Visualizzazione Stampabile
-
quando mi collego a tgm online
mi appare un msg con su scritto di scaricare java virtual machine ( che gia' ho), e' un probabile virus?
tra l'altro ho di nuovo il mio vecchio amico qwery1.exe, che non trovo di nuovo....ne con l'antivir ne con niente....
conoscete qualche programma freeware per sistemare il registro di windows?
-
Re: quando mi collego a tgm online
Citazione:
Originariamente Scritto da
teoleo
mi appare un msg con su scritto di scaricare java virtual machine ( che gia' ho), e' un probabile virus?
tra l'altro ho di nuovo il mio vecchio amico qwery1.exe, che non trovo di nuovo....ne con l'antivir ne con niente....
conoscete qualche programma freeware per sistemare il registro di windows?
Come fai a sapere che ce l' hai ancora?
Sistemare il registro di Windows non significa granche'...
-
Re: quando mi collego a tgm online
e' un dialer, lo ritrovo con taskmanager, e' la terza volta che lo becco e ho sempre faticato a trovare dove si installa....
-
Re: quando mi collego a tgm online
Citazione:
Originariamente Scritto da
teoleo
mi appare un msg con su scritto di scaricare java virtual machine ( che gia' ho), e' un probabile virus?
tra l'altro ho di nuovo il mio vecchio amico qwery1.exe, che non trovo di nuovo....ne con l'antivir ne con niente....
conoscete qualche programma freeware per sistemare il registro di windows?
ovviamente solita procedura ad aware spybot e ewido tutti rigorosamente da modalità provvisoria.
posta il log di hijackthis.
Per sistemare il registro di win puoi usare regcleaner ammesso che tu intenda la stessa cosa che intendo io ossia cercare di alleggerirlo. :sisi:
-
Re: quando mi collego a tgm online
Citazione:
Originariamente Scritto da
teoleo
e' un dialer, lo ritrovo con taskmanager, e' la terza volta che lo becco e ho sempre faticato a trovare dove si installa....
se è un dialer ed hai l'adsl non dovresti avere grossi problemi oltre ad eventuali disconnessioni. comunque basterebbe lanciare la ricerca con il cerca di windows abilitandola a trovare tutti i files nascosti e di sistema.
-
Re: quando mi collego a tgm online
infatti non mi crea problemi, pero' vorrei toglierlo....
Ho provato con una scansione online da Panda antivir e SORPESA il mio ANTIVIR mentre scaricavo gli activex mi ha segnalato un virus!!!! Quindi semmai fate attenzione....
Ma regcleaner non e' freeware...
Ah, sapete indicarmi un link per le istruzioni in italiano di agnitum outpost...???
-
Re: quando mi collego a tgm online
-
Re: quando mi collego a tgm online
posta anche un log di hijackthis.
-
Re: quando mi collego a tgm online
domani posto, ho fatto oggi una scansione con ewido e ho tolto molti trojan e un altro dialer ( che pero' non mi dava problemi....), ma non il fatidico qwery1 :O)
-
Re: quando mi collego a tgm online
Citazione:
Originariamente Scritto da
teoleo
infatti non mi crea problemi, pero' vorrei toglierlo....
Ho provato con una scansione online da Panda antivir e SORPESA il mio ANTIVIR mentre scaricavo gli activex mi ha segnalato un virus!!!! Quindi semmai fate attenzione....
Ma regcleaner non e' freeware...
Ah, sapete indicarmi un link per le istruzioni in italiano di agnitum outpost...???
sicuro che non si trattasse di un falso positivo?
-
Re: quando mi collego a tgm online
Citazione:
Originariamente Scritto da
teoleo
domani posto, ho fatto oggi una scansione con ewido e ho tolto molti trojan e un altro dialer ( che pero' non mi dava problemi....), ma non il fatidico qwery1 :O)
ok aspettiamo il tuo post allora.
-
Re: quando mi collego a tgm online
ecco lo scan di hjack:
Logfile of HijackThis v1.99.1
Scan saved at 13.51.48, on 26/10/2006
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\runservice.exe
C:\WINNT\system32\nvsvc32.exe
C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINNT\system32\RunDll32.exe
C:\WINNT\system32\carpserv.exe
C:\Programmi\Classic PhoneTools\CapFax.EXE
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
C:\Programmi\ahead\InCD\InCD.exe
C:\Programmi\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\system32\rundll32.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.ex e
C:\WINNT\system32\atwtusb.exe
C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINNT\Temp\qwrx1.exe
C:\WINNT\system32\internat.exe
C:\Programmi\Creative\Shared Files\CamTray.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmi\GetRight\getright.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\C6 Messenger\c6Messenger.exe
C:\Downloads\hijack\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.catlist.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.catlist.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.catlist.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tgmonline.it/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.catlist.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Programmi\GetRight\xx2gr.dll
O2 - BHO: Class - {6CB7807F-43B3-1C6B-FBC4-21D44073F3E6} - C:\WINNT\nrxeg1.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\winnt\downloaded program files\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\winnt\downloaded program files\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmi\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [CapFax] C:\Programmi\Classic PhoneTools\CapFax.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programmi\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [CXMon] "C:\Programmi\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINNT\p_981116.exe /Q:A
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [OutpostFeedBack] C:\Programmi\Agnitum\Outpost Firewall 1.0\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [Outpost Firewall] C:\Programmi\Agnitum\Outpost Firewall 1.0\outpost.exe /waitservice
O4 - HKLM\..\Run: [qwrx1.exe] C:\WINNT\Temp\qwrx1.exe
O4 - HKLM\..\Run: [CTRegRun] C:\WINNT\CTRegRun.EXE
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Creative WebCam Tray] C:\Programmi\Creative\Shared Files\CamTray.exe
O4 - Startup: C6 Messenger.lnk = C:\Programmi\C6 Messenger\c6Messenger.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02. EXE
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Programmi\GetRight\getright.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Cerca con Google - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Traduci parola in italiano - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Download with GetRight - C:\Programmi\GetRight\GRdownload.htm
O8 - Extra context menu item: Link a ritroso - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Open with GetRight Browser - C:\Programmi\GetRight\GRbrowse.htm
O8 - Extra context menu item: Pagine simili - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Versione cache della pagina - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programmi\Agnitum\Outpost Firewall 1.0\Plugins\BrowserBar\ie_bar.dll (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1128513464265
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/it/bi.../GoogleNav.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://c6.community.alice.it/downloa...derActiveX.cab
O20 - Winlogon Notify: ATWinLog - C:\WINNT\SYSTEM32\ATWinLog.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINNT\runservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
fammi sapere
-
Re: quando mi collego a tgm online
io fixerei:
-> C:\WINNT\Temp\qwrx1.exe
-> R3 - Default URLSearchHook is missing
-> O2 - BHO: Class - {6CB7807F-43B3-1C6B-FBC4-21D44073F3E6} - C:\WINNT\nrxeg1.dll (file missing)
-> O4 - HKLM\..\Run: [qwrx1.exe] C:\WINNT\Temp\qwrx1.exe
-> O4 - Startup: PowerReg Scheduler.exe
-> O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
su questi ho un dubbio :???: :
-> O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programmi\Agnitum\Outpost Firewall 1.0\Plugins\BrowserBar\ie_bar.dll (file missing)
-> O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://c6.community.alice.it/downloa...derActiveX.cab
-> O20 - Winlogon Notify: ATWinLog - C:\WINNT\SYSTEM32\ATWinLog.dll
-
Re: quando mi collego a tgm online
quelli su cui blue_tech ha dei dubbi li lascerei stare a eccezione di quella numero 20 :sisi:
-
Re: quando mi collego a tgm online
-> O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programmi\Agnitum\Outpost Firewall 1.0\Plugins\BrowserBar\ie_bar.dll (file missing)
Questo si puo' levare, sia perche' e' "missing", sia perche' non e' necessario al funzionamento di Outpost o IE, anzi, in caso di problemi porta IE a crashare sistematicamente.
-
Re: quando mi collego a tgm online
ok, quindi esattamente che devo fare?
scusate ma non sono pratico di hjack...
(infatti explore ultimamente a volte crasha....)
-
Re: quando mi collego a tgm online
Citazione:
Originariamente Scritto da
teoleo
ok, quindi esattamente che devo fare?
scusate ma non sono pratico di hjack...
(infatti explore ultimamente a volte crasha....)
Metti il segno di spunta vicino alle voci che ti abbiamo suggerito nei post precedenti e poi fai Fix Checked.
Le riporto qui sotto per comodita':
-> C:\WINNT\Temp\qwrx1.exe
-> R3 - Default URLSearchHook is missing
-> O2 - BHO: Class - {6CB7807F-43B3-1C6B-FBC4-21D44073F3E6} - C:\WINNT\nrxeg1.dll (file missing)
-> O4 - HKLM\..\Run: [qwrx1.exe] C:\WINNT\Temp\qwrx1.exe
-> O4 - Startup: PowerReg Scheduler.exe
-> O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
-> O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programmi\Agnitum\Outpost Firewall 1.0\Plugins\BrowserBar\ie_bar.dll (file missing)
-
Re: quando mi collego a tgm online
ho fatto tutto ma non ho potuto fixare il primo della lista, xche per collegarmi ho dovuto uccire il qwerx1 da task manager e quando ho fatto lo scan con hjack non c'era, domani rifaccio e se c'e' lo fixo ( si scrive cosi?) :O)
Vi faccio sapere, grazie, anzi domani vi rimando il log....
Ma sto qwerx1 lo prendo solo io???
-
Re: quando mi collego a tgm online
allora questo e' lo scan di oggi ( faccio presente che quando mi collego mi chiede sempre di scaricare java virtual machine) :
Logfile of HijackThis v1.99.1
Scan saved at 13.27.21, on 27/10/2006
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\runservice.exe
C:\WINNT\system32\nvsvc32.exe
C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINNT\system32\RunDll32.exe
C:\WINNT\system32\carpserv.exe
C:\Programmi\Classic PhoneTools\CapFax.EXE
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
C:\Programmi\ahead\InCD\InCD.exe
C:\Programmi\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\system32\rundll32.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.ex e
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\WINNT\system32\atwtusb.exe
C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINNT\system32\internat.exe
C:\Programmi\Creative\Shared Files\CamTray.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmi\GetRight\getright.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\C6 Messenger\c6Messenger.exe
C:\Downloads\hijack\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.catlist.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.catlist.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.catlist.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tgmonline.it/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.catlist.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Programmi\GetRight\xx2gr.dll
O2 - BHO: Class - {6CB7807F-43B3-1C6B-FBC4-21D44073F3E6} - C:\WINNT\nrxeg1.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\winnt\downloaded program files\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\winnt\downloaded program files\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmi\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [CapFax] C:\Programmi\Classic PhoneTools\CapFax.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programmi\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [CXMon] "C:\Programmi\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINNT\p_981116.exe /Q:A
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [OutpostFeedBack] C:\Programmi\Agnitum\Outpost Firewall 1.0\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [Outpost Firewall] C:\Programmi\Agnitum\Outpost Firewall 1.0\outpost.exe /waitservice
O4 - HKLM\..\Run: [CTRegRun] C:\WINNT\CTRegRun.EXE
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Creative WebCam Tray] C:\Programmi\Creative\Shared Files\CamTray.exe
O4 - Startup: C6 Messenger.lnk = C:\Programmi\C6 Messenger\c6Messenger.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02. EXE
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Programmi\GetRight\getright.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Cerca con Google - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Traduci parola in italiano - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Download with GetRight - C:\Programmi\GetRight\GRdownload.htm
O8 - Extra context menu item: Link a ritroso - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Open with GetRight Browser - C:\Programmi\GetRight\GRbrowse.htm
O8 - Extra context menu item: Pagine simili - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Versione cache della pagina - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1128513464265
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/it/bi.../GoogleNav.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://c6.community.alice.it/downloa...derActiveX.cab
O20 - Winlogon Notify: ATWinLog - C:\WINNT\SYSTEM32\ATWinLog.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINNT\runservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
-
Re: quando mi collego a tgm online
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {6CB7807F-43B3-1C6B-FBC4-21D44073F3E6} - C:\WINNT\nrxeg1.dll (file missing)
questi li fixerei al 100%
-
Re: quando mi collego a tgm online
fatto, per ora mi rimane il "problema" che mi chiede di scaricare il java virtual machine
-
Re: quando mi collego a tgm online
prova a installare la vm da qui
-
Re: quando mi collego a tgm online
questo e' lo scan finale, ma ho dovuto eliminare due volte gli ultimi problemi che mi hai detto, quindi domani ricontrollo x sicurezza:
Logfile of HijackThis v1.99.1
Scan saved at 17.32.39, on 28/10/2006
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\runservice.exe
C:\WINNT\system32\nvsvc32.exe
C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINNT\system32\RunDll32.exe
C:\WINNT\system32\carpserv.exe
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
C:\Programmi\Classic PhoneTools\CapFax.EXE
C:\Programmi\ahead\InCD\InCD.exe
C:\WINNT\system32\rundll32.exe
C:\Programmi\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
C:\WINNT\system32\rundll32.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\WINNT\system32\atwtusb.exe
C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.ex e
C:\WINNT\system32\svchost.exe
C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINNT\system32\internat.exe
C:\Programmi\Creative\Shared Files\CamTray.exe
C:\Programmi\GetRight\getright.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\C6 Messenger\c6Messenger.exe
C:\Downloads\hijack\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL =
http://www.catlist.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.catlist.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.catlist.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.tgmonline.it/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.catlist.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
= Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
- C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} -
C:\Programmi\GetRight\xx2gr.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\winnt\downloaded program
files\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\winnt\downloaded program files\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [zBrowser Launcher]
C:\Programmi\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Programmi\MUSICMATCH\MUSICMATCH
Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [CapFax] C:\Programmi\Classic PhoneTools\CapFax.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programmi\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [CXMon]
"C:\Programmi\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon]
C:\Programmi\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINNT\p_981116.exe /Q:A
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe"
-atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched]
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition
Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [OutpostFeedBack] C:\Programmi\Agnitum\Outpost
Firewall 1.0\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [Outpost Firewall] C:\Programmi\Agnitum\Outpost
Firewall 1.0\outpost.exe /waitservice
O4 - HKLM\..\Run: [CTRegRun] C:\WINNT\CTRegRun.EXE
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Creative WebCam Tray] C:\Programmi\Creative\Shared
Files\CamTray.exe
O4 - Startup: C6 Messenger.lnk = C:\Programmi\C6
Messenger\c6Messenger.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File
comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk =
C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk =
C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02. EXE
O4 - Global Startup: GetRight - Tray Icon.lnk =
C:\Programmi\GetRight\getright.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk =
C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft
Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk =
C:\Programmi\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions
present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
present
O8 - Extra context menu item: &Cerca con Google -
res://c:\winnt\downloaded program
files\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Traduci parola in italiano -
res://c:\winnt\downloaded program
files\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Download with GetRight -
C:\Programmi\GetRight\GRdownload.htm
O8 - Extra context menu item: Link a ritroso -
res://c:\winnt\downloaded program
files\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Open with GetRight Browser -
C:\Programmi\GetRight\GRbrowse.htm
O8 - Extra context menu item: Pagine simili - res://c:\winnt\downloaded
program files\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Versione cache della pagina -
res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links -
{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan
Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) -
http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)
-
http://update.microsoft.com/windowsu...n/x86/client/w
uweb_site.cab?1128513464265
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} -
http://toolbar.google.com/data/it/bi.../GoogleNav.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX
Control) - http://c6.community.alice.it/downloa...derActiveX.cab
O20 - Winlogon Notify: ATWinLog - C:\WINNT\SYSTEM32\ATWinLog.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH -
C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService)
- AVIRA GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd -
C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Servizio amministrativo di Gestione disco logico
(dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO
EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner -
C:\WINNT\runservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum -
C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
-
Re: quando mi collego a tgm online
-
Re: quando mi collego a tgm online
sembra pulito. Prova a postare lo screenshot di msconfig avvio: magari ti si richiede il download di java per un semplice errore nello scheduling :sisi:
-
Re: quando mi collego a tgm online
allora ho sistemato java, ma guarda lo scan di stamattina:
Logfile of HijackThis v1.99.1
Scan saved at 11.16.57, on 30/10/2006
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\runservice.exe
C:\WINNT\system32\nvsvc32.exe
C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINNT\system32\RunDll32.exe
C:\WINNT\system32\carpserv.exe
C:\Programmi\Classic PhoneTools\CapFax.EXE
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
C:\Programmi\ahead\InCD\InCD.exe
C:\Programmi\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\system32\rundll32.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.ex e
C:\Programmi\Java\jre1.5.0_09\bin\jusched.exe
C:\WINNT\system32\atwtusb.exe
C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINNT\system32\internat.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmi\GetRight\getright.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\C6 Messenger\c6Messenger.exe
C:\Downloads\hijack\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.catlist.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.catlist.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.catlist.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tgmonline.it/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.catlist.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Programmi\GetRight\xx2gr.dll
O2 - BHO: Class - {6CB7807F-43B3-1C6B-FBC4-21D44073F3E6} - C:\WINNT\nrxeg1.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\winnt\downloaded program files\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\winnt\downloaded program files\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmi\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [CapFax] C:\Programmi\Classic PhoneTools\CapFax.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programmi\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [CXMon] "C:\Programmi\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINNT\p_981116.exe /Q:A
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_09\bin\jusched.exe "
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [OutpostFeedBack] C:\Programmi\Agnitum\Outpost Firewall 1.0\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [Outpost Firewall] C:\Programmi\Agnitum\Outpost Firewall 1.0\outpost.exe /waitservice
O4 - HKLM\..\Run: [CTRegRun] C:\WINNT\CTRegRun.EXE
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Startup: C6 Messenger.lnk = C:\Programmi\C6 Messenger\c6Messenger.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02. EXE
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Programmi\GetRight\getright.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Cerca con Google - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Traduci parola in italiano - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Download with GetRight - C:\Programmi\GetRight\GRdownload.htm
O8 - Extra context menu item: Link a ritroso - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Open with GetRight Browser - C:\Programmi\GetRight\GRbrowse.htm
O8 - Extra context menu item: Pagine simili - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Versione cache della pagina - res://c:\winnt\downloaded program files\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1128513464265
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/it/bi.../GoogleNav.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://c6.community.alice.it/downloa...derActiveX.cab
O20 - Winlogon Notify: ATWinLog - C:\WINNT\SYSTEM32\ATWinLog.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINNT\runservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
sono RITORNATI alcuni problemi, che faccio riFIXO?.
Devo suppore che qualche operazione che faccio con il pc, crea questi problemi o sbaglio?
-
Re: quando mi collego a tgm online
fixa da modalità provvisoria e disattivando il ripristino di sistema.
Prima controlla se in msconfig avvio ci siano delle voci a cui togliere la spunta.
-
Re: quando mi collego a tgm online
fino a modalita' provvisoria ti seguo, per il resto devi spiegarmi meglio, scusa.
-
Re: quando mi collego a tgm online
prima controlla se da start - esegui - msconfig - avvio trovi qualche processo da spuntare che determini la ricomparsa di quelli malevoli nel log di hijackthis.
In caso di dubbio posta uno screenshot.
Per il resto tasto destro risorse del computer ripristino di sistema metti la spunta (attento perché così perderai i punti di ripristino precedenti), riavvii in modalità provvisoria e fixi le voci da lì.
-
Re: quando mi collego a tgm online
scusa , faccio start-esegui, poi devo scrivere msconfig?
-
Re: quando mi collego a tgm online
esatto poi ti appare un menù a linguette vai su quella di avvio. Fai uno screenshot e lo posti sul forum. Così diamo un'occhiata e se è il caso di togliere la spunta a qualche processo.
-
Re: quando mi collego a tgm online
mmmmm, mi dice impossibile eseguire msconfig verificare percorso e nome file o che siano disponibili tutte le librerie, o roba simile.... :O((
-
Re: quando mi collego a tgm online
dunque in spybot search and destroy dovrebbe esserci, nelle utility avanzate, un opzione per visualizzare i programmi in escuzione allo start up. Prova adare un'occhiata lì :sisi:
-
Re: quando mi collego a tgm online
con spyboot ho questa: ho tolto la spunta a due processi che mi suggeriva di eliminare, perche' tra l'altro ho problemi a far partire dei giochi ( tipo PES 6, mi da errore per modulo di sicurezza cod 6000, mi pare che potrebbe essere dovuto ad un virus, giusto??)
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-06-21 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-08-18 Includes\Cookies.sbi
2006-08-18 Includes\Dialer.sbi
2006-08-18 Includes\Hijackers.sbi
2006-08-18 Includes\Keyloggers.sbi
2004-11-29 Includes\LSP.sbi
2006-08-18 Includes\Malware.sbi
2006-08-18 Includes\PUPS.sbi
2006-08-18 Includes\Revision.sbi
2006-08-18 Includes\Security.sbi
2006-08-18 Includes\Spybots.sbi
2005-02-17 Includes\Tracks.uti
2006-08-18 Includes\Trojans.sbi
Located: HK_LM:Run, AdslTaskBar
command: rundll32.exe stmctrl.dll,TaskBar
file: C:\WINNT\system32\rundll32.exe
size: 10000
MD5: fef164fc71fe934023beba34c8666c73
Located: HK_LM:Run, atwtusb
command: atwtusb.exe beta
file: C:\WINNT\system32\atwtusb.exe
size: 340044
MD5: 7eec7fdf9d940165feccd2907c0e493e
Located: HK_LM:Run, avgnt
command: "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min
file: C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
size: 241704
MD5: 88ef9d47d1fb477456efbb140fd19e02
Located: HK_LM:Run, CapFax
command: C:\Programmi\Classic PhoneTools\CapFax.EXE
file: C:\Programmi\Classic PhoneTools\CapFax.EXE
size: 20739
MD5: 3f98d6efaed887bd458e433cbc93cc3d
Located: HK_LM:Run, CARPService
command: carpserv.exe
file: C:\WINNT\system32\carpserv.exe
size: 4608
MD5: 9aaf44fdf3a5517066b286b80c4a149f
Located: HK_LM:Run, Cmaudio
command: RunDll32 cmicnfg.cpl,CMICtrlWnd
file:
Located: HK_LM:Run, CTRegRun
command: C:\WINNT\CTRegRun.EXE
file: C:\WINNT\CTRegRun.EXE
size: 41984
MD5: 91980f1b3352db9ccd59d8aa640a5bb0
Located: HK_LM:Run, CXMon
command: "C:\Programmi\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
file: C:\Programmi\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe
size: 49152
MD5: e805b70ac1a183b31523b0e01f31eeb0
Located: HK_LM:Run, DXM6Patch_981116
command: C:\WINNT\p_981116.exe /Q:A
file: C:\WINNT\p_981116.exe
size: 497376
MD5: 8f2e2a9b5b4a433f43010c9b1aa8718c
Located: HK_LM:Run, InCD
command: C:\Programmi\ahead\InCD\InCD.exe
file: C:\Programmi\ahead\InCD\InCD.exe
size: 1011712
MD5: b6133cba3aee95978ed61889ddc0671e
Located: HK_LM:Run, Logitech Utility
command: Logi_MwX.Exe
file: C:\WINNT\Logi_MwX.Exe
size: 19968
MD5: e57163001c8a279ab6b1a06b5834a463
Located: HK_LM:Run, MMTray
command: C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
file: C:\Programmi\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
size: 143360
MD5: 35cca48b609c9920dcc7bff07d623a56
Located: HK_LM:Run, NeroCheck (DISABLED)
command: C:\WINNT\System32\NeroCheck.exe
file: C:\WINNT\System32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
file: C:\WINNT\system32\RUNDLL32.EXE
size: 10000
MD5: fef164fc71fe934023beba34c8666c73
Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
file: C:\WINNT\system32\RUNDLL32.EXE
size: 10000
MD5: fef164fc71fe934023beba34c8666c73
Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINNT\system32\nwiz.exe
size: 843776
MD5: e56f22ff356570413a81be1e01c46419
Located: HK_LM:Run, Outpost Firewall
command: C:\Programmi\Agnitum\Outpost Firewall 1.0\outpost.exe /waitservice
file:
Located: HK_LM:Run, OutpostFeedBack
command: C:\Programmi\Agnitum\Outpost Firewall 1.0\feedback.exe /dump:os_startup
file:
Located: HK_LM:Run, QuickTime Task
command: "C:\Programmi\QuickTime\qttask.exe" -atboottime
file: C:\Programmi\QuickTime\qttask.exe
size: 282624
MD5: caf03357de72f8f19fa099581a685c1a
Located: HK_LM:Run, Share-to-Web Namespace Daemon
command: C:\Programmi\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
file: C:\Programmi\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
size: 57344
MD5: d4f5faa2fd2dc5923c82ee5808beed7c
Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Programmi\Java\jre1.5.0_09\bin\jusched.exe "
file: C:\Programmi\Java\jre1.5.0_09\bin\jusched.exe
size: 49263
MD5: 409c45da1cfbc3fc19eec7cbfe9b2786
Located: HK_LM:Run, Synchronization Manager
command: mobsync.exe /logon
file: C:\WINNT\system32\mobsync.exe
size: 111376
MD5: fbe5cd4f730b331bfdabe729f4096611
Located: HK_LM:Run, zBrowser Launcher
command: C:\Programmi\Logitech\iTouch\iTouch.exe
file: C:\Programmi\Logitech\iTouch\iTouch.exe
size: 631362
MD5: 535defd797d14dbc6edc4d746dc23d41
Located: HK_CU:Run, internat.exe (DISABLED)
command: internat.exe
file: C:\WINNT\system32\internat.exe
size: 20752
MD5: 31485605c7d484aa8f027caaf71fcaeb
Located: HK_CU:Run, swg
command: C:\Programmi\Google\GoogleToolbarNotifier\1.2.908. 5008\GoogleToolbarNotifier.exe
file: C:\Programmi\Google\GoogleToolbarNotifier\1.2.908. 5008\GoogleToolbarNotifier.exe
size: 163576
MD5: 1c813135848c379412a036841282a985
Located: Esecuzione automatica (comune), Adobe Gamma Loader.lnk
command: C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
file: C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
size: 113664
MD5: c2ff17734176cd15221c10044ef0ba1a
Located: Esecuzione automatica (comune), Avvio veloce di Adobe Reader.lnk
command: C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: deb88aef013dd1eefb462d7cad642166
Located: Esecuzione automatica (comune), EPSON Status Monitor 3 Environment Check(2).lnk
command: C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02. EXE
file: C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02. EXE
size: 135680
MD5: 4508d0da06456fff34def785ba2e4d1e
Located: Esecuzione automatica (comune), GetRight - Tray Icon.lnk
command: C:\Programmi\GetRight\getright.exe
file: C:\Programmi\GetRight\getright.exe
size: 3310920
MD5: b179d01343ad2cd0862ff5fa4a4fc114
Located: Esecuzione automatica (comune), Logitech Desktop Messenger.lnk
command: C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
file: C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
size: 169472
MD5: 91291ca1490f952d977618544d540b87
Located: Esecuzione automatica (comune), Microsoft Office.lnk
command: C:\Programmi\Microsoft Office\Office\OSA9.EXE
file: C:\Programmi\Microsoft Office\Office\OSA9.EXE
size: 65588
MD5: 6a29b5f830267621f0c9aefbc225f7f9
Located: Esecuzione automatica (comune), WinZip Quick Pick.lnk
command: C:\Programmi\WinZip\WZQKPICK.EXE
file: C:\Programmi\WinZip\WZQKPICK.EXE
size: 106560
MD5: 2fe253973433442c2cb234fb2bc4bf29
Located: Esecuzione automatica (utente), C6 Messenger.lnk
command: C:\Programmi\C6 Messenger\c6Messenger.exe
file: C:\Programmi\C6 Messenger\c6Messenger.exe
size: 449024
MD5: 46a3a58d6a2bbc4ee35f1cf4dd6f674a
Located: WinLogon, ATWinLog
command: ATWinLog.dll
file: ATWinLog.dll
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
-
Re: quando mi collego a tgm online
a parte la necessità di liberare delle risorse in avvio: tipo jusched: mi sembra pulito. Pes6 invece non ti parte per un errore di protezione del dvd e non per un virus.
-
Re: quando mi collego a tgm online
pero', anche se non metto il dvd mi da lo stesso errore, e cmq. x quello che mi consigli.
Problema supplementare:
Nella mia cartella programmi\filecomuni\system ho trovato una MONTAGNA di tr/agent.da li ho eliminati tutti tranne uno che non riesco a cancellare ne con l'antivir ( non me lo cancella, non lo mette in quarantina, non gli nega l'accesso) ne credo normalmente...ho provato e si e' impallato tutto....
Secondo problema: all'avvio, mentre carico win2000 si sentono 3 BIP dal altoparlante interno..... significa qualcosa.
Ah, visto che ci sono: e' normale che quando sono collegato il modulo di win scvost.exe cerca di collegarsi ad degli indirizzi??
Grazie e scusa
-
Re: quando mi collego a tgm online
Citazione:
Originariamente Scritto da
teoleo
Nella mia cartella programmi\filecomuni\system ho trovato una MONTAGNA di tr/agent.da li ho eliminati tutti tranne uno che non riesco a cancellare ne con l'antivir ( non me lo cancella, non lo mette in quarantina, non gli nega l'accesso) ne credo normalmente...ho provato e si e' impallato tutto....
prova ad eliminarlo con l'antivirus dalla modalità provvisoria :sisi:
Citazione:
Originariamente Scritto da
teoleo
Secondo problema: all'avvio, mentre carico win2000 si sentono 3 BIP dal altoparlante interno..... significa qualcosa.
di solito servono ad indicare problemi hardware :bua:
se scopri il tipo di bios che hai e posti l'esatta sequenza di bip forse riusciamo a dirti che prolema è :look:
Citazione:
Originariamente Scritto da
teoleo
Ah, visto che ci sono: e' normale che quando sono collegato il modulo di win scvost.exe cerca di collegarsi ad degli indirizzi??
Grazie e scusa
se si chiama effettivamente scvost.exe allora probabilmente è un virus, controlla il nome esatto del processo :sisi:
-
Re: quando mi collego a tgm online
-
Re: quando mi collego a tgm online
Citazione:
Originariamente Scritto da
teoleo
si chiama svchost.exe
allora dovrebbe essere normale anche se potrebbe essere un virus che lo sfrutta :look:
-
Re: quando mi collego a tgm online
Citazione:
Originariamente Scritto da
blue_tech
allora dovrebbe essere normale anche se potrebbe essere un virus che lo sfrutta :look:
Ne dubito. E' normale che cerchi di collegarsi ad Internet, anzi, se non lo lasci passare rischi che diversi servizi non funzionino a dovere...