|
|||||||
|
|
|
 |
|
|
Strumenti |
09-07-2006, 10:22
|
#2741 |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
accedendo alla rete senza antivirus e firewall non devi aspettarti altro
 il log è pulito |
|
|
|
09-07-2006, 11:57
|
#2742 |
|
Senior Member
Iscritto dal: Aug 2002
Messaggi: 1686
|
bhe, quanto meno non ho tutte le schifezze di winzoz caricate... il punto e' questo... su altri pc da anni che nn prendo virus...quindi la tua tesi fa un po ridere....
tornando al topic visto lo screen nessun aiuto ? |
|
|
|
|
09-07-2006, 12:12
|
#2743 | ||
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
 Quote:
|
||
|
|
|
|
09-07-2006, 13:03
|
#2744 |
|
Senior Member
Iscritto dal: Aug 2002
Messaggi: 1686
|
fai una ricerca di xrc.exe e poi sappimi dire cosa trovi.... ho 37 anni credo che di esperienza di pc ne ho un po piu' dite...
sei uscito ancora fuori topic.... 
|
|
|
|
|
09-07-2006, 13:19
|
#2745 |
|
Senior Member
Iscritto dal: May 2005
Città: Palermo
Messaggi: 6390
|
Queste 2 voci vanno fixate:
R3 - Default URLSearchHook is missing O2 - BHO: Class - {1687C817-942F-BCD7-D874-16BB30CD9416} - C:\WINDOWS\pcrsg1.dll (file missing) Per quanto riguarda quel servizio mostrato nel tuo link puoi tentare di eliminarlo cosi: start>esegui>sc stop SrvDzw>OK start>esegui>sc delete SrvDzw>OK Magari segui anche le indicazioni di questo thread: http://www.hwupgrade.it/forum/showthread.php?t=1142673 |
|
|
|
|
09-07-2006, 13:34
|
#2746 |
|
Senior Member
Iscritto dal: Aug 2002
Messaggi: 1686
|
molte grazie ando,seguiro' il tuo consiglio.
|
|
|
|
|
09-07-2006, 14:06
|
#2747 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
prova a vedere se ha relazioni di dipendenza con qualche altro servizio(secondo me il rilevamento hardware shell)poi vedi con process explorer su quali file s'appoggia per avviarsi Ultima modifica di juninho85 : 09-07-2006 alle 14:33. |
|
|
|
|
|
09-07-2006, 15:05
|
#2748 |
|
Member
Iscritto dal: Jun 2005
Messaggi: 60
|
Urgente aiutatemi per favore.....
Logfile of HijackThis v1.99.1
Scan saved at 12.28.15, on 09/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Main_User\Documenti\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.it/ O17 - HKLM\System\CCS\Services\Tcpip\..\{A1CBEC8F-1957-40FD-B930-40D09458949F}: NameServer = 83.224.65.134 83.224.66.134 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe Questo è il log di Hijackthis, considerate che ieri disperato l'ho avviato ho fixato tutte le voci, risultato ho rimosso tutto anche cose utili ma alla fine quel fastidiosissimo problema è rimasto... Mi si aprono tantissime finestre di guide in linea, anche quando mando in scansione l'antivirus al termine non mi fa cliccare su azione poichè si aprono queste maledette finestre. L'avvio del Pc è lentissimo.... aiutatemi per favore il pc mi occorre per il mio piccolo che non sta bene... Vi prego 
|
|
|
|
|
09-07-2006, 15:09
|
#2749 |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
hai provato a dare una ripulita con ewido 4.0?
|
|
|
|
|
09-07-2006, 15:44
|
#2750 | |
|
Member
Iscritto dal: Jun 2005
Messaggi: 60
|
Quote:
Scaricato, installato, ora provo a fare uno scanning e ti informo, grazie davvero |
|
|
|
|
|
09-07-2006, 16:28
|
#2751 |
|
Member
Iscritto dal: Jun 2005
Messaggi: 60
|
Niente da fare, il pc è sempre lentissimo in avvio e continua a sparare decine di finestre di "guida in linea". Non so cosa altro fare, credo occorra un buon antivirus, il mio avast pro è impotente 
|
|
|
|
|
09-07-2006, 16:46
|
#2752 | |
|
Member
Iscritto dal: Dec 2005
Città: Verona
Messaggi: 266
|
Quote:
__________________
"La teoria è quando si sa tutto ma non funziona niente. La pratica è quando funziona tutto ma non si sa il perché. In ogni caso si finisce sempre con il coniugare la teoria con la pratica: non funziona niente e non si sa il perché". Albert Einstein |
|
|
|
|
|
10-07-2006, 13:43
|
#2753 |
|
Junior Member
Iscritto dal: Jul 2006
Messaggi: 7
|
Il mio pc è stato infettato dal virus Win32:agent-gen come devo fare per mandarlo via?
questo è il log, cosa dovrei eliminare? Logfile of HijackThis v1.99.1 Scan saved at 14.42.38, on 10/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\vsnpstd.exe C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\TRUST\Bluetooth Software\bin\btwdins.exe C:\Programmi\Softwin\BitDefender8\bdnagent.exe C:\VEXPLITE\MONLITE.EXE C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Macrogaming\SweetIM\SweetIM.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\TRUST\Bluetooth Software\BTTray.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\Programmi\StopDialers\StopDialer.exe C:\VEXPLITE\viritsvc.exe C:\Programmi\File comuni\Softwin\BitDefender Communicator\xcommsvr.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\Programmi\Internet Explorer\iexplore.exe C:\WINDOWS\system32\devldr32.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\File comuni\Softwin\BitDefender Scan Server\bdss.exe c:\programmi\softwin\bitdefender8\bdmcon.exe C:\HijackThis.exe R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Class - {1A06B321-9911-88C0-89F1-281F7413084A} - C:\WINDOWS\hyqtt1.dll (file missing) O2 - BHO: Class - {5C7E26C2-BE3E-425E-31C5-143161E782D7} - C:\WINDOWS\hyqtt1.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [BDMCon] "C:\Programmi\Softwin\BitDefender8\bdmcon.exe" O4 - HKLM\..\Run: [BDNewsAgent] "C:\Programmi\Softwin\BitDefender8\bdnagent.exe" O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE O4 - HKLM\..\Run: [vmcw2.exe] C:\WINDOWS\Temp\vmcw2.exe O4 - HKLM\..\Run: [vmcw1.exe] C:\WINDOWS\Temp\vmcw1.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SweetIM] C:\Programmi\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] ~"C:\Programmi\MSN Messenger\msnmsgr.exe" /background O4 - Startup: C6 Messenger.lnk = C:\Programmi\C6 Messenger\c6Messenger.exe O4 - Startup: Stop Dialers.lnk = C:\Programmi\StopDialers\StopDialer.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Stop Dialers.lnk = C:\Programmi\StopDialers\StopDialer.exe O8 - Extra context menu item: &Cerca con Google - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Traduci parola in italiano - res://C:\Programmi\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\TRUST\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Link a ritroso - res://C:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pagine simili - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Versione cache della pagina - res://C:\Programmi\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\TRUST\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\TRUST\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{4BB49E12-5953-4147-B9F2-92EE7B60C8B1}: NameServer = 193.70.192.25 193.70.152.25 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programmi\File comuni\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmi\TRUST\Bluetooth Software\bin\btwdins.exe O23 - Service: UpdZqs - Unknown owner - C:\Programmi\File comuni\Microsoft Shared\XVy.exe O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Programmi\File comuni\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) |
|
|
|
|
10-07-2006, 14:00
|
#2754 |
|
Senior Member
Iscritto dal: May 2001
Messaggi: 293
|
cosa devo fixare !?.... Grazie
Logfile of HijackThis v1.99.1 Scan saved at 14.58.23, on 10/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programmi\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\ewido anti-spyware 4.0\ewido.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\SkypeMate\SkypeMate.exe C:\Programmi\Skype\Phone\Skype.exe C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Programmi\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\Programmi\ATI Technologies\ATI.ACE\cli.exe C:\Programmi\ATI Technologies\ATI.ACE\cli.exe C:\DOCUME~1\DEBORT~1\IMPOST~1\Temp\Directory temporanea 3 per hijackthis_199.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Class - {2D51C885-A4AD-09B8-0E69-64EA4406F41E} - C:\WINDOWS\pkywq1.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [susbtv] subst v: c:\vemarnew O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [!ewido] "C:\Programmi\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [SkypeMate] C:\Programmi\SkypeMate\SkypeMate.exe O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{DE50B7A0-D0D0-4D9C-9109-146D6A811909}: NameServer = 62.94.0.1,62.94.0.2 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe
__________________
Case Thermatake Swing + Xilence 500 W... MB ASUS A8N-E chipset NV4 ultra... AMD Athlon 64 3200+ 2 GB (4x512 Mb) DDR400, HD SATA Maxtor 120 Gb , Scheda Video GeForce GT 240 1Gb, scheda Pinnacle DV-IN, DVD LG Nero, WXP Pro. SP2. Samsung LCD 17" SM730BF |
|
|
|
|
10-07-2006, 14:32
|
#2756 |
|
Senior Member
Iscritto dal: May 2005
Città: Palermo
Messaggi: 6390
|
montellina87 fixa:
R3 - Default URLSearchHook is missing O2 - BHO: Class - {1A06B321-9911-88C0-89F1-281F7413084A} - C:\WINDOWS\hyqtt1.dll (file missing) O2 - BHO: Class - {5C7E26C2-BE3E-425E-31C5-143161E782D7} - C:\WINDOWS\hyqtt1.dll (file missing) O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [vmcw2.exe] C:\WINDOWS\Temp\vmcw2.exe O4 - HKLM\..\Run: [vmcw1.exe] C:\WINDOWS\Temp\vmcw1.exe O23 - Service: UpdZqs - Unknown owner - C:\Programmi\File comuni\Microsoft Shared\XVy.exe marcojeep fixa: R3 - Default URLSearchHook is missing O2 - BHO: Class - {2D51C885-A4AD-09B8-0E69-64EA4406F41E} - C:\WINDOWS\pkywq1.dll (file missing) O4 - HKLM\..\Run: [susbtv] subst v: c:\vemarnew Ultima modifica di andorra24 : 10-07-2006 alle 14:34. |
|
|
|
|
12-07-2006, 15:40
|
#2757 |
|
Bannato
Iscritto dal: Feb 2006
Messaggi: 22
|
Aiutatemi!!!
Salve, ho gravi propremi di memoria da un paio di giorni....mi si esaurisce la memoria pag...vi posto il log....vi scongiuro........
Logfile of HijackThis v1.99.1 Scan saved at 16.39.27, on 12/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe C:\Programmi\Analog Devices\SoundMAX\Smax4.exe C:\Programmi\RAMpage\RAMpage.exe C:\WINDOWS\system32\rundll32.exe C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe C:\Programmi\WIDCOMM\Bluetooth Software\BTTray.exe C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\ZoneLabs\isafe.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\WINDOWS\system32\taskmgr.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Documents and Settings\Peppejam\Documenti\eMule download\hijackthis_199\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Programmi\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [RAMpage] "C:\Programmi\RAMpage\RAMpage.exe" U=2 M=30 T=4 LW P="C:\Programmi\RAMpage\RAMpageConfig.exe" O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Programmi\Aethra\ADSL EB1070 USB\CnxTrApp.dll",AppEntry -REG "Aethra\ADSL EB1070 USB" O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Post-it® Software Notes.lnk = C:\Programmi\3M\PSNotes\psn.exe O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe .......vi prego...... |
|
|
|
|
12-07-2006, 15:45
|
#2758 |
|
Bannato
Iscritto dal: Feb 2006
Messaggi: 22
|
aspetto con ansia.... zlclient.exe che sarebbe Zone alarm firewall usa una memoria sempre più grande fino a 200.000 KB e più...prima non succedeva....questo mi blocca tutto il pc....cosa può essere? magari dal log si può notare qualche virus o programma schiffoso!
|
|
|
|
|
12-07-2006, 19:22
|
#2760 |
|
Bannato
Iscritto dal: Feb 2006
Messaggi: 22
|
si certo ma dopo aver eliminato alcuni che pensavo infetti non è cambiato nulla....
|
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 10:36.
