.31.07
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1060
ThreadCreationTime : 10-12-2006 20.31.07
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1088
ThreadCreationTime : 10-12-2006 20.31.07
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1440
ThreadCreationTime : 10-12-2006 20.31.09
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:11 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1484
ThreadCreationTime : 10-12-2006 20.31.09
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Esplora risorse
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tutti i diritti riservati.
OriginalFilename : EXPLORER.EXE

#:12 [nvatray.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1576
ThreadCreationTime : 10-12-2006 20.31.10
BasePriority : Normal
FileVersion : 5.10.2856.0
ProductVersion : 5.10.2856.0
ProductName : NVIDIA nForce(TM) Audio Driver
CompanyName : NVIDIA Corporation
FileDescription : NV Audio Panel Tray Application
InternalName : NVIDIA nForce(TM) Audio Driver
LegalCopyright : Copyright(C) 2000-2002 NVIDIA Corporation
OriginalFilename : nvatray.exe

#:13 [opware32.exe]
FilePath : C:\Programmi\ScanSoft\OmniPageSE\
ProcessID : 1600
ThreadCreationTime : 10-12-2006 20.31.10
BasePriority : Normal
FileVersion : 11.0
ProductVersion : 11.0
ProductName : OmniPage SE
CompanyName : ScanSoft, Inc
FileDescription : OCR Aware (32-bit)
InternalName : Opware32.exe
LegalCopyright : Copyright © 1995-2000 ScanSoft, Inc
OriginalFilename : Opware32.exe

#:14 [realsched.exe]
FilePath : C:\Programmi\File comuni\Real\Update_OB\
ProcessID : 1616
ThreadCreationTime : 10-12-2006 20.31.10
BasePriority : Normal
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
ProductName : RealOne Player (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2002
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:15 [ashdisp.exe]
FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
ProcessID : 1628
ThreadCreationTime : 10-12-2006 20.31.10
BasePriority : Normal
FileVersion : 5, 0, 0, 0
ProductVersion : 5, 0, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright (c) 2006 ALWIL Software
OriginalFilename : aswDisp.exe

#:16 [qttask.exe]
FilePath : C:\Programmi\QuickTime\
ProcessID : 1636
ThreadCreationTime : 10-12-2006 20.31.10
BasePriority : Normal
FileVersion : 7.0.3
ProductVersion : QuickTime 7.0.3
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
FileDescription : QuickTime Task
InternalName : QuickTime Task
LegalCopyright : Copyright Apple Computer, Inc. 1989-2005
OriginalFilename : QTTask.exe

#:17 [siteadv.exe]
FilePath : C:\Programmi\SiteAdvisor\4608\
ProcessID : 1644
ThreadCreationTime : 10-12-2006 20.31.10
BasePriority : Normal
FileVersion : 1.7.0.53
ProductVersion : 1.7.0.53
ProductName : SiteAdvisor
CompanyName : McAfee, Inc.
FileDescription : SiteAdvisor
InternalName : SiteAdv
LegalCopyright : Copyright McAfee, Inc. All rights reserved.
OriginalFilename : SiteAdv

#:18 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1656
ThreadCreationTime : 10-12-2006 20.31.10
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:19 [msmsgs.exe]
FilePath : C:\Programmi\Messenger\
ProcessID : 1668
ThreadCreationTime : 10-12-2006 20.31.10
BasePriority : Normal
FileVersion : 4.7.0041
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2001
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:20 [aswupdsv.exe]
FilePath : C:\Programmi\Alwil Software\Avast4\
ProcessID : 260
ThreadCreationTime : 10-12-2006 20.31.15
BasePriority : Normal


#:21 [ashserv.exe]
FilePath : C:\Programmi\Alwil Software\Avast4\
ProcessID : 280
ThreadCreationTime : 10-12-2006 20.31.15
BasePriority : High
FileVersion : 4, 7, 889, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright (c) 2006 ALWIL Software
OriginalFilename : aswServ.exe

#:22 [sagent2.exe]
FilePath : C:\Programmi\File comuni\EPSON\EBAPI\
ProcessID : 320
ThreadCreationTime : 10-12-2006 20.31.15
BasePriority : Normal
FileVersion : 2, 1, 0, 0
ProductVersion : 1, 0, 0, 0
ProductName : EPSON Bidirectional Printer
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Printer Status Agent
InternalName : SAgent2
LegalCopyright : Copyright (C) SEIKO EPSON CORP. 2000-2001
OriginalFilename : SAgent2.exe

#:23 [ewidoctrl.exe]
FilePath : D:\ewido anti-malware\
ProcessID : 272
ThreadCreationTime : 10-12-2006 20.31.15
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : ewido control
CompanyName : ewido networks
FileDescription : ewido control
InternalName : ewido control
LegalCopyright : Copyright © 2004
OriginalFilename : ewidoctrl.exe

#:24 [mdm.exe]
FilePath : C:\Programmi\File comuni\Microsoft Shared\VS7Debug\
ProcessID : 420
ThreadCreationTime : 10-12-2006 20.31.16
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe

#:25 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 508
ThreadCreationTime : 10-12-2006 20.31.17
BasePriority : Normal
FileVersion : 6.13.10.4072
ProductVersion : 6.13.10.4072
ProductName : NVIDIA Driver Helper Service, Version 40.72
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 40.72
InternalName : NVSVC
LegalCopyright : (C) NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:26 [saservice.exe]
FilePath : C:\Programmi\SiteAdvisor\4608\
ProcessID : 644
ThreadCreationTime : 10-12-2006 20.31.20
BasePriority : Normal


#:27 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1016
ThreadCreationTime : 10-12-2006 20.31.22
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:28 [ashwebsv.exe]
FilePath : C:\Programmi\Alwil Software\Avast4\
ProcessID : 1340
ThreadCreationTime : 10-12-2006 20.31.42
BasePriority : Normal


#:29 [ashmaisv.exe]
FilePath : C:\Programmi\Alwil Software\Avast4\
ProcessID : 1132
ThreadCreationTime : 10-12-2006 20.31.43
BasePriority : Normal


#:30 [rnathchk.exe]
FilePath : C:\Programmi\File comuni\Real\Update_OB\
ProcessID : 2492
ThreadCreationTime : 10-12-2006 20.32.43
BasePriority : Normal
FileVersion : 7.0.0.1176
ProductVersion : 7.0.0.1176
ProductName : RealOne Player (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks ATH Check App
InternalName : rnathchk
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2002
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : rnathchk.EXE

#:31 [googletoolbarnotifier.exe]
FilePath : C:\Programmi\Google\GoogleToolbarNotifier\1.2.908.5008\
ProcessID : 2700
ThreadCreationTime : 10-12-2006 20.32.51
BasePriority : Normal
FileVersion : 1, 2, 908, 5008
ProductVersion : 1, 2, 908, 5008
ProductName : GoogleToolbarNotifier
CompanyName : Google Inc.
FileDescription : GoogleToolbarNotifier
LegalCopyright : Copyright © 2005-2006
OriginalFilename : GoogleToolbarNotifier.exe

#:32 [ad-aware.exe]
FilePath : C:\Programmi\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2532
ThreadCreationTime : 10-12-2006 20.34.51
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 26


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.LinkOptimizer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{e3a77057-d10b-b02a-d823-22e020c583b5}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 27


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@kelkoo[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:cicciog@kelkoo.com/
Expires : 07-11-2008 11.43.42
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@xml.bravenetmedianetwork[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:cicciog@xml.bravenetmedianetwork.com/
Expires : 26-11-2006 15.50.42
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@fastclick[1].txt
Category : Data Miner
Comment : Hits:537
Value : Cookie:cicciog@fastclick.net/
Expires : 09-12-2008 21.25.14
LastSync : Hits:537
UseCount : 0
Hits : 537

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@studenti.adbureau[2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:cicciog@studenti.adbureau.net/
Expires : 01-03-2007 1.00.00
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@ads.pointroll[2].txt
Category : Data Miner
Comment : Hits:12
Value : Cookie:cicciog@ads.pointroll.com/
Expires : 01-01-2010 1.00.00
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@bravenet[2].txt
Category : Data Miner
Comment : Hits:96
Value : Cookie:cicciog@bravenet.com/
Expires : 07-12-2016 21.27.36
LastSync : Hits:96
UseCount : 0
Hits : 96

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@statcounter[1].txt
Category : Data Miner
Comment : Hits:9
Value : Cookie:cicciog@statcounter.com/
Expires : 08-12-2011 11.23.46
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@overstock[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:cicciog@overstock.com/
Expires : 19-02-2020 15.28.00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@mediaplex[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:cicciog@mediaplex.com/
Expires : 22-06-2009 1.00.00
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@ehg-camcorderinfo.hitbox[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:cicciog@ehg-camcorderinfo.hitbox.com/
Expires : 10-12-2007 17.25.52
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@2o7[2].txt
Category : Data Miner
Comment : Hits:12
Value : Cookie:cicciog@2o7.net/
Expires : 04-11-2011 16.59.44
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@atdmt[2].txt
Category : Data Miner
Comment : Hits:31
Value : Cookie:cicciog@atdmt.com/
Expires : 25-10-2011 1.00.00
LastSync : Hits:31
UseCount : 0
Hits : 31

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@112.2o7[2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:cicciog@112.2o7.net/
Expires : 04-11-2011 16.55.00
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@kelkoo[2].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:cicciog@kelkoo.it/
Expires : 07-11-2008 11.43.42
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@e-2dj6wjmiwkc5ibo.stats.esomniture[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:cicciog@e-2dj6wjmiwkc5ibo.stats.esomniture.com/
Expires : 27-10-2011 9.56.40
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@statse.webtrendslive[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:cicciog@statse.webtrendslive.com/
Expires : 05-11-2016 18.01.32
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@overture[1].txt
Category : Data Miner
Comment : Hits:16
Value : Cookie:cicciog@overture.com/
Expires : 06-12-2016 11.24.12
LastSync : Hits:16
UseCount : 0
Hits : 16

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@msnportal.112.2o7[2].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:cicciog@msnportal.112.2o7.net/
Expires : 01-12-2011 18.12.18
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@marthastewart.122.2o7[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:cicciog@marthastewart.122.2o7.net/
Expires : 09-11-2011 15.39.26
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@findwhat[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:cicciog@findwhat.com/
Expires : 01-01-2020 1.00.02
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@247realmedia[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:cicciog@247realmedia.com/
Expires : 09-12-2007 14.04.00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@serving-sys[1].txt
Category : Data Miner
Comment : Hits:15
Value : Cookie:cicciog@serving-sys.com/
Expires : 31-12-2037 23.00.00
LastSync : Hits:15
UseCount : 0
Hits : 15

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@advertising[2].txt
Category : Data Miner
Comment : Hits:16
Value : Cookie:cicciog@advertising.com/
Expires : 03-11-2011 18.37.56
LastSync : Hits:16
UseCount : 0
Hits : 16

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@casalemedia[2].txt
Category : Data Miner
Comment : Hits:791
Value : Cookie:cicciog@casalemedia.com/
Expires : 01-12-2007 16.25.16
LastSync : Hits:791
UseCount : 0
Hits : 791

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@mercury.bravenet[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:cicciog@mercury.bravenet.com/
Expires : 10-12-2006 21.32.38
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@edge.ru4[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:cicciog@edge.ru4.com/
Expires : 01-12-2036 11.19.30
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@trafic[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:cicciog@trafic.ro/
Expires : 11-01-2037 15.00.00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@tradedoubler[2].txt
Category : Data Miner
Comment : Hits:47
Value : Cookie:cicciog@tradedoubler.com/
Expires : 05-12-2026 20.23.46
LastSync : Hits:47
UseCount : 0
Hits : 47

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@doubleclick[2].txt
Category : Data Miner
Comment : Hits:65
Value : Cookie:cicciog@doubleclick.net/
Expires : 25-10-2009 22.38.34
LastSync : Hits:65
UseCount : 0
Hits : 65

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@hitbox[2].txt
Category : Data Miner
Comment : Hits:7
Value : Cookie:cicciog@hitbox.com/
Expires : 10-12-2007 17.25.52
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@bravenetmedianetwork[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:cicciog@bravenetmedianetwork.com/
Expires : 26-11-2006 15.50.42
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@tribalfusion[1].txt
Category : Data Miner
Comment : Hits:77
Value : Cookie:cicciog@tribalfusion.com/
Expires : 01-01-2038 1.00.00
LastSync : Hits:77
UseCount : 0
Hits : 77

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@apmebf[2].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:cicciog@apmebf.com/
Expires : 15-11-2011 12.36.54
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@perf.overture[1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:cicciog@perf.overture.com/
Expires : 26-10-2010 17.07.22
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@zedo[1].txt
Category : Data Miner
Comment : Hits:10
Value : Cookie:cicciog@zedo.com/
Expires : 08-11-2016 18.16.30
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@bluestreak[1].txt
Category : Data Miner
Comment : Hits:10
Value : Cookie:cicciog@bluestreak.com/
Expires : 14-11-2016 16.15.36
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@adtech[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:cicciog@adtech.de/
Expires : 05-11-2016 18.06.10
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : cicciog@ehg-dig.hitbox[1].txt
Category : Data Miner
Comment : Hits:9
Value : Cookie:cicciog@ehg-dig.hitbox.com/
Expires : 07-12-2007 17.16.16
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 38
Objects found so far: 65



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 65


Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 65


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
53 entries scanned.
New critical objects:0
Objects found so far: 65




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.LinkOptimizer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\urlsearchhooks

Adware.LinkOptimizer Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\urlsearchhooks
Value : {CFBFAE00-17A6-11D0-99CB-00C04FD64497}

Adware.LinkOptimizer Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\urlsearchhooks
Value : {9713AED6-5B85-BC22-461F-F171773A079D}

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 3
Objects found so far: 68

21.49.24 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00.13.36.531
Objects scanned:157149
Objects identified:42
Objects ignored:0
New critical objects:42

Questa mattina ho fatto anche la scansione con HijackThis. Per prima cosa mi salva il log in un file che poi non posso più aprire, quindi ho dovuto rifarlo e prima di chiuderlo lo devo copiare al volo per poi postarlo qui. Inoltre ho appena scoperto che in C:\Documents and Settings c'è una cartella di nome "ucqryFctdIHbBcSde" che contiene Cookies, Documenti, Preferiti, Desktop e Menu avvio. In pratica deve essere successo qualcosa che ha cambiato il nome della cartella o... non lo so più, so solo che mi sembra una lotta senza mai fine questa.
Vi posto il log di HijackThis e confido nella vostra cortesia. Grazie!

Logfile of HijackThis v1.99.1
Scan saved at 9.58.54, on 11/12/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\NVATray.exe
C:\Programmi\ScanSoft\OmniPageSE\opware32.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\SiteAdvisor\4608\SiteAdv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\File comuni\Real\Update_OB\rnathchk.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
D:\ewido anti-malware\ewidoctrl.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmi\SiteAdvisor\4608\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Cicciog\Impostazioni locali\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Programmi\SiteAdvisor\4608\SiteAdv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programmi\SiteAdvisor\4608\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Omnipage] C:\Programmi\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SiteAdvisor] C:\Programmi\SiteAdvisor\4608\SiteAdv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O17 - HKLM\System\CCS\Services\Tcpip\..\{CDAE2679-C1B3-4972-9F4B-7E960F479922}: NameServer = 212.216.172.62,195.31.190.31
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Programmi\SiteAdvisor\4608\SiteAdv.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - D:\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Programmi\SiteAdvisor\4608\SAService.exe
Angie
Utente Junior
 
Post: 29
Iscritto il: 07/04/06 12:02

Sponsor
 

Postdi Luke57 » 11/12/06 10:48

Ciao, prova a far girare i tools appositi:
http://www.pc-facile.com/forum/viewtopic.php?t=49816

Eseguili uno alla volta; disattiva il tuo antivirus durante la scansione.

Quello della prevx fa riavviare il computer e al riavvio viene eseguita la scansione, al termine della quale viene rilasciato un report che trovi in C:\Gromozon_Removal.log.

Poi esegui il tool della symantec (dalla modalità provvisoria; se
non sai come andarci, premi ripetutamente il tasto F8 all'accensione del computer prima che inizi a caricarsi windows; sulla schermata grigia che appare scegli modalità provvisoria spostandoti con le freccette e premendo invio).

Anche questo tool rilascia un rapporto della scansione nella cartella dove
hai messo il file (Fixlinkopt.log)

Posta i report delle scansioni dei due tools.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi Angie » 11/12/06 17:31

Ciao Luke! Ho eseguito le operazioni che mi hai consigliato ed ecco i risultati.

prevx
Removal tool loaded into memory
Gromozon rootkit component not detected - searching for other components
Scanning: C:\WINDOWS
Scanning: C:\Programmi\File comuni


Trojan.Gromozon does not exist - your system is clean.

Fixlinkopt
Symantec Trojan.Linkoptimizer Removal Tool 1.0.8

Trojan.Linkoptimizer has not been found on your computer.

Ed ora? Ti faccio notare che quella cartella ha ancora quel nome strano. Grazie!
Angie
Utente Junior
 
Post: 29
Iscritto il: 07/04/06 12:02

Postdi Luke57 » 11/12/06 19:00

Ciao, lancia questo comando:
start>esegui>control userpasswords2 (lo digiti nello spazio)>OK
nella finestra Account, cerchi tra gli utenti se è presente uno con lo stesso nome della cartella; se sì, lo evidenzi e lo rimuovi. Poi vai in C:\Documents and settings ed elimini la cartella.
Poi apri il registro di sistema:
start>esegui>regedit (lo digiti nello spazio)>OK
aperto l'editor, segui questo percorso (cliccando sul segno + accanto alle singole voci):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\SpecialAccounts\UserList, click su quest'ultima cartella e se all'interno trovi lo stesso nome della famigerata cartella, lo evidenzi con il tasto dx e scegli Elimina, chiudi il registro.
Con hiajckthis elimina la voce R3.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi Angie » 11/12/06 19:34

Rieccomi Luke. Ho fatto tutti i passaggi che hai detto tu. Ti posto il log di hijackthis dopo aver eliminato la voce R3, anche il rapporto, una volta salvato non si può più aprire. Ora riavvio il computer e aspetto tue ulteriori istruzioni.

Logfile of HijackThis v1.99.1
Scan saved at 19.29.01, on 11/12/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\NVATray.exe
C:\Programmi\ScanSoft\OmniPageSE\opware32.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\File comuni\Real\Update_OB\rnathchk.exe
C:\Programmi\SiteAdvisor\4608\SiteAdv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
D:\ewido anti-malware\ewidoctrl.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmi\SiteAdvisor\4608\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Cicciog\Impostazioni locali\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Programmi\SiteAdvisor\4608\SiteAdv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programmi\SiteAdvisor\4608\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Omnipage] C:\Programmi\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SiteAdvisor] C:\Programmi\SiteAdvisor\4608\SiteAdv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O17 - HKLM\System\CCS\Services\Tcpip\..\{CDAE2679-C1B3-4972-9F4B-7E960F479922}: NameServer = 212.216.172.62,195.31.190.31
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Programmi\SiteAdvisor\4608\SiteAdv.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - D:\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Programmi\SiteAdvisor\4608\SAService.exe
Angie
Utente Junior
 
Post: 29
Iscritto il: 07/04/06 12:02


Torna a Sicurezza e Privacy


Topic correlati a "Di nuovo LinkOptimizer????":

Nuovo notebook
Autore: Tony2
Forum: Consigli per gli acquisti
Risposte: 4

Chi c’è in linea

Visitano il forum: Nessuno e 14 ospiti