Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

computer lento

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

computer lento

Messaggioda wolly76 » mar dic 25, 2007 2:51 pm

ciao raga auguroni...
date un occhiata al log di mia sorella il pc è lentissimo


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:52:33, on 25/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\PROGRA~1\FILECO~1\ILSOLE~1\lm\lm.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\PMJ151LA.BIN
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\System32\ups.exe
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\WINDOWS\Dit.exe
C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Programmi\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\USB Disk Win98 Driver\Res.EXE
C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Programmi\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\Programmi\BitTorrent_DNA\dna.exe
C:\Programmi\Microsoft ActiveSync\wcescomm.exe
C:\Programmi\Sprite Software\Sprite Backup\SpriteService.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\WLAN\802.11 Wireless LAN\WWlanMonitor.exe
C:\Programmi\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Programmi\C'è Posta\CPosta.exe
C:\Programmi\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
C:\Programmi\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:2323
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmi\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [SmcService] "C:\PROGRA~1\Sygate\SPF\smc.exe" -startgui
O4 - HKLM\..\Run: [bmt0cc49] "RUNDLL32.EXE" w00833da.dll,n 0020cc470000000a00833da
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [mmtask] "C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Programmi\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Programmi\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Programmi\USB Disk Win98 Driver\Res.EXE
O4 - HKLM\..\Run: [MMTray] "C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Systweak Ad and Popup Blocker] "C:\Programmi\Advanced System Optimizer\adblock.exe"
O4 - HKCU\..\Run: [LDM] C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Programmi\BitTorrent_DNA\dna.exe"
O4 - HKCU\..\Run: [SpriteService] "C:\Programmi\Sprite Software\Sprite Backup\SpriteService.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: C'è Posta.lnk = ?
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O4 - Global Startup: WLAN Monitor Utility.lnk = ?
O4 - Global Startup: ymetray.lnk = C:\Programmi\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: &Search - ?p=ZN
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.libero.it
O16 - DPF: Iphona - https://servizi.inps.it/servizi/parlaco ... Iphona.CAB
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.storage-tasp.com/gs/gsa_1683.exe
O16 - DPF: {00000000-0023-0000-5400-320020040070} - http://www.storage-tasp.com/gs/gsa_1594.exe
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {F7FD91D1-45E6-4349-B698-F976062DAC26} - http://www.storage-tasp.com/gs/gsa_01683.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: Telephony - C:\WINDOWS\
O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Programmi\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: LMService - Il Sole 24 Ore - C:\PROGRA~1\FILECO~1\ILSOLE~1\lm\lm.exe
O23 - Service: PMJ151 AutoLaunch Service (PMJ151LA) - Matsushita Electric Industrial Co. ,Ltd, - C:\WINDOWS\PMJ151LA.BIN
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Programmi\Sygate\SPF\smc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O24 - Desktop Component 0: (no name) -

--
End of file - 10891 bytes
"Se le auto funzionassero come i software, si bloccherebbero due volte al giorno senza motivo e l'unica soluzione sarebbe reinstallare il motore"
Avatar utente
wolly76
Senior Member
Senior Member
 
Messaggi: 354
Iscritto il: gio gen 04, 2007 2:54 pm
Località: C:\WINDOWS

Re: computer lento

Messaggioda crazy.cat » mar dic 25, 2007 3:05 pm

Rileggiti il log e guarda il link che c'è nel 024, prestate attenzione a cosa postate.

due file strani, carica la dll e il bin sul sito www.virustotal.com e falli analizzare.
O4 - HKLM\..\Run: [bmt0cc49] "RUNDLL32.EXE" w00833da.dll,n 0020cc470000000a00833da
O23 - Service: PMJ151 AutoLaunch Service (PMJ151LA) - Matsushita Electric Industrial Co. ,Ltd, - C:\WINDOWS\PMJ151LA.BIN

qui ci sono dei dialer, scansione completa del disco con superantispyware freeware e fai pulizia.
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.storage-tasp.com/gs/gsa_1683.exe
O16 - DPF: {00000000-0023-0000-5400-320020040070} - http://www.storage-tasp.com/gs/gsa_1594.exe
O16 - DPF: {F7FD91D1-45E6-4349-B698-F976062DAC26} - http://www.storage-tasp.com/gs/gsa_01683.exe
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda BeGa » mar dic 25, 2007 3:10 pm

per il processo cisvc.exe


Cisvc.exe è un file di windows che spesso crea qualche preoccupazione perché lo visualizziamo in taskmanager occupando la CPU e riallentando il sistema.

Il processo cisvc.exe è anche causa di una improvvisa e rapida diminuzione dello spazio sul nostro HD.

Cisvc.exe è un file di dsistema di windows che si occupa di indicizzare i file e le cartelle presenti sull'HD, in questo modo durante la ricerca di file, con la funzione cerca di windows, subito viene restituito il risultato.

Purtroppo cisvc.exe crea file di enormi dimensioni che spesso terminano lo spazio disponibile sul disco.

I file utilizzati per indicizzare il contenuto dell'HD, spesso sono di enormi dimensioni, rendendo complessa la letterua e scrittura in questi file, da qui, l'enorme consumo di CPU del file cisvc.exe.

Per risolvere il problema procedere così:

1) Andare in Pannello di controllo e poi Servizi, qui fermare e disabilitare il servizio Indexing Service, in questo modo non utilizziamo questa funzionalità di windows, ma abbiamo un sistema più stabile e performante.

2) In risorse del computer, andare in Strumenti poi Opzioni Cartella e Visualizzazione, qui eliminare il visto sulla voce "Nascondi i file di sistema".

3) Andare in c:\ e poi in System Volume Information (che ora si visualizza anche se cartella protetta)

4) Entrare nella cartella catalog.wci ed eliminare tutto il contenuto e poi svuotare il cestino

5) Andiamo nuovamente in Strumenti poi Opzioni Cartella e Visualizzazione e mettiamo il visto su "Nascondi i file di sistema" per sicurezza.

In questo modo abbiamo terminato il servizio cisvc.exe e liberato lo spazio inutilmente occupato.
Avatar utente
BeGa
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 2192
Iscritto il: mer apr 18, 2007 3:13 pm


Messaggioda wolly76 » mar dic 25, 2007 5:32 pm

Crazy scusa ma non me ne ero accorto chiedo perdono in ginocchio...
veniamo a noi, superantispyware non me lo fa scaricare forse un problema al server ho scaricato a-squared e l'ho fatto girare, per quanto riguarda il file:
O23 - Service: PMJ151 AutoLaunch Service (PMJ151LA) - Matsushita Electric Industrial Co. ,Ltd, - C:\WINDOWS\PMJ151LA.BIN
virustotal ha fatto l'analisi e nessun antivirus lo ha classificato come pericoloso il resto l'ho eliminato, per quanto riguarda il suggerimento di BeGa ancora non ho eseguito, perché in servizi non trovo indexing service ma servizio indicizzazione e volevo la conferma che fosse quello, grazie.
Vi riposto il log di hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:33:15, on 25/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\PROGRA~1\FILECO~1\ILSOLE~1\lm\lm.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\PMJ151LA.BIN
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\System32\ups.exe
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\WINDOWS\Dit.exe
C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Programmi\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\USB Disk Win98 Driver\Res.EXE
C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Programmi\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\Programmi\BitTorrent_DNA\dna.exe
C:\Programmi\Microsoft ActiveSync\wcescomm.exe
C:\Programmi\Sprite Software\Sprite Backup\SpriteService.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\WLAN\802.11 Wireless LAN\WWlanMonitor.exe
C:\Programmi\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Programmi\C'è Posta\CPosta.exe
C:\Programmi\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programmi\a-squared Free\a2service.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:2323
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmi\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [SmcService] "C:\PROGRA~1\Sygate\SPF\smc.exe" -startgui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [mmtask] "C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Programmi\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Programmi\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Programmi\USB Disk Win98 Driver\Res.EXE
O4 - HKLM\..\Run: [MMTray] "C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Systweak Ad and Popup Blocker] "C:\Programmi\Advanced System Optimizer\adblock.exe"
O4 - HKCU\..\Run: [LDM] C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Programmi\BitTorrent_DNA\dna.exe"
O4 - HKCU\..\Run: [SpriteService] "C:\Programmi\Sprite Software\Sprite Backup\SpriteService.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: C'è Posta.lnk = ?
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O4 - Global Startup: WLAN Monitor Utility.lnk = ?
O4 - Global Startup: ymetray.lnk = C:\Programmi\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: &Search - ?p=ZN
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.libero.it
O16 - DPF: Iphona - https://servizi.inps.it/servizi/parlaco ... Iphona.CAB
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: Telephony - C:\WINDOWS\
O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programmi\a-squared Free\a2service.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Programmi\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: LMService - Il Sole 24 Ore - C:\PROGRA~1\FILECO~1\ILSOLE~1\lm\lm.exe
O23 - Service: PMJ151 AutoLaunch Service (PMJ151LA) - Matsushita Electric Industrial Co. ,Ltd, - C:\WINDOWS\PMJ151LA.BIN
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Programmi\Sygate\SPF\smc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

--
End of file - 10426 bytes
"Se le auto funzionassero come i software, si bloccherebbero due volte al giorno senza motivo e l'unica soluzione sarebbe reinstallare il motore"
Avatar utente
wolly76
Senior Member
Senior Member
 
Messaggi: 354
Iscritto il: gio gen 04, 2007 2:54 pm
Località: C:\WINDOWS

Messaggioda BeGa » mar dic 25, 2007 5:40 pm

per PMJ151LA.BIN

Company
Company Name Matsushita Electric Industrial Co. ,Ltd,
Legal Copyright Copyright (C) 2002 by Matsushita Electric Industrial Co. ,Ltd,
Company Website
Product
Product Name Panasonic DVC Web Camera
Description
Product web site
Process
ProcessName PMJ151LA.BIN
Fix PMJ151LA.BIN errors Run a Free Registry Scan
Description
Internal Name PMJ151LA.BIN
File Description Panasonic DVC Web Camera
Comments
Original File Name PMJ151LA.BIN
Query count 3
Recommended
Detect other Security Risks Run a Free Spyware Scan
Optimize PC Settings Run a Free Performance Scan


fonte: http://www.whatsrunning.net/whatsrunning/QueryProcessID.aspx?Process=9979
Avatar utente
BeGa
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 2192
Iscritto il: mer apr 18, 2007 3:13 pm

Messaggioda tecnico24 » mar dic 25, 2007 9:59 pm

Disabilita il ripristino configurazione di sistema:
http://www.MegaLab.it/2330

avvia hijackthis e fixa queste:


O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\

O20 - Winlogon Notify: Telephony - C:\WINDOWS\

O8 - Extra context menu item: &Search - ?p=ZN

O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb






Poi dai una passata con CureIT:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
Avatar utente
tecnico24
Senior Member
Senior Member
 
Messaggi: 380
Iscritto il: dom mag 20, 2007 4:31 pm


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti

cron
Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising