|
| HOMEPAGE | INDICE FORUM | REGOLAMENTO | ::. | NEI PREFERITI | .:: | RSS Forum | RSS News | NEWS web | NEWS software | |
| PUBBLICITA' | | | ARTICOLI | WIN XP | VISTA | WIN 7 | REGISTRI | SOFTWARE | MANUALI | RECENSIONI | LINUX | HUMOR | HARDWARE | DOWNLOAD | | | CERCA nel FORUM » | |
13-09-2006, 10.28.11 | #1 |
Newbie
Registrato: 06-09-2006
Messaggi: 3
|
Vi prego aiutatemiiiiiiii contro E1xplorer
non so come fare a eliminarlo x sempre Vi prego aiutatemiiii Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Programmi\File comuni\Symantec Shared\ccProxy.exe C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\Programmi\Norton Internet Security\ISSVC.exe C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe C:\Programmi\File comuni\LightScribe\LSSrvc.exe C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe C:\Programmi\Synaptics\SynTP\SynTPLpr.exe C:\Programmi\Synaptics\SynTP\SynTPEnh.exe C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\Programmi\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe C:\Programmi\Winamp\winampa.exe C:\Programmi\iTunes\iTunesHelper.exe C:\Programmi\QuickTime\qttask.exe C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe C:\Programmi\Coolspot\Dialer Control\dc.exe C:\WINDOWS\system32\spoolsvc.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\MSN Messenger\MsnMsgr.Exe C:\PROGRA~1\MICROS~3\wcescomm.exe C:\Programmi\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe C:\Programmi\StopDialers\StopDialers.exe C:\Programmi\iPod\bin\iPodService.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Programmi\HPQ\SHARED\HPQWMI.exe C:\WINDOWS\system32\wuauclt.exe C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wuauclt.exe C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\DOCUME~1\DeLu\IMPOST~1\Temp\Directory temporanea 1 per hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.1987324.com?301 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: ComCap - {E1B2E864-8BFC-4072-AE11-924E0F8BBA96} - C:\WINDOWS\system32\comcap16.dll O2 - BHO: Intense - {FB47056B-B34D-410E-819A-E8A51CC8E2EB} - C:\WINDOWS\system32\Kaboom.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Cpqset] C:\Programmi\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Dialer Control] C:\Programmi\Coolspot\Dialer Control\dc.exe O4 - HKLM\..\Run: [Systems] C:\WINDOWS\system32\spoolsvc.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe" O4 - Startup: Stop Dialers.lnk = C:\Programmi\StopDialers\StopDialers.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Programmi\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Crea preferito portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O15 - Trusted Zone: www.1987324.com O15 - Trusted Zone: *.aflashcounter.com O17 - HKLM\System\CCS\Services\Tcpip\..\{0ADB7857-9749-40CA-9044-B6744801B8F0}: NameServer = 213.140.2.12,213.140.2.21 O17 - HKLM\System\CS1\Services\Tcpip\..\{0ADB7857-9749-40CA-9044-B6744801B8F0}: NameServer = 213.140.2.12,213.140.2.21 O17 - HKLM\System\CS2\Services\Tcpip\..\{0ADB7857-9749-40CA-9044-B6744801B8F0}: NameServer = 213.140.2.12,213.140.2.21 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmi\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programmi\Norton Internet Security\ISSVC.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Programmi\File comuni\LightScribe\LSSrvc.exe O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe |
13-09-2006, 11.30.22 | #2 |
Junior Member
Registrato: 14-05-2005
Loc.: Palermo
Messaggi: 57
|
Ciao, come prima cosa ti consiglio di seguire le semplici indicazioni di questo link per eliminare il trojan bomka che hai nel pc ( kaboom.dll) :
http://www.greatis.com/security/ICQC...%20remover.htm Adesso passiamo al log di hijackthis. Apri hijackthis, premi su ''open the misc tools section'', poi premi ''open process manager'', individua la voce indicata sotto e premi ''kill process'' : C:\WINDOWS\system32\spoolsvc.exe (da NON confondere con il legittimo spoolsv.exe) Poi vai in basso e premi il tasto back e subito dopo il tasto scan. Metti la spunta nella casellina accanto alle voci indicate sotto e premi ''fix checked'' : R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.1987324.com?301 O2 - BHO: ComCap - {E1B2E864-8BFC-4072-AE11-924E0F8BBA96} - C:\WINDOWS\system32\comcap16.dll O2 - BHO: Intense - {FB47056B-B34D-410E-819A-E8A51CC8E2EB} - C:\WINDOWS\system32\Kaboom.dll O4 - HKLM\..\Run: [Systems] C:\WINDOWS\system32\spoolsvc.exe O15 - Trusted Zone: www.1987324.com O15 - Trusted Zone: *.aflashcounter.com Vai su start/risorse del computer/strumenti/opzioni cartella/visualizzazione e metti la spunta su visualizza cartelle file nascosti e togli la spunta da ''nascondi i file protetti di sistema''. Scarica killbox da qui: http://www.killbox.net/downloads/KillBox.exe Elimina (se presenti) i seguenti files: C:\WINDOWS\system32\spoolsvc.exe (da NON confondere con il legittimo spoolsv.exe) C:\WINDOWS\system32\comcap16.dll C:\WINDOWS\system32\Kaboom.dll |
13-09-2006, 11.41.56 | #3 |
Hero Member
Registrato: 18-08-2003
Loc.: Cagliari
Messaggi: 757
|
deluigif...ti consiglio pure di mettere un TAG adeguato del tipo [XP-eliminare E1explorer] rischi che i mod. chiudano la discussione
___________________________________
Eh già, sono ancora qua! |
Utenti attualmente attivi che stanno leggendo questa discussione: 1 (0 utenti e 1 ospiti) | |
Strumenti discussione | |
|
|
Discussioni simili | ||||
Discussione | Autore discussione | Forum | Risposte | Ultimo messaggio |
Decreto contro pedopornografia | Robbi | Archivio News Web | 4 | 04-01-2007 01.57.03 |
Ma perchè contro i videogiochi?? | knightOfDoom | Chiacchiere in libertà | 34 | 25-11-2006 12.06.16 |
Gli artisti sono contro RIAA e soci | Macao | Segnalazioni Web | 0 | 01-05-2006 02.45.44 |
Contro l'ideologia Google | Gigi75 | Segnalazioni Web | 6 | 19-10-2004 18.48.16 |
Da MKV Ad AVI Aiutoooooo!!!!1 | giacnicola | Software applicativo | 6 | 09-06-2004 12.53.24 |