|
| HOMEPAGE | INDICE FORUM | REGOLAMENTO | ::. | NEI PREFERITI | .:: | RSS Forum | RSS News | NEWS web | NEWS software | |
| PUBBLICITA' | | | ARTICOLI | WIN XP | VISTA | WIN 7 | REGISTRI | SOFTWARE | MANUALI | RECENSIONI | LINUX | HUMOR | HARDWARE | DOWNLOAD | | | CERCA nel FORUM » | |
04-11-2011, 20.11.28 | #1 |
Senior Member
Registrato: 08-06-2006
Messaggi: 325
|
hijack this-2-una anomalia che non risolvo
di cosa si tratta? è da togliere? ------------------------- ho provato e cancellato il file: nlssrv 32; poi in hijackthis ho provato inutilmente a cancellare il servizio 023 nalpeiron, per cui ho poi ripristinato il file nlssrv 32, e ora attendo un possibile aiuto. ---------------------------- grazie ------------------------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19.02.29, on 04/11/11 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17103) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Avira\AntiVir Desktop\sched.exe C:\Programmi\Avira\AntiVir Desktop\avguard.exe C:\Programmi\Java\jre7\bin\jqs.exe C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nlssrv32.exe C:\Programmi\Raxco\PerfectDisk\PDAgent.exe C:\Programmi\Avira\AntiVir Desktop\avshadow.exe C:\Programmi\Sony\PMB\PMBDeviceInfoProvider.exe C:\WINDOWS\system32\HPZipm12.exe C:\Programmi\Photodex\ProShowProducer\ScsiAccess.e xe C:\Programmi\File comuni\Seagate\Schedule2\schedul2.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\UPHClean\uphclean.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Ashampoo\Ashampoo FireWall FREE\FireWall.exe C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe C:\Programmi\Avira\AntiVir Desktop\avgnt.exe C:\Programmi\QuickTime\qttask.exe C:\Programmi\Microsoft Office\Office14\WINWORD.EXE C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Hijack this- 2.004\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.repubblica.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programmi\Orbitdownloader\orbitcth.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\I E\rpbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\Microsoft Office\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Ashampoo FireWall] "C:\Programmi\Ashampoo\Ashampoo FireWall FREE\FireWall.exe" -TRAY O4 - HKLM\..\Run: [Nuance OmniPage 17-reminder] "C:\Programmi\Nuance\OmniPage17\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Dati applicazioni\ScanSoft\OmniPage 17\Ereg\Ereg.ini" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Download by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\Microsoft Office\Office14\ONBttnIE.dll/105 O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.8. ... ontrol.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\Browseui.dll O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\Browseui.dll O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Programmi\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Programmi\Avira\AntiVir Desktop\avguard.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programmi\Java\jre7\bin\jqs.exe O23 - Service: KMService - Unknown owner - C:\Windows\System32\srvany.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: This service enables products that use the Nalpeiron Licensing System. (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\nlssrv32.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDEngine.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Programmi\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ScsiAccess - Unknown owner - C:\Programmi\Photodex\ProShowProducer\ScsiAccess.e xe O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Seagate Scheduler2 Service (SgtSch2Svc) - Seagate - C:\Programmi\File comuni\Seagate\Schedule2\schedul2.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 7952 bytes
___________________________________
cesareco |
05-11-2011, 12.25.29 | #2 |
Senior Member
Registrato: 08-06-2006
Messaggi: 325
|
preciso il mio attuale stallo:
con hijackthis-2.0.4 ho il seguente servizio, a cui rinuncio, e che hjijackthis non riesce a cancellarmi: O23 - Service: This service enables products that use the Nalpeiron Licensing System. (nlsX86cc) - Unknown owner - C:\WINDOWS\system32\nlssrv32.exe (file missing) in precedenza avevo cancellato il file: nlssrv-exe, che ora risulta quindi mancante. chiedo: ho provato a leggere i servizi di windows, ma non sono riuscito a individuare questo naperion, per disattivarlo manualmente, per cui penso che dopo hijackthis lo cancellerà. dove posso cancellare questo servizio? grazie
___________________________________
cesareco |
05-11-2011, 16.31.02 | #3 |
Hero Member
Registrato: 26-11-2000
Messaggi: 974
|
Hai provato a cercare nel registro il file chiamato "nlssrv32.exe", probabilmente sarà inserito in una voce da cancellare interamente. Fai una copia di sicurezza del registro completo, riavvia in modalità provvisoria e cerca con regedit il file. Comunque, prima, con google trovi informazioni sul file: http://www.file.net/it/processo/nlssrv32.exe.html
|
06-11-2011, 06.27.01 | #4 |
Senior Member
Registrato: 08-06-2006
Messaggi: 325
|
grazie
___________________________________
cesareco |
Utenti attualmente attivi che stanno leggendo questa discussione: 1 (0 utenti e 1 ospiti) | |
Strumenti discussione | |
|
|
Discussioni simili | ||||
Discussione | Autore discussione | Forum | Risposte | Ultimo messaggio |
Hijack Retaliator 3.5 | Macao | Archivio News Software | 4 | 14-11-2005 16.48.46 |
Browser Hijack 4.0 | Macao | Archivio News Software | 0 | 19-09-2005 01.29.52 |
Hijack Retaliator 3.0 | Macao | Archivio News Software | 2 | 16-07-2005 12.49.20 |
Hijack Retaliator 1.1 | Macao | Archivio News Software | 0 | 06-05-2005 01.01.53 |
programmi dirottatori hijack | mistral | Sicurezza&Privacy | 10 | 17-05-2004 00.41.35 |