Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

mi controllate il log di Hijack Opzioni
classm1lele
Inviato: Friday, June 02, 2006 7:15:07 PM
Rank: Member

Iscritto dal : 6/2/2006
Posts: 0
Logfile of HijackThis v1.99.1
Scan saved at 19.11.32, on 02/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Eset\nod32krn.exe
C:\WINDOWS\system32\ssoftsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\GlobespanVirata\Adsl\dslstat.exe
C:\Program Files\GlobespanVirata\Adsl\dslagent.exe
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Eset\nod32kui.exe
C:\Documents and Settings\TEMP.UTENTE-A2549874.002\Impostazioni locali\Temp\Spyware Doctor 3.8 Crack-Serial-KeyGen.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Spyware Doctor\swdoctor.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\TEMP.UTENTE-A2549874.002\Impostazioni locali\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virgilio.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programmi\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: Virgilio Toolbar - {D3403F28-7D39-435F-A8CB-45016C29E48E} - C:\Programmi\Virgilio Toolbar\VirgilioBand.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\GlobespanVirata\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\GlobespanVirata\Adsl\dslagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [nod32kui] C:\Programmi\Eset\nod32kui.exe /WAITSERVICE
O4 - HKLM\..\Run: [Services] C:\Documents and Settings\TEMP.UTENTE-A2549874.002\Impostazioni locali\Temp\Spyware Doctor 3.8 Crack-Serial-KeyGen.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Programmi\Spyware Doctor\swdoctor.exe" /Q
O4 - Startup: C6 Messenger.lnk = C:\Programmi\C6 Messenger\c6Messenger.exe
O4 - Global Startup: Michelangelo USB ADSL Wizard.LNK = C:\Programmi\digicom\Michelangelo USB ADSL\Setup.exe
O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\programmi\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\programmi\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmi\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\programmi\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\programmi\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O15 - Trusted Zone: www.1987324.com
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0E3F2C0-5F77-46BE-90E6-CDDEE7E7F1A1}: NameServer = 213.205.32.70 213.205.36.70
O17 - HKLM\System\CCS\Services\Tcpip\..\{C6EBD6EC-8205-42A3-B694-0DCF59974409}: NameServer = 212.17.192.49
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winopa32 - C:\WINDOWS\SYSTEM32\winopa32.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Programmi\Eset\nod32krn.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - Unknown owner - C:\Documents and Settings\utente\Documenti\Lele\SiSoftware Sandra Lite 2005.SR2\RpcDataSrv.exe (file missing)
O23 - Service: Sandra Service (SandraTheSrv) - Unknown owner - C:\Documents and Settings\utente\Documenti\Lele\SiSoftware Sandra Lite 2005.SR2\RpcSandraSrv.exe (file missing)
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Programmi\Sygate\SPF\smc.exe
O23 - Service: Cryptainer service (ssoftservice) - Cypherix - C:\WINDOWS\SYSTEM32\ssoftsrv.exe

Sponsor
Inviato: Friday, June 02, 2006 7:15:07 PM

 
steven75
Inviato: Friday, June 02, 2006 8:17:09 PM
Rank: Member

Iscritto dal : 5/8/2006
Posts: 0
Edit

Edited by - steven75 on 06/02/2006 20:33:11
steven75
Inviato: Friday, June 02, 2006 8:22:13 PM
Rank: Member

Iscritto dal : 5/8/2006
Posts: 0
Edit

Edited by - steven75 on 06/02/2006 20:33:35
steven75
Inviato: Friday, June 02, 2006 8:23:21 PM
Rank: Member

Iscritto dal : 5/8/2006
Posts: 0
Edit


Edited by - steven75 on 06/02/2006 20:34:09
steven75
Inviato: Friday, June 02, 2006 8:24:24 PM
Rank: Member

Iscritto dal : 5/8/2006
Posts: 0
Edit:

Edited by - steven75 on 06/02/2006 20:34:46
steven75
Inviato: Friday, June 02, 2006 8:25:17 PM
Rank: Member

Iscritto dal : 5/8/2006
Posts: 0
Edit:

Edited by - steven75 on 06/02/2006 20:35:34
steven75
Inviato: Friday, June 02, 2006 8:25:46 PM
Rank: Member

Iscritto dal : 5/8/2006
Posts: 0
Edit
steven75
Inviato: Friday, June 02, 2006 8:26:46 PM
Rank: Member

Iscritto dal : 5/8/2006
Posts: 0
Ciao..
<BLOCKQUOTE id=quote><font size=1 face="Sans Serif, Arial, Helvetica" id=quote>quote:<hr height=1 noshade id=quote>
- Scarica questi programmi (quelli che non hai)che ti serviranno sia adesso
per ripulire il log ma anche in seguito per la pulizia del tuo sistema.
Antispyware e Protezioni
<u><b>Ad-aware</b></u> - <u><b>SpybotS&D</b></u> - <u><b>Spyware Blaster</b></u>-->>http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=388&SH=N

Antimlware
<u><b>Ewido</b></u>
<b>PS:</b> é shareware ma dopo i 14 gg di prova,smetterà di funzionare solo
la protezione in tempo reale, il programma potrai continuare ad aggiornarlo per fare lo scan del tuo pc.

Pulizia files inutili
<b><u>Ccleaner</u></b>
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=1223

Pulizia chiavi di registro obsolete
<b><u>RegSeeker</u></b>
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=93<hr height=1 noshade id=quote></BLOCKQUOTE id=quote></font id=quote><font face="Sans Serif, Arial, Helvetica" size=2 id=quote>

Adesso per il log prova a fare cosi:
-Scarica lo script per riparare la trusted zone
http://www.mvps.org/winhelp2002/DelDomains.inf (---)(tasto destro sul link e salvalo sul desktop)

-<b>Disattiva il ripristino di configurazione di sistema</b>, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=257&SH=N
-<b>Riavvia in modalità provvisoria</b>, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=344&SH=NA
-<b>Assicurati di avere accesso a file e cartelle nascosti</b>
(Pannello di controllo---> Opzioni Cartella ---> Visualizzazione--->metti la spunta su "visualizza file e cartelle nascoste"--->disattiva nascondi file e cartelle di sistema)
-Adesso tasto destro sul file <b>.inf</b> salvato sul desktop e seleziona installa

Ora avvia hijackthis, metti la spunta alle voci che andro ad elencarti e premi su <b>fix checked</b>

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.
O4 - HKLM\..\Run: [Services] C:\Documents and Settings\TEMP.UTENTE-A2549874.002\Impostazioni locali\Temp\Spyware Doctor 3.8 Crack-Serial-KeyGen.exe
O15 - Trusted Zone: www.
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBIniti alSetup1.0.0.15.cab
O20 - Winlogon Notify: winopa32 - C:\WINDOWS\SYSTEM32\winopa32.dll

Adesso cerca ed elimina:
C:\WINDOWS\SYSTEM32\<b>winopa32.dll</b>

<b>Nota__</b>se i file non compaiono in modalità provvisoria vanno cercati dalla modalità normale


-Dai una ripulita ai files inutili,temp etc con Ccleaner
PS:prima di usarlo vai in opzioni--->avanzate e togli la spunta da:
(elimina file solo se piu vecchi di 48 ore)

- Elimina le chiavi di registro ormai inutili con RegSeeker

- Fai una scansione con il tuo antivirus e con i programmi elencati sopra
- Applica le protezioni di spyware blaster

- Ritorna in modalità normale,<b>riattiva il ripristino config.di sistema </b>e posta un log aggiornato.


<b>PS:Scusate il piccolo casino di Edit</b>



Edited by - steven75 on 06/02/2006 20:36:26
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.