PDA

Visualizza versione completa : HijackThis



Boe.
23-12-2004, 00.59.17
Qualcuno di voi lo utilizza? Se si sareste così buoni da consigliarmi cosa eliminare dal mio sistema per renderlo un pò più agile?


Logfile of HijackThis v1.97.7
Scan saved at 1.02.00, on 23/12/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Programmi\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\PROGRA~1\ZoneAlarm\zapro.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\NotifyPhoneBook.exe
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Security Task Manager\TaskMan.exe
C:\Documents and Settings\gianluca\Desktop\Utility\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 221.137.40.205:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [CTStartup] C:\Programmi\Creative\SBAudigy\Program\CTEaxSpl.EX E /run
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Programmi\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZoneAlarm\zapro.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Win32 System Spool] spoolsvc.exe
O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Collegamenti a ritroso - res://c:\programmi\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

Boe.
23-12-2004, 01.00.02
O8 - Extra context menu item: Pagine simili - res://c:\programmi\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Versione cache della pagina - res://c:\programmi\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Ricerche (HKLM)
O9 - Extra button: ICQ Lite (HKLM)
O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15007/CTSUEng.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094565040695
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F05FEA23-A6B9-4628-83DB-C3D040DE3D6E}: NameServer = 213.92.5.54 194.20.8.4



non è che ci capisca poi tanto :D

ais001[db]
23-12-2004, 01.09.06
... troppo pericoloso e troppo "smanettone".


... usa SpyBot ed Ad-Aware.

Boe.
23-12-2004, 10.33.35
adoro il pericolo.. il mio nome è bond.. boenetbond :D

Ci sono un sacco di forum stranieri - uno in particolare di gente "fuori" completamente - dove tu posti quella robaccia li e dopo un paio di minuti ti rispondono in maniera a dir poco assurda :cool:

Gli altri li uso già.. ti dirò che ho provato anche security task manager e lo trovo piuttosto interessante. Conosci?

dragoelliott
23-12-2004, 11.37.48
Beh, non so, ma il logitech e quicktime potresti disattivarli...;)
Avete mai provato Giant Antiispyware? ottimo secondo me!:)

aciddeath
23-12-2004, 21.24.56
Originally posted by Boenet
Ci sono un sacco di forum stranieri - uno in particolare di gente "fuori" completamente - dove tu posti quella robaccia li e dopo un paio di minuti ti rispondono in maniera a dir poco assurda :cool:
m spediresti 1 pm?! ..thx

ecro
23-12-2004, 23.13.20
http://hijackthis.de/index.php?langselect=italian

blamecanada
23-12-2004, 23.28.07
Originally posted by dragoelliott
Beh, non so, ma il logitech e quicktime potresti disattivarli...;)
Avete mai provato Giant Antiispyware? ottimo secondo me!:)

logitech te lo sconsiglio, se ci tieni alle funzioni dei tasti supplementari del mouse


quick time disattivalo (o installa direttamente quick time alternative...)