Questo e' il secondo log Hijack "disastrato"
Grazie x il tuo prezioso aiuto.
Logfile of HijackThis v1.99.1
Scan saved at 11.05.41, on 13/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\HP\hpcoretech\hpcmpmgr.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
C:\Programmi\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\WINDOWS\system32\lateshow.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\Microsoft Office\Office\OUTLOOK.EXE
C:\Programmi\File comuni\System\MAPI\1040\nt\MAPISP32.EXE
C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\lateshow.exe
F:\Sicurezza\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.gooogle.it/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programmi\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MSMalwareKit] C:\WINDOWS\system32\MalwareRemover.exe
O4 - HKLM\..\Run: [fix] C:\WINDOWS\system32\trust.exe
O4 - HKLM\..\Run: [MSGlobal] C:\WINDOWS\system32\Idro.exe
O4 - HKLM\..\Run: [MicrosoftFirewall] C:\WINDOWS\system32\MSFirewall.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [InstantTray] C:\Programmi\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
O4 - HKCU\..\Run: [IW_Drop_Icon] C:\Programmi\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /DropDisc
O4 - HKCU\..\Run: [wke.exe] C:\WINDOWS\system32\wke.exe
O4 - HKCU\..\Run: [Microsoft Security] C:\WINDOWS\system32\msantivir.exe
O4 - HKCU\..\Run: [lateshow.exe] C:\WINDOWS\system32\lateshow.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O15 - Trusted Zone:
www.acquadirose.comO15 - Trusted Zone:
www.cywanstorage.bizO15 - Trusted Zone:
www.defaultbar.comO15 - Trusted Zone:
www.forteforte.comO15 - Trusted Zone:
www.gooogle.bzO15 - Trusted Zone:
www.nanobyte.bizO15 - Trusted Zone:
www.phishingfix.bizO15 - Trusted Zone:
www.playmore.bizO15 - Trusted Zone:
www.preferiti-windows.comO15 - Trusted Zone:
www.ricercadoppia.comO15 - Trusted Zone:
www.scalalap.comO15 - Trusted Zone:
www.semeterapia.comO15 - Trusted Zone:
www.super-videochat-community.bizO15 - Trusted Zone:
www.tuttaqualita.comO15 - Trusted Zone:
www.umts-gprs-mondo-telefonino-cellulare.bizO16 - DPF: {381E86E3-E7CE-46FC-BA2C-E83D3B6E4309} -
http://www.cywanstorage.biz/WWE/Catto.exeO16 - DPF: {3A4DCD02-A451-4799-9E1C-AC0D4F769A97} -
http://www.cywanstorage.biz/PHFX/MSPhish.exeO16 - DPF: {4360E841-FE3E-427F-98DC-7ABC8ACE6665} -
http://www.cywanstorage.biz/FFF6/FotoVacanze.exeO16 - DPF: {8838BDA8-9C2E-480C-8926-3104C642D7E4} -
http://www.gooogle.bz/cywtr.exeO16 - DPF: {96966B7C-CA72-4928-895B-1C2F0E5302A9} -
http://www.cywanstorage.biz/CXDF2/pialla.exeO16 - DPF: {9F5BB9E1-31AE-4A13-8734-15CED0F60A3D} (myActiveXCOM Class) -
http://www.gooogle.bz/lateshow.cabO16 - DPF: {EA5B2F8A-2094-47A1-ADC5-373E93EAF936} -
http://www.cywanstorage.biz/DRT65/IBWire.exeO16 - DPF: {EB5CDBC6-DBA4-48BC-B888-5E2CFF9DF3CD} -
http://www.playmore.biz/pop/MSF.exeO17 - HKLM\System\CCS\Services\Tcpip\..\{DD828BEB-9967-4587-B7D2-D19DC371DBF3}: NameServer = 193.70.152.15,193.70.152.25
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe