|
|||||||
|
|
|
 |
|
|
Strumenti |
03-03-2007, 12:49
|
#5121 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
03-03-2007, 12:52
|
#5122 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
03-03-2007, 12:58
|
#5123 | ||
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
elimina questi
Quote:
Quote:
|
||
|
|
|
|
03-03-2007, 13:04
|
#5124 | |
|
Senior Member
Iscritto dal: Aug 2006
Città: Treviso
Messaggi: 13353
|
Quote:
__________________
NZXT H710 | RM650x | ASUS PRIME X670E-PRO WiFi | Ryzen 7 7800X3D | Corsair Vengeance CL36 DDR5 2x16 Gb 6000Mhz | RTX 4080 Super Gaming X Trio | Logitech G502 | Logitech G410 | ASUS ROG Swift OLED PG32UCDP | MacBook Pro M4 | Meta Quest 3 PS5 | Nintendo Switch 2 | STEAM | Vodafone FTTH 1000/200 |
|
|
|
|
|
03-03-2007, 13:19
|
#5125 | |
|
Senior Member
Iscritto dal: Aug 2006
Città: Treviso
Messaggi: 13353
|
Quote:
__________________
NZXT H710 | RM650x | ASUS PRIME X670E-PRO WiFi | Ryzen 7 7800X3D | Corsair Vengeance CL36 DDR5 2x16 Gb 6000Mhz | RTX 4080 Super Gaming X Trio | Logitech G502 | Logitech G410 | ASUS ROG Swift OLED PG32UCDP | MacBook Pro M4 | Meta Quest 3 PS5 | Nintendo Switch 2 | STEAM | Vodafone FTTH 1000/200 |
|
|
|
|
|
03-03-2007, 13:47
|
#5126 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
03-03-2007, 13:49
|
#5127 | |
|
Senior Member
Iscritto dal: Aug 2006
Città: Treviso
Messaggi: 13353
|
Quote:
__________________
NZXT H710 | RM650x | ASUS PRIME X670E-PRO WiFi | Ryzen 7 7800X3D | Corsair Vengeance CL36 DDR5 2x16 Gb 6000Mhz | RTX 4080 Super Gaming X Trio | Logitech G502 | Logitech G410 | ASUS ROG Swift OLED PG32UCDP | MacBook Pro M4 | Meta Quest 3 PS5 | Nintendo Switch 2 | STEAM | Vodafone FTTH 1000/200 |
|
|
|
|
|
03-03-2007, 13:55
|
#5128 | |
|
Senior Member
Iscritto dal: Aug 2006
Città: Treviso
Messaggi: 13353
|
Quote:
__________________
NZXT H710 | RM650x | ASUS PRIME X670E-PRO WiFi | Ryzen 7 7800X3D | Corsair Vengeance CL36 DDR5 2x16 Gb 6000Mhz | RTX 4080 Super Gaming X Trio | Logitech G502 | Logitech G410 | ASUS ROG Swift OLED PG32UCDP | MacBook Pro M4 | Meta Quest 3 PS5 | Nintendo Switch 2 | STEAM | Vodafone FTTH 1000/200 |
|
|
|
|
|
03-03-2007, 16:35
|
#5129 |
|
Senior Member
Iscritto dal: Feb 2007
Messaggi: 6652
|
ragazzi, sono nella cacca, il sito della panda mi ha rilevato un sacco di infezioni, cmq il mio log è questo
Logfile of HijackThis v1.99.1 Scan saved at 17.55.49, on 03/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Eset\nod32kui.exe C:\WINDOWS\ALCXMNTR.EXE C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Programmi\MSN Messenger\MsnMsgr.Exe C:\Programmi\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Logitech\SetPoint\SetPoint.exe C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\Programmi\Alice ti aiuta\bin\mpbtn.exe C:\Programmi\File comuni\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe C:\Programmi\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE C:\Programmi\Mozilla Firefox\firefox.exe C:\Programmi\eBay\eBay Toolbar2\eBayTBDaemon.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\system32\taskmgr.exe C:\Programmi\MSN Messenger\usnsvc.exe C:\Documents and Settings\Elena\Impostazioni locali\Temp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O1 - Hosts: 207.210.117.53 www.winmx.com O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Programmi\eBay\eBay Toolbar2\eBayTB.dll O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Programmi\Aethra\ADSL EB1070 USB\CnxTrApp.dll",AppEntry -REG "Aethra\ADSL EB1070 USB" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmi\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: &eBay Search - res://C:\Programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: @C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll,-115 - {BB8A8834-A0A1-4d70-A21A-72FF89AA737A} - (no file) O9 - Extra 'Tools' menuitem: ImageShack Toolbar - {BB8A8834-A0A1-4d70-A21A-72FF89AA737A} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O15 - Trusted Zone: http://toolbar.imageshack.us O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1165673996562 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab47946.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A6A11979-1E16-41D8-A19E-C1A8FDE0CDA4}: NameServer = 85.37.17.57 85.38.28.80 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Prime95 Service - Unknown owner - C:\Programmi\Prime95\prime95.exe (file missing) O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe nel caso mi dovreste dire come posso eliminare quelle voci Grazie
__________________
♠ CM H500 ♠ Gigabyte X470 Gaming 7 ♠ Ryzen 5600X Arctic Liquid Freezer II 280 ♠ Gigabyte GTX 2070 super ♠ Crucial 16GB 3600Mhz ♠ MSI 34" Ultrawide ♠
♠ CM QuickFire Rapid - Lubed MX Clear - 100g gold spring - 40A-R o-ring - ABS & PBT caps ♠ ♠ 25+ trattative positive su HWU, 200+ su ebay ♠ Ultima modifica di Dany16vTurbo : 03-03-2007 alle 17:14. |
|
|
|
|
03-03-2007, 19:24
|
#5130 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
Quote:
|
|
|
|
|
|
04-03-2007, 14:35
|
#5131 |
|
Member
Iscritto dal: Jan 2007
Messaggi: 75
|
Ragazzi, ho un problema serio: nella cartella C\WINDOWS\Temp sono presenti alcuni dialer: cancellandoli il problema non si risolve perché dopo poco tempo riappaiono, sotto altri nomi. Questo è il log:
Logfile of HijackThis v1.99.1 Scan saved at 15.15.33, on 04/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\CA\SharedComponents\HIPSEngine\UmxCfg.exe C:\Programmi\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe C:\Programmi\CA\SharedComponents\HIPSEngine\UmxPol.exe C:\Programmi\CA\SharedComponents\HIPSEngine\UmxAgent.exe C:\WINDOWS\Explorer.EXE C:\Programmi\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe C:\Programmi\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe C:\Programmi\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\Programmi\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe C:\Programmi\CA\CA Internet Security Suite\cctray\cctray.exe C:\Programmi\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe C:\Programmi\CA\CA Internet Security Suite\CA Personal Firewall\capfaem.exe C:\Programmi\QuickTime\qttask.exe C:\Programmi\iTunes\iTunesHelper.exe C:\Programmi\Winamp\winampa.exe C:\Programmi\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.0.419.0\QOELoader.exe C:\Programmi\Java\jre1.5.0_01\bin\jusched.exe C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe C:\Programmi\iPod\bin\iPodService.exe C:\PROGRA~1\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Programmi\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe C:\Programmi\Alice ti aiuta\bin\mpbtn.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Programmi\MSN Messenger\usnsvc.exe C:\WINDOWS\TEMP\winEE.tmp.exe C:\Programmi\WinRAR\WinRAR.exe C:\DOCUME~1\PRINCI~1\IMPOST~1\Temp\Rar$EX00.360\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {F26EB1C2-A154-4A8F-94F9-E8996C4AAA73} - C:\WINDOWS\system32\ssqpn.dll (file missing) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [cctray] "C:\Programmi\CA\CA Internet Security Suite\cctray\cctray.exe" O4 - HKLM\..\Run: [CAVRID] "C:\Programmi\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" O4 - HKLM\..\Run: [cafwc] C:\Programmi\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl O4 - HKLM\..\Run: [capfaem] C:\Programmi\CA\CA Internet Security Suite\CA Personal Firewall\capfaem.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe O4 - HKLM\..\Run: [QOELOADER] "C:\Programmi\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.0.419.0\QOELoader.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_01\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe O8 - Extra context menu item: &Download All by Gigaget - C:\Programmi\Giganology\Gigaget\getallurl.htm O8 - Extra context menu item: &Download by Gigaget - C:\Programmi\Giganology\Gigaget\geturl.htm O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab55762.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab55579.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab55200.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5445E5C4-B7CA-40A8-A194-48202B360039}: NameServer = 192.168.1.4 O17 - HKLM\System\CCS\Services\Tcpip\..\{CA6B95CE-0CAE-432B-949D-7E1243F06043}: NameServer = 212.216.172.62 151.99.125.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{5445E5C4-B7CA-40A8-A194-48202B360039}: NameServer = 192.168.1.4 O17 - HKLM\System\CS2\Services\Tcpip\..\{5445E5C4-B7CA-40A8-A194-48202B360039}: NameServer = 192.168.1.4 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSN Messenger\msgrapp.8.1.0178.00.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSN Messenger\msgrapp.8.1.0178.00.dll O20 - Winlogon Notify: PFW - C:\WINDOWS\SYSTEM32\UmxWnp.Dll O20 - Winlogon Notify: ssqpn - C:\WINDOWS\system32\ssqpn.dll (file missing) O20 - Winlogon Notify: winjyg32 - C:\WINDOWS\SYSTEM32\winjyg32.dll O20 - Winlogon Notify: yayxxvs - yayxxvs.dll (file missing) O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Programmi\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Programmi\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Programmi\CA\SharedComponents\HIPSEngine\UmxAgent.exe O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Programmi\CA\SharedComponents\HIPSEngine\UmxCfg.exe O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Programmi\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Programmi\CA\SharedComponents\HIPSEngine\UmxPol.exe O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Programmi\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
__________________
DESKTOP: CPU: Intel Core 2 Duo E6400 @2,13Ghz RAM: 3 Gb DDR2 667Mhz MoBo: P5NSLI SVideo: Sapphire HD4870 512 Mb DDR5 Alimentatore: CoolerMaster M520 520W SAudio: integrata SO: Windows 7 Ultimate 64-bit Monitor: Acer X233H 23" 16:9 Joypad: Xbox 360 Official Gamepad NOTEBOOK: CPU: Intel Core 2 Duo T7700 @2,40Ghz RAM: 4 Gb DDR2 667Mhz MoBo: Quanta 30D2 SVideo: GeForce 8400GS 128 MB dedicati SAudio: Realtek SO: Ubuntu 12.04 |
|
|
|
|
04-03-2007, 17:12
|
#5132 |
|
Senior Member
Iscritto dal: Feb 2007
Messaggi: 6652
|
O20 - Winlogon Notify: winjyg32 - C:\WINDOWS\SYSTEM32\winjyg32.dll
questo sicuramente è da togliere
__________________
♠ CM H500 ♠ Gigabyte X470 Gaming 7 ♠ Ryzen 5600X Arctic Liquid Freezer II 280 ♠ Gigabyte GTX 2070 super ♠ Crucial 16GB 3600Mhz ♠ MSI 34" Ultrawide ♠
♠ CM QuickFire Rapid - Lubed MX Clear - 100g gold spring - 40A-R o-ring - ABS & PBT caps ♠ ♠ 25+ trattative positive su HWU, 200+ su ebay ♠ |
|
|
|
|
04-03-2007, 19:18
|
#5133 |
|
Member
Iscritto dal: Nov 2006
Messaggi: 34
|
Raga ho una discussione aperta su questo link:
http://www.hwupgrade.it/forum/showth...8#post16207638 riguardo un problema ke potete leggere all'URL ke vi ho dato. Posto qui il mio file log di HjackThis. Vi kiedo di leggere prima tutta la discussione e poi di vedere un pò se da questo log si riesce a capire qualcosa, grazie a tutti in anticipo... Logfile of HijackThis v1.99.1 Scan saved at 19.53.28, on 04/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\cisvc.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\Norton AntiVirus\navapsvc.exe C:\Programmi\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programmi\Raxco\PerfectDisk\PDSched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\NVRTCLK\NVRTClk.exe C:\Programmi\Process Lasso\processgovernor.exe C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programmi\Coolspot\Dialer Control\dc.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\Programmi\Process Lasso\ProcessSupervisor.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE C:\WINDOWS\system32\cidaemon.exe C:\Programmi\MSN Messenger\usnsvc.exe C:\Programmi\MSN Messenger\livecall.exe C:\Programmi\Outlook Express\msimn.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alice.it/oggi/indexbb.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programmi\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programmi\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programmi\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\System32\NVRTCLK\NVRTClk.exe O4 - HKLM\..\Run: [VGAUtil] C:\WINDOWS\System32\G-VGA.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UpdateService\isuspm.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 300NC PC Camera O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Programmi\digicomt\Michelangelo USB ADSL\CnxDslTb.exe" O4 - HKLM\..\Run: [ProcessGovernor] C:\Programmi\Process Lasso\processgovernor.exe O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Dialer Control] C:\Programmi\Coolspot\Dialer Control\dc.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ProcessSupervisorGUI] C:\Programmi\Process Lasso\ProcessSupervisor.exe /tray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE O8 - Extra context menu item: &Download with &DAP - F:\Programmi\DAP\dapextie.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Download &all with DAP - F:\Programmi\DAP\dapextie2.htm O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Barra di ricerca di Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll O12 - Plugin for .spop: C:\Programmi\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {29D73455-3ADA-49BB-9067-44822F6728F5} (Google Video Uploader ActX) - http://www.joga.com/activex/uploadactx.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://vivreinimitable.spaces.msn.co...d/MsnPUpld.cab O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.co...p/PhtPkMSN.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.filelodge.com/ImageUploader3.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7A091E09-26A9-4B22-A82D-25ADE895F722}: NameServer = 193.70.152.15 193.70.152.25 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSN Messenger\msgrapp.8.1.0178.00.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSN Messenger\msgrapp.8.1.0178.00.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LiveUpdate\LuComServer_3_0.EXE O23 - Service: Macromedia Licensing Service - Macromedia - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programmi\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDEngine.exe O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDSched.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe |
|
|
|
|
04-03-2007, 22:05
|
#5134 |
|
Senior Member
Iscritto dal: Feb 2007
Messaggi: 6652
|
sembrerebbe tutto ok....
__________________
♠ CM H500 ♠ Gigabyte X470 Gaming 7 ♠ Ryzen 5600X Arctic Liquid Freezer II 280 ♠ Gigabyte GTX 2070 super ♠ Crucial 16GB 3600Mhz ♠ MSI 34" Ultrawide ♠
♠ CM QuickFire Rapid - Lubed MX Clear - 100g gold spring - 40A-R o-ring - ABS & PBT caps ♠ ♠ 25+ trattative positive su HWU, 200+ su ebay ♠ |
|
|
|
|
05-03-2007, 12:31
|
#5135 |
|
Senior Member
Iscritto dal: Dec 2006
Messaggi: 340
|
Raga controllate il mio log please.
Raga questo è il mio log di hijackthis me lo controllate plz. Logfile of HijackThis v1.99.1 Scan saved at 21.13.43, on 26/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Sygate\SPF\smc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Programmi\Stardock\Object Desktop\WindowBlinds\wbload.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\ADSL Autoconnect\ADSL Autoconnect.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Programmi\Java\jre1.5.0_11\bin\jusched.exe C:\Programmi\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\RocketDock\RocketDock.exe C:\Programmi\Avedesk\AVEDESK.EXE C:\Documents and Settings\Mosè\Documenti\hijackthis\HijackThis.exe C:\WINDOWS\system32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Programmi\Winamp\Winampa.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RocketDock] "C:\Programmi\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [TransBar] C:\Documents and Settings\Mosè\Impostazioni locali\Dati applicazioni\AKSoftware\TransBar\TransBar.exe /s O4 - HKCU\..\Run: [AVEDESK] "C:\Programmi\Avedesk\AVEDESK.EXE" O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1170511357437 O17 - HKLM\System\CCS\Services\Tcpip\..\{921E7746-BE6D-4AA3-9947-BE1DF0CEA1F0}: NameServer = 193.70.152.15 193.70.152.25 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\fastload.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ADSLAutoconnect - Unknown owner - C:\Programmi\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: DirectX Service (DirectXurv) - Unknown owner - C:\WINDOWS\system32\directx.exe (file missing) O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programmi\Sygate\SPF\smc.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe |
|
|
|
|
05-03-2007, 12:50
|
#5136 | |
|
Member
Iscritto dal: Mar 2007
Città: Bari...
Messaggi: 129
|
Quote:
O23 - Service: DirectX Service (DirectXurv) - Unknown owner - C:\WINDOWS\system32\directx.exe (file missing)
__________________
Maybe I'm nobody...but nobody is like me 
|
|
|
|
|
|
05-03-2007, 17:48
|
#5137 | |
|
Member
Iscritto dal: Nov 2006
Messaggi: 34
|
Quote:
|
|
|
|
|
|
06-03-2007, 08:55
|
#5138 |
|
Junior Member
Iscritto dal: Mar 2007
Messaggi: 14
|
 ciao a tutti, ho bisogno di una mano a leggere il mio log.... grazie per l'attenzione.... Logfile of HijackThis v1.99.1 Scan saved at 9.54.13, on 06/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\Eset\nod32krn.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\service32.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Ray Adams\ATI Tray Tools\atitray.exe C:\Programmi\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\Documents and Settings\Utente\Desktop\rmclock_22_bin\RMClock.exe C:\WINDOWS\system32\regscan.exe C:\Programmi\Eset\nod32kui.exe C:\Programmi\Internet Explorer\iexplore.exe C:\HJT\HijackThis.exe C:\Programmi\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [AtiTrayTools] "C:\Programmi\Ray Adams\ATI Tray Tools\atitray.exe" O4 - HKCU\..\Run: [ccleaner] "C:\Programmi\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [Regscan] C:\WINDOWS\system32\regscan.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {3BB4FE3B-7A37-11D3-A41E-0060080C03B3} (Entire Screen Builder Web Viewer) - http://vblu.uni-bocconi.it/vblu/NWWClientFull.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1165064796531 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Programmi\Viewpoint\Common\ViewpointService.exe in particoalre mi sembrava strano il no32krn.exe.... confermate che è da cestinare? Ultima modifica di fjm : 06-03-2007 alle 08:57. |
|
|
|
|
06-03-2007, 09:05
|
#5139 | ||
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 28978
|
elimina queste
Quote:
Quote:
|
||
|
|
|
|
07-03-2007, 14:18
|
#5140 | |
|
Senior Member
Iscritto dal: Dec 2006
Messaggi: 340
|
Quote:
|
|
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 16:28.
