Dopo pochi minuti di connessione il Pc si blocca .


Logfile of HijackThis v1.99.1
Scan saved at 16.41.56, on 25/09/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\windupdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\drivers\etc\systemp\spool.exe
C:\WINDOWS\system32\drivers\etc\systemp\svchost.exe
C:\WINDOWS\System32\rasautou.exe
C:\WINDOWS\SYSWIN32.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Maria\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchcentral.cc/search.php?v=4&aff=3638
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.virgilio.it/free
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Tin.it
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: C:\WINDOWS\lbbho.dll - {8D4EAAE4-B3C2-4280-8158-3CE790BD0E51} - C:\WINDOWS\lbbho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar1.dll
O3 - Toolbar: (no name) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar1.dll
O4 - HKLM\..\Run: [Startup Manager Scanner] C:\Programmi\Startup Mechanic\StartupScanner.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O8 - Extra context menu item: &Cerca con Google - res://c:\windows\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Traduci parola in italiano - res://c:\windows\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Link a ritroso - res://c:\windows\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pagine simili - res://c:\windows\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Versione cache della pagina - res://c:\windows\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Umail - {0B690506-976C-441D-B6F7-B85C356CA242} - http://www.umail.it (file missing) (HKCU)
O9 - Extra button: Alice - {263DCACC-42E4-47ED-A418-9DC10BC8A28F} - http://gw.aliceadsl.it/alice (file missing) (HKCU)
O12 - Plugin for .spop: C:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.virgilio.it/free
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: microsoft update (msnupdate) - Unknown owner - C:\WINDOWS\windupdate.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: servicesnt Service: spoolntA (spoolntA) - Unknown owner - C:\WINDOWS\system32\drivers\etc\systemp\servicesnt.EXE
O23 - Service: servicesnt Service: svchostntA (svchostntA) - Unknown owner - C:\WINDOWS\system32\drivers\etc\systemp\servicesnt.EXE
O23 - Service: SYS MANAGER (system) - Unknown owner - C:\WINDOWS\SYSWIN32.EXE

Ovvio che si blocca, ci sono virus

se il log lo hai fatto in MODALITà PROVVISORIA, rimandalo nuovamente ma fatto in AVVIO NORMALE

attualmente il tuo sistema e senza antivirus e firewall, se lo hai fatto in avvio normale, ti conviene formattare il disco fisso e reinstallare tutto.

---

Collaboratore Aiutamici

Puoi salvare tutti i file che desideri, anche se sono infettati, non c'é alcun problema, quando reinstalli il sistema, prima di riutilizzare i dati salvati devi scansionarli prima con l'antivirus.

I virus sono programmi, devono essere eseguiti per poter entrare in azione, quindi se non li apri o esegui, non possono darti problemi.

---

Collaboratore Aiutamici