www.MegaLab.it

[guardia]

Salve a tutti,

anch'io ho un problema con il pc, ho fatto la scansione con hijackthis e mi è uscito il seguente logfile. Vi ringrazierei moltissimo se mi diceste quali di questi file posso definitivamente eliminare dal mio computer..

Grazie!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\downlo~1\p8oj4\s89s1e2.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Media Access\MediaAccK.exe
C:\Program Files\Media Access\MediaAccess.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\BRQIKMON.EXE
F:\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.msn.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - 3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - 3 - URLSearchHook: (no name) - 3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O3 - Toolbar: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)
O3 - Toolbar: ISTbar - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - C:\Programmi\ISTbar\istbarcm.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\PROGRA~1\YOURSI~1\ysb.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [¢‰¸u0Ô@ÔÁß]­ú"ü‰üžiC:\Programmi\ISTsvc\istsvc.exe] C:\WINDOWS\qfidq.exe
O4 - HKLM\..\Run: [¢‰¸u0ÔÁß]­ú"ü‰üžigÝC:\Programmi\ISTsvc\istsvc.exe] C:\WINDOWS\qfidq.exe
O4 - HKLM\..\Run: [OPho¿ÇÏÔ@ÔÁß]­ú"ü‰üC:\Programmi\ISTsvc\istsvc.exe] C:\WINDOWS\qfidq.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [¢‰¸u0–4C
}ïÁzîžigÝC:\Programmi\ISTsvc\istsvc.exe] C:\WINDOWS\qfidq.exe
O4 - HKLM\..\Run: [LaunchList] K:\Pinnacle Studio 9\LaunchList.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKCU\..\Run: [System Update] C:\WINDOWS\System\services.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O15 - Trusted IP range: frame.crazywinnings.com (HKLM)
O15 - Trusted IP range: frame.crazywinnings.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{46DF1171-D7AD-4AB9-A969-8A05DD8F49FC}
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {469933E6-87E9-480F-918E-CC64623D2DBE} - C:\Documents and Settings\Id\Impostazioni locali\Dati applicazioni\microsoft\internet explorer\V0.34.dat
O23 - Service: BrSplService - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

[crazy.cat]

Niente antivirus e firewall????

Hai un bel caos e alcune voci stranissime.
Da eliminare tutte queste qui sotto, ma poi è meglio che ti fai un controllo con qualche buon programma antispyware (Spysweeper) e Scangui che trovi nella nostra sezione dei download

C:\WINDOWS\downlo~1\p8oj4\s89s1e2.exe
R3 - URLSearchHook: (no name) - 3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - 3 - URLSearchHook: (no name) - 3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O3 - Toolbar: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)
O3 - Toolbar: ISTbar - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - C:\Programmi\ISTbar\istbarcm.dll (file missing)
O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\PROGRA~1\YOURSI~1\ysb.dll (file missing)
O4 - HKLM\..\Run: [¢‰¸u0Ô@ÔÁß]­ú"ü‰üžiC:\Programmi\ISTsvc\istsvc.exe] C:\WINDOWS\qfidq.exe
O4 - HKLM\..\Run: [¢‰¸u0ÔÁß]­ú"ü‰üžigÝC:\Programmi\ISTsvc\istsvc.exe] C:\WINDOWS\qfidq.exe
O4 - HKLM\..\Run: [OPho¿ÇÏÔ@ÔÁß]­ú"ü‰üC:\Programmi\ISTsvc\istsvc.exe] C:\WINDOWS\qfidq.exe
O4 - HKLM\..\Run: [¢‰¸u0–4C
}ïÁzîžigÝC:\Programmi\ISTsvc\istsvc.exe] C:\WINDOWS\qfidq.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKCU\..\Run: [System Update] C:\WINDOWS\System\services.exe
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O15 - Trusted IP range: frame.crazywinnings.com (HKLM)
O15 - Trusted IP range: frame.crazywinnings.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{46DF1171-D7AD-4AB9-A969-8A05DD8F49FC}
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

Sospetta???
O18 - Filter: text/html - {469933E6-87E9-480F-918E-CC64623D2DBE} - C:\Documents and Settings\Id\Impostazioni locali\Dati applicazioni\microsoft\internet explorer\V0.34.dat