Ho provato a spuntare "Disattiva ripristino configurazione di sistema" e riavviare.
Non so se il problema poteva esserci anche prima ma ora non mi è più possbile salvare un'immagine con Paint.
Ho notato che tra i processi ho un certo sospetto
wincntrl.exe. Da buona regola ho prima cercato su Google ma senza trovare molto.
Tentando il download degli aggiornamenti di AVG antivirus:
- quelli prioritari me li ha scricati dopo diversi tentativi dopo tre messaggi di errore in cui mi diceva che il tempo
- gli updates raccomandati sono riuscito a scaricarli al quinto tenativo dopo cinque messaggi di errore: non era possbile convertire l'IP
- quelli opzionali non li ho ancora scaricati... incrociamo le dita...
Per finire non posso collegarmi con AliceADSL ma solo col 56k in quanto ogni volta che tento di connettermi cliccando sull'icona relativa non mi compare proprio nulla...
Che dire? Provo a farvi vedere il log di HijackThis. Anche qui le sorprese non sono mancate: sono riuscito a far completare la scansione dopo il secondo tentativo quando al primo non rispondeva. Che ne pensate? Sembra bello lungo...
Grazie ancora
Logfile of HijackThis v1.99.1
Scan saved at 23.17.06, on 06/12/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
D:\programmi2\SpyBots\TeaTimer.exe
C:\WINDOWS\FSScrCtl.exe
D:\programmi2\Sicurezza\dialer\Digisoft AntiDialer\AntiDialer.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\netdrvr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wincntrl.exe
C:\Programmi\Mozilla Firefox\firefox.exe
D:\programmi2\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.tele2.it/redirect/dial_up
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {00DBDAC8-4691-4797-8E6A-7C6AB89BC441} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\programmi2\SpyBots\SDHelper.dll
O2 - BHO: MSEvents Object - {6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} - C:\WINDOWS\System32\mllji.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {D3403F2A-7D39-435F-A8CB-45016C29E48E} - (no file)
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [JeticoPFStartup] "D:\programmi2\Jetico_Personal_Firewall_1-0\fwsrv.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\programmi2\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunServices: [Microsoft Update] wuamk032.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\programmi2\SpyBots\TeaTimer.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programmi\Ymessenger\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [googletalk] "C:\Programmi\Google\Google Talk\googletalk.exe" /autostart
O4 - Startup: Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download with Star Downloader - D:\programmi2\Star Downloader Pro\sdie.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Enqueue in Star Downloader - D:\programmi2\Star Downloader Pro\sdieenq.htm
O8 - Extra context menu item: Leech with Star Downloader - D:\programmi2\Star Downloader Pro\leechie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Acronis Pop-up Blocker - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL
O9 - Extra 'Tools' menuitem: Acronis Pop-up Blocker - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\programmi2\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\programmi2\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YMESSE~1\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YMESSE~1\MESSEN~1\YPAGER.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.tele2.it/redirect/dial_up
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F1EE08D-CD28-44AE-B0AD-A072364EBE93}: NameServer = 212.151.136.246 130.244.127.169
O17 - HKLM\System\CCS\Services\Tcpip\..\{BEA3824D-FC43-4D06-B6CA-73404B387114}: NameServer = 151.99.125.1,151.99.125.2
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: mllji - C:\WINDOWS\System32\mllji.dll
O20 - Winlogon Notify: mllmk - mllmk.dll (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Programmi2\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\System32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\System32\vmnat.exe
O23 - Service: MS Dns Service (WinNet) - Unknown owner - C:\WINDOWS\system32\wincntrl.exe
Registrazione
