|
|||||||
|
|
|
 |
|
|
Strumenti |
01-06-2006, 01:09
|
#1 |
|
Senior Member
Iscritto dal: Mar 2003
Messaggi: 680
|
come si toglie spyware quake??
Ho preso questo fetente di malware e non so proprio come toglierlo, ho provato già con un tool di nome smitrem, ed un altro francese a cui a molti ha funzionato.. ma a me nulla. Vi allego una scansione con hijackthis:
Logfile of HijackThis v1.99.1 Scan saved at 1.05.20, on 01/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe C:\WINDOWS\system32\rundll32.exe C:\Programmi\ClamWin\bin\ClamTray.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\iTunes\iTunesHelper.exe C:\Programmi\DIRC\DIRC.exe C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe C:\Programmi\Nokia\TSS Instrument API\bin\tray.exe C:\Programmi\Mozilla Firefox\firefox.exe C:\Programmi\Nokia\TSS Instrument API\bin\root.exe C:\PROGRA~1\WIDCOMM\SOFTWA~1\BTSTAC~1.EXE C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE C:\Programmi\iPod\bin\iPodService.exe C:\Documents and Settings\Enrico\Documenti\installer\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = : R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ScanRegistry] C:\W O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DIRC] C:\Programmi\DIRC\DIRC.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: TSS Instrument API Tray Utility.lnk = C:\Programmi\Nokia\TSS Instrument API\bin\tray.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{ADA0A99C-96AB-4686-9A92-A8D7A22A99C5}: NameServer = 85.37.17.11,85.38.28.69 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe che ne pensate?
__________________
https://docs.google.com/document/d/1...OznMquQ-E/edit |
|
|
01-06-2006, 01:22
|
#2 |
|
Senior Member
Iscritto dal: Nov 2001
Città: Bastia Umbra (PG)
Messaggi: 6395
|
che c'è un thread in rilievo da seguire in caso di infezioni
http://www.hwupgrade.it/forum/showthread.php?t=1142673
__________________
:: Il miglior argomento contro la democrazia è una conversazione di cinque minuti con l'elettore medio :: |
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 06:49.
