Settimana scorsa ho eseguito con attenzione le indicazioni che mi sono state date x risolvere il problema, in modalità provvisoria sembra tutto sistemato, ma riavviando il computer in modalità normale mi ricompaiono gli stessi problemi. il file xmllib.dll c'è sempre e il mio antivurus trova sempre il CWS.VDOMP
cos'altyro potrei fare??
Logfile of HijackThis v1.99.1
Scan saved at 19.21.27, on 06/06/05
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\SMSSU.EXE
C:\WINDOWS\System32\Tmntsrv32.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Programmi\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\Programmi\ahead\InCD\InCD.exe
C:\Programmi\Real\RealPlayer\RealPlay.exe
C:\Programmi\File comuni\Nokia\Tools\NclTray.exe
C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
E:\Programmi\Java\jre1.5.0_01\bin\jusched.exe
C:\WINDOWS\System32\Linksts.exe
C:\Programmi\Adorons\Adorons Firewall\AdoronsFirewall.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmi\Messenger\msmsgs.exe
E:\Programmi\Spyware Doctor\swdoctor.exe
C:\WINDOWS\System32\SMSSU.EXE
C:\WINDOWS\System32\Tmntsrv32.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\Microsoft Office\Office\OSA.EXE
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\Programmi\Nokia\PC Suite for Nokia 6600\connmngmntbox.exe
C:\Programmi\Nokia\PC Suite for Nokia 6600\ectaskscheduler.exe
C:\Programmi\Microsoft Office\Office\FINDFAST.EXE
E:\Programmi\SpySub.exe
C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe
C:\Programmi\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe
C:\PROGRA~1\WIDCOMM\SOFTWA~1\BTSTAC~1.EXE
C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE
C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
G:\ultimi\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
www.tiscali.itR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
www.yahoo.itR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://default.home/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://default.homeR1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
www.google.itR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
www.virgilio.itR0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
www.virgilio.itR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - E:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: XMLDP Class - {60371670-81B9-4d06-9C42-4DEC1AABE62B} - C:\WINDOWS\xmllib.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - E:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: (no name) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file)
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Programmi\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programmi\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RealTray] C:\Programmi\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Programmi\File comuni\Nokia\Tools\NclTray.exe
O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] C:\Programmi\File comuni\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Programmi\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [ISDN Monitor] Linksts.exe W 1024
O4 - HKLM\..\Run: [Adorons Firewall] C:\Programmi\Adorons\Adorons Firewall\AdoronsFirewall.exe
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [XFILTER] C:\Programmi\Adorons\Adorons Firewall\ESPfSdk.dll
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - Global Startup: Avvio Office.lnk = C:\Programmi\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: PCSuiteperNokia6600 Detect.lnk = ?
O4 - Global Startup: PCSuiteperNokia6600 TS.lnk = ?
O4 - Global Startup: Ricerca rapida.lnk = C:\Programmi\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: SpySubtract.lnk = E:\Programmi\SpySub.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - E:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\espfspi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\espfspi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\espfspi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\espfspi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\espfspi.dll
O15 - Trusted Zone: *.adorons.com
O16 - DPF: {1F831FA9-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://E:\Programmi\AutoCAD LT 2002 Ita\InstFred.ocx
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cabO16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Controllo AcDc oggi) - file://E:\Programmi\AutoCAD LT 2002 Ita\AcDcToday.ocx
O16 - DPF: {ADC3EA10-8A28-41A9-96B4-534ADFC3CA0A} (Configuratore Auto Control) -
http://www.sava.it/configuratore/configuratoreauto.cabO16 - DPF: {AE563729-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://E:\Programmi\AutoCAD LT 2002 Ita\InstBanr.ocx
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Controllo AcPreview) - file://E:\Programmi\AutoCAD LT 2002 Ita\AcPreview.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{744408D3-39B9-4AE5-B6D6-41EAF8FA88CA}: NameServer = 192.168.0.200
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll
O23 - Service: Apache Tomcat 4.1 - Alexandria Software Consulting - C:\Programmi\Apache Group\Tomcat 4.1\bin\tomcat.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\Programmi\MATLAB6p1\webserver\bin\win32\matlabserver.exe
O23 - Service: MySql - Unknown owner - E:/Database/mysql/bin/mysqld-nt.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe