PcPrimiPassi.it FORUM: SICUREZZA INFORMATICA: Infezioni informatiche e Sicurezza informatica in generale
Topic: Post n° 18.209 - Postato: 05/Giugno/2005 alle 21:55 Topic: Post n° 18.213 - Postato: 05/Giugno/2005 alle 23:14Ho provato ad eliminare la cartella ma mi dice quanto segue:"Impossibile eliminare il file <<000001e5.vbs>>. Verificare i diritti di accesso ai supporti su cui si trova il file". Mah!!
Intanto provo a mettere Hijack.....
Topic: Post n° 18.214 - Postato: 05/Giugno/2005 alle 23:20
Topic: Post n° 18.215 - Postato: 05/Giugno/2005 alle 23:28Logfile of HijackThis v1.99.1
Scan saved at 23.22.54, on 05/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Network Associates\VirusScan\Avsynmgr.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmi\Network Associates\VirusScan\VsStat.exe
C:\Programmi\Network Associates\VirusScan\Vshwin32.exe
C:\Programmi\File comuni\Network Associates\McShield\Mcshield.exe
C:\Programmi\Network Associates\VirusScan\Webscanx.exe
C:\Programmi\Network Associates\VirusScan\Avconsol.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\LTSMMSG.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\Programmi\TOSHIBA\TouchED\TouchED.Exe
C:\Programmi\TOSHIBA\PadTouch\PadExe.exe
C:\WINDOWS\system32\TFNF5.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Programmi\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Programmi\MSN Apps\Updater\01.02.3000.1001\it\msnappau.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Programmi\Apoint2K\Apntex.exe
C:\Programmi\ADSL\StarModem ADSL USB MODEM\dslmon.exe
C:\WINDOWS\System32\mshta.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\Annalisa\IMPOST~1\Temp\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.unict.it/flls
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file:///C:\Programmi\TOSHIBA\Free Update Service\splash.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: CDllBho Object - {5A5B6916-ED71-4531-8018-E792DD44156E} - C:\WINDOWS\dd.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programmi\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.4000.1001\it\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Apps\MSN Toolbar\01.02.4000.1001\it\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TouchED] C:\Programmi\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [PadTouch] "C:\Programmi\TOSHIBA\PadTouch\PadExe.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [9xadiras] 9xadiras.exe
O4 - HKLM\..\Run: [2kadiras] 2kadiras.exe
O4 - HKLM\..\Run: [msnappau] "C:\Programmi\MSN Apps\Updater\01.02.3000.1001\it\msnappau.exe"
O4 - HKLM\..\Run: [JVM0.14] C:\WINDOWS\system32\xbtx.exe
O4 - HKLM\..\Run: [WinAmpAgent] C:\WINDOWS\winagent.exe /i
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Update.hta
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file:///C:\Programmi\TOSHIBA\Free Update Service\splash.html
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.ca b31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0F2C7F0-325C-454E-B72C-E F189C94D2F7}: NameServer = 193.70.152.15 193.70.152.25
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Programmi\Network Associates\VirusScan\Avsynmgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: McShield - Unknown owner - C:\Programmi\File comuni\Network Associates\McShield\Mcshield.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
Ecco il log e ora?
Topic: Post n° 18.218 - Postato: 05/Giugno/2005 alle 23:40Dimenticavo il mio sistema operativo è Windows xp home edition
Topic: Post n° 18.220 - Postato: 05/Giugno/2005 alle 23:46
Topic: Post n° 18.222 - Postato: 05/Giugno/2005 alle 23:51 Topic: Post n° 18.223 - Postato: 05/Giugno/2005 alle 23:55Scusate ma ho letto che il log bisogna farlo senza essere connessi.......bè, io l'ho fatto nel momento che ero connessa. Devo rifarlo senza connessione? Grazie ancora....
Topic: Post n° 18.224 - Postato: 06/Giugno/2005 alle 00:02SpyBot Search And Destroy v 1.4 (http://www.download.com/3001-8022_4-10401314.html)
Ad_Aware (Antispy) + lingua italiana
Topic: Post n° 18.225 - Postato: 06/Giugno/2005 alle 00:07
Topic Attivi
Lista Membri
Calendario
Cerca
Aiuto
Registrati
Login
