Visualizzazione dei risultati da 1 a 2 su 2

Discussione: windows xp lentissimo

  1. #1

    windows xp lentissimo

    salve,
    ho usato HijackThis e salvato il file log ma non ci capisco niente. Potete aiutarmi gentilmente????


    ecco il log:


    Logfile of HijackThis v1.99.1
    Scan saved at 19.24.55, on 28/05/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
    C:\Programmi\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Programmi\Lexmark 5400 Series\lxctmon.exe
    C:\Programmi\Lexmark 5400 Series\ezprint.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Programmi\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\lxctcoms.exe
    C:\WINDOWS\System32\irdvxc.exe
    C:\WINDOWS\System32\urdvxc.exe
    C:\WINDOWS\system\usnsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
    C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\HijackThis\HijackThis.exe
    C:\WINDOWS\System32\hp-1003.exe
    C:\WINDOWS\System32\hp-1003.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gw.aliceadsl.it/home
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Lexmark Barra degli strumenti - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programmi\Lexmark Toolbar\toolband.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Lexmark Barra degli strumenti - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programmi\Lexmark Toolbar\toolband.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [lxctmon.exe] "C:\Programmi\Lexmark 5400 Series\lxctmon.exe"
    O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Programmi\Lexmark 5400 Series\fm3032.exe" /s
    O4 - HKLM\..\Run: [EzPrint] "C:\Programmi\Lexmark 5400 Series\ezprint.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [File Mapping Services] hp-1003.exe
    O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCTtim e.dll,_RunDLLEntry@16
    O4 - HKLM\..\RunServices: [File Mapping Services] hp-1003.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [File Mapping Services] hp-1003.exe
    O4 - HKCU\..\RunServices: [SYSTEM] winmgrd.exe
    O4 - HKCU\..\RunServices: [File Mapping Services] hp-1003.exe
    O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O14 - IERESET.INF: START_PAGE_URL=http://gw.aliceadsl.it/home
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B82B81B4-5B4F-4D5C-9A21-1406A17E5ED9}: NameServer = 192.168.0.1
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: LexBce Server (LexBceS) - Unknown owner - C:\WINDOWS\system32\LEXBCES.EXE (file missing)
    O23 - Service: lxct_device - - C:\WINDOWS\System32\lxctcoms.exe
    O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
    O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
    O23 - Service: Print Scheduler (prtsch) - Unknown owner - C:\WINDOWS\system\usnsvc.exe

    grazie a tutti.

  2. #2
    Utente di HTML.it L'avatar di Andiggi
    Registrato dal
    Aug 2001
    Messaggi
    663
    Dovresti farti spostare sul forum sicurezza informatica e virus. Incollando il tuo log qui si ottiene un'analisi automatica dello stesso. Le voci classificate come sospette (nota che per la prima ti dice anche nome e cognome del virus, W32/sdbot.worm.gen.x) sono:
    1) C:\WINDOWS\System32\irdvxc.exe
    2) C:\WINDOWS\System32\urdvxc.exe
    3) O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
    4) O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
    Ciao,

    magis ter meus asinus est
    Un giorno la paura bussò alla porta; il coraggio allora andò ad aprire,
    ma non vide nessuno. (Goethe)

Permessi di invio

  • Non puoi inserire discussioni
  • Non puoi inserire repliche
  • Non puoi inserire allegati
  • Non puoi modificare i tuoi messaggi
  •  
Powered by vBulletin® Version 4.2.1
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved.