Rank: AiutAmico
Iscritto dal : 10/1/2003 Posts: 220
|
di solito faccio un controllo di rutine sul sito hijackthis.de, ma ora mi è uscito un file abastanza sospettoso e non so se fa parte del mio provider o lo devo eliminare prima che mi crei problemi grazie alfonso x tutto
Logfile of HijackThis v1.99.1 Scan saved at 13.33.50, on 12/10/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\McAfee\McAfee Firewall\CPD.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRAMMI\FAXTALK COMMUNICATOR\FTCtrl32.exe C:\Programmi\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe C:\Programmi\Real\RealPlayer\RealPlay.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Programmi\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe C:\Programmi\McAfee\McAfee Firewall\CPD.EXE C:\Programmi\Digisoft AntiDialer\AntiDialer.exe C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe C:\PROGRAMMI\FAXTALK COMMUNICATOR\FAPIEXE.EXE C:\Programmi\ADSL\StarModem ADSL USB MODEM\DSLMON.exe C:\Programmi\Ahead\InCD\InCD.exe C:\Programmi\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe F:\Programmi\WinZip\WZQKPICK.EXE C:\Programmi\Windows Media Player\wmplayer.exe C:\Programmi\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\xyz\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [CallControl 4.5] C:\PROGRAMMI\FAXTALK COMMUNICATOR\FTCtrl32.exe /autoload O4 - HKLM\..\Run: [McAfee Guardian] "C:\Programmi\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU O4 - HKLM\..\Run: [RealTray] C:\Programmi\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [AnyDVD] C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Programmi\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR O4 - Startup: CloneCDTray.lnk = C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe O4 - Startup: DSLMON.lnk = C:\Programmi\ADSL\StarModem ADSL USB MODEM\DSLMON.exe O4 - Startup: InCD.lnk = C:\Programmi\Ahead\InCD\InCD.exe O4 - Startup: Multimedia Launcher (2).lnk = C:\Programmi\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe O4 - Startup: WZQKPICK.lnk = F:\Programmi\WinZip\WZQKPICK.EXE O4 - Global Startup: Digisoft AntiDialer.lnk = C:\Programmi\Digisoft AntiDialer\AntiDialer.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE O17 - HKLM\System\CCS\Services\Tcpip\..\{FAD8B160-9FD3-4A85-B2B5-8248BDE46914}: NameServer = 151.99.125.2 151.99.125.3 O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programmi\Ahead\InCD\InCDsrv.exe O23 - Service: McAfee Firewall - Unknown owner - C:\Programmi\McAfee\McAfee Firewall\CPD.EXE" /SERVICE (file missing)
|
Rank: AiutAmico
Iscritto dal : 8/19/2005 Posts: 4,409
|
Se ti riferisci a questa: O17 - HKLM\System\CCS\Services\Tcpip\..\{FAD8B160-9FD3-4A85-B2B5-8248BDE46914}: NameServer = 151.99.125.2 151.99.125.3 l'indirizzo é di telecom Comunque aspetta il responso di Alfonso. Ciao
|
Rank: AiutAmico
Iscritto dal : 10/5/2000 Posts: 19,132
|
Il log é pulito, c'é solo questa voce inutile da rimuovere O23 - Service: McAfee Firewall - Unknown owner - C:\Programmi\McAfee\McAfee Firewall\CPD.EXE" /SERVICE (file missing) Prova a fare un controllo antivirus on line da questo indirizzo http://it.mcafee.com/root/mfs/default.asp Collaboratore Aiutamici
|