Ho bisogno di un analisi

The_Nightmare · 09-11-2004, 19:24

non e che potreste analizzarmi questo log di hijack? ho un mega problema perchè non mi va piu niente....

Logfile of HijackThis v1.97.7
Scan saved at 20.23.28, on 09/11/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\timeupdate.exe
C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe
C:\Programmi\Stardock\ObjectDock\ObjectDock.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\taskmgr.exe
C:\WINDOWS\System32\dumprep.exe
C:\WINDOWS\System32\dwwin.exe
C:\Documents and Settings\The_Nightmare\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\utxbu.exe
O4 - HKLM\..\Run: [Windows Registry Scan] timeupdate.exe
O4 - HKLM\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\Run: [Win32 USB Driver] mvsecn.exe
O4 - HKLM\..\Run: [system manager] system.exe
O4 - HKLM\..\Run: [autoupdate] winsvc.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Data Machine] csdata32.exe
O4 - HKLM\..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\RunServices: [Starting up] wvsvc.exe
O4 - HKLM\..\RunServices: [Windows Registry Scan] timeupdate.exe
O4 - HKLM\..\RunServices: [CRC Value Verifier] crsss32.exe
O4 - HKLM\..\RunServices: [Microsoft Data Machine] csdata32.exe
O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\RunServices: [Win32 USB Driver] mvsecn.exe
O4 - HKLM\..\RunServices: [system manager] system.exe
O4 - HKLM\..\RunServices: [autoupdate] winsvc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Starting up] wvsvc.exe
O4 - HKCU\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKCU\..\Run: [Win32 USB Driver] mvsecn.exe
O4 - HKCU\..\Run: [system manager] system.exe
O4 - HKCU\..\Run: [autoupdate] winsvc.exe
O4 - HKCU\..\Run: [Microsoft Data Machine] csdata32.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Programmi\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: DSLMON.lnk = C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/gamdr-it/itd/games3.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1

wgator · 09-11-2004, 20:23

Ciao,

hai un casino di schifezze

Ce la fai a dare una pulita preventiva con la versione trial di spysweeper poi fai un nuovo log con l'ultima versionehijackthis

The_Nightmare · 09-11-2004, 21:58

fatta la scansione e questo e il log con il nuovo Hijack

Logfile of HijackThis v1.98.2
Scan saved at 22.58.27, on 09/11/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\timeupdate.exe
C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe
C:\Programmi\Stardock\ObjectDock\ObjectDock.exe
G:\eMule\emule.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\The_Nightmare\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\utxbu.exe
O4 - HKLM\..\Run: [Windows Registry Scan] timeupdate.exe
O4 - HKLM\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\Run: [Win32 USB Driver] mvsecn.exe
O4 - HKLM\..\Run: [system manager] system.exe
O4 - HKLM\..\Run: [autoupdate] winsvc.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Data Machine] csdata32.exe
O4 - HKLM\..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\RunServices: [Starting up] wvsvc.exe
O4 - HKLM\..\RunServices: [Windows Registry Scan] timeupdate.exe
O4 - HKLM\..\RunServices: [CRC Value Verifier] crsss32.exe
O4 - HKLM\..\RunServices: [Microsoft Data Machine] csdata32.exe
O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\RunServices: [Win32 USB Driver] mvsecn.exe
O4 - HKLM\..\RunServices: [system manager] system.exe
O4 - HKLM\..\RunServices: [autoupdate] winsvc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Starting up] wvsvc.exe
O4 - HKCU\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKCU\..\Run: [Win32 USB Driver] mvsecn.exe
O4 - HKCU\..\Run: [system manager] system.exe
O4 - HKCU\..\Run: [autoupdate] winsvc.exe
O4 - HKCU\..\Run: [Microsoft Data Machine] csdata32.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Startup: Stardock ObjectDock.lnk = C:\Programmi\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: DSLMON.lnk = C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/gamdr-it/itd/games3.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1

wgator · 09-11-2004, 22:25

Ciao,

ehmm... ce n'è di robaccia...

dopo aver svuotato le cartelle temporanee, i temp di internet e disattivato il system restore dovresti fissare tutte le voci qua sotto. Meglio se attivi la visualizzazione di file e cartelle nascoste e da modalità provvisoria cancelli a mano tutti gli eseguibili che compaiono in questa lista

R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\utxbu.exe
O4 - HKLM\..\Run: [Windows Registry Scan] timeupdate.exe
O4 - HKLM\..\Run: [Win32 USB Driver] mvsecn.exe
O4 - HKLM\..\Run: [system manager] system.exe
O4 - HKLM\..\Run: [autoupdate] winsvc.exe
O4 - HKLM\..\Run: [Microsoft Data Machine] csdata32.exe
O4 - HKLM\..\RunServices: [Starting up] wvsvc.exe
O4 - HKLM\..\RunServices: [Windows Registry Scan] timeupdate.exe
O4 - HKLM\..\RunServices: [Microsoft Data Machine] csdata32.exe
O4 - HKLM\..\RunServices: [Win32 USB Driver] mvsecn.exe
O4 - HKLM\..\RunServices: [system manager] system.exe
O4 - HKLM\..\RunServices: [autoupdate] winsvc.exe
O4 - HKCU\..\Run: [Starting up] wvsvc.exe
O4 - HKCU\..\Run: [Win32 USB Driver] mvsecn.exe
O4 - HKCU\..\Run: [system manager] system.exe
O4 - HKCU\..\Run: [autoupdate] winsvc.exe
O4 - HKCU\..\Run: [Microsoft Data Machine] csdata32.exe
O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/gamdr-it/itd/games3.cab

Dato che c'è un casino infernale, quando hai fatto posta un altro log, può darsi che mi sia sfuggito qualcosa

The_Nightmare · 10-11-2004, 05:53

Fatto....va meglio???

Logfile of HijackThis v1.98.2
Scan saved at 6.53.15, on 10/11/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\timeupdate.exe
C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe
C:\Programmi\Stardock\ObjectDock\ObjectDock.exe
G:\eMule\emule.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\The_Nightmare\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\RunServices: [CRC Value Verifier] crsss32.exe
O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Startup: Stardock ObjectDock.lnk = C:\Programmi\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: DSLMON.lnk = C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1

wgator · 10-11-2004, 07:22

Ciao,

va molto meglio. Devi soltanto cercare quello spyware: C:\WINDOWS\System32\timeupdate.exe ed eliminarlo.
Cè poi un rimasuglio da fissare:
R3 - Default URLSearchHook is missing

The_Nightmare · 10-11-2004, 13:12

fatto...se ho problemi in questi giorni ti sapro dire.....

The_Nightmare · 10-11-2004, 19:19

Logfile of HijackThis v1.98.2
Scan saved at 20.19.19, on 10/11/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe
C:\Programmi\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\System32\wuauclt.exe
G:\eMule\emule.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\The_Nightmare\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\RunServices: [CRC Value Verifier] crsss32.exe
O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Startup: Stardock ObjectDock.lnk = C:\Programmi\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1

c'e un piccolo problema....se non uso il firewall dopo un po il pc si blocca

wgator · 10-11-2004, 21:23

Quote:

c'e un piccolo problema....se non uso il firewall dopo un po il pc si blocca

Ciao,

il log è ancora a posto. Se disattivi il firewall... è normale che ti inguai. Se viaggi senza un firewall attivo ti riempi ancora di schifezze.

C'è una ragione particolare per cui lo togli? Forse col firewall non ti funzionano i PHP?

The_Nightmare · 11-11-2004, 13:43

No...sicome gioco a Vietcong in rete lo devo togliere o ho il ping che passa da 72 a 240...

09-11-2004, 19:24	#1
The_Nightmare Senior Member Iscritto dal: Apr 2004 Città: Selvazzano Messaggi: 472	Ho bisogno di un analisi non e che potreste analizzarmi questo log di hijack? ho un mega problema perchè non mi va piu niente.... Logfile of HijackThis v1.97.7 Scan saved at 20.23.28, on 09/11/2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\WINDOWS\System32\timeupdate.exe C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe C:\WINDOWS\System32\ctfmon.exe C:\Programmi\MSN Messenger\MsnMsgr.Exe C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\WINDOWS\twain_32\S6U12BX\WATCH.exe C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe C:\Programmi\Stardock\ObjectDock\ObjectDock.exe C:\Programmi\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\taskmgr.exe C:\WINDOWS\System32\dumprep.exe C:\WINDOWS\System32\dwwin.exe C:\Documents and Settings\The_Nightmare\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\utxbu.exe O4 - HKLM\..\Run: [Windows Registry Scan] timeupdate.exe O4 - HKLM\..\Run: [Microsoft Support Service] svcmgt.exe O4 - HKLM\..\Run: [Win32 USB Driver] mvsecn.exe O4 - HKLM\..\Run: [system manager] system.exe O4 - HKLM\..\Run: [autoupdate] winsvc.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Microsoft Data Machine] csdata32.exe O4 - HKLM\..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\RunServices: [Starting up] wvsvc.exe O4 - HKLM\..\RunServices: [Windows Registry Scan] timeupdate.exe O4 - HKLM\..\RunServices: [CRC Value Verifier] crsss32.exe O4 - HKLM\..\RunServices: [Microsoft Data Machine] csdata32.exe O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe O4 - HKLM\..\RunServices: [Win32 USB Driver] mvsecn.exe O4 - HKLM\..\RunServices: [system manager] system.exe O4 - HKLM\..\RunServices: [autoupdate] winsvc.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Starting up] wvsvc.exe O4 - HKCU\..\Run: [Microsoft Support Service] svcmgt.exe O4 - HKCU\..\Run: [Win32 USB Driver] mvsecn.exe O4 - HKCU\..\Run: [system manager] system.exe O4 - HKCU\..\Run: [autoupdate] winsvc.exe O4 - HKCU\..\Run: [Microsoft Data Machine] csdata32.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Programmi\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: DSLMON.lnk = C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\S6U12BX\WATCH.exe O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/gamdr-it/itd/games3.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1 __________________ CPU- Pentium 4 2.666 Mhz Northwood - MB - Asus P4P800-X - RAM- DDR 512 - HD - Quantum Fireball 30GB / Maxtor 6Y080L0 80GB - GPU- Radeon 9800PRO - Windows XP Professional.::IL MIO MOD::.

09-11-2004, 20:23	#2
wgator Senior Member Iscritto dal: Mar 2004 Città: Rimini Messaggi: 10296	Ciao, hai un casino di schifezze Ce la fai a dare una pulita preventiva con la versione trial di spysweeper poi fai un nuovo log con l'ultima versionehijackthis __________________ sometimes they come back * Life Happens! - (Professionista I.T. - Tecnico Telecomunicazioni) Latitude E6420 I7 2760QM SSD Crucial M4-512GB --- Tecra R840 I5 2520M SSD Samsung 830-256GB --- Macbook Pro 13,3"** I5 2435M SSD Samsung 830-256GB

09-11-2004, 21:58	#3
The_Nightmare Senior Member Iscritto dal: Apr 2004 Città: Selvazzano Messaggi: 472	fatta la scansione e questo e il log con il nuovo Hijack Logfile of HijackThis v1.98.2 Scan saved at 22.58.27, on 09/11/2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\WINDOWS\System32\timeupdate.exe C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe C:\WINDOWS\System32\ctfmon.exe C:\Programmi\MSN Messenger\MsnMsgr.Exe C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\WINDOWS\twain_32\S6U12BX\WATCH.exe C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe C:\Programmi\Stardock\ObjectDock\ObjectDock.exe G:\eMule\emule.exe C:\Programmi\Mozilla Firefox\firefox.exe C:\Documents and Settings\The_Nightmare\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - Default URLSearchHook is missing O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\utxbu.exe O4 - HKLM\..\Run: [Windows Registry Scan] timeupdate.exe O4 - HKLM\..\Run: [Microsoft Support Service] svcmgt.exe O4 - HKLM\..\Run: [Win32 USB Driver] mvsecn.exe O4 - HKLM\..\Run: [system manager] system.exe O4 - HKLM\..\Run: [autoupdate] winsvc.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Microsoft Data Machine] csdata32.exe O4 - HKLM\..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\RunServices: [Starting up] wvsvc.exe O4 - HKLM\..\RunServices: [Windows Registry Scan] timeupdate.exe O4 - HKLM\..\RunServices: [CRC Value Verifier] crsss32.exe O4 - HKLM\..\RunServices: [Microsoft Data Machine] csdata32.exe O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe O4 - HKLM\..\RunServices: [Win32 USB Driver] mvsecn.exe O4 - HKLM\..\RunServices: [system manager] system.exe O4 - HKLM\..\RunServices: [autoupdate] winsvc.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Starting up] wvsvc.exe O4 - HKCU\..\Run: [Microsoft Support Service] svcmgt.exe O4 - HKCU\..\Run: [Win32 USB Driver] mvsecn.exe O4 - HKCU\..\Run: [system manager] system.exe O4 - HKCU\..\Run: [autoupdate] winsvc.exe O4 - HKCU\..\Run: [Microsoft Data Machine] csdata32.exe O4 - HKCU\..\Run: [SpySweeper] "C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe" /0 O4 - Startup: Stardock ObjectDock.lnk = C:\Programmi\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: DSLMON.lnk = C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\S6U12BX\WATCH.exe O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/gamdr-it/itd/games3.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1 __________________ CPU- Pentium 4 2.666 Mhz Northwood - MB - Asus P4P800-X - RAM- DDR 512 - HD - Quantum Fireball 30GB / Maxtor 6Y080L0 80GB - GPU- Radeon 9800PRO - Windows XP Professional.::IL MIO MOD::.

09-11-2004, 22:25	#4
wgator Senior Member Iscritto dal: Mar 2004 Città: Rimini Messaggi: 10296	Ciao, ehmm... ce n'è di robaccia... dopo aver svuotato le cartelle temporanee, i temp di internet e disattivato il system restore dovresti fissare tutte le voci qua sotto. Meglio se attivi la visualizzazione di file e cartelle nascoste e da modalità provvisoria cancelli a mano tutti gli eseguibili che compaiono in questa lista R3 - Default URLSearchHook is missing O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\utxbu.exe O4 - HKLM\..\Run: [Windows Registry Scan] timeupdate.exe O4 - HKLM\..\Run: [Win32 USB Driver] mvsecn.exe O4 - HKLM\..\Run: [system manager] system.exe O4 - HKLM\..\Run: [autoupdate] winsvc.exe O4 - HKLM\..\Run: [Microsoft Data Machine] csdata32.exe O4 - HKLM\..\RunServices: [Starting up] wvsvc.exe O4 - HKLM\..\RunServices: [Windows Registry Scan] timeupdate.exe O4 - HKLM\..\RunServices: [Microsoft Data Machine] csdata32.exe O4 - HKLM\..\RunServices: [Win32 USB Driver] mvsecn.exe O4 - HKLM\..\RunServices: [system manager] system.exe O4 - HKLM\..\RunServices: [autoupdate] winsvc.exe O4 - HKCU\..\Run: [Starting up] wvsvc.exe O4 - HKCU\..\Run: [Win32 USB Driver] mvsecn.exe O4 - HKCU\..\Run: [system manager] system.exe O4 - HKCU\..\Run: [autoupdate] winsvc.exe O4 - HKCU\..\Run: [Microsoft Data Machine] csdata32.exe O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\S6U12BX\WATCH.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/gamdr-it/itd/games3.cab Dato che c'è un casino infernale, quando hai fatto posta un altro log, può darsi che mi sia sfuggito qualcosa __________________ sometimes they come back * Life Happens! - (Professionista I.T. - Tecnico Telecomunicazioni) Latitude E6420 I7 2760QM SSD Crucial M4-512GB --- Tecra R840 I5 2520M SSD Samsung 830-256GB --- Macbook Pro 13,3"** I5 2435M SSD Samsung 830-256GB

10-11-2004, 05:53	#5
The_Nightmare Senior Member Iscritto dal: Apr 2004 Città: Selvazzano Messaggi: 472	Fatto....va meglio??? Logfile of HijackThis v1.98.2 Scan saved at 6.53.15, on 10/11/2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\WINDOWS\System32\timeupdate.exe C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe C:\WINDOWS\System32\ctfmon.exe C:\Programmi\MSN Messenger\MsnMsgr.Exe C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\WINDOWS\twain_32\S6U12BX\WATCH.exe C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe C:\Programmi\Stardock\ObjectDock\ObjectDock.exe G:\eMule\emule.exe C:\WINDOWS\System32\wuauclt.exe C:\Programmi\Mozilla Firefox\firefox.exe C:\Documents and Settings\The_Nightmare\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - Default URLSearchHook is missing O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Microsoft Support Service] svcmgt.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\RunServices: [CRC Value Verifier] crsss32.exe O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Microsoft Support Service] svcmgt.exe O4 - HKCU\..\Run: [SpySweeper] "C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe" /0 O4 - Startup: Stardock ObjectDock.lnk = C:\Programmi\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: DSLMON.lnk = C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1 __________________ CPU- Pentium 4 2.666 Mhz Northwood - MB - Asus P4P800-X - RAM- DDR 512 - HD - Quantum Fireball 30GB / Maxtor 6Y080L0 80GB - GPU- Radeon 9800PRO - Windows XP Professional.::IL MIO MOD::.

10-11-2004, 07:22	#6
wgator Senior Member Iscritto dal: Mar 2004 Città: Rimini Messaggi: 10296	Ciao, va molto meglio. Devi soltanto cercare quello spyware: C:\WINDOWS\System32\timeupdate.exe ed eliminarlo. Cè poi un rimasuglio da fissare: R3 - Default URLSearchHook is missing __________________ sometimes they come back * Life Happens! - (Professionista I.T. - Tecnico Telecomunicazioni) Latitude E6420 I7 2760QM SSD Crucial M4-512GB --- Tecra R840 I5 2520M SSD Samsung 830-256GB --- Macbook Pro 13,3"** I5 2435M SSD Samsung 830-256GB

10-11-2004, 13:12	#7
The_Nightmare Senior Member Iscritto dal: Apr 2004 Città: Selvazzano Messaggi: 472	fatto...se ho problemi in questi giorni ti sapro dire..... __________________ CPU- Pentium 4 2.666 Mhz Northwood - MB - Asus P4P800-X - RAM- DDR 512 - HD - Quantum Fireball 30GB / Maxtor 6Y080L0 80GB - GPU- Radeon 9800PRO - Windows XP Professional.::IL MIO MOD::.

10-11-2004, 19:19	#8
The_Nightmare Senior Member Iscritto dal: Apr 2004 Città: Selvazzano Messaggi: 472	Logfile of HijackThis v1.98.2 Scan saved at 20.19.19, on 10/11/2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programmi\File comuni\Symantec Shared\ccApp.exe C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe C:\WINDOWS\System32\ctfmon.exe C:\Programmi\MSN Messenger\MsnMsgr.Exe C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe C:\Programmi\Stardock\ObjectDock\ObjectDock.exe C:\WINDOWS\System32\wuauclt.exe G:\eMule\emule.exe C:\Programmi\Mozilla Firefox\firefox.exe C:\Documents and Settings\The_Nightmare\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Microsoft Support Service] svcmgt.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\RunServices: [CRC Value Verifier] crsss32.exe O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Microsoft Support Service] svcmgt.exe O4 - HKCU\..\Run: [SpySweeper] "C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe" /0 O4 - Startup: Stardock ObjectDock.lnk = C:\Programmi\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: DSLMON.lnk = C:\Programmi\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Programmi\Zone Labs\ZoneAlarm\zapro.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{067D11DA-02B7-4969-8B81-8203D72C9CF6}: NameServer = 80.18.114.155 151.99.125.1 c'e un piccolo problema....se non uso il firewall dopo un po il pc si blocca __________________ CPU- Pentium 4 2.666 Mhz Northwood - MB - Asus P4P800-X - RAM- DDR 512 - HD - Quantum Fireball 30GB / Maxtor 6Y080L0 80GB - GPU- Radeon 9800PRO - Windows XP Professional.::IL MIO MOD::.

11-11-2004, 13:43	#10
The_Nightmare Senior Member Iscritto dal: Apr 2004 Città: Selvazzano Messaggi: 472	No...sicome gioco a Vietcong in rete lo devo togliere o ho il ping che passa da 72 a 240... __________________ CPU- Pentium 4 2.666 Mhz Northwood - MB - Asus P4P800-X - RAM- DDR 512 - HD - Quantum Fireball 30GB / Maxtor 6Y080L0 80GB - GPU- Radeon 9800PRO - Windows XP Professional.::IL MIO MOD::.

Strumenti
Mostra una versione stampabile Invia questa pagina per email