Go Back   Forum > Tecno-Cool > Adsl forum

LOGIN

Register FAQ Live Now! Rules Live TV Arcade Search Today's Posts Mark Forums Read






× Notice: This forum is read-only.The content of the community may not be verified or updated. More info
Reply
 
Thread Tools Search this Thread Display Modes Translate
  #1  
Old 02-10-2007, 02:14 PM
gnappo7 gnappo7 is offline
Member
 

Join Date: Jan 2006
Posts: 69
gnappo7 is on a distinguished road
Unhappy

Problema pop up


è da un po di tempo che mi si aprono all'improvviso finestre pop- di particolari siti.
Cioè il siti sono quasi sempre li stessi tipo :

Dadamobile
Adultfriendfinder (con messaggi un po spinti)
Meetic
E poi mi si apre anke una finestra internet tutta bianca.

Ho fatto la scansione con:
1)Spybot - Search & Destroy
2)Ad-Aware SE Personal
3)Nod 32
e non mi trova niente!!!!

Non sono l'unico ad avere questo problema perchè ce l'hanno anche parecchi miei amici.

Consigli su come poter risolvere?

P.S. Ho anke Tweak-XP Pro installato (con blocco pop up attivo)

Grazie in anticipo


Reply With Quote
  #2  
Old 02-10-2007, 02:30 PM
sefirothmorpheus sefirothmorpheus is offline
Moderatore brazingles :)
 

Join Date: Mar 2006
Location: Cidade Maravilhosa
Posts: 7,475
sefirothmorpheus is on a distinguished road
Default

prova a fare una scansione con hijackthis e con spyware terminator!
postami il log di hijack, e vediamo che trova!
__________________
CoolStreaming: a cool way to smash (the) sky!
Per i nuovi arrivati: leggete il REGOLAMENTO e la sezione NUOVI ARRIVATI
Problemi con i vari softwares? Consultate la sezione GUIDE
Ricordate che in questo mondo non è gradito lo ZAPPING e se i MOD/ADM agiscono, un MOTIVO ci sarà!

Iscrivetevi: Formula COOL-ONE 2008 e CoolMoto 2008!
!omrehcs otseuq orteid otaloppartni onoS !otuiA

I can only show you the door. You're the one that has to walk through it...
Sefiroth-Morpheus


Reply With Quote
  #3  
Old 02-10-2007, 02:41 PM
nacus nacus is offline
Senior Member
 
nacus's Avatar
 

Join Date: Jun 2006
Location: Italia
Posts: 3,620
nacus is on a distinguished road
Send a message via MSN to nacus Send a message via Yahoo to nacus
Default

ho anche io lo stesso problema quando utilizzo ie.....con firefox invece no...


Reply With Quote
  #4  
Old 02-10-2007, 02:46 PM
nacus nacus is offline
Senior Member
 
nacus's Avatar
 

Join Date: Jun 2006
Location: Italia
Posts: 3,620
nacus is on a distinguished road
Send a message via MSN to nacus Send a message via Yahoo to nacus
Default

ecco il log di hjack
Code:
Logfile of HijackThis v1.99.1 Scan saved at 13.44.48, on 10/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Programmi\QuickTime\qttask.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\unzipped\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.coolstreaming.us/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - URLSearchHook: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll O1 - Hosts: 66.102.7.104 pagead2.googlesyndication.com O1 - Hosts: 66.102.7.104 www.google.it O1 - Hosts: 66.102.7.104 www.google.com O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: (no name) - {5AA06644-BC46-4220-A460-47A6EB47C96D} - (no file) O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll O3 - Toolbar: RSS Feeds Toolbar - {4A5BE5EE-CFAD-11D9-8FAD-0007E9AA247E} - C:\Programmi\RSS Feeds Toolbar\RSS.dll (file missing) O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [STARTRIGHT] "C:\unzipped\srv133\StartRight.exe" -go O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background O4 - Startup: avgcc.exe O4 - Startup: avginet.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: SessoIT - {EF6D6AE3-2625-40D6-A5AB-920DFD2DAF8C} - C:\Documents and Settings\nino\Dati applicazioni\SessoIT[1].exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra button: Alice - {C49ADACB-D30D-43A4-AC60-0FA4DD8A16F4} - http://gw.aliceadsl.it/alice (file missing) (HKCU) O11 - Options group: [INTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://gw.aliceadsl.it/home O15 - Trusted Zone: *.rossoalice.it O15 - Trusted Zone: *.rossoalice.virgilio.it O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.coolstreaming.us/consolle/webplus/KooPlayer.ocx O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BC865511-A8EF-4107-83A8-880D911BFDE0}: NameServer = 212.216.112.112,212.216.172.62 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE (file missing) O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (file missing)


EDIT= è sbagliato questo, aspetta che ti posto il log giusto...


Reply With Quote
  #5  
Old 02-10-2007, 02:47 PM
sefirothmorpheus sefirothmorpheus is offline
Moderatore brazingles :)
 

Join Date: Mar 2006
Location: Cidade Maravilhosa
Posts: 7,475
sefirothmorpheus is on a distinguished road
Wink

anche per te... posta un log di hijackthis e vediamo che ti trova!

EDIT
mi hai anticipato...
aspetta due minuti che lo analizzo!
__________________
CoolStreaming: a cool way to smash (the) sky!
Per i nuovi arrivati: leggete il REGOLAMENTO e la sezione NUOVI ARRIVATI
Problemi con i vari softwares? Consultate la sezione GUIDE
Ricordate che in questo mondo non è gradito lo ZAPPING e se i MOD/ADM agiscono, un MOTIVO ci sarà!

Iscrivetevi: Formula COOL-ONE 2008 e CoolMoto 2008!
!omrehcs otseuq orteid otaloppartni onoS !otuiA

I can only show you the door. You're the one that has to walk through it...
Sefiroth-Morpheus


Reply With Quote
  #6  
Old 02-10-2007, 02:47 PM
nacus nacus is offline
Senior Member
 
nacus's Avatar
 

Join Date: Jun 2006
Location: Italia
Posts: 3,620
nacus is on a distinguished road
Send a message via MSN to nacus Send a message via Yahoo to nacus
Default

già fatto!!!


Reply With Quote
  #7  
Old 02-10-2007, 02:53 PM
sefirothmorpheus sefirothmorpheus is offline
Moderatore brazingles :)
 

Join Date: Mar 2006
Location: Cidade Maravilhosa
Posts: 7,475
sefirothmorpheus is on a distinguished road
Default

elimina:
O1 - Hosts: 66.102.7.104 pagead2.googlesyndication.com
O1 - Hosts: 66.102.7.104 www.google.it
O1 - Hosts: 66.102.7.104 www.google.com
O3 - Toolbar: (no name) - {5AA06644-BC46-4220-A460-47A6EB47C96D} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: RSS Feeds Toolbar - {4A5BE5EE-CFAD-11D9-8FAD-0007E9AA247E} - C:\Programmi\RSS Feeds Toolbar\RSS.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: SessoIT - {EF6D6AE3-2625-40D6-A5AB-920DFD2DAF8C} - C:\Documents and Settings\nino\Dati applicazioni\SessoIT[1].exe (file missing)
__________________
CoolStreaming: a cool way to smash (the) sky!
Per i nuovi arrivati: leggete il REGOLAMENTO e la sezione NUOVI ARRIVATI
Problemi con i vari softwares? Consultate la sezione GUIDE
Ricordate che in questo mondo non è gradito lo ZAPPING e se i MOD/ADM agiscono, un MOTIVO ci sarà!

Iscrivetevi: Formula COOL-ONE 2008 e CoolMoto 2008!
!omrehcs otseuq orteid otaloppartni onoS !otuiA

I can only show you the door. You're the one that has to walk through it...
Sefiroth-Morpheus


Reply With Quote
  #8  
Old 02-10-2007, 02:57 PM
gnappo7 gnappo7 is offline
Member
 

Join Date: Jan 2006
Posts: 69
gnappo7 is on a distinguished road
Default

Te lo allego perchè dice ke il messaggio viene troppo lungo

cmq grazie...
Attached Files
File Type: txt hijackthis2.txt (25.0 KB, 296 views)

Last edited by gnappo7 : 02-10-2007 at 02:59 PM.


Reply With Quote
  #9  
Old 02-10-2007, 03:09 PM
sefirothmorpheus sefirothmorpheus is offline
Moderatore brazingles :)
 

Join Date: Mar 2006
Location: Cidade Maravilhosa
Posts: 7,475
sefirothmorpheus is on a distinguished road
Default

elimina:
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

cosa è questo?
O4 - HKLM\..\Run: [loud mode fork multi] C:\Documents and Settings\All Users\Dati applicazioni\64BoltLoudMode\BookPeak.exe


e questo?
O4 - HKCU\..\Run: [meowlog] C:\DOCUME~1\Daniele\DATIAP~1\COMPAMENVC\partfrag.e xe

controlla cosa sono, s eli hai installati tu bene, altrimenti eliminali!

inoltre... cosa è questo?
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

lo hai in molte voci di hijack... controlla e fai come detto sopra!

__________________
CoolStreaming: a cool way to smash (the) sky!
Per i nuovi arrivati: leggete il REGOLAMENTO e la sezione NUOVI ARRIVATI
Problemi con i vari softwares? Consultate la sezione GUIDE
Ricordate che in questo mondo non è gradito lo ZAPPING e se i MOD/ADM agiscono, un MOTIVO ci sarà!

Iscrivetevi: Formula COOL-ONE 2008 e CoolMoto 2008!
!omrehcs otseuq orteid otaloppartni onoS !otuiA

I can only show you the door. You're the one that has to walk through it...
Sefiroth-Morpheus


Reply With Quote
  #10  
Old 02-10-2007, 03:18 PM
gnappo7 gnappo7 is offline
Member
 

Join Date: Jan 2006
Posts: 69
gnappo7 is on a distinguished road
Default

Quote:
Originally Posted by sefirothmorpheus

inoltre... cosa è questo?
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

lo hai in molte voci di hijack... controlla e fai come detto sopra!



Per cancellarlo devo farlo uno ad uno per quello citato? Sono un bel po e non so cosa sia


Reply With Quote
Reply







Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +2. The time now is 10:05 PM.


Powered by: vBulletin Copyright ©2000 - 2023, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.1.0 ©2007, Crawlability, Inc.