salve amici, vi spiego il problema....di solito utilizzo emule e altri programmi che utilizzano la connessione internet (vedi irc, ie, ecc..)...
ebbene, mi sono accorto da un pò che la mia banda è un pò limitata, l'altro giorno, riavviando il pc, chiudendo tutti i programmi ho visto che l'attività internet era ancora ben presente eccome...(ovvero inviava bit all'impazzata).
io uso norton internet security 2005 (av+firewall), spybot.
in esecuzione oltre a questi c'era diskkeeper..
è possibile che qualcuno fosse "dentro" al pc ?
oppure è emule che anche dopo chiuso continua a rompere ?
dopo il riavvio pare che il problema non ci fosse...
c'è qualche altro programma che permette di scovare eventuali intrusi ?
grazie mille x ogni risposta che darete

paciocco

E' possibile che Emule continui a lavorare.
Prova ad andare in Task manager e chiudi il processo di Emule.
Vedrai che il traffico si fermerà.

il problema è che andando subito in task manager, il processo di emule non c'era... :stordita:

il problema è che andando subito in task manager, il processo di emule non c'era... :stordita:
scarica HijackThis e posta qui il log che ti dà dopo lo scan :)

bYeZ!

scarica HijackThis e posta qui il log che ti dà dopo lo scan :)

bYeZ!
eccolo, io non ci ho capito granchè, aspetto consigli :)))
Logfile of HijackThis v1.99.1
Scan saved at 8.39.07, on 14/05/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\TGTSoft\StyleXP\StyleXPService.exe
D:\Programmi\File comuni\Symantec Shared\ccProxy.exe
D:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
D:\Programmi\Norton Internet Security\ISSVC.exe
D:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
D:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Programmi\Executive Software\Diskeeper\DkService.exe
D:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
D:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\Programmi\ATI Technologies\Pannello di controllo ATI\atiptaxx.exe
D:\WINDOWS\system32\CTHELPER.EXE
D:\WINDOWS\system32\rundll32.exe
D:\Programmi\Java\jre1.5.0_01\bin\jusched.exe
E:\Programmi\Nokia\Nokia PC Suite 6\Launch Application 2.exe
D:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
D:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
D:\Programmi\File comuni\Symantec Shared\ccApp.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programmi\Creative\SBAudigy\TaskBar\CTLTray.exe
D:\Programmi\Creative\SBAudigy\TaskBar\CTLTask.exe
D:\Programmi\Messenger\msmsgs.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Programmi\R-Wipe&Clean\rwiped.exe
E:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
D:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
D:\PROGRA~1\FILECO~1\Nokia\MPAPI\MPAPI3s.exe
D:\Programmi\eMule\emule.exe
D:\Programmi\Azureus\Azureus.exe
D:\Programmi\Java\jre1.5.0_01\bin\javaw.exe
E:\INVISION CHAT GO\mirc.exe
D:\Programmi\Internet Explorer\iexplore.exe
D:\Programmi\File comuni\Symantec Shared\AdBlocking\NSMdtr.exe
D:\Documents and Settings\isg71\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 218.24.6.97:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - D:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\Programmi\FlashFXP\IEFlash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - D:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] D:\Programmi\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [CTStartup] D:\Programmi\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Programmi\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] E:\Programmi\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] D:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [Emurayden PSX Emulator] E:\Program Files\Emurayden PSX Emulator v2.1\Emurayden PSX AutoLauncher.exe
O4 - HKLM\..\Run: [RemoteControl] D:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [ccApp] "D:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] D:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [DiskeeperSystray] "D:\Programmi\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ATI Launchpad] "D:\Programmi\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [TaskTray] D:\Programmi\Creative\SBAudigy\TaskBar\CTLTray.exe
O4 - HKCU\..\Run: [TaskBar] D:\Programmi\Creative\SBAudigy\TaskBar\CTLTask.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RWipeD] D:\Programmi\R-Wipe&Clean\rwiped.exe
O4 - HKCU\..\Run: [PcSync] E:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [STYLEXP] D:\Programmi\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\RunOnce: [RWC_CLR_HISTORY] D:\Programmi\R-Wipe&Clean\RWipeRun.exe /CLEAR-HISTORY
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica con FlashGet - D:\Programmi\FlashGet\jc_link.htm
O8 - Extra context menu item: Scarica tutto con FlashGet - D:\Programmi\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - D:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - D:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{18D2BF72-A630-4B27-BADA-57CE22243446}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ABDF322C-0D8E-4AC6-8271-187D8475DF44}: NameServer = 62.***.**.*** 212.**.*.**
O17 - HKLM\System\CS1\Services\Tcpip\..\{18D2BF72-A630-4B27-BADA-57CE22243446}: NameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{18D2BF72-A630-4B27-BADA-57CE22243446}: NameServer = 192.168.0.1
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - D:\Programmi\File comuni\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Programmi\Executive Software\Diskeeper\DkService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - D:\Programmi\Norton Internet Security\ISSVC.exe
O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - D:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - D:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - D:\Programmi\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe


paciocco

eccolo, io non ci ho capito granchè, aspetto consigli :)))
Logfile of HijackThis v1.99.1
Scan saved at 8.39.07, on 14/05/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\TGTSoft\StyleXP\StyleXPService.exe
D:\Programmi\File comuni\Symantec Shared\ccProxy.exe
D:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
D:\Programmi\Norton Internet Security\ISSVC.exe
D:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
D:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Programmi\Executive Software\Diskeeper\DkService.exe
D:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
D:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\Programmi\ATI Technologies\Pannello di controllo ATI\atiptaxx.exe
D:\WINDOWS\system32\CTHELPER.EXE
D:\WINDOWS\system32\rundll32.exe
D:\Programmi\Java\jre1.5.0_01\bin\jusched.exe
E:\Programmi\Nokia\Nokia PC Suite 6\Launch Application 2.exe
D:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
D:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
D:\Programmi\File comuni\Symantec Shared\ccApp.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programmi\Creative\SBAudigy\TaskBar\CTLTray.exe
D:\Programmi\Creative\SBAudigy\TaskBar\CTLTask.exe
D:\Programmi\Messenger\msmsgs.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Programmi\R-Wipe&Clean\rwiped.exe
E:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
D:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
D:\PROGRA~1\FILECO~1\Nokia\MPAPI\MPAPI3s.exe
D:\Programmi\eMule\emule.exe
D:\Programmi\Azureus\Azureus.exe
D:\Programmi\Java\jre1.5.0_01\bin\javaw.exe
E:\INVISION CHAT GO\mirc.exe
D:\Programmi\Internet Explorer\iexplore.exe
D:\Programmi\File comuni\Symantec Shared\AdBlocking\NSMdtr.exe
D:\Documents and Settings\isg71\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 218.24.6.97:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - D:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\Programmi\FlashFXP\IEFlash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - D:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] D:\Programmi\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [CTStartup] D:\Programmi\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Programmi\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] E:\Programmi\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] D:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [Emurayden PSX Emulator] E:\Program Files\Emurayden PSX Emulator v2.1\Emurayden PSX AutoLauncher.exe
O4 - HKLM\..\Run: [RemoteControl] D:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [ccApp] "D:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] D:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [DiskeeperSystray] "D:\Programmi\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ATI Launchpad] "D:\Programmi\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [TaskTray] D:\Programmi\Creative\SBAudigy\TaskBar\CTLTray.exe
O4 - HKCU\..\Run: [TaskBar] D:\Programmi\Creative\SBAudigy\TaskBar\CTLTask.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RWipeD] D:\Programmi\R-Wipe&Clean\rwiped.exe
O4 - HKCU\..\Run: [PcSync] E:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [STYLEXP] D:\Programmi\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\RunOnce: [RWC_CLR_HISTORY] D:\Programmi\R-Wipe&Clean\RWipeRun.exe /CLEAR-HISTORY
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica con FlashGet - D:\Programmi\FlashGet\jc_link.htm
O8 - Extra context menu item: Scarica tutto con FlashGet - D:\Programmi\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - D:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - D:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{18D2BF72-A630-4B27-BADA-57CE22243446}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ABDF322C-0D8E-4AC6-8271-187D8475DF44}: NameServer = 62.***.**.*** 212.**.*.**
O17 - HKLM\System\CS1\Services\Tcpip\..\{18D2BF72-A630-4B27-BADA-57CE22243446}: NameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{18D2BF72-A630-4B27-BADA-57CE22243446}: NameServer = 192.168.0.1
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - D:\Programmi\File comuni\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Programmi\Executive Software\Diskeeper\DkService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - D:\Programmi\Norton Internet Security\ISSVC.exe
O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - D:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - D:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - D:\Programmi\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe


paciocco


sospetti
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 218.24.6.97:80

O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - D:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROPROJ.DLL


O17 - HKLM\System\CCS\Services\Tcpip\..\{ABDF322C-0D8E-4AC6-8271-187D8475DF44}: NameServer = 62.***.**.*** 212.**.*.**

niente di che. però approfitto per consigliarti primo un'anvirus più efficace e poi vai in task manager e vedi quanti processi hai. ne hai una tonnelata consiglierei con jv16 di dargli una bella sfoltita di tutti i programmi in background/avvio.
ciao.
;)

grazie mille, allora che antivirus consigli ? inoltre cos'è jv16? è semplice da usare ?
grazie di tutto cmq

grazie mille, allora che antivirus consigli ? inoltre cos'è jv16? è semplice da usare ?
grazie di tutto cmq

jv16 è facilissimo da usare. serve per disinstallare, pulire il registro e come ti consigliavo prima ottimizzare l'avvio
http://www.ilsoftware.it/querydl.asp?ID=500
come AV ce ne sono molti migliori di norton praticamente tutti. io uso avast 4.6 prof. efficace, leggero, gratis.
ciao.
;)

lo provo subito e grazie mille di tutto
;)

lo provo subito e grazie mille di tutto
;)

qualche dubbio son qui.
;)

qualche dubbio son qui.
;)
ciao,ho scaricato jv16 power tool,però ho dei dubbi su come si usa...fix o remove? se qualcuno se ne intende un po ho messo anche il log....sono apposto?grazie
Logfile of HijackThis v1.99.1
Scan saved at 21.16.39, on 25/05/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Java\jre1.5.0_02\bin\jusched.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Programmi\D-Tools\daemon.exe
C:\Programmi\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\Alice ti aiuta\bin\mad.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE
C:\WINDOWS\System32\cisvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
F:\eMule\emule.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Documents and Settings\casa\Documenti\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Programmi\Creative\PC-CAM Center\CAMTRAY.EXE
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [KAVPersonal50] C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmi\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [Outpost Firewall] C:\Programmi\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (HKCU)
O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (HKCU)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.1_06) -
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_06) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{87ECA864-966C-4F9D-9961-9B7ADB15652D}: NameServer = 85.37.17.6 151.99.125.1
O23 - Service: kavsvc - Kaspersky Labs - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe

Si direi che il tuo log è ok ;)

Si direi che il tuo log è ok ;)
grazie per lo sguardo...mi sai anche parlare per caso di jv16, il programma di cui parlava sopra l amico halduemilauno? :D mi ha trovato un po di casino con le chiavi di registro e nn solo :muro: ma nn sapendo come funzia ho preferito uscire.... :) grazie