|
| Precedente :: Successivo |
| Autore |
Messaggio |
recambi
Comune mortale
Registrato: 18/01/07 12:33
Messaggi: 3
|
 Inviato: 18 Gen 2007 12:40 Oggetto: virus al file explorer.exe? |
 |
|
Ho questo problema: quando apro alcune cartelle, uppure inserisco la chiavina usb con memoria flash da 4 gb, oppure ri ordino i files dentro alcune cartelle mi da un errore del tipo L'ISTRUZIONE 0x03233206 HA FATTO RIFERIMENTO ALLA MEMORIA A "0x00000001" . LA MEMORIA NON POTEVA ESSERE WRITTEN...e mi si attiva PROTEZIONE ESECUZIONE PROGRAMMI.....che mi blocca tutto.
Che problema posso avere? E come risolverlo? |
|
| Top |
|
 |
Smjert
Dio maturo
Registrato: 01/04/06 18:19
Messaggi: 1619
Residenza: Perso nella rete
|
| Inviato: 18 Gen 2007 14:21 Oggetto: |
|
|
La protezione esecuzione programmi è un opzione che è stata aggiunta al Service Pack 2 per bloccare accessi alla memoria da parte di programmi non autorizzati (quali malware/virus ecc).
Quindi prima di tutto controlliamo che tu non abbia niente sul pc.
Se non hai niente i casi sono 2.. o è proprio la protezione che va in conflitto con qualcosa (possibile), oppure hai i banchi di Ram rovinati.
Scarica HijackThis, decomprimilo in una cartella tutta sua non temporanea (ad esempio mettilo in C:\HijackThis).
Avvialo e premi Do a system scan and save a log file, ti si aprirà una finestra di notepad con il risultato della scansione, copia e incolla qua il suo contenuto. |
|
| Top |
|
|
recambi
Comune mortale
Registrato: 18/01/07 12:33
Messaggi: 3
|
| Inviato: 18 Gen 2007 15:52 Oggetto: |
|
|
| Smjert ha scritto: | La protezione esecuzione programmi è un opzione che è stata aggiunta al Service Pack 2 per bloccare accessi alla memoria da parte di programmi non autorizzati (quali malware/virus ecc).
Quindi prima di tutto controlliamo che tu non abbia niente sul pc.
Se non hai niente i casi sono 2.. o è proprio la protezione che va in conflitto con qualcosa (possibile), oppure hai i banchi di Ram rovinati.
Scarica HijackThis, decomprimilo in una cartella tutta sua non temporanea (ad esempio mettilo in C:\HijackThis).
Avvialo e premi Do a system scan and save a log file, ti si aprirà una finestra di notepad con il risultato della scansione, copia e incolla qua il suo contenuto. |
Ecco il risultato
Logfile of HijackThis v1.99.1
Scan saved at 14.49.45, on 18/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Sybase\SQL Anywhere 8\win32\dbsrv8.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
c:\ma\marchost.exe
C:\Programmi\Network Associates\Common Framework\FrameworkService.exe
C:\Programmi\Network Associates\VirusScan\mcshield.exe
C:\Programmi\Network Associates\VirusScan\vstskmgr.exe
c:\ma\rstate.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmi\CheckPoint\SecuRemote\bin\SR_Service.exe
C:\Programmi\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
C:\WINDOWS\System32\svchost.exe
C:\PortaleOffLine\Apache Software Foundation\Tomcat 5.0\bin\tomcat5.exe
C:\Programmi\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\srvany.exe
C:\Programmi\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZyDummyZD11B-BG.exe
C:\Programmi\CheckPoint\SecuRemote\bin\SR_GUI.exe
C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programmi\Analog Devices\SoundMAX\Smax4.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmi\Network Associates\VirusScan\SHSTAT.EXE
C:\Programmi\Network Associates\Common Framework\UpdaterUI.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Programmi\QuickTime\qttask.exe
C:\ma\rstate.exe
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe
C:\Programmi\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
c:\ma\rsstatus.exe
C:\Programmi\HPQ\SHARED\HPQWMI.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\125270\Desktop\Nuova cartella\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programmi\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [WatchDog] C:\Programmi\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [Live Support Host] "c:\ma\marchost.exe" -servicehelper
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programmi\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programmi\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB002" /M "Stylus C46"
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [EPM Agent] c:\ma\rstate.exe /LOGON
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Programmi\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Office10\OSA.EXE
O4 - Global Startup: ZDWLan Utility.lnk = C:\Programmi\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\Office10\EXCEL.EXE/3000
O9 - Extra button: 123MP3IT - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\system32\123MP3IT (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https:\\www.consulenti-globali.it
O15 - Trusted Zone: www.promotoritoscana.com
O16 - DPF: {145778C3-B5DE-4596-AA3E-F9B44EE67408} (StandardNew.ctlBMStandardNew) - http://www.promotoritoscana.com/StandardNew.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {92FC4829-215D-482C-A8C1-560F12F2FB38} (StandardNew.ctlBMStandardNew) - http://www.promotoritoscana.com/StandardNew.CAB
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://c6.community.alice.it/download/DownloaderActiveX.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{30895A0C-727D-499A-A37D-FB3BF75EE6F8}: NameServer = 157.28.116.241,212.216.112.112
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\System32\btxppanel.dll
O20 - Winlogon Notify: ckpNotify - C:\WINDOWS\SYSTEM32\ckpNotify.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adaptive Server Anywhere - medspr (ASANYs_medspr) - Unknown owner - C:\Programmi\Sybase\SQL.exe (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Programmi\File comuni\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmi\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Live Support Host (marchost) - Unknown owner - c:\ma\marchost.exe" -service (file missing)
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Programmi\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Programmi\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Programmi\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: Manage Anywhere Studio Agent (MobileAutmationAgentService) - iPass Inc. - c:\ma\rstate.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Check Point SecuRemote Service (SR_Service) - Check Point Software Technologies - C:\Programmi\CheckPoint\SecuRemote\bin\SR_Service.exe
O23 - Service: Check Point SecuRemote WatchDog (SR_WatchDog) - Check Point Software Technologies - C:\Programmi\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Apache Tomcat (Tomcat5) - Unknown owner - C:\PortaleOffLine\Apache Software Foundation\Tomcat 5.0\bin\tomcat5.exe" //RS//Tomcat5 (file missing)
O23 - Service: ZyDAS1211BBG - Unknown owner - C:\Programmi\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\srvany.exe
Cosa c'è che non va? 
grazie |
|
| Top |
|
|
recambi
Comune mortale
Registrato: 18/01/07 12:33
Messaggi: 3
|
| Inviato: 19 Gen 2007 10:34 Oggetto: aiuto!!!!!!! |
|
|
AIUTO!!!!
AIUTO!!!!
AIUTO!!!
| recambi ha scritto: | | Smjert ha scritto: | La protezione esecuzione programmi è un opzione che è stata aggiunta al Service Pack 2 per bloccare accessi alla memoria da parte di programmi non autorizzati (quali malware/virus ecc).
Quindi prima di tutto controlliamo che tu non abbia niente sul pc.
Se non hai niente i casi sono 2.. o è proprio la protezione che va in conflitto con qualcosa (possibile), oppure hai i banchi di Ram rovinati.
Scarica HijackThis, decomprimilo in una cartella tutta sua non temporanea (ad esempio mettilo in C:\HijackThis).
Avvialo e premi Do a system scan and save a log file, ti si aprirà una finestra di notepad con il risultato della scansione, copia e incolla qua il suo contenuto. |
Ecco il risultato
Logfile of HijackThis v1.99.1
Scan saved at 14.49.45, on 18/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Sybase\SQL Anywhere 8\win32\dbsrv8.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
c:\ma\marchost.exe
C:\Programmi\Network Associates\Common Framework\FrameworkService.exe
C:\Programmi\Network Associates\VirusScan\mcshield.exe
C:\Programmi\Network Associates\VirusScan\vstskmgr.exe
c:\ma\rstate.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmi\CheckPoint\SecuRemote\bin\SR_Service.exe
C:\Programmi\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
C:\WINDOWS\System32\svchost.exe
C:\PortaleOffLine\Apache Software Foundation\Tomcat 5.0\bin\tomcat5.exe
C:\Programmi\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\srvany.exe
C:\Programmi\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZyDummyZD11B-BG.exe
C:\Programmi\CheckPoint\SecuRemote\bin\SR_GUI.exe
C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programmi\Analog Devices\SoundMAX\Smax4.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmi\Network Associates\VirusScan\SHSTAT.EXE
C:\Programmi\Network Associates\Common Framework\UpdaterUI.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Programmi\QuickTime\qttask.exe
C:\ma\rstate.exe
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe
C:\Programmi\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
c:\ma\rsstatus.exe
C:\Programmi\HPQ\SHARED\HPQWMI.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\125270\Desktop\Nuova cartella\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programmi\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [WatchDog] C:\Programmi\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [Live Support Host] "c:\ma\marchost.exe" -servicehelper
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programmi\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programmi\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB002" /M "Stylus C46"
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [EPM Agent] c:\ma\rstate.exe /LOGON
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Programmi\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Office10\OSA.EXE
O4 - Global Startup: ZDWLan Utility.lnk = C:\Programmi\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\Office10\EXCEL.EXE/3000
O9 - Extra button: 123MP3IT - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\system32\123MP3IT (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https:\\www.consulenti-globali.it
O15 - Trusted Zone: www.promotoritoscana.com
O16 - DPF: {145778C3-B5DE-4596-AA3E-F9B44EE67408} (StandardNew.ctlBMStandardNew) - http://www.promotoritoscana.com/StandardNew.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {92FC4829-215D-482C-A8C1-560F12F2FB38} (StandardNew.ctlBMStandardNew) - http://www.promotoritoscana.com/StandardNew.CAB
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://c6.community.alice.it/download/DownloaderActiveX.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{30895A0C-727D-499A-A37D-FB3BF75EE6F8}: NameServer = 157.28.116.241,212.216.112.112
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\System32\btxppanel.dll
O20 - Winlogon Notify: ckpNotify - C:\WINDOWS\SYSTEM32\ckpNotify.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adaptive Server Anywhere - medspr (ASANYs_medspr) - Unknown owner - C:\Programmi\Sybase\SQL.exe (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Programmi\File comuni\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmi\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Live Support Host (marchost) - Unknown owner - c:\ma\marchost.exe" -service (file missing)
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Programmi\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Programmi\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Programmi\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: Manage Anywhere Studio Agent (MobileAutmationAgentService) - iPass Inc. - c:\ma\rstate.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Check Point SecuRemote Service (SR_Service) - Check Point Software Technologies - C:\Programmi\CheckPoint\SecuRemote\bin\SR_Service.exe
O23 - Service: Check Point SecuRemote WatchDog (SR_WatchDog) - Check Point Software Technologies - C:\Programmi\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Apache Tomcat (Tomcat5) - Unknown owner - C:\PortaleOffLine\Apache Software Foundation\Tomcat 5.0\bin\tomcat5.exe" //RS//Tomcat5 (file missing)
O23 - Service: ZyDAS1211BBG - Unknown owner - C:\Programmi\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\srvany.exe
Cosa c'è che non va?
grazie |
 |
|
| Top |
|
|
chemicalbit
Dio maturo
Registrato: 01/04/05 18:59
Messaggi: 18597
Residenza: Milano
|
| Inviato: 19 Gen 2007 13:07 Oggetto: |
|
|
Non me ne intendo,
ma -a meno che tu non conosca cosa ci sia nella cartella c:\ma\ - giusto per inziare io invierei ad un servizio tipo http://www.virustotal.com i file indicati nel log che sono in qualla cartella.
Solo dalla posizione e dal nome mi "puzza" |
|
| Top |
|
|
Smjert
Dio maturo
Registrato: 01/04/06 18:19
Messaggi: 1619
Residenza: Perso nella rete
|
| Inviato: 19 Gen 2007 15:12 Oggetto: |
 |
|
Segui il consiglio di Chemical.
Anche questa cosa qua C:\Programmi\Sybase\SQL.exe l'hai installata tu? |
|
| Top |
|
|
|
|
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi
|
|
FAQ
Cerca
Lista utenti
Gruppi
Registrati
Profilo
Messaggi privati
Log in
