Rank: AiutAmico
Iscritto dal : 10/1/2003
Posts: 220
|
di solito faccio un controllo di rutine sul sito hijackthis.de, ma ora mi è uscito un file abastanza sospettoso e non so se fa parte del mio provider o lo devo eliminare prima che mi crei problemi grazie
alfonso x tutto
Logfile of HijackThis v1.99.1
Scan saved at 13.33.50, on 12/10/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\McAfee\McAfee Firewall\CPD.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRAMMI\FAXTALK COMMUNICATOR\FTCtrl32.exe
C:\Programmi\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Programmi\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmi\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
C:\Programmi\McAfee\McAfee Firewall\CPD.EXE
C:\Programmi\Digisoft AntiDialer\AntiDialer.exe
C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe
C:\PROGRAMMI\FAXTALK COMMUNICATOR\FAPIEXE.EXE
C:\Programmi\ADSL\StarModem ADSL USB MODEM\DSLMON.exe
C:\Programmi\Ahead\InCD\InCD.exe
C:\Programmi\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
F:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\Windows Media Player\wmplayer.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\xyz\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CallControl 4.5] C:\PROGRAMMI\FAXTALK COMMUNICATOR\FTCtrl32.exe /autoload
O4 - HKLM\..\Run: [McAfee Guardian] "C:\Programmi\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
O4 - HKLM\..\Run: [RealTray] C:\Programmi\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [AnyDVD] C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Programmi\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - Startup: CloneCDTray.lnk = C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe
O4 - Startup: DSLMON.lnk = C:\Programmi\ADSL\StarModem ADSL USB MODEM\DSLMON.exe
O4 - Startup: InCD.lnk = C:\Programmi\Ahead\InCD\InCD.exe
O4 - Startup: Multimedia Launcher (2).lnk = C:\Programmi\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
O4 - Startup: WZQKPICK.lnk = F:\Programmi\WinZip\WZQKPICK.EXE
O4 - Global Startup: Digisoft AntiDialer.lnk = C:\Programmi\Digisoft AntiDialer\AntiDialer.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O17 - HKLM\System\CCS\Services\Tcpip\..\{FAD8B160-9FD3-4A85-B2B5-8248BDE46914}: NameServer = 151.99.125.2 151.99.125.3
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programmi\Ahead\InCD\InCDsrv.exe
O23 - Service: McAfee Firewall - Unknown owner - C:\Programmi\McAfee\McAfee Firewall\CPD.EXE" /SERVICE (file missing)
|
Rank: AiutAmico
Iscritto dal : 8/19/2005
Posts: 4,409
|
Se ti riferisci a questa:
O17 - HKLM\System\CCS\Services\Tcpip\..\{FAD8B160-9FD3-4A85-B2B5-8248BDE46914}: NameServer = 151.99.125.2 151.99.125.3
l'indirizzo é di telecom
Comunque aspetta il responso di Alfonso.
Ciao
|
Rank: AiutAmico
Iscritto dal : 10/5/2000
Posts: 19,132
|
Il log é pulito, c'é solo questa voce inutile da rimuovere O23 - Service: McAfee Firewall - Unknown owner - C:\Programmi\McAfee\McAfee Firewall\CPD.EXE" /SERVICE (file missing) Prova a fare un controllo antivirus on line da questo indirizzo http://it.mcafee.com/root/mfs/default.asp
 Collaboratore Aiutamici
|