Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

mi controllate il log per piacere grazie Opzioni
FraCro
Inviato: Wednesday, October 12, 2005 5:04:01 PM
Rank: AiutAmico

Iscritto dal : 10/1/2003
Posts: 220
di solito faccio un controllo di rutine sul sito hijackthis.de, ma ora mi è uscito un file abastanza sospettoso e non so se fa parte del mio provider o lo devo eliminare prima che mi crei problemi grazie
alfonso x tutto

Logfile of HijackThis v1.99.1
Scan saved at 13.33.50, on 12/10/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\McAfee\McAfee Firewall\CPD.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRAMMI\FAXTALK COMMUNICATOR\FTCtrl32.exe
C:\Programmi\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Programmi\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmi\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
C:\Programmi\McAfee\McAfee Firewall\CPD.EXE
C:\Programmi\Digisoft AntiDialer\AntiDialer.exe
C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe
C:\PROGRAMMI\FAXTALK COMMUNICATOR\FAPIEXE.EXE
C:\Programmi\ADSL\StarModem ADSL USB MODEM\DSLMON.exe
C:\Programmi\Ahead\InCD\InCD.exe
C:\Programmi\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
F:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\Windows Media Player\wmplayer.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\xyz\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CallControl 4.5] C:\PROGRAMMI\FAXTALK COMMUNICATOR\FTCtrl32.exe /autoload
O4 - HKLM\..\Run: [McAfee Guardian] "C:\Programmi\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
O4 - HKLM\..\Run: [RealTray] C:\Programmi\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [AnyDVD] C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Programmi\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - Startup: CloneCDTray.lnk = C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe
O4 - Startup: DSLMON.lnk = C:\Programmi\ADSL\StarModem ADSL USB MODEM\DSLMON.exe
O4 - Startup: InCD.lnk = C:\Programmi\Ahead\InCD\InCD.exe
O4 - Startup: Multimedia Launcher (2).lnk = C:\Programmi\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
O4 - Startup: WZQKPICK.lnk = F:\Programmi\WinZip\WZQKPICK.EXE
O4 - Global Startup: Digisoft AntiDialer.lnk = C:\Programmi\Digisoft AntiDialer\AntiDialer.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O17 - HKLM\System\CCS\Services\Tcpip\..\{FAD8B160-9FD3-4A85-B2B5-8248BDE46914}: NameServer = 151.99.125.2 151.99.125.3
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programmi\Ahead\InCD\InCDsrv.exe
O23 - Service: McAfee Firewall - Unknown owner - C:\Programmi\McAfee\McAfee Firewall\CPD.EXE" /SERVICE (file missing)
Sponsor
Inviato: Wednesday, October 12, 2005 5:04:01 PM

 
esafluoruro
Inviato: Wednesday, October 12, 2005 5:48:27 PM

Rank: AiutAmico

Iscritto dal : 8/19/2005
Posts: 4,409
Se ti riferisci a questa:
O17 - HKLM\System\CCS\Services\Tcpip\..\{FAD8B160-9FD3-4A85-B2B5-8248BDE46914}: NameServer = 151.99.125.2 151.99.125.3
l'indirizzo é di telecom
Comunque aspetta il responso di Alfonso.
Ciao
alfonso
Inviato: Wednesday, October 12, 2005 11:01:59 PM

Rank: AiutAmico

Iscritto dal : 10/5/2000
Posts: 19,132
Il log é pulito, c'é solo questa voce inutile da rimuovere

O23 - Service: McAfee Firewall - Unknown owner - C:\Programmi\McAfee\McAfee Firewall\CPD.EXE" /SERVICE (file missing)


Prova a fare un controllo antivirus on line da questo indirizzo
http://it.mcafee.com/root/mfs/default.asp

Collaboratore Aiutamici
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.