|
|||||||
|
|
|
 |
|
|
Strumenti |
10-10-2005, 14:46
|
#1 |
|
Member
Iscritto dal: Aug 2004
Messaggi: 102
|
Log Hijack This!
Salve a tutti
Dato che ultimamente mi sembra di avere un pò di problemi col pc, forse dovuti ad un Trojan avuto di recente, volevo chiedere se voi esperti potevate dare una occhiata al mio log di Hijack This! e dirmi se secondo voi c'è qualcosa che non va. Uso WIN 98 SE, non ho il virus My Doom, e non ho installato gli spyware di Messenger Plus. Logfile of HijackThis v1.97.7 Scan saved at 15.28.55, on 10/10/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\HIDSERV.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE C:\PROGRAMMI\MESSENGERPLUS! 3\MSGPLUS.EXE C:\PROGRAMMI\FILE COMUNI\SOFTWIN\BITDEFENDER COMMUNICATOR\XCOMMSVR.EXE C:\PROGRAMMI\FILE COMUNI\SOFTWIN\BITDEFENDER SCAN SERVER\BDSS.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\LOADQM.EXE C:\WINDOWS\ANVSHELL.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\PROGRAMMI\NORTON ANTIVIRUS\NAVAPW32.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\PROGRAMMI\SYGATE\SPF\SMC.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE C:\PROGRAMMI\HIJACKTHIS.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.altavista.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\PROGRAMMI\DAP\DAPIEBAR.DLL O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [anvshell] anvshell.exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui O4 - HKLM\..\Run: [CnxDslTaskBar] ; "C:\WINDOWS\SYSTEM\CnxDslTb.exe" O4 - HKLM\..\Run: [BDNewsAgent] ; "C:\PROGRAMMI\SOFTWIN\BITDEFENDER8\bdnagent.exe" O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Programmi\File comuni\Symantec Shared\Script Blocking\SBServ.exe" -reg O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE O4 - HKLM\..\RunServices: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\RunServices: [BitDefender Communicator] "C:\Programmi\File comuni\Softwin\BitDefender Communicator\\xcommsvr.exe" O4 - HKLM\..\RunServices: [BitDefender Scan Server] "C:\Programmi\File comuni\Softwin\BitDefender Scan Server\\bdss.exe" O4 - HKLM\..\RunServices: [BitDefender Live! Init] "C:\Programmi\Softwin\BitDefender8\bdinit.exe" O4 - Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM\E_SRCV03.EXE O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O9 - Extra button: Run DAP (HKLM) O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll O12 - Plugin for .png: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://active.macromedia.com/flash2/cabs/swflash.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab32846.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab30149.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab30149.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab30149.cab O16 - DPF: {1EDF25DE-DFB2-40CA-AA83-30AE7DA8C203} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.co...haringctrl.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...262.4979976852 O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/def...ploader_v6.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab |
|
|
10-10-2005, 14:51
|
#2 |
|
Bannato
Iscritto dal: Jan 2003
Città: Lucca
Messaggi: 9119
|
dai prima un'occhiata quà: http://www.hwupgrade.it/forum/showpo...55&postcount=1
Chiedi altrimenti nel solito Thread in rilevo: http://www.hwupgrade.it/forum/showthread.php?t=937676 EDIT: incollando nell'analizzatore (automatico) il tuo log, è emerso che l'unico elemento sospetto è questo: O9 - Extra button: Run DAP (HKLM) Fixalo se non lo conosci. Ultima modifica di nV 25 : 10-10-2005 alle 14:55. |
|
|
|
10-10-2005, 14:54
|
#3 |
|
Senior Member
Iscritto dal: Sep 2004
Messaggi: 6387
|
esatto si prega di usare il 3d ufficiale per non intasare la prima pagina della sezione con le stesse 3d
|
|
|
|
10-10-2005, 14:55
|
#4 |
|
Senior Member
Iscritto dal: Sep 2004
Messaggi: 6387
|
msgplus ce l'hai eccome
 cmq del log manca un pezzo mi sa 
|
|
|
|
10-10-2005, 14:58
|
#5 |
|
Member
Iscritto dal: Aug 2004
Messaggi: 102
|
Messo nel topic ufficiale
 Msgplus l'ho isntallato ma senza spyware |
|
|
|
10-10-2005, 15:15
|
#6 | |
|
Senior Member
Iscritto dal: Sep 2004
Messaggi: 6387
|
Quote:
|
|
|
|
|
10-10-2005, 16:02
|
#7 |
|
Senior Member
Iscritto dal: Mar 2004
Città: Rimini
Messaggi: 10296
|
Ciao,
chiuso perchè trasferito QUI Per controllo log Hijackthis si prega di avvalersi del thread ufficiale
__________________
sometimes they come back *** Life Happens! - (Professionista I.T. - Tecnico Telecomunicazioni) Latitude E6420 I7 2760QM SSD Crucial M4-512GB --- Tecra R840 I5 2520M SSD Samsung 830-256GB --- Macbook Pro 13,3" I5 2435M SSD Samsung 830-256GB |
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 08:43.
