Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

Trojan.StartPage

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

Trojan.StartPage

Postdi ascra71 » 17/02/05 16:34

Non sono troppo esperto ed ach'io moi sono beccato questo fastidiosissimo Trojan.StartPage. Ho installato HijackThis e vi scrivo la scansione fatta sul mio computer. Chiedo aiuto a chi riesce a risolvermi il problema.
Logfile of HijackThis v1.99.0
Scan saved at 16.22.50, on 17/02/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\Explorer.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\WINNT\system32\internat.exe
C:\Programmi\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmi\AutoCAD 2002 Ita\acad.exe
C:\WINNT\CDILLA64.EXE
C:\WINNT\system32\ntvdm.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Llpp.grippa\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\LLPP~1.GRI\IMPOST~1\Temp\se.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\LLPP~1.GRI\IMPOST~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {7BA16B74-0FB2-4B47-B37E-3408B67665CD} - C:\WINNT\system32\mabd.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programmi\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8\programs\MFIndexer.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O16 - DPF: {1F831FA9-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - http://pointa.autodesk.com/portal/lang/ita/InstFred.Ocx
O16 - DPF: {737D14F8-4090-11D4-AE0E-0010830243BD} (SysVerChk Control) - http://pointa.autodesk.com/portal/lang/ ... VerChk.ocx
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Controllo AcDc oggi) - file://C:\Programmi\AutoCAD 2002 Ita\AcDcToday.ocx
O16 - DPF: {AE563729-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - http://pointa.autodesk.com/portal/lang/ita/InstBanr.Ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Controllo AcPreview) - file://C:\Programmi\AutoCAD 2002 Ita\AcPreview.ocx
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = COMUNE-EBOLI.locale
O17 - HKLM\System\CCS\Services\Tcpip\..\{708A54E3-5CEB-4881-BF31-EBF94837BFFF}: NameServer = 212.131.30.42,212.131.30.43
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = COMUNE-EBOLI.locale
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = COMUNE-EBOLI.locale
O18 - Filter: text/html - {56625431-6590-42A0-8719-674DCAEF3409} - C:\WINNT\system32\mabd.dll
O18 - Filter: text/plain - {56625431-6590-42A0-8719-674DCAEF3409} - C:\WINNT\system32\mabd.dll
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: CentennialClientAgent - Centennial UK Ltd. - c:\centenn.ial\audit\CAgent32.exe
O23 - Service: CentennialIPTransferAgent - Centennial UK Ltd. - c:\centenn.ial\audit\xferwan.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Servizio amministrativo di Gestione disco logico - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Kodak Camera Connection Software - Eastman Kodak Company - C:\WINNT\system32\drivers\KodakCCS.exe
O23 - Service: Symantec AntiVirus Client - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: ptssvc - KODAK - C:\Programmi\Kodak\Kodak EasyShare software\bin\ptssvc.exe
O23 - Service: ScsiAccess - Unknown - C:\WINNT\System32\ScsiAccess.EXE

GRAZIEEEEE !!!!! :undecided:
ascra71
Newbie
 
Post: 1
Iscritto il: 17/02/05 16:27

Sponsor
 

Postdi Dylan666 » 17/02/05 16:57

C'è un topic già aperto sul problema, seguilo e casomai scrivi lì:

http://www.pc-facile.com/forum/viewtopic.php?t=28187
Avatar utente
Dylan666
Moderatore
 
Post: 38040
Iscritto il: 18/11/03 16:46


Torna a Sicurezza e Privacy


Topic correlati a "Trojan.StartPage":

trojan win32/sirefef
Autore: marzianu
Forum: Sicurezza e Privacy
Risposte: 27

Chi c’è in linea

Visitano il forum: Nessuno e 9 ospiti