|
| HOMEPAGE | INDICE FORUM | REGOLAMENTO | ::. | NEI PREFERITI | .:: | RSS Forum | RSS News | NEWS web | NEWS software | |
| PUBBLICITA' | | | ARTICOLI | WIN XP | VISTA | WIN 7 | REGISTRI | SOFTWARE | MANUALI | RECENSIONI | LINUX | HUMOR | HARDWARE | DOWNLOAD | | | CERCA nel FORUM » | |
06-10-2007, 13.44.17 | #1 |
Junior Member
Registrato: 07-07-2007
Messaggi: 134
|
Windows security alert
|
06-10-2007, 13.50.47 | #2 |
Gold Member
Top Poster
Registrato: 20-08-2002
Loc.: Mestre
Messaggi: 3.563
|
Prova con degli antispyware più potenti come A2 squared o superantispyware.
Intanto posta un log della scansione di hijackthis. Hai provato a cambiare l'immagine di sfondo del desktop?
___________________________________
Solo gli operai sanno quanto vale il tempo; se lo fanno sempre pagare. |
06-10-2007, 14.03.10 | #3 | |
Junior Member
Registrato: 07-07-2007
Messaggi: 134
|
Quota:
Ultima modifica di imothep : 06-10-2007 alle ore 14.50.54 |
|
06-10-2007, 15.30.04 | #4 |
Newbie
Registrato: 20-09-2007
Messaggi: 22
|
direttamente dal nostro sito A2 squred è pure italiano
|
06-10-2007, 16.15.19 | #5 | |
Junior Member
Registrato: 07-07-2007
Messaggi: 134
|
Risposta
Quota:
|
|
06-10-2007, 16.21.10 | #6 | |
Gold Member
Top Poster
Registrato: 20-08-2002
Loc.: Mestre
Messaggi: 3.563
|
Quota:
A2 squared http://download5.emsisoft.com/a2FreeSetup.exe Lanci la scansione, alla fine ti da la possibilità di salvarla in un file di log, basta che copi tutto il testo di questo file qui nella discussione. http://www.trendsecure.com/portal/en...ols/hijackthis
___________________________________
Solo gli operai sanno quanto vale il tempo; se lo fanno sempre pagare. |
|
06-10-2007, 16.30.47 | #7 | |
Junior Member
Registrato: 07-07-2007
Messaggi: 134
|
Quota:
|
|
06-10-2007, 16.33.19 | #8 | |
Junior Member
Registrato: 07-07-2007
Messaggi: 134
|
risultato
Quota:
Scan saved at 15.31.25, on 06/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Programmi\cFosSpeed\spd.exe C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\spoolw.exe C:\WINDOWS\system32\igfxsvc.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Programmi\cFosSpeed\cFosSpeed.exe C:\DOCUME~1\micro\IMPOST~1\Temp\zzhdra.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe C:\WINDOWS\system32\spoolw.exe C:\WINDOWS\system32\igfxsvc.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\Programmi\MSN Messenger\usnsvc.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\eMule\emule.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmi\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [cFosSpeed] C:\Programmi\cFosSpeed\cFosSpeed.exe O4 - HKLM\..\Run: [zzhdra.exe] C:\DOCUME~1\micro\IMPOST~1\Temp\bak\zzhdra.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [spoolw] C:\WINDOWS\system32\spoolw.exe O4 - HKCU\..\Run: [igfxsvc] C:\WINDOWS\system32\igfxsvc.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: byjor.exe O4 - Startup: imfe.exe O4 - Startup: jfl.exe O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O4 - Startup: yrbi.exe O4 - Startup: zavcel.exe O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1 O8 - Extra context menu item: Aggiungi all'elenco di stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Anteprima Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Stampa ad alta velocità Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing) O15 - Trusted Zone: *.doginhispen.com O15 - Trusted Zone: *.whataboutadog.com O17 - HKLM\System\CCS\Services\Tcpip\..\{13EBA7DC-E7FF-4D0B-BCD1-6AE170FCFA81}: NameServer = 85.37.17.9 85.38.28.75 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\sulimo.dat O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Programmi\cFosSpeed\spd.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe O23 - Service: ServiceLayer ServiceLayerVSS (ServiceLayerVSS) - Unknown owner - C:\WINDOWS\system32\3com_dmib.exe -- End of file - 7341 bytes |
|
06-10-2007, 16.41.40 | #9 |
Gold Member
Top Poster
Registrato: 20-08-2002
Loc.: Mestre
Messaggi: 3.563
|
Hai una buona dose di problemi.
Scaricati questo http://www.mediafire.com/?0d22zx3wvyg lo estrai in una cartella qualsiasi e lanci il file rimuovi.cmd Se nel mentre hai riavviato il pc, potresti aver perso il desktop, premi ctrl alt canc per aprire il task manager e da file Nuova operazione vai a lanciare il file che ti ho detto. Scaricati questo http://noahdfear.geekstogo.com/FindAWF.exe lo lanci e ti esce fuori un report che copi e incolli anche questo qui nella discussione. scaricati questo http://swandog46.geekstogo.com/avenger.zip e tienilo da parte, ti servirà per la prossima fase, dopo che mi avrai dato il secondo log.
___________________________________
Solo gli operai sanno quanto vale il tempo; se lo fanno sempre pagare. |
06-10-2007, 16.57.44 | #10 | |
Junior Member
Registrato: 07-07-2007
Messaggi: 134
|
Quota:
Find AWF report by noahdfear ©2006 Version 1.40 bak folders found ~~~~~~~~~~~ Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 6412-9D54 Directory di C:\PROGRA~1\CFOSSP~1\BAK 0 File 0 byte 2 Directory 95.676.100.608 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 6412-9D54 Directory di C:\WINDOWS\SYSTEM32\BAK 30/08/2004 22.00 15.360 ctfmon.exe 1 File 15.360 byte 2 Directory 95.676.100.608 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 6412-9D54 Directory di C:\PROGRA~1\GRISOFT\AVG7\BAK 15/09/2007 14.23 421.888 avgcc.exe 1 File 421.888 byte 2 Directory 95.676.096.512 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 6412-9D54 Directory di C:\PROGRA~1\NOKIA\NOKIAP~1\BAK 18/06/2007 15.10 271.360 LaunchApplication.exe 1 File 271.360 byte 2 Directory 95.676.096.512 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 6412-9D54 Directory di C:\DOCUME~1\MICRO\IMPOST~1\TEMP\BAK 30/08/2004 22.00 63.488 zzhdra.exe 1 File 63.488 byte 2 Directory 95.676.096.512 byte disponibili Duplicate files of bak directory contents ~~~~~~~~~~~~~~~~~~~~~~~ 15360 30 Aug 2004 "C:\WINDOWS\system32\ctfmon.exe" 15360 30 Aug 2004 "C:\WINDOWS\system32\bak\ctfmon.exe" 416256 6 Oct 2007 "C:\Programmi\Grisoft\AVG7\avgcc.exe" 421888 15 Sep 2007 "C:\Programmi\Grisoft\AVG7\bak\avgcc.exe" 24592 29 Sep 2007 "C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe" 271360 18 Jun 2007 "C:\Programmi\Nokia\Nokia PC Suite 6\bak\LaunchApplication.exe" 24592 29 Sep 2007 "C:\Documents and Settings\micro\Impostazioni locali\Temp\zzhdra.exe" 63488 30 Aug 2004 "C:\Documents and Settings\micro\Impostazioni locali\Temp\bak\zzhdra.exe" end of report |
|
06-10-2007, 17.13.15 | #11 |
Gold Member
Top Poster
Registrato: 20-08-2002
Loc.: Mestre
Messaggi: 3.563
|
Crei un file .txt, con un nome qualsiasi e ci copi dentro il testo in rosso che trovi qui stto, poi utilizzando The avenger, selezioni load script from file e scegli il file txt poi premi il semaforo.
Dopo il riavvio ti esce un file di report che copi e incolli qui. Files to delete: C:\WINDOWS\system32\spoolw.exe C:\WINDOWS\system32\igfxsvc.exe C:\Documents and Settings\micro\Impostazioni locali\Temp\zzhdra.exe C:\Documents and Settings\micro\Impostazioni locali\Temp\bak\zzhdra.exe C:\WINDOWS\system32\WinAvXX.exe C:\WINDOWS\system32\sulimo.dat C:\WINDOWS\system32\3com_dmib.exe Files to move: C:\WINDOWS\system32\bak\ctfmon.exe | C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Grisoft\AVG7\bak\avgcc.exe | C:\Programmi\Grisoft\AVG7\avgcc.exe C:\Programmi\Nokia\Nokia PC Suite 6\bak\LaunchApplication.exe | C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe Cerca questi file nel tuo pc ed eliminali tutti, non si capisce dove siano, usa il Cerca di windows O4 - Startup: imfe.exe O4 - Startup: byjor.exe O4 - Startup: jfl.exe O4 - Startup: yrbi.exe O4 - Startup: zavcel.exe Rifai la scansione con hijackthis, selezioni le caselle di queste righe e premi fix checked per eliminarle. O4 - HKLM\..\Run: [zzhdra.exe] C:\DOCUME~1\micro\IMPOST~1\Temp\bak\zzhdra.exe O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe O4 - HKCU\..\Run: [spoolw] C:\WINDOWS\system32\spoolw.exe O4 - HKCU\..\Run: [igfxsvc] C:\WINDOWS\system32\igfxsvc.exe 04 - Startup: byjor.exe O4 - Startup: imfe.exe O4 - Startup: jfl.exe O4 - Startup: yrbi.exe O4 - Startup: zavcel.exe O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1 O15 - Trusted Zone: *.doginhispen.com O15 - Trusted Zone: *.whataboutadog.com O20 - AppInit_DLLs: C:\WINDOWS\system32\sulimo.dat visto il "successo" di avg che ha lasciato passare di tutto e di più, ti consiglio di passare ad antivir pe.
___________________________________
Solo gli operai sanno quanto vale il tempo; se lo fanno sempre pagare. |
06-10-2007, 17.45.02 | #12 | |
Junior Member
Registrato: 07-07-2007
Messaggi: 134
|
Quota:
Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Service s\uwqoehkb ******************* Script file located at: \??\C:\WINDOWS\iabvjtnd.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\WINDOWS\system32\spoolw.exe not found! Deletion of file C:\WINDOWS\system32\spoolw.exe failed! Could not process line: C:\WINDOWS\system32\spoolw.exe Status: 0xc0000034 File C:\WINDOWS\system32\igfxsvc.exe not found! Deletion of file C:\WINDOWS\system32\igfxsvc.exe failed! Could not process line: C:\WINDOWS\system32\igfxsvc.exe Status: 0xc0000034 File C:\Documents and Settings\micro\Impostazioni locali\Temp\zzhdra.exe deleted successfully. File C:\Documents and Settings\micro\Impostazioni locali\Temp\bak\zzhdra.exe deleted successfully. File C:\WINDOWS\system32\WinAvXX.exe not found! Deletion of file C:\WINDOWS\system32\WinAvXX.exe failed! Could not process line: C:\WINDOWS\system32\WinAvXX.exe Status: 0xc0000034 File C:\WINDOWS\system32\sulimo.dat not found! Deletion of file C:\WINDOWS\system32\sulimo.dat failed! Could not process line: C:\WINDOWS\system32\sulimo.dat Status: 0xc0000034 File C:\WINDOWS\system32\3com_dmib.exe deleted successfully. File move operation C:\WINDOWS\system32\bak\ctfmon.exe|C:\WINDOWS\syst em32\ctfmon.exe completed successfully. File move operation C:\Programmi\Grisoft\AVG7\bak\avgcc.exe|C:\Program mi\Grisoft\AVG7\avgcc.exe completed successfully. File move operation C:\Programmi\Nokia\Nokia PC Suite 6\bak\LaunchApplication.exe|C:\Programmi\Nokia\Nok ia PC Suite 6\LaunchApplication.exe completed successfully. Completed script processing. ******************* Finished! Terminate. |
|
06-10-2007, 18.13.49 | #13 |
Gold Member
Top Poster
Registrato: 20-08-2002
Loc.: Mestre
Messaggi: 3.563
|
Fai la scansione con A2 squared e poi riposta un log di hijackthis.
___________________________________
Solo gli operai sanno quanto vale il tempo; se lo fanno sempre pagare. |
06-10-2007, 18.46.11 | #14 | |
Junior Member
Registrato: 07-07-2007
Messaggi: 134
|
Quota:
Scan saved at 17.41.18, on 06/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Programmi\cFosSpeed\spd.exe C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Programmi\cFosSpeed\cFosSpeed.exe C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe C:\WINDOWS\system32\spoolw.exe C:\WINDOWS\system32\igfxsvc.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\WINDOWS\system32\wscntfy.exe C:\Programmi\PC Connectivity Solution\ServiceLayer.exe C:\Programmi\TritaFile\TritaFile.exe C:\Programmi\a-squared Free\a2service.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\Programmi\MSN Messenger\usnsvc.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmi\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [cFosSpeed] C:\Programmi\cFosSpeed\cFosSpeed.exe O4 - HKLM\..\Run: [zzhdra.exe] C:\DOCUME~1\micro\IMPOST~1\Temp\bak\zzhdra.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [spoolw] C:\WINDOWS\system32\spoolw.exe O4 - HKCU\..\Run: [igfxsvc] C:\WINDOWS\system32\igfxsvc.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: byjor.exe O4 - Startup: imfe.exe O4 - Startup: jfl.exe O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O4 - Startup: yrbi.exe O4 - Startup: zavcel.exe O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1 O8 - Extra context menu item: Aggiungi all'elenco di stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Anteprima Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Stampa ad alta velocità Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing) O15 - Trusted Zone: *.doginhispen.com O15 - Trusted Zone: *.whataboutadog.com O17 - HKLM\System\CCS\Services\Tcpip\..\{13EBA7DC-E7FF-4D0B-BCD1-6AE170FCFA81}: NameServer = 85.37.17.9 85.38.28.75 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\sulimo.dat O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programmi\a-squared Free\a2service.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Programmi\cFosSpeed\spd.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe O23 - Service: ServiceLayer ServiceLayerVSS (ServiceLayerVSS) - Unknown owner - C:\WINDOWS\system32\3com_dmib.exe (file missing) -- End of file - 6980 bytes Con A-squared non ho trovato nulla se non i coockie. |
|
06-10-2007, 19.05.57 | #15 | |
Gold Member
Top Poster
Registrato: 20-08-2002
Loc.: Mestre
Messaggi: 3.563
|
Hai fatto queste cose, perchè mi sembra ci sia ancora tutto?
(non mandarmi più messaggi privati, se ne parla sul forum) Quota:
___________________________________
Solo gli operai sanno quanto vale il tempo; se lo fanno sempre pagare. |
|
Utenti attualmente attivi che stanno leggendo questa discussione: 1 (0 utenti e 1 ospiti) | |
Strumenti discussione | |
|
|
Discussioni simili | ||||
Discussione | Autore discussione | Forum | Risposte | Ultimo messaggio |
MS Windows 7 è qui... | Astro | Segnalazioni Web | 9 | 30-01-2008 15.43.43 |
Windows Patches | Gervy | Archivio News Web | 1 | 13-06-2007 18.26.40 |
Windows Patches | Gervy | Archivio News Web | 2 | 12-07-2006 14.47.47 |
Windows Patches | Gervy | Archivio News Web | 2 | 26-04-2006 10.28.02 |
Windows Patches | Gervy | Archivio News Web | 0 | 12-01-2005 08.35.37 |