Errore all'avvio di XP file cmstp.exe
Inviato: mer giu 16, 2010 8:40 pm
da padobunker
Ciao a tutti sono un nuovo utente.
Ho installato win xp sp3 da poco perche ho dovuto cambiare l'hard disk. Premetto che per "sistemare" xp ho usato il wpa_kill visto che la key non la trovavo. Nell'avvio mi compare che il sistema non riesce a trovare il file cmstp.exe, googlando ho letto che potebbre esser qualcosa di maligno per il pc e sicurezza, ho scaricato Hijackthis per vedere gli errori ma purtroppo dato la mia poca manualitĂ ho solo un log
Chi mi può aiutare? grazie in anticipo!
Ho installato win xp sp3 da poco perche ho dovuto cambiare l'hard disk. Premetto che per "sistemare" xp ho usato il wpa_kill visto che la key non la trovavo. Nell'avvio mi compare che il sistema non riesce a trovare il file cmstp.exe, googlando ho letto che potebbre esser qualcosa di maligno per il pc e sicurezza, ho scaricato Hijackthis per vedere gli errori ma purtroppo dato la mia poca manualitĂ ho solo un log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21.49.56, on 14/06/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\AVG\AVG9\avgchsvx.exe
C:\Programmi\AVG\AVG9\avgrsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\AVG\AVG9\avgcsrvx.exe
C:\Programmi\AVG\AVG9\avgwdsvc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\CyberLink\Shared Files\RichVideo.exe
C:\Programmi\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Windows Media Player\wmplayer.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F3 - REG:win.ini: load=C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\cmstp.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG9\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmi\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [DllHst] C:\WINDOWS\System32\drivers\dllhst3g.exe /waitservice
O4 - HKLM\..\Policies\Explorer\Run: [Cisvc] C:\Documents and Settings\Administrator\LOCALS~1\APPLIC~1\MICROS~1\cisvc.exe /waitservice
O4 - HKLM\..\Policies\Explorer\Run: [Mstsc] C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\mstsc.exe /waitservice
O4 - HKLM\..\Policies\Explorer\Run: [Esent Utl] C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\esentutl.exe /waitservice
O4 - HKLM\..\Policies\Explorer\Run: [MstInit] C:\Documents and Settings\Administrator\LOCALS~1\APPLIC~1\MICROS~1\mstinit.exe /waitservice
O4 - HKLM\..\Policies\Explorer\Run: [rsvp] C:\DOCUME~1\ADMINI~1\DATIAP~1\rsvp.exe /waitservice
O4 - HKLM\..\Policies\Explorer\Run: [MqtgSVC] C:\DOCUME~1\ADMINI~1\DATIAP~1\mqtgsvc.exe /waitservice
O4 - HKLM\..\Policies\Explorer\Run: [SessMgr] C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\sessmgr.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [MqtgSVC] C:\DOCUME~1\ADMINI~1\DATIAP~1\MICROS~1\mqtgsvc.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [ClipSrv] C:\Documents and Settings\Administrator\LOCALS~1\APPLIC~1\clipsrv.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [MstInit] C:\Documents and Settings\Administrator\LOCALS~1\APPLIC~1\MICROS~1\mstinit.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [ComRepl] C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\comrepl.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [Esent Utl] C:\DOCUME~1\ADMINI~1\DATIAP~1\esentutl.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [SessMgr] C:\Documents and Settings\Administrator\LOCALS~1\APPLIC~1\MICROS~1\sessmgr.exe /waitservice
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [Cisvc] C:\WINDOWS\System\cisvc.exe /waitservice (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [Cisvc] C:\WINDOWS\System\cisvc.exe /waitservice (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG9\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe
--
End of file - 6229 bytes
Scan saved at 21.49.56, on 14/06/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\AVG\AVG9\avgchsvx.exe
C:\Programmi\AVG\AVG9\avgrsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\AVG\AVG9\avgcsrvx.exe
C:\Programmi\AVG\AVG9\avgwdsvc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\CyberLink\Shared Files\RichVideo.exe
C:\Programmi\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Windows Media Player\wmplayer.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F3 - REG:win.ini: load=C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\cmstp.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG9\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmi\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [DllHst] C:\WINDOWS\System32\drivers\dllhst3g.exe /waitservice
O4 - HKLM\..\Policies\Explorer\Run: [Cisvc] C:\Documents and Settings\Administrator\LOCALS~1\APPLIC~1\MICROS~1\cisvc.exe /waitservice
O4 - HKLM\..\Policies\Explorer\Run: [Mstsc] C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\mstsc.exe /waitservice
O4 - HKLM\..\Policies\Explorer\Run: [Esent Utl] C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\esentutl.exe /waitservice
O4 - HKLM\..\Policies\Explorer\Run: [MstInit] C:\Documents and Settings\Administrator\LOCALS~1\APPLIC~1\MICROS~1\mstinit.exe /waitservice
O4 - HKLM\..\Policies\Explorer\Run: [rsvp] C:\DOCUME~1\ADMINI~1\DATIAP~1\rsvp.exe /waitservice
O4 - HKLM\..\Policies\Explorer\Run: [MqtgSVC] C:\DOCUME~1\ADMINI~1\DATIAP~1\mqtgsvc.exe /waitservice
O4 - HKLM\..\Policies\Explorer\Run: [SessMgr] C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\sessmgr.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [MqtgSVC] C:\DOCUME~1\ADMINI~1\DATIAP~1\MICROS~1\mqtgsvc.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [ClipSrv] C:\Documents and Settings\Administrator\LOCALS~1\APPLIC~1\clipsrv.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [MstInit] C:\Documents and Settings\Administrator\LOCALS~1\APPLIC~1\MICROS~1\mstinit.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [ComRepl] C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\comrepl.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [Esent Utl] C:\DOCUME~1\ADMINI~1\DATIAP~1\esentutl.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [SessMgr] C:\Documents and Settings\Administrator\LOCALS~1\APPLIC~1\MICROS~1\sessmgr.exe /waitservice
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [Cisvc] C:\WINDOWS\System\cisvc.exe /waitservice (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [Cisvc] C:\WINDOWS\System\cisvc.exe /waitservice (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG9\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe
--
End of file - 6229 bytes
Chi mi può aiutare? grazie in anticipo!