• N
    User Newbie

    ciao non riesco ad allegare il logfile che ho generato con HijackThis, mi dice file non valido, eppure è un file.txt! sai aiutarmi?:)grazie

    0
  • wolf.otakar
    Consiglio Direttivo

    Ciao nicolafriend,

    effettua un copia/incolla del log di hijackthis! 😉

    0
  • N
    User Newbie

    Logfile of HijackThis v1.99.1
    Scan saved at 9.23.51, on 11/09/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programmi\Ahead\InCD\InCDsrv.exe
    C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
    C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programmi\File comuni\Symantec Shared\ccApp.exe
    C:\Programmi\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    C:\Programmi\Ahead\InCD\InCD.exe
    C:\Programmi\QuickTime\qttask.exe
    C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
    C:\Programmi\VVSN\VVSN.exe
    C:\Programmi\File comuni\Symantec Shared\ccProxy.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Programmi\iTunes\iTunesHelper.exe
    C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
    C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
    C:\Programmi\File comuni\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Programmi\HbTools\Bin\4.8.4.0\HbtOEAddOn.exe
    C:\Programmi\HbTools\Bin\4.8.4.0\HbtWeatherOnTray.exe
    C:\Programmi\Hbtools\HBTV\HBTV.exe
    C:\Documents and Settings\SUPERVISOR\Dati applicazioni\semanatiba\syslcznp.exe
    C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Programmi\LClock\LClock.exe
    C:\Programmi\DS Clock\dsclock.exe
    C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
    C:\Programmi\eMule\emule.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
    C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
    C:\Programmi\TomTom HOME\TomTomHOME.exe
    C:\Programmi\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Programmi\Internet Explorer\iexplore.exe
    C:\Programmi\HbTools\Bin\4.8.4.0\HbtSrv.exe
    C:\Program Files\HijackThis\HijackThis.exe
    C:\Programmi\Messenger\msmsgs.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B9499803B2A2303766A - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\programmi\hbtools\hbtv\hbtvhelper.dll
    O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programmi\Need2Find\bar\1.bin\ND2FNBAR.DLL
    O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Programmi\RXToolBar\sfcont.dll (file missing)
    O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Programmi\HbTools\Bin\4.8.4.0\HbtHostIE.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
    O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Programmi\HbTools\Bin\4.8.4.0\HbtHostIE.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
    O4 - HKLM..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
    O4 - HKLM..\Run: [URLLSTCK.exe] C:\Programmi\Norton Internet Security\UrlLstCk.exe
    O4 - HKLM..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM..\Run: [MMTray] C:\Programmi\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    O4 - HKLM..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe
    O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM..\Run: [InCD] C:\Programmi\Ahead\InCD\InCD.exe
    O4 - HKLM..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
    O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
    O4 - HKLM..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
    O4 - HKLM..\Run: [VVSN] C:\Programmi\VVSN\VVSN.exe
    O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
    O4 - HKLM..\Run: [HbTools] C:\Programmi\HbTools\Bin\4.8.4.0\HbtOEAddOn.exe
    O4 - HKLM..\Run: [WeatherOnTray] C:\Programmi\HbTools\Bin\4.8.4.0\HbtWeatherOnTray.exe
    O4 - HKLM..\Run: [xdpbqtow] C:\WINDOWS\system32\cusheebl.exe
    O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM..\Run: [auoie] C:\Documents and Settings\SUPERVISOR\Dati applicazioni\semanatiba\syslcznp.exe
    O4 - HKCU..\Run: [NBJ] "C:\Programmi\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU..\Run: [LClock] C:\Programmi\LClock\LClock.exe
    O4 - HKCU..\Run: [DS Clock] C:\Programmi\DS Clock\dsclock.exe
    O4 - HKCU..\Run: [msboot.exe] C:\WINDOWS\system32\msboot.exe
    O4 - HKCU..\Run: [eMuleAutoStart] C:\Programmi\eMule\emule.exe -AutoStart
    O4 - Startup: TomTom HOME.lnk = C:\Programmi\TomTom HOME\TomTomHOME.exe
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
    O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
    O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN
    O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O15 - Trusted Zone: http://www.archiviosex.net
    O15 - Trusted Zone: *.archiviosex.net
    O15 - Trusted Zone: http://www.happyfile.net
    O15 - Trusted Zone: www.nodialup.name
    O15 - Trusted Zone: http://www.otherchance.com
    O15 - Trusted Zone: *.otherchance.com
    O15 - Trusted Zone: www.whatsnew.name
    O15 - Trusted Zone: *.whatsnew.name
    O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B2F49FB} - http://www.nodialup.name/ciuccia.exe
    O17 - HKLM\System\CCS\Services\Tcpip..{D51E656B-8516-43B7-A1BF-6D25091BA896}: NameServer = 85.37.17.6,85.38.28.89
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Programmi\RXToolBar\sfcont.dll
    O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programmi\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Programmi\Ahead\InCD\InCDsrv.exe
    O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
    O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe

    0
  • N
    User Newbie

    va bene ora?

    0
  • wolf.otakar
    Consiglio Direttivo

    @nicolafriend said:

    va bene ora?

    Si! 🙂

    Seleziona tutte queste voci con hijackthis:

    O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B9499 803B2A2303766A - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\programmi\hbtools\hbtv\hbtvhelper.dll

    O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programmi\Need2Find\bar\1.bin\ND2FNBAR.DLL

    O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Programmi\RXToolBar\sfcont.dll (file missing)

    O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Programmi\HbTools\Bin\4.8.4.0\HbtHostIE.dll

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Programmi\HbTools\Bin\4.8.4.0\HbtHostIE.dll

    O4 - HKLM..\Run: [VVSN] C:\Programmi\VVSN\VVSN.exe

    O4 - HKLM..\Run: [HbTools] C:\Programmi\HbTools\Bin\4.8.4.0\HbtOEAddOn.exe

    O4 - HKLM..\Run: [WeatherOnTray] C:\Programmi\HbTools\Bin\4.8.4.0\HbtWeatherOnTray. exe

    O4 - HKLM..\Run: [xdpbqtow] C:\WINDOWS\system32\cusheebl.exe

      	O4 - HKLM\..\Run: [auoie] C:\Documents and Settings\SUPERVISOR\Dati applicazioni\semanatiba\syslcznp.exe

    O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN

    O15 - Trusted Zone: http://www.archiviosex.net

      	O15 - Trusted Zone: *.archiviosex.net

    O15 - Trusted Zone: http://www.happyfile.net

      	O15 - Trusted Zone: www.nodialup.name

    O15 - Trusted Zone: http://www.otherchance.com

    O15 - Trusted Zone: *.otherchance.com

    O15 - Trusted Zone: www.whatsnew.name

    O15 - Trusted Zone: *.whatsnew.name

    O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B2F49FB} - http://www.nodialup.name/ciuccia.exe

      	O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Programmi\RXToolBar\sfcont.dll

  	O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)

    Selezionate tutte queste voci, premi FIX Checked!

    Fixate le voci, effettua una scansione con Ad-Aware e SuperAntiSpyware "aggiornati"!

    O4 - HKCU..\Run: [msboot.exe] C:\WINDOWS\system32\msboot.exe ---> prima di fixare questa voce, verifica questo msboot.exe su VirusTotal!

    Carica il file msboot.exe e attendi il risultato delle analisi del file, tramite email! 😉

    0
  • N
    User Newbie

    :)ok wolf ho fatto come mi hai detto...spero si sia risolto il problema...ciao e grazie!:ciauz:

    0
  • wolf.otakar
    Consiglio Direttivo

    Ciao nicolafriend,

    posta un nuovo log con hijackthis!!! 🙂

    0
  • N
    User Newbie

    Logfile of HijackThis v1.99.1
    Scan saved at 14.19.06, on 11/09/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programmi\Ahead\InCD\InCDsrv.exe
    C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
    C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programmi\File comuni\Symantec Shared\ccApp.exe
    C:\Programmi\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    C:\Programmi\Ahead\InCD\InCD.exe
    C:\Programmi\QuickTime\qttask.exe
    C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
    C:\Programmi\File comuni\Symantec Shared\ccProxy.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Programmi\iTunes\iTunesHelper.exe
    C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
    C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
    C:\Programmi\File comuni\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Programmi\LClock\LClock.exe
    C:\Programmi\DS Clock\dsclock.exe
    C:\Programmi\eMule\emule.exe
    C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
    C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programmi\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
    C:\Programmi\TomTom HOME\TomTomHOME.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Programmi\MSN Messenger\msnmsgr.exe
    C:\Programmi\MSN Messenger\usnsvc.exe
    C:\Programmi\MSN Messenger\livecall.exe
    C:\Programmi\Internet Explorer\iexplore.exe
    C:\Programmi\Messenger\msmsgs.exe
    C:\Program Files\HijackThis\HijackThis.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
    O4 - HKLM..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
    O4 - HKLM..\Run: [URLLSTCK.exe] C:\Programmi\Norton Internet Security\UrlLstCk.exe
    O4 - HKLM..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM..\Run: [MMTray] C:\Programmi\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    O4 - HKLM..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe
    O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM..\Run: [InCD] C:\Programmi\Ahead\InCD\InCD.exe
    O4 - HKLM..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
    O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
    O4 - HKLM..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
    O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
    O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU..\Run: [NBJ] "C:\Programmi\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU..\Run: [LClock] C:\Programmi\LClock\LClock.exe
    O4 - HKCU..\Run: [DS Clock] C:\Programmi\DS Clock\dsclock.exe
    O4 - HKCU..\Run: [msboot.exe] C:\WINDOWS\system32\msboot.exe
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU..\Run: [eMuleAutoStart] C:\Programmi\eMule\emule.exe -AutoStart
    O4 - Startup: TomTom HOME.lnk = C:\Programmi\TomTom HOME\TomTomHOME.exe
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
    O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O17 - HKLM\System\CCS\Services\Tcpip..{D51E656B-8516-43B7-A1BF-6D25091BA896}: NameServer = 85.37.17.6,85.38.28.89
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programmi\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Programmi\Ahead\InCD\InCDsrv.exe
    O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
    O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe

    0
  • wolf.otakar
    Consiglio Direttivo

    Ciao nicolafriend,

    @nicolafriend said:

    da un po' di giorni mi si apre una finestra di popup "nodialup.name" quando mi collego a internet, e non riesco a liberarmene!!!

    Risolto il problema del popup?

    Attendi ora, il risultato da Virus Total per il file: msboot.exe

    Se infetto o sospetto fixa questa voce con hijackthis:

    		 				O4 - HKCU\..\Run: [msboot.exe] C:\WINDOWS\system32\msboot.exe

    :ciauz:

    0
  • N
    User Newbie

    si credo che la finestra di popup non si apra più grazie! però ho ancora quel problema (la domanda che mi hai spostato) di xp che ci mette 10 minuti ad avviarsi....:ciauz:

    0
Effettua l'accesso per rispondere