salvatore imparato
asked on
help my system not must stable...
1) see my hijak log:
Logfile of HijackThis v1.99.0
Scan saved at 22.18.05, on 02/14/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT1\System32\smss.ex e
C:\WINNT1\SYSTEM32\winlogo n.exe
C:\WINNT1\system32\service s.exe
C:\WINNT1\system32\lsass.e xe
C:\Programmi\File comuni\Symantec Shared\ccProxy.exe
C:\Programmi\Norton Internet Security\ISSVC.exe
C:\WINNT1\system32\svchost .exe
C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINNT1\system32\spoolsv .exe
C:\WINNT1\System32\svchost .exe
C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Programmi\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINNT1\system32\regsvc. exe
C:\WINNT1\system32\MSTask. exe
C:\WINNT1\system32\slserv. exe
C:\PROGRA~1\NORTON~1\SPEED D~1\nopdb. exe
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.ex e
C:\WINNT1\SYSTEM32\rundll3 2.exe
C:\WINNT1\System32\WBEM\Wi nMgmt.exe
C:\WINNT1\Explorer.EXE
C:\WINNT1\System32\inetsrv \inetinfo. exe
C:\WINNT1\System32\svchost .exe
C:\Programmi\QuickTime\qtt ask.exe
C:\Programmi\MSN Apps\Updater\01.02.3000.10 01\it\msna ppau.exe
C:\Programmi\Winamp\winamp a.exe
C:\Programmi\PestPatrol\PP Control.ex e
C:\Programmi\PestPatrol\PP MemCheck.e xe
C:\Programmi\PestPatrol\Co okiePatrol .exe
C:\Programmi\iTunes\iTunes Helper.exe
C:\Programmi\Spyware Nuker 2004\swn2.exe
C:\WINNT1\bxeuayac.exe
C:\Programmi\Parallel Tasking\ptask.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\WINNT1\system32\rundll3 2.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\WINNT1\system32\interna t.exe
C:\PROGRA~1\PANICW~1\POP-U P~1\PopUpS topperProf essional.e xe
C:\Programmi\Skype\Phone\S kype.exe
C:\Programmi\iPod\bin\iPod Service.ex e
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\a2\a2guard.ex e
C:\Programmi\FreePOPs\free popsd.exe
C:\Programmi\Web_Rebates\W ebRebates1 .exe
C:\Programmi\Registry Mechanic\RegMech.exe
C:\Programmi\Microsoft Office\Office\1040\msoffic e.exe
C:\Programmi\Microsoft Office\Office\1040\msoffic e.exe
C:\PROGRA~1\MICROS~2\Offic e\OUTLOOK. EXE
C:\WINNT1\system32\drwtsn3 2.exe
C:\Programmi\File comuni\Symantec Shared\AdBlocking\NSMdtr.e xe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Web_Rebates\W ebRebates0 .exe
D:\hijackthis\HijackThis.e xe
R1 - HKCU\Software\Microsoft\In ternet Explorer\Main,Search Bar = http://www.couldnotfind.com/search_page.html?&account_id=1001693
R1 - HKCU\Software\Microsoft\In ternet Explorer\Main,Search Page = http://www.couldnotfind.com/search_page.html?&account_id=1001693
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,SearchAssist ant =
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,CustomizeSea rch = res://C:\PROGRA~1\Toolbar\ toolbar.dl l/sa
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Search Bar = res://C:\DOCUME~1\sal\IMPO ST~1\Temp\ se.dll/sp. html
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\In ternet Explorer\Search,SearchAssi stant = http://www.couldnotfind.com/search_page.html?&account_id=1001693
R0 - HKLM\Software\Microsoft\In ternet Explorer\Search,SearchAssi stant = about:blank
R0 - HKCU\Software\Microsoft\In ternet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\In ternet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Wi ndows\Curr entVersion \Internet Settings,ProxyServer = 127.0.0.1:8080
R0 - HKCU\Software\Microsoft\In ternet Explorer\Toolbar,LinksFold erName =
R3 - Default URLSearchHook is missing
O1 - Hosts: 69.20.16.183 auto.search.msn.com
O1 - Hosts: 69.20.16.183 search.netscape.com
O1 - Hosts: 69.20.16.183 ieautosearch
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-0 0A0C908246 7} - C:\WINNT1\System32\msdxm.o cx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-6 4B5B4FF55D 0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.3000.1001\it \msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0 090271D4F8 8} - C:\Programmi\Yahoo!\Compan ion\Instal ls\cpn\yco mp5_5_7_0. dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A 37C9A5676A 7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt .dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7 859DF00B1D 6} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-3 0386A3F568 6} - C:\PROGRA~1\YOURSI~1\ysb.d ll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Programmi\File comuni\Symantec Shared\SymTray.exe SetReg
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT1\system32\NeroChe ck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qt task.exe" -atboottime
O4 - HKLM\..\Run: [msnappau] "C:\Programmi\MSN Apps\Updater\01.02.3000.10 01\it\msna ppau.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winamp a.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\Programmi\PestPatrol\PP Control.ex e
O4 - HKLM\..\Run: [PPMemCheck] C:\Programmi\PestPatrol\PP MemCheck.e xe
O4 - HKLM\..\Run: [CookiePatrol] C:\Programmi\PestPatrol\Co okiePatrol .exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmi\iTunes\iTunes Helper.exe
O4 - HKLM\..\Run: [Spyware Nuker] C:\Programmi\Spyware Nuker 2004\swn2.exe /h
O4 - HKLM\..\Run: [LTdTfBTn3] C:\WINNT1\bxeuayac.exe
O4 - HKLM\..\Run: [Parallel Tasking] C:\Programmi\Parallel Tasking\ptask.exe
O4 - HKLM\..\Run: [niiikdx] c:\winnt1\system32\niiikdx .exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programmi\File comuni\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [sp] rundll32 C:\WINNT1\TEMP\se.dll,DllI nstall
O4 - HKLM\..\Run: [IST Service] C:\Programmi\ISTsvc\
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [WebRebates0] "C:\Programmi\Web_Rebates\ WebRebates 0.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMo n.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [PopUpStopperProfessional] C:\PROGRA~1\PANICW~1\POP-U P~1\PopUpS topperProf essional.e xe
O4 - HKCU\..\Run: [SPOOL Configuration] SPOOLSVC.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\ Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [a-squared] "C:\Programmi\a2\a2guard.e xe"
O4 - Startup: FreePOPs.lnk = C:\Programmi\FreePOPs\free popsd.exe
O4 - Global Startup: Barra degli strumenti Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Mic rosoft\Int ernet Explorer\Control Panel present
O8 - Extra context menu item: Web Rebates - file://C:\Programmi\Web_Re bates\Sy11 50\Tp1150\ scri1150a. htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0 0401C60850 1} - C:\WINNT1\System32\MSJAVA. DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0 0401C60850 1} - C:\WINNT1\System32\MSJAVA. DLL
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3 C9C571A826 3} - C:\PROGRA~1\MICROS~2\OFFIC E11\REFIEB AR.DLL
O12 - Plugin for .pdf: C:\Programmi\Internet Explorer\PLUGINS\nppdf32.d ll
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {00000000-0000-0000-0000-0 0002004000 0} - http://www.accessoveloce.com/nd/nd02688.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C 0A14556272 C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-0 0A0C9037DF E} (TDServer Control) - http://www.forum.fastwebnet.org/home/font/tdserver.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-9 7215F77A6B C} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-4 4455354000 6} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-4 94B6333150 B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-0 0105AA9B6A E} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-3 6318989DB1 3} (PPSDKActiveXScanner.MainS creen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {41B23C28-488E-4E5C-ACE2-B B0BBABE99E 8} (HHCtrl Object) - http://207.44.186.186/2/hhctrl.ocx
O16 - DPF: {41F17733-B041-4099-A042-B 518BB6A408 C} - http://appldnld.m7z.net/content.info.apple.com/iTunes4/WW/win/019-0312.20050111.MmVrT/iTunesSetup.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E 099162EEEC 5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6814A9EF-FBF1-46B2-A46E-5 6B401079C2 6} - http://www.dialer-shop.com/cexe/b200999.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4 DFAD1796A8 D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-3 6F43A218F4 A} (Microsoft RDP Client Control (redist)) - http://209.250.114.120/tsweb/msrdp.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5 009F29E09E 1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-2 2031317559 2} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O16 - DPF: {BD393C14-72AD-4790-A095-7 6522973D6B 8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab30149.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-0 0105AA9B6A E} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0 F47A330807 8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {D35B74F6-E099-4CDD-91E0-9 EA7C30059D 1} (Main Class) - http://www.dialer-shop.com/webdial/webdial24106.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7 C6C9569B8C 7} (ActiveDataObj Class) - http://www.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {F0BC061F-DAF9-4533-8011-5 3BCB4C1030 7} - http://install.premiumzone.de/InstallationsAssistent.ocx
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F 385591623A F} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Filter: text/html - {1EB36F88-2303-41F2-9A9A-8 8F07B2FA59 3} - (no file)
O18 - Filter: text/plain - {1EB36F88-2303-41F2-9A9A-8 8F07B2FA59 3} - (no file)
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Servizio amministrativo di Gestione disco logico - VERITAS Software Corp. - C:\WINNT1\System32\dmadmin .exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPod Service.ex e
O23 - Service: ISSvc - Symantec Corporation - C:\Programmi\Norton Internet Security\ISSVC.exe
O23 - Service: nxokvbvkzaoq - Unknown - C:\WINNT1\system32\vvkoucn t5.exe (file missing)
O23 - Service: Servizio Auto-Protect di Norton AntiVirus - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Programmi\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMAN T~1\SCRIPT ~1\SBServ. exe
O23 - Service: SmartLinkService - Unknown - slserv.exe (file missing)
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEED D~1\nopdb. exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.ex e
O23 - Service: Windows Update Service - Unknown - C:\WINNT1\system32\wupdate d.exe (file missing)
2) i have installe Norton inetrnet Securirty 2005.
3) i recive in many time error ccapp.exe and winlogon.exe
Logfile of HijackThis v1.99.0
Scan saved at 22.18.05, on 02/14/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT1\System32\smss.ex
C:\WINNT1\SYSTEM32\winlogo
C:\WINNT1\system32\service
C:\WINNT1\system32\lsass.e
C:\Programmi\File comuni\Symantec Shared\ccProxy.exe
C:\Programmi\Norton Internet Security\ISSVC.exe
C:\WINNT1\system32\svchost
C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINNT1\system32\spoolsv
C:\WINNT1\System32\svchost
C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Programmi\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINNT1\system32\regsvc.
C:\WINNT1\system32\MSTask.
C:\WINNT1\system32\slserv.
C:\PROGRA~1\NORTON~1\SPEED
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.ex
C:\WINNT1\SYSTEM32\rundll3
C:\WINNT1\System32\WBEM\Wi
C:\WINNT1\Explorer.EXE
C:\WINNT1\System32\inetsrv
C:\WINNT1\System32\svchost
C:\Programmi\QuickTime\qtt
C:\Programmi\MSN Apps\Updater\01.02.3000.10
C:\Programmi\Winamp\winamp
C:\Programmi\PestPatrol\PP
C:\Programmi\PestPatrol\PP
C:\Programmi\PestPatrol\Co
C:\Programmi\iTunes\iTunes
C:\Programmi\Spyware Nuker 2004\swn2.exe
C:\WINNT1\bxeuayac.exe
C:\Programmi\Parallel Tasking\ptask.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\WINNT1\system32\rundll3
C:\Program Files\Internet Optimizer\optimize.exe
C:\WINNT1\system32\interna
C:\PROGRA~1\PANICW~1\POP-U
C:\Programmi\Skype\Phone\S
C:\Programmi\iPod\bin\iPod
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\a2\a2guard.ex
C:\Programmi\FreePOPs\free
C:\Programmi\Web_Rebates\W
C:\Programmi\Registry Mechanic\RegMech.exe
C:\Programmi\Microsoft Office\Office\1040\msoffic
C:\Programmi\Microsoft Office\Office\1040\msoffic
C:\PROGRA~1\MICROS~2\Offic
C:\WINNT1\system32\drwtsn3
C:\Programmi\File comuni\Symantec Shared\AdBlocking\NSMdtr.e
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Web_Rebates\W
D:\hijackthis\HijackThis.e
R1 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\Wi
R0 - HKCU\Software\Microsoft\In
R3 - Default URLSearchHook is missing
O1 - Hosts: 69.20.16.183 auto.search.msn.com
O1 - Hosts: 69.20.16.183 search.netscape.com
O1 - Hosts: 69.20.16.183 ieautosearch
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-0
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-6
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7
O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-3
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Programmi\File comuni\Symantec Shared\SymTray.exe SetReg
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT1\system32\NeroChe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qt
O4 - HKLM\..\Run: [msnappau] "C:\Programmi\MSN Apps\Updater\01.02.3000.10
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winamp
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\Programmi\PestPatrol\PP
O4 - HKLM\..\Run: [PPMemCheck] C:\Programmi\PestPatrol\PP
O4 - HKLM\..\Run: [CookiePatrol] C:\Programmi\PestPatrol\Co
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmi\iTunes\iTunes
O4 - HKLM\..\Run: [Spyware Nuker] C:\Programmi\Spyware Nuker 2004\swn2.exe /h
O4 - HKLM\..\Run: [LTdTfBTn3] C:\WINNT1\bxeuayac.exe
O4 - HKLM\..\Run: [Parallel Tasking] C:\Programmi\Parallel Tasking\ptask.exe
O4 - HKLM\..\Run: [niiikdx] c:\winnt1\system32\niiikdx
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programmi\File comuni\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [sp] rundll32 C:\WINNT1\TEMP\se.dll,DllI
O4 - HKLM\..\Run: [IST Service] C:\Programmi\ISTsvc\
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [WebRebates0] "C:\Programmi\Web_Rebates\
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMo
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [PopUpStopperProfessional]
O4 - HKCU\..\Run: [SPOOL Configuration] SPOOLSVC.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [a-squared] "C:\Programmi\a2\a2guard.e
O4 - Startup: FreePOPs.lnk = C:\Programmi\FreePOPs\free
O4 - Global Startup: Barra degli strumenti Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Mic
O8 - Extra context menu item: Web Rebates - file://C:\Programmi\Web_Re
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3
O12 - Plugin for .pdf: C:\Programmi\Internet Explorer\PLUGINS\nppdf32.d
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {00000000-0000-0000-0000-0
O16 - DPF: {00B71CFB-6864-4346-A978-C
O16 - DPF: {0246ECA8-996F-11D1-BE2F-0
O16 - DPF: {14B87622-7E19-4EA8-93B3-9
O16 - DPF: {205FF73B-CA67-11D5-99DD-4
O16 - DPF: {2917297F-F02B-4B9D-81DF-4
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-0
O16 - DPF: {2FC9A21E-2069-4E47-8235-3
O16 - DPF: {41B23C28-488E-4E5C-ACE2-B
O16 - DPF: {41F17733-B041-4099-A042-B
O16 - DPF: {644E432F-49D3-41A1-8DD5-E
O16 - DPF: {6814A9EF-FBF1-46B2-A46E-5
O16 - DPF: {8E0D4DE5-3180-4024-A327-4
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-3
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-2
O16 - DPF: {BD393C14-72AD-4790-A095-7
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-0
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0
O16 - DPF: {D35B74F6-E099-4CDD-91E0-9
O16 - DPF: {E77C0D62-882A-456F-AD8F-7
O16 - DPF: {F0BC061F-DAF9-4533-8011-5
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F
O18 - Filter: text/html - {1EB36F88-2303-41F2-9A9A-8
O18 - Filter: text/plain - {1EB36F88-2303-41F2-9A9A-8
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Servizio amministrativo di Gestione disco logico - VERITAS Software Corp. - C:\WINNT1\System32\dmadmin
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPod
O23 - Service: ISSvc - Symantec Corporation - C:\Programmi\Norton Internet Security\ISSVC.exe
O23 - Service: nxokvbvkzaoq - Unknown - C:\WINNT1\system32\vvkoucn
O23 - Service: Servizio Auto-Protect di Norton AntiVirus - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Programmi\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMAN
O23 - Service: SmartLinkService - Unknown - slserv.exe (file missing)
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEED
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.ex
O23 - Service: Windows Update Service - Unknown - C:\WINNT1\system32\wupdate
2) i have installe Norton inetrnet Securirty 2005.
3) i recive in many time error ccapp.exe and winlogon.exe
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Don't let that many programs start up with your system.
Also try to change norton for kaspersky... uses waaay less resources.
I agree completely with FalconHawk on the RAM.
Also try to change norton for kaspersky... uses waaay less resources.
I agree completely with FalconHawk on the RAM.
I see all kinds of garbage running on your system -
For starters try this one - optimize.exe
Do a search on that.
Oh, and by the way - you have a VX2 infection
Just some information.
Your problems have Nothing to do with RAM.
Good luck!
RF
For starters try this one - optimize.exe
Do a search on that.
Oh, and by the way - you have a VX2 infection
Just some information.
Your problems have Nothing to do with RAM.
Good luck!
RF
Comment from rossfingal
Your problems have Nothing to do with RAM.
Yes and No. there is nothing wrong with the ram, BUT when you have this much programs running, its used a lot, causing the system to be slow. the RAM is fine, its just used to much.
For starters try this one - optimize.exe
Seems perfectly harmless..... see for yourself if it uses a lot of resources.
Further, try not having more then 1 program of the same kind active at a time... i see several anti spyuware programs. it just uses a lot o rescources, while 1 good one is probally all you need.
Your problems have Nothing to do with RAM.
Yes and No. there is nothing wrong with the ram, BUT when you have this much programs running, its used a lot, causing the system to be slow. the RAM is fine, its just used to much.
For starters try this one - optimize.exe
Seems perfectly harmless..... see for yourself if it uses a lot of resources.
Further, try not having more then 1 program of the same kind active at a time... i see several anti spyuware programs. it just uses a lot o rescources, while 1 good one is probally all you need.
O4 - HKLM\..\Run: [niiikdx] c:\winnt1\system32\niiikdx .exe
O4 - HKLM\..\Run: [LTdTfBTn3] C:\WINNT1\bxeuayac.exe
They seem odd btw..
O4 - HKLM\..\Run: [LTdTfBTn3] C:\WINNT1\bxeuayac.exe
They seem odd btw..
Run housecall.trendmicro.com online virus scan.
Run Spybot S&D from security.kolla.de
Download the Microsoft Malicious Software Removal Tool
http://www.microsoft.com/downloads/details.aspx?familyid=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en
Then Update Windows completely.
This combination should help you detect and remove any virus' present.
This should help,
Aj
Run Spybot S&D from security.kolla.de
Download the Microsoft Malicious Software Removal Tool
http://www.microsoft.com/downloads/details.aspx?familyid=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en
Then Update Windows completely.
This combination should help you detect and remove any virus' present.
This should help,
Aj
RAM is needed to run everything, and the less you have free, the longer it takes to run a program. and programs that ARE running in the background, also use RAM. eigther get more RAM, or try paging memory (if its the ram, ill tell you HOW you use it. just post the RAM usage first ;)