Garmr
30-07-2005, 21:22
Raga ho un router netgear 834 con libero adsl 2mbit ... oggi la connex mi cade ogni minuto ( si rilogga subito pero' ) ... a cosa puo' essere dovuto ? non riesco a fare una sessione umana su mirc ...
View Full Version : [Libero - Router] connex che cade
Garmr
30-07-2005, 21:34
sto cominciando a inveire -.- ..
potrebbe essere il filtro adsl ?
potrebbe essere il filtro adsl ?
Garmr
30-07-2005, 21:34
AAAAAAAAAAAAAAAA CRISI DI NERVIIIIIIIIIIIII
Garmr
30-07-2005, 21:37
sto vedendo il registro del router ed è pieno di pacchietti mandati via queste porte:
4662
4672
ne sapete qualcosa ?
4662
4672
ne sapete qualcosa ?
Garmr
30-07-2005, 21:40
sono le porte di emule ... ma emule non è aperto ... :\ ... virus ? non mi rileva niente ... neanche spyware mi rileva
ora cmq ho bloccato le 2 porte ...
edit ... anche con le due porte bloccate mi cade la linea ... pero' il registro non ha piu' quei pacchetti mandati via 4662 e 4672 ... ora non ha piu' nessun avvenimento pero' continua a cadere ...
Sat, 2005-07-30 20:38:23 - TCP Packet - Source:82.59.64.26,4891 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:23 - TCP Packet - Source:151.46.41.181,3660 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:23 - TCP Packet - Source:82.54.243.214,1914 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:24 - TCP Packet - Source:172.211.216.159,2586 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:31 - TCP Packet - Source:81.211.250.92,4218 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:31 - TCP Packet - Source:82.52.175.109,2911 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:31 - TCP Packet - Source:82.49.121.101,4177 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:32 - TCP Packet - Source:201.17.14.165,2270 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:32 - TCP Packet - Source:84.222.141.115,4027 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:33 - TCP Packet - Source:151.46.52.31,4259 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:33 - TCP Packet - Source:81.211.235.217,1878 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:34 - TCP Packet - Source:82.65.52.245,3239 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:34 - TCP Packet - Source:151.41.240.32,4659 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:34 - TCP Packet - Source:82.52.125.181,4815 Destination:xxx.xx.xx.xxx,4662 - [DOS]
questi sono i pacchetti ... xxx.xx.xx.xxx è il mio ip ( ovviamente l'ho nascosto -.- ) ... la source son tutti ip che non conosco ... qualcuno puo' aiutarmi plz ?
anzi ... spostate in antivirus e sicurezza ... grazie
penso di essermi fatto un idea ... c'e' qualche spyware o virus che agisce sulle porte "standard" di emule ? perke' io le ho cambiate da un pezzo ... e quelle vecchie erano appunto 4662 e 4672
ora cmq ho bloccato le 2 porte ...
edit ... anche con le due porte bloccate mi cade la linea ... pero' il registro non ha piu' quei pacchetti mandati via 4662 e 4672 ... ora non ha piu' nessun avvenimento pero' continua a cadere ...
Sat, 2005-07-30 20:38:23 - TCP Packet - Source:82.59.64.26,4891 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:23 - TCP Packet - Source:151.46.41.181,3660 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:23 - TCP Packet - Source:82.54.243.214,1914 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:24 - TCP Packet - Source:172.211.216.159,2586 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:31 - TCP Packet - Source:81.211.250.92,4218 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:31 - TCP Packet - Source:82.52.175.109,2911 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:31 - TCP Packet - Source:82.49.121.101,4177 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:32 - TCP Packet - Source:201.17.14.165,2270 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:32 - TCP Packet - Source:84.222.141.115,4027 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:33 - TCP Packet - Source:151.46.52.31,4259 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:33 - TCP Packet - Source:81.211.235.217,1878 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:34 - TCP Packet - Source:82.65.52.245,3239 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:34 - TCP Packet - Source:151.41.240.32,4659 Destination:xxx.xx.xx.xxx,4662 - [DOS]
Sat, 2005-07-30 20:38:34 - TCP Packet - Source:82.52.125.181,4815 Destination:xxx.xx.xx.xxx,4662 - [DOS]
questi sono i pacchetti ... xxx.xx.xx.xxx è il mio ip ( ovviamente l'ho nascosto -.- ) ... la source son tutti ip che non conosco ... qualcuno puo' aiutarmi plz ?
anzi ... spostate in antivirus e sicurezza ... grazie
penso di essermi fatto un idea ... c'e' qualche spyware o virus che agisce sulle porte "standard" di emule ? perke' io le ho cambiate da un pezzo ... e quelle vecchie erano appunto 4662 e 4672
Garmr
30-07-2005, 21:57
continuo a ricevere pacchetti su 4672 e 4662 ... quando accendo emule la connex cade ... quando non lo accendo non cade ... ma continuo cmq a ricevere sti caxx di pacchetti
Garmr
30-07-2005, 22:15
Sat, 2005-07-30 21:14:05 - UDP Packet - Source:84.140.132.169,6346 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:05 - UDP Packet - Source:84.162.234.178,6346 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:06 - UDP Packet - Source:62.194.30.104,6346 Destination:151.42.103.191,6346 - [DOS]
Sat, 2005-07-30 21:14:06 - UDP Packet - Source:82.254.128.65,14197 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:06 - UDP Packet - Source:85.136.119.50,6346 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:06 - UDP Packet - Source:24.21.173.64,44021 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:06 - UDP Packet - Source:200.226.29.155,6346 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:08 - UDP Packet - Source:83.198.199.207,6346 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:08 - UDP Packet - Source:172.207.114.146,1060 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:08 - UDP Packet - Source:80.200.235.141,10001 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
sto bastardo ha cambiato porta ... la 6346 era destinata a shareaza prima ... ma ho appena formattato ... e shareaza non l'ho mai installato col nuovo OS ... cosa sta succedendo ? esistono virus per routerS?
sto facendo scan per netsky che ho visto ora il thread del virus p2p ..
da 5 minuti non ricevo piu' nessun pacchetto ... non ho finito lo scan di netsky ... ho solo eliminato un file di installazione di uno script di mirc ... pero' continuo a cadere . . .
raga ma nessuno sa niente qua ?
in attesa che l'antivir on-line finisca ho terminato un prog che cominciava con PD*.exe ... non ricevo piu' pacchetti ... ho provato a cercare file simili ma viene fuori solo roba del Raxco ... cominciano tutti con PD*.exe ... ce n'è uno su system con PDboot.exe e uno identico nella cartella di Raxco ma han gli stessi byte di dimensione ... e cmq mi si sconnette ancora -.-
Sat, 2005-07-30 21:14:05 - UDP Packet - Source:84.162.234.178,6346 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:06 - UDP Packet - Source:62.194.30.104,6346 Destination:151.42.103.191,6346 - [DOS]
Sat, 2005-07-30 21:14:06 - UDP Packet - Source:82.254.128.65,14197 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:06 - UDP Packet - Source:85.136.119.50,6346 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:06 - UDP Packet - Source:24.21.173.64,44021 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:06 - UDP Packet - Source:200.226.29.155,6346 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:08 - UDP Packet - Source:83.198.199.207,6346 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:08 - UDP Packet - Source:172.207.114.146,1060 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
Sat, 2005-07-30 21:14:08 - UDP Packet - Source:80.200.235.141,10001 Destination:xxx.xx.xxx.xxx,6346 - [DOS]
sto bastardo ha cambiato porta ... la 6346 era destinata a shareaza prima ... ma ho appena formattato ... e shareaza non l'ho mai installato col nuovo OS ... cosa sta succedendo ? esistono virus per routerS?
sto facendo scan per netsky che ho visto ora il thread del virus p2p ..
da 5 minuti non ricevo piu' nessun pacchetto ... non ho finito lo scan di netsky ... ho solo eliminato un file di installazione di uno script di mirc ... pero' continuo a cadere . . .
raga ma nessuno sa niente qua ?
in attesa che l'antivir on-line finisca ho terminato un prog che cominciava con PD*.exe ... non ricevo piu' pacchetti ... ho provato a cercare file simili ma viene fuori solo roba del Raxco ... cominciano tutti con PD*.exe ... ce n'è uno su system con PDboot.exe e uno identico nella cartella di Raxco ma han gli stessi byte di dimensione ... e cmq mi si sconnette ancora -.-
Garmr
30-07-2005, 23:24
Logfile of HijackThis v1.99.1
Scan saved at 0.21.22, on 31/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
C:\Programmi\NetMeter\NetMeter.exe
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
C:\Programmi\Hotmail Popper\hotpop.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Winamp\winamp.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\DOCUMENTS AND SETTINGS\VANALUND\DESKTOP\HijackThis1991.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: McAfee Privacy Service - {cc4b2ee5-4803-11d7-8a38-00b0d0c6b814} - C:\Programmi\McAfee\McAfee Privacy Service\GDIEHELP.DLL (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\System32\pmxinit.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmi\D-Tools\daemon.exe" -lang 1033 -noicon -lock
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [LogonStudio] "C:\Programmi\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [McAfee Guardian] "C:\Programmi\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKCU\..\Run: [McAfee QuickClean Imonitor] C:\Programmi\McAfee\McAfee QuickClean\Plguni.exe /START
O4 - HKCU\..\Run: [C:\Programmi\NetMeter\NetMeter.exe] C:\Programmi\NetMeter\NetMeter.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Hotmail Popper.lnk = C:\Programmi\Hotmail Popper\hotpop.exe
O4 - Startup: Miranda IM 0.4.0.1.lnk = C:\Programmi\Miranda IM\miranda32.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Privacy Bar - {cc4b2ee5-4803-11d7-8a38-00b0d0c6b814} - C:\Programmi\McAfee\McAfee Privacy Service\GDIEHELP.DLL (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1122064650092
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\WINDOWS\system32\iprepair.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDSched.exe
questo è il log di hijackthis
Scan saved at 0.21.22, on 31/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
C:\Programmi\NetMeter\NetMeter.exe
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
C:\Programmi\Hotmail Popper\hotpop.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Winamp\winamp.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\DOCUMENTS AND SETTINGS\VANALUND\DESKTOP\HijackThis1991.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: McAfee Privacy Service - {cc4b2ee5-4803-11d7-8a38-00b0d0c6b814} - C:\Programmi\McAfee\McAfee Privacy Service\GDIEHELP.DLL (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\System32\pmxinit.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmi\D-Tools\daemon.exe" -lang 1033 -noicon -lock
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [LogonStudio] "C:\Programmi\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [McAfee Guardian] "C:\Programmi\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKCU\..\Run: [McAfee QuickClean Imonitor] C:\Programmi\McAfee\McAfee QuickClean\Plguni.exe /START
O4 - HKCU\..\Run: [C:\Programmi\NetMeter\NetMeter.exe] C:\Programmi\NetMeter\NetMeter.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Hotmail Popper.lnk = C:\Programmi\Hotmail Popper\hotpop.exe
O4 - Startup: Miranda IM 0.4.0.1.lnk = C:\Programmi\Miranda IM\miranda32.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Privacy Bar - {cc4b2ee5-4803-11d7-8a38-00b0d0c6b814} - C:\Programmi\McAfee\McAfee Privacy Service\GDIEHELP.DLL (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1122064650092
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\WINDOWS\system32\iprepair.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDSched.exe
questo è il log di hijackthis
Garmr
30-07-2005, 23:38
qualcuno si puo' degnare di aiutarmi plz ? non so che fare ... ho scannato tutto e non trova nulla ...
vBulletin® v3.6.4, Copyright ©2000-2025, Jelsoft Enterprises Ltd.