View Full Version : Windows Xp avvio lento
Duncandg
07-07-2007, 13:42
Ciao a tutti ragazzi
ho un problemino
da ieri sera quando avvio winxp e arrivo al desktop il sistema mi appare lento, per spiegarmi meglio se nei primi 30sec/1min provo ad aprire anche un file di testo ci mette un po, poi passato questo frangente di tempo torna alla normalita
ora pero vorrei risolvere ma sto esaurendo le idee nell'ordine
ho disabilitato tutti i processi all'avvio tranne, il sygate personal firewall, il controller audio e il controller raid e le daemon tools v4.09
ho addirittura utilizzato un punto di ripristino ma il problema non sembra essersi risolto
ho disabilitato il nod32, sia dal kernel sia dall'avvio automatico
sto impazzendo e non trovo una soluzionea deguata
:help:
grazie
skymax84
08-09-2007, 09:38
ho praticamente il tuo stessissimo problema, anch'io ho più o meno gli stessi programmi...
ho rilevato questo problema dopo aver:
- aggiornato i drivers della sceda video Ati,
- aggiornato il netframework(aggiornamento di windows update) necessario perchè mi dava problemi il control center della Ati,
- modificato le impostazioni della memoria virtuale.
Altra cosa curiosa: non mi carica tutte le icone nella barra dei programmi in basso a destra, ad esempio non carica mai l'antivirus e l'audio(sottolineo: solo le icone perchè verificando col taskmanager i processi ci sono tutti)
qualcuno mi aiuti, correggo CI aiuti:mc: :muro: :(
skymax84
08-09-2007, 13:48
up
Anche io ho un avvio mooolto lento, ma non ho lo stesso problema:
Succede quando vado a installare programmi o modificare impostazione di sistema, o addirittura anche solo quando gli va di rompere.
A me succede che compare il logo di Xp con le barrette sotto che vanno avanti, scompare questa schermata e il monitor diventa nero. Sento (conosco il mio pc) che l'hard disk non fa niente e lo schermo resta nero ancora per altri 4-5 minuti. Dopo questi 5 minuti il sul monitor compare la scritta di Vista (ho Xp Pro SP2, ma ho messo Vista Transformation Pack 7, non dite che è questo perhè lo faceva anche con Xp normale) e tutto si carica come se niente fosse.
Ho XP SP2 e ho pure formattato ma il problema (anche se ci ha messo di piu) è ricomparso. Rimpiango quei bei momenti in cui da quando premevo il pulsante di accensione fino a quando era tutto caricato passava solo 1 minuto e 15 secondi. :mc: :help: :help: :help:
ragazzi nei processi in avvio intanto è meglio tenere sempre anche il vostro antivirus!!!
Postatate il log di Hijackthis e vediamo di aiutarvi!
skymax84
09-09-2007, 00:19
Aggiungo che oggi pomeriggio ha incominciato anche a crashare sul lancio di messenger live 8.1, che ho subito disinstallato e reinstallato. In pratica mi usciva improvvisamente una schermata blu che velocemente scompariva, della quale sono riuscito a leggere solo BAD_POOL_CALLER
Ora il problema ce l'ho quando lancio la scansione di HD Tune. Non ce la faccio +. Non voglio formattare, ho linux sull'altra partizione e se non sbaglio è un mezzo macello...:mbe:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1.15.32, on 09/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Microsoft ActiveSync\Wcescomm.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\Ray Adams\ATI Tray Tools\atitray.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\K-Lite Codec Pack\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [kav] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Programmi\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1184398711281
O17 - HKLM\System\CCS\Services\Tcpip\..\{3BEACF9F-9AE6-447E-B721-4B56DBE8BBFC}: NameServer = 212.216.112.112,212.216.172.62
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 7044 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1.26.59, on 09/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\Mixer.exe
C:\Programmi\Comodo\Firewall\CPF.exe
C:\Programmi\Microsoft IntelliPoint\ipoint.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\PowerMenu\PowerMenu.exe
C:\Programmi\Thoosje Sidebar 2.2\Thoosje Sidebar.exe
C:\Programmi\ViOrb\ViOrb.exe
C:\Programmi\Comodo\Firewall\cmdagent.exe
C:\Programmi\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
C:\Programmi\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\MSN Messenger\usnsvc.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://italian.eazel.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programmi\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [StartCCC] C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [IntelliPoint] "c:\Programmi\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\Vista Drive Status\vsdrv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Thoosje Sidebar.lnk = ?
O4 - Startup: ViOrb.lnk = ?
O4 - Global Startup: PowerMenu.lnk = C:\Programmi\PowerMenu\PowerMenu.exe
O8 - Extra context menu item: &Clean Traces - C:\Programmi\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Programmi\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Programmi\DAP\dapextie2.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Barra di ricerca di Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programmi\Comodo\Firewall\cmdagent.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Programmi\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
--
End of file - 5799 bytes
@ skymax84
Cancella queste voci:
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Programmi\Ray Adams\ATI Tray Tools\atitray.exe"
Fai una scansione online PandaScan poi scarica A-SQUARED free (tutti e due li trovi su google) e con quest'ultimo fai uno scan in modalità Deep Scan, cancella tutto qll che trova eccetto file riguardanti scanner/fotocamere ecc... Poi guarda se hai ancora il problema!
@ Mtty
cancella le seguenti voci:
C:\Programmi\ViOrb\ViOrb.exe
O4 - Startup: Thoosje Sidebar.lnk = ?
O4 - Startup: ViOrb.lnk = ?
Anche tu: Fai una scansione online PandaScan poi scarica A-SQUARED free (tutti e due li trovi su google) e con quest'ultimo fai uno scan in modalità Deep Scan, cancella tutto qll che trova eccetto file riguardanti scanner/fotocamere ecc... Poi guarda se hai ancora il problema!
skymax84
09-09-2007, 01:16
@ skymax84
Cancella queste voci:
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Programmi\Ray Adams\ATI Tray Tools\atitray.exe"
Fai una scansione online PandaScan poi scarica A-SQUARED free (tutti e due li trovi su google) e con quest'ultimo fai uno scan in modalità Deep Scan, cancella tutto qll che trova eccetto file riguardanti scanner/fotocamere ecc... Poi guarda se hai ancora il problema!
allora, ho fixato i tre file che mi hai indicato
nel frattempo sto facendo la scansione on line con panda active scan, mi rileva per il momento 45 spyware, mentre con Asquared mi ha trovato, oltre a 61 cookies, anche 3 HKEY_CLASS_ROOT\interface\{...codici vari...}
ke faccio?sono da cancellare?
se il panda mi becca anche qualche virus come faccio a disinfettare?mi chiede di pagare...
PandaScan dovrebbe cancellarli automaticamente i file trovati.
Per A-Squared cancella tutto, se proprio vuoi lascia i cookies!
skymax84
09-09-2007, 09:30
ho lasciato il pc acceso durante la notte, la scansione è terminata e mi ha identificato esclusivamente 45 spyware che risultano esere gli stessi cookies di Asquared, quindi non li cancello. Elimino solo le 3 tracce key.
Una cosa strana che mi è successa l'ultima volta che si è riavviato con la schermata blu: ho perso tutti i Preferiti di Firefox :eek:
skymax84
09-09-2007, 09:32
ecco il risultato di Asquared:
Impostazioni scansione:
Oggetti: Memoria, Tracce, Cookies, C:\, E:\
Archivio scansioni: On
Scientifico: On
ADS Scan: On
Scansione avviata: 09/09/2007 2.08.28
Key: HKEY_CLASSES_ROOT\interface\{0a45db4d-bd0d-11d2-8d14-00104b9e072a} rilevati: Trace.Registry.BonziBuddy
Key: HKEY_CLASSES_ROOT\interface\{0a45db4e-bd0d-11d2-8d14-00104b9e072a} rilevati: Trace.Registry.BonziBuddy
Key: HKEY_CLASSES_ROOT\interface\{e91e27a2-c5ae-11d2-8d1b-00104b9e072a} rilevati: Trace.Registry.BonziBuddy
C:\Documents and Settings\Max\Cookies\max@2o7[2].txt rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Cookies\max@atdmt[2].txt rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Cookies\max@bs.serving-sys[1].txt rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Cookies\max@doubleclick[2].txt rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Cookies\max@serving-sys[1].txt rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Cookies\max@statcounter[1].txt rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:47 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:67 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:113 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:146 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:148 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:153 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:174 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:175 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:176 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:177 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:178 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:179 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:181 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:204 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:205 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:206 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:207 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:208 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:209 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:210 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:223 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:227 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:228 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:230 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:232 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:237 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:314 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:326 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:355 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:361 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:362 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:384 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:386 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:387 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:401 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:559 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:570 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:571 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:572 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:573 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:588 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:600 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:601 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:602 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:637 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:775 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:809 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:816 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:821 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:822 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:848 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:849 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:892 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:901 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Max\Dati applicazioni\Mozilla\Firefox\Profiles\wa53r896.default\cookies.txt:902 rilevati: Trace.TrackingCookie
Scansionati
Files: 406750
Tracce: 323191
Cookies: 1040
Processi: 37
Rilevato
Files: 0
Tracce: 3
Cookies: 61
Processi: 0
Chiavi registro: 0
Fine scansione: 09/09/2007 4.49.15
Tempo scansione: 2.40.47
skymax84
09-09-2007, 11:23
Grazie 1 milione di volte: ho finalmente risolto, almeno spero!
maledetto zonealarm, entrambi i problemi che mi hanno assillato per questi due giorni(l'altro problema è quello del riavvio improvviso con schermata blu) erano causati da ZA!!!
ora però ho un problemino con firefox, ma niente di grave.
grazie nuovamente!
magnagatti
09-09-2007, 13:31
Anche io ho problemi all'avvio, ho installato AVG antivirus, spybot e altri per la correzzione degli errori di windows ma nulla:
Logfile of HijackThis v1.99.1
Scan saved at 14.26.46, on 09/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\ElsaWin\bin\LcSvrAdm.exe
C:\ElsaWin\bin\LcSvrDba.exe
C:\ElsaWin\bin\LcSvrHis.exe
C:\ElsaWin\bin\LcSvrPas.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Programmi\Eset\nod32krn.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\ElsaWin\bin\LcSvrAuf.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\ADRIAN~1\IMPOST~1\Temp\Rar$EX00.047\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - TELE2Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE12\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\programmi\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.tele2.it/redirect/startpage/dial_up/ita/
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1178218918734
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O18 - Protocol: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiProt.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: ELSA Administration Service (LcSvrAdm) - Volkswagen AG - C:\ElsaWin\bin\LcSvrAdm.exe
O23 - Service: ELSA Auftragsverwaltungs Service (LcSvrAuf) - Volkswagen AG - C:\ElsaWin\bin\LcSvrAuf.exe
O23 - Service: ELSA DBA Server (LcSvrDba) - Volkswagen AG - C:\ElsaWin\bin\LcSvrDba.exe
O23 - Service: ELSA Historie Server (LcSvrHis) - Volkswagen AG - C:\ElsaWin\bin\LcSvrHis.exe
O23 - Service: ELSA PASS Server (LcSvrPAS) - Volkswagen AG - C:\ElsaWin\bin\LcSvrPas.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
anche io ho un avvio lento...ma mi sono accorto che dipende dal firewall....infatti dopo che carica tutto, devo aspettare ke si attivi il firewall x poter utilizzare il pc...o secondo voi non è il firewall?
come faccio a capirlo ed eventualmente risolvere?
graxie!
Anche io ho problemi all'avvio, ho installato AVG antivirus, spybot e altri per la correzzione degli errori di windows ma nulla
Il tuo log è pulito, ma prova a fare una scansione con PANDASCAN e con A-SQUARED (trovi ttt su google)
@ swim
che firewall hai? posta un log di hijackthis
Il mio firewall è McAfee. Ma il problema l'avevo anke quando non avevo un firewall ma dopo ke mi spuntava la finestra del "centro sicurezza pc" funzionava tutto
Questo il log:
Logfile of HijackThis v1.99.1
Scan saved at 10.15.55, on 11/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Analog Devices\SoundMAX\SMTray.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\Programmi\Windows Defender\MSASCui.exe
C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Programmi\Eset\nod32kui.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
C:\Programmi\Sybase\SQL Anywhere 8\win32\dbeng8.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\programmi\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Programmi\Eset\nod32krn.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\VMware\VMware Workstation\vmware-authd.exe
C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Outlook Express\msimn.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\Luca\IMPOST~1\Temp\Directory temporanea 1 per hijackthis_199[1].zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.catanianuoto2000.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.prevx.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.prevx.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://2uid.info
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.prevx.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.prevx.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Smapp] C:\Programmi\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmi\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [PDF3 Registry Controller] "C:\Programmi\ScanSoft\PDF Professional 3.0\\RegistryController.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Collegamento a RicCompleanni.lnk = C:\Documents and Settings\Luca\Desktop\Luka!\Programmi\RicCompleanni\RicCompleanni.exe
O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ?
O4 - Global Startup: Pinnacle Scheduler.lnk = C:\Programmi\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 - res://C:\Programmi\ScanSoft\PDF Professional 3.0\IEShellExt.dll /100
O8 - Extra context menu item: SWF Capture tool - C:\Programmi\Eltima Software\Flash Decompiler\iebt.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programmi\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programmi\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\Programmi\Eltima Software\Flash Decompiler\iebt.dll (HKCU)
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\Programmi\Eltima Software\Flash Decompiler\iebt.dll (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://luka-89.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5235272A-4B05-4E29-A747-B8F614722BB2} (myBlueZebra XVOW SIP Component) - http://mybluezebra.abbeyphone.com/activex/myBlueZebraXVOW.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160827935659
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176500869000
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://luka-89.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u2-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://151.97.160.7/activex/AxisCamControl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FF022190-EEE0-434E-82E7-C17104E40526} (Chiamagratis XVOW SIP Component) - http://chiamagratis.abbeyphone.it/services/usr/cab/ChiamagratisXVOW.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{86EAC6DC-01E7-45A5-A797-E6C2F73906AA}: NameServer = 212.216.112.112,212.216.172.62,151.99.125.2,151.99.125.3
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache - Unknown owner - C:\PROGRA~1\EASYPH~1\Apache\apache.exe" --ntservice (file missing)
O23 - Service: Adaptive Server Anywhere - SQL (ASANYe_SQL) - iAnywhere Solutions, Inc. - C:\Programmi\Sybase\SQL Anywhere 8\win32\dbeng8.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Programmi\xampp\FileZillaFTP\FileZillaServer.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GuiHook - Unknown owner - C:\PROGRA~1\NETSUP~1\guihook.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Programmi\File comuni\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\programmi\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Programmi\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Programmi\VMware\VMware Workstation\\" -s ufad-p2v.xml (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programmi\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\Programmi\xampp\service.exe (file missing)
=RKE=ImoT3p
11-09-2007, 09:55
poichè ho lo stesso problema di avvio lentissimo posto il log anche io :)
Logfile of HijackThis v1.99.1
Scan saved at 10.54.40, on 11/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\Programmi\CPUCooL\CooLSrv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Programmi\NVIDIA Corporation\nTune\nTuneService.exe
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmi\Creative\ShareDLL\CtNotify.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\Programmi\Creative\ShareDLL\MediaDet.Exe
C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmi\ASUS\Cool & Quiet\cool&quiet.exe
C:\Programmi\MSN Messenger\usnsvc.exe
C:\Programmi\BOINC\boincmgr.exe
C:\Programmi\BOINC\boinc.exe
C:\Programmi\ASUS\PC Probe II\Probe2.exe
C:\Programmi\ASUS\AASP\1.00.33\aaCenter.exe
C:\Programmi\AMD\AMD Power Monitor\AMD_PwrMon.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\BOINC\projects\boinc.bakerlab.org_rosetta\rosetta_beta_5.78_windows_intelx86.exe
C:\Programmi\BOINC\projects\boinc.bakerlab.org_rosetta\rosetta_beta_5.78_windows_intelx86.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\antonio\IMPOST~1\Temp\Rar$EX00.031\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://localhost:3476/cgi-bin/ncgir.exe?ONAMX=menu/index.html&DNAMX=ncgir.exe?html/fire_profile.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O1 - Hosts: L2authd.lineage2.com # Excalibur - Live
O1 - Hosts: 89.96.199.138 L2authd.lineage2.com #Osiris
O1 - Hosts: 89.96.199.138 L2testauthd.lineage2.com #Osiris
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [amd_dc_opt] C:\Programmi\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Programmi\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [AHQInit] C:\Programmi\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmi\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Programmi\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Programmi\ASUS\PC Probe II\Probe2.exe" 1
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [nTrayFw] C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\programmi\steam\steam.exe" -silent
O4 - Startup: BOINC Manager.lnk = C:\Programmi\BOINC\boincmgr.exe
O4 - Startup: Cool & Quiet v2.009.lnk = C:\Programmi\ASUS\Cool & Quiet\cool&quiet.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Programmi\GetRight\getright.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - C:\Programmi\CPUCooL\CooLSrv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Programmi\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
top_andrew
11-09-2007, 13:03
Ciao a tutti, io ho praticamente lo stesso problema, però ho disabilitato tutto quello che era possibile dai servizi e dalle voci di avvio con msconfig, il pc dovrebbe essere pulito.. Vi posto se non vi dispiace il log di hijack anche io così se avete un consiglio mi fate sapere..
Grazie in anticipo.
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmi\Avast4\aswUpdSv.exe
C:\Programmi\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Logitech\G-series Software\LGDCore.exe
C:\Programmi\Logitech\G-series Software\LCDMon.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Programmi\Logitech\G-series Software\Applets\LCDClock.exe
C:\Programmi\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Programmi\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Avast4\ashMaiSv.exe
C:\Programmi\Avast4\ashWebSv.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\Andrea\IMPOST~1\Temp\Rar$EX00.032\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [StartCCC] C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programmi\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programmi\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O8 - Extra context menu item: &Download All by Gigaget - C:\Programmi\Gigaget\getallurl.htm
O8 - Extra context menu item: &Download by Gigaget - C:\Programmi\Gigaget\geturl.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7841D28C-49A3-4259-A91E-2210E813CB70}: NameServer = 192.168.2.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Programmi\SiSoftware\SiSoftware Sandra Lite XII\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Programmi\SiSoftware\SiSoftware Sandra Lite XII\RpcSandraSrv.exe
C'è un thread apposta per Hijackthis e si trova naturalmente nella sezione Antivirus...
proseguite quì:
http://www.hwupgrade.it/forum/showthread.php?t=937676
Discussione chiusa
vBulletin® v3.6.4, Copyright ©2000-2025, Jelsoft Enterprises Ltd.