|
| Precedente :: Successivo |
| Autore |
Messaggio |
corvo999
Comune mortale
Registrato: 25/04/08 10:00
Messaggi: 3
|
 Inviato: 25 Apr 2008 10:30 Oggetto: problema con windows installer |
 |
|
salve a tutti, vorrei esporvi il mio problema :
quando tento di installere windows defender mi si apre notepad, ho provato a installarlo con il comando apri con .. msiexec, ma niente .. sempre notepad.
premetto che uso macaffe interenet sicurty , a-squared +spywaredoctor
il sistema operativo è xp
Utilizzando hijackfree mi viene segnalato negli avvi truccati, la presenza di explorer nella shell di system.ini e in winlogon, oltre ad avere nel comando apri della shell tutta una serie %1'% oltre al famoso NOTEPAD.EXE %1.
grazie dell'attenzione
allego il log HijackThis v2.0.2
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11.05.21, on 25/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\Ahead\InCD\InCDsrv.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\svchost.exe
D:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\Programmi\File comuni\McAfee\HackerWatch\HWAPI.exe
D:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
d:\PROGRA~1\FILECO~1\mcafee\mna\mcnasvc.exe
D:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
D:\PROGRA~1\McAfee\MSC\mcpromgr.exe
d:\PROGRA~1\FILECO~1\mcafee\redirsvc\redirsvc.exe
D:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
D:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
D:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Programmi\McAfee\MPF\MPFSrv.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Programmi\Spyware Doctor\pctsAuxs.exe
D:\Programmi\SiteAdvisor\6253\SiteAdv.exe
D:\Programmi\McAfee.com\Agent\mcagent.exe
D:\Programmi\Spyware Doctor\pctsTray.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Programmi\Spyware Doctor\pctsSvc.exe
D:\Programmi\SiteAdvisor\6253\SAService.exe
D:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
D:\WINDOWS\system32\cryptainersrv.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\alg.exe
C:\U.S.R.TurboGWLAN\USRWLANG.exe
D:\Programmi\Internet Explorer\IEXPLORE.EXE
D:\PROGRA~1\FILECO~1\McAfee\EmProxy\emproxy.exe
D:\VEXPLITE\viritexp.exe
D:\Documents and Settings\antonio\Desktop\HiJackThis.exe
D:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - D:\Programmi\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - d:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - D:\Programmi\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SiteAdvisor] D:\Programmi\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [mcagent_exe] D:\Programmi\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISTray] "D:\Programmi\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [a-squared] "D:\Programmi\a-squared Anti-Malware\a2guard.exe" /d=60
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] D:\VEXPLITE\MONLITE.EXE
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://D:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Crea preferiti portatile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Programmi\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmi\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmi\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - D:\Programmi\a-squared Anti-Malware\a2service.exe
O23 - Service: Autodesk Licensing Service - Autodesk - D:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - D:\PROGRA~1\FILECO~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - D:\Programmi\Ahead\InCD\InCDsrv.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - D:\Programmi\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - D:\Programmi\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - D:\Programmi\iolo\System Mechanic 7\IoloSGCtrl.exe (file missing)
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - D:\Programmi\File comuni\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - D:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - D:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - d:\PROGRA~1\FILECO~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - D:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - D:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - d:\PROGRA~1\FILECO~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - D:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - D:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - D:\Programmi\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Programmi\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Programmi\Spyware Doctor\pctsSvc.exe
O23 - Service: Servizio SiteAdvisor (SiteAdvisor Service) - Unknown owner - D:\Programmi\SiteAdvisor\6253\SAService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Cryptainer service (ssoftservice) - Cypherix Software (India) Pvt. Ltd. - D:\WINDOWS\SYSTEM32\cryptainersrv.exe
O23 - Service: UPS - UPSentry Service (UPSentry_Smart) - Unknown owner - D:\Programmi\Belkin Bulldog Plus\upsd.exe (file missing)
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - D:\VEXPLITE\viritsvc.exe
--
End of file - 7864 bytes |
|
| Top |
|
 |
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 25 Apr 2008 14:24 Oggetto: |
|
|
Non mi sembra che sia un problema dovuto a qualche virus (in hijackthis non se ne vede traccia, ma non vuol dire).
Hai provato a re-installare MSIInstaller? |
|
| Top |
|
|
corvo999
Comune mortale
Registrato: 25/04/08 10:00
Messaggi: 3
|
| Inviato: 25 Apr 2008 14:35 Oggetto: |
|
|
| bdoriano ha scritto: | Non mi sembra che sia un problema dovuto a qualche virus (in hijackthis non se ne vede traccia, ma non vuol dire).
Hai provato a re-installare MSIInstaller? |
si..ovviamente
ho anche provato a vedere con virit-light i processi attivi e mi segnala
con l'asterisco rosso quelli con %1'%
credo che il problema sia legato a qualche modifica in explorer legata alla shell o ..boh.... |
|
| Top |
|
|
corvo999
Comune mortale
Registrato: 25/04/08 10:00
Messaggi: 3
|
| Inviato: 25 Apr 2008 21:37 Oggetto: |
|
|
allego il file di virit che segnala i processi attivi e come si puo' vedere le voci 8-9-10-11 fanno riferimento a %1'% che non ho idea di cosa vogliano indicare, ed inoltre le voci 110 e 112 fanno riferimento a servizi che penso siano pericolosi. Se qualcuno ha la possibilità di capirci qualcosa ..grazie
VirIT Lite Monitor: Lista dei programmi e servizi in esecuzione automatica
Sistema Operativo: Microsoft Windows XP (Service Pack 2)
VirIT eXplorer Lite: Kernel process
1 - (0) Idle
2 - (4) System
3 - (5a0) smss.exe (D:\WINDOWS\system32\smss.exe)
4 - (740) csrss.exe (D:\WINDOWS\system32\csrss.exe)
5 - (788) winlogon.exe (D:\WINDOWS\system32\winlogon.exe)
6 - (7b4) services.exe (D:\WINDOWS\system32\services.exe)
7 - (7c0) lsass.exe (D:\WINDOWS\system32\lsass.exe)
8 - (184) svchost.exe (D:\WINDOWS\system32\svchost.exe)
9 - (1d8) svchost.exe (D:\WINDOWS\system32\svchost.exe)
10 - (204) svchost.exe (D:\WINDOWS\system32\svchost.exe)
11 - (218) incdsrv.exe
12 - (3d4) spoolsv.exe (D:\WINDOWS\system32\spoolsv.exe)
13 - (458) explorer.exe (D:\WINDOWS\explorer.exe)
14 - (494) a2service.exe
15 - (550) svchost.exe (D:\WINDOWS\system32\svchost.exe)
16 - (56c) GoogleUpdaterService.exe
17 - (58c) HWAPI.exe
18 - (5d0) mcmscsvc.exe
19 - (600) McNASvc.exe
20 - (650) mcods.exe
21 - (66c) mcpromgr.exe
22 - (6bc) RedirSvc.exe
23 - (75c) Mcshield.exe
24 - (264) mcsysmon.exe
25 - (2a8) SiteAdv.exe
26 - (2b0) mcagent.exe
27 - (2c8) pctsTray.exe
28 - (2d4) a2guard.exe
29 - (3a0) MONLITE.EXE (D:\VEXPLITE\MONLITE.EXE)
30 - (39c) MDM.EXE
31 - (3f4) GoogleToolbarNotifier.exe
32 - (424) MpfSrv.exe
33 - (560) nvsvc32.exe (D:\WINDOWS\system32\nvsvc32.exe)
34 - (61c) pctsAuxs.exe
35 - (280) pctsSvc.exe
36 - (7dc) SAService.exe
37 - (844) SMAgent.exe
38 - (860) cryptainersrv.exe (D:\WINDOWS\system32\cryptainersrv.exe)
39 - (874) svchost.exe (D:\WINDOWS\system32\svchost.exe)
40 - (8f4) VIRITSVC.EXE (D:\VEXPLITE\VIRITSVC.EXE)
41 - (ac8) alg.exe (D:\WINDOWS\system32\alg.exe)
42 - (aa4) USRWLANG.exe
43 - (c1c) mcupdmgr.exe
44 - (f20) wmiprvse.exe (D:\WINDOWS\System32\Wbem\wmiprvse.exe)
45 - (804d7000) ntoskrnl.exe (D:\WINDOWS\system32\ntoskrnl.exe)
46 - (806ed000) hal.dll (D:\WINDOWS\system32\hal.dll)
47 - (f7987000) KDCOM.DLL (D:\WINDOWS\system32\KDCOM.DLL)
48 - (f7897000) BOOTVID.dll (D:\WINDOWS\system32\BOOTVID.dll)
49 - (f75a8000) ACPI.sys
50 - (f7989000) WMILIB.SYS
51 - (f7597000) pci.sys
52 - (f75f7000) isapnp.sys
53 - (f7607000) ohci1394.sys
54 - (f7617000) 1394BUS.SYS
55 - (f789b000) compbatt.sys
56 - (f789f000) BATTC.SYS
57 - (f798b000) viaide.sys
58 - (f7707000) PCIIDEX.SYS
59 - (f7627000) MountMgr.sys
60 - (f74d8000) ftdisk.sys
61 - (f770f000) PartMgr.sys
62 - (f78a3000) hotcore2.sys
63 - (f7637000) VIRAGTLT.SYS (D:\VEXPLITE\VIRAGTLT.SYS)
64 - (f7647000) VolSnap.sys
65 - (f74c0000) atapi.sys
66 - (f74ad000) viasraid.sys
67 - (f7495000) SCSIPORT.SYS
68 - (f7657000) disk.sys
69 - (f7667000) CLASSPNP.SYS
70 - (f7867000) fltmgr.sys
71 - (f7855000) sr.sys
72 - (f7677000) ikfilesec.sys
73 - (f7687000) PxHelp20.sys
74 - (f783e000) KSecDD.sys
75 - (f7b52000) Ntfs.sys
76 - (f795a000) NDIS.sys
77 - (f7a34000) timntr.sys
78 - (f7697000) uagp35.sys
79 - (f76a7000) snapman.sys
80 - (f7a19000) Mup.sys
81 - (ba439000) amdk7.sys
82 - (b93a6000) nv4_mini.sys
83 - (b9392000) VIDEOPRT.SYS
84 - (ba429000) nic1394.sys
85 - (ba419000) imapi.sys
86 - (ba7a8000) pfc.sys
87 - (ba409000) cdrom.sys
88 - (ba3f9000) redbook.sys
89 - (b9310000) ks.sys
90 - (f77ef000) InCDPass.sys
91 - (f77f7000) GEARAspiWDM.sys
92 - (f77ff000) usbuhci.sys
93 - (b92ed000) USBPORT.SYS
94 - (f7807000) usbehci.sys
95 - (f780f000) fdc.sys
96 - (b92d9000) parport.sys
97 - (b92c8000) serial.sys
98 - (ba7a0000) serenum.sys
99 - (ba3e9000) i8042prt.sys
100 - (f7817000) kbdclass.sys
101 - (f781f000) mouclass.sys
102 - (ba79c000) gameenum.sys
103 - (b923a000) smwdm.sys
104 - (b9216000) portcls.sys
105 - (ba3d9000) drmk.sys
106 - (f79b1000) aeaudio.sys
107 - (f76d7000) fetnd5bv.sys
108 - (b916b000) 3xHybrid.sys
109 - (ba798000) BdaSup.SYS
110 - (f7a89000) audstub.sys
111 - (f76e7000) rasl2tp.sys
112 - (ba794000) ndistapi.sys
113 - (b9154000) ndiswan.sys
114 - (f76f7000) raspppoe.sys
115 - (f7587000) raspptp.sys
116 - (f772f000) TDI.SYS
117 - (b911b000) psched.sys
118 - (f7577000) msgpc.sys
119 - (f7737000) ptilink.sys
120 - (f773f000) raspti.sys
121 - (f7567000) odysseyIM3.sys
122 - (f7557000) termdd.sys
123 - (f79b3000) swenum.sys
124 - (b8fe9000) update.sys
125 - (ba784000) mssmbios.sys
126 - (f7547000) NDProxy.SYS
127 - (f7537000) usbhub.sys
128 - (f79b7000) USBD.SYS
129 - (f7747000) flpydisk.sys
130 - (b6daf000) iksysflt.sys
131 - (f7507000) KCOM.SYS
132 - (b6d48000) iksyssec.sys
133 - (f79b9000) Fs_Rec.SYS
134 - (f7a86000) Null.SYS
135 - (f79bb000) Beep.SYS
136 - (f775f000) vga.sys
137 - (f79bd000) mnmdd.SYS
138 - (f79bf000) RDPCDD.sys
139 - (f79c1000) InCDrec.SYS
140 - (b6d12000) InCDfs.SYS
141 - (f7767000) Msfs.SYS
142 - (f776f000) Npfs.SYS
143 - (ba7e8000) rasacd.sys
144 - (b6cff000) ipsec.sys
145 - (b6ca7000) tcpip.sys
146 - (b6c84000) Mpfp.sys
147 - (f74f7000) ipfltdrv.sys
148 - (b6c5c000) netbt.sys
149 - (b6c3a000) afd.sys
150 - (f7485000) netbios.sys
151 - (b6c0d000) truecrypt.sys
152 - (b6be2000) rdbss.sys
153 - (b6b73000) mrxsmb.sys
154 - (f7465000) Fips.SYS
155 - (b6b52000) ipnat.sys
156 - (f7455000) wanarp.sys
157 - (f7445000) arp1394.sys
158 - (f777f000) USBSTOR.SYS
159 - (f7425000) Cdfs.SYS
160 - (bf800000) win32k.sys (D:\WINDOWS\system32\win32k.sys)
161 - (b6ddc000) Dxapi.sys
162 - (f7787000) watchdog.sys (D:\WINDOWS\system32\watchdog.sys)
163 - (bf000000) dxg.sys
164 - (b9dec000) dxgthk.sys
165 - (bf012000) nv4_disp.dll (D:\WINDOWS\system32\nv4_disp.dll)
166 - (bffa0000) ATMFD.DLL (D:\WINDOWS\system32\ATMFD.DLL)
167 - (b588d000) cpwnt.SYS
168 - (f79f7000) ParVdm.SYS
169 - (f7a01000) EIO.sys
170 - (b5643000) srv.sys
171 - (b553e000) wdmaud.sys
172 - (b5701000) sysaudio.sys
173 - (b5308000) secdrv.sys
174 - (b4f89000) ssoftnt4.sys
175 - (b4e98000) mfehidk.sys
176 - (f77b7000) mfesmfk.sys
177 - (f7a73000) mchInjDrv.sys
178 - (f77cf000) mfebopk.sys
179 - (b5370000) mfeavfk.sys
180 - (b425e000) HTTP.sys
181 - (b3f96000) USR11G.sys
182 - (7c910000) ntdll.dll (D:\WINDOWS\system32\ntdll.dll)
1 - 25/04/2008 - 11:19:56
0
SiteAdvisor
D:\Programmi\SiteAdvisor\6253\SiteAdv.exe
Stato: File TROVATO (36640)
2 - 25/04/2008 - 11:19:56
0
mcagent_exe
D:\Programmi\McAfee.com\Agent\mcagent.exe /runkey
Stato: File TROVATO (566872)
3 - 25/04/2008 - 11:19:56
0
NvCplDaemon
RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
Stato: File TROVATO (7700480)
4 - 25/04/2008 - 11:19:56
0
ISTray
"D:\Programmi\Spyware Doctor\pctsTray.exe"
Stato: File TROVATO (1103240)
5 - 25/04/2008 - 11:19:56
0
a-squared
"D:\Programmi\a-squared Anti-Malware\a2guard.exe" /d=60
Stato: File TROVATO (1962128)
6 - 25/04/2008 - 11:19:56
0
VIRIT LITE MONITOR
D:\VEXPLITE\MONLITE.EXE
Stato: File TROVATO (245760)
7 - 25/04/2008 - 11:19:56
5
swg
D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
Stato: File TROVATO (68856)
8 - 25/04/2008 - 11:19:56
7
"%1" %*
Stato: File NON trovato
9 - 25/04/2008 - 11:19:56
8
"%1" %*
Stato: File NON trovato
10 - 25/04/2008 - 11:19:56
9
"%1" %*
Stato: File NON trovato
11 - 25/04/2008 - 11:19:56
10
"%1" %*
Stato: File NON trovato
12 - 25/04/2008 - 11:19:56
11
"%1" /S
Stato: File NON trovato
13 - 25/04/2008 - 11:19:56
16
userinit
D:\WINDOWS\system32\userinit.exe,
Stato: File TROVATO (25088)
14 - 25/04/2008 - 11:19:56
38
SecurityProviders
msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Stato: File TROVATO (86016)
15 - 25/04/2008 - 11:19:56
24
PostBootReminder
D:\WINDOWS\system32\SHELL32.dll
Stato: File TROVATO (8489472)
16 - 25/04/2008 - 11:19:56
24
CDBurn
D:\WINDOWS\system32\SHELL32.dll
Stato: File TROVATO (8489472)
17 - 25/04/2008 - 11:19:56
24
WebCheck
D:\WINDOWS\system32\webcheck.dll
Stato: File TROVATO (233472)
18 - 25/04/2008 - 11:19:56
24
SysTray
D:\WINDOWS\System32\stobject.dll
Stato: File TROVATO (122368)
19 - 25/04/2008 - 11:19:56
34
{0BF43445-2F28-4351-9252-17FE6E806AA0}
D:\Programmi\SiteAdvisor\6253\SiteAdv.dll
Stato: File TROVATO (927008)
20 - 25/04/2008 - 11:19:57
34
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
d:\programmi\google\googletoolbar1.dll
Stato: File TROVATO (2423872)
21 - 25/04/2008 - 11:19:58
35
{438755C2-A8BA-11D1-B96B-00A0C90312E1}
D:\WINDOWS\System32\browseui.dll
Stato: File TROVATO (1022976)
22 - 25/04/2008 - 11:19:58
35
{8C7461EF-2B13-11d2-BE35-3078302C2030}
D:\WINDOWS\System32\browseui.dll
Stato: File TROVATO (1022976)
23 - 25/04/2008 - 11:19:58
62
{AEB6717E-7E19-11d0-97EE-00C04FD91972}
shell32.dll
Stato: File TROVATO (8489472)
24 - 25/04/2008 - 11:19:58
23
{17492023-C23A-453E-A040-C7C580BBF700}
D:\WINDOWS\system32\LegitCheckControl.DLL
Stato: File TROVATO (1480232)
25 - 25/04/2008 - 11:19:58
23
{8AD9C840-044E-11D1-B3E9-00805F499D93}
D:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
Stato: File TROVATO (501136)
26 - 25/04/2008 - 11:19:58
23
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
D:\Programmi\Java\jre1.6.0_03\bin\npjpi160_03.dll
Stato: File TROVATO (132496)
27 - 25/04/2008 - 11:19:58
23
{D27CDB6E-AE6D-11CF-96B8-444553540000}
D:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx
Stato: File TROVATO (2987392)
28 - 25/04/2008 - 11:19:58
25
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
D:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
Stato: File TROVATO (62080)
29 - 25/04/2008 - 11:19:58
25
{089FD14D-132B-48FC-8861-0048AE113215}
D:\Programmi\SiteAdvisor\6253\SiteAdv.dll
Stato: File TROVATO (927008)
30 - 25/04/2008 - 11:19:58
25
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
D:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
Stato: File TROVATO (501136)
31 - 25/04/2008 - 11:19:58
25
{7DB2D5A0-7241-4E79-B68D-6309F01C5231}
d:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
Stato: File TROVATO (58688)
32 - 25/04/2008 - 11:19:58
36
{23170F69-40C1-278A-1000-000100020000}
D:\Programmi\7-Zip\7-zip.dll
Stato: File TROVATO (138752)
33 - 25/04/2008 - 11:19:58
36
{CB6C13AE-D1BD-4EA5-81FC-A1AC20942B6A}
D:\PROGRA~1\PACKAR~1\DSRClick.dll
Stato: File TROVATO (471552)
34 - 25/04/2008 - 11:19:58
36
{509FE1AF-ADD5-49EC-BC55-7CF81FD16E78}
D:\Programmi\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll
Stato: File TROVATO (69632)
35 - 25/04/2008 - 11:19:58
36
{162EFDC5-2957-465D-887B-590AF4A7E84D}
d:\PROGRA~1\mcafee\VIRUSS~1\mcodsax.dll
Stato: File TROVATO (202320)
36 - 25/04/2008 - 11:19:58
36
{750fdf0e-2a26-11d1-a3ea-080036587f03}
D:\WINDOWS\System32\cscui.dll
Stato: File TROVATO (333824)
37 - 25/04/2008 - 11:19:58
36
{09799AFB-AD67-11d1-ABCD-00C04FC30936}
D:\WINDOWS\system32\SHELL32.dll
Stato: File TROVATO (8489472)
38 - 25/04/2008 - 11:19:58
36
{A470F8CF-A1E8-4f65-8335-227475AA5C46}
D:\WINDOWS\system32\SHELL32.dll
Stato: File TROVATO (8489472)
39 - 25/04/2008 - 11:19:58
36
{C169E5F0-E2B3-41F3-B81A-7BA529CBE193}
D:\PROGRA~1\ZIPGEN~1\contmenu.dll
Stato: File TROVATO (1013760)
40 - 25/04/2008 - 11:19:59
26
000000000001
D:\WINDOWS\System32\mswsock.dll
Stato: File TROVATO (247296)
41 - 25/04/2008 - 11:19:59
26
000000000002
D:\WINDOWS\System32\winrnr.dll
Stato: File TROVATO (16896)
42 - 25/04/2008 - 11:19:59
26
000000000003
D:\WINDOWS\System32\mswsock.dll
Stato: File TROVATO (247296)
43 - 25/04/2008 - 11:20:00
27
000000000001
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
44 - 25/04/2008 - 11:20:00
27
000000000002
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
45 - 25/04/2008 - 11:20:00
27
000000000003
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
46 - 25/04/2008 - 11:20:00
27
000000000004
D:\WINDOWS\system32\rsvpsp.dll
Stato: File TROVATO (90112)
47 - 25/04/2008 - 11:20:00
27
000000000005
D:\WINDOWS\system32\rsvpsp.dll
Stato: File TROVATO (90112)
48 - 25/04/2008 - 11:20:00
27
000000000006
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
49 - 25/04/2008 - 11:20:01
27
000000000007
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
50 - 25/04/2008 - 11:20:01
27
000000000008
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
51 - 25/04/2008 - 11:20:01
27
000000000009
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
52 - 25/04/2008 - 11:20:01
27
000000000010
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
53 - 25/04/2008 - 11:20:01
27
000000000011
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
54 - 25/04/2008 - 11:20:01
27
000000000012
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
55 - 25/04/2008 - 11:20:01
27
000000000013
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
56 - 25/04/2008 - 11:20:01
27
000000000014
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
57 - 25/04/2008 - 11:20:01
27
000000000015
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
58 - 25/04/2008 - 11:20:01
27
000000000016
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
59 - 25/04/2008 - 11:20:01
27
000000000017
D:\WINDOWS\system32\mswsock.dll
Stato: File TROVATO (247296)
60 - 25/04/2008 - 11:20:01
28
crypt32chain
crypt32.dll
Stato: File TROVATO (601600)
61 - 25/04/2008 - 11:20:01
28
cryptnet
cryptnet.dll
Stato: File TROVATO (63488)
62 - 25/04/2008 - 11:20:01
28
cscdll
cscdll.dll
Stato: File TROVATO (102400)
63 - 25/04/2008 - 11:20:01
28
ScCertProp
wlnotify.dll
Stato: File TROVATO (93184)
64 - 25/04/2008 - 11:20:01
28
Schedule
wlnotify.dll
Stato: File TROVATO (93184)
65 - 25/04/2008 - 11:20:01
28
sclgntfy
sclgntfy.dll
Stato: File TROVATO (21504)
66 - 25/04/2008 - 11:20:01
28
SensLogn
WlNotify.dll
Stato: File TROVATO (93184)
67 - 25/04/2008 - 11:20:01
28
termsrv
wlnotify.dll
Stato: File TROVATO (93184)
68 - 25/04/2008 - 11:20:01
28
WgaLogon
WgaLogon.dll
Stato: File TROVATO (236928)
69 - 25/04/2008 - 11:20:01
28
wlballoon
wlnotify.dll
Stato: File TROVATO (93184)
70 - 25/04/2008 - 11:20:03
55
Your Image File Name Here without a path
ntsd -d
Stato: File NON trovato
71 - 25/04/2008 - 11:20:04
29
a2AntiMalware - a-squared Anti-Malware Service
"D:\Programmi\a-squared Anti-Malware\a2service.exe"
Stato: File TROVATO (369272)
72 - 25/04/2008 - 11:20:08
29
Alerter - Avvisi
D:\WINDOWS\System32\svchost.exe -k LocalService (D:\WINDOWS\system32\alrsvc.dll)
Stato: File TROVATO (14336)
73 - 25/04/2008 - 11:20:08
29
AudioSrv - Audio Windows
D:\WINDOWS\System32\svchost.exe -k netsvcs (D:\WINDOWS\System32\audiosrv.dll)
Stato: File TROVATO (14336)
74 - 25/04/2008 - 11:20:08
29
CryptSvc - Servizi di crittografia
D:\WINDOWS\system32\svchost.exe -k netsvcs (D:\WINDOWS\System32\cryptsvc.dll)
Stato: File TROVATO (14336)
75 - 25/04/2008 - 11:20:08
29
DcomLaunch - Utilità di avvio processo server DCOM
D:\WINDOWS\system32\svchost -k DcomLaunch (D:\WINDOWS\system32\rpcss.dll)
Stato: File NON trovato
76 - 25/04/2008 - 11:20:08
29
Dhcp - Client DHCP
D:\WINDOWS\System32\svchost.exe -k netsvcs (D:\WINDOWS\System32\dhcpcsvc.dll)
Stato: File TROVATO (14336)
77 - 25/04/2008 - 11:20:08
29
Eventlog - Registro eventi
D:\WINDOWS\system32\services.exe
Stato: File TROVATO (108544)
78 - 25/04/2008 - 11:20:08
29
gusvc - Google Updater Service
"D:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe"
Stato: File TROVATO (138680)
79 - 25/04/2008 - 11:20:08
29
InCDsrv - InCD Helper
D:\Programmi\Ahead\InCD\InCDsrv.exe
Stato: File TROVATO (929904)
80 - 25/04/2008 - 11:20:12
29
lanmanserver - Server
D:\WINDOWS\System32\svchost.exe -k netsvcs (D:\WINDOWS\System32\srvsvc.dll)
Stato: File TROVATO (14336)
81 - 25/04/2008 - 11:20:12
29
lanmanworkstation - Workstation
D:\WINDOWS\System32\svchost.exe -k netsvcs (D:\WINDOWS\System32\wkssvc.dll)
Stato: File TROVATO (14336)
82 - 25/04/2008 - 11:20:12
29
McAfee HackerWatch Service - McAfee HackerWatch Service
"D:\Programmi\File comuni\McAfee\HackerWatch\HWAPI.exe"
Stato: File TROVATO (540776)
83 - 25/04/2008 - 11:20:12
29
mcmscsvc - McAfee Services
D:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
Stato: File TROVATO (361560)
84 - 25/04/2008 - 11:20:12
29
McNASvc - McAfee Network Agent
"d:\PROGRA~1\FILECO~1\mcafee\mna\mcnasvc.exe"
Stato: File TROVATO (2213416)
85 - 25/04/2008 - 11:20:12
29
McODS - McAfee Scanner
D:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
Stato: File TROVATO (362064)
86 - 25/04/2008 - 11:20:12
29
mcpromgr - McAfee Protection Manager
D:\PROGRA~1\McAfee\MSC\mcpromgr.exe
Stato: File TROVATO (493144)
87 - 25/04/2008 - 11:20:12
29
McRedirector - McAfee Redirector Service
d:\PROGRA~1\FILECO~1\mcafee\redirsvc\redirsvc.exe
Stato: File TROVATO (256096)
88 - 25/04/2008 - 11:20:12
29
McShield - McAfee Real-time Scanner
D:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
Stato: File TROVATO (144960)
89 - 25/04/2008 - 11:20:12
29
McSysmon - McAfee SystemGuards
D:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
Stato: File TROVATO (643664)
90 - 25/04/2008 - 11:20:12
29
MDM - Machine Debug Manager
"D:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE"
Stato: File TROVATO (322120)
91 - 25/04/2008 - 11:20:12
29
MpfService - McAfee Personal Firewall Service
D:\Programmi\McAfee\MPF\MPFSrv.exe
Stato: File TROVATO (841256)
92 - 25/04/2008 - 11:20:12
29
NVSvc - NVIDIA Display Driver Service
D:\WINDOWS\system32\nvsvc32.exe
Stato: File TROVATO (159810)
93 - 25/04/2008 - 11:20:12
29
PlugPlay - Plug and Play
D:\WINDOWS\system32\services.exe
Stato: File TROVATO (108544)
94 - 25/04/2008 - 11:20:12
29
ProtectedStorage - Archiviazione protetta
D:\WINDOWS\system32\lsass.exe
Stato: File TROVATO (13312)
95 - 25/04/2008 - 11:20:12
29
RpcSs - RPC (Remote Procedure Call)
D:\WINDOWS\system32\svchost -k rpcss (D:\WINDOWS\system32\rpcss.dll)
Stato: File NON trovato
96 - 25/04/2008 - 11:20:12
29
SamSs - Gestione account di protezione (SAM)
D:\WINDOWS\system32\lsass.exe
Stato: File TROVATO (13312)
97 - 25/04/2008 - 11:20:12
29
Schedule - Utilità di pianificazione
D:\WINDOWS\System32\svchost.exe -k netsvcs (D:\WINDOWS\system32\schedsvc.dll)
Stato: File TROVATO (14336)
98 - 25/04/2008 - 11:20:13
29
sdAuxService - PC Tools Auxiliary Service
D:\Programmi\Spyware Doctor\pctsAuxs.exe
Stato: File TROVATO (747912)
99 - 25/04/2008 - 11:20:13
29
sdCoreService - PC Tools Security Service
D:\Programmi\Spyware Doctor\pctsSvc.exe
Stato: File TROVATO (948616)
100 - 25/04/2008 - 11:20:13
29
seclogon - Accesso secondario
D:\WINDOWS\System32\svchost.exe -k netsvcs (D:\WINDOWS\System32\seclogon.dll)
Stato: File TROVATO (14336)
101 - 25/04/2008 - 11:20:13
29
SENS - Notifica eventi di sistema
D:\WINDOWS\system32\svchost.exe -k netsvcs (D:\WINDOWS\system32\sens.dll)
Stato: File TROVATO (14336)
102 - 25/04/2008 - 11:20:13
29
SharedAccess - Windows Firewall / Condivisione connessione Internet (ICS)
D:\WINDOWS\System32\svchost.exe -k netsvcs (D:\WINDOWS\System32\ipnathlp.dll)
Stato: File TROVATO (14336)
103 - 25/04/2008 - 11:20:13
29
ShellHWDetection - Rilevamento hardware shell
D:\WINDOWS\System32\svchost.exe -k netsvcs (D:\WINDOWS\System32\shsvcs.dll)
Stato: File TROVATO (14336)
104 - 25/04/2008 - 11:20:13
29
SiteAdvisor Service - Servizio SiteAdvisor
D:\Programmi\SiteAdvisor\6253\SAService.exe
Stato: File TROVATO (345376)
105 - 25/04/2008 - 11:20:13
29
SoundMAX Agent Service (default) - SoundMAX Agent Service
D:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
Stato: File TROVATO (45056)
106 - 25/04/2008 - 11:20:13
29
Spooler - Spooler di stampa
D:\WINDOWS\system32\spoolsv.exe
Stato: File TROVATO (57856)
107 - 25/04/2008 - 11:20:13
29
srservice - Servizio Ripristino configurazione di sistema
D:\WINDOWS\System32\svchost.exe -k netsvcs (D:\WINDOWS\System32\srsvc.dll)
Stato: File TROVATO (14336)
108 - 25/04/2008 - 11:20:13
29
ssoftservice - Cryptainer service
cryptainersrv.exe
Stato: File TROVATO (74240)
109 - 25/04/2008 - 11:20:13
29
stisvc - Acquisizione di immagini di Windows (WIA)
D:\WINDOWS\System32\svchost.exe -k imgsvc (D:\WINDOWS\system32\wiaservc.dll)
Stato: File TROVATO (14336)
110 - 25/04/2008 - 11:20:13
29
TermService - Servizi terminal
D:\WINDOWS\System32\svchost -k DComLaunch (D:\WINDOWS\System32\termsrv.dll)
Stato: File NON trovato
111 - 25/04/2008 - 11:20:13
29
Themes - Temi
D:\WINDOWS\System32\svchost.exe -k netsvcs (D:\WINDOWS\System32\shsvcs.dll)
Stato: File TROVATO (14336)
112 - 25/04/2008 - 11:20:13
29
TrkWks - Manutenzione collegamenti distribuiti client
D:\WINDOWS\system32\svchost.exe -k netsvcs (D:\WINDOWS\system32\trkwks.dll)
Stato: File TROVATO (14336)
113 - 25/04/2008 - 11:20:13
29
viritsvclite - Virit eXplorer Lite
D:\VEXPLITE\viritsvc.exe
Stato: File TROVATO (57344)
114 - 25/04/2008 - 11:20:13
29
W32Time - Ora di Windows
D:\WINDOWS\System32\svchost.exe -k netsvcs (D:\WINDOWS\System32\w32time.dll)
Stato: File TROVATO (14336)
115 - 25/04/2008 - 11:20:13
29
winmgmt - Strumentazione gestione Windows
D:\WINDOWS\system32\svchost.exe -k netsvcs (D:\WINDOWS\system32\wbem\WMIsvc.dll)
Stato: File TROVATO (14336)
116 - 25/04/2008 - 11:20:13
29
wscsvc - Centro sicurezza PC
D:\WINDOWS\System32\svchost.exe -k netsvcs (D:\WINDOWS\system32\wscsvc.dll)
Stato: File TROVATO (14336)
117 - 25/04/2008 - 11:20:13
29
wuauserv - Aggiornamenti automatici
D:\WINDOWS\system32\svchost.exe -k netsvcs (D:\WINDOWS\system32\wuauserv.dll)
Stato: File TROVATO (14336)
118 - 25/04/2008 - 11:20:13
37
EIO - EIO
\??\D:\WINDOWS\system32\drivers\EIO.sys
Stato: File TROVATO (8703)
119 - 25/04/2008 - 11:20:13
37
Secdrv - Secdrv
System32\DRIVERS\secdrv.sys
Stato: File TROVATO (20480)
120 - 25/04/2008 - 11:20:13
37
ssoftnt4 - ssoftnt4
\??\D:\WINDOWS\system32\Drivers\ssoftnt4.sys
Stato: File TROVATO (100728)
121 - 25/04/2008 - 11:20:13
56
D:\WINDOWS\Tasks\Programma di arresto UPS.job
D:\WINDOWS\Tasks\Programma di arresto UPS.job
Stato: File TROVATO (110)
122 - 25/04/2008 - 11:20:13
40
Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
Stato: File NON trovato
123 - 25/04/2008 - 11:20:13
41
Default_Search_URL
http://home.microsoft.com/search/search.asp
Stato: File NON trovato
124 - 25/04/2008 - 11:20:13
43
Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Stato: File NON trovato
125 - 25/04/2008 - 11:20:13
44
Start Page
http://go.microsoft.com/fwlink/?LinkId=69157
Stato: File NON trovato
126 - 25/04/2008 - 11:20:14
50
Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Stato: File NON trovato
127 - 25/04/2008 - 11:20:14
51
Start Page
http://www.google.it/
Stato: File NON trovato
128 - 25/04/2008 - 13:28:22
56
D:\WINDOWS\Tasks\McDefragTask.job
d:\PROGRA~1\mcafee\mqc\QcConsol.exe
Stato: File TROVATO (136744)
129 - 25/04/2008 - 13:28:22
56
D:\WINDOWS\Tasks\McQcTask.job
d:\PROGRA~1\mcafee\mqc\QcConsol.exe
Stato: File TROVATO (136744)
130 - 25/04/2008 - 17:50:50
29
UPSentry_Smart - UPS - UPSentry Service
"D:\Programmi\Belkin Bulldog Plus\upsd.exe"
Stato: File NON trovato
131 - 25/04/2008 - 17:50:50
5
H/PC Connection Agent
"D:\Programmi\Microsoft ActiveSync\WCESCOMM.EXE"
Stato: File TROVATO (376912) |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 26 Apr 2008 09:57 Oggetto: |
 |
|
La prossima volta per un log così lungo, caricalo su FreeFileHosting come indicato qui.
Se vuoi fare un controllo, usiamo gli strumenti classici:
|
|
| Top |
|
|
|
|
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi
|
|
FAQ
Cerca
Lista utenti
Gruppi
Registrati
Profilo
Messaggi privati
Log in
