Problema con spycams...

[flashboy]

Ciao a tutti
ogni volta che apro internet explorer,la pagina principale non è quella che avevo impostato ma un motore di ricerca strano, allora vado su opzioni internet e la reimposto mettendo Google, sul momento funziona, ma dopo un po' eccola che ricompare, inoltre fra i preferiti ci sono tre link a dei siti di free spycams etc... ho fatto scansioni, sono andato ad eliminare i file da preferiti manualmente ma riappaiono sempre...nei programmi non c'è nulla di strano.
che cosìè compe posso fare?
Ho win Xp pro
grazie

[Habanero]

...leggere le discussioni in rilievo:
http://forum.html.it/forum/showthrea...hreadid=811189

[flashboy]

grazie mille non avevo notato

[flashboy]

ok rieccomi,
ho fatto tutto quello che c'è da fare nel link che mi ha dato Habanero, ma non ho risolto.
così sul sito della symantec ho fatto la scansione online e mi ha trovato il problema:
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\REW3R1OX\mostpopular[1].html il file infetto è Adware.CDT
cos' l'ho trovato nella lista:
http://www.symantec.com/avcenter/ven...dware.cdt.html
e ho seguito alla lettera tutto, ma non è servito a niente lo stesso...sono andato anche in regedit, anche se molte delle voci che riportava non c'erano alcune le ho trovate e le ho cancellate come c'è scritto lì, ma il problema persiste.
aiuto!

[amvinfe]

prova con una scansione online TrendMicro, l'URL lo trovi nel 3d in rilievo -links utili-
se non risolvi, posta un log di HijackThis

[flashboy]

Ciao, allora ho fatto la scansione online con Trendmicro,
e non è emerso nessun problema, come daltronde con tutti
gli altri programmi...ma il problema persiste:
ho questa pagina iniziale "http://wind-find.com" che neanche
si apre più fra l'altro, e questi 3 links tra i preferiti
a siti porno e spycams, ovviamente ho provato ad eliminarli
manualmente e da preferiti e da opzioni internet, ma riemergono
sempre

[flashboy]

il report di Hijackthis è troppo lungo non me lo fa inserire

[flashboy]

il fatto strano è che il problema persiste, ma sefaccio delle scansioni con qualsiasi programma, mi dice che non c'è nessun problema!
cmq provo a postare il file log di Hijack This a pezzi:

ecco il report di Hijack this:

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\Programmi\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmi\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\GSICON.EXE
C:\WINDOWS\System32\dslagent.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmi\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\Pinnacle\InstantCDDVD\InstantWrite\iw ctrl.exe
C:\windows\vnxpqrr.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\Alex\IMPOST~1\Temp\Rar$EX01.266\Hijack This.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://wind-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://wind-find.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wind-find.com/index.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://wind-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://wind-find.com/index.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RaidTool] C:\Programmi\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programmi\File comuni\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [InstantTray] C:\Programmi\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
O4 - HKCU\..\Run: [IW_Drop_Icon]

[flashboy]

C:\Programmi\Pinnacle\InstantCDDVD\InstantWrite\iw ctrl.exe /DropDisc
O4 - HKCU\..\Run: [upyntyf] c:\windows\vnxpqrr.exe
O4 - HKCU\..\Run: [amqyoke] c:\windows\vnxpqrr.exe
O4 - HKCU\..\Run: [dbsobnv] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [urswxqv] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [coaqhxf] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [sqonlyf] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [gmpkfdl] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [ervetgm] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [umxhyar] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [agccylo] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [kkgtavt] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [plohqxq] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [nhixjis] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [kixecqy] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [ythukij] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [wsjyood] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [ixkhguv] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [joabskd] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [sehjjsq] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [qynxxvt] c:\windows\kofeeux.exe
O4 - HKCU\..\Run: [mrqdqlt] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [vjfrxqr] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [mtjcnyk] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [qawjtqf] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [qlilejn] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [dnfhfvk] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [wimufsn] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [vweulma] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [ftwawcy] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [uawxuqg] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [quisvxd] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [jlvjvqu] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [qlnakll] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [yfymixd] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [icuthxf] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [yydblyx] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [vmpngss] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [nohrvci] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [wxettdq] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [radgdsm] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [csdlvtb] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [fhibxac] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [qalqvmu] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [vfgtkou] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [atcxjhy] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [jvmgprc] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [hkaoina] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [wypcbxs] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [kjyltto] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [yysdett] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [phtdgqt] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [hcmodwd] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [liecsdx] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [paudhkt] c:\windows\vidxqjs.exe
O4 - HKCU\..\Run: [jjxbjnh] c:\windows\qbtwrby.exe
O4 - HKCU\..\Run: [kqgcbxp] c:\windows\ujpoyfj.exe
O4 - HKCU\..\Run: [inveabo] c:\windows\ujpoyfj.exe
O4 - HKCU\..\Run: [ypbikja] c:\windows\ujpoyfj.exe
O4 - HKCU\..\Run: [gkibdin] c:\windows\ujpoyfj.exe
O4 - HKCU\..\Run: [psmnych] c:\windows\ujpoyfj.exe
O4 - HKCU\..\Run: [lauamtu] c:\windows\ujpoyfj.exe
O4 - HKCU\..\Run: [tlrrsqp] c:\windows\ujpoyfj.exe
O4 - HKCU\..\Run: [gxgayph] c:\windows\youvkns.exe
O4 - HKCU\..\Run: [hlysivq] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [crppaxm] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [ynkcrls] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [ncmftpb] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [esmtlaf] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [kggickd] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [ohvtqad] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [mjlmpov] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [sltttfc] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [hnoaprt] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [wpsyaym] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [mhmaqfa] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [qxhaqkn] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [aeuqpko] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [mweykpu] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [xgsmyae] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [fvsjeff] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [apdomib] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [towiwsf] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [sgcdeap] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [qgwrhyc] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [aqisjgq] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [cxahyuy] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [wtsanrv] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [fqcfcnv] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [fpggytm] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [xbrexub] c:\windows\acdmgxl.exe
O4 - HKCU\..\Run: [btgfqlu] c:\windows\lbyorkb.exe
O4 - HKCU\..\Run: [smaynbf] c:\windows\lbyorkb.exe
O4 - HKCU\..\Run: [tpswgle] c:\windows\lbyorkb.exe
O4 - HKCU\..\Run: [vvwwiwn] c:\windows\lbyorkb.exe
O4 - HKCU\..\Run: [nkqctqu] c:\windows\lbyorkb.exe
O4 - HKCU\..\Run: [tmtfvlx] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [lmdocux] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [dxkrukv] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [gqmmtex] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [prsntas] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [olaepjn] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [wtcfnwg] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [cdekmto] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [hlbyjxg] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [elndrdb] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [evabrmv] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [xdwnaex] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [vwxxmox] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [sshobfx] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [ralwqjy] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [vutfcqr] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [ixkkwoc] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [vwyivuh] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [vymsvwk] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [oepsxrc] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [jqlhsmx] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [ffqfiqu] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [ragrstk] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [bujbona] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [vrbaoxw] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [babtoky] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [hdbyjtc] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [fayxrrl] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [uusovjs] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [wfmdcej] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [prqyabn] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [qjstjfj] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [vihoqgw] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [hshfpvu] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [frjywow] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [hfmpqfd] c:\windows\cplbrys.exe
O4 - HKCU\..\Run: [hlhsqop] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [sgwjhcl] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [ayhkcys] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [euawevj] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [srrdcsc] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [xvbaabg] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [ohvdhrq] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [gtgfylo] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [flljftg] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [ffxjpwc] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [sqoqkls] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [vmpuind] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [fphojgp] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [moiecxq] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [qmfjoxn] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [bkwatxu] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [qfxrvkx] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [mfgrcge] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [sfvqhuq] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [enwigcf] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [vgspuvt] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [pchhsiu] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [wamuimd] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [tspufrw] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [kjcmgdr] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [aqbfmqb] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [foilurv] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [nvudlge] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [fjvrvny] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [khoefnh] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [cqfpbex] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [gxlwdxi] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [ievgauu] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [eiudcqb] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [axfanoj] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [sicqqgb] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [yiduttx] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [blawmwr] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [qlwdtue] c:\windows\jtdxsoa.exe
O4 - HKCU\..\Run: [lehwnum] c:\windows\kipdbja.exe
O4 - HKCU\..\Run: [tavbiey] c:\windows\kipdbja.exe
O4 - HKCU\..\Run: [ggsvewj] c:\windows\kipdbja.exe
O4 - HKCU\..\Run: [qhtwett] c:\windows\kipdbja.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CC74596D-22C5-4A9B-962B-BFA055CCA5BD}: NameServer = 85.37.17.17 151.99.125.1
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Programmi\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

[amvinfe]

sinceramente uno non sa più come cavolo spiegare le cose nella speranza di farsi capire, ma è mai possibile che ogni volta si debbano ripetere, sino alla nausea, le stesse cose.

Il log va postato TUTTO, ANCHE LA PRIMA PARTE.
L'eseguibile di HijackThis va inserito in una nuova cartella e collocata in C:\Programmi.
Nessuno di noi si sogna nulla quando scrive un tutorial, se beneficiare (gratis) delle esperienze altrui non vi fa ne' caldo ne' freddo, a me se permetti dopo che impegno ore ed ore (arigratis) per scrivere tutorial ed aiutare persone, fa molto girare le scatole.

Se tu avessi avuto la compiacenza di "spendere" 5' del tuo tempo libero ed avessi letto il tutorial su HijackThis, non avresti inserito un log così strampalato.

Poi fai un po' come ti pare, lascio aperto questo 3d solo per darti l'opportunità di rispondere.