Vai al contenuto

  • Connettiti con Facebook Log In with Google      Connettiti   
  • Registrati

Foto
- - - - -

Hijckthis Log


  • Per cortesia connettiti per rispondere
3 risposte a questa discussione

#1 ReDirEct_y3K

ReDirEct_y3K

    Member

  • Members
  • StellettaStelletta
  • 79 messaggi

Inviato 06 agosto 2004 - 02:59

Finalmente posso chiedere per avere informazioni su questo... grazie per il servizio...

Logfile of HijackThis v1.98.1
Scan saved at 2.36.12, on 06/08/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\Navnt\navapsvc.exe
C:\PROGRA~1\Navnt\npssvc.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Programmi\BIL-ISDN\isdnsta.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\The Cleaner\tca.exe
C:\Programmi\The Cleaner\tcm.exe
C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\TGTSoft\StyleXP\StyleXP.exe
C:\Programmi\Navnt\navapw32.exe
C:\Programmi\GetRight\getright.exe
C:\Programmi\GetRight\getright.exe
C:\Programmi\Nikon\NkView4\NkVwMon.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\PROGRA~1\Navnt\alertsvc.exe
C:\Documents and Settings\KrAshOveR\Desktop\morpheus\emule\emule.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\KrAshOveR\Impostazioni locali\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://arianna.libero.it
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.libero.it
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = ReDirEct_y3K RuLeS!!!!!!!!!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.libero.it:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\System32\pmxinit.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NPS Event Checker] C:\PROGRA~1\Navnt\npscheck.exe
O4 - HKLM\..\Run: [NAV DefAlert] C:\PROGRA~1\Navnt\defalert.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISDNStatus] C:\Programmi\BIL-ISDN\isdnsta.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [tcactive] C:\Programmi\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\Programmi\The Cleaner\tcm.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [Outpost Firewall] C:\Programmi\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PasswordManagerXP] "C:\Programmi\Password Manager XP\PwdManager.exe" /check
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [STYLEXP] C:\Programmi\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Autoprotezione Norton AntiVirus.lnk = C:\Programmi\Navnt\navapw32.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Programmi\GetRight\getright.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkVwMon.exe.lnk = C:\Programmi\Nikon\NkView4\NkVwMon.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\programmi\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\programmi\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download with GetRight - C:\Programmi\GetRight\GRdownload.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Genera password usando Password Manager XP - C:\Programmi\Password Manager XP\GenPwd.htm
O8 - Extra context menu item: Inserisci la password dal Password Manager XP - C:\Programmi\Password Manager XP\InsPwd.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Programmi\GetRight\GRbrowse.htm
O8 - Extra context menu item: Salva la password in Password Manager XP - C:\Programmi\Password Manager XP\SavePwd.htm
O8 - Extra context menu item: Si&milar Pages - res://c:\programmi\google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programmi\ICQ\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programmi\ICQ\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\Programmi\Agnitum\Outpost Firewall\TRASH.EXE (HKCU)
O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\Programmi\Agnitum\Outpost Firewall\TRASH.EXE (HKCU)
O9 - Extra button: Password Manager XP - {7379d689-cc96-451d-b46e-6bbe4ca6b02d} - C:\Programmi\Password Manager XP\PwdManager.exe (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.libero.it
O16 - DPF: {11111111-1111-1111-1111-111111111123} -
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windup...0cdc9defbb7eddc
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.googl...g/GoogleNav.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamesp...nch/alaunch.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installen...gine/isetup.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredim...er/imloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D5572D8-831A-4E5C-9760-228DFA28EDF4}: NameServer = 193.70.152.25 193.70.192.25

GRAZIE ANTICPATI

#2 netquik

netquik

    Tweakness Admin

  • Admin
  • 3827 messaggi

Inviato 06 agosto 2004 - 03:15

Ciao ReDirEct_y3K@libero.it e benvenuto!

non mi hai detto che problemi hai...

comunque... vediamo il log:


non trovo nulla di anomalo tranne queste due righe residuo di spyware da eliminare

O16 - DPF: {11111111-1111-1111-1111-111111111123} -
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windup...0cdc9defbb7eddc


qual' il tuo problema?

ciao a presto :glass:

#3 ReDirEct_y3K

ReDirEct_y3K

    Member

  • Members
  • StellettaStelletta
  • 79 messaggi

Inviato 06 agosto 2004 - 03:19

Bhe in effeti nessun problemma... volevo solo sapere se nel log ci fosse qualcosa di anomalo... grazie per l'accoglienza... e per la risposta :)

#4 netquik

netquik

    Tweakness Admin

  • Admin
  • 3827 messaggi

Inviato 06 agosto 2004 - 03:20

prego... quando vuoi...

ciauz




0 utente(i) stanno leggendo questa discussione

0 utenti, 0 ospiti, 0 utenti anonimi