Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Pubblicità non voluta

Pubblicità non voluta Opzioni
Topic Precedente · Topic Sucessivo
zip
Inviato: Monday, September 29, 2008 1:43:20 PM
Rank: AiutAmico

Iscritto dal : 11/30/2000
Posts: 61
Ho problemi con la pubblicità, quando apro un sito, se ne apre un'altro automaticamente con la pubblicità; pertanto vorrei sapere come fare ad eliminare questo inconveniente.
Per navigare in Internet uso Firefox 3.0.2
Di seguito posto il log di HijackThis.

Grazie


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13.33.46, on 29/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\Programmi\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmi\Spamihilator\spamihilator.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\documents and settings\mora\impostazioni locali\dati applicazioni\shfzxm.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmi\U.S. Robotics\ControlCenter\Reminder.exe
C:\Programmi\Logitech\SetPoint\SetPoint.exe
C:\Programmi\File comuni\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\FILECO~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programmi\File comuni\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FILECO~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programmi\File comuni\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Programmi\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programmi\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Spamihilator] "C:\Programmi\Spamihilator\spamihilator.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Programmi\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [shfzxm] "c:\documents and settings\mora\impostazioni locali\dati applicazioni\shfzxm.exe" shfzxm
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Instant Update Reminder.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203603426140
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab
O18 - Protocol: bw+0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.7.805.16405 (GoogleDesktopManager-051608-133132) - Google - C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmi\File comuni\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FILECO~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Unknown owner - (no file)
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe

--
End of file - 20988 bytes
Torna in alto
 
Sponsor
Inviato: Monday, September 29, 2008 1:43:20 PM

 
Torna in alto
 
pidue
Inviato: Monday, September 29, 2008 2:11:59 PM

Rank: AiutAmico

Iscritto dal : 6/2/2005
Posts: 7,332
Ciao.
Fai bene attenzione a quello che devi fare:
Scarica Combofix e salvalo sul desktop. Ti servirà in secondo tempo.

Chiudi HijackThis in una cartella a lui dedicata (possibilmente non sul desktop), altrimenti perdi i backup;
Disattiva il Ripristino configurazione di Sistema come qui descritto;
avvia in modalità provvisoria come qui descritto;
rendi visibili le cartelle nascoste ------ > procedura:
da Risorse del computer:
Strumenti >> Opzioni cartella >> visualizzazione;
metti la spunta su:
Visualizza file e cartelle nascoste;
togli la spunta da:
Nascondi file protetti del sistema(consigliato)

Avvia hijackthis, con tutte le applicazioni chiuse, premi su Do a system scan only , spunta ed elimina (fix checked) la seguente riga:

O4 - HKCU\..\Run: [shfzxm] "c:\documents and settings\mora\impostazioni locali\dati applicazioni\shfzxm.exe" shfzxm
O23 - Service: Symantec RemoteAssist - Unknown owner - (no file)

Trova e cancella il file in rosso:
__________________________________________________________________
C:\documents and settings\mora\impostazioni locali\dati applicazioni\shfzxm.exe
__________________________________________________________________

Start >> Esegui. Scrivi (o copia e incolla) la stringa %temp%, clicca su Ok, svuota la cartella temp;
vai su Strumenti >> Opzioni Internet, elimina la cronologia, i files temporanei internet, i cookies;
svuota il cestino.

Riavvia il computer normalmente, disconnettiti da internet e disabilita i programmi di protezione (altrimenti ComboFix potrebbe non funzionare);

Lancia ComboFix e segui scrupolosamente le istruzioni a video.
Al termine, verrà creato un log in C:\ComboFix.txt.

Pubblica:
- il log di ComboFix
- un log aggiornato di HijackThis

riferisci se il problema è risolto.
Torna in alto
 
zip
Inviato: Monday, September 29, 2008 4:23:27 PM
Rank: AiutAmico

Iscritto dal : 11/30/2000
Posts: 61
Per il momento mi sembra che tutto funzioni regolarmente, ho aperto un po' di siti e non appare più la pubblicità.
Grazie e ciao

Questo è il log di ComboFix:

ComboFix 08-09-27.06 - Mora 2008-09-29 16.05.21.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.1499 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Mora\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino

ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Mora\Impostazioni locali\Dati applicazioni\shfzxm.dat
C:\Documents and Settings\Mora\Impostazioni locali\Dati applicazioni\shfzxm_nav.dat
C:\Documents and Settings\Mora\Impostazioni locali\Dati applicazioni\shfzxm_navps.dat

.
((((((((((((((((((((((((( Files Creati Da 2008-08-28 al 2008-09-29 )))))))))))))))))))))))))))))))))))
.

2008-09-28 19:32 . 2008-09-28 19:33 <DIR> d-------- C:\Programmi\Spybot - Search & Destroy
2008-09-28 19:32 . 2008-09-28 20:11 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-09-24 22:23 . 2008-09-24 22:23 <DIR> d-------- C:\Programmi\Apple Software Update
2008-09-24 22:23 . 2008-09-24 22:23 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Apple
2008-09-24 22:22 . 2008-09-24 22:22 <DIR> d-------- C:\Programmi\QuickTime
2008-09-24 22:22 . 2008-09-24 22:22 <DIR> d-------- C:\Programmi\File comuni\Apple
2008-09-24 22:22 . 2008-09-24 22:22 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer
2008-09-23 11:46 . 2008-09-23 11:46 <DIR> d-------- C:\Documents and Settings\Mora\Dati applicazioni\Ashampoo
2008-09-10 14:03 . 2008-09-10 14:11 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2008-09-10 14:03 . 2008-09-10 14:05 <DIR> d-------- C:\fe950e1fda47284a23af5f31518fae
2008-09-10 13:44 . 2008-09-10 14:09 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2008-09-10 13:44 . 2008-09-10 13:44 <DIR> d-------- C:\Programmi\Reference Assemblies
2008-09-10 13:44 . 2008-09-10 13:44 <DIR> d-------- C:\Programmi\MSBuild
2008-09-10 13:44 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2008-09-09 18:01 . 2008-09-09 18:01 <DIR> d-------- C:\WINDOWS\system32\it
2008-09-09 18:01 . 2008-09-09 18:01 <DIR> d-------- C:\WINDOWS\system32\bits
2008-09-09 18:01 . 2008-09-09 18:01 <DIR> d-------- C:\WINDOWS\l2schemas
2008-09-09 17:58 . 2008-09-09 18:01 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-09-09 17:52 . 2008-09-09 17:52 <DIR> d-------- C:\WINDOWS\EHome
2008-09-09 11:51 . 2004-08-19 15:23 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-09-07 17:51 . 2008-09-07 19:03 <DIR> d-------- C:\Programmi\PhotomatixPro3
2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-09-05 15:31 . 2008-09-05 15:33 <DIR> d-------- C:\Programmi\Spamihilator
2008-09-03 10:03 . 2008-09-03 10:03 223 --a------ C:\WINDOWS\HP PrecisionScan Pro.INI

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-29 12:21 --------- d-----w C:\Documents and Settings\Mora\Dati applicazioni\Spamihilator
2008-09-29 07:37 --------- d-----w C:\Programmi\File comuni\Symantec Shared
2008-09-28 16:07 2,516 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2008-09-25 10:03 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\pdf995
2008-09-25 08:44 --------- d-----w C:\Programmi\Ashampoo
2008-09-25 07:48 --------- d-----w C:\Programmi\eMule
2008-09-24 15:46 --------- d-----w C:\Documents and Settings\Mora\Dati applicazioni\FileZilla
2008-09-02 07:24 --------- d-----w C:\Programmi\VistaCodecPack
2008-08-28 10:26 665,088 ----a-w C:\WINDOWS\system32\spsplib1.dll
2008-08-19 16:59 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-08-19 16:59 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
2008-08-19 16:59 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-08-19 16:59 10,671 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-08-19 16:59 --------- d-----w C:\Programmi\Symantec
2008-08-19 16:54 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Symantec
2008-07-30 15:42 23,888 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys
2008-07-30 15:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf
2008-07-30 15:28 10,537 ----a-w C:\WINDOWS\system32\drivers\coh_mon.cat
2008-07-29 18:35 326,160 ----a-w C:\WINDOWS\system32\PresentationHost.exe
2008-07-29 17:59 781,344 ----a-w C:\WINDOWS\system32\PresentationNative_v0300.dll
2008-07-29 17:59 43,544 ----a-w C:\WINDOWS\system32\PresentationHostProxy.dll
2008-07-29 17:59 105,016 ----a-w C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2008-07-29 17:24 97,800 ----a-w C:\WINDOWS\system32\infocardapi.dll
2008-07-29 17:24 622,080 ----a-w C:\WINDOWS\system32\icardagt.exe
2008-07-29 17:24 11,264 ----a-w C:\WINDOWS\system32\icardres.dll
2008-07-25 09:16 96,760 ----a-w C:\WINDOWS\system32\dfshim.dll
2008-07-25 09:16 83,968 ----a-w C:\WINDOWS\system32\mscories.dll
2008-07-25 09:16 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll
2008-07-25 09:16 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-07 20:27 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-06 12:06 575,488 ----a-w C:\WINDOWS\system32\xpsshhdr.dll
2008-07-06 12:06 117,760 ----a-w C:\WINDOWS\system32\prntvpt.dll
2008-07-06 12:06 1,676,288 ----a-w C:\WINDOWS\system32\xpssvcs.dll
2008-03-24 15:22 88 --sh--r C:\WINDOWS\system32\26AACA8BA3.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Programmi\Messenger\msmsgs.exe" [2008-04-14 1695232]
"LDM"="C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-03-17 32768]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"Gadwin PrintScreen"="C:\Programmi\Gadwin Systems\PrintScreen\PrintScreen.exe" [2007-08-20 495616]
"SpybotSD TeaTimer"="C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 2156368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]
"Corel File Shell Monitor"="C:\Programmi\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2007-10-30 16200]
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ccApp"="C:\Programmi\File comuni\Symantec Shared\ccApp.exe" [2008-01-25 51048]
"osCheck"="C:\Programmi\Norton Internet Security\osCheck.exe" [2008-02-07 718704]
"Google Desktop Search"="C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" [2008-06-17 29744]
"Spamihilator"="C:\Programmi\Spamihilator\spamihilator.exe" [2008-08-28 1223680]
"QuickTime Task"="C:\Programmi\QuickTime\QTTask.exe" [2008-09-06 413696]
"RTHDCPL"="RTHDCPL.EXE" [2007-08-10 C:\WINDOWS\RTHDCPL.exe]
"VTTimer"="VTTimer.exe" [2006-09-21 C:\WINDOWS\system32\VTTimer.exe]
"S3Trayp"="S3trayp.exe" [2007-09-30 C:\WINDOWS\system32\S3Trayp.exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

C:\Documents and Settings\Mora\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma.lnk - C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Instant Update Reminder.lnk - C:\Programmi\U.S. Robotics\ControlCenter\Reminder.exe [2008-06-11 526848]
Logitech Desktop Messenger.lnk - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-03-17 450560]
Logitech SetPoint.lnk - C:\Programmi\Logitech\SetPoint\SetPoint.exe [2008-07-28 805392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 02:42 72208 c:\Programmi\File comuni\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programmi\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Programmi\\Spamihilator\\cdcc.exe"=
"C:\\Programmi\\Spamihilator\\dccproc.exe"=
"C:\\Programmi\\Spamihilator\\spamihilator.exe"=

R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 9216]
R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-10-18 17920]
R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-05-25 3712]
R2 LiveUpdate Notice;LiveUpdate Notice;C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe [2008-01-25 149864]
R3 S3GIGP;S3GIGP;C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2007-10-29 616960]
S2 Utilità di pianificazione di LiveUpdate automatico;Utilità di pianificazione di LiveUpdate automatico;C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2008-02-09 238968]
S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
S3 GoogleDesktopManager-051608-133132;Google Desktop Manager 5.7.805.16405;C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe [2008-06-17 29744]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dab7fdce-f112-11dc-8eb0-806d6172696f}]
\Shell\AutoRun\command - E:\CDSTART.EXE

*Newly Created Service* - COMHOST
*Newly Created Service* - PROCEXP90
.
Contenuto della cartella 'Scheduled Tasks'
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Mora\Dati applicazioni\Mozilla\Firefox\Profiles\zab0syon.Pier Luigi\
FF -: plugin - C:\Programmi\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF -: plugin - C:\Programmi\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF -: plugin - C:\Programmi\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF -: plugin - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-29 16:08:07
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2008-09-29 16:10:04
ComboFix-quarantined-files.txt 2008-09-29 14:09:07

Pre-Run: 132.759.351.296 byte disponibili
Post-Run: 132,782,604,288 byte disponibili

178 --- E O F --- 2008-09-10 11:36:52

E questo il log di HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16.11.06, on 29/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\Programmi\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmi\Spamihilator\spamihilator.exe
C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmi\U.S. Robotics\ControlCenter\Reminder.exe
C:\Programmi\Logitech\SetPoint\SetPoint.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmi\File comuni\Logishrd\KHAL2\KHALMNPR.EXE
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\imapi.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programmi\File comuni\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FILECO~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programmi\File comuni\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Programmi\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programmi\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Spamihilator] "C:\Programmi\Spamihilator\spamihilator.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Programmi\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Instant Update Reminder.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203603426140
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab
O18 - Protocol: bw+0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {8F078B5E-BB62-4D9F-B9A7-D6E0FD191F8B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.7.805.16405 (GoogleDesktopManager-051608-133132) - Google - C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmi\File comuni\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FILECO~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe

--
End of file - 20220 bytes
Torna in alto
 
pidue
Inviato: Monday, September 29, 2008 6:15:36 PM

Rank: AiutAmico

Iscritto dal : 6/2/2005
Posts: 7,332
Bene, il log è a post, anche ComboFix qualche porcheria l'ha tolta.
Ciao.
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Pubblicità non voluta


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.