Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

Problemino!!!

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

Problemino!!!

Postdi Beacher1 » 03/01/07 18:07

Ho un piccolo problema con il mio pc!
non riesco ad entrare in windows update o meglio riesco ad entrarci ma non riesco a scaricare gli aggiornamenti mi compare error:0x80072ee7
e la cosa mi succede ogni qualvolta che devo scaricare qualcosa!!
premetto ho windows xp originale ma senza service pack!!!
Vi loggo

Logfile of HijackThis v1.99.1
Scan saved at 17.56.02, on 03/01/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\service32.exe
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\XemiComputers\Active Desktop Calendar\ADC.exe
C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Programmi\Eset\nod32krn.exe
C:\Programmi\Internet Explorer\iexplore.exe
\VINCENZO\Vincenzo\hijackthis_199\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmi\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Programmi\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(4).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV04.EXE
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O12 - Plugin for .pdf: C:\Programmi\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {04365000-DFC6-11D3-B2BB-00105AE309D0} (/Quercia TLQJ 2000-Quercia) - https://www.bancaroma.it/tlqj/common/TlqJ2kQrc.cab
O16 - DPF: {13083D70-37BD-11D4-B315-00508B6D3B87} (/Quercia TLQJ 2000-QF24) - https://www.bancaroma.it/tlqj/common/TlqJ2kQF.cab
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.130/e9xr2.chm::/file.exe
O16 - DPF: {2A5C1DD0-DFC5-11D3-B2BB-00105AE309D0} (/Quercia TLQJ 2000-Other) - https://www.bancaroma.it/tlqj/common/TlqJ2kOth.cab
O16 - DPF: {5140EE10-DFC4-11D3-B2BB-00105AE309D0} (/Quercia TLQJ 2000-Image) - https://www.bancaroma.it/tlqj/Ita/TlqJ2kImg.cab
O16 - DPF: {572A663E-9756-4DAA-8F65-D97CEF308D64} (/Quercia TLQJ 2000-BDR) - https://www.bancaroma.it/tlqj/common/TlqJ2kBDR.cab
O16 - DPF: {59E6401A-A851-4E94-8DBA-40BD28BF4AA0} (/TlqJ 2000 LiberoBDR) - https://www.bancaroma.it/tlqj/Ita/TlqJ2kLibero.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7840935747
O16 - DPF: {71F37997-A1C0-4961-A6C4-5190354108F9} (/Quercia TLQJ 2000-BSwift) - https://www.bancaroma.it/tlqj/Ita/TlqJ2kBSwift.cab
O16 - DPF: {9389EFC0-3B78-482E-9974-6A365C571126} (/Quercia TLQJ 2000-TabF24) - https://www.bancaroma.it/tlqj/common/TlqJ2kTabF.cab
O16 - DPF: {B1738950-DFC5-11D3-B2BB-00105AE309D0} (/Quercia TLQJ 2000-QCbi) - https://www.bancaroma.it/tlqj/common/TlqJ2kQCb.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {CB572CC0-E5F9-11D3-B2C1-00105AE309D0} (/Quercia TLQJ 2000-QData) - https://www.bancaroma.it/tlqj/common/TlqJ2kQDt.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DDFBB8B5-0EEB-4E00-815A-289B63D5A0A8}: NameServer = 212.66.96.1,212.66.96.2
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Programmi\File comuni\EPSON\EBAPI\eEBSVC.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe

ciao e grazie!!!
Beacher1
Utente Junior
 
Post: 49
Iscritto il: 31/10/05 15:51
Località: Latina

Sponsor
 

Postdi dannato » 03/01/07 18:22

Ciao, il file è da eliminare.
Apri hijackthis, cerca e spunta le voci seguenti:
C:\WINDOWS\service32.exe

Premi fix checked


Scarica KILLBOX da qui
http://www.bleepingcomputer.com/files/s ... illBox.zip
- estrailo sul desktop e apri la cartella che lo contiene e quindi avvialo
- Seleziona l'opzione Delete on Reboot . Nello spazio scrivi il percorso del file da eliminare:
C:\WINDOWS\service32.exe
e clicchi sulla crocetta rossa (il computer si riavvierà)
dannato
Utente Junior
 
Post: 16
Iscritto il: 02/01/07 04:22


Torna a Sicurezza e Privacy


Topic correlati a "Problemino!!!":


Chi c’è in linea

Visitano il forum: Nessuno e 16 ospiti