Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

DIALER INSISTENTE...TROPPO!!

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

DIALER INSISTENTE...TROPPO!!

Postdi monclar » 22/12/06 09:19

Questo è il mio LOG, cosa devo eliminare oltre agli ovvi "SEXY" ?
Grazie anticipatamente e un buon natale a tutti voi!

Logfile of HijackThis v1.99.1
Scan saved at 9.06.55, on 22/12/2006
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\ibmpmsvc.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\Ati2evxx.exe
C:\Programmi\NavNT\defwatch.exe
C:\WINNT\system32\cba\pds.exe
C:\Programmi\NavNT\rtvscan.exe
C:\WINNT\System32\QCONSVC.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\cba\xfr.exe
C:\WINNT\system32\MsgSys.EXE
C:\WINNT\Explorer.EXE
C:\WINNT\System32\tp4serv.exe
C:\WINNT\System32\atiptaxx.exe
C:\WINNT\AGRSMMSG.exe
C:\WINNT\System32\PRPCUI.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY.EXE
C:\WINNT\System32\RunDll32.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\PROGRA~1\ThinkPad\CONNEC~1\Qctray.exe
C:\Programmi\NavNT\vptray.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINNT\loadqm.exe
C:\WINNT\Temp\ktub3.exe
C:\WINNT\System32\internat.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sirio.llpp.it:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Class - {DA39029C-D291-A968-3FF4-D0990D5CB5FC} - C:\Programmi\LinkOptimizer\LinkOptimizer.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [tourpath] regedit /s c:\winnt\tour.reg
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe
O4 - HKLM\..\Run: [TPTRAY] C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY.EXE
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [QCTRAY] C:\PROGRA~1\ThinkPad\CONNEC~1\Qctray.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [ConfigSafe] C:\CFGSAFE\NTFSCLUP.EXE
O4 - HKLM\..\Run: [CSScheduleCheck] C:\CFGSAFE\SCHWIZEX.EXE -CHECK
O4 - HKLM\..\Run: [vptray] C:\Programmi\NavNT\vptray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Automation] mslaugh.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [MSN BETA] service.exe
O4 - HKLM\..\Run: [m4n70s Personal Firewall] m4n70s.exe
O4 - HKLM\..\Run: [Windows Compliant] vkrekn.exe
O4 - HKLM\..\Run: [systemin] C:\WINNT\System32\Norton Anti Viros.exe
O4 - HKLM\..\Run: [MS Windows Explorer TM] svforest.exe
O4 - HKLM\..\Run: [windows auto update] msblast.exe
O4 - HKLM\..\Run: [ktub3.exe] C:\WINNT\Temp\ktub3.exe
O4 - HKLM\..\RunServices: [MSN BETA] service.exe
O4 - HKLM\..\RunServices: [m4n70s Personal Firewall] m4n70s.exe
O4 - HKLM\..\RunServices: [Windows Compliant] vkrekn.exe
O4 - HKLM\..\RunServices: [MS Windows Explorer TM] svforest.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [MSN BETA] service.exe
O4 - HKCU\..\Run: [Windows Compliant] vkrekn.exe
O4 - HKCU\..\Run: [m4n70s Personal Firewall] m4n70s.exe
O4 - HKCU\..\Run: [SessoXXX] C:\Documents and Settings\Administrator\Dati applicazioni\SessoXXX[1].exe t
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINNT\System32\Macromed\Flash\GetFlash.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: SessoXXX - {EF6D6AE3-2625-40D6-A5AB-920DFD2DAF8C} - C:\Documents and Settings\Administrator\Dati applicazioni\SessoXXX[1].exe
O15 - Trusted Zone: http://www.archiviosex.net
O15 - Trusted Zone: http://www.hastalavista.it
O15 - Trusted Zone: http://www.master69.biz
O15 - Trusted Zone: http://www.otherchance.com
O15 - Trusted Zone: http://www.redfunny.com
O15 - Trusted Zone: http://www.sgrunt.biz
O15 - Trusted Zone: http://www.yeak.net
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Programmi\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Programmi\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://C:\Programmi\AutoCAD 2002\InstFred.ocx
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Programmi\AutoCAD 2002\AcPreview.ocx
O20 - Winlogon Notify: NavLogon - C:\WINNT\System32\NavLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Programmi\NavNT\defwatch.exe
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINNT\System32\ibmpmsvc.exe
O23 - Service: Intel File Transfer - Intel Corporation - C:\WINNT\system32\cba\xfr.exe
O23 - Service: Intel PDS - Intel Corporation - C:\WINNT\system32\cba\pds.exe
O23 - Service: Norton AntiVirus Server - Symantec Corporation - C:\Programmi\NavNT\rtvscan.exe
O23 - Service: QCONSVC - Unknown owner - C:\WINNT\System32\QCONSVC.EXE
O23 - Service: sikhb - Unknown owner - \\?\C:\Programmi\clock$.exe (file missing)
monclar
Utente Junior
 
Post: 49
Iscritto il: 02/03/06 12:45
Località: palermo

Sponsor
 

Postdi Dylan666 » 31/12/06 03:40

Hai il LinkOptimizer e molte altre schifezze, lo vedi incollando il log qui:

http://hijackthis.de/it

Vedi quanto detto qua:
http://www.pc-facile.com/forum/viewtopic.php?t=49816

PS: non eseguire HijackThis da una cartella temporanea, estrailo in una cartella tutta sua sul desktop, in documenti o dove ti pare, ma non lanciarlo da dentro il file ZIP
Avatar utente
Dylan666
Moderatore
 
Post: 38040
Iscritto il: 18/11/03 16:46


Torna a Sicurezza e Privacy


Topic correlati a "DIALER INSISTENTE...TROPPO!!":


Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti