Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Controllo file log x virus

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Controllo file log x virus

Messaggioda maulalla » mar ott 03, 2006 11:36 pm

Ho il pc che si è rallentato fortemente mi potete controllare il file log x verifica di no virus e simili
Grazie

Logfile of HijackThis v1.99.1
Scan saved at 15.11.10, on 03/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmi\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\Programmi\Iomega\Iomega Automatic Backup\ibackup.exe
C:\Programmi\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Programmi\SecCopy\SecCopy.exe
C:\Programmi\Iomega\Automatic Backup Pro\LiveSystem.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Spamihilator\spamihilator.exe
C:\Programmi\TaskSwitchXP\TaskSwitchXP.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Programmi\EnExSys\InForma\InForma.exe
C:\Programmi\ewido anti-spyware 4.0\guard.exe
C:\Programmi\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Programmi\Logitech\SetPoint\KEM.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmi\ATNotes\ATnotes.exe
C:\Programmi\Logitech\SetPoint\KHALMNPR.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmi\OpenOffice.org 2.0\program\soffice.exe
C:\Programmi\OpenOffice.org 2.0\program\soffice.BIN
C:\Programmi\AutoCAD LT 2006\aclt.exe
C:\DOCUME~1\Admin\IMPOST~1\Temp\AdskCleanup.0001
C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
C:\Programmi\File comuni\Autodesk Shared\WSCommCntr1.exe
C:\Programmi\HijackThis\HijackThis.exe
C:\WINDOWS\system32\HPBPRO.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Programmi\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Programmi\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Iomega Automatic Backup 1.0.1] C:\Programmi\Iomega\Iomega Automatic Backup\ibackup.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programmi\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [Second Copy 2000] "C:\Programmi\SecCopy\SecCopy.exe"
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Iomega Automatic Backup Pro] "C:\Programmi\Iomega\Automatic Backup Pro\LiveSystem.exe" -s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Iomega Automatic Backup] C:\Programmi\Iomega\Iomega Automatic Backup\ibackup.exe
O4 - HKCU\..\Run: [Spamihilator] "C:\Programmi\Spamihilator\spamihilator.exe"
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Programmi\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [XPize Reloader] C:\WINDOWS\XPize\XPizeReloader.exe /S
O4 - Startup: ATnotes.lnk = C:\Programmi\ATNotes\ATnotes.exe
O4 - Startup: BHODemon 2.0.lnk = C:\Programmi\BHODemon 2\BHODemon.exe
O4 - Startup: InForma.lnk = ?
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Programmi\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: Supporto di Rete.lnk = ?
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EnExSys Server.lnk = C:\Programmi\EnExSys\EnServer.exe
O4 - Global Startup: InForma.lnk = C:\Programmi\EnExSys\InForma\InForma.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Avatar utente
maulalla
Neo Iscritto
Neo Iscritto
 
Messaggi: 18
Iscritto il: gio giu 22, 2006 2:47 pm
Località: Corridonia

Messaggioda crazy.cat » mer ott 04, 2006 9:50 pm

Manca un pezzo di log....
In quello che si vede, l'unica voce che non ho capito cosa sia è questa
O4 - HKCU\..\Run: [XPize Reloader] C:\WINDOWS\XPize\XPizeReloader.exe /S

Per il resto è pulito
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda maulalla » lun ott 09, 2006 6:06 pm

Scusa hai ragione ho scordato un pezzo di log :-)
Rinvio tutto il log completo:

Logfile of HijackThis v1.99.1
Scan saved at 15.11.10, on 03/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmi\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\Programmi\Iomega\Iomega Automatic Backup\ibackup.exe
C:\Programmi\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Programmi\SecCopy\SecCopy.exe
C:\Programmi\Iomega\Automatic Backup Pro\LiveSystem.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Spamihilator\spamihilator.exe
C:\Programmi\TaskSwitchXP\TaskSwitchXP.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Programmi\EnExSys\InForma\InForma.exe
C:\Programmi\ewido anti-spyware 4.0\guard.exe
C:\Programmi\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Programmi\Logitech\SetPoint\KEM.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmi\ATNotes\ATnotes.exe
C:\Programmi\Logitech\SetPoint\KHALMNPR.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmi\OpenOffice.org 2.0\program\soffice.exe
C:\Programmi\OpenOffice.org 2.0\program\soffice.BIN
C:\Programmi\AutoCAD LT 2006\aclt.exe
C:\DOCUME~1\Admin\IMPOST~1\Temp\AdskCleanup.0001
C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
C:\Programmi\File comuni\Autodesk Shared\WSCommCntr1.exe
C:\Programmi\HijackThis\HijackThis.exe
C:\WINDOWS\system32\HPBPRO.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Programmi\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Programmi\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Iomega Automatic Backup 1.0.1] C:\Programmi\Iomega\Iomega Automatic Backup\ibackup.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programmi\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [Second Copy 2000] "C:\Programmi\SecCopy\SecCopy.exe"
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Iomega Automatic Backup Pro] "C:\Programmi\Iomega\Automatic Backup Pro\LiveSystem.exe" -s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Iomega Automatic Backup] C:\Programmi\Iomega\Iomega Automatic Backup\ibackup.exe
O4 - HKCU\..\Run: [Spamihilator] "C:\Programmi\Spamihilator\spamihilator.exe"
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Programmi\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [XPize Reloader] C:\WINDOWS\XPize\XPizeReloader.exe /S
O4 - Startup: ATnotes.lnk = C:\Programmi\ATNotes\ATnotes.exe
O4 - Startup: BHODemon 2.0.lnk = C:\Programmi\BHODemon 2\BHODemon.exe
O4 - Startup: InForma.lnk = ?
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Programmi\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: Supporto di Rete.lnk = ?
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EnExSys Server.lnk = C:\Programmi\EnExSys\EnServer.exe
O4 - Global Startup: InForma.lnk = C:\Programmi\EnExSys\InForma\InForma.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {1F831FA9-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - http://pointa.autodesk.com/portal/lang/ita/InstFred.Ocx
O16 - DPF: {737D14F8-4090-11D4-AE0E-0010830243BD} (SysVerChk Control) - http://pointa.autodesk.com/portal/lang/ ... VerChk.ocx
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Controllo AcDc oggi) - file://C:\Programmi\AutoCAD LT 2002 Ita\AcDcToday.ocx
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promot ... r37880.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {AE563729-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - http://pointa.autodesk.com/portal/lang/ita/InstBanr.Ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Controllo AcPreview) - file://C:\Programmi\AutoCAD LT 2002 Ita\AcPreview.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{9CEE62A9-5B4D-4582-B2B2-6FA504CFE8C4}: NameServer = 151.99.125.2,151.99.125.3
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe

Per quanto riguarda xpize è il programmino che ho scaricato dal sito di MegaLab x migliorare l'aspetto di Windows XP.
Saluti e grazie
Avatar utente
maulalla
Neo Iscritto
Neo Iscritto
 
Messaggi: 18
Iscritto il: gio giu 22, 2006 2:47 pm
Località: Corridonia


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 6 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising