|
|||||||
|
|
|
 |
|
|
Strumenti |
17-09-2006, 12:08
|
#3321 | |
|
Senior Member
Iscritto dal: Jul 2005
Messaggi: 663
|
Quote:
__________________
▲ Parlare di guerra non mi piace, è troppo audace, preferisco parlare di forze di pace ▲ lucamad79.leonardo.it ▲ Guida a Easy Boot ▲ RETEEEE!!! Cliccami e rivivi i mondiali Ciao Steve... |
|
|
|
|
17-09-2006, 12:33
|
#3322 | |
|
Senior Member
Iscritto dal: Aug 2006
Città: Riviera del Brenta
Messaggi: 2050
|
Quote:
|
|
|
|
|
|
17-09-2006, 12:36
|
#3323 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
17-09-2006, 13:14
|
#3324 |
|
Senior Member
Iscritto dal: Jul 2005
Messaggi: 663
|
Errore mio, il mio file si trova in \system32, guardate...
Per vedere se il file smss.exe era nel sistema, l'ho digitato nella finestra Esegui, che (ovviamente  ) esegue comandi non solo di \windows\Sorry 
__________________
▲ Parlare di guerra non mi piace, è troppo audace, preferisco parlare di forze di pace ▲ lucamad79.leonardo.it ▲ Guida a Easy Boot ▲ RETEEEE!!! Cliccami e rivivi i mondiali Ciao Steve... |
|
|
|
|
17-09-2006, 14:46
|
#3325 |
|
Senior Member
Iscritto dal: Feb 2006
Messaggi: 318
|
Ciao a tutti.
Ho trovato due applicazioni in Task manager a me non familiari: - S24EvMon.exe - Dot1xcfg.exe Mi date una controllatina alla lettura di HijackThis per favore? Logfile of HijackThis v1.99.1 Scan saved at 14.44.10, on 17/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Intel\Wireless\Bin\EvtEng.exe C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe C:\Programmi\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Programmi\Apoint\Apoint.exe C:\WINDOWS\stsystra.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe C:\Programmi\Apoint\HidFind.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Apoint\Apntex.exe C:\Programmi\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\Programmi\Intel\Wireless\Bin\Dot1XCfg.exe C:\Programmi\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\WISPTIS.EXE C:\Programmi\Elitecore\ElitePPPoE\ElitePPPoE.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Documents and Settings\Raffaele\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.avast.com/i_kat_207.php?lang=eng R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint\Apoint.exe O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Programmi\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file://D:\components\hidinputmonitorx.ocx O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file://D:\components\A9.ocx O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} (WMVHDRatingCtrl Class) - file://D:\components\wmvhdrating.ocx O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = dtvng.com O17 - HKLM\Software\..\Telephony: DomainName = dtvng.com O17 - HKLM\System\CCS\Services\Tcpip\..\{44A8971D-38C4-4FCE-9D27-9AAC4D46C1B8}: NameServer = 10.0.0.8,81.23.192.193 O17 - HKLM\System\CCS\Services\Tcpip\..\{DA35FA1C-1A9D-452A-81C5-F9A530C59B02}: NameServer = 81.23.192.193 81.23.192.193 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = dtvng.com O17 - HKLM\System\CS1\Services\Tcpip\..\{44A8971D-38C4-4FCE-9D27-9AAC4D46C1B8}: NameServer = 10.0.0.8,81.23.192.193 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = dtvng.com O17 - HKLM\System\CS2\Services\Tcpip\..\{44A8971D-38C4-4FCE-9D27-9AAC4D46C1B8}: NameServer = 10.0.0.8,81.23.192.193 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Programmi\Intel\Wireless\Bin\WLKeeper.exe Grazie. |
|
|
|
|
17-09-2006, 17:20
|
#3326 |
|
Senior Member
Iscritto dal: May 2005
Città: Trieste
Messaggi: 3435
|
Fixa questi:
C:\Programmi\Intel\Wireless\Bin\WLKeeper.exe Controlla con uno scanner antivirus O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file://D:\components\hidinputmonitorx.ocx O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file://D:\components\A9.ocx O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} (WMVHDRatingCtrl Class) - file://D:\components\wmvhdrating.ocx O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = dtvng.com O17 - HKLM\Software\..\Telephony: DomainName = dtvng.com O17 - HKLM\System\CCS\Services\Tcpip\..\{44A8971D-38C4-4FCE-9D27-9AAC4D46C1B8}: NameServer = 10.0.0.8,81.23.192.193 O17 - HKLM\System\CCS\Services\Tcpip\..\{DA35FA1C-1A9D-452A-81C5-F9A530C59B02}: NameServer = 81.23.192.193 81.23.192.193 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = dtvng.com O17 - HKLM\System\CS1\Services\Tcpip\..\{44A8971D-38C4-4FCE-9D27-9AAC4D46C1B8}: NameServer = 10.0.0.8,81.23.192.193 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = dtvng.com O17 - HKLM\System\CS2\Services\Tcpip\..\{44A8971D-38C4-4FCE-9D27-9AAC4D46C1B8}: NameServer = 10.0.0.8,81.23.192.193 O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Programmi\Intel\Wireless\Bin\WLKeeper.exe Potresti non ritrovarti degli indirizzi ip, cmq risulano obsoleti
__________________
CASE: Antec Solo II | MOBO: Asus Sabertooth Z87 | CPU: Intel i7 4790K | COOLER: Noctua NH-D15 | RAM: G Skill 16Gb | GPU: nVidia GTX-1070 G1 | ROUTER: AVM7530 PSU: Seasonic P520 | AUDIO: Asus STX II | STORAGE: HDD ST2000DM001 + SSD 850 PRO 512Gb + DVDRAM LG GH24NS50 | LCD: Sony SDM-X72 | TV: Sony 32W4000 AMP: Marantz PM-KI Pearl | SPKR: Vienna Mozart Grand | DAC: Yulong DA8 | CABLE: WW Electra Platinum - Tasker C276 & RG59 BU - Chord Clearway Analogue
|
|
|
|
17-09-2006, 18:55
|
#3327 |
|
Senior Member
Iscritto dal: Jun 2005
Città: Napoli
Messaggi: 1661
|
problemi connessione adsl
ciao ragazzi. Ho problemi di connessione da circa 2 giorni. la connessione adsl è lentissima. Utilizzo Libero flat. Inoltre msn ogni tanto si disconnette.. ho fatto la scansione con ewido e mi so stati trovati 14 virus. la scansione di hijackthis è la seguente :
Logfile of HijackThis v1.99.1 Scan saved at 19.49.08, on 17/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe d:\Programmi\ewido\security suite\ewidoctrl.exe D:\Programmi\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\UAService7.exe d:\programmi\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\PROGRA~2\PRINTV~1\pvmodule.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Messenger\msmsgs.exe C:\WINDOWS\system32\WgaTray.exe C:\Documents and Settings\user\Menu Avvio\Programmi\Accessori\Utilità di sistema\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.repubblica.it/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\programmi\ICQToolbar\toolbaru.dll O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - D:\programmi\DAP\DAPBHO.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: IeCaptureBho Object - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Programmi\Google\Google Desktop Search\GoogleDesktopIE.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\it\msntb.dll O2 - BHO: PrintViewBHO Class - {D4E0C464-30CE-4075-9A10-71FD106C2847} - C:\PROGRA~2\PRINTV~1\PRINTH~2.DLL O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\it\msntb.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\programmi\ICQToolbar\toolbaru.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [PVModule] C:\PROGRA~2\PRINTV~1\pvmodule.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [WashAndGo - Cleanup of old Backupfiles] d:\Programmi\WashAndGo\checker.exe /check O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Download with &DAP - D:\programmi\DAP\dapextie.htm O8 - Extra context menu item: &eBay Search - res://D:\Programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\programmi\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: Download &all with DAP - D:\programmi\DAP\dapextie2.htm O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Post Image to Blog - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003 O8 - Extra context menu item: Tag This Image - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002 O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000 O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\programmi\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\programmi\ICQLite\ICQLite.exe O15 - Trusted Zone: http://toolbar.imageshack.us O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://hakinlove.spaces.msn.com//Pho...d/MsnPUpld.cab O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar...ackToolbar.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.co...p/PhtPkMSN.cab O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{756719CE-AC59-4B5C-8D90-F60E145B4886}: NameServer = 212.245.255.2 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll,runner.dll,gagbipip.dll,runner.dll,fplandic.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe O23 - Service: ewido security suite control - ewido networks - d:\Programmi\ewido\security suite\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - D:\Programmi\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - d:\programmi\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - d:\Programmi\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - d:\Programmi\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - D:\Programmi\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe cosa devo fixare ? grazie , buona serata
__________________
|
|
|
|
|
17-09-2006, 19:56
|
#3328 | |
|
Senior Member
Iscritto dal: Feb 2006
Messaggi: 318
|
Quote:
Questi ultimi che rimangono che natura hanno? Pericolosi o no? Prima di fixare vorrei capire che cosa elimino. Questo WLankeeper potrebbe essere una applicazione della scheda Intel 3495, perchè sul mio Laptop (Dell) ho un tasto Wireless finder che monitora continuamente la presenza di reti Wireless. A) O16 - hidinputmonitorx.ocx B) O16 - A9.ocx C) O16 - wmvhdrating.ocx Questi tre ho capito che si tratta di ActiveX Non riesco a trovare da quale sito provengono. Il C) è di provenienza Microsoft, scarico continuamente aggio ed ho su programmi con licenza. Potrebbe essere qualche controllo di genuità per il pacchetto Office .... non so ... ditemelo voi. Il B) forse ... (dico forse) è legato al programma Acrobat Adobe 6.0 professional ed al sito dove scarico gli aggio ma non sono sicuro. l'A) non so proprio da dove viene ne riesco a trovare su Internet un indizio di provenienza ma ho visto che è comune un pò a tutti. Per il momento li ho solamente disattivati dal pannello di controllo di IE. Grazie Ultima modifica di Toro20 : 17-09-2006 alle 20:38. |
|
|
|
|
|
17-09-2006, 21:19
|
#3329 |
|
Senior Member
Iscritto dal: Jun 2005
Città: Napoli
Messaggi: 1661
|
up ...
__________________
|
|
|
|
|
17-09-2006, 23:11
|
#3330 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
18-09-2006, 12:41
|
#3332 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
18-09-2006, 13:54
|
#3333 |
|
Senior Member
Iscritto dal: Feb 2002
Città: Provincia Venezia
Messaggi: 1313
|
O17 - HKLM\System\CCS\Services\Tcpip\..\{D5C6E6F1-AEC9-4759-8FBC-26E8399D86A2}: NameServer = 85.37.17.43 85.38.28.96
Se il Dominio non appartiene al vostro provider Internet od alla vostra rete aziendale, questi elementi dovrebbero essere eliminati. Anche gli elementi 'SearchList' dovrebbero essere cancellati (Fix). Conoscete l'indirizzo IP o il Dominio '85.37.17.43 85.38.28.96'? Se no, eliminate questo oggetto. questo e' pericoloso visto che riusulta Abbastanza sospetto ??? thx
__________________
senior member da oltre 10 anni ho concluso positivamente con: lzeppelin(venduto asus 6600gt)-tati29268(venduto nokia6630)-fischrs(venduto nokia6600)-Sunriis(venduto wi-fi atlantis land)-spencer84(venduto audigy2 platinum) e decine di utenti che non sto qui a elencare
|
|
|
|
|
18-09-2006, 14:01
|
#3334 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
18-09-2006, 14:26
|
#3335 | |
|
Senior Member
Iscritto dal: Feb 2002
Città: Provincia Venezia
Messaggi: 1313
|
Quote:
__________________
senior member da oltre 10 anni ho concluso positivamente con: lzeppelin(venduto asus 6600gt)-tati29268(venduto nokia6630)-fischrs(venduto nokia6600)-Sunriis(venduto wi-fi atlantis land)-spencer84(venduto audigy2 platinum) e decine di utenti che non sto qui a elencare
|
|
|
|
|
|
18-09-2006, 15:16
|
#3336 |
|
Senior Member
Iscritto dal: Jan 2006
Città: Lainate(Mi)
Messaggi: 5645
|
mi controllate il log...grazie?
Logfile of HijackThis v1.99.1 Scan saved at 16.14.09, on 18/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\mssqlsnt.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe C:\WINDOWS\system32\rundll32.exe C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Programmi\RMClock\RMClock.exe C:\PROGRA~1\FILECO~1\Nokia\MPAPI\MPAPI3s.exe C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE C:\Programmi\HP\Digital Imaging\bin\hpqgalry.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\iPod\bin\iPodService.exe C:\Programmi\iTunes\iTunesHelper.exe C:\Programmi\Windows Media Player\wmplayer.exe C:\File Vari\hijackthis_199\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.avast.com/i_kat_207.php?lang=ENG R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti F2 - REG:system.ini: Shell=Explorer.exe mssqlsnt.exe F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,mssqlsnt.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunServices: [MSSQL for Windows NT & XP] mssqlsnt.exe O4 - HKCU\..\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [RMClock] C:\Programmi\RMClock\RMClock.exe O4 - HKCU\..\RunServices: [MSSQL for Windows NT & XP] mssqlsnt.exe O4 - Global Startup: Avvio rapido di HP Image Zone.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1139763570875 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1142195018078 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WB - C:\Programmi\AlienGUIse\fastload.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDEngine.exe O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDSched.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Programmi\Sygate\SPF\smc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
__________________
PSN: gian73ska |
|
|
|
|
18-09-2006, 16:04
|
#3337 |
|
Senior Member
Iscritto dal: Oct 2004
Città: Milano
Messaggi: 2641
|
Disattiva il ripristino di configurazione di win
apri hijackthis e vai in Open the misc tool section>open process manager, seleziona se presente questa voce C:\WINDOWS\system32\mssqlsnt.exe e premi il pulsante kill process. rifai la scansione con hijack e fixa le seguenti voci C:\WINDOWS\system32\mssqlsnt.exe F2 - REG:system.ini: Shell=Explorer.exe mssqlsnt.exe F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,mssqlsnt.exe O4 - HKLM\..\RunServices: [MSSQL for Windows NT & XP] mssqlsnt.exe O4 - HKCU\..\RunServices: [MSSQL for Windows NT & XP] mssqlsnt.exe O20 - Winlogon Notify: WB - C:\Programmi\AlienGUIse\fastload.dll (file missing) Scarica ed installa ewido http://www.ewido.net/en/ aggiornalo e fai una scansione completa del sistema. Ciao
__________________
FOXYLADY è un MASCHIO!! Un amico è una persona che sa tutto di te e nonostante questo gli piaci |
|
|
|
|
18-09-2006, 17:34
|
#3338 |
|
Senior Member
Iscritto dal: Jul 2001
Città: Teramo
Messaggi: 705
|
sono 2 giorni che mi compare un dialer (bocca rossa su sfondo bianco), ho adsl 4Mb di Alice, ho fatto una scansione, mi controllate il log e mi dite cosa fare che nn ci capisco molto....
Logfile of HijackThis v1.99.1 Scan saved at 18.26.23, on 18/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\WINDOWS\service32.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Programmi\Symantec\Norton Ghost 2003\GhostStartService.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE C:\Programmi\Sygate\SPF\Smc.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\uTorrent\utorrent.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Crazy Browser\Crazy Browser.exe C:\Programmi\Windows Media Player\wmplayer.exe C:\hijack\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Programmi\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46" O4 - HKLM\..\Run: [EPSON Stylus C46 Series (Copia 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P33 "EPSON Stylus C46 Series (Copia 1)" /O6 "USB001" /M "Stylus C46" O4 - HKLM\..\Run: [funk] funk.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O15 - Trusted Zone: www.archiviosex.net O15 - Trusted Zone: www.otherchance.com O15 - Trusted Zone: www.redfunny.com O15 - Trusted Zone: www.superspots.biz O16 - DPF: {16E166F9-35E8-4CA5-B50D-5CEFABF45B09} - http://www.otherchance.com/dialers/1/AUTO_1N.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{27BCF0B5-5B57-4C72-976F-4BEF884DB0BE}: NameServer = 85.37.17.46 85.38.28.84 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: winads32 - winads32.dll (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: GhostStartService - Symantec Corporation - C:\Programmi\Symantec\Norton Ghost 2003\GhostStartService.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Programmi\Sygate\SPF\Smc.exe Grazie!
__________________
France' su Milan!!!!!!! FALLO!!!!!!! Amic'!!!!!!! Pianti!!! Chi????? Mamma, tuo figlio è un genio!! |
|
|
|
|
18-09-2006, 17:51
|
#3339 |
|
Senior Member
Iscritto dal: Oct 2004
Città: Milano
Messaggi: 2641
|
Disattiva il ripristino di configurazione di win
apri hijackthis e vai in Open the misc tool section>open process manager, seleziona se presente questa voce C:\WINDOWS\service32.exe e premi il pulsante kill process rifai la scansione con hijack e fixa queste voci R3 - Default URLSearchHook is missing O4 - HKLM\..\Run: [funk] funk.exe O15 - Trusted Zone: www.archiviosex.net O15 - Trusted Zone: www.otherchance.com O15 - Trusted Zone: www.redfunny.com O15 - Trusted Zone: www.superspots.biz O16 - DPF: {16E166F9-35E8-4CA5-B50D-5CEFABF45B09} - http://www.otherchance.com/dialers/1/AUTO_1N.exe O20 - Winlogon Notify: winads32 - winads32.dll (file missing) Scarica ed installa ewido http://www.ewido.net/en/ aggiornalo e fai una scansione completa del sistema. Ciao
__________________
FOXYLADY è un MASCHIO!! Un amico è una persona che sa tutto di te e nonostante questo gli piaci |
|
|
|
|
18-09-2006, 17:58
|
#3340 | |
|
Member
Iscritto dal: Dec 2005
Città: Verona
Messaggi: 266
|
Quote:
__________________
"La teoria è quando si sa tutto ma non funziona niente. La pratica è quando funziona tutto ma non si sa il perché. In ogni caso si finisce sempre con il coniugare la teoria con la pratica: non funziona niente e non si sa il perché". Albert Einstein |
|
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 21:05.
