Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Log Hijack

Log Hijack Opzioni
Topic Precedente · Topic Sucessivo
Ikks
Inviato: Tuesday, April 17, 2007 11:05:40 AM

Rank: Member

Iscritto dal : 11/16/2004
Posts: 4
salver a tutti, mi controllereste cortesemente il log di HiJack.Grazie mille.

Logfile of HijackThis v1.99.1
Scan saved at 11.02.41, on 17/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
C:\Programmi\File comuni\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\Programmi\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\Apps\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Messenger\msmsgs.exe
C:\APPS\SMP\SmpSys.exe
C:\APPS\skype\phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
c:\progra~1\intern~1\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wuauclt.exe
D:\SetPoint\SetPoint.exe
C:\Programmi\File comuni\Microsoft Shared\Works Shared\wkcalrem.exe
D:\DOCUME~1\PB\IMPOST~1\Temp\bwgo0003fcef.exe
C:\Programmi\File comuni\Logitech\KHAL\KHALMNPR.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
D:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Multi Media Italy Toolbar - {2e6f36ce-1217-4ba1-982f-24560c0eb677} - C:\Programmi\Multi_Media_Italy\tbMul1.dll
R3 - URLSearchHook: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Programmi\Share_Accelerator\tbSha0.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programmi\File comuni\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - D:\eBayTB.dll (file missing)
O2 - BHO: Multi Media Italy Toolbar - {2e6f36ce-1217-4ba1-982f-24560c0eb677} - C:\Programmi\Multi_Media_Italy\tbMul1.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - (no file)
O2 - BHO: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Programmi\Share_Accelerator\tbSha0.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Toolbar\01.01.2607.0\it\msntb.dll
O3 - Toolbar: andGoogle - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: Mostra Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programmi\File comuni\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Multi Media Italy Toolbar - {2e6f36ce-1217-4ba1-982f-24560c0eb677} - C:\Programmi\Multi_Media_Italy\tbMul1.dll
O3 - Toolbar: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Programmi\Share_Accelerator\tbSha0.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - D:\eBayTB.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programmi\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [NI.UWA6PT_0001_N91M2107] "d:\documents and settings\pb\dati applicazioni\winantiviruspro2006freeinstall_it[1].exe" -nag
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Grid Log Amok Atom] D:\Documents and Settings\All Users\Dati applicazioni\JUMPMEDIAGRIDLOG\HeckAtom.exe
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [U.S. Robotics Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [enctpuhqnc] c:\windows\system32\enctpuhqnc.exe enctpuhqnc
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [Skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\prosvsys.exe /res
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Okay Flaw] D:\DOCUME~1\PB\DATIAP~1\REFPLA~1\wait4.exe
O4 - HKCU\..\Run: [LDM] D:\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = D:\SetPoint\SetPoint.exe
O4 - Global Startup: Promemoria del Calendario di Microsoft Works.lnk = ?
O8 - Extra context menu item: andeBay Search - res://D:\ebay toolba\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Eandsporta in Microsoft Excel - res://C:\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - :windir:\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - :windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\it.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {819BEB19-EA0C-41A7-A5A8-95681FED5A61} - D:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: OPXPGina - C:\Apps\Softex\OmniPass\opxpgina.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Convalida password di Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Programmi\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: U.S. Robotics Wireless LAN Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Torna in alto
 
Sponsor
Inviato: Tuesday, April 17, 2007 11:05:40 AM

 
Torna in alto
 
a.roselli
Inviato: Tuesday, April 17, 2007 11:51:01 AM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,052
Ciao,
per risolvere il problema esegui queste operazioni

ATTENZIONE prima di procedere con le riparazioni, fate la copia di riserva dei vostri dati,
leggete questo articolo http://www.aiutamici.com/hardware/view.asp?codcat=8
a volte eliminando un virus il sistema potrebbe non riavviarsi.
____________________________

Disattiva il ripristino di configurazione, leggi qui come fare
http://www.aiutamici.com/hardware/view.asp?codcat=28

Riavvia in modalità provvisoria, leggi qui come fare
http://www.aiutamici.com/hardware/view.asp?codcat=29

apri HIJAC THIS ed elimina come indicato in questo articolo
http://www.aiutamici.com/software/descrizione.asp?CodSw=1175
le righe che seguono.
==================================
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - D:\eBayTB.dll (file missing)
-
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - (no file)
-
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - D:\eBayTB.dll (file missing)
-
O4 - HKLM\..\Run: [NI.UWA6PT_0001_N91M2107] "d:\documents and settings\pb\dati applicazioni\winantiviruspro2006freeinstall_it[1].exe" -nag
-
O4 - HKLM\..\Run: [Grid Log Amok Atom] D:\Documents and Settings\All Users\Dati applicazioni\JUMPMEDIAGRIDLOG\HeckAtom.exe
-
O4 - HKLM\..\Run: [enctpuhqnc] c:\windows\system32\enctpuhqnc.exe enctpuhqnc
-
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\prosvsys.exe /res
-
O4 - HKCU\..\Run: [Okay Flaw] D:\DOCUME~1\PB\DATIAP~1\REFPLA~1\wait4.exe
-
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - :windir:\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - :windir:\Network Diagnostic\xpnetdiag.exe (file missing)
==================================


Con la funzione Cerca di Windows, cerca ed elimina i seguenti file
==================================
eBayTB.dll
winantiviruspro2006freeinstall_it[1].exe
HeckAtom.exe
enctpuhqnc.exe
prosvsys.exe
wait4.exe
==================================


Elimina i file inutili del sistema utilizzando questo programma
http://www.aiutamici.com/software/view.asp?tipo=homeandCodSw=1223

Utilizza questi due programmi per eliminare eventuali spyware
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=878
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=831

sempre in modalità provvisoria fai una scansione Antivirus,
se non hai un antivirus, utilizza questo programma
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=1485

quindi riavvia il computer e controlla se il problema e risolto, se e tutto OK riattiva il ripristino configurazione disattivato all'inizio di questa procedura e crea un nuovo punto di ripristino, leggi qui alla voce 8
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=170&SH=N
in caso di problemi lascialo disattivato fino alla soluzione dei problemi

Fai un controllo con questo programma
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=1486

Fai una scansione antivirus on line da questo indirizzo
http://security.symantec.com/sscv6/default.asp?productid=globalsites&langid=it&venid=sym
se la scansione on line rileva dei virus significa che il tuo antivirus è stato infettato o non è in grado di risolvere il problema, ti consuiglio di formattare il disco fisso e reinstallare tutto, altrimenti prosegui

Nel sistema non é presente un Firewall, installa questo programma se non ne utilizzi già uno
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=56
e disattiva l'inutile firewall di XP, leggi qui
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=160&SH=N

Utilizza questo programma
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=1041

Se utilizzi XP ti consiglio di installare questo programma
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=1472
alfonso_aiutamici@hotmail.it
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Log Hijack


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.