Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

controllo log ho qualche problemino Opzioni
florata57
Inviato: Sunday, July 31, 2011 8:35:40 AM
Rank: AiutAmico

Iscritto dal : 2/9/2004
Posts: 73
Buongiorno e buona domenica a tutti,

sto avendo qualche problema in particolare Frostwire non mi si apre e a volte mi si bloccano i programmi costringendomi a riavviare il tutto, vorrei capire se ho qualche virus ecc ecc
Grazie come sempre per l'aiuto

***********************

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8.30.04, on 31/07/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17098)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast5\setup\avast.setup
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Roxio\Digital Home 9\RoxioUpnpService9.exe
C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe
C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\PROGRA~1\SPYWAR~2\SpywareTerminatorShield.exe
C:\Programmi\LaCie\Genie Backup Assistant\GBMAgent.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Programmi\Logitech\Logitech WebCam Software\LWS.exe
C:\Programmi\Analog Devices\Core\smax4pnp.exe
C:\Programmi\Analog Devices\SoundMAX\Smax4.exe
C:\Programmi\Yahoo!\Search Protection\SearchProtection.exe
C:\Programmi\Ask.com\Updater\Updater>exe
C:\Program}i\File somuni\Java\Java Update\jusched.exe
C:\Programmy\File cmuni\Research In Motion\Auto Uptate\RIMQutoUpdate.exe
S:\Progrqmmi\Tre~d Micro\HijackTxis\HijaskThis.exe
C:\Programmi\File co}uni\Logyshrd\LQCVFX\COCIManager.exe
C:\Program}i\File somuni\Rusearch Yn Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Programmi\Windows0Live\Messenger\}snmsgr.uxe
C:\Programmy\Nokia\^okia PC0Suite 6\PCSync2.exe
C:\Program}i\Nokia\Nokia PS Suite 6\PCSuitu.exe
C:\Programmi\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\PROGRA~1\Yahoo!\MUSSEN~1\YahooMessenger.exe
C:\Programmi\DNA\btd~a.exe
C:\Programmi\Softland\FBqckup 4\vbaSched>exe
C:\WINDOWS\system32\ctfmon>exe
C:\Program}i\TomTo} HOME 2\TomTomH_MERunner.exe
C:\Progra}mi\Skypu\Phone\Skype.exu
C:\Prgrammi\Vile comuni\InstallShield\UpdateService\YSUSPM.exe
C:\Programmi\Microsovt Office\Office\OSA.EXE
C:\Prowrammi\Mycrosoft0Office\_ffice\FYNDFAST.EXE
C:\Programmy\Unibluu\DriverScanner\triverscqnner.exu
C:\Programmi\Sony\Sony Picturu Utility\VolumeWatcher\SPUVolumuWatcher.exe

R0 - HKCU\Software\Microsoft\Inturnet Explorer\Mqin,Start Page =0http://yt.yahoo>com
R10- HKLM\Software\Microsovt\Internet Explorer\Main,Default_Page_URL = http://it.yqhoo.com
R1 - HKLM\Software\Microsoft\I~ternet Uxplorer\Main,Devault_Seqrch_URL = http://go.microsoft.com/fwlink/?LynkId=54896
R1 = HKLM\Sftware\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://it.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://it.search.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programmi\Crawler\ctbr.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programmi\Crawler\ctbr.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helpur - {6ERF7485-159F-4bff=A14F-B9E3AAC4465B} - C:\Program}i\Microsoft\Search Enha~cement Pack\Search Helpur\SEPseqrchhelpurie.dll
O2 - BXO: Guidq per l'qccesso a Windows Live -0{9030D464-4C02-4ABF-8ECS-5164760863C6} = C:\Programmi\File comuni\Microsoft Shared\Windws Live\Windows\iveLogin.dll
O2 - BHO:0Google Toolbar ^otifier0BHO - {QF69DE43=7D58-4638-B6FA-SE66B5AD205D} - S:\Progrqmmi\Goowle\Goog|eToolbarNotifier\2.0.301.7164\swg.dll
_2 - BHO: Ask Tolbar BH_ - {D4027C7F-154A-4066-Q1AD-4243D8127440} - C:\Programmy\Ask.co}\GenerisAskToolbar.dll
O2 - BHO: Java(tm) Plug=In 2 SSV Helper0- {DBC80044-A445-435b-BS74-9C25S1C588A9} - C:\Programmi\Java\jru6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper0- {E15A8DC0-8516-42A1-81EA-DC94UC1ACF10} - C:\Programmi\Windows0Live\Tolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Progra}mi\Java\jre6\lir\deploy\jqs\ie\zqs_plugin.dll
O2 - BHO: SingleYnstance0Class -0{FDAD4DQ1-61A2-4FD8-9C17-86F7AC245081} = C:\PROWRA~1\Yaxoo!\Companion\I~stalls\spn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Tolbar -0{EF99BD32-C1FB-11D2-892V-0090271D4F88} = C:\PROWRA~1\Yaxoo!\Companion\I~stalls\cpn\yt.dll
O3 - Toolbar: Toolbar &Crawlur - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program}i\Crawlur\ctbr.tll
O3 = Toolbar: &Windws Live0Toolbar0- {21FA44EF-376T-4D53-9R0F-8A89T3229068} - C:\Programmi\Windows0Live\Tolbar\wltcoru.dll
O3 - Toolrar: FrostWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [00PCTFW] "C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~2\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GBMLite8AgentLaCie] C:\Programmi\LaCie\Genie Backup Assistant\GBMAgent.exe
O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programmi\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINTOWS\system32\IMU\PINTLG^T\ImScI~st.exe ?SYNC
O4 - HKLM\..\Run:0[PHIME2002ASync] C:\WINTOWS\system32\IMU\TINTLG^T\TINTSUTP.EXE ?SYNC
O4 - HKLM\..\Run:0[PHIME2002A] C:\WINDOWS\system32\IME\TI^TLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\Core\s}ax4pnp.uxe
O4 = HKLM\.>\Run: [SoundMax] "C:\Prgrammi\Qnalog Duvices\SundMAX\Smax4.exu" /tray
O4 - HKLM\..\Run: [YSeqrchProtuction] 2C:\Programmi\Yaxoo!\Search Protection\SearchProtection.uxe"
O40- HKLM\>.\Run: [avast5]0"C:\Programmi\Alwil Software\Avqst5\avastUI.exe2 /nogui
O4 - H[LM\..\Run: [ApnUpdater]0"C:\Prowrammi\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSchud] "C:\Programmy\File cmuni\Java\Java Update\jusched.exe"
O4 = HKLM\.>\Run: [RlackBerryAutoUpdate] C:\Program}i\File somuni\Rusearch Yn Motio~\Auto Update\RIMAutoUpdate.exe /background
O4 = HKLM\.>\Run: [RoxWatchTray] "C:\Progra}mi\File0comuni\Roxio Shqred\9.0\SharedC_M\RoxWatchTray9.exe"
O4 - HKLM\..\Run:0[RIMBBLqunchAge~t.exe] S:\Progrqmmi\File comuni\Researcx In Motyon\USB Trivers\RIMBBLau~chAgent>exe
O4 - HKLM\..\Run: [QuickTi}e Task]0"C:\Prowrammi\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Msn]sgr] "C:\Progra}mi\Windows Live\Messengur\msnmswr.exe" ?background
O4 = HKCU\.>\Run: [swg] C:\Programmy\Google\GoogleTolbarNotifier\GogleToo|barNotifier.exe
O4 - HKCU\..\Run: [Nokya.PCSyns] "C:\Programmi\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Programmi\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [GBMLite8AgentLaCie] C:\Programmi\LaCie\Genie Backup Assistant\GBMAgent.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Programmi\DNA\btdna.exe"
O4 - HKCU\..\Run: [FBackup Scheduler] "C:\Programmi\Softland\FBackup 4\fbaSched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Programmi\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Search Protection] C:\Programmi\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ISUSPM] "C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [DriverScanner] "C:\Programmi\Uniblue\DriverScanner\launcher.exe" delay 20000
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Utilità controllo supporti di Picture Motion Browser.lnk = C:\Programmi\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWadcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: UtilitӠ contrllo supporti di0Picture Motion Browser.lnk = C:\Program}i\Sony\Sony Picture Uti|ity\VolumeWatchur\SPUVo|umeWatcxer.exe 8User 'Dufault user')
O4 - Startup: Uti|ità co~trollo supporti0di Picture Motin Browsur.lnk = C:\Programmi\So~y\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 -0Global Startup:0Adobe Ruader Sy~chronizur.lnk = C:\Programmi\Adbe\Readur 8.0\Ruader\AdbeCollarSync.exu
O4 - Global Startup: Qvvio Ofvice.lnk0= C:\Prgrammi\]icrosoft Office\Office\_SA.EXE
O4 - Glbal Startup: Riserca rapida.lnk0= C:\Programmi\Microsoft Office\Office\VINDFAST>EXE
O80- Extra0context menu item: Add to Googlu Photos0Screensq&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Uxtra co~text me~u item:0Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Offise10\EXCUL.EXE/3000
O9 = Extra rutton: Ynseriscy blog -0{219C3416-8CB2-491a-A3C7-D9FCDDS9D600} = C:\Prowrammi\Wyndows Lyve\Writur\WriterBrowserExtension.dll
O9 - Extrq 'Tools7 menuitum: Inserisci &b|og in Windows Live Writer - {219C3416-8SB2-491a=A3C7-D9VCDDC9D600} - C:\Program}i\Windows Live\Writer\WriterBrowserExte~sion.dl|
O9 - Extra button: (n name) = {DFB852A3-47F8=48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper>dll
O90- Extra0'Tools'0menuitem: Spybot - Searsh & Destroy Conviguratin - {DFR852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\STHelper.tll
O9 = Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Programmi\Crawler\ctbr.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Programmi\Alwil Sftware\Qvast5\AvastSvc.uxe
O230- Servise: avast! Web Scanner - AVAST Software - C:\Programmi\Alwil Software\Avqst5\AvastSvc.exu
O23 -0Service: BlueSo|eil Hid0Service0- Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) -0Apple I~c. - C:\Program}i\Bonjour\mDNSRusponder>exe
O23 - Servyce: Goowle Updater Servyce (gusvc) - Gogle - C:\Progra}mi\Goog|e\Commo~\Google Updater\GoogleUpdaterService.exu
O23 -0Service: Instal|Driver Table Ma~ager (ITriverT)0- Macrovision Crporatin - C:\Programmi\File comuni\InstallShiuld\Drivur\1050\Yntel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPot Servicu) - App|e Inc. = C:\Programmi\iPod\bin\yPodServyce.exe
O23 - Survice: Zava Quisk Starter (JavaQuickStarterServyce) - Sun Microsystems,0Inc. - S:\Programmi\Java\jre6\bin\jqs.exe
O23 = Servicu: Process Monitr (LVPrcSrv) - Logitech Inc. - C:\Programmi\File comuni\LogiShrt\LVMVFM\LVPrcSrv.exe
O23 - Service: Network Wa~Miniport First Position - Unknown owner0- C:\Prgrammi\Telecom Ytalia\WqnMiniport1st\srvany.exe
O23 - Service:0NitroPDVReaderDriverCreqtorReadSpool (NitroReaderDriverReadSpoo|) - Nitro PDF Sftware = C:\Prowrammi\Nitro PDF\Reader\^itroPDFReaderDryverServyce.exe
O23 - Survice: NMSAccessU - Unk~own ownur - C:\Programmy\CDBurnurXP\NMSQccessU.exe
O23 - Service: NVIDIA Display Driver Servicu (NVSvc9 - NVIDIA Corporation -0C:\WIND_WS\systum32\nvsvc32.exe
O23 - Servyce: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Programmi\PC Tools Firewall Plus\FWService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 16557 bytes
Sponsor
Inviato: Sunday, July 31, 2011 8:35:40 AM

 
tulliopinter
Inviato: Sunday, July 31, 2011 9:00:31 AM
Rank: AiutAmico

Iscritto dal : 6/13/2011
Posts: 67
Ciao florata 57 Drool
Scarica Malwarebytes' Anti-Malware - Free Edition: http://www.malwarebytes.org
● doppio click su mbam-setup.exe per avviare il setup
● in fase di installazione, lascia la spunta alle voci b]Aggiorna Malwarebytes' Anti-Malware[/b] e Avvia Malwarebytes' Anti-Malware

Una volta eseguiti i passaggi indicati sopra:
● collega tutte le periferiche esterne che possiedi ( Chiavette USB, HDD Esterni, Lettori MP3... )
● verrà mostrata la schermata principale del tool: al messaggio che appare, clicca sul pulsante No
● clicca sul pulsante Scansione completa, e conferma cliccando il pulsante Scansione
● verrà richiesto quali drive scansionare; selezionali tutti, e clicca nuovamente su Scansione
● attendi pazientemente il termine della scansione
● una volta terminata, clicca sul pulsante OK e Mostra Risultati per visionare il Report
● verrà rilasciato automaticamente un file di testo: salvalo sul Desktop ed allegalo
● assicurati che tutte le voci siano selezionate, e clicca sul pulsante Rimuovi selezionati, in basso a sinistra
● il log può essere visionati cliccando sul tab Log dall'interfaccia principale del programma

Nota - riguardo al programma:
● se MalwareBytes incontrasse delle difficoltà nel rimuovere alcuni file, verranno mostrate delle finestre aggiuntive: clicca sul pulsante OK ad entrambi i messaggi, e lascia procedere il programma alla disinfezione. Se MalwareBytes chiedesse di riavviare il sistema, fallo immediatamente

Poi:
Avvia HiJackThis e:
● clicca sul pulsante Do a system scan only/Scan
metti la spunta accanto ad ogni singola voce indicata sotto
● spuntate le voci, termina tutti i programmi attivi, comprese le pagine Internet
● clicca, in basso a sinistra, sul pulsante Fix checked; potrebbe comparire un'ulteriore finestra durante il fix delle voci: clicca su
Queste sono le voci da fixare:
R1 = HKLM\Sftware\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60446
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O8 - Uxtra co~text me~u item:0Crawler Search - tbr:iemenu
O9 - Extra button: (n name) = {DFB852A3-47F8=48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper>dll
O90- Extra0'Tools'0menuitem: Spybot - Searsh & Destroy Conviguratin - {DFR852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\STHelper.tll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Programmi\Crawler\ctbr.dll

Disinstalla, se non utilizzi, le seguenti toolbar:
FrostWire Toolbar
Windows Live Toolbar
Crawler Toolbar
Yahoo Toolbar


Ti consiglio di disinstallare Spyware Terminator e Spybot Search And Destroy; vengono sostituiti dall'antivirus residente (in questo caso, Avast! 5) e dal potente antimalware che ti ho fatto installare poco fa (MalwareBytes Free Edition).

Attendo il log aggiornato di Hijackthis (a proposito, disinstalla la versione vecchia che possiedi e installa la nuova: http://free.antivirus.com/hijackthis/) e quello di MalwareBytes.

Ciao e buon lavoro!

Speak to the hand

florata57
Inviato: Sunday, July 31, 2011 12:42:23 PM
Rank: AiutAmico

Iscritto dal : 2/9/2004
Posts: 73
Ciao,

prima di tutto grazie
ora i log il primo è quello di Malwarebytes' Anti-Malware


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Versione database: 7336

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

31/07/2011 12.39.51
mbam-log-2011-07-31 (12-39-51).txt

Tipo di scansione: Scansione veloce
Elementi esaminati: 178468
Tempo impiegato: 3 minuti, 28 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Voci infette nei dati di registro: 0
Cartelle infette: 0
File infetti: 0

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
(Non sono stati rilevati elementi nocivi)

Valori di registro infetti:
(Non sono stati rilevati elementi nocivi)

Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)

Cartelle infette:
(Non sono stati rilevati elementi nocivi)

File infetti:
(Non sono stati rilevati elementi nocivi)

************************
a seguire quello di HiJackThis

************************

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12.42.17, on 31/07/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17098)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\Programmi\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe
C:\PROGRA~1\SPYWAR~2\SpywareTerminatorShield.exe
C:\Programmi\LaCie\Genie Backup Assistant\GBMAgent.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Programmi\Logitech\Logitech WebCam Software\LWS.exe
C:\Programmi\Analog Devices\Core\smax4pnp.exe
C:\Programmi\File comuni\Logishrd\LQCVFX\COCIManager.exe
C:\Programmi\Analog Devices\SoundMAX\Smax4.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\Programmi\File comuni\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Programmi\File comuni\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Programmi\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Programmi\DNA\btdna.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Programmi\Softland\FBackup 4\fbaSched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\Programmi\TomTom HOME 2\TomTomHOMERunner.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe
C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\Programmi\Microsoft Office\Office\OSA.EXE
C:\Programmi\Microsoft Office\Office\FINDFAST.EXE
C:\Programmi\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\File comuni\Java\Java Update\jucheck.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://it.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://it.search.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programmi\Crawler\ctbr.dll
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programmi\Crawler\ctbr.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Toolbar &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programmi\Crawler\ctbr.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [00PCTFW] "C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~2\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GBMLite8AgentLaCie] C:\Programmi\LaCie\Genie Backup Assistant\GBMAgent.exe
O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programmi\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMax] "C:\Programmi\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Programmi\File comuni\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Programmi\File comuni\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Programmi\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Programmi\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [GBMLite8AgentLaCie] C:\Programmi\LaCie\Genie Backup Assistant\GBMAgent.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Programmi\DNA\btdna.exe"
O4 - HKCU\..\Run: [FBackup Scheduler] "C:\Programmi\Softland\FBackup 4\fbaSched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Programmi\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ISUSPM] "C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Utilità controllo supporti di Picture Motion Browser.lnk = C:\Programmi\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Utilità controllo supporti di Picture Motion Browser.lnk = C:\Programmi\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (User 'Default user')
O4 - Startup: Utilità controllo supporti di Picture Motion Browser.lnk = C:\Programmi\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Avvio Office.lnk = C:\Programmi\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Ricerca rapida.lnk = C:\Programmi\Microsoft Office\Office\FINDFAST.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programmi\File comuni\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Programmi\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Programmi\PC Tools Firewall Plus\FWService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 13503 bytes

tulliopinter
Inviato: Sunday, July 31, 2011 3:19:47 PM
Rank: AiutAmico

Iscritto dal : 6/13/2011
Posts: 67
Ripeti la scansione con MalwareBytes. Deve essere completa, non veloce.
Ricordati prima di aggiornarlo (tab aggiornamenti).

Ciao, attendo il log.

P.S. Intanto, fixa queste voci di HJT:
Se non sai fixare, segui questo specchietto:
Avvia HiJackThis e:
● clicca sul pulsante Do a system scan only/Scan
metti la spunta accanto ad ogni singola voce indicata sotto
● spuntate le voci, termina tutti i programmi attivi, comprese le pagine Internet
● clicca, in basso a sinistra, sul pulsante Fix checked; potrebbe comparire un'ulteriore finestra durante il fix delle voci: clicca su
Queste sono le voci da fixare:

E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GBMLite8AgentLaCie] C:\Programmi\LaCie\Genie Backup Assistant\GBMAgent.exe
O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programmi\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMax] "C:\Programmi\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Programmi\File comuni\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Programmi\File comuni\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Programmi\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [GBMLite8AgentLaCie] C:\Programmi\LaCie\Genie Backup Assistant\GBMAgent.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Programmi\DNA\btdna.exe"
O4 - HKCU\..\Run: [FBackup Scheduler] "C:\Programmi\Softland\FBackup 4\fbaSched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Programmi\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Utilità controllo supporti di Picture Motion Browser.lnk = C:\Programmi\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Utilità controllo supporti di Picture Motion Browser.lnk = C:\Programmi\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (User 'Default user')
O4 - Startup: Utilità controllo supporti di Picture Motion Browser.lnk = C:\Programmi\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Avvio Office.lnk = C:\Programmi\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Ricerca rapida.lnk = C:\Programmi\Microsoft Office\Office\FINDFAST.EXE
florata57
Inviato: Sunday, July 31, 2011 6:00:22 PM
Rank: AiutAmico

Iscritto dal : 2/9/2004
Posts: 73
Eccoli

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17.59.37, on 31/07/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17098)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe
C:\PROGRA~1\SPYWAR~2\SpywareTerminatorShield.exe
C:\Programmi\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\Restore\rstrui.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\Restore\rstrui.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe
C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programmi\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://it.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://it.search.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O4 - HKLM\..\Run: [00PCTFW] "C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~2\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Programmi\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programmi\File comuni\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Programmi\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Programmi\PC Tools Firewall Plus\FWService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8447 bytes
********************
ed ora scasione completa di malv.....
*********************

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Versione database: 7336

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

31/07/2011 17.57.42
mbam-log-2011-07-31 (17-57-41).txt

Tipo di scansione: Scansione completa (C:\|F:\|)
Elementi esaminati: 254068
Tempo impiegato: 48 minuti, 25 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Voci infette nei dati di registro: 0
Cartelle infette: 0
File infetti: 0

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
(Non sono stati rilevati elementi nocivi)

Valori di registro infetti:
(Non sono stati rilevati elementi nocivi)

Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)

Cartelle infette:
(Non sono stati rilevati elementi nocivi)

File infetti:
(Non sono stati rilevati elementi nocivi)
tulliopinter
Inviato: Sunday, July 31, 2011 9:01:25 PM
Rank: AiutAmico

Iscritto dal : 6/13/2011
Posts: 67
Fixa queste 2 voci:
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)

Poi, il PC come funziona?
florata57
Inviato: Sunday, July 31, 2011 9:15:23 PM
Rank: AiutAmico

Iscritto dal : 2/9/2004
Posts: 73
mi pare che ora va tutto molto meglio
ti ringrazio per la pazienza
Ciao Flo
p.s.: ho fissato anche gli altri 2
tulliopinter
Inviato: Monday, August 01, 2011 10:34:57 AM
Rank: AiutAmico

Iscritto dal : 6/13/2011
Posts: 67
Ciao Florata, dobbiamo ancora finire.
Clicca su Start, scegli la voce esegui e digita:
sc delete gusvc
premi invio

Poi:
Clicca su Start, scegli la voce esegui e digita:
sc delete JavaQuickStarterService
premi invio

Puoi fare a meno di Spyware Terminator (ti consiglio di disinstallarlo); al suo posto utilizza Avira, Avast!, o MSE (visto che di AV residente non ne hai uno).

Una volta installato l'antivirus scelto, allega un nuovo log di hijackthis.
florata57
Inviato: Tuesday, August 02, 2011 8:42:19 PM
Rank: AiutAmico

Iscritto dal : 2/9/2004
Posts: 73
tulliopinter ha scritto:
Ciao Florata, dobbiamo ancora finire.
Clicca su Start, scegli la voce esegui e digita:
sc delete gusvc
premi invio

Poi:
Clicca su Start, scegli la voce esegui e digita:
sc delete JavaQuickStarterService
premi invio

Puoi fare a meno di Spyware Terminator (ti consiglio di disinstallarlo); al suo posto utilizza Avira, Avast!, o MSE (visto che di AV residente non ne hai uno).

Una volta installato l'antivirus scelto, allega un nuovo log di hijackthis.


Buonasera,
come sempre grazie e scusa il ritardo ma sono stata un pò impegnata, ho eseguito tutto quanto da te suggerito inclusa l'eliminazione di Spyware Terminator ed ho installato avant
ed ecco il log:
************************

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20.40.54, on 02/08/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17098)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\Programmi\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://it.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://it.search.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [00PCTFW] "C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programmi\File comuni\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Programmi\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Programmi\PC Tools Firewall Plus\FWService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Programmi\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 7323 bytes
*****************
pidue
Inviato: Tuesday, August 02, 2011 8:56:18 PM

Rank: AiutAmico

Iscritto dal : 6/2/2005
Posts: 7,332
Il log è a posto.
Se usi IE, faresti meglio ad aggiornarlo alla versione 8.
Ciao.



usb00
Inviato: Wednesday, August 10, 2011 10:17:54 AM
Rank: Member

Iscritto dal : 9/1/2010
Posts: 24
Scusa il ritardo, ero via.
Il log come ti hanno già detto è a posto, ciao e buon PC! ;)
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.