Help Dialer

capitan pc · 15-09-2005, 22:40

Ciao a tutti, help ho l'impressione che ci sia un dialer nel computer di un mio amico. allego il log di HIJACKTHIS

Grazie

Logfile of HijackThis v1.99.1
Scan saved at 18.15.14, on 15/09/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\CARPSERV.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAMMI\NORTON ANTIVIRUS\IWP\NPFMNTOR.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAMMI\WINAMP3\WINAMPA.EXE
C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAMMI\FILE COMUNI\ADAPTEC SHARED\CREATECD\CREATECD50.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\PROGRAMMI\ADAPTEC\EASY CD CREATOR 5\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAMMI\WINZIP\WZQKPICK.EXE
C:\WINDOWS\TWAIN_32\A4CIS\WATCH.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\SNDSRVC.EXE
F:\WAL CD\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pcw.it
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [WinampAgent] "C:\Programmi\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [LexStart] lexstart.exe
O4 - HKLM\..\Run: [Symantec Core LC] C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [CreateCD50] "C:\Programmi\File comuni\Adaptec Shared\CreateCD\CreateCD50.exe" -r
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Programmi\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [NPFMonitor] C:\Programmi\Norton AntiVirus\IWP\NPFMntor.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Programmi\File comuni\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O4 - Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Watch.lnk = C:\WINDOWS\TWAIN_32\A4CIS\WATCH.exe
O4 - Startup: TextBridge Instant Access OCR.lnk = C:\Program Files\TextBridge Classic\Bin\TBMenu.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O14 - IERESET.INF: START_PAGE_URL=http://www.pcw.it

FOXYLADY · 15-09-2005, 23:17

Il log sembra pulito, se vuoi toglierti il dubbio prova una scansione con
Spybot
Ewido
e poi installa un antidialer, tipo questo

Ciao

15-09-2005, 22:40	#1
capitan pc Member Iscritto dal: Jul 2005 Messaggi: 112	Help Dialer Ciao a tutti, help ho l'impressione che ci sia un dialer nel computer di un mio amico. allego il log di HIJACKTHIS Grazie Logfile of HijackThis v1.99.1 Scan saved at 18.15.14, on 15/09/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\CARPSERV.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\CCSETMGR.EXE C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\CCEVTMGR.EXE C:\PROGRAMMI\NORTON ANTIVIRUS\IWP\NPFMNTOR.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\PROGRAMMI\WINAMP3\WINAMPA.EXE C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\CCAPP.EXE C:\PROGRAMMI\FILE COMUNI\ADAPTEC SHARED\CREATECD\CREATECD50.EXE C:\WINDOWS\SYSTEM\LEXBCES.EXE C:\PROGRAMMI\ADAPTEC\EASY CD CREATOR 5\DIRECTCD\DIRECTCD.EXE C:\WINDOWS\SYSTEM\RPCSS.EXE C:\PROGRAMMI\WINZIP\WZQKPICK.EXE C:\WINDOWS\TWAIN_32\A4CIS\WATCH.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\LEXPPS.EXE C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\SNDSRVC.EXE F:\WAL CD\HIJACKTHIS\HIJACKTHIS.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pcw.it R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [WinampAgent] "C:\Programmi\Winamp3\winampa.exe" O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [LexStart] lexstart.exe O4 - HKLM\..\Run: [Symantec Core LC] C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe start O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [CreateCD50] "C:\Programmi\File comuni\Adaptec Shared\CreateCD\CreateCD50.exe" -r O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Programmi\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe" O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe" O4 - HKLM\..\RunServices: [NPFMonitor] C:\Programmi\Norton AntiVirus\IWP\NPFMntor.exe O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Programmi\File comuni\Symantec Shared\Script Blocking\SBServ.exe" -reg O4 - Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE O4 - Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE O4 - Startup: Watch.lnk = C:\WINDOWS\TWAIN_32\A4CIS\WATCH.exe O4 - Startup: TextBridge Instant Access OCR.lnk = C:\Program Files\TextBridge Classic\Bin\TBMenu.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O14 - IERESET.INF: START_PAGE_URL=http://www.pcw.it __________________ Capitan Pc

15-09-2005, 23:17	#2
FOXYLADY Senior Member Iscritto dal: Oct 2004 Città: Milano Messaggi: 2641	Il log sembra pulito, se vuoi toglierti il dubbio prova una scansione con Spybot Ewido e poi installa un antidialer, tipo questo Ciao __________________ FOXYLADY è un MASCHIO!! Un amico è una persona che sa tutto di te e nonostante questo gli piaci

Strumenti
Mostra una versione stampabile Invia questa pagina per email