ValeriaVitolo
12-01-2005, 21:32
Posto quello che mi dà Hijack....
mi aiutate a capire se è tutto ok?
Grazie
Logfile of HijackThis v1.97.7
Scan saved at 20.37.50, on 12/01/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\windows\System32\nvsvc32.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
C:\windows\System32\msmsgs.exe
C:\Programmi\Analog Devices\SoundMAX\Smtray.exe
C:\windows\System32\rundll32.exe
C:\Programmi\BullsEye Network\bin\bargains.exe
C:\windows\System32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Sharp\Sharpdesk\SharpTray.exe
C:\Programmi\Sharp\Button Manager A\btnman.exe
C:\Programmi\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Documents and Settings\user\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.couldnotfind.com/search_page.html?&account_id=153315
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotfind.com/search_page.html?&account_id=153315
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.slotch.com/?&account_id=153315
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_page.html?&account_id=153315
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\windows\nem219.dll (file missing)
O2 - BHO: (no name) - {002EB272-2590-4693-B166-FBD5D9B6FEA6} - C:\windows\multimpp.dll (file missing)
O2 - BHO: NavErrRedir Class - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL
O2 - BHO: (no name) - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\windows\System32\msbe.dll (file missing)
O3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\Programmi\ISTbar\istbar.dll (file missing)
O4 - HKLM\..\Run: [Smapp] C:\Programmi\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Win32 USB2.0 Driver] 386.exe
O4 - HKLM\..\Run: [Windows Updater] lsdat.exe
O4 - HKLM\..\Run: [WSSAConfiguration] wmmon32.exe
O4 - HKLM\..\Run: [Microsoft Update 32] explore32.exe
O4 - HKLM\..\Run: [WindowsRegKeys update] winsysi.exe
O4 - HKLM\..\Run: [Microsoft Windows Updater] winupdate.exe
O4 - HKLM\..\Run: [Win32 USB2 Driver] syscfg32.exe
O4 - HKLM\..\Run: [IST Service] C:\Programmi\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [MSN UPDATER] msnplugins.exe
O4 - HKLM\..\Run: [awubft] C:\windows\System32\bfbhfr.exe
O4 - HKLM\..\Run: [conscorr] C:\windows\conscorr.exe
O4 - HKLM\..\Run: [Reg Service] REGSRV32.EXE
O4 - HKLM\..\Run: [Windows backup] systems.exe
O4 - HKLM\..\Run: [Cryptographic Service] C:\windows\System32\kgoxegn.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [blah service] ccapps32.exe
O4 - HKLM\..\Run: [Sys29] C:\windows\system32\winena32.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Programmi\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [sais] c:\programmi\180solutions\sais.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Programmi\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [System Update] C:\windows\System32\sxdqidk.exe
O4 - HKLM\..\Run: [Windows Messenger] msmsgs.exe
O4 - HKLM\..\Run: [vcz] C:\WINDOWS\vcz.exe
O4 - HKLM\..\RunServices: [Win32 USB2.0 Driver] 386.exe
O4 - HKLM\..\RunServices: [Windows Updater] lsdat.exe
O4 - HKLM\..\RunServices: [WSSAConfiguration] wmmon32.exe
O4 - HKLM\..\RunServices: [Microsoft Update 32] explore32.exe
O4 - HKLM\..\RunServices: [WindowsRegKeys update] winsysi.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Updater] winupdate.exe
O4 - HKLM\..\RunServices: [Win32 USB2 Driver] syscfg32.exe
O4 - HKLM\..\RunServices: [MSN UPDATER] msnplugins.exe
O4 - HKLM\..\RunServices: [Reg Service] REGSRV32.EXE
O4 - HKLM\..\RunServices: [Windows backup] systems.exe
O4 - HKLM\..\RunServices: [blah service] ccapps32.exe
O4 - HKLM\..\RunServices: [Windows Messenger] msmsgs.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SharpTray] C:\Programmi\Sharp\Sharpdesk\SharpTray.exe
O4 - HKCU\..\Run: [Win32 USB2.0 Driver] 386.exe
O4 - HKCU\..\Run: [Win32 USB2 Driver] syscfg32.exe
O4 - HKCU\..\Run: [Windows Updater] lsdat.exe
O4 - HKCU\..\Run: [Microsoft Update 32] explore32.exe
O4 - HKCU\..\Run: [WindowsRegKeys update] winsysi.exe
O4 - HKCU\..\Run: [Microsoft Windows Updater] winupdate.exe
O4 - HKCU\..\Run: [MSN UPDATER] msnplugins.exe
O4 - HKCU\..\Run: [Windows Messenger] msmsgs.exe
O4 - HKCU\..\RunServices: [MSN UPDATER] msnplugins.exe
O4 - HKLM\..\RunOnce: [Windows Messenger] msmsgs.exe
O4 - HKCU\..\RunOnce: [Windows Messenger] msmsgs.exe
O4 - Global Startup: Button Manager.lnk = C:\Programmi\Sharp\Button Manager A\btnman.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programmi\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: SideFind (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {1F831FA9-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://C:\Programmi\AutoCAD 2002 Ita\InstFred.ocx
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Controllo AcDc oggi) - file://C:\Programmi\AutoCAD 2002 Ita\AcDcToday.ocx
O16 - DPF: {AE563729-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Programmi\AutoCAD 2002 Ita\InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Controllo AcPreview) - file://C:\Programmi\AutoCAD 2002 Ita\AcPreview.ocx
mi aiutate a capire se è tutto ok?
Grazie
Logfile of HijackThis v1.97.7
Scan saved at 20.37.50, on 12/01/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\windows\System32\nvsvc32.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
C:\windows\System32\msmsgs.exe
C:\Programmi\Analog Devices\SoundMAX\Smtray.exe
C:\windows\System32\rundll32.exe
C:\Programmi\BullsEye Network\bin\bargains.exe
C:\windows\System32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Sharp\Sharpdesk\SharpTray.exe
C:\Programmi\Sharp\Button Manager A\btnman.exe
C:\Programmi\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Documents and Settings\user\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.couldnotfind.com/search_page.html?&account_id=153315
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotfind.com/search_page.html?&account_id=153315
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.slotch.com/?&account_id=153315
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_page.html?&account_id=153315
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\windows\nem219.dll (file missing)
O2 - BHO: (no name) - {002EB272-2590-4693-B166-FBD5D9B6FEA6} - C:\windows\multimpp.dll (file missing)
O2 - BHO: NavErrRedir Class - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL
O2 - BHO: (no name) - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\windows\System32\msbe.dll (file missing)
O3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\Programmi\ISTbar\istbar.dll (file missing)
O4 - HKLM\..\Run: [Smapp] C:\Programmi\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Win32 USB2.0 Driver] 386.exe
O4 - HKLM\..\Run: [Windows Updater] lsdat.exe
O4 - HKLM\..\Run: [WSSAConfiguration] wmmon32.exe
O4 - HKLM\..\Run: [Microsoft Update 32] explore32.exe
O4 - HKLM\..\Run: [WindowsRegKeys update] winsysi.exe
O4 - HKLM\..\Run: [Microsoft Windows Updater] winupdate.exe
O4 - HKLM\..\Run: [Win32 USB2 Driver] syscfg32.exe
O4 - HKLM\..\Run: [IST Service] C:\Programmi\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [MSN UPDATER] msnplugins.exe
O4 - HKLM\..\Run: [awubft] C:\windows\System32\bfbhfr.exe
O4 - HKLM\..\Run: [conscorr] C:\windows\conscorr.exe
O4 - HKLM\..\Run: [Reg Service] REGSRV32.EXE
O4 - HKLM\..\Run: [Windows backup] systems.exe
O4 - HKLM\..\Run: [Cryptographic Service] C:\windows\System32\kgoxegn.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [blah service] ccapps32.exe
O4 - HKLM\..\Run: [Sys29] C:\windows\system32\winena32.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Programmi\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [sais] c:\programmi\180solutions\sais.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Programmi\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [System Update] C:\windows\System32\sxdqidk.exe
O4 - HKLM\..\Run: [Windows Messenger] msmsgs.exe
O4 - HKLM\..\Run: [vcz] C:\WINDOWS\vcz.exe
O4 - HKLM\..\RunServices: [Win32 USB2.0 Driver] 386.exe
O4 - HKLM\..\RunServices: [Windows Updater] lsdat.exe
O4 - HKLM\..\RunServices: [WSSAConfiguration] wmmon32.exe
O4 - HKLM\..\RunServices: [Microsoft Update 32] explore32.exe
O4 - HKLM\..\RunServices: [WindowsRegKeys update] winsysi.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Updater] winupdate.exe
O4 - HKLM\..\RunServices: [Win32 USB2 Driver] syscfg32.exe
O4 - HKLM\..\RunServices: [MSN UPDATER] msnplugins.exe
O4 - HKLM\..\RunServices: [Reg Service] REGSRV32.EXE
O4 - HKLM\..\RunServices: [Windows backup] systems.exe
O4 - HKLM\..\RunServices: [blah service] ccapps32.exe
O4 - HKLM\..\RunServices: [Windows Messenger] msmsgs.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SharpTray] C:\Programmi\Sharp\Sharpdesk\SharpTray.exe
O4 - HKCU\..\Run: [Win32 USB2.0 Driver] 386.exe
O4 - HKCU\..\Run: [Win32 USB2 Driver] syscfg32.exe
O4 - HKCU\..\Run: [Windows Updater] lsdat.exe
O4 - HKCU\..\Run: [Microsoft Update 32] explore32.exe
O4 - HKCU\..\Run: [WindowsRegKeys update] winsysi.exe
O4 - HKCU\..\Run: [Microsoft Windows Updater] winupdate.exe
O4 - HKCU\..\Run: [MSN UPDATER] msnplugins.exe
O4 - HKCU\..\Run: [Windows Messenger] msmsgs.exe
O4 - HKCU\..\RunServices: [MSN UPDATER] msnplugins.exe
O4 - HKLM\..\RunOnce: [Windows Messenger] msmsgs.exe
O4 - HKCU\..\RunOnce: [Windows Messenger] msmsgs.exe
O4 - Global Startup: Button Manager.lnk = C:\Programmi\Sharp\Button Manager A\btnman.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programmi\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: SideFind (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {1F831FA9-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://C:\Programmi\AutoCAD 2002 Ita\InstFred.ocx
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Controllo AcDc oggi) - file://C:\Programmi\AutoCAD 2002 Ita\AcDcToday.ocx
O16 - DPF: {AE563729-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Programmi\AutoCAD 2002 Ita\InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Controllo AcPreview) - file://C:\Programmi\AutoCAD 2002 Ita\AcPreview.ocx