Visualizzazione risultati 1 fino 5 di 5

Discussione: hijackthis

  1. #1
    Guest

    Talking hijackthis

    Salve a tutti, ho un problema col mio pc che è il seguente:
    facendo doppi click sulle 2 partizioni del hd c: e d: nn mi viene visualizzato il loro contenuto ma un a finestra in mi si chiede di selezionare un programma da utilizzare per aprire un file che ovviamente nn ho selezionato.
    Dopo scansione con antivir e avg ho trovato questo hijackthis che mi ha generato un file che ho inserito in un sito di analisi automatico che però nn mi convince molto per cui prima di eliminare una chiave preferirei avere un parere da chi ne sa qulcosa. Grazie per la cortesia e spero mia aiutate
    Ecco il file:
    Codice:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15.47.18, on 01/12/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programmi\Intel\WiFi\bin\S24EvMon.exe
    C:\Programmi\AVG\AVG9\avgchsvx.exe
    C:\Programmi\AVG\AVG9\avgrsx.exe
    C:\Programmi\AVG\AVG9\avgcsrvx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programmi\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
    C:\Programmi\Avira\AntiVir Desktop\avguard.exe
    C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
    C:\Programmi\AVG\AVG9\avgwdsvc.exe
    C:\Programmi\Java\jre6\bin\jusched.exe
    C:\Programmi\Intel\WiFi\bin\EvtEng.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\AVG\AVG9\avgtray.exe
    C:\Programmi\Intel\WiFi\bin\ZCfgSvc.exe
    C:\Programmi\File comuni\Intel\WirelessCommon\iFrmewrk.exe
    C:\WINDOWS\sm56hlpr.exe
    C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
    C:\Programmi\Java\jre6\bin\jqs.exe
    C:\Programmi\Acronis\TrueImageHome\TrueImageMonitor.exe
    C:\Programmi\Acronis\TrueImageHome\TimounterMonitor.exe
    C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
    C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe
    C:\Programmi\AVG\AVG9\avgnsx.exe
    C:\Programmi\CDBurnerXP\NMSAccessU.exe
    C:\VEXPLITE\MONLITE.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Programmi\File comuni\Intel\WirelessCommon\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
    C:\VEXPLITE\viritsvc.exe
    C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\Programmi\AVG\AVG9\avgemc.exe
    C:\Programmi\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
    C:\Programmi\AVG\AVG9\avgcsrvx.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Programmi\Mozilla Firefox\firefox.exe
    C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2.it
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG9\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Collegamento alla pagina delle proprietà di High Definition Audio] HDAShCut.exe
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\WiFi\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\File comuni\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
    O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Programmi\Acronis\TrueImageHome\TrueImageMonitor.exe
    O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Programmi\Acronis\TrueImageHome\TimounterMonitor.exe
    O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Monitor Apache Servers.lnk = C:\Programmi\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG9\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
    O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apache2.2 - Apache Software Foundation - C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
    O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG9\avgemc.exe
    O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG9\avgwdsvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Programmi\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Programmi\File comuni\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Programmi\Intel\WiFi\bin\S24EvMon.exe
    O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas   www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
    
    --
    End of file - 8062 bytes

    grazie
    Ultima modifica di dreadnaut : 01-12-2009 alle ore 17.31.18 Motivo: + tag [code]

  2. #2
    L'avatar di dreadnaut
    dreadnaut non è connesso Super Moderatore
    Data registrazione
    22-02-2004
    Messaggi
    6,306

    Predefinito

    Disintalla i vari anti-virus, anti-questo, anti-quest'altro e tienine solo uno. Sono come sempre inutili. Aggiorna Internet Explorer.

    Apri il Registro di Sistema, vai in HKEY_CLASSES_ROOT\Drive, tasto destro, Esporta, e posta il contenuto del file che ottieni.

  3. #3
    Guest

    Predefinito

    Grazie dreadnaut, ecco il risultato dopo le tue indicazioni.
    Trovi qualcosa di strano?
    Codice:
    Windows Registry Editor Version 5.00
    
    [HKEY_CLASSES_ROOT\Drive]
    @="Unità"
    "EditFlags"=hex:d2,01,00,00
    
    [HKEY_CLASSES_ROOT\Drive\DefaultIcon]
    @=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
      00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,68,00,\
      65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,38,00,00,00
    
    [HKEY_CLASSES_ROOT\Drive\shell]
    @="none"
    
    [HKEY_CLASSES_ROOT\Drive\shell\find]
    "SuppressionPolicy"=dword:00000080
    
    [HKEY_CLASSES_ROOT\Drive\shell\find\command]
    @=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
      00,5c,00,45,00,78,00,70,00,6c,00,6f,00,72,00,65,00,72,00,2e,00,65,00,78,00,\
      65,00,00,00
    
    [HKEY_CLASSES_ROOT\Drive\shell\find\ddeexec]
    @="[FindFolder(\"%l\", %I)]"
    "NoActivateHandler"=""
    
    [HKEY_CLASSES_ROOT\Drive\shell\find\ddeexec\application]
    @="Folders"
    
    [HKEY_CLASSES_ROOT\Drive\shell\find\ddeexec\topic]
    @="AppProperties"
    
    [HKEY_CLASSES_ROOT\Drive\shellex]
    
    [HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers]
    
    [HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\Offline Files]
    @="{750fdf0e-2a26-11d1-a3ea-080036587f03}"
    
    [HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\Sharing]
    @="{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"
    
    [HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\{59099400-57FF-11CE-BD94-0020AF85B590}]
    
    [HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\{C539A15A-3AF9-4c92-B771-50CB78F5C751}]
    @=""
    
    [HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\{fbeb8a05-beee-4442-804e-409d6c4515e9}]
    @=""
    
    [HKEY_CLASSES_ROOT\Drive\shellex\DragDropHandlers]
    
    [HKEY_CLASSES_ROOT\Drive\shellex\DragDropHandlers\WinRAR]
    @="{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
    
    [HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions]
    
    [HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}]
    @=""
    "DriveMask"=dword:00000020
    
    [HKEY_CLASSES_ROOT\Drive\shellex\PropertySheetHandlers]
    
    [HKEY_CLASSES_ROOT\Drive\shellex\PropertySheetHandlers\Sharing]
    @="{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"
    
    [HKEY_CLASSES_ROOT\Drive\shellex\PropertySheetHandlers\{1F2E5C40-9550-11CE-99D2-00AA006E086C}]
    
    [HKEY_CLASSES_ROOT\Drive\shellex\PropertySheetHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}]
    @=""
    
    [HKEY_CLASSES_ROOT\Drive\shellex\PropertySheetHandlers\{7988B573-EC89-11cf-9C00-00AA00A14F56}]
    @=""
    
    [HKEY_CLASSES_ROOT\Drive\shellex\PropertySheetHandlers\{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}]
    
    [HKEY_CLASSES_ROOT\Drive\shellex\PropertySheetHandlers\{fbeb8a05-beee-4442-804e-409d6c4515e9}]
    @=""
    Ultima modifica di dreadnaut : 01-12-2009 alle ore 19.18.50 Motivo: + tag [code] -- cerca di metterlo tu però

  4. #4
    L'avatar di dreadnaut
    dreadnaut non è connesso Super Moderatore
    Data registrazione
    22-02-2004
    Messaggi
    6,306

    Predefinito

    a dire il vero no, ma cercando sembra un problema noto, con un paio di diverse cause. Soluzioni possibili qui e qui.

  5. #5
    Guest

    Predefinito

    grazie mille
    risolto con fixdisc che mi ha restituito un messaggio del tipo che nn cera nulla
    ma adesso accedo normalmente a ll hd.
    grazie ciao

Regole di scrittura

  • Non puoi creare nuove discussioni
  • Non puoi rispondere ai messaggi
  • Non puoi inserire allegati.
  • Non puoi modificare i tuoi messaggi
  •