r16 ha scritto:Ciao
Fixa in
MODALITA PROVVISORIA questa voce di HijackThis:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
Fai una pulizia co CCleaner (registro compreso)
http://www.aiutaamici.com/software?ID=11223Riprova a fare una scansione con ad-aware 2007 e vedi se rileva ancora quel virus.
Ciao.
In un modo e nell'altro alla fine sono riuscito a fare la scansione con combofix che ti posto insieme al log hijack.
Ho provato a fare come dicevi tu eliminando quella voce di hijack e fare pulizia, ma ad-aware segnala ancora quel virus.
Grazie per la eventuale risposta.
ComboFix 08-05-01.1 - andrea 2008-05-04 2:07:41.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.229 [GMT 2:00]
Eseguito da: C:\Documents and Settings\andrea\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\Downloaded Program Files\amqs41k
C:\WINDOWS\Downloaded Program Files\xpmomgu
C:\WINDOWS\Downloaded Program Files\YhVqeuO
C:\WINDOWS\Downloaded Program Files\YhVqeuO\pAQBUL.dat
.
((((((((((((((((((((((((( Files Creati Da 2008-04-04 al 2008-05-04 )))))))))))))))))))))))))))))))))))
.
2008-05-03 12:27 . 2008-05-03 12:27 <DIR> d-------- C:\Documents and Settings\Administrator
2008-05-02 22:46 . 2008-05-03 23:52 <DIR> d-------- C:\VEXPLITE
2008-05-02 22:46 . 2008-03-17 19:23 39,808 --a------ C:\WINDOWS\system32\drivers\VIRAGTLT.SYS
2008-05-02 01:25 . 2008-05-02 01:25 <DIR> d-------- C:\Programmi\Trend Micro
2008-05-01 18:20 . 2008-05-01 18:20 <DIR> d-------- C:\Programmi\ClamWin
2008-05-01 18:20 . 2008-05-01 18:21 <DIR> d-------- C:\Documents and Settings\andrea\Dati applicazioni\.clamwin
2008-05-01 18:20 . 2008-05-01 18:20 <DIR> d-------- C:\Documents and Settings\All Users\.clamwin
2008-04-29 21:56 . 2008-04-29 21:56 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2008-04-19 23:15 . 2008-04-26 14:09 <DIR> d-------- C:\Programmi\SpywareBlaster
2008-04-19 23:15 . 2008-05-02 17:59 <DIR> d-a------ C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2008-04-06 18:39 . 2008-04-06 18:40 <DIR> d-------- C:\Programmi\Windows Live Safety Center
2008-04-05 13:41 . 2008-04-05 13:41 <DIR> d-------- C:\WINDOWS\uniscanTmp
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-03 23:57 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-05-03 18:26 --------- d-----w C:\Programmi\eMule
2008-05-01 17:21 --------- d-----w C:\Programmi\eSoftware
2008-04-19 11:47 --------- d-----w C:\Programmi\DXBall2
2008-03-21 12:06 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft
2008-03-21 12:05 --------- d-----w C:\Programmi\Lavasoft
2008-03-21 12:04 --------- d-----w C:\Documents and Settings\andrea\Dati applicazioni\Lavasoft
2008-03-21 12:03 --------- d-----w C:\Programmi\File comuni\Wise Installation Wizard
2008-03-20 08:06 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:06 1,845,248 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-08 12:40 --------- d-----w C:\Programmi\Dialer Control
2008-03-08 12:39 --------- d-----w C:\Programmi\Coolspot
2008-03-01 16:28 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:57 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-29 08:57 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-22 18:57 691,545 ----a-w C:\WINDOWS\unins000.exe
2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-20 06:50 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:50 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:33 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:33 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:33 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-15 05:44 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-10-01 18:28 13,411,824 ----a-w C:\Programmi\Google_Earth_BZXD.exe
2005-12-22 17:27 0 -c--a-w C:\Documents and Settings\andrea\Dati applicazioni\wklnhst.dat
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w 253,952 2004-10-14 11:54:32 C:\hp\drivers\hplsbwatcher\bak\lsburnwatcher.exe
----a-w 339,968 2005-03-22 19:05:00 C:\Programmi\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe
----a-w 81,920 2004-07-27 14:50:18 C:\Programmi\File comuni\InstallShield\UpdateService\bak\issch.exe
----a-w 81,920 2004-07-27 14:50:18 C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
----a-w 221,184 2004-07-27 14:50:42 C:\Programmi\File comuni\InstallShield\UpdateService\bak\ISUSPM.exe
----a-w 221,184 2004-07-27 14:50:42 C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe
----a-w 49,152 2005-02-16 21:11:42 C:\Programmi\Hp\HP Software Update\bak\HPWuSchd2.exe
----a-w 233,534 2005-02-17 12:01:20 C:\Programmi\HPQ\Default Settings\bak\cpqset.exe
----a-w 290,816 2004-12-03 11:24:20 C:\Programmi\HPQ\Quick Launch Buttons\bak\EabServr.exe
----a-w 36,975 2005-03-04 01:36:46 C:\Programmi\Java\jre1.5.0_02\bin\bak\jusched.exe
----a-w 401,491 2004-02-24 13:25:24 C:\Programmi\Microsoft ActiveSync\bak\WCESCOMM.EXE
----a-w 98,304 2005-05-29 19:50:45 C:\Programmi\QuickTime\bak\qttask.exe
--sha-r 2,097,488 2008-01-28 10:43:40 C:\Programmi\Spybot - Search & Destroy\bak\TeaTimer.exe
----a-w 692,316 2005-02-02 12:11:12 C:\Programmi\Synaptics\SynTP\bak\SynTPEnh.exe
----a-w 102,492 2005-02-02 12:12:22 C:\Programmi\Synaptics\SynTP\bak\SynTPLpr.exe
----a-w 35,328 2006-06-21 17:14:50 C:\Programmi\Winamp\bak\winampa.exe
----a-w 15,360 2004-08-19 08:00:00 C:\WINDOWS\system32\bak\ctfmon.exe
----a-w 15,360 2004-08-19 13:00:00 C:\WINDOWS\system32\ctfmon.exe
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D83A7B12-A4D4-4984-8F72-D41C6B4C1E6E}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:00 15360]
"Sonic RecordNow! Deluxe"="" []
"EPSON Stylus DX4400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.exe" [2007-03-01 08:01 180736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-04-11 15:21 794624]
"NWEReboot"="" []
"Dialer Control"="C:\PROGRA~1\DIALER~1\dc.exe" [2003-06-25 15:45 858624]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
"ClamWin"="C:\Programmi\ClamWin\bin\ClamTray.exe" [2008-04-19 16:35 77824]
"VIRIT LITE MONITOR"="C:\VEXPLITE\MONLITE.EXE" [2008-05-02 22:47 245760]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:00 15360]
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Alice ti aiuta.lnk - C:\Programmi\Alice ti aiuta\bin\matcli.exe [2005-12-22 22:48:14 212992]
Avvio veloce di Adobe Reader.lnk - C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 05:44:06 29696]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-11-10 00:20:42 67128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programmi\\Messenger\\msmsgs.exe"=
"C:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"C:\\Programmi\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\twain_32\\escndv\\escndv.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Programmi\\Internet Explorer\\iexplore.exe"=
"C:\\Programmi\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"C:\\Documents and Settings\\All Users\\Dati applicazioni\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 7.0.1.325\\Italian\\setup.exe"=
R0 VIRAGTLT;VIRAGTLT;C:\WINDOWS\system32\drivers\VIRAGTLT.SYS [2008-03-17 19:23]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 ithsgt;ithsgt;C:\WINDOWS\system32\DRIVERS\ithsgt.sys [2007-12-23 23:31]
R2 lilsgt;lilsgt;C:\WINDOWS\system32\DRIVERS\lilsgt.sys [2007-12-23 23:31]
R2 viritsvclite;Virit eXplorer Lite;C:\VEXPLITE\viritsvc.exe [2008-05-02 22:47]
R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2005-03-22 16:39]
R3 Tetris;Tetris driver;C:\WINDOWS\system32\Drivers\Tetris.sys [2007-12-24 02:48]
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-05-04 02:09:25
Windows 5.1.2600 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 18
**************************************************************************
.
Ora fine scansione: 2008-05-04 2:10:35
ComboFix-quarantined-files.txt 2008-05-04 00:10:20
13 Directory 26,998,034,432 byte disponibili
17 Directory 27,032,276,992 byte disponibili
139 --- E O F --- 2008-04-18 19:29:01
IL LOG DI HIJACK :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2.17.21, on 04/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\VEXPLITE\viritsvc.exe
C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\DIALER~1\dc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmi\HPQ\SHARED\HPQWMI.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.virgilio.it/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {D83A7B12-A4D4-4984-8F72-D41C6B4C1E6E} - (no file)
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Dialer Control] C:\PROGRA~1\DIALER~1\dc.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SA2.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Crea preferiti portatile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=IT_IT&c=Q305&bd=presario&pf=laptop
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase370.cabO16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) -
http://cid-78f90b5ea9e53ff0.spaces.live.com/PhotoUpload/MsnPUpld.cabO16 - DPF: {EF1E01E2-8C9A-4C3D-BDE2-792071A3D680} (Uniscan.UniscanCtl) -
https://www.newnpu.bancaperlacasa.it/npu/ocx/UniscanPrj.CABO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmi\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas
www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Programmi\RealVNC\VNC4\WinVNC4.exe (file missing)
--
End of file - 7865 bytes