|
|||||||
|
|
|
 |
|
|
Strumenti |
23-05-2004, 12:12
|
#1 |
|
Member
Iscritto dal: Jan 2002
Città: Reggio Emilia
Messaggi: 246
|
cosa può essere
ho il computer di un'amica che ha questo problemino:
Quando digito il comando spegni computer sembra che si spenga ma in realtà si riavvia. cosa può essere????  il computer è un amd 1200 windows xp home scheda grafica e video integrate Ultima modifica di requiem70 : 23-05-2004 alle 12:17. |
|
|
|
23-05-2004, 14:06
|
#2 | |
|
Senior Member
Iscritto dal: Mar 2004
Città: * * * *
Messaggi: 2320
|
Re: cosa può essere
Quote:
Scansione con Ad-aware, scansione con Spybot S&D, scansione con a2, scansione con hijackthis....... ...Se non hai eseguito questi controlli, eseguili e poi fammi sapere il risultato.. P.S fai una scansione con hijackthis èprima delle scansioni.....e uno dopo le scansioni...copialo e incollalo qui.... ciao! 
__________________
 Là, dove tutti fuggono terrorizzati, loro vanno.Chi sono?
|
|
|
|
|
|
23-05-2004, 16:08
|
#3 |
|
Member
Iscritto dal: Jan 2002
Città: Reggio Emilia
Messaggi: 246
|
ecco la scansione con Hijackthis
Logfile of HijackThis v1.97.3 Scan saved at 15.59.51, on 23/05/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Sygate\SPF\Smc.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Trend Micro\PC-cillin 2002\Tmntsrv.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Trend Micro\PC-cillin 2002\PCCPFW.exe C:\WINDOWS\System32\carpserv.exe C:\WINDOWS\System32\ctfmon.exe C:\Programmi\Messenger\msmsgs.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\Annalisa\Impostazioni locali\Temp\Directory temporanea 2 per hijackthis-rimuove trojan.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Tiscali 10.0 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui O4 - HKLM\..\Run: [TrojanScanner] C:\Programmi\Trojan Remover\Trjscan.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background O9 - Extra button: Organizzatore ricerche (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...7670.490324074 prima di mettere la startup aspetto, se ti serve te la metto visto che è piuttosto lunga. |
|
|
|
|
23-05-2004, 16:18
|
#4 |
|
Senior Member
Iscritto dal: Mar 2004
Città: * * * *
Messaggi: 2320
|
Ho dei dubbi su questo...
O4 - HKLM\..\Run: [CARPService] carpserv.exe cmq incolla lo start up
__________________
Là, dove tutti fuggono terrorizzati, loro vanno.Chi sono?
|
|
|
|
|
23-05-2004, 20:01
|
#5 |
|
Member
Iscritto dal: Jan 2002
Città: Reggio Emilia
Messaggi: 246
|
eccolo:
StartupList report, 23/05/2004, 15.43.29 StartupList version: 1.52 Started from : C:\Documents and Settings\Annalisa\Impostazioni locali\Temp\Directory temporanea 2 per hijackthis-rimuove trojan.zip\HijackThis.EXE Detected: Windows XP SP1 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Sygate\SPF\Smc.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Trend Micro\PC-cillin 2002\Tmntsrv.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Trend Micro\PC-cillin 2002\PCCPFW.exe C:\WINDOWS\System32\carpserv.exe C:\WINDOWS\System32\ctfmon.exe C:\Programmi\Messenger\msmsgs.exe C:\WINDOWS\System32\wuauclt.exe C:\Programmi\Trojan Remover\RmvTrjan.exe C:\Programmi\Trojan Remover\RmvTrjan.exe C:\Documents and Settings\Annalisa\Impostazioni locali\Temp\Directory temporanea 2 per hijackthis-rimuove trojan.zip\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\Annalisa\Menu Avvio\Programmi\Esecuzione automatica] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica] *No files* Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run NeroCheck = C:\WINDOWS\System32\NeroCheck.exe CARPService = carpserv.exe SmcService = C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui TrojanScanner = C:\Programmi\Trojan Remover\Trjscan.exe -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run CTFMON.EXE = C:\WINDOWS\System32\ctfmon.exe MSMSGS = "C:\Programmi\Messenger\msmsgs.exe" /background -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\System32\mshta.exe "%1" %* -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplayer2.inf,PerUserStub.NT [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{306D6C21-C1B6-4629-986C-E59E1875B8AF}] StubPath = "C:\WINDOWS\System32\rundll32.exe" "C:\Programmi\Messenger\msgsc.dll",ShowIconsUser [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP  E /CALLER:WINNT /user /install[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\msmsgs.inf,BLC.Install.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = %SystemRoot%\system32\ie4uinit.exe -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry key not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Company name OK: 'Microsoft Corporation' - Original filename OK: 'REGEDIT.EXE' - File description: 'Editor del Registro di sistema' Registry check passed -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -------------------------------------------------- Enumerating Task Scheduler jobs: *No jobs found* -------------------------------------------------- Enumerating Download Program Files: [DirectAnimation Java Classes] CODEBASE = file://C:\WINDOWS\Java\classes\dajava.cab OSD = C:\WINDOWS\Downloaded Program Files\DirectAnimation Java Classes.osd [Microsoft XML Parser for Java] CODEBASE = file://C:\WINDOWS\Java\classes\xmldso.cab OSD = C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd [Update Class] InProcServer32 = C:\WINDOWS\System32\iuctl.dll CODEBASE = http://v4.windowsupdate.microsoft.co...670.4903240741 -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services Driver ACPI Microsoft: System32\DRIVERS\ACPI.sys (system) Eliminatore di eco acustico del kernel Microsoft: system32\drivers\aec.sys (manual start) Ambiente supporto di rete AFD: \SystemRoot\System32\drivers\afd.sys (autostart) Avvisi: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) Servizio Gateway di livello applicazione: %SystemRoot%\System32\alg.exe (manual start) Driver del processore AMD K7: System32\DRIVERS\amdk7.sys (system) Gestione applicazione: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Driver per supporti asincroni RAS: System32\DRIVERS\asyncmac.sys (manual start) Controller disco rigido IDE/ESDI standard: System32\DRIVERS\atapi.sys (system) Protocollo client ARP ATM: System32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Driver stub audio: System32\DRIVERS\audstub.sys (manual start) basic2: System32\DRIVERS\HSF_BSC2.sys (manual start) Servizio trasferimento intelligente in background: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Browser di computer: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Driver del CD-ROM: System32\DRIVERS\cdrom.sys (system) Servizio di indicizzazione: %SystemRoot%\system32\cisvc.exe (manual start) ClipBook: %SystemRoot%\system32\clipsrv.exe (manual start) Applicazione di sistema COM+: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Servizi di crittografia: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Client DHCP: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Driver del disco: System32\DRIVERS\disk.sys (system) Servizio amministrativo di Gestione disco logico: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) dmio: System32\drivers\dmio.sys (disabled) dmload: System32\drivers\dmload.sys (disabled) Gestione dischi logici: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Sintetizzatore DLS Microsoft Kernel: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) Decodificatore audio DRM del kernel Microsoft: system32\drivers\drmkaud.sys (manual start) Driver scheda Intel(R) PRO: System32\DRIVERS\e100b325.sys (manual start) EPSON Printer Status Agent2: C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe (autostart) Servizio di segnalazione errori: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Registro eventi: %SystemRoot%\system32\services.exe (autostart) Sistema di eventi COM+: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start) Fallback: System32\DRIVERS\HSF_FALL.sys (autostart) Compatibilità di Cambio rapido utente: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Driver controller disco floppy: System32\DRIVERS\fdc.sys (manual start) Driver disco floppy: System32\DRIVERS\flpydisk.sys (manual start) Fsks: System32\DRIVERS\HSF_FSKS.sys (autostart) Driver archiviazione volumi: System32\DRIVERS\ftdisk.sys (system) Enumeratore porta giochi: System32\DRIVERS\gameenum.sys (manual start) Utilità di classificazione pacchetti generica: System32\DRIVERS\msgpc.sys (manual start) Guida in linea e supporto tecnico: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Accesso periferica Human Interface: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) HSFHWBS2: System32\DRIVERS\HSFHWBS2.sys (manual start) HSF_DP: System32\DRIVERS\HSF_DP.sys (manual start) hsf_msft: System32\DRIVERS\HSF_MSFT.sys (manual start) Driver di porta mouse PS/2 e tastiera i8042: System32\DRIVERS\i8042prt.sys (system) Driver filtro masterizzazione CD: System32\DRIVERS\imapi.sys (system) Servizio COM di masterizzazione CD IMAPI: C:\WINDOWS\System32\imapi.exe (manual start) Driver filtro traffico IP: System32\DRIVERS\ipfltdrv.sys (manual start) Driver tunnel IP in IP: System32\DRIVERS\ipinip.sys (manual start) Traduttore indirizzi di rete IP: System32\DRIVERS\ipnat.sys (manual start) Driver IPSEC: System32\DRIVERS\ipsec.sys (system) Servizio enumeratore infrarossi: System32\DRIVERS\irenum.sys (manual start) Driver bus PnP ISA/EISA: System32\DRIVERS\isapnp.sys (system) K56: System32\DRIVERS\HSF_K56K.sys (autostart) Driver classe tastiera: System32\DRIVERS\kbdclass.sys (system) Mixer wave audio del kernel Microsoft: system32\drivers\kmixer.sys (manual start) Server: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Helper NetBIOS di TCP/IP: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) mdmxsdk: System32\DRIVERS\mdmxsdk.sys (autostart) Messenger: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Condivisione desktop remoto di NetMeeting: C:\WINDOWS\System32\mnmsrvc.exe (manual start) Periferica filtro flusso Unimodem: system32\drivers\MODEMCSA.sys (manual start) Driver classe mouse: System32\DRIVERS\mouclass.sys (system) Redirector del client WebDav: System32\DRIVERS\mrxdav.sys (manual start) MRXSMB: System32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\System32\msiexec.exe /V (manual start) Proxy di servizio di flusso Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy clock di flusso Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy di gestione qualità di flusso Microsoft: system32\drivers\MSPQM.sys (manual start) Driver Microsoft MPU-401 MIDI UART: system32\drivers\msmpu401.sys (manual start) Driver TAPI NDIS di accesso remoto: System32\DRIVERS\ndistapi.sys (manual start) Protocollo I/O modalità utente su NDIS: System32\DRIVERS\ndisuio.sys (manual start) Driver WAN NDIS di accesso remoto: System32\DRIVERS\ndiswan.sys (manual start) Interfaccia NetBIOS: System32\DRIVERS\netbios.sys (system) NetBios su Tcpip: System32\DRIVERS\netbt.sys (system) DDE di rete: %SystemRoot%\system32\netdde.exe (manual start) DDE DSDM di rete: %SystemRoot%\system32\netdde.exe (manual start) Accesso rete: %SystemRoot%\System32\lsass.exe (manual start) Connessioni di rete: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) NLA (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Provider supporto protezione LM NT: %SystemRoot%\System32\lsass.exe (manual start) Archivi rimovibili: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Driver filtro traffico IPX: System32\DRIVERS\nwlnkflt.sys (manual start) Driver inoltratore traffico IPX: System32\DRIVERS\nwlnkfwd.sys (manual start) Driver della porta parallela: System32\DRIVERS\parport.sys (manual start) PC-cillin PersonalFirewall: C:\Programmi\Trend Micro\PC-cillin 2002\PCCPFW.exe (autostart) PC-Cillin Personal Firewall: \SystemRoot\System32\Drivers\PCC_PFW.sys (autostart) PCI Bus Driver: System32\DRIVERS\pci.sys (system) PCIIde: System32\DRIVERS\pciide.sys (system) Plug and Play: %SystemRoot%\system32\services.exe (autostart) Servizi IPSEC: %SystemRoot%\System32\lsass.exe (autostart) WAN Miniport (PPTP): System32\DRIVERS\raspptp.sys (manual start) Archiviazione protetta: %SystemRoot%\system32\lsass.exe (autostart) Utilità di pianificazione pacchetti QoS: System32\DRIVERS\psched.sys (manual start) Driver Direct Parallel Link: System32\DRIVERS\ptilink.sys (manual start) Driver connessione automatica Accesso remoto: System32\DRIVERS\rasacd.sys (system) Auto Connection Manager di Accesso remoto: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) WAN Miniport (L2TP): System32\DRIVERS\rasl2tp.sys (manual start) Connection Manager di Accesso remoto: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Driver PPPOE di accesso remoto: System32\DRIVERS\raspppoe.sys (manual start) Direct Parallel: System32\DRIVERS\raspti.sys (manual start) Rdbss: System32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Gestione sessione di assistenza mediante desktop remoto: C:\WINDOWS\system32\sessmgr.exe (manual start) Driver filtro riproduzione CD-ROM audio digitale: System32\DRIVERS\redbook.sys (system) Routing e Accesso remoto: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Rksample: System32\DRIVERS\HSF_SAMP.sys (manual start) RPC Locator: %SystemRoot%\System32\locator.exe (manual start) RPC (Remote Procedure Call): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start) Gestione account di protezione (SAM): %SystemRoot%\system32\lsass.exe (autostart) Helper smart card: %SystemRoot%\System32\SCardSvr.exe (manual start) smart card: %SystemRoot%\System32\SCardSvr.exe (manual start) Utilità di pianificazione: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: System32\DRIVERS\secdrv.sys (manual start) Accesso secondario: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notifica eventi di sistema: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Driver filtro Serenum: System32\DRIVERS\serenum.sys (manual start) Driver della porta seriale: System32\DRIVERS\serial.sys (system) Firewall della connessione Internet (ICF) / Condivisione connessione Internet (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Rilevamento hardware shell: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) SiS300i: System32\DRIVERS\sis300ip.sys (manual start) SiS630: System32\DRIVERS\sis630p.sys (manual start) Service for SiS7018 Driver (WDM): system32\drivers\sis7018.sys (manual start) SiS AGP Filter: System32\DRIVERS\sisagp.sys (system) Sygate Personal Firewall: C:\Programmi\Sygate\SPF\Smc.exe (autostart) SoftFax: System32\DRIVERS\HSF_FAXX.sys (autostart) Frazionatore audio del kernel Microsoft: system32\drivers\splitter.sys (manual start) Spooler di stampa: %SystemRoot%\system32\spoolsv.exe (autostart) Driver filtro Ripristino configurazione di sistema: System32\DRIVERS\sr.sys (system) Servizio Ripristino configurazione di sistema: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Srv: System32\DRIVERS\srv.sys (manual start) Servizio di rilevamento SSDP: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Driver per fotocamera digitale seriale: System32\DRIVERS\serscan.sys (manual start) Acquisizione di immagini di Windows (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart) StreamDispatcher: System32\DRIVERS\strmdisp.sys (autostart) Driver bus software: System32\DRIVERS\swenum.sys (manual start) Sintetizzatore Wavetable GS kernel Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{9ED03422-D9CC-45AB-AE4C-327DD20C5FBC} (manual start) Periferica audio di sistema Microsoft Kernel: system32\drivers\sysaudio.sys (manual start) Avvisi e registri di prestazioni: %SystemRoot%\system32\smlogsvc.exe (manual start) Telefonia: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Driver protocollo TCP/IP: System32\DRIVERS\tcpip.sys (system) Teefer for NT: SYSTEM32\Drivers\Teefer.sys (system) Driver della periferica terminale: System32\DRIVERS\termdd.sys (system) Servizi terminal: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Temi: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Tmfilter: System32\drivers\TmXPFlt.sys (autostart) Trend NT Realtime Service: "C:\Programmi\Trend Micro\PC-cillin 2002\Tmntsrv.exe" (autostart) Tmpreflt: System32\drivers\Tmpreflt.sys (autostart) Tones: System32\DRIVERS\HSF_TONE.sys (autostart) Manutenzione collegamenti distribuiti client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Driver aggiornamento microcodice: System32\DRIVERS\update.sys (manual start) Upload Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Host di periferiche Plug and Play universali: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Gruppo di continuità: %SystemRoot%\System32\ups.exe (manual start) Hub abilitato USB2: System32\DRIVERS\usbhub.sys (manual start) Driver miniport per controller open host USB Microsoft: System32\DRIVERS\usbohci.sys (manual start) Driver archiviazione di massa USB: System32\DRIVERS\USBSTOR.SYS (manual start) V124: System32\DRIVERS\HSF_V124.sys (autostart) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) Vsapint: System32\drivers\Vsapint.sys (autostart) Copia replicata del volume: %SystemRoot%\System32\vssvc.exe (manual start) Ora di Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Driver ARP IP di accesso remoto: System32\DRIVERS\wanarp.sys (manual start) Driver di compatibilità audio Microsoft WINMM WDM: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) SyGate for NT, wg3n: \SystemRoot\SYSTEM32\Drivers\wg3n.sys (autostart) winachsf: System32\DRIVERS\HSF_CNXT.sys (manual start) Strumentazione gestione Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Numero di serie del supporto portatile: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Scheda WMI Performance: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start) wpsdrvnt: \??\C:\WINDOWS\System32\drivers\wpsdrvnt.sys (system) Aggiornamenti automatici: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Zero Configuration reti senza fili: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: *Registry value not found* -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\System32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll -------------------------------------------------- End of report, 29.949 bytes Report generated in 0,951 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only |
|
|
|
|
23-05-2004, 20:16
|
#6 |
|
Senior Member
Iscritto dal: Mar 2004
Città: * * * *
Messaggi: 2320
|
Wow...cacchio adesso lo conosco a memoria il tuo computer!!!!
Sembra tutto in reola...tranne qualcosa...controllo e ti dico....
__________________
Là, dove tutti fuggono terrorizzati, loro vanno.Chi sono?
|
|
|
|
|
23-05-2004, 20:39
|
#7 |
|
Member
Iscritto dal: Jan 2002
Città: Reggio Emilia
Messaggi: 246
|
se se non è mica il mio il pc sennò non ti facevo vedere tutto
|
|
|
|
|
23-05-2004, 20:40
|
#8 | |
|
Senior Member
Iscritto dal: Mar 2004
Città: * * * *
Messaggi: 2320
|
Quote:
__________________
Là, dove tutti fuggono terrorizzati, loro vanno.Chi sono?
|
|
|
|
|
|
23-05-2004, 20:47
|
#9 |
|
Member
Iscritto dal: Jan 2002
Città: Reggio Emilia
Messaggi: 246
|
mah il tuo avatar non dice nulla di buono
 
|
|
|
|
|
23-05-2004, 20:57
|
#10 | |
|
Senior Member
Iscritto dal: Mar 2004
Città: Rimini
Messaggi: 10296
|
Quote:
Già... non hai mica l'aria di chiamarti Annalisa!  /OT]
__________________
sometimes they come back *** Life Happens! - (Professionista I.T. - Tecnico Telecomunicazioni) Latitude E6420 I7 2760QM SSD Crucial M4-512GB --- Tecra R840 I5 2520M SSD Samsung 830-256GB --- Macbook Pro 13,3" I5 2435M SSD Samsung 830-256GB |
|
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 16:52.
