Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

ERRORI ALL'AVVIO

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

ERRORI ALL'AVVIO

Postdi fiorellinonumerodue » 27/04/06 13:49

Ciao a tutti

ho un probema all'avvio di windows. ho visto che siete molto bravi nelrisolverli. potete darmi una mano anche a me?????

questi sono i messaggi all'avvio che mi appaiono

Immagine

Immagine


questo in vece è il mio log file fatto pochi minuti fa

Logfile of HijackThis v1.99.1
Scan saved at 14.44.11, on 27/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Eset\nod32krn.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\Programmi\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Programmi\Java\jre1.5.0_02\bin\jusched.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\Winamp\winampa.exe
C:\Programmi\Trust\3010A WIRELESS DESKSET\Keyboard\kbdap32a.EXE
C:\Programmi\Trust\3010A WIRELESS DESKSET\Mouse\mouse32a.exe
C:\Programmi\MessengerPlus! 3\MsgPlus.exe
D:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\vsnpstd2.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Messenger\msmsgs.exe
D:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\Yahoo!\Messenger\ymsgr_tray.exe
D:\Programmi\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\mioengine.exe
C:\Programmi\WorldCommunityGrid\UD.EXE
C:\Programmi\WorldCommunityGrid\ud_5235301.exe
C:\Programmi\WorldCommunityGrid\ud_5235301_0.dir\WCGrid_AutoDock.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\Chiara\IMPOST~1\Temp\Rar$EX00.281\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gw.virgilio.it/alice01.home
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da VirgilioTin
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programmi\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
F2 - REG:system.ini: Shell=Explorer.exe smsse.exe
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programmi\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [soft Special] cock.exe
O4 - HKLM\..\Run: [Windows Compliant] tqvjun.exe
O4 - HKLM\..\Run: [Windows System32] winsystem32.exe
O4 - HKLM\..\Run: [Nortons AV SYSTEM] scvchost.exe
O4 - HKLM\..\Run: [Diagnostica SpeedTouch USB] "C:\Programmi\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [OFFICEKB] C:\Programmi\Trust\3010A WIRELESS DESKSET\Keyboard\kbdap32a.EXE
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Programmi\Trust\3010A WIRELESS DESKSET\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [HP Software Update] D:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ad-aware] C:\Programmi\Lavasoft\Ad-aware 6\Ad-aware.exe +c
O4 - HKLM\..\RunServices: [soft Special] cock.exe
O4 - HKLM\..\RunServices: [Windows Compliant] tqvjun.exe
O4 - HKLM\..\RunServices: [Windows System32] winsystem32.exe
O4 - HKLM\..\RunServices: [Nortons AV SYSTEM] scvchost.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Windows System32] winsystem32.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programmi\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [Free Download Manager] C:\Programmi\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [NBJ] "C:\Programmi\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - Startup: alice.lnk = ?
O4 - Startup: My 190.it.lnk = C:\Documents and Settings\Chiara\Dati applicazioni\mioObjects\[objects]\69GWEU9386MTAR08.mio
O4 - Startup: World Community Grid Agent.lnk = C:\Programmi\WorldCommunityGrid\UD.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio rapido di HP Image Zone.lnk = D:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: Umail - {79FB6F9C-C945-43A5-8EFC-242389602904} - http://gw.virgilio.it/b2c01.umail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://gw.virgilio.it/alice01.home
O15 - Trusted Zone: http://www.archiviosex.net
O15 - Trusted Zone: http://www.linkautomatici.com
O15 - Trusted Zone: http://www.redfunny.com
O15 - Trusted Zone: http://www.skymasters.biz
O15 - Trusted Zone: http://www.yeak.net
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {7F8B1F27-AE54-479D-AACF-0A7B2334E7EE} (HTTPUplListX Control) - http://stampafoto.mediaworld.it/HTTPUplList.cab
O16 - DPF: {7F8B2500-3B5D-474C-B828-C766ECE3AB3C} (ATLmosquito1 Class) - http://www.netphone.tiscali.it/netphone ... squito.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b32846.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoftware.com/activescan ... roinst.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CA0F87D-610E-49D6-A582-ACEEBB4BDC21}: NameServer = 85.37.17.10 85.38.28.86
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
fiorellinonumerodue
Newbie
 
Post: 4
Iscritto il: 27/04/06 13:35

Sponsor
 

Postdi fabrizius » 27/04/06 14:58

ciao,allora prova a fare cosi:
fai analizzare questo file che puo essere sia leggittimo che infetto a quanto pare:
Vai su http://www.virustotal.com,con il pulsante sfoglia portati a C:\WINDOWS\vsnpstd2.exe ,clicca su send e apsetta il responso
Poi scarica lo script per riparare la trusted zone <--->(tasto destro sul link e salvalo sul desktop)
Portati nelle installazioni/applicazioni del pannello di controllo e disinstalla tutto quello che non hai installato tu
PS:sei sicuro di non aver accettato gli sponsor quando hai installato MSN+?
Ora vai nel task manager(Ctrl+Alt+Del) e termina questi processi se ci sono:
vsnpstd2.exe-->>questo solo nel caso si rivelasse infetto
mioengine.exe
Adesso:
1/disattiva il ripristino configurazione di sistema
(Vai su Start--->tasto destro del mouse sull'icona Risorse del computer----> Proprietà
Nella sezione "Ripristino configurazione di sistema",spuntare "Disattiva Ripristino configurazione di sistema)
2/Assciurati di avere accesso a cartelle e file nascosti
(Pannello di controllo---> Opzioni Cartella ---> Visualizzazione--->metti la spunta s"visualizza file e cartelle nascoste"--->disattiva nascondi file e cartelle di sistema)
3/Avvia il computer in modalità provvisoria
(Riavviare il sistema--->Immediatamente al termine del caricamento del BIOS premere ripetutamente il tasto F8 fin quando non appare il menu Opzioni avanzate di Windows--->Vai su Modalità provvisoria e premi Invio).

Una volta riavviato esegui lo script per riparare la Trusted Zone--->click con il tasto destro sul file .inf e seleziona Installa

Adesso con hijackthis fixa queste voci:(ovviamente se qualcuna la conosci trascurala)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programmi\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
F2 - REG:system.ini: Shell=Explorer.exe smsse.exe-->>é lui che causa l'errore all'avvio,se non riesci a fixarlo poi bisgnerà andare ad eliminarlo manualmente
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programmi\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O4 - HKLM\..\Run: [soft Special] cock.exe
O4 - HKLM\..\Run: [Windows Compliant] tqvjun.exe
O4 - HKLM\..\Run: [Windows System32] winsystem32.exe
O4 - HKLM\..\Run: [Nortons AV SYSTEM] scvchost.exe
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\RunServices: [soft Special] cock.exe
O4 - HKLM\..\RunServices: [Windows System32] winsystem32.exe
O4 - HKLM\..\RunServices: [Nortons AV SYSTEM] scvchost.exe
O4 - HKCU\..\Run: [Windows System32] winsystem32.exe
O4 - Startup: My 190.it.lnk = C:\Documents and Settings\Chiara\Dati applicazioni\mioObjects\[objects]\69GWEU9386MTAR08.mio
O9 - Extra button: Umail - {79FB6F9C-C945-43A5-8EFC-242389602904} - http://gw.virgilio.it/b2c01.umail (file missing) (HKCU)
Tutte le 015 se ci sono ancora

Adesso cerca ed elimina:
C:\WINDOWS\vsnpstd2.exe-->>sempre se si é rivelato infetto
C:\WINDOWS\system32\mioengine.exe

Dai una ripulita ai files inutili,temp etc con Ccleaner
PS:prima di usarlo vai in opzioni--->avanzate e togli la spunta da:(elimina file solo se piu vecchi di 48 ore)

spero di non aver dimenticato niente :P

Ritorna in modalità normale,riattiva il ripristino config.di sistema e posta un log aggiornato per terminare le operazioni se fosse necessario

Al limite puoi fare anche uno scan online:
BitDefender
oppure
Panda
fabrizius
Utente Senior
 
Post: 1220
Iscritto il: 20/05/05 13:55

Postdi fiorellinonumerodue » 27/04/06 16:34

Grazie Fabrizius x avermi risposto così presto..ho fatto tutto ciò che mi hai detto e al riavvio in modalità normale la finestra d'errore smsse.exe è sparita! :) grande!GRAZIE!
L'altra mi ricompare,al contrario in modalità provvisoria non comparivano nessuna delle due.
Non so più come muovermi..posto il log,se per favore puoi darmi ancora una mano..

Logfile of HijackThis v1.99.1
Scan saved at 17.32.54, on 27/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Eset\nod32krn.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Programmi\Java\jre1.5.0_02\bin\jusched.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\Winamp\winampa.exe
C:\Programmi\Trust\3010A WIRELESS DESKSET\Keyboard\kbdap32a.EXE
C:\Programmi\Trust\3010A WIRELESS DESKSET\Mouse\mouse32a.exe
C:\Programmi\MessengerPlus! 3\MsgPlus.exe
D:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\vsnpstd2.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Yahoo!\Messenger\ymsgr_tray.exe
D:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\WorldCommunityGrid\UD.EXE
D:\Programmi\HP\Digital Imaging\bin\hpqgalry.exe
C:\Programmi\WorldCommunityGrid\ud_5235301.exe
C:\Programmi\WorldCommunityGrid\ud_5235301_0.dir\WCGrid_AutoDock.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\Chiara\IMPOST~1\Temp\Rar$EX00.250\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gw.virgilio.it/alice01.home
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da VirgilioTin
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [Diagnostica SpeedTouch USB] "C:\Programmi\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [OFFICEKB] C:\Programmi\Trust\3010A WIRELESS DESKSET\Keyboard\kbdap32a.EXE
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Programmi\Trust\3010A WIRELESS DESKSET\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [HP Software Update] D:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ad-aware] C:\Programmi\Lavasoft\Ad-aware 6\Ad-aware.exe +c
O4 - HKLM\..\RunServices: [Windows Compliant] tqvjun.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programmi\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [Free Download Manager] C:\Programmi\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [NBJ] "C:\Programmi\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - Startup: alice.lnk = ?
O4 - Startup: World Community Grid Agent.lnk = C:\Programmi\WorldCommunityGrid\UD.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio rapido di HP Image Zone.lnk = D:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://gw.virgilio.it/alice01.home
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {7F8B1F27-AE54-479D-AACF-0A7B2334E7EE} (HTTPUplListX Control) - http://stampafoto.mediaworld.it/HTTPUplList.cab
O16 - DPF: {7F8B2500-3B5D-474C-B828-C766ECE3AB3C} (ATLmosquito1 Class) - http://www.netphone.tiscali.it/netphone ... squito.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b32846.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoftware.com/activescan ... roinst.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CA0F87D-610E-49D6-A582-ACEEBB4BDC21}: NameServer = 85.37.17.10 85.38.28.86
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
fiorellinonumerodue
Newbie
 
Post: 4
Iscritto il: 27/04/06 13:35

Postdi fabrizius » 27/04/06 17:37

Ciao,di niente figurati
allora adesso fai cosi:
Come 1 cosa metti hijackthis in una cartella a lui dedicata altrimenti non sarà in grado di fare il backup delle voci rimosse.es;(C:\HJT\hijackthis.exe)
Poi hai analizzato questo file?C:\WINDOWS\vsnpstd2.exe...responso?
Sei sicura di non aver accettato gli sponsor con MSN+? é importante
Per il log fai cosi:
Se infetto quel file terminalo dal task manager,poi cercalo e rimuovilo
Con hijackthis fixa queste voci:
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe famoso file
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe-->non serve all'avvio automatico
O4 - HKLM\..\RunServices: [Windows Compliant] tqvjun.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Programmi\Free Download Manager\fdm.exe -autorun-->>questa dovrebbe eliminare il problema all'avvio

Al limite puoi fare anche uno scan con questo tool standalone rbotgui
(lo salvi sul desktop,lo avvi con un doppio click,accetti la licenza e clicca GO) guarda anche qui

Fammi sapere
fabrizius
Utente Senior
 
Post: 1220
Iscritto il: 20/05/05 13:55

Postdi fiorellinonumerodue » 27/04/06 21:53

Grande Fabrizius!! Non ho più nessun problema!!
il famoso file di cui ho chiesto la verifica non si è rivelato un virus sin dalla prima volta che mi hai consigliato di farlo,ma ho dimenticato di scriverlo..riguardo a messenger plus non ricordo di avere accettato le pubblicità..Comunque a questo punto credo che non importi più visto che i problemi sono stati eliminati..mi sbaglio?
GRAZIE ancora,sei stato gentilissimo
fiorellinonumerodue
Newbie
 
Post: 4
Iscritto il: 27/04/06 13:35

Postdi fabrizius » 27/04/06 22:45

Ciao,ok ce l'abbiamo fatta...
comunque per msn+ fai cosi:vai nelle installazioni/applicazioni del pannello di controllo e rimuovi msn+ ma metti la spunta solo sugli sponsor,cosi facendo verranno disinstallati nel caso li avessi accettati ;)
fabrizius
Utente Senior
 
Post: 1220
Iscritto il: 20/05/05 13:55

Postdi Carlos » 27/04/06 23:23

Anch'io ho qualche problemino all'avvio...la mitica schermata blu...

Questo è il mio log di hijackthis. Secondo voi dovrei sistemare qualcosa?

Ho disinstallato Kaspersky e le schermate blu si presentano meno frequentemente.

Log Portatile

Logfile of HijackThis v1.99.0
Scan saved at 0.20.46, on 28/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\tp4mon.exe
C:\PROGRA~1\KASPER~1\KASPER~1\KASPER~3\OESpamTest.ExE
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\Directory temporanea 1 per hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [TrackPointSrv] tp4mon.exe
O4 - HKLM\..\Run: [OESpamTest] C:\PROGRA~1\KASPER~1\KASPER~1\KASPER~3\OESpamTest.ExE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: kavsvc - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\KAV\KAVSVC.exe
--RIDE THE LIGHTNING--
Carlos
Utente Junior
 
Post: 97
Iscritto il: 14/02/06 19:20
Località: DETROIT, ROCK CITY!

Postdi Carlos » 27/04/06 23:53

Log Fisso

Logfile of HijackThis v1.99.0
Scan saved at 0.51.37, on 28/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Virtual CD v4 SDK\system\vcssecs.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Programmi\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Programmi\Trust\Trust MD3100 USB ADSL MODEM\CnxDslTb.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\Pando Networks\Pando\Pando.exe
C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmi\mozilla.org\SeaMonkey\SeaMonkey.exe
C:\Programmi\eMule\emule.exe
C:\Programmi\Tuttogratis Alert\TgAlert.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\Yahoo!\Messenger\YPager.exe
C:\Documents and Settings\Simona e Carlo\Desktop\Programmi Vari\HijackThis.exe
C:\Programmi\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\it.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Programmi\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Programmi\Desktop Sidebar\sbhelp.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Toolbar Suite\TB\02.05.0000.1082\it-it\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: Burn4Free Toolbar Helper - {F8E5CA21-C27B-43e7-B2BE-4CA93C9F9A1F} - C:\Programmi\Burn4Free Toolbar\v2.0.0.4\Burn4Free_Toolbar.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Toolbar Suite\TB\02.05.0000.1082\it-it\msntb.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Programmi\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Burn4Free Toolbar - {70DE7956-479D-4eb7-8641-2B45774C350E} - C:\Programmi\Burn4Free Toolbar\v2.0.0.4\Burn4Free_Toolbar.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [eBayToolbar] C:\Programmi\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Programmi\Trust\Trust MD3100 USB ADSL MODEM\CnxDslTb.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Pando] C:\Programmi\Pando Networks\Pando\Pando.exe /Automation
O4 - HKLM\..\Run: [MMTray] C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programmi\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SeaMonkey Quick Launch] "C:\Programmi\mozilla.org\SeaMonkey\SeaMonkey.exe" -turbo
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Programmi\eMule\emule.exe -AutoStart
O4 - Startup: Tuttogratis Alert.lnk = C:\Programmi\Tuttogratis Alert\TgAlert.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &eBay Search - res://C:\Programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &MSN Search - res://C:\Programmi\MSN Toolbar Suite\TB\02.05.0000.1082\it-it\msntb.dll/search.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... jhtml?p=ZC
O8 - Extra context menu item: &Translate English Word - res://c:\programmi\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\MSN Toolbar Suite\TAB\02.05.0001.1119\it-it\msntabres.dll/230?a6df32cc1a1448e78c81efbbf73e9a21
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\MSN Toolbar Suite\TAB\02.05.0001.1119\it-it\msntabres.dll/229?a6df32cc1a1448e78c81efbbf73e9a21
O8 - Extra context menu item: Backward Links - res://c:\programmi\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmi\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\programmi\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\programmi\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Programmi\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Programmi\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesit.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesit.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\it.htm
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4539348E-01D7-11D5-9A39-0080C8D85044} (GameDesire Slots 90th) - http://67.15.101.3/g_bin/eng/slots90_2_0_0_26.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8488166296
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://webcamchilon.dyndns.org:8888/activex/AMC.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.montreuxtourism.ch/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) - http://67.15.101.3/g_bin/eng/words_2_0_0_38.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{036743E8-DA3B-4DD7-A529-6E5690D8645E}: NameServer = 88.149.128.12 88.149.128.5
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: SmartLinkService - Unknown - slserv.exe (file missing)
O23 - Service: SymWMI Service - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) - H+H Software GmbH - C:\Programmi\Virtual CD v4 SDK\system\vcssecs.exe



Grazie 1000 a chi vorrà esaminare i miei 2 logs!
--RIDE THE LIGHTNING--
Carlos
Utente Junior
 
Post: 97
Iscritto il: 14/02/06 19:20
Località: DETROIT, ROCK CITY!


Torna a Sicurezza e Privacy


Topic correlati a "ERRORI ALL'AVVIO":


Chi c’è in linea

Visitano il forum: Nessuno e 3 ospiti