Ciao!
Malwarebytes non ha trovato nulla..
comunque ti posto i 2 log che hai chiesto.. GRAZIE!!! :
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.orgVersione database: v2012.07.02.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: YOUR-2CBA8FC3CE [amministratore]
02/07/2012 10.59.39
mbam-log-2012-07-02 (10-59-39).txt
Tipo di scansione: Scansione completa
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File system | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 395948
Tempo impiegato: 1 ore, 40 minuti, 7 secondi
Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)
Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)
Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)
Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)
Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)
Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)
File rilevati: 0
(non sono stati rilevati elementi nocivi)
(fine)
__________________________________________________________________________________
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12.53.17, on 02/07/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Tablet\Pen\Pen_TouchService.exe
C:\Programmi\AVAST Software\Avast\AvastSvc.exe
C:\Programmi\Tablet\Pen\Pen_TouchUser.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Analog Devices\Core\smax4pnp.exe
C:\Programmi\PDF Complete\pdfsty.exe
C:\Programmi\Hewlett-Packard\HP ProtectTools Security
Manager\PTHOSTTR.EXE
C:\Programmi\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\xampp\apache\bin\httpd.exe
C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe
C:\Programmi\AVAST Software\Avast\avastUI.exe
C:\Programmi\WinTV\TVServer\HauppaugeTVServer.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Eraser\Eraser.exe
C:\WINDOWS\system32\IProsetMonitor.exe
C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe
C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
C:\Programmi\Rainlendar2\Rainlendar2.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\SlimDrivers\SlimDrivers.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\xampp\mysql\bin\mysqld.exe
C:\Programmi\WinTV\Ir.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\WinTV\WinTV7\WinTVTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
C:\WINDOWS\system32\SupportAppXL\onda_mon.exe
C:\Programmi\PC Tools Firewall Plus\FWService.exe
C:\Programmi\PDF Complete\pdfsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Tablet\Pen\Pen_Tablet.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Programmi\Tablet\Pen\Pen_TabletUser.exe
C:\Programmi\Tablet\Pen\Pen_Tablet.exe
C:\xampp\apache\bin\httpd.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Hewlett-Packard\Shared\HpqToaster.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programmi\Trend Micro\HijackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=IT_IT&c=74&bd=smb&pf=laptop
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: HP Print Enhancer -
{0347C33E-8762-4905-BF09-768834316C61} -
C:\Programmi\Hewlett-Packard\Smart Web
Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} -
C:\Programmi\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
- C:\Programmi\File
comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection -
{53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -
C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} -
C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl -
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} -
C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Norton Safe Web Lite BHO -
{F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Programmi\Norton Safe
Web Lite\Engine\2.0.0.16\coIEPlg.dll
O3 - Toolbar: avast! WebRep -
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST
Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Norton Safe Web Lite -
{30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Programmi\Norton Safe
Web Lite\Engine\2.0.0.16\coIEPlg.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog
Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [PDF Complete] "C:\Programmi\PDF
Complete\pdfsty.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Programmi\Hewlett-Packard\HP
ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [hpWirelessAssistant]
%ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick
Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Cpqset] C:\Programmi\Hewlett-Packard\Default
Settings\cpqset.exe
O4 - HKLM\..\Run: [WatchDog] C:\Programmi\InterVideo\DVD
Check\DVDCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File
comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hp\HP Software
Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [00PCTFW] "C:\Programmi\PC Tools Firewall
Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File
comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Programmi\AVAST
Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Programmi\File comuni\Apple\Apple
Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File
comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task]
"C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Eraser] C:\Programmi\Eraser\Eraser.exe -hide
O4 - HKCU\..\Run: [ISUSPM] "C:\Programmi\File
comuni\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Rainlendar2]
C:\Programmi\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and
Settings\Administrator\Impostazioni locali\Dati
applicazioni\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SlimDrivers]
"C:\Programmi\SlimDrivers\SlimDrivers.exe" -boot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File
comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Programmi\WinTV\Ir.exe
O4 - Global Startup: DVD Check.lnk = C:\Programmi\InterVideo\DVD
Check\DVDCheck.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk =
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinTV Recording Status..lnk =
C:\Programmi\WinTV\WinTV7\WinTVTray.exe
O4 - Global Startup: WinTV Recording Status.lnk =
C:\Programmi\WinTV\WinTV7\WinTVTray.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Libro dei ritagli HP -
{58ECB495-38F0-49cb-A538-10282ABF65E7} -
C:\Programmi\Hewlett-Packard\Smart Web
Printing\hpswp_extensions.dll
O9 - Extra button: Selezione intelligente HP -
{700259D7-1666-479a-93B1-3250410481E8} -
C:\Programmi\Hewlett-Packard\Smart Web
Printing\hpswp_extensions.dll
O9 - Extra button: Ricerche -
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) -
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy
Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl
Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340639474546
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) -
http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
O22 - SharedTaskScheduler: Precaricatore Browseui -
{438755C2-A8BA-11D1-B96B-00A0C90312E1} -
C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di
componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} -
C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) -
Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apache2.2 - Apache Software Foundation -
C:\xampp\apache\bin\httpd.exe
O23 - Service: avast! Antivirus - AVAST Software -
C:\Programmi\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Controllo/blocco dispositivi HP ProtectTools
(FLCDLOCK) - Hewlett-Packard Ltd - C:\WINDOWS\system32\flcdlock.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works -
C:\Programmi\WinTV\TVServer\HauppaugeTVServer.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P.
- C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Programmi\File
comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel
Corporation - C:\WINDOWS\system32\IProsetMonitor.exe
O23 - Service: IviRegMgr - InterVideo - C:\Programmi\File
comuni\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun
Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company - C:\Programmi\File
comuni\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) -
Mozilla Foundation - C:\Programmi\Mozilla Maintenance
Service\maintenanceservice.exe
O23 - Service: mysql - Unknown owner -
C:\xampp\mysql\bin\mysqld.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero
BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File
comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation -
C:\Programmi\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
O23 - Service: ONDA Autorun CDROM Monitor - Unknown owner -
C:\WINDOWS\system32\SupportAppXL\onda_mon.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) -
Unknown owner - C:\Programmi\PC Tools Firewall Plus\FWService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete
Inc - C:\Programmi\PDF Complete\pdfsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Programmi\File
comuni\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. -
c:\Programmi\File comuni\SureThing Shared\stllssvr.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. -
C:\Programmi\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) -
Wacom Technology, Corp. -
C:\Programmi\Tablet\Pen\Pen_TouchService.exe
--
End of file - 12506 bytes
