dopo aver visto che cosa aveva impestato il nostro pc di casa (GROMOZON)
La mia dolce metà si è un po' agitato per le sorti di quello che ha in ufficio...
Ha fatto una scansione con hijackthis che vi posto..
E' tutto in ordine? grazie mille ...
Fra
Logfile of HijackThis v1.97.7
Scan saved at 10.01.40, on 06/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\EPSON\EBAPI\eEBSVC.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\PROGRAM\SERVIC~1.EXE
C:\Programmi\F-Secure\Common\FSMA32.EXE
C:\Programmi\F-Secure\Common\FSMB32.EXE
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\BACKWE~1.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Programmi\F-Secure\Common\FCH32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programmi\F-Secure\Common\FAMEH32.EXE
C:\Programmi\F-Secure\Common\FSGK32.EXE
C:\Programmi\F-Secure\Common\FNRB32.EXE
C:\Programmi\F-Secure\Common\FIH32.EXE
C:\Programmi\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Programmi\F-Secure\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Outlook Express\msimn.exe
C:\Documents and Settings\fabio\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.autorita.energia.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {14D1A72D-8705-11D8-B120-0040F46CB696} - C:\Documents and Settings\fabio\Desktop\92710859.dll (file missing)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /source=HKLM
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programmi\F-Secure\Common\FSM32.EXE" /splash
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shoc ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{97DCAF2C-BED6-4922-B3D4-0E5C16F8C367}: NameServer = 193.70.192.15,193.70.152.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{97DCAF2C-BED6-4922-B3D4-0E5C16F8C367}: NameServer = 193.70.192.15,193.70.152.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{97DCAF2C-BED6-4922-B3D4-0E5C16F8C367}: NameServer = 193.70.192.15,193.70.152.25