|
| HOMEPAGE | INDICE FORUM | REGOLAMENTO | ::. | NEI PREFERITI | .:: | RSS Forum | RSS News | NEWS web | NEWS software | |
| PUBBLICITA' | | | ARTICOLI | WIN XP | VISTA | WIN 7 | REGISTRI | SOFTWARE | MANUALI | RECENSIONI | LINUX | HUMOR | HARDWARE | DOWNLOAD | | | CERCA nel FORUM » | |
02-12-2003, 13.25.29 | #1 |
Senior Member
Registrato: 12-10-2002
Loc.: Palermo
Messaggi: 312
|
un attimo di follia.....cosa è successo?
Riesco comunque a spegnere e al riavvio tutto è tornato a posto....senza bisogno di chiamare l'esorcista. ......al momento del fattaccio avevo su AGV Antivirus, eMule e un pop-up blocker......forse è ora di rispolverare il vecchio caro Zone Alarm? |
02-12-2003, 15.12.25 | #2 |
Senior Member
Registrato: 12-10-2002
Loc.: Palermo
Messaggi: 312
|
nessuna idea......nemmeno tu Ironia?
|
02-12-2003, 15.27.48 | #3 |
The Journalist
Top Poster
Registrato: 09-04-2002
Messaggi: 3.715
|
Intanto rispolveralo il ZA, poi una bella scansione non farebbe male e nemmeno una passato con adware e spybot.
|
02-12-2003, 15.28.35 | #4 |
Guest
Messaggi: n/a
|
non ricordo quale è il processo incriminato, ma con questo lo trovi di sicuro
http://www.wintricks.it/forum/showth...exe#post565030 cerca un loader.exe o un ie.dll al limite puoi postare il log. |
02-12-2003, 15.29.44 | #5 |
Gold Member
Top Poster
Registrato: 26-08-2000
Loc.: tokyo city
Messaggi: 8.374
|
Solita utility "Hijackthis" per verificare eventuali stringhe eseguibili "anomali" o tracce di Worm.
|
02-12-2003, 18.02.18 | #6 | |
Senior Member
Registrato: 12-10-2002
Loc.: Palermo
Messaggi: 312
|
Quota:
Logfile of HijackThis v1.94.0 Scan saved at 15.57.00, on 02/12/2003 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL=http://www.catlist.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://www.catlist.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.catlist.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.ansa.it/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch=http://bb-search.com/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://www.fastwebfinder.com/sp.php R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\System32\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm O1 - Hosts: 66.159.20.80 www1.ndhosting.com O1 - Hosts: 66.159.20.80 www3.ndhosting.com O1 - Hosts: 66.159.20.80 www2.ndhosting.com O1 - Hosts: 66.159.20.80 www.ndhosting.com O1 - Hosts: 66.159.20.80 www.kinghost.com O1 - Hosts: 66.159.20.80 kinghost.com O1 - Hosts: 66.159.20.80 www1.kinghost.com O1 - Hosts: 66.159.20.80 www2.kinghost.com O1 - Hosts: 66.159.20.80 www3.kinghost.com O1 - Hosts: 66.159.20.80 www4.kinghost.com O1 - Hosts: 66.159.20.80 www5.kinghost.com O1 - Hosts: 66.159.20.80 www6.kinghost.com O1 - Hosts: 66.159.20.80 www7.kinghost.com O1 - Hosts: 66.159.20.80 www8.kinghost.com O1 - Hosts: 66.159.20.80 www9.kinghost.com O1 - Hosts: 66.159.20.80 www10.kinghost.com O1 - Hosts: 66.159.20.80 www.smutserver.com O1 - Hosts: 66.159.20.80 smutserver.com O1 - Hosts: 66.159.20.80 www1.smutserver.com O1 - Hosts: 66.159.20.80 www2.smutserver.com O1 - Hosts: 66.159.20.80 www16.smutserver.com O1 - Hosts: 66.159.20.80 www3.smutserver.com O1 - Hosts: 66.159.20.80 www4.smutserver.com O1 - Hosts: 66.159.20.80 www5.smutserver.com O1 - Hosts: 66.159.20.80 www6.smutserver.com O1 - Hosts: 66.159.20.80 www7.smutserver.com O1 - Hosts: 66.159.20.80 www8.smutserver.com O1 - Hosts: 66.159.20.80 www9.smutserver.com O1 - Hosts: 66.159.20.80 www10.smutserver.com O1 - Hosts: 66.159.20.80 www11.smutserver.com O1 - Hosts: 66.159.20.80 www12.smutserver.com O1 - Hosts: 66.159.20.80 www13.smutserver.com O1 - Hosts: 66.159.20.80 www14.smutserver.com O1 - Hosts: 66.159.20.80 www15.smutserver.com O1 - Hosts: 66.159.20.80 www17.smutserver.com O1 - Hosts: 66.159.20.80 www18.smutserver.com O1 - Hosts: 66.159.20.80 www19.smutserver.com O1 - Hosts: 66.159.20.80 www20.smutserver.com O1 - Hosts: 66.159.20.80 www21.smutserver.com O1 - Hosts: 66.159.20.80 www22.smutserver.com O1 - Hosts: 66.159.20.80 www23.smutserver.com O1 - Hosts: 66.159.20.80 www24.smutserver.com O1 - Hosts: 66.159.20.80 www25.smutserver.com O1 - Hosts: 66.159.20.80 www26.smutserver.com O1 - Hosts: 66.159.20.80 www27.smutserver.com O1 - Hosts: 66.159.20.80 www28.smutserver.com O1 - Hosts: 66.159.20.80 www29.smutserver.com O1 - Hosts: 66.159.20.80 www30.smutserver.com O1 - Hosts: 66.159.20.80 www31.smutserver.com O1 - Hosts: 66.159.20.80 www32.smutserver.com O1 - Hosts: 66.159.20.80 agreathost.net O1 - Hosts: 66.159.20.80 www.agreathost.net O1 - Hosts: 66.159.20.80 hotfreehost.com O1 - Hosts: 66.159.20.80 www.hotfreehost.com O1 - Hosts: 66.159.20.80 greatfreehost.com O1 - Hosts: 66.159.20.80 www.greatfreehost.com O1 - Hosts: 66.159.20.80 freesmutpages.com O1 - Hosts: 66.159.20.80 www.freesmutpages.com O1 - Hosts: 66.159.20.80 apornhost.com O1 - Hosts: 66.159.20.80 www.apornhost.com O1 - Hosts: 66.159.20.80 nasty-pages.com O1 - Hosts: 66.159.20.80 www.nasty-pages.com O1 - Hosts: 66.159.20.80 sexyfreehost.com O1 - Hosts: 66.159.20.80 www.sexyfreehost.com O1 - Hosts: 66.159.20.80 x4web.com O1 - Hosts: 66.159.20.80 www.x4web.com O1 - Hosts: 66.159.20.80 sexplanets.com O1 - Hosts: 66.159.20.80 www.sexplanets.com O1 - Hosts: 66.159.20.80 maxismut.com O1 - Hosts: 66.159.20.80 www.maxismut.com O1 - Hosts: 66.159.20.80 tgpfriendly.com O1 - Hosts: 66.159.20.80 www.tgpfriendly.com O1 - Hosts: 66.159.20.80 tgp-server.com O1 - Hosts: 66.159.20.80 www.tgp-server.com O1 - Hosts: 66.159.20.80 magnaplza.com O1 - Hosts: 66.159.20.80 www.magnaplza.com O1 - Hosts: 66.159.20.80 free-xxx-server.com O1 - Hosts: 66.159.20.80 www.free-xxx-server.com O1 - Hosts: 66.159.20.80 libereco.net O1 - Hosts: 66.159.20.80 www.libereco.net O1 - Hosts: 66.159.20.80 0190-dialer.com O1 - Hosts: 66.159.20.80 www.0190-dialer.com O1 - Hosts: 66.159.20.80 xxxod.net O1 - Hosts: 66.159.20.80 www.xxxod.net O1 - Hosts: 66.159.20.80 altsights.com O1 - Hosts: 66.159.20.80 www.altsights.com O1 - Hosts: 66.159.20.80 adulthosting.com O1 - Hosts: 66.159.20.80 www.adulthosting.com O1 - Hosts: 66.159.20.80 superhova.com O1 - Hosts: 66.159.20.80 www.superhova.com O1 - Hosts: 66.159.20.80 bestpornhost.com O1 - Hosts: 66.159.20.80 www.bestpornhost.com O1 - Hosts: 66.159.20.80 hostingfree.com O1 - Hosts: 66.159.20.80 www.hostingfree.com O1 - Hosts: 66.159.20.80 xfreehosting.com O1 - Hosts: 66.159.20.80 www.xfreehosting.com O1 - Hosts: 66.159.20.80 blinghosting.com O1 - Hosts: 66.159.20.80 www.blinghosting.com O1 - Hosts: 66.159.20.80 x-x-x-hosting.com O1 - Hosts: 66.159.20.80 www.x-x-x-hosting.com O1 - Hosts: 66.159.20.80 pornparks.com O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Internet Explorer Web Content Guard - {1B77D30A-81C9-497A-8647-142F7511B1FB} - C:\WINDOWS\System32\IEGuard.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [Online Service] C:\WINDOWS\System.exe O4 - HKLM\..\Run: [AVG7_CC] C:\Security\AGV7~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\Security\AGV7~1\avgemc.exe O4 - HKLM\..\Run: [AVG7_RegCleaner] C:\Security\AGV7~1\avgregcl.exe /BOOT O4 - HKCU\..\Run: [Pop-Up-Blocker] "C:\Utilities\Tweak xp\popup.exe" O8 - Extra context menu item: &Download with &DAP - C:\UTILIT~1\DAP\dapextie.htm O8 - Extra context menu item: &Google Search - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Programmi\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Download &all with DAP - C:\UTILIT~1\DAP\dapextie2.htm O8 - Extra context menu item: Si&milar Pages - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/09e8846c045d5db...dxIE601_it.cab O16 - DPF: {72E0F892-B9F1-451D-95A3-2E6C1F45C0DD} (Redirect Control) - http://www.lacasadialice.it/video/cab/Redirect.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...910.3474421296 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553000000} - http://active.macromedia.com/flash2/cabs/swflash.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab |
|
02-12-2003, 18.17.53 | #7 |
Hero Member
Registrato: 13-01-2002
Loc.: Barcellona
Messaggi: 540
|
questi li leverei subito....anche se magari non c'entrano col tuo problema...!!!
agreathost.net O1 - Hosts: 66.159.20.80 www.agreathost.net O1 - Hosts: 66.159.20.80 hotfreehost.com O1 - Hosts: 66.159.20.80 www.hotfreehost.com O1 - Hosts: 66.159.20.80 greatfreehost.com O1 - Hosts: 66.159.20.80 www.greatfreehost.com O1 - Hosts: 66.159.20.80 freesmutpages.com O1 - Hosts: 66.159.20.80 www.freesmutpages.com O1 - Hosts: 66.159.20.80 apornhost.com O1 - Hosts: 66.159.20.80 www.apornhost.com O1 - Hosts: 66.159.20.80 nasty-pages.com O1 - Hosts: 66.159.20.80 www.nasty-pages.com O1 - Hosts: 66.159.20.80 sexyfreehost.com O1 - Hosts: 66.159.20.80 www.sexyfreehost.com O1 - Hosts: 66.159.20.80 x4web.com O1 - Hosts: 66.159.20.80 www.x4web.com O1 - Hosts: 66.159.20.80 sexplanets.com O1 - Hosts: 66.159.20.80 www.sexplanets.com O1 - Hosts: 66.159.20.80 maxismut.com O1 - Hosts: 66.159.20.80 www.maxismut.com O1 - Hosts: 66.159.20.80 tgpfriendly.com O1 - Hosts: 66.159.20.80 www.tgpfriendly.com O1 - Hosts: 66.159.20.80 tgp-server.com O1 - Hosts: 66.159.20.80 www.tgp-server.com O1 - Hosts: 66.159.20.80 magnaplza.com O1 - Hosts: 66.159.20.80 www.magnaplza.com O1 - Hosts: 66.159.20.80 free-xxx-server.com O1 - Hosts: 66.159.20.80 www.free-xxx-server.com O1 - Hosts: 66.159.20.80 libereco.net O1 - Hosts: 66.159.20.80 www.libereco.net O1 - Hosts: 66.159.20.80 0190-dialer.com O1 - Hosts: 66.159.20.80 www.0190-dialer.com O1 - Hosts: 66.159.20.80 xxxod.net O1 - Hosts: 66.159.20.80 www.xxxod.net O1 - Hosts: 66.159.20.80 altsights.com O1 - Hosts: 66.159.20.80 www.altsights.com O1 - Hosts: 66.159.20.80 adulthosting.com O1 - Hosts: 66.159.20.80 www.adulthosting.com O1 - Hosts: 66.159.20.80 superhova.com O1 - Hosts: 66.159.20.80 www.superhova.com O1 - Hosts: 66.159.20.80 bestpornhost.com O1 - Hosts: 66.159.20.80 www.bestpornhost.com O1 - Hosts: 66.159.20.80 hostingfree.com O1 - Hosts: 66.159.20.80 www.hostingfree.com O1 - Hosts: 66.159.20.80 xfreehosting.com O1 - Hosts: 66.159.20.80 www.xfreehosting.com O1 - Hosts: 66.159.20.80 blinghosting.com O1 - Hosts: 66.159.20.80 www.blinghosting.com O1 - Hosts: 66.159.20.80 x-x-x-hosting.com O1 - Hosts: 66.159.20.80 www.x-x-x-hosting.com O1 - Hosts: 66.159.20.80 pornparks.com |
02-12-2003, 22.10.22 | #8 |
Gold Member
Top Poster
Registrato: 26-08-2000
Loc.: tokyo city
Messaggi: 8.374
|
Da rimuovere oltre a quelli segnalati da Sabba:
Porno: R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch=http://bb-search.com/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://www.fastwebfinder.com/sp.php R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL=http://www.catlist.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://www.catlist.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.catlist.com/ Spyware: O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Internet Explorer Web Content Guard - {1B77D30A-81C9-497A-8647-142F7511B1FB} - C:\WINDOWS\System32\IEGuard.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll Sospetti: O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/09e8846c045d5d...RdxIE601_it.cab Occhio alle richieste di installazioni di fantomatici "certificati digitali". Devi anche controllare che nel file "hosts" in c:\windows\system32\drivers\etc non contenga indirizzi Internet dopo: 127.0.0.1 localhost A quanto pare devi anche usare l'AntiSpyware "AdAware" per eliminare una bella lista di Spyware. |
Utenti attualmente attivi che stanno leggendo questa discussione: 1 (0 utenti e 1 ospiti) | |
Strumenti discussione | |
|
|
Discussioni simili | ||||
Discussione | Autore discussione | Forum | Risposte | Ultimo messaggio |
SubSeven o cosa ? | LoryOne | Sicurezza&Privacy | 3 | 18-11-2008 14.37.36 |
[XP] test di windows...cosa strana | joey | Windows 7/Vista/XP/ 2003 | 4 | 13-05-2008 13.53.12 |
[Petizione] Chiediamo i danni a Cosa Nostra! | Saruman | Chiacchiere in libertà | 5 | 06-01-2008 21.55.13 |
Canzone del momento [3] | Billow | Chiacchiere in libertà | 1997 | 15-02-2005 12.03.03 |
"test"x La Serie Conosciamoci Meglio!!!! :-) | magicrainbow | Chiacchiere in libertà | 75 | 26-10-2003 11.19.39 |