Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

MOZILLA FIREFOX Opzioni
Brikket
Inviato: Sunday, June 20, 2010 12:16:34 PM

Rank: AiutAmico

Iscritto dal : 4/3/2005
Posts: 187
nemmenon in modalità provvisoria si riesce (o riesco!?) a cancellare la riga 23 con ROXIO ecc. quando dopo aver effettuato lo scan con HiJ. spunto la riga 23 e clicco su fix checked, spariscono tutte le scritte, e per miniti e minuti rimase lo sfondo bianco e non compare più nulla. BOH!!!
r.
Brikket
Inviato: Sunday, June 20, 2010 12:18:03 PM

Rank: AiutAmico

Iscritto dal : 4/3/2005
Posts: 187
mi scuso per gli errori...
paolopa
Inviato: Sunday, June 20, 2010 12:19:49 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
bè,la cartella almeno se n è andata,per eliminare il servizio con hijack c è un opzione apposita,mi sembra sia "delete a nt service",ma per piacere aspetta r16,io ho sempre paura di fare cazzate.
o.t.:ciao wolfe,sempre felice di leggerti!
Brikket
Inviato: Sunday, June 20, 2010 12:33:29 PM

Rank: AiutAmico

Iscritto dal : 4/3/2005
Posts: 187
ok aspetto r16
grazie
r.
r16
Inviato: Sunday, June 20, 2010 3:03:37 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,017
Perbacco....
Mai visto un servizio così "ostico" da eliminare...Drool
Ma non si formatta, per uno stupido servizio del tubo.....Not talking
Fai cosi:
Scarica e installa Pserv sul desktop:
http://www.p-nand-q.com/download/pserv_cpl/pserv-2.7.exe
Lo lanci da "Tutti programmi" cliccando : "Services & Devices"
Nella schermata che apparirà, cerca e trova i servizi incriminati.
Clicca con il tasto destro sopra i servizi, (uno alla volta) e scegli : Delete.
Chiudi Pserv.
Riavvia il pc.

Attenzione:
I servizi da eliminare sono 2:
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
paolopa
Inviato: Sunday, June 20, 2010 3:17:59 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
@r16:ciao r16,speravo glielo facessi fare con hijack...mi interessava la procedura...
r16
Inviato: Sunday, June 20, 2010 3:39:10 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,017
paolopa ha scritto:
@r16:ciao r16,speravo glielo facessi fare con hijack...mi interessava la procedura...

C'è poco da fare Paolo.
Se non è riuscita in modalità provvisoria, bisogna usare le "cattive maniere".
Altro sistema:
Per eliminare un "servizio":
Start\Esegui\ digitare:
sc stop (e nome del servizio)
Invia una richiesta di controllo STOP a un servizio.

Poi:
sc delete (nome del servizio)
Elimina una sottochiave di un servizio dal Registro di sistema.
Riavviare il pc.

Per il famigerato "BlackBerry" c'è la chiave "Run",ancora presente, che lo fà partire all'avvio.
Basta eliminarla.
Ciao!
paolopa
Inviato: Sunday, June 20, 2010 3:46:13 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
@r16:grazie infinite per le lezioni!!! :-)))
cbbusto
Inviato: Sunday, June 20, 2010 3:50:49 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Ciao raffaella, aggiungo un consiglio molto utile, quando hai sistemato tutto e il pc funziona bene, fai un'immagine del disco con Macrium Reflect, lo scarichi da aiutamici, leggi bene la scheda di alfonso e sarà tutto facile, in questo modo non dovrai più formattare, al minimo problema fai il ripristino e in pochi minuti il pc ritorna tutto come prima perfettamente funzionante.
Brikket
Inviato: Sunday, June 20, 2010 4:25:33 PM

Rank: AiutAmico

Iscritto dal : 4/3/2005
Posts: 187
Brick wall Brick wall Brick wall Brick wall Brick wall Sick Sick Pray Pray
o io sono una perfetta imbecille (cosa possibile!) o mi sono imbarcata in una sfida impossibile...
ho seguito alla lettera quanto indicatomi da r16 nei due post e LA FINESTRA APPARE ANCORA... io mi ci butto da quella finestra tra un pò...
R.
r16
Inviato: Sunday, June 20, 2010 4:49:45 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,017
Senti Raffaella, scarica Combofix:
Scarica Combofix (usa Internet Explorer)

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop. (è obligatorio)

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (se usi Vista: tasto destro su Combofix.exe e clicca su: "Esegui come Amministratore" )


E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix) tu ignorali.

Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.
Brikket
Inviato: Sunday, June 20, 2010 6:50:21 PM

Rank: AiutAmico

Iscritto dal : 4/3/2005
Posts: 187
ComboFix 10-06-19.04 - bric 20/06/2010 18.29.42.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1022.259 [GMT 2:00]
Eseguito da: c:\documents and settings\bric\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\bric\IMPOST~1\Temp\~WSA.tmp
c:\docume~1\bric\IMPOST~1\Temp\~WSB.tmp
c:\docume~1\bric\IMPOST~1\Temp\~WSC.tmp
c:\documents and settings\bric\Impostazioni locali\Temp\~WSA.tmp
c:\documents and settings\bric\Impostazioni locali\Temp\~WSB.tmp
c:\documents and settings\bric\Impostazioni locali\Temp\~WSC.tmp

.
((((((((((((((((((((((((( Files Creati Da 2010-05-20 al 2010-06-20 )))))))))))))))))))))))))))))))))))
.

2010-06-20 13:45 . 2010-06-20 13:45 -------- d-----w- c:\programmi\p-nand-q.com
2010-06-20 08:32 . 2010-06-20 08:39 -------- d-----w- c:\programmi\Unlocker
2010-06-19 15:33 . 2010-06-19 16:05 -------- d-----w- c:\programmi\VS Revo Group
2010-06-18 18:36 . 2010-06-18 18:36 -------- d-----w- c:\documents and settings\bric\Dati applicazioni\Sonic
2010-06-18 06:03 . 2010-06-18 06:03 29512 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgmfx86.sys
2010-06-18 06:03 . 2010-06-18 06:03 242896 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgtdix.sys
2010-06-17 18:00 . 2010-06-18 06:02 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-06-17 18:00 . 2010-06-17 18:00 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-06-17 18:00 . 2010-06-18 06:02 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-06-17 18:00 . 2010-06-17 18:00 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-06-17 18:00 . 2010-06-20 16:14 -------- d-----w- c:\windows\system32\drivers\Avg
2010-06-17 05:26 . 2010-06-17 05:26 388096 ----a-r- c:\documents and settings\bric\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-06-17 05:26 . 2010-06-17 05:26 -------- d-----w- c:\programmi\Trend Micro
2010-06-16 16:55 . 2010-06-16 16:55 -------- d-----w- c:\documents and settings\bric\Dati applicazioni\Malwarebytes
2010-06-16 16:55 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-16 16:55 . 2010-06-16 16:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-06-16 16:55 . 2010-06-16 16:55 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-06-16 16:55 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-15 16:42 . 2001-10-28 15:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2010-06-15 16:42 . 1998-08-05 06:45 122128 ----a-w- c:\windows\system32\VB6IT.DLL
2010-06-15 16:42 . 1998-08-05 06:45 150528 ----a-w- c:\windows\system32\MSCMCIT.DLL
2010-06-15 16:42 . 1998-08-05 06:45 63488 ----a-w- c:\windows\system32\MSCC2IT.DLL
2010-06-15 16:42 . 2010-06-15 16:44 -------- d-----w- c:\programmi\PDFCreator
2010-06-15 16:42 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2010-06-10 08:07 . 2010-06-10 08:07 -------- d-----w- c:\documents and settings\LocalService\Dati applicazioni\Roxio
2010-06-10 07:24 . 2010-06-10 07:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\InstallShield
2010-06-10 07:24 . 2010-06-10 07:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Sonic
2010-06-10 07:16 . 2010-06-18 18:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Research In Motion
2010-06-10 06:23 . 2010-06-10 06:23 256 ----a-w- c:\documents and settings\bric\pool.bin
2010-06-09 04:53 . 2010-05-06 10:32 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-06 14:46 . 2010-06-06 14:46 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2010-06-06 14:46 . 2010-06-06 14:46 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2010-06-06 14:46 . 2010-06-06 14:46 -------- d-----w- c:\programmi\OpenAL
2010-06-06 14:45 . 2010-06-06 14:45 -------- d-----w- c:\programmi\Jardinains 2!
2010-05-30 05:10 . 2010-06-10 08:15 -------- d-----w- c:\documents and settings\bric\Dati applicazioni\vlc
2010-05-30 04:45 . 2010-05-30 04:45 503808 ----a-w- c:\documents and settings\bric\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4363c3aa-n\msvcp71.dll
2010-05-30 04:45 . 2010-05-30 04:45 499712 ----a-w- c:\documents and settings\bric\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4363c3aa-n\jmc.dll
2010-05-30 04:45 . 2010-05-30 04:45 348160 ----a-w- c:\documents and settings\bric\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4363c3aa-n\msvcr71.dll
2010-05-30 04:45 . 2010-05-30 04:45 61440 ----a-w- c:\documents and settings\bric\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1c955a13-n\decora-sse.dll
2010-05-30 04:45 . 2010-05-30 04:45 12800 ----a-w- c:\documents and settings\bric\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1c955a13-n\decora-d3d.dll
2010-05-26 16:18 . 2010-06-10 10:48 256 ----a-w- c:\windows\system32\pool.bin
2010-05-26 16:18 . 2010-06-19 16:29 -------- d-----w- c:\documents and settings\bric\Dati applicazioni\Research In Motion
2010-05-26 16:15 . 2009-01-09 14:18 27136 ----a-r- c:\windows\system32\drivers\RimSerial.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-20 16:17 . 2010-03-10 13:30 -------- d-----w- c:\documents and settings\bric\Dati applicazioni\HPAppData
2010-06-20 10:54 . 2010-01-08 19:26 -------- d-----w- c:\programmi\DIFX
2010-06-20 10:51 . 2006-04-14 08:47 -------- d-----w- c:\programmi\Google
2010-06-19 15:53 . 2006-04-14 08:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Sony Corporation
2010-06-19 15:09 . 2010-01-08 15:32 870 ----a-w- c:\documents and settings\bric\Dati applicazioni\wklnhst.dat
2010-06-19 04:00 . 2010-01-08 09:26 104008 -c--a-w- c:\documents and settings\bric\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-06-18 18:36 . 2010-01-08 09:25 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\avg9
2010-06-15 11:57 . 2006-05-11 12:29 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ulead Systems
2010-06-10 10:59 . 2010-01-08 19:27 -------- d-----w- c:\programmi\File comuni\Nokia
2010-06-10 07:59 . 2010-01-08 07:44 -------- d-----w- c:\programmi\File comuni\Sonic Shared
2010-06-10 07:59 . 2006-04-13 15:22 -------- d-----w- c:\programmi\File comuni\InstallShield
2010-06-10 07:24 . 2010-01-08 09:44 -------- d-----w- c:\documents and settings\bric\Dati applicazioni\InstallShield
2010-06-09 09:58 . 2010-04-15 04:41 -------- d-----w- c:\documents and settings\bric\Dati applicazioni\U3
2010-06-09 05:02 . 2006-04-13 23:15 546218 ----a-w- c:\windows\system32\perfh010.dat
2010-06-09 05:02 . 2006-04-13 23:15 107322 ----a-w- c:\windows\system32\perfc010.dat
2010-05-27 05:03 . 2010-01-08 12:32 -------- d-----w- c:\programmi\CCleaner
2010-05-19 04:49 . 2006-04-14 08:37 -------- d-----w- c:\programmi\File comuni\Sony Shared
2010-05-19 04:47 . 2006-04-13 15:23 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-05-18 14:36 . 2010-05-18 14:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\InterAction studios
2010-05-11 13:18 . 2010-05-11 13:18 503808 ----a-w- c:\documents and settings\bric\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1a7c0a4b-n\msvcp71.dll
2010-05-11 13:18 . 2010-05-11 13:18 499712 ----a-w- c:\documents and settings\bric\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1a7c0a4b-n\jmc.dll
2010-05-11 13:18 . 2010-05-11 13:18 348160 ----a-w- c:\documents and settings\bric\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1a7c0a4b-n\msvcr71.dll
2010-05-11 13:18 . 2010-05-11 13:18 61440 ----a-w- c:\documents and settings\bric\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2dfe5982-n\decora-sse.dll
2010-05-11 13:18 . 2010-05-11 13:18 12800 ----a-w- c:\documents and settings\bric\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2dfe5982-n\decora-d3d.dll
2010-05-11 13:17 . 2006-04-14 08:39 -------- d-----w- c:\programmi\File comuni\Java
2010-05-11 13:17 . 2010-05-11 13:17 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-11 13:17 . 2006-04-14 08:39 -------- d-----w- c:\programmi\Java
2010-05-06 14:13 . 2010-05-06 14:13 -------- d-----w- c:\programmi\PC Connectivity Solution
2010-05-06 14:12 . 2010-05-06 14:12 77824 ----a-w- c:\documents and settings\All Users\Dati applicazioni\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-05-06 14:12 . 2010-05-06 14:12 50000 ----a-w- c:\documents and settings\All Users\Dati applicazioni\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\pcswpc.exe
2010-05-06 14:12 . 2010-01-08 19:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\OviInstallerCache
2010-05-06 14:10 . 2010-05-06 14:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nokia
2010-05-06 10:32 . 2006-04-13 23:14 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:06 . 2006-04-13 23:14 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-27 13:56 . 2010-04-27 13:56 -------- d-----w- c:\programmi\Paint.NET
2010-04-25 14:53 . 2010-04-25 14:53 323624 ----a-w- c:\windows\system32\wiaaut.dll
2010-04-20 05:30 . 2006-04-13 23:14 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-05 05:49 . 2010-04-05 05:49 40960 -c--a-r- c:\documents and settings\bric\Dati applicazioni\Microsoft\Installer\{8ADAA7A5-7DC2-11D4-8488-106364C10000}\NewShortcut4_13AF153D4E744F68819DC8E5DC7B5875.exe
2010-04-05 05:49 . 2010-04-05 05:49 40960 -c--a-r- c:\documents and settings\bric\Dati applicazioni\Microsoft\Installer\{8ADAA7A5-7DC2-11D4-8488-106364C10000}\NewShortcut2_4A600D905EA94FF8A8FFA23F6F02D9EE.exe
2010-04-05 05:49 . 2010-04-05 05:49 40960 -c--a-r- c:\documents and settings\bric\Dati applicazioni\Microsoft\Installer\{8ADAA7A5-7DC2-11D4-8488-106364C10000}\NewShortcut1_6C536305474B4DF8882311922D4B0B80.exe
2010-04-05 05:49 . 2010-04-05 05:49 40960 -c--a-r- c:\documents and settings\bric\Dati applicazioni\Microsoft\Installer\{8ADAA7A5-7DC2-11D4-8488-106364C10000}\ARPPRODUCTICON.exe
2010-04-01 06:29 . 2010-04-01 06:29 95232 -c--a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe
2010-04-01 06:29 . 2010-04-01 06:29 8192 -c--a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe
2010-04-01 06:29 . 2010-04-01 06:29 61440 -c--a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-04-01 06:29 . 2010-04-01 06:29 10240 -c--a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe
2010-03-29 08:29 . 2010-04-01 06:29 34513376 ----a-r- c:\documents and settings\All Users\Dati applicazioni\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_ita_web.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2006-04-21 94208]
"ISUSPM"="c:\programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\programmi\File comuni\Nokia\MPlatform\NokiaMServer" [X]
"Apoint"="c:\programmi\Apoint\Apoint.exe" [2004-11-17 118784]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512]
"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 45056]
"VAIOCameraUtility"="c:\programmi\Sony\VAIO Camera Utility\VCUServe.exe" [2005-12-27 69632]
"ISBMgr.exe"="c:\programmi\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"Switcher.exe"="c:\programmi\Sony\Wireless Switch Setting Utility\Switcher.exe" [2006-02-14 176128]
"IAAnotif"="c:\programmi\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-02-21 143360]
"PDService.exe"="c:\programmi\Utimaco\SafeGuard PrivateDisk\pdservice.exe" [2004-07-06 40960]
"AppMon Utility"="c:\programmi\Sony\AppMonUtil\AppMonUtility.exe" [2006-03-15 40960]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-04-17 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-17 7561216]
"SonyPowerCfg"="c:\programmi\Sony\VAIO Power Management\SPMgr.exe" [2006-01-26 212992]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-04-07 122940]
"Acrobat Assistant 7.0"="c:\programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2005-03-03 483328]
"VAIO Update 5"="c:\programmi\Sony\VAIO Update 5\VAIOUpdt.exe" [2009-12-08 1324400]
"GrooveMonitor"="c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Adobe Photo Downloader"="c:\programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-07 57344]
"ClocX"="c:\programmi\ClocX\ClocX.exe" [2007-07-26 270336]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"NokiaMusic FastStart"="c:\programmi\Nokia\Ovi Player\NokiaOviPlayer.exe" [2009-11-06 2090272]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2010-02-22 202256]
"HP Software Update"="c:\programmi\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2010-03-17 421888]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-02-18 248040]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-18 2065248]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\bric\Menu Avvio\Programmi\Esecuzione automatica\
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\programmi\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Audio Filter.lnk - c:\programmi\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe [2010-1-8 5649408]
Bluetooth Manager.lnk - c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2006-2-2 1753088]
HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
Windows Search.lnk - c:\programmi\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-06-17 18:00 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-09-23 13:24 73728 ----a-w- c:\windows\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Adobe\\Photoshop Elements 4.0\\AdobePhotoshopElementsMediaServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\{FA0F0A01-4631-4161-A6C2-948BF694382E}\\setup\\hpznui01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Programmi\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
"c:\\Programmi\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Programmi\\File comuni\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgupd.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgnsx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [17/06/2010 20.00.42 216200]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [17/06/2010 20.00.48 242896]
R1 PrivateDisk;PrivateDisk;c:\windows\system32\drivers\privatediskm.sys [06/07/2004 14.07.06 45627]
R1 regi;regi;c:\windows\system32\drivers\regi.sys [14/04/2006 10.46.59 4864]
R2 avg9wd;AVG Free WatchDog;c:\programmi\AVG\AVG9\avgwdsvc.exe [17/06/2010 20.00.24 308064]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\programmi\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB --> c:\programmi\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB [?]
R3 AVerM115S;AVerM115S service;c:\windows\system32\drivers\AVerM115S.sys [13/04/2006 17.37.27 745600]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [14/04/2006 1.15.33 29184]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [14/04/2006 1.15.32 812544]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS --> c:\windows\system32\drivers\FNETURPX.SYS [?]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\programmi\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB --> c:\programmi\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB [?]
S3 VUAgent;VUAgent;c:\programmi\Sony\VAIO Update 5\VUAgent.exe [08/01/2010 11.19.13 673136]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenuto della cartella 'Scheduled Tasks'

2010-05-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-06-20 c:\windows\Tasks\User_Feed_Synchronization-{534F8476-418A-42FC-8B4A-94E5B57C7107}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.libero.it/
uInternet Connection Wizard,ShellNext = iexplore
IE: &Cerca con Google - c:\programmi\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Traduci parola in italiano - c:\programmi\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Aggiungi sito di supporto RSS a VAIO Information FLOW - c:\programmi\Sony\VAIO Information FLOW\aiesc.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Link a ritroso - c:\programmi\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Pagine simili - c:\programmi\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Versione cache della pagina - c:\programmi\Google\GoogleToolbar1.dll/cmcache.html
Trusted Zone: sony-europe.com
Trusted Zone: sonystyle-europe.com
Trusted Zone: vaio-link.com
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-20 18:37
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,21,a5,c5,a7,42,4b,4d,b0,21,09,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,21,a5,c5,a7,42,4b,4d,b0,21,09,\
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1036)
c:\windows\system32\VESWinlogon.dll

- - - - - - - > 'explorer.exe'(3860)
c:\windows\system32\WININET.dll
c:\programmi\Windows Desktop Search\deskbar.dll
c:\programmi\Windows Desktop Search\it-it\dbres.dll.mui
c:\programmi\Windows Desktop Search\dbres.dll
c:\programmi\Windows Desktop Search\wordwheel.dll
c:\programmi\Windows Desktop Search\it-it\msnlExtRes.dll.mui
c:\programmi\Windows Desktop Search\msnlExtRes.dll
c:\programmi\File comuni\Ahead\Lib\NeroSearchBar.dll
c:\programmi\File comuni\Ahead\Lib\NeroSearchTrayHook.dll
c:\programmi\File comuni\Ahead\Lib\MFC71U.DLL
c:\programmi\File comuni\Ahead\Lib\BCGCBPRO800u.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programmi\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\programmi\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\programmi\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ita.nlr
c:\programmi\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Intel\Wireless\Bin\EvtEng.exe
c:\programmi\Intel\Wireless\Bin\S24EvMon.exe
c:\programmi\AVG\AVG9\avgchsvx.exe
c:\programmi\AVG\AVG9\avgrsx.exe
c:\programmi\AVG\AVG9\avgcsrvx.exe
c:\programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\programmi\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
c:\programmi\AVG\AVG9\avgnsx.exe
c:\windows\system32\nvsvc32.exe
c:\programmi\Intel\Wireless\Bin\RegSrvc.exe
c:\programmi\SigmaTel\C-Major Audio\WDM\StacSV.exe
c:\programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
c:\programmi\Sony\VAIO Event Service\VESMgr.exe
c:\programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\ehome\mcrdsvc.exe
c:\programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\ICO.EXE
c:\windows\eHome\ehmsas.exe
c:\programmi\Apoint\Apntex.exe
c:\windows\system32\RUNDLL32.EXE
c:\programmi\File comuni\Nokia\MPlatform\NokiaMServer.exe
c:\windows\system32\msiexec.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
c:\windows\system32\MsiExec.exe
c:\programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
c:\progra~1\FILECO~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe
c:\programmi\HP\Digital Imaging\bin\hpqSTE08.exe
c:\programmi\HP\Digital Imaging\bin\hpqbam08.exe
c:\programmi\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Ora fine scansione: 2010-06-20 18:41:13 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-06-20 16:41

Pre-Run: 71.053.570.048 byte disponibili
Post-Run: 71.045.349.376 byte disponibili

- - End Of File - - 0D9F0744D2DD1DDA4EFBDD0A166CD23F


dopo il riavvio del pc per opera di COMBOFIX la prima cosa che è apparsa sul desktop è stata la finestra di installazione di ROXIO Media Manager e quella successiva decretante il fallimento della stessa !!! sic sic :((
R16 quasi mi vergogno...
comunque, se posso, anni fa quando mi aiutasti in un'altra occasione avevi una foto del tuo bambino piccolo piccolo che era bellissimo... ora è ancora più bello. Complimenti!
Raffaella
r16
Inviato: Sunday, June 20, 2010 7:10:50 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,017
Grazie da parte del "Moccioso"Drool
Postami per favore un log di hijackthis.
Brikket
Inviato: Sunday, June 20, 2010 7:34:06 PM

Rank: AiutAmico

Iscritto dal : 4/3/2005
Posts: 187
eccolo:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19.31.07, on 20/06/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmi\AVG\AVG9\avgchsvx.exe
C:\Programmi\AVG\AVG9\avgrsx.exe
C:\Programmi\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Programmi\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\AVG\AVG9\avgnsx.exe
C:\Programmi\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\Programmi\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmi\Apoint\Apoint.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\ICO.EXE
C:\Programmi\Sony\VAIO Camera Utility\VCUServe.exe
C:\Programmi\Sony\ISB Utility\ISBMgr.exe
C:\Programmi\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Programmi\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Programmi\Sony\AppMonUtil\AppMonUtility.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Programmi\Apoint\Apntex.exe
C:\Programmi\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Programmi\File comuni\Nokia\MPlatform\NokiaMServer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Programmi\ClocX\ClocX.exe
C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
C:\PROGRA~1\FILECO~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Programmi\HP\Digital Imaging\bin\hpqbam08.exe
C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG9\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\GoogleAFE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Programmi\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Programmi\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Programmi\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Programmi\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Programmi\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [AppMon Utility] C:\Programmi\Sony\AppMonUtil\AppMonUtility.exe @@@Start
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Programmi\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [VAIO Update 5] "C:\Programmi\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Programmi\File comuni\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ClocX] C:\Programmi\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Programmi\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Audio Filter.lnk = C:\Programmi\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Programmi\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Cerca con Google - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Traduci parola in italiano - res://C:\Programmi\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Aggiungi sito di supporto RSS a VAIO Information FLOW - C:\Programmi\Sony\VAIO Information FLOW\aiesc.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Link a ritroso - res://C:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pagine simili - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Versione cache della pagina - res://C:\Programmi\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Visualizza o nasconde HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG9\avgwdsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programmi\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Programmi\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Programmi\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Programmi\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VUAgent - Sony Corporation - C:\Programmi\Sony\VAIO Update 5\VUAgent.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 16608 bytes

Un buffetto affettuoso al piccolo (potrei essere sua nonna!!!)
Grazie
R.
r16
Inviato: Sunday, June 20, 2010 7:52:22 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,017
Con calma e senza fretta.

Avvia hijackthis, metti la spunta alle voci che andrò ad elencarti e con tutte le applicazioni chiuse e disconnesso da Internet,premi su fix checked
Code:
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Programmi\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Programmi\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Programmi\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [AppMon Utility] C:\Programmi\Sony\AppMonUtil\AppMonUtility.exe @@@Start
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Programmi\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [VAIO Update 5] "C:\Programmi\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Programmi\File comuni\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Programmi\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - Global Startup: Audio Filter.lnk = C:\Programmi\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Programmi\Windows Desktop Search\WindowsSearch.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com



Dai una pulita (registro compreso)con CCleaner: http://www.aiutamici.com/software?ID=11223
Nella schermata iniziale di CCleaner, clicca su Opzioni e poi Avanzate, togli il segno di spunta a: Cancella i file in Windows Temp solo se più vecchi di 48 ore. (poi esegui le pulizie)

Riavvia il pc

Quando hai finito, posta un nuovo log di HijackThis
Brikket
Inviato: Sunday, June 20, 2010 8:30:29 PM

Rank: AiutAmico

Iscritto dal : 4/3/2005
Posts: 187
Applause Applause Applause Applause
non è apparsa la malefica finestra ecco il log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20.21.18, on 20/06/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\AVG\AVG9\avgchsvx.exe
C:\Programmi\AVG\AVG9\avgrsx.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmi\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Programmi\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\AVG\AVG9\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\Programmi\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Apoint\Apoint.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Programmi\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Programmi\ClocX\ClocX.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Programmi\Apoint\Apntex.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG9\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\GoogleAFE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Programmi\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Programmi\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ClocX] C:\Programmi\ClocX\ClocX.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: &Cerca con Google - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Traduci parola in italiano - res://C:\Programmi\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Aggiungi sito di supporto RSS a VAIO Information FLOW - C:\Programmi\Sony\VAIO Information FLOW\aiesc.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Link a ritroso - res://C:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pagine simili - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Versione cache della pagina - res://C:\Programmi\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Visualizza o nasconde HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG9\avgwdsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programmi\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Programmi\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Programmi\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Programmi\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VUAgent - Sony Corporation - C:\Programmi\Sony\VAIO Update 5\VUAgent.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 12712 bytes


devo a tutti voi una cena!!!
in particolare a te r16 GRAZIE INFINITE Angel ..... il "Moccioso" è fortunato, ha un papà che potrà insegnargli un sacco di cose...
adesso torno a bomba all'inizio, provo a reinstallare Mozilla o la smetto di fare esperimenti e continuo con IE?
A Te/Voi la sentenza...
ancora un grande grazie
Raffaella.
p.s. se ritieni che debba continuare a cercare e pulire io eseguo
paolopa
Inviato: Sunday, June 20, 2010 8:38:52 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
se non ricordo male hai ancora da pulire la pendrive(hd esterno?non collegarlo sino a che non ti indichera' la procedura)e ci sono ancora un po di pulizie da fare che ti dira'!sono felice per te!
@r16:sei davvero una risorsa per tutti gli utenti,ciao e buona serata.
Brikket
Inviato: Sunday, June 20, 2010 8:43:37 PM

Rank: AiutAmico

Iscritto dal : 4/3/2005
Posts: 187
grazie anche a te Paolopa, manterò l'hd scollegato fino a nuovo ordine...
saluti anche a Theo il furetto...
raffaella

hai ragione r16 è una grande risorsa "WWWWWWWW r16"
buona serata
r.
r16
Inviato: Sunday, June 20, 2010 9:52:22 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,017
Bah......sinceramente, (e senza falsa modestia) era un'operazione che dovevo fare fin dall'inizio.
Per cui, dovevo svegliarmi prima.....Whistle
Per altre eventuali operazioni, ci penserà paolopa.
Ciao a tutti!
cbbusto
Inviato: Sunday, June 20, 2010 10:58:10 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Visto raffaella, mai disperare, questi son per te, da nonno Claudio.

Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.