Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Verifica file log

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Verifica file log

Messaggioda maulalla » ven set 22, 2006 12:23 pm

Allego alla presente il file log di hijackthis di un pc di un mio amico in quanto negli ultimi giorni ha problemi di rallentamento generale del PC in questione nonchè in fase di lavoro compare spesso che la memoria è in esaurimento e quindi non è sufficiente mentre il PC è fornito di 1Gb di ram. Inoltre utilizzando panda on line antivirus mi trova spesso file trojan che vengono regolarmente ripuliti. Ho fatto girare anche scangui che ha dato il pc pulito.
Sperando in una Vs. risposta ringrazio in anticipo

Logfile of HijackThis v1.99.1
Scan saved at 13.07.42, on 22/09/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\SYSTEM32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\SCardSvr.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\COMPAQ\ACLIENT\ACLIENT.exe
C:\Programmi\Compaq\Compaq Management Agents\cpqalert.exe
C:\WINNT\Cpqdiag\Cpqdfwag.exe
C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe
C:\WINNT\System32\svchost.exe
C:\Programmi\ewido anti-spyware 4.0\guard.exe
C:\Programmi\Network Associates\Common Framework\FrameworkService.exe
C:\Programmi\Network Associates\VirusScan\Mcshield.exe
C:\Programmi\Network Associates\VirusScan\VsTskMgr.exe
C:\WINNT\System32\NMSSvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmi\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Programmi\COMPAQ\Easy Access Button Support\StartEAK.exe
C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE
C:\WINNT\System32\hkcmd.exe
C:\Programmi\Network Associates\VirusScan\SHSTAT.EXE
C:\Programmi\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Programmi\Network Associates\Common Framework\UpdaterUI.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\Programmi\RealVNC\winvnc\winvnc.exe
C:\Programmi\Analog Devices\SoundMAX\DrvLsnr.exe
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\WINNT\system32\hphmon05.exe
C:\Programmi\cmagent\cmagent.exe
C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINNT\system32\internat.exe
C:\WINNT\system32\HPZipm12.exe
C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\roberto.ciccioli\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virgilio.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://internos
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0410/bl8.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {B65011EB-80A4-5BC6-0C28-6832975FE248} - C:\WINNT\ixdcq1.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: (no name) - {C3DEA25E-A515-4B65-8760-AEE03089F1CD} - (no file)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [CPQEASYACC] C:\Programmi\COMPAQ\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [ChkAdmin] C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programmi\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programmi\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [WinVNC] "C:\Programmi\RealVNC\winvnc\winvnc.exe" -servicehelper
O4 - HKLM\..\Run: [DrvLsnr] C:\Programmi\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Programmi\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINNT\system32\hphmon05.exe
O4 - HKLM\..\Run: [CMAgent] C:\Programmi\cmagent\cmagent.exe LISTNER 1000 C:\CMListner.log
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Programmi\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINNT\Cpqdiag\CpqDfwAg.exe
O4 - HKLM\..\RunOnce: [washindex] C:\Program Files\Washer\washidx.exe "roberto.ciccioli"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [key] C:\WINNT\system32\sys_xp.exe
O4 - HKCU\..\Run: [Eraser] C:\Programmi\Eraser\eraser.exe -hide
O4 - HKCU\..\RunOnce: [washindex] C:\Program Files\Washer\washidx.exe "roberto.ciccioli"
O4 - HKCU\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe
O4 - Global Startup: AboutTime.lnk = C:\Program Files\abouttime\PROGRAM\AboutTime.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\MsOff00\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download with &DAP - C:\Programmi\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Programmi\DAP\dapextie2.htm
O8 - Extra context menu item: Download with Free Downloads Accelerator - C:\Programmi\Free Downloads Accelerator\fdaie.htm
O14 - IERESET.INF: START_PAGE_URL=http://internos
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: http://*.internos
O15 - Trusted Zone: http://*.lusky
O15 - Trusted Zone: http://*.paper-ap
O15 - Trusted Zone: http://*.paper-doc
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O16 - DPF: {27AEF6CF-0C73-4772-B6CD-F904A469184D} (DocsPa_AcquisisciDoc.ctrlUploader) - http://paper-doc/docspa20_mc_wa/activex ... sciDoc.CAB
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex ... 0-3-17.cab
O16 - DPF: {604EF218-67E1-40C1-9866-1CFC646BAD36} (DFPrintPen.UsrCtlMain) - http://paper-ap/cyberdocs/Libraries/DOC ... intPen.CAB
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) - http://ww3.atlanteitaliano.it/ecwplugins/ncs.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - http://paper-doc/docspa20_mc_wa/activex/capicom.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnme ... loader.cab
O16 - DPF: {BC5D0D81-F176-4723-9D7A-710840A7F6E2} (Hbx Control) - http://lusky:4080/halley/po/output/hbx.cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://atlantide.virgilio.it/c6/downloa ... ctiveX.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = papernet.provincia.mc.it
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = papernet.provincia.mc.it
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = papernet.provincia.mc.it
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: Altiris Client Service (AClient) - Altiris, Inc. - C:\COMPAQ\ACLIENT\ACLIENT.exe
O23 - Service: Compaq Local Alerter (CPQALERT) - Compaq Computer Corporation - C:\Programmi\Compaq\Compaq Management Agents\cpqalert.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent (CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINNT\Cpqdiag\Cpqdfwag.exe
O23 - Service: cpqdmi - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe
O23 - Service: Compaq DMI Web Agent (cpqWebDmi) - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Programmi\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Programmi\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Programmi\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINNT\System32\NMSSvc.exe
O23 - Service: Omniquad MyPrivacy - Unknown owner - C:\Programmi\Omniquad Total Security\MyPrivacy\mpsvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: Gestione P&P Plus (pppcntl) - Unknown owner - C:\WINNT\downlo~1\1j6yls\b8nb8rnj.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Win32Sl (WIN32SL) - Intel - C:\Programmi\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Programmi\RealVNC\winvnc\winvnc.exe" -service (file missing)
Avatar utente
maulalla
Neo Iscritto
Neo Iscritto
 
Messaggi: 18
Iscritto il: gio giu 22, 2006 2:47 pm
Località: Corridonia

Messaggioda crazy.cat » ven set 22, 2006 1:10 pm

si vede almeno un virus, quello in rosso.
Prova a far girare questo tools dalla modalità provvisoria
http://securityresponse.symantec.com/av ... Beagle.exe
Rifai la scansione con hijackthis e cancella queste righe e controlla che sparisca il file in rosso.

O2 - BHO: Class - {B65011EB-80A4-5BC6-0C28-6832975FE248} - C:\WINNT\ixdcq1.dll (file missing)
O3 - Toolbar: (no name) - {C3DEA25E-A515-4B65-8760-AEE03089F1CD} - (no file)
O4 - HKCU\..\Run: [key] C:\WINNT\system32\sys_xp.exe
O14 - IERESET.INF: START_PAGE_URL=http://internos (potrebbe essere buono)
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: http://*.internos (potrebbe essere buono)
O15 - Trusted Zone: http://*.lusky (potrebbe essere buono)
O15 - Trusted Zone: http://*.paper-ap (potrebbe essere buono)
O15 - Trusted Zone: http://*.paper-doc (potrebbe essere buono)
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O23 - Service: Gestione P&P Plus (pppcntl) - Unknown owner - C:\WINNT\downlo~1\1j6yls\b8nb8rnj.exe (file missing)

Un controllo con A2 squared o superantispyware è molto consigliato perché sembra che sia passato qualche dialer, vedi quei siti autorizzati nella zona 015.
Alcune di quelle voci 015 potrebbero essere buone.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda maulalla » ven set 29, 2006 6:52 pm

Grazie per l'aiuto il pc dopo la procedura descritta è migliorato ma ora presenta il seguente problema:
Una volta aperto internet explorer cliccando per aprire una nuova finestre di explorer su altro link mi si chiude in automatico la finestra principale.
In pratica non riesco ad avere più di una finestra di explorer aperta.
Allego il nuovo file di log x verifica.

Logfile of HijackThis v1.99.1
Scan saved at 10.51.51, on 29/09/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\SYSTEM32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\SCardSvr.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\COMPAQ\ACLIENT\ACLIENT.exe
C:\Programmi\Compaq\Compaq Management Agents\cpqalert.exe
C:\WINNT\Cpqdiag\Cpqdfwag.exe
C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe
C:\WINNT\System32\svchost.exe
C:\Programmi\ewido anti-spyware 4.0\guard.exe
C:\Programmi\Network Associates\Common Framework\FrameworkService.exe
C:\Programmi\Network Associates\VirusScan\Mcshield.exe
C:\Programmi\Network Associates\VirusScan\VsTskMgr.exe
C:\WINNT\System32\NMSSvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmi\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe
C:\Programmi\RealVNC\winvnc\winvnc.exe
C:\WINNT\Explorer.EXE
C:\Programmi\COMPAQ\Easy Access Button Support\StartEAK.exe
C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE
C:\WINNT\System32\hkcmd.exe
C:\Programmi\Network Associates\VirusScan\SHSTAT.EXE
C:\Programmi\Network Associates\Common Framework\UpdaterUI.exe
C:\Programmi\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Programmi\Analog Devices\SoundMAX\DrvLsnr.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\WINNT\system32\hphmon05.exe
C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programmi\cmagent\cmagent.exe
C:\WINNT\system32\internat.exe
C:\WINNT\system32\HPZipm12.exe
C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
C:\Programmi\MsOff00\Office\WINWORD.EXE
C:\Documents and Settings\roberto.ciccioli\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://internos/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://internos
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0410/bl8.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [CPQEASYACC] C:\Programmi\COMPAQ\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [ChkAdmin] C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programmi\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programmi\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [WinVNC] "C:\Programmi\RealVNC\winvnc\winvnc.exe" -servicehelper
O4 - HKLM\..\Run: [DrvLsnr] C:\Programmi\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Programmi\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINNT\system32\hphmon05.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [!ewido] "C:\Programmi\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [CMAgent] C:\Programmi\cmagent\cmagent.exe LISTNER 1000 C:\CMListner.log
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINNT\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Global Startup: AboutTime.lnk = C:\Program Files\abouttime\PROGRAM\AboutTime.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\MsOff00\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download with &DAP - C:\Programmi\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Programmi\DAP\dapextie2.htm
O8 - Extra context menu item: Download with Free Downloads Accelerator - C:\Programmi\Free Downloads Accelerator\fdaie.htm
O14 - IERESET.INF: START_PAGE_URL=http://internos
O15 - Trusted Zone: http://*.internos
O15 - Trusted Zone: http://*.lusky
O15 - Trusted Zone: http://*.paper-ap
O15 - Trusted Zone: http://*.paper-doc
O16 - DPF: {27AEF6CF-0C73-4772-B6CD-F904A469184D} (DocsPa_AcquisisciDoc.ctrlUploader) - http://paper-doc/docspa20_mc_wa/activex ... sciDoc.CAB
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex ... 0-3-17.cab
O16 - DPF: {604EF218-67E1-40C1-9866-1CFC646BAD36} (DFPrintPen.UsrCtlMain) - http://paper-ap/cyberdocs/Libraries/DOC ... intPen.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9511220694
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) - http://ww3.atlanteitaliano.it/ecwplugins/ncs.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - http://paper-doc/docspa20_mc_wa/activex/capicom.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnme ... loader.cab
O16 - DPF: {BC5D0D81-F176-4723-9D7A-710840A7F6E2} (Hbx Control) - http://lusky:4080/halley/po/output/hbx.cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://atlantide.virgilio.it/c6/downloa ... ctiveX.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = papernet.provincia.mc.it
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = papernet.provincia.mc.it
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = papernet.provincia.mc.it
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: Altiris Client Service (AClient) - Altiris, Inc. - C:\COMPAQ\ACLIENT\ACLIENT.exe
O23 - Service: Compaq Local Alerter (CPQALERT) - Compaq Computer Corporation - C:\Programmi\Compaq\Compaq Management Agents\cpqalert.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent (CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINNT\Cpqdiag\Cpqdfwag.exe
O23 - Service: cpqdmi - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe
O23 - Service: Compaq DMI Web Agent (cpqWebDmi) - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Programmi\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Programmi\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Programmi\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINNT\System32\NMSSvc.exe
O23 - Service: Omniquad MyPrivacy - Unknown owner - C:\Programmi\Omniquad Total Security\MyPrivacy\mpsvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: Gestione P&P Plus (pppcntl) - Unknown owner - C:\WINNT\downlo~1\1j6yls\b8nb8rnj.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Win32Sl (WIN32SL) - Intel - C:\Programmi\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Programmi\RealVNC\winvnc\winvnc.exe" -service (file missing)

Grazie.
Avatar utente
maulalla
Neo Iscritto
Neo Iscritto
 
Messaggi: 18
Iscritto il: gio giu 22, 2006 2:47 pm
Località: Corridonia


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 4 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising