Potreste aiutarmi cortesemente?
premesso che ho utilizzato gia ad-aware,
continuano ad aprirsi sole finestre di siti per adulti;
inoltre si è installata una toolbar in iexplorer piena di collegamenti
a siti vari anche adulti.
vi ringrazio anticipatamente.
questo è il log:
Logfile of HijackThis v1.99.1
Scan saved at 21.03.13, on 01/07/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\ctfmon.exe
c:\windows\system32\zsxtea.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\svcproc.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\svcproc.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\io\Desktop\Nuova
cartella\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
= Collegamenti
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Yahoo! Companion BHO -
{02478D38-C3F9-4efb-9B51-7695ECA05670} -
C:\Programmi\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O2 - BHO: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} -
C:\WINDOWS\System32\ntmxd.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\programmi\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} -
C:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus -
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton
AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Companion -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\Programmi\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} -
C:\WINDOWS\System32\ntmxd.dll
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec
Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RegSvr32] C:\WINDOWS\System32\msmsgs.exe
O4 - HKLM\..\Run: [nsbecgu] c:\windows\system32\zsxtea.exe r
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe"
/background
O4 - HKCU\..\Run: [WareOut] "C:\Programmi\WareOut\WareOut.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft
Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search -
res://c:\programmi\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links -
res://c:\programmi\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://c:\programmi\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages -
res://c:\programmi\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English -
res://c:\programmi\google\GoogleToolbar2.dll/cmtrans.html
O15 - Trusted Zone:
www.archiviosex.netO15 - Trusted Zone:
www.skymasters.bizO16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} -
ms-its:mhtml:file://C:tsk.mht!http://69.50.180.155/5/s1//q.chm::/file.
exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)
-
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120060435131
O17 -
HKLM\System\CCS\Services\Tcpip\..\{A4DB0F89-E327-4FF3-87FB-7BA17F3E2CA
9}: NameServer = 69.50.176.196,195.225.176.110
O17 -
HKLM\System\CCS\Services\Tcpip\..\{EE95B2B9-F132-493F-B46A-94D8AE3C03A
2}: NameServer = 69.50.176.196,195.225.176.110
O17 -
HKLM\System\CS1\Services\Tcpip\..\{A4DB0F89-E327-4FF3-87FB-7BA17F3E2CA
9}: NameServer = 69.50.176.196,195.225.176.110
O17 -
HKLM\System\CS2\Services\Tcpip\..\{A4DB0F89-E327-4FF3-87FB-7BA17F3E2CA
9}: NameServer = 69.50.176.196,195.225.176.110
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec
Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec
Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec
Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) -
Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton
AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec
Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner -
C:\WINDOWS\svcproc.exe