Problem z yieldmanager i ad.antventure


(Nika18) #1

Witam!

Od jakiegos czasu firefox sam otwiera mi ta stronke:

http://ad.antventure.com/st?ad_type=ifr ... ion=618141

probujac z tym walczyc zrobilam tak: Narzedzia>info o stronie>uprawnienia> wszedzie zaznaczylam blokuj.

Nic to nie dalo poza tym ze teraz zamiast strony z reklama pojawia mi sie pusta strona.

Zablokowane przeze mnie obrazki pochodza ze strony:

http://content.yieldmanager.edgesuite.n ... 7d1a81.jpg

kolejnym krokiem bylo zastosowanie sie do tych wskazowek:

wstawilam te filtry ale nie pomoglo. Dodalam wiec do filtrow link z obrazka i link ad.antventure. nie pomoglo. Juz nie wiem co robic a wyskakiwanie tej strony coraz bardziej mnie denerwuje i niepokoi poniewaz nie wiem co jest tego powodem.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:36:13, on 2009-07-20

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe

C:\Programmi\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Programmi\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\wltrysvc.exe

C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe

C:\Programmi\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\Programmi\Java\jre6\bin\jusched.exe

C:\WINDOWS\PixArt\PAC207\Monitor.exe

C:\Programmi\D-Tools\daemon.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe

C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Programmi\Windows Live\Contacts\wlcomm.exe

C:\WINDOWS\system32\osk.exe

C:\WINDOWS\system32\MSSWCHX.EXE

C:\Programmi\Java\jre6\bin\jucheck.exe

C:\Documents and Settings\DEVA\Desktop\Skype.exe

C:\Programmi\Skype\Plugin Manager\skypePM.exe

C:\Programmi\Mozilla Firefox\firefox.exe

C:\Programmi\Trend Micro\HijackThis\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = gateway1.its.it:8080

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Programmi\Media Access Startup\1.5.0.850\HPIEAddOn.dll

O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Programmi\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll

O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Programmi\System Search Dispatcher\1.2.0.750\ssd.dll (file missing)

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmi\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [googletalk] C:\Programmi\Google\Google Talk\googletalk.exe /autostart

O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Programmi\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Bluetooth Manager.lnk = ?

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: dnWhoDisp - Unknown owner - C:\Programmi\Rockwell Software\RSLINX\dnwhodisp.exe (file missing)

O23 - Service: Usługa Google Update (gupdate1c9eeb874f68ff0) (gupdate1c9eeb874f68ff0) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Harmony - Unknown owner - C:\Programmi\Rockwell Software\RSCommon\RSOBSERV.EXE (file missing)

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe

O23 - Service: RSLinx - Unknown owner - C:\PROGRA~1\ROCKWE~1\RSLinx\RSLINX.EXE (file missing)

O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe


--

End of file - 6863 bytes

log z OTL:

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard


[color=#E56717]========== Processes (SafeList) ==========[/color]


PRC - [2009-02-05 23:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe

PRC - [2009-02-05 23:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashServ.exe

PRC - [2002-02-18 22:23:00 | 00,110,592 | ---- | M] () -- C:\WINDOWS\System32\Ati2evxx.exe

PRC - [2008-11-11 16:59:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\Java\jre6\bin\jqs.exe

PRC - [2005-01-28 14:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe

PRC - [2005-03-21 17:23:24 | 00,057,344 | ---- | M] () -- C:\WINDOWS\System32\wltrysvc.exe

PRC - [2009-02-05 23:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe

PRC - [2009-02-05 23:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashWebSv.exe

PRC - [2004-08-19 15:39:36 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE

PRC - [2004-08-19 15:39:48 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe

PRC - [2005-04-11 16:28:40 | 00,671,847 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\System32\bcmwltry.exe

PRC - [2008-11-11 16:59:05 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\Java\jre6\bin\jusched.exe

PRC - [2006-11-03 12:01:16 | 00,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe

PRC - [2004-08-22 18:05:02 | 00,081,920 | ---- | M] (DAEMON'S HOME) -- C:\Programmi\D-Tools\daemon.exe

PRC - [2009-02-05 23:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashDisp.exe

PRC - [2009-02-06 18:50:38 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe

PRC - [2005-05-06 14:46:10 | 00,483,328 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

PRC - [2005-04-14 22:50:12 | 00,262,144 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

PRC - [2005-03-11 13:48:54 | 00,217,088 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

PRC - [2009-02-06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Windows Live\Contacts\wlcomm.exe

PRC - [2004-08-19 15:39:44 | 00,216,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe

PRC - [2002-09-13 16:21:56 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MSSWCHX.EXE

PRC - [2008-11-11 16:59:05 | 00,382,384 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\Java\jre6\bin\jucheck.exe

PRC - [2008-09-29 18:57:48 | 21,755,688 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\DEVA\Desktop\Skype.exe

PRC - [2008-09-29 18:57:50 | 00,076,744 | R--- | M] (Skype Technologies) -- C:\Programmi\Skype\Plugin Manager\skypePM.exe

PRC - [2009-06-12 18:13:14 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Programmi\Mozilla Firefox\firefox.exe

PRC - [2009-07-20 17:35:45 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

PRC - [2009-07-20 17:49:41 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DEVA\Desktop\OTL.exe


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]


SRV - [2009-02-23 23:02:03 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])

SRV - [2009-02-05 23:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])

SRV - [2002-02-18 22:23:00 | 00,110,592 | ---- | M] () -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])

SRV - [2009-02-05 23:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])

SRV - [2009-02-05 23:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])

SRV - [2009-02-05 23:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Programmi\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])

SRV - File not found -- -- (dnWhoDisp [On_Demand | Stopped])

SRV - [2009-06-16 21:26:55 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Programmi\Google\Update\GoogleUpdate.exe -- (gupdate1c9eeb874f68ff0 [Auto | Stopped])

SRV - [2009-06-16 21:20:14 | 00,183,280 | ---- | M] (Google) -- C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])

SRV - File not found -- -- (Harmony [On_Demand | Stopped])

SRV - [2004-08-19 15:39:22 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])

SRV - [2008-11-11 16:59:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])

SRV - [2003-07-28 21:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])

SRV - File not found -- -- (RSLinx [Auto | Stopped])

SRV - [2005-01-28 14:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running])

SRV - [2005-03-21 17:23:24 | 00,057,344 | ---- | M] () -- C:\WINDOWS\System32\wltrysvc.exe -- (WLTRYSVC [Auto | Running])


[color=#E56717]========== Driver Services (SafeList) ==========[/color]


DRV - [2009-02-05 23:05:11 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])

DRV - [2004-09-29 12:20:30 | 00,071,448 | R--- | M] (Rockwell Software Inc.) -- C:\WINDOWS\System32\Drivers\ABKTCX.sys -- (ABKTCX [On_Demand | Stopped])

DRV - [2001-08-17 22:20:04 | 00,096,256 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\drivers\ac97intc.sys -- (ac97intc [On_Demand | Running])

DRV - [2005-02-23 15:58:56 | 00,011,776 | ---- | M] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\Afc.sys -- (Afc [On_Demand | Running])

DRV - [2009-02-05 23:07:12 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])

DRV - [2009-02-05 23:08:10 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])

DRV - [2009-02-05 23:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])

DRV - [2009-02-05 23:07:23 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])

DRV - [2009-02-05 23:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])

DRV - [2002-03-22 02:21:00 | 00,419,200 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])

DRV - [2005-03-21 17:23:24 | 00,359,552 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\bcmwl5.sys -- (BCM43XX [On_Demand | Running])

DRV - [2004-08-22 17:31:10 | 00,155,136 | ---- | M] ( ) -- C:\WINDOWS\system32\DRIVERS\d347bus.sys -- (d347bus [Boot | Running])

DRV - [2004-08-22 17:31:48 | 00,005,248 | ---- | M] ( ) -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt [Boot | Running])

DRV - [2001-08-30 23:29:16 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Running])

DRV - [2008-11-11 00:09:37 | 00,015,781 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\DRIVERS\mdc8021x.sys -- (MDC8021X [Auto | Running])

DRV - [2007-05-29 14:30:38 | 00,508,160 | ---- | M] (PixArt Imaging Inc.) -- C:\WINDOWS\System32\DRIVERS\PFC027.SYS -- (PAC207 [On_Demand | Stopped])

DRV - [2002-09-13 16:22:36 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])

DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])

DRV - [2004-09-29 12:20:40 | 00,030,166 | R--- | M] (Rockwell Software, Inc.) -- C:\WINDOWS\system32\RSIKT.SYS -- (RsiKtControl [On_Demand | Stopped])

DRV - [2004-09-29 12:20:40 | 00,155,440 | R--- | M] (Rockwell Software Inc.) -- C:\WINDOWS\SYSTEM32\RSSERIAL.SYS -- (RSSERIAL [On_Demand | Stopped])

DRV - [2004-09-29 12:20:40 | 00,142,592 | R--- | M] (Rockwell Software, Inc.) -- C:\WINDOWS\SYSTEM32\RS_SS_NT.SYS -- (RS_SS_NT [On_Demand | Stopped])

DRV - [2004-07-17 11:36:38 | 00,027,440 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])

DRV - [2002-10-16 14:55:48 | 00,002,851 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\System32\drivers\Toshidpt.sys -- (toshidpt [On_Demand | Stopped])

DRV - [2005-03-30 13:42:54 | 00,047,230 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\DRIVERS\tosporte.sys -- (tosporte [On_Demand | Running])

DRV - [2005-04-22 22:11:30 | 00,098,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\System32\Drivers\tosrfbd.sys -- (Tosrfbd [On_Demand | Stopped])

DRV - [2004-07-08 18:07:34 | 00,036,531 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\Drivers\tosrfbnp.sys -- (Tosrfbnp [On_Demand | Stopped])

DRV - [2004-10-04 11:33:02 | 00,062,799 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\Drivers\tosrfcom.sys -- (Tosrfcom [System | Running])

DRV - [2005-04-22 23:34:56 | 00,052,608 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys -- (Tosrfhid [On_Demand | Stopped])

DRV - [2005-01-06 14:42:42 | 00,018,612 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\System32\DRIVERS\tosrfnds.sys -- (tosrfnds [On_Demand | Stopped])

DRV - [2005-04-06 10:54:44 | 00,050,048 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\System32\drivers\TosRfSnd.sys -- (TosRfSnd [On_Demand | Stopped])

DRV - [2004-12-21 12:38:12 | 00,034,816 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\System32\Drivers\tosrfusb.sys -- (Tosrfusb [On_Demand | Stopped])


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]



[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = gateway1.its.it:8080


[color=#E56717]========== FireFox ==========[/color]


FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"

FF - prefs.js..extensions.enabledItems: filtersetg@updater:0.5

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:0.7.5.5

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}:1.5.0.850

FF - prefs.js..extensions.enabledItems: {2224E955-00E9-4613-A844-CE69FCCAAE91}:3.4.0.4340

FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.2.20080910

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11

FF - prefs.js..network.proxy.backup.ftp: "200.65.129.1"

FF - prefs.js..network.proxy.backup.ftp_port: 80

FF - prefs.js..network.proxy.backup.gopher: "200.65.129.1"

FF - prefs.js..network.proxy.backup.gopher_port: 80

FF - prefs.js..network.proxy.backup.socks: "200.65.129.1"

FF - prefs.js..network.proxy.backup.socks_port: 80

FF - prefs.js..network.proxy.backup.ssl: "200.65.129.1"

FF - prefs.js..network.proxy.backup.ssl_port: 80

FF - prefs.js..network.proxy.ftp: "200.65.129.1"

FF - prefs.js..network.proxy.ftp_port: 80

FF - prefs.js..network.proxy.gopher: "200.65.129.1"

FF - prefs.js..network.proxy.gopher_port: 80

FF - prefs.js..network.proxy.http: "200.65.129.1"

FF - prefs.js..network.proxy.http_port: 80

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: "200.65.129.1"

FF - prefs.js..network.proxy.socks_port: 80

FF - prefs.js..network.proxy.ssl: "200.65.129.1"

FF - prefs.js..network.proxy.ssl_port: 80



FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Programmi\Java\jre6\lib\deploy\jqs\ff [2008-11-11 16:59:09 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Programmi\Internet Saving Optimizer\3.4.0.4340\FF [2009-07-10 12:40:15 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Programmi\Media Access Startup\1.5.0.850\FF [2009-07-16 17:01:01 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2009-06-17 00:20:53 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2009-06-12 18:13:29 | 00,000,000 | ---D | M]


[2008-11-11 14:06:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\DEVA\Dati applicazioni\mozilla\Extensions

[2008-11-11 14:06:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\DEVA\Dati applicazioni\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2009-07-20 14:26:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\DEVA\Dati applicazioni\mozilla\Firefox\Profiles\hlbi9o4t.default\extensions

[2009-04-05 22:00:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\DEVA\Dati applicazioni\mozilla\Firefox\Profiles\hlbi9o4t.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2009-07-20 14:26:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\DEVA\Dati applicazioni\mozilla\Firefox\Profiles\hlbi9o4t.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2009-07-20 14:26:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\DEVA\Dati applicazioni\mozilla\Firefox\Profiles\hlbi9o4t.default\extensions\filtersetg@updater

[2009-07-20 14:26:28 | 00,000,000 | ---D | M] -- C:\Programmi\mozilla firefox\extensions

[2009-06-12 18:13:29 | 00,000,000 | ---D | M] -- C:\Programmi\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2008-11-11 16:59:46 | 00,000,000 | ---D | M] -- C:\Programmi\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

[2009-06-12 18:13:12 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\browserdirprovider.dll

[2009-06-12 18:13:12 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\brwsrcmp.dll

[2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Programmi\mozilla firefox\plugins\np-mswmp.dll

[2009-01-16 19:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Programmi\mozilla firefox\plugins\np32dsw.dll

[2008-11-11 16:59:07 | 00,410,976 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\mozilla firefox\plugins\npdeploytk.dll

[2009-06-12 18:13:19 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Programmi\mozilla firefox\plugins\npnul32.dll

[2003-07-15 07:56:52 | 00,013,888 | ---- | M] (Microsoft Corporation) -- C:\Programmi\mozilla firefox\plugins\NPOFFICE.DLL

[2009-01-24 17:22:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Programmi\mozilla firefox\plugins\npqtplugin.dll

[2009-01-24 17:22:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Programmi\mozilla firefox\plugins\npqtplugin2.dll

[2009-01-24 17:22:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Programmi\mozilla firefox\plugins\npqtplugin3.dll

[2009-01-24 17:22:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Programmi\mozilla firefox\plugins\npqtplugin4.dll

[2009-01-24 17:22:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Programmi\mozilla firefox\plugins\npqtplugin5.dll

[2009-01-24 17:22:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Programmi\mozilla firefox\plugins\npqtplugin6.dll

[2009-01-24 17:22:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Programmi\mozilla firefox\plugins\npqtplugin7.dll

[2006-06-03 18:43:22 | 00,000,896 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\allegro-pl.xml

[2008-04-03 19:19:08 | 00,001,406 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\fbc-pl.xml

[2008-04-16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\google.xml

[2007-03-31 19:11:54 | 00,000,917 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\merlin-pl.xml

[2006-06-03 18:43:22 | 00,000,858 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\pwn-pl.xml

[2008-03-28 23:36:04 | 00,001,183 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-pl.xml

[2007-01-05 13:40:56 | 00,001,683 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wp-pl.xml


O1 HOSTS File: (768 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O2 - BHO: (Media Access Startup) - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Programmi\Media Access Startup\1.5.0.850\HPIEAddOn.dll ()

O2 - BHO: (NP Helper Class) - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Programmi\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll ()

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Pomocnik rejestracji usługi Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)

O2 - BHO: (System Search Dispatcher) - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Programmi\System Search Dispatcher\1.2.0.750\ssd.dll File not found

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No CLSID value found.

O4 - HKLM..\Run: [avast!] C:\Programmi\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

O4 - HKLM..\Run: [DAEMON Tools-1033] C:\Programmi\D-Tools\daemon.exe (DAEMON'S HOME)

O4 - HKLM..\Run: [googletalk] C:\Programmi\Google\Google Talk\googletalk.exe (Google)

O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)

O4 - HKLM..\Run: [QuickTime Task] C:\Programmi\QuickTime\QTTask.exe (Apple Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKCU..\Run: [MsnMsgr] C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)

O4 - HKCU..\Run: [Uniblue RegistryBooster 2] File not found

O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Bluetooth Manager.lnk = C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O8 - Extra context menu item: Add to Windows &Live Favorites - File not found

O8 - Extra context menu item: E&sporta in Microsoft Excel - C:\Programmi\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (Microsoft Corporation)

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)

O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmi\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmi\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\File comuni\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter: - text/xml - C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008-01-08 01:07:23 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [NTFS]

O33 - MountPoints2\{3e09071c-d096-11dc-a6fc-00023fb07f99}\Shell\Open(&0)\command - "" = E:\Recycled\ctfmon.exe -- File not found

O33 - MountPoints2\{443ee4b2-c5bb-11dc-a6e3-00023fb07f99}\Shell - "" = AutoRun

O33 - MountPoints2\{85853300-1068-11dd-a723-00023fb07f99}\Shell - "" = AutoRun

O33 - MountPoints2\{9d210c70-c33b-11dc-a6d8-00023fb07f99}\Shell - "" = AutoRun

O33 - MountPoints2\{b806f320-3583-11de-8e5b-00023fb07f99}\Shell - "" = AutoRun

O33 - MountPoints2\{c876cc90-be8b-11dc-a6c9-00023fb07f99}\Shell - "" = AutoRun

O33 - MountPoints2\{ebcfe2b0-309e-11dd-a736-00023fb07f99}\Shell - "" = AutoRun

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found


[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]


[2009-07-20 17:48:47 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\DEVA\Desktop\OTL.exe

[2009-07-20 17:35:46 | 00,001,698 | ---- | C] () -- C:\Documents and Settings\DEVA\Desktop\HijackThis.lnk

[2009-07-20 17:35:45 | 00,000,000 | ---D | C] -- C:\Programmi\Trend Micro

[2009-07-20 17:16:57 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\DEVA\Desktop\HJTInstall.exe

[2009-07-17 18:15:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Uniblue

[2009-07-17 18:13:12 | 00,000,000 | ---D | C] -- C:\Programmi\Uniblue

[2009-07-17 18:06:17 | 25,254,840 | ---- | C] (Uniblue ) -- C:\Documents and Settings\DEVA\Desktop\spyeraser.exe

[2009-07-15 20:37:15 | 01,606,064 | ---- | C] () -- C:\Documents and Settings\DEVA\Desktop\googletalk-setup.exe

[2009-07-13 18:43:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Chat Republic Games

[2009-07-13 18:42:06 | 00,821,120 | ---- | C] (Chat Republic Games OY) -- C:\Documents and Settings\DEVA\Desktop\Superstar Racing.exe

[2009-07-13 18:36:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\DEVA\Impostazioni locali\Dati applicazioni\Chat Republic Games

[2009-07-13 18:02:07 | 04,600,053 | ---- | C] () -- C:\Documents and Settings\DEVA\Desktop\P7020145.JPG

[2009-07-13 18:02:02 | 04,235,989 | ---- | C] () -- C:\Documents and Settings\DEVA\Desktop\P7020144.JPG

[2009-07-13 18:01:57 | 04,911,297 | ---- | C] () -- C:\Documents and Settings\DEVA\Desktop\P7020146.JPG

[2009-07-10 21:34:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\DEVA\Desktop\pendrak

[2009-07-10 12:51:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\DEVA\Impostazioni locali\Dati applicazioni\Internet Saving Optimizer

[2009-07-10 12:40:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\DEVA\Impostazioni locali\Dati applicazioni\Media Access Startup

[2009-07-10 12:40:26 | 00,000,000 | ---D | C] -- C:\Programmi\Media Access Startup

[2009-07-10 12:40:14 | 00,000,000 | ---D | C] -- C:\Programmi\Internet Saving Optimizer

[2009-07-10 12:38:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\DEVA\Impostazioni locali\Dati applicazioni\DoubleD

[2009-07-08 21:59:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\DEVA\Dati applicazioni\dvdcss

[2009-07-08 21:47:14 | 00,000,000 | ---D | C] -- C:\BE_COOL

[2009-07-08 21:45:52 | 00,000,000 | ---D | C] -- C:\Programmi\DVD Decrypter

[2009-07-08 12:11:17 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2009-07-08 12:11:13 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2009-07-08 12:11:12 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm

[2009-07-08 12:11:12 | 00,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml

[2009-07-08 12:11:11 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll

[2009-07-08 12:11:11 | 00,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm

[2009-07-08 12:11:09 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2009-07-08 12:11:09 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2009-07-08 12:11:08 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2009-07-08 12:11:07 | 00,090,112 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll

[2009-07-08 12:11:03 | 00,685,056 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll

[2009-07-08 12:11:02 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2009-07-08 12:11:02 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2009-07-08 12:10:55 | 00,000,000 | ---D | C] -- C:\Programmi\K-Lite Codec Pack

[2009-07-01 10:40:37 | 00,001,128 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2009-07-01 10:40:36 | 00,001,124 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2009-03-29 14:22:08 | 00,000,097 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI

[2008-12-27 15:33:17 | 00,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys

[2008-12-27 15:33:17 | 00,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys

[2008-11-12 19:28:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI

[2008-11-11 17:33:24 | 00,000,408 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini

[2008-11-10 23:40:01 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI

[2008-02-23 11:35:51 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll

[2008-02-23 11:35:21 | 00,000,009 | ---- | C] () -- C:\WINDOWS\Sierra.ini

[2008-02-22 19:51:03 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll

[2008-01-08 22:46:13 | 00,000,031 | ---- | C] () -- C:\WINDOWS\ResetW.INI

[2008-01-08 22:02:26 | 00,000,288 | ---- | C] () -- C:\WINDOWS\SlRegEDS.ini

[2008-01-08 12:35:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MERuntime.INI

[2008-01-08 12:04:05 | 00,000,032 | ---- | C] () -- C:\WINDOWS\EVMOVE.INI

[2008-01-08 11:44:42 | 00,002,779 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2008-01-08 11:43:38 | 00,000,032 | ---- | C] () -- C:\WINDOWS\EvMoveW.INI

[2008-01-08 11:25:54 | 00,001,578 | ---- | C] () -- C:\WINDOWS\EDS.INI

[2008-01-08 11:25:54 | 00,000,235 | ---- | C] () -- C:\WINDOWS\RLEIcons.ini

[2008-01-08 11:25:54 | 00,000,073 | ---- | C] () -- C:\WINDOWS\rocksoft.ini

[2006-11-02 10:27:46 | 00,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini

[2004-12-02 16:20:12 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll

[2004-09-29 12:20:42 | 00,030,992 | R--- | C] () -- C:\WINDOWS\System32\LINXVDD.DLL

[2004-09-22 11:09:06 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll

[2004-08-22 18:04:56 | 00,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll

[2004-08-19 15:39:14 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll

[2004-07-20 18:04:02 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll

[2004-07-17 11:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

[2004-01-15 15:43:28 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll

[2003-07-29 16:33:26 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll

[2003-04-01 12:49:16 | 00,005,360 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[2002-09-13 16:23:20 | 00,001,326 | ---- | C] () -- C:\WINDOWS\win.ini

[2002-09-13 16:23:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini


[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]


[1 C:\WINDOWS\System32\*.tmp files]

[3 C:\WINDOWS\*.tmp files]

[2009-07-20 17:49:41 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DEVA\Desktop\OTL.exe

[2009-07-20 17:45:02 | 00,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2009-07-20 17:35:46 | 00,001,698 | ---- | M] () -- C:\Documents and Settings\DEVA\Desktop\HijackThis.lnk

[2009-07-20 17:17:19 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\DEVA\Desktop\HJTInstall.exe

[2009-07-20 13:09:10 | 00,001,046 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job

[2009-07-20 12:34:38 | 00,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2009-07-20 12:31:58 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009-07-20 12:31:50 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009-07-17 18:16:56 | 00,001,326 | ---- | M] () -- C:\WINDOWS\win.ini

[2009-07-17 18:16:56 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2009-07-17 18:16:56 | 00,000,211 | -HS- | M] () -- C:\boot.ini

[2009-07-17 18:12:26 | 25,254,840 | ---- | M] (Uniblue ) -- C:\Documents and Settings\DEVA\Desktop\spyeraser.exe

[2009-07-17 17:14:43 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009-07-15 20:37:29 | 01,606,064 | ---- | M] () -- C:\Documents and Settings\DEVA\Desktop\googletalk-setup.exe

[2009-07-13 18:42:06 | 00,821,120 | ---- | M] (Chat Republic Games OY) -- C:\Documents and Settings\DEVA\Desktop\Superstar Racing.exe

[2009-07-08 11:31:24 | 00,041,984 | ---- | M] () -- C:\Documents and Settings\DEVA\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-07-02 14:15:36 | 04,911,297 | ---- | M] () -- C:\Documents and Settings\DEVA\Desktop\P7020146.JPG

[2009-07-02 14:15:30 | 04,600,053 | ---- | M] () -- C:\Documents and Settings\DEVA\Desktop\P7020145.JPG

[2009-07-02 14:15:18 | 04,235,989 | ---- | M] () -- C:\Documents and Settings\DEVA\Desktop\P7020144.JPG


[color=#E56717]========== Alternate Data Streams ==========[/color]


@Alternate Data Stream - 16 bytes -> C:\Documents and Settings\DEVA\Documenti\Shareaza Downloads:Shareaza.GUID

< End of report >

Jesli chodzi o komputery to jestem kompletnie zielona. Blagam o pomoc.


(djkamil09061991) #2

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Programmi\Media Access Startup\1.5.0.850\HPIEAddOn.dll

O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Programmi\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll

O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Programmi\System Search Dispatcher\1.2.0.750\ssd.dll (file missing)

O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe

sfiksuj

Aby usunąć wpis, kliknij w głównym oknie programu "Do a system scan only".

Wybrane do usunięcia pozycje zaptaszkuj w kwadracie po lewej stronie, a następnie kliknij w dolnej części okna przycisk "Fix Checked".

przeczyść dysk i rejestr ccleaner oraz zastosuj program ATF


(Nika18) #3

do pierwszej części się zastosowałam, ale nie wiem jak mam przeczyścić dysk i rejestr za pomocą ccleaner i atf żeby czegoś nie zepsuć... co mam zaznaczyć?


(djkamil09061991) #4

w ccleaner daj opcje cleaner i potem analiza i jak już wyszuka to daj uruchom cleaner. potem w menu głównym wejdź w opcje rejestr i daj skanuj by znaleźć problem i potem jak znajdzie daj napraw zaznaczone problemy.

a w ATF zaznacz wszystkie opcje i daj empety select


(Nika18) #5

w ATF mówiąc wszystkie opcje masz na myśli select all czy wszystko z góry na dól? czy te programy są bezpieczne i nie usuną mi plików potrzebnych do prawidłowego funkcjonowania komputera?


(djkamil09061991) #6

nie usuną. ja używam ccleanera od lat i nic mi nie popsuł. a w ATF jak zaznaczysz select all to na to samo wyjdzie jak zaznaczysz wszystko


(Nika18) #7

zrobione. rejestr czyściłam 4 razy zanim ccleaner nie wykazał problemów. ATF tez użyłam kilka razy. Niestety jak włączyłam Firefox to po kilku sekundach stronka ad.antventure znowu się pojawiła... :frowning:


(djkamil09061991) #8

a sprobuj zmienić stronę główną


(Nika18) #9

zmieniłam z onet.pl na google.pl i niestety to tez nie pomogło... :frowning: może odinstalowanie Mozilli i ponowne zainstalowanie coś da? jak myślisz? nie chce tego robić bo stracę wszystkie zakładki... ale jeśli to ma pomoc to trudno...


(djkamil09061991) #10

a nie lepiej zmienić przeglądarkę? ja polecam google chrome która nie obciąża systemu tak jak mozilla i skupia się na szybkości :slight_smile:


(Nika18) #11

Czy ta stronka otwiera się tylko po to żeby mnie (delikatnie mówiąc) zdenerwować czy to możne być przejaw hakerstwa i próby włamania się do systemu?


(Patrykol270) #12

żeby cie zdenerwować. To typowy adware przeskanuj Malwarebytes anti malware i Dr.Web CureIt

  1. Malwarebytes http://dobreprogramy.pl/index.php?dz=2& ... lware+1.39

2.Dr.Web http://dobreprogramy.pl/index.php?dz=2& ... 00.4.06300