Condividi:        

pagina misteriosa

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

pagina misteriosa

Postdi cattom » 01/11/08 11:19

Buongiorno, forse qualcuno mi sa dire come mai, da qualche tempo, durante le ricerche con Google, quando clicco su un risultato per aprirne la pagina, a volte appare una pagina con la scritta
"HTTP/1.1 200 OK
X-TR: 1
Cache-Control: private, max-age=0
Date: Sat, 01 Nov 2008 10:07:49 GMT
Expires: -1
Content-Type: text/html; charset=UTF-8
Set-Cookie: SS=Q0=YXNzYXNzaW5hdG8gTGFpbyBhZmZyZXNjbw; path=/search
Server: gws
Content-length: 26988
e così via, a seconda della ricerca (nella fattispecie, si trattava di "affresco assassinio Laio"
Se torno alla pagina precedente e riprovo, a volte si apre la pagina giusta. Ma cos'è?
cattom
Utente Junior
 
Post: 17
Iscritto il: 06/11/06 16:52

Sponsor
 

Re: pagina misteriosa

Postdi MIKI68 » 01/11/08 15:55

Ciao,posta un log di hijackthis
Trucchi e impostazioni per un computer sempre efficiente http://miki68news.blogspot.com/
Avatar utente
MIKI68
Utente Senior
 
Post: 1732
Iscritto il: 17/10/08 15:26
Località: Bari

Re: pagina misteriosa

Postdi MIKI68 » 01/11/08 15:58

MIKI68 ha scritto:Ciao,posta un log di hijackthis

Ah dimenticavo posta anche un link dove ti esce questo errore
Trucchi e impostazioni per un computer sempre efficiente http://miki68news.blogspot.com/
Avatar utente
MIKI68
Utente Senior
 
Post: 1732
Iscritto il: 17/10/08 15:26
Località: Bari

Re: pagina misteriosa

Postdi cattom » 01/11/08 18:50

Miki non ho capito cosa devo fare ...
cattom
Utente Junior
 
Post: 17
Iscritto il: 06/11/06 16:52

Re: pagina misteriosa

Postdi MIKI68 » 02/11/08 10:11

Posta un log di hijackthi scaricalo daqui e un indirizzo la quale ti esce quell'errore.
Trucchi e impostazioni per un computer sempre efficiente http://miki68news.blogspot.com/
Avatar utente
MIKI68
Utente Senior
 
Post: 1732
Iscritto il: 17/10/08 15:26
Località: Bari

Re: pagina misteriosa

Postdi cattom » 02/11/08 10:38

Provo eh? poi riferisco. grazie ancora tanto
cattom
Utente Junior
 
Post: 17
Iscritto il: 06/11/06 16:52

Re: pagina misteriosa

Postdi MIKI68 » 02/11/08 10:47

:D Non mi dire che hai paura!!
Trucchi e impostazioni per un computer sempre efficiente http://miki68news.blogspot.com/
Avatar utente
MIKI68
Utente Senior
 
Post: 1732
Iscritto il: 17/10/08 15:26
Località: Bari

Re: pagina misteriosa

Postdi cattom » 02/11/08 11:25

No paura, solo totale incompetenza .. per esempio sul significato di "postare" o di "log" e così via. Qui con tutti voi che sapete "le cose" io mi sento meno di un verme (e mi vergogno a chiedere)
cattom
Utente Junior
 
Post: 17
Iscritto il: 06/11/06 16:52

Re: pagina misteriosa

Postdi cattom » 02/11/08 11:55

ecco il testo completo:
HTTP/1.1 200 OK
X-TR: 2
Cache-Control: private, max-age=0
Date: Sun, 02 Nov 2008 10:51:48 GMT
Expires: -1
Content-Type: text/html; charset=UTF-8
Set-Cookie: SS=Q0=YXp0ZWNhIGJhcmNlbG9ubmV0dGUgZmVybWV0dXJlIGFubnVlbGxl; path=/search
Server: gws
Content-length: 30443

<!doctype html><head><title>azteca barcelonnette fermeture annuelle - Cerca con Google</title><style>body{background:#fff;color:#000;margin:3px 8px}#gbar{height:22px;padding-left:2px}.gbh,.gbd{border-top:1px solid #c9d7f1;font-size:1px}.gbh{height:0;position:absolute;top:24px;width:100%}#gbi,#gbs{background:#fff;left:0;position:absolute;top:24px;visibility:hidden;z-index:1000}#gbi{border:1px solid;border-color:#c9d7f1 #36c #36c #a2bae7;z-index:1001}#guser{padding-bottom:7px !important}#gbar,#guser{font-size:13px;padding-top:1px !important}@media all{.gb1,.gb3{height:22px;margin-right:.73em;vertical-align:top}#gbar{float:left}}.gb2{display:block;padding:.2em .5em}a.gb1,a.gb2,a.gb3{color:#00c !important}.gb2,.gb3{text-decoration:none}a.gb2:hover{background:#36c;color:#fff !important}.ts{border-collapse:collapse}.ts td{padding:0}.ti,.bl,form,#res h3{display:inline}.ti{display:inline-table}.fl:link,.gl a:link{color:#77c}a:link,.w,#prs a:visited,#prs a:active,.q:active,.q:visited{color:#00c}.mblink:visited,a:visited{color:#551a8b}a:active{color:red}.cur{color:#a90a08;font-weight:bold}.b{font-weight:bold}.j{width:42em;font-size:82%}.s{max-width:42em}.j font[size="-1"],.e .j{font-size:100%}.sl,.e .j font[size="-1"]{font-size:82%}#gb{text-align:right;padding:1px 0 7px;margin:0}.hd{position:absolute;width:1px;height:1px;top:-1000em;overflow:hidden}.f,.m,#tads h2,#mbEnd h2{color:#676767}.a,cite,.cite,.cite:link{color:green;font-style:normal}#mbEnd{float:right}h1,ol{margin:0;padding:0}li.g,body,html,.std,#tads h2,#mbEnd h2,h1{font-size:small;font-family:arial,sans-serif}#tads h2,#mbEnd h2,h1{font-weight:normal}#ssb,.clr{clear:both}#nav a,#nav a:visited,.blk a{color:#000}#nav .b a,#nav .b a:visited{color:#00c;font-size:medium}#nav .i{color:#a90a08;font-weight:bold}.csb,.ss{background:url(/images/nav_logo3.png) no-repeat;height:26px;display:block}.ss{background-position:0 -87px;position:absolute;left:0;top:0}.cps{overflow:hidden;height:18px;width:114px}.mbi{font-size:0;display:block;width:12px;height:12px;background-position:-114px -78px;margin-right:2px}#nav td{padding:0;text-align:center}#logo{display:block;overflow:hidden;position:relative;width:150px;height:52px;margin:14px 0 7px}#logo img{border:none;position:absolute;left:0;top:-26px}#logo span,.ch{cursor:pointer;cursor:hand}h3,.med{font-size:medium;font-weight:normal;padding:0;margin:0}.e{margin:.75em 0}.slk td{padding-left:40px;padding-top:5px;vertical-align:top}.slk div{padding-left:10px;text-indent:-10px}#mbEnd cite{display:block;text-align:left}#mbEnd p{margin:-.5em 0 0 .5em;text-align:center}#bsf,#ssb,.blk{border-top:1px solid #6b90da;background:#ebeff9}#bsf,#ssb{margin:11px 0}#bsf{border-bottom:1px solid #6b90da}#ssb div{float:left;padding:4px 0 0;padding-left:4px;padding-right:.5em}#prs a,#prs b{margin-right:.6em}#ssb p{text-align:right;white-space:nowrap;margin:.1em 0;padding:.2em;zoom:1}#ssb{margin-top:0;padding:.1em}#mbEnd{background:#fff;padding:0;border-left:10px solid #fff;border-spacing:0;white-space:nowrap}#res{padding-right:1em}#tads{background:#fff8dd}#tads li{padding:0 3px 0 5px;margin:0}#tads .tam,#tads .tal{padding-top:12px}#mbEnd li{margin:1em 0;padding:0;zoom:1}.xsm{font-size:x-small}.sm{margin:0 0 0 40px;padding:0}ol li{list-style:none}.sm li{margin:0}.gl,#bsf a,.nobr,#brs a{white-space:nowrap}#mbEnd .med{white-space:normal}.sl,.r{display:inline;font-weight:normal;margin:0}.r{font-size:medium}h4.r{font-size:small}.g{margin:1em 0}em{font-weight:bold;font-style:normal}em,b{text-decoration:inherit}</style><pre id=trlc style=display:none><!--"/*"/*--><font size=-1><a class=q onClick='return window.qs?qs(this):1' href='http://127.0.0.1:4664/&s=1fIix_CsWG88S4heWZ4pej-93SY'>Desktop</a></font>&nbsp;&nbsp;&nbsp;&nbsp;</pre><script>window.google={kEI:"RIYNSf-lCI--0gXx49GFAg",kEXPI:"17259,19013",kHL:"it"};
google.x=function(e,g){google.y[e.id]=[e,g];return false};window.clk=function(b,c,d,e,f,g){if(document.images){var a=encodeURIComponent||escape;(new Image).src="/url?sa=T\x26source\x3dweb"+(c?"&oi="+a(c):"")+(d?"&cad="+a(d):"")+"&ct="+a(e)+"&cd="+a(f)+(b?"&url="+a(b.replace(/#.*/,"")).replace(/\+/g,"%2B"):"")+"&ei=RIYNSf-lCI--0gXx49GFAg"+g}return true};
window.navExtra=[];window.navAdd=function(a,d){if(typeof a=="string"){var c=document,b=c.createElement("a");b.href=d;b.appendChild(c.createTextNode(a));a=b}window.navExtra[window.navExtra.length]=a};
(function(){var c=document.getElementById("trlc"),b=c.getElementsByTagName("a");for(var a=0;a<b.length;a++)window.navAdd(b[a])})();
window.gbar={};(function(){var b=window.gbar,f,h;b.qs=function(a){var c=window.encodeURIComponent
BOH?
cattom
Utente Junior
 
Post: 17
Iscritto il: 06/11/06 16:52

Re: pagina misteriosa

Postdi MIKI68 » 02/11/08 17:04

:eeh: non è questo!! Scarica la versione aggiornata di hijackthis da qui
Trucchi e impostazioni per un computer sempre efficiente http://miki68news.blogspot.com/
Avatar utente
MIKI68
Utente Senior
 
Post: 1732
Iscritto il: 17/10/08 15:26
Località: Bari

Re: pagina misteriosa

Postdi aurelio37 » 03/11/08 12:06

Per la guida di hijackthis leggi:
http://www.pc-facile.com/guide/guida_hijackthis/
Ciao
Avatar utente
aurelio37
Moderatore
 
Post: 2736
Iscritto il: 07/02/07 11:36
Località: Milano

Re: pagina misteriosa

Postdi cattom » 03/11/08 17:55

Buonasera Aurelio e Mike, io non so cos'ho fatto, comunque copio e incollo (e grazie sempre):
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17.53.34, on 03/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Acer\eManager\anbmServ.exe
C:\Programmi\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Programmi\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Spyware Doctor\pctsAuxs.exe
C:\Programmi\Spyware Doctor\pctsSvc.exe
C:\Programmi\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programmi\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Programmi\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\WINDOWS\System32\alg.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\ltmoh\Ltmoh.exe
C:\Programmi\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmi\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Eraser\eraser.exe
C:\Programmi\ADSL\StarModem ADSL USB MODEM\dslmon.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmi\Skype\Plugin Manager\SkypePM.exe
C:\Programmi\Mozilla Firefox\firefox.exe
F:\hijack\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.freemyfunny.info
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Programmi\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: (no name) - {C7DDEE9F-CD4B-40fb-9030-E1709644F4BD} - (no file)
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Programmi\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Programmi\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [9xadiras] 9xadiras.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [a] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P1 "a" /O5 "LPT1:" /M "Stylus C62"
O4 - HKLM\..\Run: [eBayToolbar] C:\Programmi\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Programmi\File comuni\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ISTray] "C:\Programmi\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Eraser] C:\Programmi\Eraser\eraser.exe -hide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Ricerca - res://C:\Programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O15 - Trusted Zone: *.ebay
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex ... 0-3-48.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selfte ... TPTest.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://paris.ville.orange.fr/CO/activex ... ontrol.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECA32488-6CAE-4A17-8801-77E4FB676778}: NameServer = 193.70.152.15 193.70.152.25
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Servizio assistenza di Avira AntiVir Premium MailGuard (AVEService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programmi\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programmi\Spyware Doctor\pctsSvc.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe

--
End of file - 10790 bytes
cattom
Utente Junior
 
Post: 17
Iscritto il: 06/11/06 16:52

Re: pagina misteriosa

Postdi MIKI68 » 03/11/08 18:29

Ciao fixia ( premi il pulsante fix) in modalità provvisoria:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.freemyfunny.info
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {C7DDEE9F-CD4B-40fb-9030-E1709644F4BD} - (no file)
e poi riposta il log
Trucchi e impostazioni per un computer sempre efficiente http://miki68news.blogspot.com/
Avatar utente
MIKI68
Utente Senior
 
Post: 1732
Iscritto il: 17/10/08 15:26
Località: Bari

Re: pagina misteriosa

Postdi cattom » 03/11/08 19:03

Cerco di rispondere per la terza volta, e per tre volte cade la connessione. Comunque, non so se ho fixiato in modalità provvisoria, in ogni caso alla fine il blocco note non si è presentato, però io ho salvato e copiato questo (e come faccio a sdebitarmi? invece di mangiare siete lì ad aiutarmi!):
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18.54.12, on 03/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Acer\eManager\anbmServ.exe
C:\Programmi\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Programmi\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Spyware Doctor\pctsAuxs.exe
C:\Programmi\Spyware Doctor\pctsSvc.exe
C:\Programmi\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programmi\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Programmi\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\WINDOWS\System32\alg.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\ltmoh\Ltmoh.exe
C:\Programmi\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmi\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Eraser\eraser.exe
C:\Programmi\ADSL\StarModem ADSL USB MODEM\dslmon.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmi\Skype\Plugin Manager\SkypePM.exe
F:\hijack\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Programmi\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Programmi\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Programmi\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [9xadiras] 9xadiras.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [a] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P1 "a" /O5 "LPT1:" /M "Stylus C62"
O4 - HKLM\..\Run: [eBayToolbar] C:\Programmi\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Programmi\File comuni\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ISTray] "C:\Programmi\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Eraser] C:\Programmi\Eraser\eraser.exe -hide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Ricerca - res://C:\Programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O15 - Trusted Zone: *.ebay
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex ... 0-3-48.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selfte ... TPTest.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://paris.ville.orange.fr/CO/activex ... ontrol.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Servizio assistenza di Avira AntiVir Premium MailGuard (AVEService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programmi\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programmi\Spyware Doctor\pctsSvc.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe

--
End of file - 10384 bytes
cattom
Utente Junior
 
Post: 17
Iscritto il: 06/11/06 16:52

Re: pagina misteriosa

Postdi MIKI68 » 03/11/08 19:18

OK!!! Perfetto!!! Hai ancora problemi??? Poi magari ci offri una pizza per sdebitarti :lol:
Trucchi e impostazioni per un computer sempre efficiente http://miki68news.blogspot.com/
Avatar utente
MIKI68
Utente Senior
 
Post: 1732
Iscritto il: 17/10/08 15:26
Località: Bari

Re: pagina misteriosa

Postdi cattom » 03/11/08 19:23

MOLTO volentieri, oppure vi faccio un ritratto se mi mandate la foto. Se non compare più quella pagina ve lo dico eh? Ciao, buona cena!
cattom
Utente Junior
 
Post: 17
Iscritto il: 06/11/06 16:52

Re: pagina misteriosa

Postdi MIKI68 » 03/11/08 19:31

Grazie altrettante,sei molto gentile, ma non tenerci in ansia facci sapere ;)
Trucchi e impostazioni per un computer sempre efficiente http://miki68news.blogspot.com/
Avatar utente
MIKI68
Utente Senior
 
Post: 1732
Iscritto il: 17/10/08 15:26
Località: Bari

Re: pagina misteriosa

Postdi cattom » 03/11/08 19:39

Miki, quella pagina strana si presenta(va) solo a volte, cliccando appunto su qualche risultato di ricerca Google. Se per due giorni non la vedo vuol dire che è guarito. Altrimenti rifacciamo la cura. Però quante cose sapete, com'è possibile?
cattom
Utente Junior
 
Post: 17
Iscritto il: 06/11/06 16:52


Torna a Sicurezza e Privacy


Topic correlati a "pagina misteriosa":


Chi c’è in linea

Visitano il forum: Nessuno e 27 ospiti