Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » log ihacthis

log ihacthis Opzioni
Topic Precedente · Topic Sucessivo
giza
Inviato: Wednesday, January 27, 2010 4:00:59 PM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,615

mi date una controllatina ci sono alcune cose sospette.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15.55.32, on 27/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\AVG\AVG9\avgchsvx.exe
C:\Programmi\AVG\AVG9\avgrsx.exe
C:\Programmi\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\WinTV\Ir.exe
C:\Programmi\WinTV\WinTV7\WinTVTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\File comuni\EPSON\eEBAPI\eEBSVC.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\AVG\AVG9\avgwdsvc.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\File comuni\EPSON\eEBAPI\eEBAgent.exe
C:\Programmi\File comuni\EPSON\eEBAPI\SAgent2.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\AVG\AVG9\avgam.exe
C:\Programmi\AVG\AVG9\avgnsx.exe
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Programmi\File comuni\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Programmi\AVG\AVG9\avgemc.exe
C:\Programmi\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\AVG\AVG9\avgcsrvx.exe
C:\Programmi\internet explorer\iexplore.exe
D:\download\hijacktis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.forospyware.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [00PCTFW] "C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Programmi\WinTV\Ir.exe
O4 - Global Startup: WinTV Recording Status..lnk = C:\Programmi\WinTV\WinTV7\WinTVTray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica con Download &Express - C:\Programmi\Download Express\Add_Url.htm
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3305D05-36CB-4514-BAC0-69A2FEAC7B00}: NameServer = 4.2.2.2,141.1.1.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: EpsonBidirectionalAgent - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\eEBAPI\eEBAgent.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Programmi\File comuni\EPSON\eEBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\eEBAPI\SAgent2.exe
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP2.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Programmi\PC Tools Firewall Plus\FWService.exe
O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Programmi\File comuni\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 7775 bytes
Torna in alto
 
Sponsor
Inviato: Wednesday, January 27, 2010 4:00:59 PM

 
Torna in alto
 
maopapof
Inviato: Wednesday, January 27, 2010 9:08:23 PM

Rank: AiutAmico

Iscritto dal : 10/31/2004
Posts: 7,185
sembra che non vi siano problemi particolari .... però farei una scansione con spybot aggiornato
fai solo attenzione quando installi software che normalmente hanno le toolbar ...perdici qualche minuto in più ...ma poi ne guadagni in velocità ...... io lo consiglio ... e poi ci casco anche io qualche volta :O))))

quali problemi riscontri ? di firewall, di connessione .... ?
Torna in alto
 
giza
Inviato: Thursday, January 28, 2010 2:54:38 PM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,615
no nessun problema. le toolbar che intendi tu è quella di internet? la posso fixare?
Torna in alto
 
panchoz
Inviato: Thursday, January 28, 2010 3:05:55 PM

Rank: AiutAmico

Iscritto dal : 11/6/2008
Posts: 2,452
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)


Aggiornati. Mummia!!




Speak to the hand
Torna in alto
 
giza
Inviato: Thursday, January 28, 2010 3:37:50 PM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,615
ce l'ho e me lo tengo.
ho fatto anche un controllo sulla vulnerabilità con symantec. ho avg 9 e pc tools firewal plus

e quasto è il risultato. Attendibile????

23 Telnet. Telnet can be used to log into your computer from a terminal anywhere in the world. This port should be open only if you're running a Telnet server.

5000 UPnP (Universal Plug and Play). This service is used to communicate with any UPnP devices attached to your network.

5000 Sokets de Trois v1.

At Risk! = Possible Risk!
= Safe

Hacker Exposure Check
Show Details

Hide Details

Windows Vulnerability Check
Show Details

Hide Details

Trojan Horse Check
Show Details

Hide Details

Antivirus Product Check
Show Details

Hide Details

Description:
Checks for a current version of a commonly-used virus protection product.
Analysis:
WARNING! No known virus protection software found. This means your computer and data are vulnerable to virus attacks. Virus attacks can have serious consequences, including system damage and data loss.

Recommendation:
Install the latest version of a commonly-used virus protection product.
Torna in alto
 
panchoz
Inviato: Thursday, January 28, 2010 3:48:27 PM

Rank: AiutAmico

Iscritto dal : 11/6/2008
Posts: 2,452
"/>


Microsoft tappa le falle di Internet Explorer con una nuova patch
http://www.oneitsecurity.it/22/01/2010/microsoft-tappa-le-falle-di-internet-explorer-con-una-nuova-patch/


Anche la Montalcini se n'è accorta Drool
Torna in alto
 
giza
Inviato: Thursday, January 28, 2010 4:07:44 PM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,615
la mia cara propropronipotina,,,,
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » log ihacthis


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.