|
|||||||
|
|
|
 |
|
|
Strumenti |
22-08-2006, 10:27
|
#3121 |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
...linkoptimizer ha colpito ancora
|
|
|
|
22-08-2006, 10:36
|
#3122 | |
|
Senior Member
Iscritto dal: Sep 2004
Città: Vittorio Veneto TV
Messaggi: 444
|
Quote:
non so se ti sei rivolto a me, ma ci ho impiegato mezz'ora x caricare su imageshack l'immagine di esplora risorse, ma questa volta il link non funzionava, allora ho dovuto tagliare lo screen una ventina di volte x portarlo alla dimensione inferiore ai 25 KB. OT c'è nel forum una guida ke insegna come ridurre le dimensioni dei KB. ma ke resti lo stesso grande in risoluzione??? tipo 800 x 600. grazie!!
__________________
valter ------------------- |
|
|
|
|
|
22-08-2006, 10:44
|
#3123 | |
|
Junior Member
Iscritto dal: Jun 2005
Messaggi: 22
|
c:\winnt\U2VyZ2lvIFNpcmFnbmE\command.exe
buongiorno a tutti
 sto cercando di disinfestare una macchina con wink2; non ho idea di quanto sia aggiornato il so (la macchina non e' mia); sono riuscita a rimuovere buona parte delle schifezze, ma ce n'e' una che sembra immune a tutto ogni volta che riavvio, crea un file nuovo che pero' riesco agevolmente a cancellare; solo command.exe e asapsprv.dll presenti nella stessa cartella non sono cancellabili cosi' come non lo e' la directory che li contiene, ovviamente; ho provato anche a cancellarlo in modalita' provvisoria, ma non c'e' stato verso; in un thread del forum ho trovato segnalato il programma cureit.exe: volevo sapere se c'erano cose particolari da sapere prima di farlo girare (a parte farlo in modalita' provvisoria, intendo) ulteriore problema comparso - secondo il proprietario - da poco: Quote:
ho fatto la scansione con hijackthis, vi posto il log: Logfile of HijackThis v1.99.1 Scan saved at 9.51.07, on 22/08/2006 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\U2VyZ2lvIFNpcmFnbmE\command.exe C:\WINNT\System32\svchost.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\Norton AntiVirus\navapsvc.exe C:\PROGRA~1\Alice\ALICEE~1\app\pppoeservice.exe C:\Programmi\Norton AntiVirus\SAVScan.exe C:\WINNT\system32\MSTask.exe C:\VEXPLITE\viritsvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\Programmi\RealVNC\VNC4\WinVNC4.exe C:\WINNT\system32\rundll32.exe C:\WINNT\Explorer.exe C:\WINNT\system32\msjava.exe C:\WINNT\system32\igfxtray.exe C:\WINNT\system32\hkcmd.exe C:\WINNT\system32\igfxpers.exe C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\VEXPLITE\MONLITE.EXE C:\WINNT\system32\ctfmon.exe C:\VEXPLITE\VIRITEXP.EXE C:\Documents and Settings\Sergio Siragna\Desktop\morena\hijackthis\HijackThis.exe F2 - REG:system.ini: Shell=Explorer.exe msjava.exe F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,msjava.exe O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINNT\system32\igfxpers.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [sys33] Sys33.exe O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programmi\File comuni\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE O4 - HKLM\..\Run: [newname] C:\\nwnmc_2.exe O4 - HKLM\..\Run: [webHancer Survey Companion] C:\Programmi\webHancer\Programs\whsurvey.exe O4 - HKLM\..\Run: [keyboard] C:\\kybrdc_2.exe O4 - HKLM\..\Run: [ewr7d71d] RUNDLL32.EXE w003eaaf.dll,n 0017d71c0000000a003eaaf O4 - HKLM\..\RunServices: [sys33] Sys33.exe O4 - HKLM\..\RunServices: [Ms Java for Windows NT] msjava.exe O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe O4 - HKCU\..\Run: [ntdll.dll] ctfmon.exe O4 - HKCU\..\RunServices: [Ms Java for Windows NT] msjava.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O20 - Winlogon Notify: H323TSP - C:\WINNT\system32\e820lifm182a.dll O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxdev.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\U2VyZ2lvIFNpcmFnbmE\command.exe O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - C:\PROGRA~1\Alice\ALICEE~1\app\pppoeservice.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe O23 - Service: Microsoft Windows Spooler Service (Windows Spooler Service) - Unknown owner - C:\WINNT\services.exe (file missing) O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Programmi\RealVNC\VNC4\WinVNC4.exe" -service (file missing) grazie a chiunque mi possa dare una mano |
|
|
|
|
|
22-08-2006, 11:53
|
#3124 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
22-08-2006, 11:55
|
#3125 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
22-08-2006, 13:29
|
#3126 | |
|
Senior Member
Iscritto dal: Sep 2004
Città: Vittorio Veneto TV
Messaggi: 444
|
Quote:
ho provato leggere le istruzioni nel 3D ufficiale di questo bestiale linkoptimizer ma mi sono sembrate molto difficili e complicate. Ho cominciato ad eliminare un centinaio di file collegati, nelle cartelle Temp e Tmp, ma credo sia fatica sprecata se non si fanno tutti i procedimenti in maniera cronologica. in start>esegui>services.msc ho trovato due servizi ke nella colonna "connessione" riportavano il nome dei due account: ho provato disabilitarli ma mi è stato impedito l'accesso. Speriamo ke l'ottimo  MOD. Eraser trovi presto una soluzione semplificata, xkè mi sembra di aver letto un'art. in HWup ke si stia verificando un'infezione molto pericolosa a livello mondiale.  bye 
__________________
valter ------------------- |
|
|
|
|
|
22-08-2006, 13:32
|
#3127 | ||
|
Junior Member
Iscritto dal: Jun 2005
Messaggi: 22
|
Quote:
questo invece: Quote:
 domanda: qual'e' la peggior cosa che puo' succedere se io riavvio usando un dischetto di win98 e cancello i files e la directory a mano? Ultima modifica di rebelia : 22-08-2006 alle 13:58. |
||
|
|
|
|
22-08-2006, 14:30
|
#3128 |
|
Member
Iscritto dal: Aug 2006
Messaggi: 53
|
Salve, come ultimo tentivo di rimettere in piedi la mia connessione internet dopo averle provate tutte, mi limito a postare il mio log di hijackthis.
Spero che qualcuno mi possa aiutare: Logfile of HijackThis v1.99.1 Scan saved at 15.20.22, on 22/08/2006 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINNT\system32\CTsvcCDA.EXE C:\WINNT\System32\svchost.exe C:\Programmi\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\tcpsvcs.exe C:\WINNT\System32\snmp.exe C:\WINNT\system32\ZONELABS\vsmon.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\MsPMSPSv.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\inetsrv\inetinfo.exe C:\WINNT\Explorer.EXE C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\WINNT\system32\devldr32.exe C:\Programmi\Creative\SBLive2k\AudioHQ\AHQTB.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\Creative\SBLive2k\RemoteCenter\Rc\RcMan.EXE C:\Programmi\File comuni\Real\Update_OB\realsched.exe E:\Programmi\Google\Gmail Notifier\gnotify.exe C:\Programmi\iTunes\iTunesHelper.exe C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe C:\Programmi\Logitech\Video\LogiTray.exe C:\Programmi\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Programmi\iPod\bin\iPodService.exe C:\Programmi\Nikon\PictureProject\NkbMonitor.exe C:\Programmi\Creative\SBLive2k\RemoteCenter\Rc\OSDMenu.EXE C:\U.S.R.TurboGWLAN\USRWLANG.exe C:\Programmi\Creative\SBLive2k\RemoteCenter\Rc\EAX.exe C:\Programmi\Creative\SBLive2k\RemoteCenter\Center\RCenter.exe C:\Programmi\Creative\ShareDLL\MediaDet.Exe C:\WINNT\system32\LVComsX.exe C:\Programmi\Logitech\Video\FxSvr2.exe C:\Programmi\eMule\emule.exe C:\WINNT\system32\ctfmon.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\WINNT\system32\MDM.EXE C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\Rar$EX00.484\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eurocom.it/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll (file missing) O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [RemoteCenter] C:\Programmi\Creative\SBLive2k\RemoteCenter\Rc\RcMan.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINNT\Updreg.exe O4 - HKLM\..\Run: [AudioHQ] C:\Programmi\Creative\SBLive2k\AudioHQ\AHQTB.EXE O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] E:\Programmi\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmi\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmi\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [ViewMgr] C:\Programmi\Viewpoint\Viewpoint Manager\ViewMgr.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmi\Logitech\Video\ManifestEngine.exe boot O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programmi\Nikon\PictureProject\NkbMonitor.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: U.S. Robotics 802.11g Wireless Network Utility.lnk = C:\U.S.R.TurboGWLAN\USRWLANG.exe O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Google Search - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Programmi\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Download with GetRight - C:\Programmi\GetRight\GRdownload.htm O8 - Extra context menu item: Open with GetRight Browser - C:\Programmi\GetRight\GRbrowse.htm O8 - Extra context menu item: Si&milar Pages - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://C:\Programmi\Google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: Crea preferiti portatile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{1503E454-9EA8-4519-9293-FF4FC3A5E855}: NameServer = 192.168.1.254,212.216.112.112 O17 - HKLM\System\CS1\Services\Tcpip\..\{1503E454-9EA8-4519-9293-FF4FC3A5E855}: NameServer = 192.168.1.254,212.216.112.112 O17 - HKLM\System\CS2\Services\Tcpip\..\{1503E454-9EA8-4519-9293-FF4FC3A5E855}: NameServer = 192.168.1.254,212.216.112.112 O18 - Protocol: bw+0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {3F0F9238-7B96-46FF-BC05-099050480F09} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Adobe LM Service - Unknown owner - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\system32\CTsvcCDA.EXE O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: MySQL - Unknown owner - C:\Programmi\MySQL\MySQL.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZONELABS\vsmon.exe |
|
|
|
|
22-08-2006, 15:23
|
#3129 | |
|
Senior Member
Iscritto dal: Feb 2002
Città: Discovery
Messaggi: 34710
|
Quote:
__________________
Good afternoon, gentlemen, I'm a H.A.L. computer. |
|
|
|
|
|
22-08-2006, 18:45
|
#3130 | |
|
Junior Member
Iscritto dal: Jun 2005
Messaggi: 22
|
Quote:
per i posteri: ho cancellato il cancellabile, vuotato cestini e altro ho riavviato in modalita' provvisoria ho fatto partire services.msc da start -> esegui ho fatto tastodx -> proprieta' su ogni servizio presente ho trovato il colpevole e l'ho disattivato sono tornata in esplora risorse e l'ho cancellato altro giretto con virit e look2me destroyer cancellato di nuovo tutto il cancellabile riavviato in modalita' normale nuova scansione plurima per sicurezza, ma tutto sembra essersi risolto grazie a tutti, alla prossima 
|
|
|
|
|
|
22-08-2006, 19:46
|
#3131 |
|
Senior Member
Iscritto dal: Feb 2006
Città: Brescia
Messaggi: 507
|
sembra che nessuno abbia dato un occhiata al mio log vi chiedo per cortesia se notate qualkosa di strano...... il mio problema è che a volte programmi come explorer o servicelyaer utilizzano anche 400.000kb anche nn essendo da me utilizzati scaldandomi cosi il processore e ho paura di lasciare acceso il comp e friggere la cpu.....
Logfile of HijackThis v1.99.1 Scan saved at 21.16.23, on 21/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5296.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehRecvr.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\Eset\nod32kui.exe C:\WINDOWS\eHome\ehSched.exe C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programmi\ASUS\PC Probe II\Probe2.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\rundll32.exe C:\Programmi\MSN Messenger\MsnMsgr.Exe C:\progra~1\steam\steam.exe C:\Programmi\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programmi\CyberLink\Shared files\RichVideo.exe C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\eMule\emule.exe C:\WINDOWS\system32\cmd.exe C:\Programmi\FBM Software\ZeroSpyware\ZeroSpyware.exe C:\Programmi\Winamp\winamp.exe C:\Programmi\Eset\nod32.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Mattia\Documenti\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID} R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Programmi\DAP\DAPIEBar.dll O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Programmi\NVIDIA Corporation\nTune\\nTune.exe" clear O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Programmi\ASUS\PC Probe II\Probe2.exe" 1 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmi\CyberLink\PowerDVD\Language\Language.exe O4 - HKLM\..\Run: [ZSScheduler] rundll32.exe "C:\PROGRA~1\FBMSOF~1\ZEROSP~1\zsscheduler.dll", runScheduler C:\PROGRA~1\FBMSOF~1\ZEROSP~1\ O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Steam] "c:\progra~1\steam\steam.exe" -silent O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programmi\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://macinastoned.spaces.msn.com/...ad/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/res...can8/oscan8.cab O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://eu-housecall.trendmicro-euro...ivex/hcImpl.cab O16 - DPF: {71D444A8-3642-4727-A951-C9AE826BFB84} - http://td8eau9td.com/0b22c0cf/50310/1/xp/FreeAccess.ocx O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/active...free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/M...pDownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{84AAA03B-D8BD-4AA3-BDA0-5DB3B1774A97}: NameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{AA675FAE-B4F9-4C5F-92BA-9B17A73C5020}: NameServer = 192.168.2.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: zsnotify - C:\WINDOWS\SYSTEM32\zsnotify.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Imapfkinntap - Macrovision Corporation - (no file) O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared files\RichVideo.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe |
|
|
|
|
22-08-2006, 19:49
|
#3132 | |
|
Senior Member
Iscritto dal: Feb 2006
Messaggi: 642
|
Quote:
|
|
|
|
|
|
22-08-2006, 19:52
|
#3133 | |
|
Junior Member
Iscritto dal: Jun 2005
Messaggi: 22
|
Quote:
nel pannello dei servizi ci sono arrivata in modalita' provvisoria facendo start -> esegui -> services.msc |
|
|
|
|
|
22-08-2006, 20:10
|
#3134 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
22-08-2006, 20:40
|
#3135 |
|
Senior Member
Iscritto dal: Feb 2006
Messaggi: 642
|
Ho paura che i problemi di Macinastoned siano ben peggiori
O16 - DPF: {71D444A8-3642-4727-A951-C9AE826BFB84} -http://td8eau9td.com/0b22c0cf/50310/1/xp/FreeAccess.ocx vedi http://www.malwarelist.org/startup/scheda.asp?num=3153 |
|
|
|
|
22-08-2006, 22:20
|
#3136 |
|
Senior Member
Iscritto dal: Feb 2006
Città: Brescia
Messaggi: 507
|
bella li mi sono beccato uno malware e mo mi devo dare da fare a eliminarlo, mi puzzava infatti che avessi dei processi che skizzavano alle stelle senza usarli vedi iexplorer...
|
|
|
|
|
23-08-2006, 09:31
|
#3137 | |
|
Senior Member
Iscritto dal: Sep 2004
Città: Vittorio Veneto TV
Messaggi: 444
|
LINKOPTIMIZER ha colpito ancora!!!!
Quote:
Dopo aver trascorso l'intera giornata di ieri a leggermi i 3D relativi alla sicurezza, xkè qlc casino l'avevo fatto, e aspettando sempre ke MOD. ERASER posti una sua soluzione definitiva, con l'aiuto di lucas84, bReaKDoWn e un tool di Nod, devo aver debellato i due account fantasma ke mi apparivano sempre!!!  se avete strani sintomi leggetevi questo 3D: http://www.hwupgrade.it/forum/showth...1254788&page=3 
__________________
valter ------------------- Ultima modifica di ValterManetta : 24-08-2006 alle 14:50. |
|
|
|
|
|
24-08-2006, 11:42
|
#3138 |
|
Member
Iscritto dal: Mar 2006
Città: frosinone
Messaggi: 299
|
ragazzi ho un problema
ogni 7-8 ore mi si bloccano i browser e emule...mi funziona solo messenger....i browser sembrano ke siano sconnessi...mentre il pc è collegato....succede ogni 7-8 ore ....fisso....mi hanno consigliato di postare qui il mio file log di hijackthis ------------------------------------------------------------------------ Logfile of HijackThis v1.99.1 Scan saved at 12.39.50, on 24/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\File comuni\Symantec Shared\ccProxy.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxWatch.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDll32.exe C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\WINDOWS\system32\rundll32.exe C:\Programmi\Java\jre1.5.0_03\bin\jusched.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\Programmi\Java\jre1.5.0_03\bin\jucheck.exe C:\PROGRA~1\MSNMES~1\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\FirefoxPreloader\FirefoxPreloader.exe C:\Programmi\VIA\RAID\raid_tool.exe C:\Programmi\File comuni\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\Programmi\Mozilla Firefox\firefox.exe C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\Programmi\eMule\eMule.exe C:\Programmi\Windows Media Player\wmplayer.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Documents and Settings\si.ma\Impostazioni locali\Temp\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmi\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Programmi\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programmi\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Programmi\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Firefox Preloader.lnk = C:\Programmi\FirefoxPreloader\FirefoxPreloader.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Programmi\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\programmi\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Aggiungi all'elenco di stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Anteprima Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Backward Links - res://c:\programmi\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmi\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\programmi\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Stampa ad alta velocità Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Translate Page into English - res://c:\programmi\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2_07\bin\npjpi142_07.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2_07\bin\npjpi142_07.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{321A57C4-8335-4200-B03D-DAF848F53382}: NameServer = 193.70.152.15 193.70.152.25 O17 - HKLM\System\CS1\Services\Tcpip\..\{321A57C4-8335-4200-B03D-DAF848F53382}: NameServer = 193.70.152.15 193.70.152.25 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Programmi\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe |
|
|
|
|
24-08-2006, 16:16
|
#3139 |
|
Senior Member
Iscritto dal: May 2001
Città: Prov. di Alessandria
Messaggi: 1842
|
Ciao
Mi aggiungo ai log Ci sono 4 link che nn vanno bene, sono i primi 2, il 17 e il 23 con services ma anche se li elimino, quando riavvio dopo un po' me li ritrovo Logfile of HijackThis v1.99.1 Scan saved at 16.46.30, on 24/08/2006 Platform: Windows 2000 SP3 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINNT\System32\svchost.exe C:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe C:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\nvsvc32.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\Explorer.EXE C:\WINNT\System32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\Programmi\ASUS\WLAN Card Utilities\Center.exe C:\WINNT\system32\RunDLL32.exe C:\WINNT\system32\rundll32.exe C:\Programmi\Kerio\Personal Firewall 4\kpf4gui.exe C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\Programmi\Miranda IM\miranda32.exe C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\WINNT\system32\msiexec.exe C:\Programmi\File comuni\Softwin\BitDefender Communicator\xcommsvr.exe C:\Programmi\File comuni\Softwin\BitDefender Scan Server\bdss.exe C:\Programmi\Softwin\BitDefender8\bdmcon.exe C:\Programmi\Softwin\BitDefender8\bdnagent.exe D:\HackScan\HijackThis.exe R3 - Default URLSearchHook is missing O2 - BHO: Class - {AF35C38A-0357-9DB6-E8BD-BB20B49B12BB} - C:\WINNT\wlrab1.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O4 - HKLM\..\Run: [Control Center] C:\Programmi\ASUS\WLAN Card Utilities\Center.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [BDMCon] "C:\Programmi\Softwin\BitDefender8\bdmcon.exe" O4 - HKLM\..\Run: [BDNewsAgent] "C:\Programmi\Softwin\BitDefender8\bdnagent.exe" O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Download using Download &Express - file://D:\Download Express\Add_Url.htm O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1128447152027 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6701D5A5-BC37-4063-805E-7A9B3BB91AFA}: NameServer = 85.37.17.41 85.38.28.83 O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programmi\File comuni\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: LogQnh - Unknown owner - \\?\C:\Programmi\File comuni\System\com8.exe (file missing) O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe O23 - Service: P1ug and P1ay (P1ugP1ay) - Unknown owner - C:\WINNT\system\services.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Programmi\File comuni\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
__________________
PC1: p4 2400bus 800/ IC7 / 1GB ddr 400 / XFX 7600GT 256mb DDR3 / Maxtor 60gb /ali 400w/ Hitachi 174sxw PC2: p3 700 / BE6 / 512 sdr / POV MX2 400 /Quantum 20gb/Philips 107e/ alice 640 PC3: Acer TM292ELC Celeron M 1,3ghz / 256 ddr / Intel Extreme2 / Hd 40 gb / Combo DvD-CD / lcd 15" |
|
|
|
|
24-08-2006, 16:25
|
#3140 | |
|
Senior Member
Iscritto dal: Feb 2002
Città: Discovery
Messaggi: 34710
|
Quote:
l'r3 lo 02 e questo. O23 - Service: P1ug and P1ay (P1ugP1ay) - Unknown owner - C:\WINNT\system\services.exe (file missing) buttali.
__________________
Good afternoon, gentlemen, I'm a H.A.L. computer. |
|
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 18:29.
