|
|||||||
|
|
|
 |
|
|
Strumenti |
31-08-2006, 19:33
|
#3201 |
|
Senior Member
Iscritto dal: Jan 2006
Messaggi: 831
|
Ciao a tutti...
è da un po che qualche tipo di worm molto probabilmente LINKOPTIMIZER mi fa arrivare a più di 3GB il file di paginazione così da rendere inutilizzabile Windows dovendo riavviare per poi vedere ripetersi la cosa. Ho già cancellato con il tool di Eset: AGVPFIX tutti i file .exe di sola lettura in C:\Programmi\File comuni\System e in C:\Programmi\File comuni\Microsoft shared non ho trovato nessun .exe ma la cosa capita ancora ma più lentamente. Posto il log di HijackThis spero che qualcuno mi aiuti: Logfile of HijackThis v1.99.1 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\acs.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe C:\WINDOWS\system32\cisvc.exe C:\Programmi\Alias\Maya7.0\docs\wrapper.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe C:\Programmi\Alias\Maya7.0\docs\jre\bin\java.exe C:\Programmi\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programmi\Agnitum\Outpost Firewall\outpost.exe c:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\rundll32.exe C:\Programmi\Eset\nod32kui.exe C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe C:\Programmi\HP\hpcoretech\hpcmpmgr.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\iTunes\iTunesHelper.exe C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe C:\WINDOWS\system32\wuauclt.exe C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpqgalry.exe C:\Programmi\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Simonetti\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.html.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Programmi\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Outpost Firewall] C:\Programmi\Agnitum\Outpost Firewall\outpost.exe /waitservice O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Avvio rapido di HP Image Zone.lnk = C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ? O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Point&&Go - C:\Programmi\File comuni\Expert System\PGPlatform\PGPlatform.htm O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Edit with Altova X&MLSpy - C:\Programmi\Altova\XMLSpy2006\spy.htm O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm O8 - Extra context menu item: Scaricare usando &BitSpirit - C:\Programmi\BitSpirit\bsurl.htm O8 - Extra context menu item: Sothink SWF Catcher - C:\Programmi\File comuni\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Programmi\Altova\XMLSpy2006\spy.htm O9 - Extra 'Tools' menuitem: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Programmi\Altova\XMLSpy2006\spy.htm O9 - Extra button: Outpost Firewall Pro Regolazione rapida - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programmi\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Programmi\File comuni\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Programmi\File comuni\SourceTec\SWF Catcher\InternetExplorer.htm O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Maya 7.0 Documentation Server (maya70docserver) - Unknown owner - C:\Programmi\Alias\Maya7.0\docs\wrapper.exe O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Programmi\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Programmi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Programmi\Agnitum\Outpost Firewall\outpost.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe 
|
|
|
|
31-08-2006, 22:55
|
#3202 |
|
Senior Member
Iscritto dal: Jun 2005
Messaggi: 419
|
ciao ragazzi ho fatto la scansione del pc e mi ha rilasciato questo log
dicendomi che ci sono 2 applicazioni sospette esattamente le 17. ma come vado a riavviare il pc me le ritrovo. qualcuno può darmi una mano grazie in anticipo  Logfile of HijackThis v1.99.1 Scan saved at 16.26.03, on 31/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Eset\nod32krn.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe C:\Programmi\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe C:\Programmi\Eset\nod32kui.exe C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Programmi\Rainlendar\Rainlendar.exe C:\PROGRA~1\FILECO~1\Nokia\MPAPI\MPAPI3s.exe C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Mauro\Desktop\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Programmi\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe O4 - HKLM\..\Run: [nod32kui] C:\Programmi\Eset\nod32kui.exe /WAITSERVICE O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - Startup: Rainlendar.lnk = C:\Programmi\Rainlendar\Rainlendar.exe O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{12AF376B-91C1-4F66-A32E-9939E5EFA090}: NameServer = 212.48.4.15 62.211.69.150 O17 - HKLM\System\CS1\Services\Tcpip\..\{12AF376B-91C1-4F66-A32E-9939E5EFA090}: NameServer = 212.48.4.15 62.211.69.150 O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\system32\ImapiRox.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Programmi\Eset\nod32krn.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe |
|
|
|
|
31-08-2006, 23:32
|
#3203 | |
|
Senior Member
Iscritto dal: Oct 2001
Città: Lothlòrien
Messaggi: 4250
|
Quote:
Ever4ever
__________________
Il mio forum su hattrick e il fantacalcio - HattrickItalia Il mio Blog - La terra di Ever -------------------- "The truth is out there, somewhere between two fairytales". |
|
|
|
|
|
01-09-2006, 13:30
|
#3204 |
|
Junior Member
Iscritto dal: Sep 2006
Messaggi: 29
|
Salve a tutti,
ho un problema: quando apro il browser e nella barra degli indirizzi metto una path mi si apre il risultato di una ricerca fatta con il motore shabit.net. Ho provato vari tool, ma nessuno mi rileva virus. Vi posto il risultato di hijackthis con la speranza che qualcuno riesca ad aiutarmi. Ringrazio anticipatamente Logfile of HijackThis v1.99.1 Scan saved at 10.50.55, on 01/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\WINDOWS\Explorer.EXE C:\Programmi\PC Tools AntiVirus\PCTAVSvc.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\sm56hlpr.exe C:\Programmi\Synaptics\SynTP\SynTPLpr.exe C:\Programmi\Synaptics\SynTP\SynTPEnh.exe C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Programmi\Skype\Phone\Skype.exe C:\WINDOWS\System32\snmp.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\Programmi\PC Tools AntiVirus\ScanningProcess.exe C:\Documents and Settings\pasquale\Desktop\ewido_micro.exe C:\Programmi\a-squared Free\a2free.exe C:\Documents and Settings\pasquale\Desktop\download\sicurezza\HijackThis.exe R3 - Default URLSearchHook is missing O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Class - {B94F401C-56FA-4A94-CF2C-CA3F7CC86829} - C:\WINDOWS\rdbhl1.dll (file missing) O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Desktop Service] C:\Programmi\Free-Soft\Virtual Desktop\DesktopLoader.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{9325F1A2-322B-4A0F-8F25-DF6FCBBBF6A9}: NameServer = 213.140.2.12 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Programmi\QlikView\QvProtocol\qvp.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: openwork Manager - NET Sistemi - c:\openwork\lib\openworkman.exe O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - Unknown owner - C:\Programmi\PC Tools AntiVirus\PCTAVSvc.exe O23 - Service: Desktop (Service_Desktop) - Unknown owner - C:\Programmi\Free-Soft\Virtual Desktop\Desktop.exe Ho cercato di fixare R3 - Default URLSearchHook is missing O2 - BHO: Class - {B94F401C-56FA-4A94-CF2C-CA3F7CC86829} - C:\WINDOWS\rdbhl1.dll (file missing) ma quando poi rilancio HijackThis me li ritrovo! Altra info: ma O23 - Service: Desktop (Service_Desktop) - Unknown owner - C:\Programmi\Free-Soft\Virtual Desktop\Desktop.exe |
|
|
|
|
01-09-2006, 16:41
|
#3205 | ||
|
Member
Iscritto dal: Dec 2005
Città: Verona
Messaggi: 266
|
Quote:
Quote:
__________________
"La teoria è quando si sa tutto ma non funziona niente. La pratica è quando funziona tutto ma non si sa il perché. In ogni caso si finisce sempre con il coniugare la teoria con la pratica: non funziona niente e non si sa il perché". Albert Einstein |
||
|
|
|
|
01-09-2006, 18:04
|
#3206 | ||
|
Junior Member
Iscritto dal: Sep 2006
Messaggi: 29
|
Ciao mirko,
grazie per la risposta Ho già provato ma niente a fixare in mod prov, ma niente Quote:
Quote:
Special thank's |
||
|
|
|
|
01-09-2006, 18:36
|
#3207 |
|
Senior Member
Iscritto dal: Jun 2005
Messaggi: 419
|
grazie mille
|
|
|
|
|
01-09-2006, 19:26
|
#3208 |
|
Senior Member
Iscritto dal: May 2005
Città: Trieste
Messaggi: 3436
|
Ciao ragazzi! Che dite, devo dargli una ripulita?
Logfile of HijackThis v1.99.1 Scan saved at 20.25.56, on 01/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\ATI Technologies\ATI.ACE\cli.exe C:\Programmi\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe C:\WINDOWS\system32\fxredir.exe C:\Programmi\Canon\MultiPASS4\monitr32.exe C:\HP\KBD\KBD.EXE C:\Programmi\RocketDock\RocketDock.exe C:\Programmi\Skype\Phone\Skype.exe C:\Programmi\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\Programmi\Canon\MultiPASS4\MPSERVIC.EXE C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\Programmi\ATI Technologies\ATI.ACE\cli.exe C:\Programmi\ATI Technologies\ATI.ACE\cli.exe C:\Programmi\eMule\emule.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\Programmi\Logitech\SetPoint\SetPoint.exe C:\Programmi\File comuni\Logitech\KHAL\KHALMNPR.EXE C:\Programmi\MSN Messenger\msnmsgr.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\explorer.exe C:\Documents and Settings\Motomobile\Documenti\Bibo\Applicazioni di utilità\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/firefox R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [Yahoo! Widget Engine] C:\Programmi\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe O4 - HKLM\..\Run: [fxredir] C:\WINDOWS\system32\fxredir.exe O4 - HKLM\..\Run: [monitr32] C:\Programmi\Canon\MultiPASS4\monitr32.exe I O4 - HKLM\..\Run: [SetPoint] C:\Programmi\Logitech\SetPoint\SetPoint.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKCU\..\Run: [RocketDock] "C:\Programmi\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: MpService - Canon Inc - C:\Programmi\Canon\MultiPASS4\MPSERVIC.EXE O23 - Service: PACSPTISVR - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe ciauzz
__________________
CASE: Antec Solo II | MOBO: Asus Sabertooth Z87 | CPU: Intel i7 4790K | COOLER: Noctua NH-D15 | RAM: G Skill 16Gb | GPU: nVidia GTX-1070 G1 | ROUTER: AVM7530 PSU: Seasonic P520 | AUDIO: Asus STX II | STORAGE: HDD ST2000DM001 + SSD 850 PRO 512Gb + DVDRAM LG GH24NS50 | LCD: Sony SDM-X72 | TV: Sony 32W4000 AMP: Marantz PM-KI Pearl | SPKR: Vienna Mozart Grand | DAC: Yulong DA8 | CABLE: WW Electra Platinum - Tasker C276 & RG59 BU - Chord Clearway Analogue
|
|
|
|
|
01-09-2006, 19:41
|
#3209 |
|
Senior Member
Iscritto dal: May 2005
Città: Palermo
Messaggi: 6390
|
plata il tuo log e' pulito.
|
|
|
|
|
02-09-2006, 14:59
|
#3210 |
|
Junior Member
Iscritto dal: May 2006
Messaggi: 6
|
Salve a tutti!...Vi scrivo perchè oggi nel mio computer ho riscontrato un piccolo problema per niente simpatico!...Mi spiego!..Premetto che come sistema operativo ho win xp pro e come antivirus Avast. Da un paio di giorni notavo nella barra delle applicazioni vicino all'orologio una strana icona che a volte stava accesa anche delle ore...se posizionavo il muose sopra diceva che era l'icona della scansione delle email (notare che email ne nn partivano ne nn arrivavano). Oggi ho alzato la protezione di avast su elevata e con grande stupore mi sono ritrovato decine e decine di finestre con scritto:
"MESSAGGIO SOSPETTO" "troppi identici messaggi inviati nel tempo prestabilito" nel riquadro sottostante ivece erano riportate le informazioni del mittente e del destinatario con indirizzi di posta stranissimi e mai visti prima! Dato le troppe finestre aperte da avast sono stato costretto ad interrompere l'azione del provaider, successivamente ho analizzato il sistema con avast ma purtroppo nulla di fatto infatti non era cambiato nulla, allora sono passato ad spy boat s&d che mi ha eliminato alcuni file sospetti e rieseguendo la scansione addiritura mi faceva i complimeti per avere il computer totalmente ""disinfettato""!...Pensavo che il tutto sarebbe andato a posto e invece no infatti ancora una volta il problema è saltato fuori!Ho provato a scaricare un programma specializzato nell'eliminazione di trojan ma pure questo è stato inutile! Ho formattato e reinstallato windows e neppure questo è servito a nulla!!! Ora sono nelle vostre mani in internet e nel forum non ho trovato nulla al riguardo, vi prego aiutatemi!e' un trojan??...ci ho preso o è un'altro tipo di virus??...Penso che il tutto derivi da qualche cartella temporanea presente in documents and settings....Cosa posso fare???...Vi prego scrivete sono dispertao! Grazie in anticipo per la vostra disponibilità e scusate per il lungo monologo!! Ciao a tutti! Tenu |
|
|
|
|
02-09-2006, 15:04
|
#3211 |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
fai prima ad aprire un thread....qui se vuoi possiamo analizzarti il log creato da questo programma
|
|
|
|
|
02-09-2006, 15:06
|
#3212 |
|
Senior Member
Iscritto dal: Oct 2004
Città: Milano
Messaggi: 2641
|
Perchè non hai postato il log di hijackthis...
 Se vuoi un aiuto serve quello
__________________
FOXYLADY è un MASCHIO!! Un amico è una persona che sa tutto di te e nonostante questo gli piaci |
|
|
|
|
02-09-2006, 17:05
|
#3213 |
|
Senior Member
Iscritto dal: Oct 2005
Città: San Lazzaro di Savena
Messaggi: 419
|
ciao a tutti!
Mi potete controllare il log!!!! please. eccolo: Logfile of HijackThis v1.99.1 Scan saved at 18.04.34, on 02/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\WINDOWS\system32\hphmon04.exe C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Programmi\Java\jre1.5.0_08\bin\jusched.exe C:\Programmi\Windows Defender\MSASCui.exe C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\Programmi\iTunes\iTunesHelper.exe C:\Programmi\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Microsoft ActiveSync\WCESCOMM.EXE C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Programmi\ewido anti-spyware 4.0\guard.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Programmi\Norton AntiVirus\SAVScan.exe C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\iPod\bin\iPodService.exe C:\Programmi\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Programmi\Messenger\msmsgs.exe C:\Documents and Settings\F.Ruscelloni\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.repubblica.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_08\bin\ssv.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [Smapp] C:\Programmi\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe O4 - HKLM\..\Run: [HPHUPD04] "C:\Programmi\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [MsgCenterExe] "C:\Programmi\File comuni\Real\Update_OB\RealOneMessageCenter.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_08\bin\jusched.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\WCESCOMM.EXE" O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: DSLMON.lnk = C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra button: Crea preferiti portatile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\INetRepl.dll O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O15 - Trusted Zone: *.rossoalice.it O15 - Trusted Zone: *.rossoalice.virgilio.it O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1145447872160 O17 - HKLM\System\CCS\Services\Tcpip\..\{906A4981-C76E-4BB3-8E3F-21F21CB0FC09}: NameServer = 85.37.17.52 85.38.28.92 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: UpdAno - Unknown owner - \\?\C:\Programmi\File comuni\System\com6.exe (file missing) grazie mille! bye
__________________
Pc: Amd Athlon X2 3800+, Ram 1 Gb, Nvidia GeForce 6100 |
|
|
|
|
04-09-2006, 11:32
|
#3214 |
|
Junior Member
Iscritto dal: Aug 2006
Messaggi: 4
|
Perfavore qualcuno potrebbe dare un'occhiatina al mio LOG?
In questi gg sono stata presa di mira da alcuni virus... Logfile of HijackThis v1.99.1 Scan saved at 11.45.57, on 04/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\Programmini\DAEMON Tools\daemon.exe C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\PROGRA~1\ACERLA~1\QtZpAcer.EXE C:\Antivirus\Spyware Doctor\spydoctor.exe C:\Masterizzatore\AnyDVD\AnyDVD.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Nikon\PictureProject\NkbMonitor.exe C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programmi\File comuni\Symantec Shared\ccProxy.exe C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\Antivirus\Norton Internet Security\ISSVC.exe C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Programmi\Internet Explorer\iexplore.exe C:\UTILITY\WINZIP\winzip32.exe C:\Programmi\Messenger\msmsgs.exe C:\Documents and Settings\Elisa\Impostazioni locali\Temp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - Default URLSearchHook is missing O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spool Dynamic Link Library - {231B7A50-B3B2-4016-BD34-3D8495C9F3D1} - C:\WINDOWS\system32\splcore.dll (file missing) O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Antivirus\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Antivirus\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmini\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\ACERLA~1\QtZpAcer.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Audio-Video\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w O4 - HKCU\..\Run: [Spyware Doctor] "C:\Antivirus\Spyware Doctor\spydoctor.exe" /Q O4 - HKCU\..\Run: [AnyDVD] C:\Masterizzatore\AnyDVD\AnyDVD.exe O4 - Startup: Webshots.lnk = C:\Programmini\Webshots\WebshotsTray.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programmi\Nikon\PictureProject\NkbMonitor.exe O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ? O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Save Flash - res://C:\Programmini\Flash Saving Plugin\FlashSButton.dll/210 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Programmi\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU) O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/tech...l/SymAData.cab O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://www-secure.symantec.com/tech...rl/tgctlsi.cab O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/tech...rl/tgctlsr.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A4E221C3-F542-4F06-A8FE-FE2348E35840}: NameServer = 83.137.120.2,83.137.120.3 O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Antivirus\Norton Internet Security\ISSVC.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Programmi\SiSoftware\SiSoftware Sandra Pro Home 2007\Win32\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programmi\SiSoftware\SiSoftware Sandra Pro Home 2007\RpcSandraSrv.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe |
|
|
|
|
04-09-2006, 14:12
|
#3215 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
04-09-2006, 14:39
|
#3216 |
|
Junior Member
Iscritto dal: Jan 2006
Messaggi: 13
|
Ciao a tutti, l'odio verso ErrorSafe mi ha "costretto" a chiedere aiuto a voi sperando possiate dirmi qualcosa di utile dato che io e i computer ci rispettiamo ma la nostra relazione non va oltre a questo!
questo è il log di HijackThis: Logfile of HijackThis v1.99.1 Scan saved at 15.11.53, on 04/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Programmi\Executive Software\Diskeeper\DkService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Programmi\eMule\emule.exe C:\Programmi\Last.fm\LastFM.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\Programmi\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\msiexec.exe C:\Documents and Settings\Tommy\Documenti\Downloads!\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hotmail.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: CCfg Object - {40205287-E793-41AC-B95C-D8D064BA33CA} - blank (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programmi\Free Download Manager\iefdmcks.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Programmi\Pirelli\Access Gateway USB Network\CnxTrApp.dll",AppEntry -REG "Pirelli\Access Gateway USB" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O4 - HKCU\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Programmi\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Programmi\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Programmi\Free Download Manager\dllink.htm O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8B45B2F1-424F-43CC-A283-C27E50CC7E3E}: NameServer = 85.37.17.52 85.38.28.92 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Programmi\Executive Software\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Programmi\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing) O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Programmi\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing) O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe (file missing) Grazie mille in anticipo! |
|
|
|
|
04-09-2006, 14:55
|
#3217 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
04-09-2006, 15:04
|
#3218 | |
|
Junior Member
Iscritto dal: Jan 2006
Messaggi: 13
|
Quote:
grazie veramente!
|
|
|
|
|
|
04-09-2006, 16:06
|
#3219 |
|
Senior Member
Iscritto dal: Oct 2005
Città: San Lazzaro di Savena
Messaggi: 419
|
ciao
vi ho mandato il mio log, ma non me lo avete ancora guardato!! Per favore potete guardarlo è quello sopra sono zorbi! grazie mille
__________________
Pc: Amd Athlon X2 3800+, Ram 1 Gb, Nvidia GeForce 6100 |
|
|
|
|
04-09-2006, 16:22
|
#3220 | |
|
Senior Member
Iscritto dal: Feb 2002
Città: Discovery
Messaggi: 34710
|
Quote:
controlla gli 015 e 017. PS ma perchè non ve lo controllate da soli. è tutto in prima pagina.
__________________
Good afternoon, gentlemen, I'm a H.A.L. computer. |
|
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 01:29.
