Condividi:        

Problema lentezza e connessione

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Problema lentezza e connessione

Postdi Hari » 16/05/07 15:04

Salve a tutti..
Ho un Acer Aspire 5512, 1Gb RAM, Pentium M 1.73Ghz

Da qualche settimana ho problemi di connessione internet; ho Alice adsl, ma la conn è lenta e se apro eMule dopo poco si blocca..
In più negli ultimi giorni anche l'avvio e la chiusura del sistema sono lenti, e ogni tanto appaiono strani messaggi d'errore (questi appaiono già da qualche mese, sia se apro programmi, sia se sfoglio solo cartelle, senza un criterio ben preciso).
Mi si era installato lo spyware NewDotNet e l'ho eliminato, ma i problemi continuano.

Già prima di questo problema di connessione, non mi funzionano il bluetooth nè il wireless (forse le cose sono collegate?), ho prov a reinstallare i driver del BT, ma si blocca a metà..

Mi hanno consigliato di postare qui il mio log di Hijack, eccolo:

Logfile of HijackThis v1.99.1
Scan saved at 13.38.58, on 16/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\Programmi\SysCheck\_VsVir&co\Comodo\Firewall\cmdagent.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
C:\Programmi\SysCheck\_VsVir&co\Comodo\Firewall\CPF.exe
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\Programmi\SysCheck\_SysStrum\Hijack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://liberomail.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,"c:\windows\system32\samsungsensor.exe","c:\windows\system32\motorola-word.exe","c:\windows\system32\kodakword.exe",
O2 - BHO: (no name) - {07BB1B34-554E-432A-B5D7-C53816A514C8} - C:\WINDOWS\system32\drmdlien.dll
O2 - BHO: (no name) - {346D8699-DAC7-DD78-5CD4-CA50A929983C} - (no file)
O2 - BHO: XBTP00560 - {424A466C-72E5-443e-BEA8-B372B28F395F} - (no file)
O2 - BHO: (no name) - {5934B3E9-9752-42BB-BF0B-DC4C9F7912DD} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {81CFC095-AC7A-4B6C-9EBF-9B353A7A7EE2} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programmi\SysCheck\_VsVir&co\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /M "Stylus DX3800" /EF "HKCU"
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - c:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Save with Download Manager... - C:\Programmi\J River\Media Jukebox\DMDownload.htm
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7524D5D1-3205-44B5-9CB6-CDA446DBA1A0}: NameServer = 85.37.17.42 85.38.28.87
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Advanced System Products, Inc. - (no file)
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programmi\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programmi\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programmi\SysCheck\_VsVir&co\Comodo\Firewall\cmdagent.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programmi\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: PLClient - Padus, Inc. - (no file)
O23 - Service: RegSrvc - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Programmi\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZONELABS\vsmon.exe

Qualcuno può dirmi quali voci fixare?

Grazie grazie! ;)
Hari
Utente Junior
 
Post: 39
Iscritto il: 17/03/07 17:40

Sponsor
 

Postdi Luke57 » 16/05/07 15:18

Ciao, Ciao, segui questa procedura.
Scarica AVGPfix da qui (è un cleaner puro):
http://www.nod32.it/cgi-bin/mapdl.pl?tool=Agent.VP
(mettilo sul desktop)

Poi apri hijackthis, premi "do a system scan only", cerca e spunta le voci seguenti:
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,"c:\windows\system32\samsungsensor.exe","c:\windows\system32\motorola-word.exe","c:\windows\system32\kodakword.exe",
O2 - BHO: (no name) - {07BB1B34-554E-432A-B5D7-C53816A514C8} - C:\WINDOWS\system32\drmdlien.dll
O2 - BHO: (no name) - {346D8699-DAC7-DD78-5CD4-CA50A929983C} - (no file)
O2 - BHO: XBTP00560 - {424A466C-72E5-443e-BEA8-B372B28F395F} - (no file)
O2 - BHO: (no name) - {5934B3E9-9752-42BB-BF0B-DC4C9F7912DD} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {81CFC095-AC7A-4B6C-9EBF-9B353A7A7EE2} - (no file)
O23 - Service: ASP.NET State Service (aspnet_state) - Advanced System Products, Inc. - (no file)
O23 - Service: PLClient - Padus, Inc. - (no file)

premi fix checked.

rendi visibili file e cartelle nascaosit (risorse del computer>strumenti>opzioni cartella>visualizzazione> metti la spunta a "visualizza file e cartelle nascosti", la togli a "nascondi file protetti di sistema">OK)

avvii Avgpfix
(lo apri, premi start, individui ed elimini, uno alla volta, premendo ok, dopo averlo individuato, i seguenti file:
c:\windows\system32\motorola-word.exe
c:\windows\system32\kodakword.exe
c:\windows\system32\samsungsensor.exe
C:\WINDOWS\system32\drmdlien.dll

Posta poi nuovo log di controllo
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10

Postdi Hari » 26/05/07 14:44

Ciao.. scusate il ritardo ma proprio a causa dei problemi al pc mi è saltata la conness internet, per cui non riesco più a collegarmi tutti i giorni..
vi posto finalmente il nuovo log di hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 14.58.41, on 26/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\SysCheck\_VsVir&co\Comodo\Firewall\cmdagent.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programmi\SysCheck\_SysStrum\Hijack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /M "Stylus DX3800" /EF "HKCU"
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - c:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Save with Download Manager... - C:\Programmi\J River\Media Jukebox\DMDownload.htm
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programmi\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programmi\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programmi\SysCheck\_VsVir&co\Comodo\Firewall\cmdagent.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programmi\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Programmi\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZONELABS\vsmon.exe

Ho seguito le indicazioni per fixare come suggerito da Luke57, ma ho ancora problemi: non si connette a internet, BT non funziona, si blocca.. HELP!
Hari
Utente Junior
 
Post: 39
Iscritto il: 17/03/07 17:40

Postdi edo_aol » 26/05/07 15:21

hai visto se si tratta di un dialer?fai una scansione con spybot ed adware per vedere un po presenza di dialer.
Avatar utente
edo_aol
Utente Senior
 
Post: 415
Iscritto il: 13/04/07 14:26

Postdi Hari » 26/05/07 16:52

ho fatto scansione con ZA e A-Squared dopo averli aggiornati, hanno trov dei dialer e ho elim i file infetti. Solo che ora non posso connettermi x aggiornarli e non posso scaricare spybot ed adware per usarli sul mio pc.. ma dal log di hijack vedi qualcosa di strano da fixare?

PS: se x risolvere dovessi formattare c'è una guida in proposito?
grazie
Hari
Utente Junior
 
Post: 39
Iscritto il: 17/03/07 17:40

Postdi Luke57 » 26/05/07 17:01

Ciao, in che senso non riesci a connetterti? Non ti funziona il browser? Non ti funziona la connesione ADSL? magari se spieghi qualcosa in più, è meglio. Dal log non si nota niente.
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10

Postdi Hari » 26/05/07 17:09

Ti spiego. Uso il modem Alice Gate, abbonamento Alice tutto incluso.
Fino a qualche giorno fa il problema era alla connessione del cavo ethernet: in basso a destra l'icona delle conn di rete diceva "connessione limitata o assente", e quando avviavo il collegamento ad Alice il browser si apriva ma diceva "impossibile visualizzare pagina". Ora il pc 'vede' il cavo ethernet, ma avviando il browser continua a non aprirmi le pagine internet.
Quindi non riesco a connettermi!
Precedentemente avevo aperto un post x un problema di lentezza con eMule, si avviava e scaricava, poi si bloccava invariabilmente, impallando tutto il pc, e x sbloccarlo dovevo staccare il filo ethernet x disconnettere internet..

allo ra il log di hijack è pulito ora?
Cosa può essere?
Hari
Utente Junior
 
Post: 39
Iscritto il: 17/03/07 17:40

Postdi Hari » 26/05/07 19:59

Ehi ragazzi ci sto perdendo la testa in questo problema!
Ho notato che nei processi attivi mostrati dal task manager c'è "Explorer.EXE", scritto in maiuscolo: nessuno sa dirmi se può essere magari uno spyware che si è sostituito all'explorer.exe originale?

Please please HELP ME! :cry:
Hari
Utente Junior
 
Post: 39
Iscritto il: 17/03/07 17:40

Postdi Luke57 » 26/05/07 20:49

Ciao, proviamo a fare un controllo più approfondito, vai qui:
http://www.suspectfile.com/systemscan
scarica il file.zip, scompattalo nel desktop, chiudi le applicazioni e programmi aperti, apri l'eseguibile, spunta tutte le voci presenti, premi "scan now".
Al termine della scansione, vai nella cartella C:\suspectfile, troverai un file (report.txt).
Non potrai incollarlo perchè lunghissimo, vai qui:
http://www.easy-share.com/
premi il pulsante sfoglia, individua report.txt e caricalo nel sito premendo upload.
Ti saranno forniti, al termine del caricamento, dei link, incolla il primo in un post per poter vedere il file.
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10

Postdi Hari » 27/05/07 09:31

Ho scaricato il systemscan e ora lo passo sul mio pc e faccio scansione.. Ma poi non potendo connettermi dal mio pc a internet non posso uploadare il file report.txt. Lo posso uploadare da un altro pc?

Scusa non ho capito bene cosa intendi con "Ti saranno forniti, al termine del caricamento, dei link, incolla il primo in un post per poter vedere il file."

grazie
Hari
Utente Junior
 
Post: 39
Iscritto il: 17/03/07 17:40

Postdi Hari » 27/05/07 10:56

Scusate ancora ma non ne vengo a capo in nessun modo.. Ho lanciato Systemscan ma dice che non posso effettuare scansione perchè non ho i privilegi di amministratore.. mi dice di riavviare e riprovare ma fa sempre così! Ehi ma sono IO l'amministratore!
Che succede?
PS: con ad-aware mia ha trovato un virus e l'ho eliminato, però Systemscan non parte proprio..

In più aprendo pannello di controllo mi dice: "Unable to load btrez.dll - ITALIAN", appare in apertura e poi altre 3/4 volte se scorro la lista.

E dopo alcuni giorni, si è riproposta un'altra finestra allarmante, che tempo fa ha iniziato ad apparirmi quando aprivo programmi o semplicemente esplora risorse: è en messaggio di errore molto lungo, lo incollo qui...

OS: Windows XP Home Edition, SP2
CPU: GenuineIntel, Intel P6 (Model 13), MMX @ 800 MHz

Application data:
VmVyc2lvbjogVVVKZFExQlRWbHRFVFVOSFF3b0NPU2M2T3lwcGZtVmd
hUzArT0NFK0pEQkRkSDUzY21CeE9nPT0NCkltYWdlQmFzZTogMDkyNT
AwMDANCkVpcDogQzkwMjY1RjUNCkVheDogNzRFMDAwMA0KRWN4OiBFN
jNBQ0UwDQpFZHg6IEU2MzAzRTQNCkVieDogRTYzMDMwOQ0KRXNpOiBF
NjMwMDA4DQpFZGk6IEU2MzAzRTQNCkVicDogNEU3RTM0MA0KRXNwOiA
0RTdFMzE0DQpFcnJvckNvZGU6IA0KDQpDb2RlID0gWzIxMV0NCi0gOT
M2NDAwMA0KLSAxNDAwMA0KLSBBQjM5Q0MxOA0KLSBbXQ0KQzpcV0lOR
E9XU1xFeHBsb3Jlci5FWEUNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcbnRk
bGwuZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyXGtlcm5lbDMyLmRsbA0
KQzpcV0lORE9XU1xzeXN0ZW0zMlxtc3ZjcnQuZGxsDQpDOlxXSU5ET1
dTXHN5c3RlbTMyXEFEVkFQSTMyLmRsbA0KQzpcV0lORE9XU1xzeXN0Z
W0zMlxSUENSVDQuZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyXEdESTMy
LmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxVU0VSMzIuZGxsDQpDOlx
XSU5ET1dTXHN5c3RlbTMyXFNITFdBUEkuZGxsDQpDOlxXSU5ET1dTXH
N5c3RlbTMyXFNIRUxMMzIuZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyX
G9sZTMyLmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxPTEVBVVQzMi5k
bGwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcQlJPV1NFVUkuZGxsDQpDOlx
XSU5ET1dTXHN5c3RlbTMyXFNIRE9DVlcuZGxsDQpDOlxXSU5ET1dTXH
N5c3RlbTMyXENSWVBUMzIuZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyX
E1TQVNOMS5kbGwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcQ1JZUFRVSS5k
bGwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcV0lOVFJVU1QuZGxsDQpDOlx
XSU5ET1dTXHN5c3RlbTMyXElNQUdFSExQLmRsbA0KQzpcV0lORE9XU1
xzeXN0ZW0zMlxORVRBUEkzMi5kbGwNCkM6XFdJTkRPV1Ncc3lzdGVtM
zJcV0lOSU5FVC5kbGwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcV0xEQVAz
Mi5kbGwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcVkVSU0lPTi5kbGwNCkM
6XFdJTkRPV1Ncc3lzdGVtMzJcVXhUaGVtZS5kbGwNCkM6XFdJTkRPV1
Ncc3lzdGVtMzJcU2hpbUVuZy5kbGwNCkM6XFdJTkRPV1NcQXBwUGF0Y
2hcQWNHZW5yYWwuRExMDQpDOlxXSU5ET1dTXHN5c3RlbTMyXFdJTk1N
LmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxNU0FDTTMyLmRsbA0KQzp
cV0lORE9XU1xzeXN0ZW0zMlxVU0VSRU5WLmRsbA0KQzpcV0lORE9XU1
xzeXN0ZW0zMlxJTU0zMi5ETEwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcT
FBLLkRMTA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxVU1AxMC5kbGwNCkM6
XFdJTkRPV1NcV2luU3hTXHg4Nl9NaWNyb3NvZnQuV2luZG93cy5Db21
tb24tQ29udHJvbHNfNjU5NWI2NDE0NGNjZjFkZl82LjAuMjYwMC4yMT
gwX3gtd3dfYTg0ZjFmZjlcY29tY3RsMzIuZGxsDQpDOlxXSU5ET1dTX
HN5c3RlbTMyXGNvbWN0bDMyLmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0z
MlxhcHBoZWxwLmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxtc2N0Zml
tZS5pbWUNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcQ0xCQ0FUUS5ETEwNCk
M6XFdJTkRPV1Ncc3lzdGVtMzJcQ09NUmVzLmRsbA0KQzpcV0lORE9XU
1xTeXN0ZW0zMlxjc2N1aS5kbGwNCkM6XFdJTkRPV1NcU3lzdGVtMzJc
Q1NDRExMLmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlx0aGVtZXVpLmR
sbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxTZWN1cjMyLmRsbA0KQzpcV0
lORE9XU1xzeXN0ZW0zMlxNU0lNRzMyLmRsbA0KQzpcV0lORE9XU1xze
XN0ZW0zMlx4cHNwMnJlcy5kbGwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJc
QUNUWFBSWFkuRExMDQpDOlxXSU5ET1dTXHN5c3RlbTMyXG1zdXRiLmR
sbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxNU0NURi5kbGwNCkM6XFdJTk
RPV1Ncc3lzdGVtMzJcU0FNTElCLmRsbA0KQzpcV0lORE9XU1xzeXN0Z
W0zMlxudHNocnVpLmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxBVEwu
RExMDQpDOlxXSU5ET1dTXHN5c3RlbTMyXFNFVFVQQVBJLmRsbA0KQzp
cV0lORE9XU1xzeXN0ZW0zMlxtc2kuZGxsDQpDOlxXSU5ET1dTXHN5c3
RlbTMyXFdJTlNUQS5kbGwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcd2ViY
2hlY2suZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyXFdTT0NLMzIuZGxs
DQpDOlxXSU5ET1dTXHN5c3RlbTMyXFdTMl8zMi5kbGwNCkM6XFdJTkR
PV1Ncc3lzdGVtMzJcV1MySEVMUC5kbGwNCkM6XFdJTkRPV1Ncc3lzdG
VtMzJcc3RvYmplY3QuZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyXEJhd
E1ldGVyLmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxQT1dSUFJPRi5k
bGwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcV1RTQVBJMzIuZGxsDQpDOlx
XSU5ET1dTXHN5c3RlbTMyXE5FVFNIRUxMLmRsbA0KQzpcV0lORE9XU1
xzeXN0ZW0zMlxydHV0aWxzLmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zM
lxjcmVkdWkuZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyXGlwaGxwYXBp
LmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlx1cmxtb24uZGxsDQpDOlx
XSU5ET1dTXHN5c3RlbTMyXExJTktJTkZPLmRsbA0KQzpcV0lORE9XU1
xzeXN0ZW0zMlx3ZG1hdWQuZHJ2DQpDOlxXSU5ET1dTXHN5c3RlbTMyX
G1zYWNtMzIuZHJ2DQpDOlxXSU5ET1dTXHN5c3RlbTMyXG1pZGltYXAu
ZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyXE1QUi5kbGwNCkM6XFdJTkR
PV1NcU3lzdGVtMzJcZHJwcm92LmRsbA0KQzpcV0lORE9XU1xTeXN0ZW
0zMlxudGxhbm1hbi5kbGwNCkM6XFdJTkRPV1NcU3lzdGVtMzJcTkVUV
UkwLmRsbA0KQzpcV0lORE9XU1xTeXN0ZW0zMlxORVRVSTEuZGxsDQpD
OlxXSU5ET1dTXFN5c3RlbTMyXE5FVFJBUC5kbGwNCkM6XFdJTkRPV1N
cU3lzdGVtMzJcZGF2Y2xudC5kbGwNCkM6XFdJTkRPV1Ncc3lzdGVtMz
JcTVNOQ2hhdEhvb2suZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyXHN5c
2Vudi5kbGwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcTUZDNzFVLkRMTA0K
QzpcV0lORE9XU1xzeXN0ZW0zMlxNU1ZDUjcxLmRsbA0KQzpcV0lORE9
XU1xzeXN0ZW0zMlxTeW5UUEZjcy5kbGwNCkM6XFdJTkRPV1Ncc3lzdG
VtMzJcYnJvd3NlbGMuZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyXERVU
0VSLmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxNU0dJTkEuZGxsDQpD
OlxXSU5ET1dTXHN5c3RlbTMyXE9EQkMzMi5kbGwNCkM6XFdJTkRPV1N
cc3lzdGVtMzJcY29tZGxnMzIuZGxsDQpDOlxXSU5ET1dTXHN5c3RlbT
MyXG9kYmNpbnQuZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyXE1MQU5HL
mRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxmeHNzdC5kbGwNCkM6XFdJ
TkRPV1Ncc3lzdGVtMzJcV0lOU1BPT0wuRFJWDQpDOlxXSU5ET1dTXHN
5c3RlbTMyXEZYU0FQSS5kbGwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcTl
RNQVJUQS5ETEwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcV1pDU0FQSS5ET
EwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcU1hTLkRMTA0KQzpcV0lORE9X
U1xzeXN0ZW0zMlxNRkM0Mi5ETEwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJ
cTUZDNDJMT0MuRExMDQpDOlxQcm9ncmFtbWlcTWljcm9zb2Z0IE9mZm
ljZVxPRkZJQ0UxMVxtc29oZXYuZGxsDQpDOlxQcm9ncmFtbWlcQWRvY
mVcQWNyb2JhdCA3LjBcQWN0aXZlWFxQREZTaGVsbC5kbGwNCkM6XFdJ
TkRPV1Ncc3lzdGVtMzJccnNhZW5oLmRsbA0KQzpcV0lORE9XU1xXaW5
TeFNceDg2X01pY3Jvc29mdC5XaW5kb3dzLkdkaVBsdXNfNjU5NWI2ND
E0NGNjZjFkZl8xLjAuMjYwMC4yMTgwX3gtd3dfNTIyZjlmODJcZ2Rpc
Gx1cy5kbGwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcbXlkb2NzLmRsbA0K
QzpcUHJvZ3JhbW1pXE5va2lhXE5va2lhIFBDIFN1aXRlIDZcUGhvbmV
Ccm93c2VyLmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxDb25uQVBJLk
RMTA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxNU1ZDUDYwLmRsbA0KQzpcU
HJvZ3JhbW1pXE5va2lhXE5va2lhIFBDIFN1aXRlIDZcUENTQ00uZGxs
DQpDOlxXSU5ET1dTXHN5c3RlbTMyXE9MRVBSTzMyLkRMTA0KQzpcUHJ
vZ3JhbW1pXE5va2lhXE5va2lhIFBDIFN1aXRlIDZcTGFuZ1xQaG9uZU
Jyb3dzZXJfaXRhLm5scg0KQzpcUHJvZ3JhbW1pXE5va2lhXE5va2lhI
FBDIFN1aXRlIDZcUmVzb3VyY2VcUGhvbmVCcm93c2VyX05va2lhLm5n
cg0KQzpcV0lORE9XU1xzeXN0ZW0zMlxtc2Ntcy5kbGwNCkM6XFdJTkR
PV1Ncc3lzdGVtMzJcc2hkb2NsYy5kbGwNCkM6XFdJTkRPV1Ncc3lzdG
VtMzJcd212Y29yZS5kbGwNCkM6XFdJTkRPV1Ncc3lzdGVtMzJcV01BU
0YuRExMDQpDOlxXSU5ET1dTXHN5c3RlbTMyXG1zZG1vLmRsbA0KQzpc
V0lORE9XU1xzeXN0ZW0zMlxkeG1hc2YuZGxsDQpDOlxXSU5ET1dTXHN
5c3RlbTMyXERSTUNsaWVuLkRMTA0KQzpcV0lORE9XU1xzeXN0ZW0zMl
xtc3htbDMuZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyXFdJTkhUVFAuZ
GxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyXGpzY3JpcHQuZGxsDQpDOlxX
SU5ET1dTXHN5c3RlbTMyXHNpcmVuYWNtLmRsbA0KQzpcV0lORE9XU1x
XaW5TeFNceDg2X01pY3Jvc29mdC5WQzgwLkNSVF8xZmM4YjNiOWExZT
E4ZTNiXzguMC41MDcyNy4xNjNfeC13d182ODFlMjlmYlxNU1ZDUjgwL
mRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxtc2FkcDMyLmFjbQ0KQzpc
V0lORE9XU1xzeXN0ZW0zMlxpZ2Z4cHBoLmRsbA0KQzpcV0lORE9XU1x
zeXN0ZW0zMlxoY2N1dGlscy5ETEwNCkM6XFdJTkRPV1Ncc3lzdGVtMz
Jcc3RpLmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxDRkdNR1IzMi5kb
GwNCkM6XFBST0dSQX4xXFdpblppcFxXWlNITFNUQi5ETEwNCkM6XFBy
b2dyYW1taVxXaW5SQVJccmFyZXh0LmRsbA0KQzpcV0lORE9XU1xzeXN
0ZW0zMlx6aXBmbGRyLmRsbA0KQzpcUHJvZ3JhbW1pXEFjZXJcQWNlci
BBcmNhZGVcS2VybmVsXFZpZGVvXENMTWVkaWEuZGxsDQpjOlxQUk9HU
kF+MVxBLVNRVUF+MVxBMkZSRUV+MS5ETEwNCkM6XFdJTkRPV1Ncc3lz
dGVtMzJccXVhcnR6LmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxtcGc
yc3BsdC5heA0KQzpcUHJvZ3JhbW1pXFpvbmUgTGFic1xab25lQWxhcm
1cemxhdnNjYW4uZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyXE1TVkZXM
zIuZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyXHFlZGl0LmRsbA0KQzpc
V0lORE9XU1xzeXN0ZW0zMlxkZXZlbnVtLmRsbA0KQzpcUHJvZ3JhbW1
pXEFjZXJcQWNlciBBcmNhZGVcS2VybmVsXEJ1cm5lclxwcE0xU3BsdG
VyLmF4DQpDOlxQcm9ncmFtbWlcQWNlclxBY2VyIEFyY2FkZVxLZXJuZ
WxcVFZcUENNQk0xU3BsdGVyLmF4DQpDOlxQcm9ncmFtbWlcQ3liZXJM
aW5rXFBvd2VyUHJvZHVjZXJccHBNMVNwbHRlci5heA0KQzpcUHJvZ3J
hbW1pXEFjZXJcQWNlciBBcmNhZGVcS2VybmVsXEVkaXRNb3ZpZVxNRF
RMTTFTcGx0ZXIuYXgNCkM6XFByb2dyYW1taVxKIFJpdmVyXE1lZGlhI
Ep1a2Vib3hcTUpTaGVsbEV4dC5kbGwNCkM6XFByb2dyYW1taVxBY2Vy
XEFjZXIgQXJjYWRlXEtlcm5lbFxCdXJuZXJccHBUTE0xU3BsdGVyLmF
4DQpDOlxQcm9ncmFtbWlcQ3liZXJMaW5rXFBvd2VyUHJvZHVjZXJccH
BUTE0xU3BsdGVyLmF4DQpDOlxXSU5ET1dTXHN5c3RlbTMyXGVEU3NoZ
WxsRXh0LmRsbA0KQzpcV0lORE9XU1xzeXN0ZW0zMlxBVEw3MS5ETEwN
CkM6XFByb2dyYW1taVxJbGx1c3RyYXRlXGRCcG93ZXJBTVBcZE1DU2h
lbGwuZGxsDQpDOlxXSU5ET1dTXHN5c3RlbTMyXHNobWVkaWEuZGxsDQ
pDOlxXSU5ET1dTXHN5c3RlbTMyXEFWSUZJTDMyLmRsbA0KQzpcV0lOR
E9XU1xzeXN0ZW0zMlxHSlBHLkRMTA0KQzpcUHJvZ3JhbW1pXEZpbGUg
Y29tdW5pXEFoZWFkXERTRmlsdGVyXE5lVmlkZW8uYXgNCkM6XFdJTkR
PV1Ncc3lzdGVtMzJcZGRyYXcuZGxsDQpDOlxXSU5ET1dTXHN5c3RlbT
MyXERDSU1BTjMyLmRsbA==

---

Cosa sta succedendo? il Millennium Bug non era 7 anni fa buoni?
Hari
Utente Junior
 
Post: 39
Iscritto il: 17/03/07 17:40

Postdi edo_aol » 27/05/07 12:20

mamma mia che pc incasinato che hai.........
prova uno scan da qui:
http://malwarescan.emsisoft.com/
Avatar utente
edo_aol
Utente Senior
 
Post: 415
Iscritto il: 13/04/07 14:26

Postdi Hari » 02/06/07 10:31

No ragazzi, non posso fare scansioni on-line PROPRIO perchè non riesco a collegarmi a Internet..Ora sono connesso da un altro pc.

Ho prov a mettere Firefox e sono riuscito a connettermi, poi una volta scollegato ho riprovato e non va più la connessione..
Può trattarsi di un virus, spyware o rootkit che sia che compromette tutti i browser? Mi dà proprio questa impressione, come posso verificare? guardo nel registro?
A I U T O

PS: x edo_aol: da cosa vedi che ho il pc incasinato? non ho mai fatto formattazione, anche perché non ho cd di windows, era già installato nel pc. Come faccio se voglio formattare?
Hari
Utente Junior
 
Post: 39
Iscritto il: 17/03/07 17:40

Postdi edo_aol » 02/06/07 13:02

scusa puoi ripostare il log?cosi lo aggiorniamo un po grazie.per il fatto di incasinato,e un po gonfio per lo piu'.devi alleggerirlo da ospiti indesiderati. ;)
Avatar utente
edo_aol
Utente Senior
 
Post: 415
Iscritto il: 13/04/07 14:26

ecco il log

Postdi Hari » 03/06/07 07:37

Ecco il log aggiornato.. Fammi sapere al più presto come posso agire per alleggerire un po' il sistema..Grazie!

Logfile of HijackThis v1.99.1
Scan saved at 7.21.04, on 03/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\SysCheck\_VsVir&co\Comodo\Firewall\cmdagent.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Notepad.exe
C:\Programmi\J River\Media Jukebox\Media Jukebox.exe
C:\WINDOWS\system32\Notepad.exe
C:\Programmi\SysCheck\_SysStrum\Hijack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /M "Stylus DX3800" /EF "HKCU"
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - c:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Save with Download Manager... - C:\Programmi\J River\Media Jukebox\DMDownload.htm
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programmi\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programmi\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programmi\SysCheck\_VsVir&co\Comodo\Firewall\cmdagent.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programmi\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Programmi\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZONELABS\vsmon.exe
Hari
Utente Junior
 
Post: 39
Iscritto il: 17/03/07 17:40

Postdi Hari » 05/06/07 15:01

Nessuno mi aiuta?
:cry:
Hari
Utente Junior
 
Post: 39
Iscritto il: 17/03/07 17:40

Postdi Kiavik » 07/06/07 08:51

Hari ha scritto:Nessuno mi aiuta?
:cry:

ma nn fai prima a formattare...
Kiavik
Utente Senior
 
Post: 289
Iscritto il: 16/11/06 18:12

Postdi Luke57 » 07/06/07 09:36

Hari ha scritto:Nessuno mi aiuta?
:cry:

Cio, il computer non presenta minacce attive, che cosa formatti a fare?Certo seguire i consigli di chi c'azzecca veramente poco non aiuta per niente.
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10

Postdi edo_aol » 07/06/07 09:50

infatti.dicono le cose tanto per dire,senza pensarci.
Avatar utente
edo_aol
Utente Senior
 
Post: 415
Iscritto il: 13/04/07 14:26


Torna a Sicurezza e Privacy


Topic correlati a "Problema lentezza e connessione":

Problema con il mouse
Autore: crisge73
Forum: Discussioni
Risposte: 9
Problema Tiktok
Autore: Fra_rey
Forum: Discussioni
Risposte: 1

Chi c’è in linea

Visitano il forum: Nessuno e 31 ospiti

cron