duda

[lupusellobo]

Hola a todos tengo una duda con respecto a mi log.



Logfile of HijackThis v1.99.1

Scan saved at 16.53.34, on 11/09/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)



Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programmi\Sygate\SPF\smc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\GEARSec.exe

C:\Programmi\Eset\nod32krn.exe

C:\Programmi\Symantec\Norton Ghost\Agent\PQV2iSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\D-Link\DSL-200\dslstat.exe

C:\Program Files\D-Link\DSL-200\dslagent.exe

C:\Programmi\Eset\nod32kui.exe

C:\Programmi\Symantec\Norton Ghost\Agent\GhostTray.exe

C:\Programmi\File comuni\Logitech\QCDriver\LVCOMS.EXE

C:\Programmi\File comuni\Real\Update_OB\realsched.exe

C:\WINDOWS\vsnpstd.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programmi\Messenger\msmsgs.exe

C:\Programmi\MSN Messenger\msnmsgr.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Programmi\eMule\emule.exe

C:\Programmi\MSN Messenger\msnmsgr.exe

C:\Programmi\Internet Explorer\iexplore.exe

C:\Programmi\Internet Explorer\iexplore.exe

C:\hijackthis\HijackThis.exe



R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\D-Link\DSL-200\dslstat.exe icon

O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\D-Link\DSL-200\dslagent.exe

O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Programmi\Symantec\Norton Ghost\Agent\GhostTray.exe

O4 - HKLM\..\Run: [LVCOMS] C:\Programmi\File comuni\Logitech\QCDriver\LVCOMS.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe

O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe

O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://camera.buffalotrace.com/activex/AMC.cab

O16 - DPF: {7F8B2500-3B5D-474C-B828-C766ECE3AB3C} (ATLmosquito1 Class) - http://voceviva-vip.tiscali.it/netphone/ocx/mosquito.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://sciencecentercam.fas.harvard.edu/activex/AxisCamControl.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{3FBA7649-8386-4452-A34E-754AB357A250}: NameServer = 213.205.32.70 213.205.36.70

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe

O23 - Service: Norton Ghost - Symantec Corporation - C:\Programmi\Symantec\Norton Ghost\Agent\PQV2iSvc.exe

O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Programmi\Sygate\SPF\smc.exe





Queria saber si estos son peligrosos y de donde salen (los elimino)

O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://camera.buffalotrace.com/activex/AMC.cab



O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://sciencecentercam.fas.harvard.edu/activex/AxisCamControl.cab





O17 - HKLM\System\CCS\Services\Tcpip\..\{3FBA7649-8386-4452-A34E-754AB357A250}: NameServer = 213.205.32.70 213.205.36.70



gracias y disculpen las molestias.

[msc hotline sat]

La primera clave hace referencia a una aplicacion o driver de una camara AXIS:



http://www.axis.com/techsup/cam_servers/tech_notes/205_live_video.htm



Tu sabrás si la has instalado o no. En caso que no tengas ni sepas nada al repescto eliminala.



__________





y la segunda mas de lo mismo. Al respecto mira:çç[quote]function video() {

document.write("<OBJECT ID=\"AxisCamControl\" CLASSID=\"CLSID:917623D1-D8E5-11D2-BE8B-00104B06BDE3\" WIDTH=\"400\" HEIGHT=\"290\" CODEBASE=\"/activex/AxisCamControl.cab#Version=1,0,2,15\">");

document.write("<PARAM NAME=DisplaySoundPanel VALUE=0>");

document.write("<PARAM NAME=URL VALUE=\"http://192.168.1.95/axis-cgi/mjpg/video.cgi?camera=&resolution=640x 480\">");

document.write("</OBJECT>");

}



is calling specific activex controls for the Axis cam... the 192.168... is a local ip (on your computer), so I assume you're serving the cam from your computer... I'm guessing the Axis script probably looks for a camera id tag, so it will only work with Axis brand cameras...



You might look at the documents that came with the new cam, most newer cameras come with java based software for doing webcam



There is also 3rd party software, such as Active Webcam (at a very reasonable 29 dollars US) that is easy to use and I believe even sets up it's own http server so people can connect directly to your computer without using other server software



But, to answer your question, the above code won't work with the Philips probably because the activex cab file is looking only for Axis brand cameras... you might have a java based webcam solution that came with the Philips camera... otherwise, you'll need to use camera-independent 3rd party software, such as Active Webcam, or there is also an activex software package, http://www.vintasoft.com/ , that works with any twain compliant camera, and it's cheaper than the Active Webcam... it does more but is harder to set up than Active Webcam [/quote]

Sobre la tercera es normal para acceso a servidores de Internet



Y mucho cuidado con tocar nada del registro, sin conocimiento de causa...



saludos



ms, 11-09-2005

[lupusellobo]

Gracias y saludos

[msc hotline sat]

Vien, pues solucionadas las dudas, procedemos a cerrar el Tema



saludos



ms, 12-09-2005



[b]NOTA: Y RECUERDA [/b]



https://foros.zonavirus.com/viewtopic.php?t=1307