• User

    Wait a minute! This is important - we check your device

    Su browser mi si apre questa finestra con scritto:

    Wait a minute! This is important - we check your device

    provo a lanciare syboot destroy ma non si lancia.
    ho provato a lanciare anche malwarebytes, non si lancia....
    HELP !!!!!!!
    Grazie 1000


  • User
    
    Logfile of HijackThis v1.99.1
    Scan saved at 20.36.28, on 28/09/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16850)
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programmi\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programmi\Avira\AntiVir Desktop\avguard.exe
    C:\Programmi\Apache Group\Apache2\bin\Apache.exe
    C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
    C:\Programmi\Cisco Systems\VPN Client\cvpnd.exe
    C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Programmi\Java\jre6\bin\jqs.exe
    C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
    C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
    C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
    C:\Programmi\Apache Group\Apache2\bin\Apache.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
    C:\Programmi\LogMeIn\x86\LogMeInSystray.exe
    C:\Programmi\File comuni\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
    C:\Programmi\Vidalia Bundle\Vidalia\vidalia.exe
    C:\Programmi\Messenger\msmsgs.exe
    C:\Programmi\Windows Live\Messenger\msnmsgr.exe
    C:\Programmi\File comuni\LightScribe\LSSrvc.exe
    C:\Programmi\LogMeIn\x86\LMIGuardian.exe
    C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Programmi\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Programmi\Vidalia Bundle\Polipo\polipo.exe
    C:\Programmi\Windows Live\Contacts\wlcomm.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Programmi\HPQ\SHARED\HPQWMI.exe
    C:\Program Files\HijackThis\HijackThis.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = xxxxxxyyy.libero.it/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = xxxxxxgo.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = xxxxxxgo.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = xxxxxxgo.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = xxxxxxgo.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 213.246.236.74:8080
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
    O2 - BHO: (no name) - {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [ATIPTA] "C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [Cpqset] C:\Programmi\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [BIH] C:\WINDOWS\system32\rundll32.exe bih.dll,InitGauge
    O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Programmi\LogMeIn\x86\LogMeInSystray.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Vidalia] "C:\Programmi\Vidalia Bundle\Vidalia\vidalia.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_it;_rv:1.9.2)_Gecko/20100115_Firefox/3.6" -"xxxxxx3d.paginegialle.it/flyer/resizeindex.jsp?datasetType=seat&prjQuery=1271098204351&vista=0&width=1440&height=721"
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programmi\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programmi\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=xxxxxxyyy.hp.com
    O16 - DPF: {0084C3C2-4B0E-11D1-8064-0060977B0E09} (Attachmate Edit3270 Class) - xxxxxxappl.seda.it/hostview/AXClient/at3270.CAB
    O16 - DPF: {0DF0058D-5B88-11D1-B7C7-0006296A7CDE} (AtmCommandBar Class) - xxxxxxappl.seda.it/hostview/AXClient/atcommon.CAB
    O16 - DPF: {1356B571-7919-11CF-A2DA-08005A48F0E4} (Attachmate Configuration Object - TN3270) - xxxxxxappl.seda.it/hostview/AXClient/TN327.CAB
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - xxxxxxgo.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {23BFA621-48D9-11D2-B3D4-000629ED42AF} (Attachmate Custom Code Page Installer) - xxxxxxappl.seda.it/hostview/axclient/aucpdnld.cab
    O16 - DPF: {2D168880-539F-4967-BA11-F7C2862B9E1D} (CPlayFirstDiaperDashControl Object) - xxxxxxyyy.shockwave.com/content/diaperdash/sis/DiaperDashWeb.1.0.0.4.cab
    O16 - DPF: {3DC1AC46-CA1A-11CF-BECD-08005A9B94B7} (Attachmate Screen3270 Object) - xxxxxxappl.seda.it/hostview/AXClient/as3270.CAB
    O16 - DPF: {3E5C2E12-57B6-11D1-8956-0006291171A1} (Attachmate Browser Frame Class) - xxxxxxappl.seda.it/hostview/AXClient/ataction.CAB
    O16 - DPF: {5DA9D8E0-5A57-11CF-9E36-00C0930198C0} (Pegasus ImagN' 32-bit (Windowed) ActiveX Control v4.00) - xxxxxx212.109.149.253/LNetCam.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - xxxxxxupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1139435806828
    O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} (Sandlot Loader Control) - xxxxxxyyy.shockwave.com/content/snailmail/sis/slgwebinstall.cab
    O16 - DPF: {7F37B328-86F5-11CF-B401-08005AC024EB} (Attachmate Session Object) - xxxxxxappl.seda.it/hostview/AXClient/ascommon.CAB
    O16 - DPF: {7F8B2500-3B5D-474C-B828-C766ECE3AB3C} (ATLmosquito1 Class) - xxxxxxvoceviva-vip.tiscali.it/netphone/ocx/mosquito.cab
    O16 - DPF: {C79D3167-6133-4E7C-821C-5C114611022D} (CamImage Class) - xxxxxxyyy.scform.unifi.it/webcam/pro/CameraControl.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - xxxxxxfpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - xxxxxxyyy.shockwave.com/content/zuma/sis/popcaploader_v10.cab
    O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - xxxxxxyyy.shockwave.com/content/thinktanks/sis/BTDownloadCtrl.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{54ACE526-163A-4D42-8468-2A37A3C23EE0}: NameServer = 93.188.162.82,93.188.161.222
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A90488C5-CDD6-4D3E-8485-90DF57114D98}: NameServer = 93.188.162.82,93.188.161.222
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BF28D580-B318-42E8-B87E-289AD81B0379}: NameServer = 93.188.162.82,93.188.161.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.162.82,93.188.161.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.82,93.188.161.222
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
    O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Acunetix WVS Scheduler (AcuWVSScheduler) - Unknown owner - C:\Programmi\Acunetix\Web Vulnerability Scanner 4\WVSScheduler.exe (file missing)
    O23 - Service: Acunetix WVS Scheduler v5 (AcuWVSSchedulerv5) - Unknown owner - C:\Programmi\Acunetix\Web Vulnerability Scanner 5\WVSScheduler.exe (file missing)
    O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apache2 - Unknown owner - C:\Programmi\Apache Group\Apache2\bin\Apache.exe" -k runservice (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Servizio trasferimento intelligente in background (BITS) - Unknown owner - %fystemRoot%\system32\svchost.exe (file missing)
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
    O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programmi\Cisco Systems\VPN Client\cvpnd.exe
    O23 - Service: Servizio di Google Update (gupdate1c9ce92c6f5c574) (gupdate1c9ce92c6f5c574) - Unknown owner - C:\Programmi\Google\Update\GoogleUpdate.exe" /svc (file missing)
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmi\HPQ\SHARED\HPQWMI.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Servizio iPod (iPodService) - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Programmi\Java\jre6\bin\jqs.exe" -service -config "C:\Programmi\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
    O23 - Service: MySQL - Unknown owner - C:\Programmi\MySQL\MySQL.exe (file missing)
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe" /service (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Unknown owner - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe (file missing)
    O23 - Service: Aggiornamenti automatici (wuauserv) - Unknown owner - %fystemroot%\system32\svchost.exe (file missing)
    
    
    
    
    

  • Consiglio Direttivo

    Ciao dreammark,

    effettua una ripulita con ccleaner e scansiona con superantispyware *"aggiornato". *

    :ciauz: