Grazie per la risposta..Ho fatto come mi hai detto tu
questo è il log di
ComboFixComboFix 08-12-01.01 - Pier 2008-12-02 14.48.43.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.1439 [GMT 1:00]
Eseguito da: c:\documents and settings\Pier\Documenti\ComboFix.exe
* Creato nuovo punto di ripristino
ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Pier\Impostazioni locali\Dati applicazioni\fmudld.dat
c:\documents and settings\Pier\Impostazioni locali\Dati applicazioni\fmudld.exe
c:\documents and settings\Pier\Impostazioni locali\Dati applicazioni\fmudld_nav.dat
c:\documents and settings\Pier\Impostazioni locali\Dati applicazioni\fmudld_navps.dat
c:\windows\Downloaded Program Files\setup.inf
I:\Autorun.inf
.
((((((((((((((((((((((((( Files Creati Da 2008-11-02 al 2008-12-02 )))))))))))))))))))))))))))))))))))
.
2008-12-01 14:48 . 2008-12-01 14:48 <DIR> d-------- c:\programmi\Trend Micro
2008-11-30 17:16 . 2008-11-30 17:16 <DIR> d-------- c:\programmi\Spybot - Search & Destroy
2008-11-30 17:16 . 2008-11-30 17:21 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-11-22 14:08 . 2008-11-22 14:08 <DIR> d-------- c:\windows\nview
2008-11-22 14:08 . 2008-12-02 14:53 203,279 --a------ c:\windows\system32\nvapps.xml
2008-11-22 14:08 . 2008-11-12 14:54 18,537 --a------ c:\windows\system32\nvdisp.nvu
2008-11-22 12:09 . 2008-11-22 12:09 <DIR> d-------- c:\documents and settings\Pier\Dati applicazioni\Leadertech
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-01 17:29 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Google Updater
2008-11-30 16:15 --------- d-----w c:\programmi\AdunanzA
2008-11-23 12:31 138,184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2008-11-22 13:09 --------- d-----w c:\programmi\File comuni\Wise Installation Wizard
2008-11-22 13:09 --------- d-----w c:\programmi\AGEIA Technologies
2008-11-22 11:01 --------- d-----w c:\programmi\EA GAMES
2008-11-19 18:27 22,328 ----a-w c:\documents and settings\Pier\Dati applicazioni\PnkBstrK.sys
2008-11-19 18:23 --------- d--h--w c:\programmi\InstallShield Installation Information
2008-11-19 18:23 --------- d-----w c:\programmi\Ubisoft
2008-11-15 13:57 --------- d-----w c:\programmi\Electronic Arts
2008-11-12 13:54 6,188,320 ----a-w c:\windows\system32\drivers\nv4_mini.sys
2008-10-28 16:06 --------- d-----w c:\programmi\DVD Decrypter
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-19 09:12 --------- d-----w c:\programmi\KONAMI
2008-10-18 11:03 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\KONAMI
2008-10-06 06:23 --------- d-----w c:\programmi\GameSpy
2008-10-04 12:23 --------- d-----w c:\programmi\Full Tilt Poker
2008-10-02 11:42 --------- d-----w c:\programmi\Picasa2
2008-02-09 10:47 20,496 ----a-w c:\documents and settings\Pier\Dati applicazioni\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
"MsnMsgr"="c:\programmi\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-21 68856]
"PC Suite Tray"="c:\programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352]
"Nokia.PCSync"="c:\programmi\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"RemoteControl"="c:\programmi\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"EPSON Stylus Photo RX420 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE" [2004-04-09 98304]
"EPSON Stylus Photo RX420 Series (Copia 1)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE" [2004-04-09 98304]
"DAEMON Tools"="c:\programmi\DAEMON Tools\daemon.exe" [2005-11-08 128920]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\programmi\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"type32"="c:\programmi\Microsoft IntelliType Pro\type32.exe" [2003-05-16 114688]
"IntelliPoint"="c:\programmi\Microsoft IntelliPoint\point32.exe" [2003-05-16 163840]
"Adobe Photo Downloader"="c:\programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-07 57344]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-12 13672448]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-12 86016]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 c:\windows\system32\bthprops.cpl]
"nwiz"="nwiz.exe" [2008-11-12 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\AdunanzA\\eMule_AdnzA.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Electronic Arts\\Medal of Honor Airborne\\UnrealEngine3\\Binaries\\MOHA.exe"=
"c:\\Programmi\\EA GAMES\\Battlefield 2\\bf2_w32ded.exe"=
"c:\\Programmi\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Programmi\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"c:\\Programmi\\HLSW\\hlsw.exe"=
"c:\\Programmi\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"=
"c:\\Programmi\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"=
"c:\\Programmi\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Programmi\\GameSpy\\Comrade\\Comrade.exe"=
"c:\\Programmi\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\Programmi\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"c:\\Programmi\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"c:\\Programmi\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-08-21 78416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-08-21 20560]
S3 GPU-Z;GPU-Z;\??\c:\docume~1\Pier\IMPOST~1\Temp\GPU-Z.sys []
.
Contenuto della cartella 'Scheduled Tasks'
2008-12-02 c:\windows\Tasks\Verifica aggiornamenti per Windows Live Toolbar.job
- c:\programmi\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
- - - - ORFÃOS REMOVIDOS - - - -
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\programmi\File comuni\Nero\Lib\NMBgMonitor.exe
HKCU-Run-fmudld - c:\documents and settings\pier\impostazioni locali\dati applicazioni\fmudld.exe
HKLM-Run-NBKeyScan - c:\programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
HKLM-Run-NWEReboot - (no file)
Notify-WgaLogon - (no file)
.
------- Supplementare di scansione -------
.
FireFox -: Profile - c:\documents and settings\Pier\Dati applicazioni\Mozilla\Firefox\Profiles\pec1vzqy.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.it
FF -: plugin - c:\programmi\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\programmi\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF -: plugin - c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF -: plugin - c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF -: plugin - c:\programmi\Picasa2\npPicasa2.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-12-02 14:52:57
Windows 5.1.2600 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Alwil Software\Avast4\aswUpdSv.exe
c:\programmi\Alwil Software\Avast4\ashServ.exe
c:\programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\programmi\IVT Corporation\BlueSoleil\BTNtService.exe
c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\programmi\Alwil Software\Avast4\ashMaiSv.exe
c:\programmi\Alwil Software\Avast4\ashWebSv.exe
c:\programmi\PC Connectivity Solution\ServiceLayer.exe
c:\programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
.
**************************************************************************
.
Ora fine scansione: 2008-12-02 14:55:25 - macchina è stato riavviato [Pier]
ComboFix-quarantined-files.txt 2008-12-02 13:55:23
Pre-Run: 79.236.636.672 byte disponibili
Post-Run: 79,160,008,704 byte disponibili
163 --- E O F --- 2008-11-12 14:13:27
E questo è il log aggiornato di
HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14.57.46, on 02/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Programmi\DAEMON Tools\daemon.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Microsoft IntelliType Pro\type32.exe
C:\Programmi\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Programmi\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.it/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copia 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copia 1)" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [type32] "C:\Programmi\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programmi\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxO8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 9134 bytes
Ora verificherò che non si presentino più quelle fastidiose finestre!
Più tardi riferirò. Grazie mille.