Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

aiuto esame log di hijackthis

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

aiuto esame log di hijackthis

Postdi krevex83 » 02/08/08 14:03

Ciao a tutti, sono nuovo e mi dispiace portarvi subito un problema....
ho fatto lo scan con hijackthis e l'ho fatto esaminare sul sito... ho notato che ci sono alcuni processi di programmi che non ho più da tanto tempo....posso eliminarli?
sono questi:
O4 - HKLM\..\Run: [SpyStopperPro] C:\Programmi\SpyStopper Pro\ssp.exe
O4 - HKCU\..\Run: [Eraser] C:\Programmi\Eraser\eraser.exe -hide
Inoltre il sito mi da come sospetto questo:
O4 - HKLM\..\Policies\Explorer\Run: [win aggiornamento] C:\WINDOWS\winupdate.exe

Vi posto il log:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 21.28.54, on 01/08/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\Logitech\SetPoint\SetPoint.exe
C:\Programmi\NETGEAR\WPN111\wpn111.exe
C:\Programmi\File comuni\Logitech\KHAL\KHALMNPR.EXE
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Claudio\Desktop\Nuova cartella (2)\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programmi\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programmi\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SpyStopperPro] C:\Programmi\SpyStopper Pro\ssp.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CM-SmWizard] C:\WINDOWS\System\SmWizard.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\RunOnce: [AskTBar Uninstall] rundll32 C:\PROGRA~1\UNINST~1.DLL,O -2
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Programmi\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Eraser] C:\Programmi\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [AnyDVD] "C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKLM\..\Policies\Explorer\Run: [win aggiornamento] C:\WINDOWS\winupdate.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Libro dei ritagli HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programmi\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Selezione intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programmi\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} (CUpdateCtl Object) - http://update.hpphoto.com/download/HPSWUpdate.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{15DE4F45-E2F5-4F4F-BD55-18831DEE8924}: NameServer = 212.216.112.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{15DE4F45-E2F5-4F4F-BD55-18831DEE8924}: NameServer = 212.216.112.222
O17 - HKLM\System\CS4\Services\Tcpip\..\{15DE4F45-E2F5-4F4F-BD55-18831DEE8924}: NameServer = 212.216.112.222
O18 - Protocol: bw+0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {54D83E62-E1E1-48E9-AE4D-053B107E1DFB} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Programmi\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 20791 bytes

Grazie ancora......
krevex83
Newbie
 
Post: 5
Iscritto il: 02/08/08 13:29

Sponsor
 

Re: aiuto esame log di hijackthis

Postdi Luke57 » 02/08/08 14:20

Ciao, puoi elimnarli sicuramente, per quell'infezione;
Ciao,scarica sdfix da qui:
http://downloads.andymanchesta.com/Remo ... /SDFix.exe

Doppio click su SDFix.exe e il tool andrà ad estrarsi in C:\SDFix

* Adesso avvia il sistema in modalità provvisoria
-se non sa come andarci:
http://www.kuma215.it/WI/Mod_Provv.html

Poi - Apri la cartella SDFix situata in C:\ e fai un doppio click su RunThis.bat per lanciare lo script
- seleziona Y per avviare la pulizia
- Quando te lo chiederà premi un tasto per riavviare
(il sistema sarà piu lungo nell'avviarsi perchè lo script eseguirà l'eliminazione dei file trovati)
- Quando apparirà il desktop il tool terminerà il suo lavoro e visualizzerà il messaggio "Finished"
- Premi un tasto per terminare lo script e ricaricare le icone del desktop
- Il log sarà visualizzato automaticamente,altrimenti potrai trovarlo in C:\SDFix\Report.txt
Allegalo nel forum.
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10

Re: aiuto esame log di hijackthis

Postdi krevex83 » 02/08/08 16:13

Eccomi...ok ho fatto tutto...adesso ti allego il report di SDFix..... fammi sapere se è tutto ok....
grazie mille.....
Allegati

[L’estensione txt è stata disattivata e non puó essere visualizzata.]

krevex83
Newbie
 
Post: 5
Iscritto il: 02/08/08 13:29

Re: aiuto esame log di hijackthis

Postdi Luke57 » 02/08/08 18:54

Ciao, controlla il log di hijackthis; se trovi:
O4 - HKLM\..\Policies\Explorer\Run: [win aggiornamento] C:\WINDOWS\winupdate.exe
eliminala premendo fix checked.
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10

Re: aiuto esame log di hijackthis

Postdi krevex83 » 03/08/08 11:18

ciao....ho fatto lo scan con hijackthis e non ha trovato la voce che mi dici....presumo sia tutto ok no??
il problema è che non mi va più da ieri antivir....l'ombrellino è chiuso, se provo a fare gli aggiornamenti mi dice " scheduler not loaded" e se provo a disinstallarlo da pannello di controllo->installazione applicazioni mi da errore setup " setup could not determine the file list or was not able to read it correctly ".....ho combinato qualcosa???
Ti chiedo scusa per tutte queste rotture....al massimo formatto..... grazie ancora...sei gentilissimo luke57...
krevex83
Newbie
 
Post: 5
Iscritto il: 02/08/08 13:29

Re: aiuto esame log di hijackthis

Postdi Luke57 » 03/08/08 18:01

Ciao, hai provato a riattivare la funzione "active guard" dal pannello centrale?

facciamo un ulteriore controllo:
scarica silentrunners da qui:
http://www.silentrunners.org/Silent%20Runners.vbs
mettilo in una cartella apposita, avvia il file .vbs, si creerà un file di testo subito, ma affinchè si completi attendi che il programma annunci la fine dello scan con "done". Allega poi il file di testo prodotto a un post o incolla il suo contenuto.
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10

Re: aiuto esame log di hijackthis

Postdi krevex83 » 03/08/08 18:36

ciao luke, ho fatto un'altra cosa....siccome non andava del tutto antivir, l'ho reinstallato anche se era già presente sul pc..... adesso sembrerebbe funzionare....comunque provo a fare quello che mi hai consigliato......
krevex83
Newbie
 
Post: 5
Iscritto il: 02/08/08 13:29

Re: aiuto esame log di hijackthis

Postdi krevex83 » 03/08/08 18:42

Ho fatto quello che mi hai consigliato...ti allego il file.....grazie ancora......sei gentilissimo....
Allegati

[L’estensione txt è stata disattivata e non puó essere visualizzata.]

krevex83
Newbie
 
Post: 5
Iscritto il: 02/08/08 13:29


Torna a Sicurezza e Privacy


Topic correlati a "aiuto esame log di hijackthis":


Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti