Logfile of HijackThis v1.99.1
Scan saved at 23.36.52, on 16/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\windows\system32\svchost.exe
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Internet Security\pmsnrr.exe
C:\Programmi\Internet Security\pmmnt.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\bak\SynTPLpr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\Rundll32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\TRUST\Bluetooth Software\bin\btwdins.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\SOVERC~1\IMPOST~1\Temp\xkhqba.exe
C:\Programmi\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\WINDOWS\system32\sistray.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\TRUST\Bluetooth Software\BTTray.exe
C:\Programmi\Freecom Personal Media Suite\FCPMS.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\DOCUME~1\SOVERC~1\IMPOST~1\Temp\Directory temporanea 1 per hijackthis.zip\HijackThis.exe
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\TRUST\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\TRUST\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\TRUST\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1141034742250O17 - HKLM\System\CCS\Services\Tcpip\..\{71F92967-0A29-40BF-9595-1EF6E24DC4B6}: NameServer = 193.12.150.2 212.247.152.2
O21 - SSODL: didynamia - {8329660f-e248-4872-98cc-fb9c4fec7ba8} - C:\WINDOWS\system32\xkrdk.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmi\TRUST\Bluetooth Software\bin\btwdins.exe
O23 - Service: Comando remoto iSeries Access per Windows (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Programmi\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
non riesco ad eliminare PEST TRAP anche con spy bot sembra che lo tolga ma poi riappare,
in basso dx compare un icona che lampeggia con punto interrogativo e segnale di divieto,c'e' anche in icona triangolare gialla con degnale di pericolo che di tanto in tanto apre una finestra che dice che il sistema e' stato infettato ckliccandoci sopre mi manda all'acquisto di un sistema di sicuezza