MI CONTROLLERESTE questo file log di hijack this....
ho sempre dei problemi di immondizia-siti che si intrufolano tramite internet.
grazie in aniticipo. sergio.
Logfile of HijackThis v1.99.1
Scan saved at 10.28.39, on 28/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
F:\WINDOWS\System32\cisvc.exe
F:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Gigabyte\EasyTune4\et4Tray.exe
F:\Programmi\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Programmi\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
F:\Programmi\File comuni\Symantec Shared\ccApp.exe
c:\Programmi\Roxio\GoBack\GBPoll.exe
F:\WINDOWS\anvshell.exe
F:\Programmi\IPM\Adsl\DataWay\dslstat.exe
F:\WINDOWS\system32\dslagent.exe
F:\Programmi\Messenger\msmsgs.exe
C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
F:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
F:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
F:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Gigabyte\Gigabyte Windows Utility Manager\gwum.exe
C:\Programmi\Roxio\GoBack\GBTray.exe
C:\Programmi\Html2Pop3\html2pop3.exe
F:\Programmi\Norton AntiVirus\navapsvc.exe
C:\Programmi\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
F:\Programmi\Alice ti aiuta\bin\mpbtn.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\Programmi\Norton AntiVirus\SAVScan.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
F:\WINDOWS\System32\svchost.exe
F:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
F:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Programmi\Google\Google Desktop Search\GoogleDesktopIndex.exe
F:\Programmi\Google\Google Desktop Search\GoogleDesktopCrawl.exe
F:\WINDOWS\system32prodsrvs.exe
F:\WINDOWS\system32\cidaemon.exe
F:\DOCUME~1\Enrico\IMPOST~1\Temp\Directory temporanea 3 per hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - F:\Programmi\Libero 6x\PBHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - F:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - F:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [EasyTuneIV] C:\Programmi\Gigabyte\EasyTune4\et4Tray.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "F:\Programmi\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Programmi\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "F:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [DSLSTATEXE] F:\Programmi\IPM\Adsl\DataWay\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [Olympic] c:\programmi\sgrunt\IE4321.exe
O4 - HKCU\..\Run: [MSMSGS] "F:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [asustweakenable] F:\Programmi\ASUS\Tweaking Utilities\ATweak.exe /start
O4 - HKCU\..\Run: [Google Desktop Search] "F:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: gwum.lnk = C:\Programmi\Gigabyte\Gigabyte Windows Utility Manager\gwum.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: GoBack.lnk = C:\Programmi\Roxio\GoBack\GBTray.exe
O4 - Global Startup: html2pop3.lnk = C:\Programmi\Html2Pop3\html2pop3.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = F:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Alice ti aiuta.lnk = F:\Programmi\Alice ti aiuta\bin\matcli.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {00000000-0000-0000-0000-000020040000} -
http://www.68737075.com/connect/wla/x/alterwla3_4x.exeO16 - DPF: {321F38B6-7E5F-470E-B58C-927523B7AF92} -
http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1069_em_XP.cabO16 - DPF: {5F4D3335-3194-4167-85AE-E7325F2695EF} -
http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1068_em_XP.cabO16 - DPF: {5FD9726A-4977-449D-8352-25FDD8A510B5} -
http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1067_em_XP.cabO16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} -
http://es6-scripts.dlv4.com/binaries/egaccess4/egaccess4_1070_em_XP.cabO16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} -
http://deposito.hostance.net/dialer/605689.exeO16 - DPF: {FFFF0018-0001-101A-A3C9-08002B2F49FB} -
http://www.motorisubito.com/MotoriSubito.com.exeO17 - HKLM\System\CCS\Services\Tcpip\..\{E842735F-564A-45A5-AB4B-C0E184855A74}: NameServer = 85.37.17.47 85.38.28.82
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - F:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - F:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - F:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: GBPoll - Roxio, Inc. - c:\Programmi\Roxio\GoBack\GBPoll.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - F:\Programmi\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Programmi\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: ASUS Driver Helper Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - F:\Programmi\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - F:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - F:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
grazie mille. sergio