Ecco il log....
Logfile of HijackThis v1.99.1
Scan saved at 19.17.37, on 15/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
D:\Programmi\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
D:\Programmi\Comodo\Firewall\cmdagent.exe
D:\PROGRA~1\SPYWAR~1\sp_rsser.exe
D:\WINDOWS\system32\svchost.exe
D:\VEXPLITE\viritsvc.exe
D:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe
D:\Programmi\Comodo\Firewall\CPF.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Programmi\Java\jre1.6.0_01\bin\jusched.exe
D:\Programmi\Lexmark 1200 Series\lxczbmgr.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
D:\Programmi\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
D:\Programmi\Lexmark 1200 Series\lxczbmon.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
D:\Programmi\Skype\Phone\Skype.exe
D:\Programmi\Messenger\msmsgs.exe
D:\Programmi\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
D:\PROGRA~1\INCRED~1\bin\IMApp.exe
D:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
D:\Programmi\Alwil Software\Avast4\ashWebSv.exe
D:\Programmi\Skype\Plugin Manager\skypePM.exe
D:\WINDOWS\system32\ntvdm.exe
D:\Documents and Settings\Simo84\Desktop\sgenius\sgphoto.exe
D:\Programmi\HiJackthis\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [Comodo Firewall] "D:\Programmi\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Programmi\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Lexmark 1200 Series] "D:\Programmi\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] D:\VEXPLITE\MONLITE.EXE
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [spywareTerminator] "D:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [RemoteControl] "D:\Programmi\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [sUPERAntiSpyware] D:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [incrediMail] "D:\Programmi\IncrediMail\bin\IncMail.exe" /c
O4 - HKCU\..\Run: [skype] "D:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "D:\Programmi\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Synchronizer.lnk = D:\Programmi\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = D:\Programmi\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: ZDWLan Utility.lnk = D:\Programmi\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - D:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {1F831FA9-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://D:\Programmi\AutoCAD LT 2002 Ita\InstFred.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1181822261828
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Controllo AcDc oggi) - file://D:\Programmi\AutoCAD LT 2002 Ita\AcDcToday.ocx
O16 - DPF: {AE563729-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://D:\Programmi\AutoCAD LT 2002 Ita\InstBanr.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwa...ash/swflash.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Controllo AcPreview) - file://D:\Programmi\AutoCAD LT 2002 Ita\AcPreview.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{CBF4BB44-0C5E-4976-AE66-1F1201ACAC8D}: NameServer = 85.37.17.15 85.38.28.74
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\
O20 - Winlogon Notify: WRNotifier - D:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - D:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - D:\Programmi\Comodo\Firewall\cmdagent.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\PROGRA~1\SPYWAR~1\sp_rsser.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - D:\VEXPLITE\viritsvc.exe
O23 - Service: Sistema Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - D:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe
Allego l'ultima scansione on line fatta con kasperky.
Per quel virus che segnala K., l'ho fatto analizzare su Virus Total, ma direi proprio che si tratta di un falso positivo.
14_giugno_2007.html