Non so come ma da qualche giorno nonostante che abbia mantenuto sempreaggiornato il norton antivirus mi trovo che con XP Pro Sp1 accade che explorer parta da solo verso siti porno, banner porno e amenita del tipo, c'e' nessuno che mi puo' aiutare?

maurizio

Ciao e Benvenuto!(D)
Sicuramente avrai qualche spyware...
Prova a dare una passata con Ad-aware (http://download.com.com/3000-2144-10045910.html?part=69274&subj=dlpage&tag=button) e Spybot (http://www.wintricks.it/news2/article.php?ID=5368), dopo averli aggiornati, e facci sapere!! ;)

http://www.javacoolsoftware.com/spywareblaster.html
Usa anche questo per immunizzarti contro nuove infezioni

CWShredder potrebbe servirti...

http://www.ilsoftware.it/querydl.asp?ID=750

E questo potrebbe aiutarti nei casi estremi http://mjc1.com/mirror/hjt/

d!

... e magari cambiare anche antivirus:D :D :D


scusate:devil: ma non ho resistito!

grazie a tutti, ho seguito il consiglio di wolf 76 ed ho risolto, di seguito il log del programma, se ci capite qualcosa...

seguiro anche il consiglio di crazy.cat

grazie ancora per la collaborazione

maurizio


ArchiveData(auto-quarantine- 19-05-2004 14-39-06.bckp)
================================================== ====

ALEXA
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
obj[0]=RegKey : SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}

ROINGS
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
obj[1]=RegKey : jimmyhelp.CBrowserHelper
obj[2]=RegKey : SOFTWARE\roimoi
obj[17]=RegKey : CLSID\{E0CE16CB-741C-4B24-8D04-A817856E07F4}
obj[18]=RegKey : TYPELIB\{78A163D2-2358-464D-807B-0E2A078C7727}
obj[19]=RegKey : IObjSafety.DemoCtl
obj[20]=RegKey : Software\microsoft\windows\currentversion\moduleus age\C:/WINDOWS/Downloaded Program Files/roing18.ocx
obj[21]=RegValue : Software\Microsoft\Windows\CurrentVersion\SharedDL Ls
obj[29]=RegKey : SOFTWARE\ssprint
obj[35]=File : c:\windows\downloaded program files\roing18.ocx

WEBHANCER
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
obj[3]=RegKey : CLSID\{c900b400-cdfe-11d3-976a-00e02913a9e0}
obj[4]=RegKey : Interface\{C89435B0-CDFE-11D3-976A-00E02913A9E0}
obj[5]=RegKey : Software\Microsoft\Windows\CurrentVersion\explorer \Browser Helper Objects\{c900b400-cdfe-11d3-976a-00e02913a9e0}
obj[6]=RegKey : Software\Microsoft\Windows\CurrentVersion\Uninstal l\webHancer Agent
obj[7]=RegKey : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstal l\whSurvey
obj[8]=RegKey : Software\webHancer
obj[9]=RegKey : TypeLib\{C8CB3870-CDFE-11D3-976A-00E02913A9E0}
obj[10]=RegKey : WhIeHelperObj.WhIeHelperObj
obj[11]=RegKey : WhIeHelperObj.WhIeHelperObj.1
obj[16]=RegValue : Software\Microsoft\Windows\CurrentVersion\Run
obj[24]=LSP : webHancer MSAFD Tcpip [TCP/IP] (c:\windows\webhdll.dll)
obj[26]=LSP : webHancer MSAFD Tcpip [UDP/IP] (c:\windows\webhdll.dll)
obj[28]=LSP : webHancer (c:\windows\webhdll.dll)
obj[30]=Folder : c:\program files\webHancer
obj[78]=File : c:\program files\webhancer\programs\license.txt
obj[79]=File : c:\program files\webhancer\programs\readme.txt
obj[80]=File : c:\program files\webhancer\programs\sporder.dll
obj[81]=File : c:\program files\webhancer\programs\whagent.exe
obj[82]=File : c:\program files\webhancer\programs\whagent.ini
obj[83]=File : c:\program files\webhancer\programs\whiehlpr.dll
obj[84]=File : c:\program files\webhancer\programs\whsurvey.exe
obj[85]=File : c:\windows\whagent.inf
obj[86]=File : c:\windows\whinstaller.exe
obj[87]=File : c:\windows\whinstaller.ini

WINFAVORITES
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
obj[12]=RegKey : Bridge.brdg
obj[13]=RegKey : Bridge.brdg.1
obj[14]=RegKey : CLSID\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
obj[15]=RegKey : TypeLib\{DDAF2479-6F00-4599-998A-3ED75686C6D0}
obj[22]=RegKey : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer \Browser Helper Objects\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
obj[31]=RegKey : atl.registrar
obj[32]=RegKey : CLSID\{44ec053a-400f-11d0-9dcd-00a0c90391d3}
obj[33]=RegKey : Interface\{4FDBDBAD-FEFE-4C4C-9CC1-1181052AFB12}
obj[34]=RegKey : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstal l\bridge
obj[76]=File : c:\windows\system32\a.exe
obj[77]=File : c:\windows\system32\bridge.dll

VITATRADE
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
obj[23]=LSP : webHancer MSAFD Tcpip [TCP/IP] (c:\windows\webhdll.dll)
obj[25]=LSP : webHancer MSAFD Tcpip [UDP/IP] (c:\windows\webhdll.dll)
obj[27]=LSP : webHancer (c:\windows\webhdll.dll)
obj[36]=File : c:\windows\webhdll.dll

TRACKING COOKIE
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
obj[37]=File : c:\documents and settings\maurizio\cookies\maurizio@ads.tucows[1].txt
obj[38]=File : c:\documents and settings\maurizio\cookies\maurizio@adtech[1].txt
obj[39]=File : c:\documents and settings\maurizio\cookies\maurizio@advertising[1].txt
obj[40]=File : c:\documents and settings\maurizio\cookies\maurizio@as1.falkag[2].txt
obj[41]=File : c:\documents and settings\maurizio\cookies\maurizio@atdmt[2].txt
obj[42]=File : c:\documents and settings\maurizio\cookies\maurizio@bravenet[2].txt
obj[43]=File : c:\documents and settings\maurizio\cookies\maurizio@cgi-bin[1].txt
obj[44]=File : c:\documents and settings\maurizio\cookies\maurizio@cgi-bin[2].txt
obj[45]=File : c:\documents and settings\maurizio\cookies\maurizio@cgi-bin[3].txt
obj[46]=File : c:\documents and settings\maurizio\cookies\maurizio@cgi-bin[4].txt
obj[47]=File : c:\documents and settings\maurizio\cookies\maurizio@doubleclick[1].txt
obj[48]=File : c:\documents and settings\maurizio\cookies\maurizio@easy.adpowerzon e[1].txt
obj[49]=File : c:\documents and settings\maurizio\cookies\maurizio@etype.adbureau[2].txt
obj[50]=File : c:\documents and settings\maurizio\cookies\maurizio@fastclick[2].txt
obj[51]=File : c:\documents and settings\maurizio\cookies\maurizio@fortunecity[2].txt
obj[52]=File : c:\documents and settings\maurizio\cookies\maurizio@gator[1].txt
obj[53]=File : c:\documents and settings\maurizio\cookies\maurizio@hc2.humanclick[2].txt
obj[54]=File : c:\documents and settings\maurizio\cookies\maurizio@hg1.hitbox[1].txt
obj[55]=File : c:\documents and settings\maurizio\cookies\maurizio@hitbox[2].txt
obj[56]=File : c:\documents and settings\maurizio\cookies\maurizio@hotlog[1].txt
obj[57]=File : c:\documents and settings\maurizio\cookies\maurizio@internetfuel[2].txt
obj[58]=File : c:\documents and settings\maurizio\cookies\maurizio@maxserving[1].txt
obj[59]=File : c:\documents and settings\maurizio\cookies\maurizio@overture[1].txt
obj[60]=File : c:\documents and settings\maurizio\cookies\maurizio@qksrv[1].txt
obj[61]=File : c:\documents and settings\maurizio\cookies\maurizio@revenue[2].txt
obj[62]=File : c:\documents and settings\maurizio\cookies\maurizio@servedby.advert ising[1].txt
obj[63]=File : c:\documents and settings\maurizio\cookies\maurizio@server.iad.live person[2].txt
obj[64]=File : c:\documents and settings\maurizio\cookies\maurizio@spylog[2].txt
obj[65]=File : c:\documents and settings\maurizio\cookies\maurizio@statcounter[2].txt
obj[66]=File : c:\documents and settings\maurizio\cookies\maurizio@targetnet[1].txt
obj[67]=File : c:\documents and settings\maurizio\cookies\maurizio@tmpad[1].txt
obj[68]=File : c:\documents and settings\maurizio\cookies\maurizio@tradedoubler[2].txt
obj[69]=File : c:\documents and settings\maurizio\cookies\maurizio@trafficmp[2].txt
obj[70]=File : c:\documents and settings\maurizio\cookies\maurizio@tribalfusion[1].txt
obj[71]=File : c:\documents and settings\maurizio\cookies\maurizio@www4.yesadverti sing[1].txt
obj[72]=File : c:\documents and settings\maurizio\cookies\maurizio@www5.yesadverti sing[1].txt
obj[73]=File : c:\documents and settings\maurizio\cookies\maurizio@www6.paypopup[1].txt
obj[74]=File : c:\documents and settings\maurizio\cookies\maurizio@www8.paypopup[1].txt
obj[75]=File : c:\documents and settings\maurizio\cookies\maurizio@xxxtoolbar[2].txt