dodago
27-07-2007, 18:35
Come richiesta dal mitico e disponibile Lancetta adesso posto il log eseguito dal programma Hijackthis sul pc grande!
Aggiungo che ho anche eseguito la scansione all'avvio del sistema operativo da parte di avast.....
Adesso aspetto direttive.....
Ho postato con il pc piccolo ma pronto a testare il pc grande
Un ringraziamento a tutti voi per l'aiuto concesso......
Dodago
Logfile of HijackThis v1.99.1
Scan saved at 12.25.45, on 26/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\System32\wltrysvc.exe
I:\WINDOWS\System32\bcmwltry.exe
I:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
I:\Programmi\Alwil Software\Avast4\ashServ.exe
I:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
I:\Programmi\Alwil Software\Avast4\ashWebSv.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
I:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
I:\WINDOWS\Explorer.EXE
I:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
I:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
I:\Programmi\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
I:\Programmi\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe
I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\HPZipm12.exe
I:\WINDOWS\system32\svchost.exe
I:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
I:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
I:\Programmi\Microsoft IntelliType Pro\type32.exe
i:\programmi\pinnacle\shared files\programs\mediaserver\pmshost.exe
I:\Programmi\BillP Studios\WinPatrol\winpatrol.exe
I:\Programmi\Alwil Software\Avast4\ashDisp.exe
I:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe
I:\Programmi\Google\Google Updater\GoogleUpdater.exe
I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
I:\PROGRA~1\INCRED~1\bin\IMApp.exe
I:\WINDOWS\system32\wuauclt.exe
I:\Documents and Settings\AGO\Desktop\HijackThis.exe
I:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - I:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Programmi\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [type32] "I:\Programmi\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [WinPatrol] I:\Programmi\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKCU\..\Run: [swg] I:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [avast! service GUI component] I:\Programmi\Alwil Software\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [IncrediMail Tray Application] I:\Programmi\IncrediMail\bin\IncMail.exe
O4 - HKCU\..\Run: [IncrediMail] I:\Programmi\IncrediMail\bin\IncMail.exe /c
O4 - Startup: Avvio veloce di Adobe Reader.lnk = I:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Startup: Google Updater.lnk = I:\Programmi\Google\Google Updater\GoogleUpdater.exe
O4 - Startup: Microsoft Office.lnk = I:\Programmi\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://I:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3906F7BA-98B9-4405-8E62-CDDFC30B309B}: NameServer = 151.99.125.3,151.99.0.100
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "I:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: !SASWinLogon - I:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - I:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - I:\Programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - I:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - I:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Pinnacle Systems tvtv Spooler (EpgSpooler) - - i:\progra~1\pinnacle\mediac~1\epgspo~2.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - I:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - I:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NkPtpEnumP2 - Unknown owner - I:\Programmi\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe" -a -d="I:\Programmi\Nikon\Wireless Camera Setup Utility\NkPtpip.dll (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - i:\programmi\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - I:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - I:\WINDOWS\System32\wltrysvc.exe
Sono riuscito nell'intento??
Spero di sė;) ;)
Aggiungo che ho anche eseguito la scansione all'avvio del sistema operativo da parte di avast.....
Adesso aspetto direttive.....
Ho postato con il pc piccolo ma pronto a testare il pc grande
Un ringraziamento a tutti voi per l'aiuto concesso......
Dodago
Logfile of HijackThis v1.99.1
Scan saved at 12.25.45, on 26/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\System32\wltrysvc.exe
I:\WINDOWS\System32\bcmwltry.exe
I:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
I:\Programmi\Alwil Software\Avast4\ashServ.exe
I:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
I:\Programmi\Alwil Software\Avast4\ashWebSv.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
I:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
I:\WINDOWS\Explorer.EXE
I:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
I:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
I:\Programmi\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
I:\Programmi\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe
I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\HPZipm12.exe
I:\WINDOWS\system32\svchost.exe
I:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
I:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
I:\Programmi\Microsoft IntelliType Pro\type32.exe
i:\programmi\pinnacle\shared files\programs\mediaserver\pmshost.exe
I:\Programmi\BillP Studios\WinPatrol\winpatrol.exe
I:\Programmi\Alwil Software\Avast4\ashDisp.exe
I:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe
I:\Programmi\Google\Google Updater\GoogleUpdater.exe
I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
I:\PROGRA~1\INCRED~1\bin\IMApp.exe
I:\WINDOWS\system32\wuauclt.exe
I:\Documents and Settings\AGO\Desktop\HijackThis.exe
I:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - I:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Programmi\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [type32] "I:\Programmi\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [WinPatrol] I:\Programmi\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKCU\..\Run: [swg] I:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [avast! service GUI component] I:\Programmi\Alwil Software\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [IncrediMail Tray Application] I:\Programmi\IncrediMail\bin\IncMail.exe
O4 - HKCU\..\Run: [IncrediMail] I:\Programmi\IncrediMail\bin\IncMail.exe /c
O4 - Startup: Avvio veloce di Adobe Reader.lnk = I:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Startup: Google Updater.lnk = I:\Programmi\Google\Google Updater\GoogleUpdater.exe
O4 - Startup: Microsoft Office.lnk = I:\Programmi\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://I:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\nvappfilter.dll
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3906F7BA-98B9-4405-8E62-CDDFC30B309B}: NameServer = 151.99.125.3,151.99.0.100
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "I:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: !SASWinLogon - I:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - I:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - I:\Programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - I:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - I:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Pinnacle Systems tvtv Spooler (EpgSpooler) - - i:\progra~1\pinnacle\mediac~1\epgspo~2.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - I:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - I:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NkPtpEnumP2 - Unknown owner - I:\Programmi\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe" -a -d="I:\Programmi\Nikon\Wireless Camera Setup Utility\NkPtpip.dll (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - I:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - i:\programmi\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - I:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - I:\WINDOWS\System32\wltrysvc.exe
Sono riuscito nell'intento??
Spero di sė;) ;)