Ricky.

rieccoti il nuovo log.......mi sa mi sa che mi ero scordato di cancellare quei file hehehehe !!!! Cmq l'unico problema che riscontro ancora e' che spesso quando uso i giochi dopo un po o mi si riavvia ilpc. Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 7.36.08, on 12/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\PC Tools Firewall Plus\FWService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Eset\nod32krn.exe C:\VEXPLITE\viritsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programmi\TRIXX\TRIXX.exe C:\WINDOWS\system32\RunDll32.exe C:\Programmi\Eset\nod32kui.exe C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe C:\VEXPLITE\MONLITE.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Programmi\HiJackThis_v2\HiJackThis_v2.exe C:\WINDOWS\system32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fastweb.it/portale/?benvenuto= R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll O4 - HKLM\..\Run: [TRIXX] "C:\Programmi\TRIXX\TRIXX.exe" -s O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [00PCTFW] "C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe" -s O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Programmi\PC Tools Firewall Plus\FWService.exe O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe -- End of file - 4597 bytes

ok sono riuscito a fare tutto quel lavoraccio che mi hai consigliato ed eccotti il Log HiJack nuovo nuovo. Il pc mi pare apposto ........ Fammi sapere ciao bello !! Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 16.41.59, on 11/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\PC Tools Firewall Plus\FWService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Eset\nod32krn.exe C:\VEXPLITE\viritsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programmi\TRIXX\TRIXX.exe C:\WINDOWS\System32\RunDll32.exe C:\Programmi\Eset\nod32kui.exe C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe C:\VEXPLITE\MONLITE.EXE C:\WINDOWS\System32\ctfmon.exe C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\wpabaln.exe C:\Programmi\internet explorer\iexplore.exe C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Programmi\HiJackThis_v2\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fastweb.it/portale/?benvenuto= R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll O2 - BHO: (no name) - {C4749A1D-547A-4A91-BA28-EA6F1D506166} - C:\WINDOWS\System32\jkhfd.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll O4 - HKLM\..\Run: [Windows Net] ipcvcxyukdn.exe O4 - HKLM\..\Run: [TRIXX] "C:\Programmi\TRIXX\TRIXX.exe" -s O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [00PCTFW] "C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe" -s O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE O4 - HKLM\..\RunServices: [Windows Net] ipcvcxyukdn.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Windows Net] ipcvcxyukdn.exe O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O20 - Winlogon Notify: wvuuvwv - wvuuvwv.dll (file missing) O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Programmi\PC Tools Firewall Plus\FWService.exe O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe -- End of file - 4967 bytes

ammazzate che lavoraccio....faro' tutto domani perche stasera non ho tempo. Grazie mille cmq per l'aiuto ti posso gia dire che con i primi consigli che mi hai dato ho gia risolto parecchi problemi e il pc adesso va quasi alla perfezione. PS: sono un'amico di jufan....abito anchio a lodi e mi ha consigliato lui di rivolgermi a voi...in special modo di te >Kuma !!!

AZZAROLA OK...SCUSATEMI. Mi sai dire qualcosa per i log??

Ciao a tutti sono un nuovo rompiscatole di WININIZIO eheheheeh. Mi manda da queste parti un'amico che tralaltro e' un vostro collaboratore cioe' JUFAN, anchio come lui sono di Lodi. Ho dato un'occhiata qua e la al vostro sito e devo dire che e' Ottimo....COMPLIMENTI DAVVERO!!! :-892:

Rieccomi Kuma, ho tutto quello che mi hai detto e te lo posto. Mi dici come fare per far si da mettere tutto insieme in modo che la prossima volta con un solo link visibile metto tutto come fanno gli altri?? "Proprietario" - 2007-07-08 13.34.40 - ComboFix 07-07-07.3 - Service Pack 2 ((((((((((((((((((((((((( Files Created from 2007-06-08 to 2007-07-08 ))))))))))))))))))))))))))))))) 2007-07-08 12:49 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-08 12:29 36,096 --a------ C:\WINDOWS\system32\drivers\VIRAGTLT.SYS 2007-07-08 12:29 <DIR> d-------- C:\VEXPLITE 2007-07-08 12:19 <DIR> d-------- C:\VundoFix Backups 2007-07-08 02:06 <DIR> d-------- C:\Programmi\EA GAMES 2007-07-08 01:58 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2007-07-08 01:42 <DIR> d-------- C:\DOCUME~1\PROPRI~1\DATIAP~1\PCToolsFirewallPlus 2007-07-08 01:35 55,904 --a------ C:\WINDOWS\system32\drivers\pctfw.sys 2007-07-08 01:35 100,448 --a------ C:\WINDOWS\system32\drivers\pctfw1.sys 2007-07-08 01:35 <DIR> d-------- C:\Programmi\PC Tools Firewall Plus 2007-07-08 01:03 <DIR> d-------- C:\Programmi\Panzers 2007-07-07 00:51 <DIR> d-------- C:\Programmi\Yahoo! 2007-07-06 18:58 1,460 --ah----- C:\WINDOWS\system32\qkoyn.exe 2007-07-06 01:58 <DIR> d-------- C:\Programmi\Call of Duty 2007-07-06 01:57 <DIR> d-------- C:\Downloads 2007-07-06 00:45 <DIR> d-------- C:\DOCUME~1\PROPRI~1\Contacts 2007-07-06 00:44 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2007-07-06 00:44 <DIR> d-------- C:\Programmi\MSN Messenger 2007-07-05 18:47 4,380 --ah----- C:\WINDOWS\system32\gjkq.exe 2007-07-04 00:44 <DIR> d--h----- C:\Programmi\FX Uninstall Information 2007-07-04 00:00 <DIR> d-------- C:\DOCUME~1\PROPRI~1\DATIAP~1\Google 2007-07-03 23:57 <DIR> d-------- C:\Programmi\Google 2007-07-03 23:57 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\DATIAP~1\Google 2007-07-03 18:06 502,208 --a------ C:\WINDOWS\system32\drivers\amon.sys 2007-07-03 18:06 270,336 --a------ C:\WINDOWS\system32\imon.dll 2007-07-03 17:37 <DIR> d--hs---- C:\RECYCLER 2007-07-03 17:34 <DIR> d-------- C:\WINDOWS\provisioning 2007-07-03 17:34 <DIR> d-------- C:\WINDOWS\peernet 2007-07-03 17:32 <DIR> d-------- C:\WINDOWS\ServicePackFiles 2007-07-03 17:31 20,480 --a------ C:\WINDOWS\system32\sprecovr.exe 2007-07-03 17:29 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll 2007-07-03 17:29 98,304 --a------ C:\WINDOWS\system32\actxprxy.dll 2007-07-03 17:29 91,648 --a------ C:\WINDOWS\system32\ahui.exe 2007-07-03 17:29 90,112 --a------ C:\WINDOWS\system32\cscdll.dll 2007-07-03 17:29 9,856 --a------ C:\WINDOWS\system32\drivers\tunmp.sys 2007-07-03 17:29 9,216 --a------ C:\WINDOWS\system32\wuauserv.dll 2007-07-03 17:29 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2007-07-03 17:29 845,824 --a------ C:\WINDOWS\system32\comres.dll 2007-07-03 17:29 80,896 --a------ C:\WINDOWS\system32\cabview.dll 2007-07-03 17:29 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll 2007-07-03 17:29 8,192 --a------ C:\WINDOWS\system32\autolfn.exe 2007-07-03 17:29 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll 2007-07-03 17:29 79,360 --a------ C:\WINDOWS\system32\diantz.exe 2007-07-03 17:29 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll 2007-07-03 17:29 77,824 --a------ C:\WINDOWS\system32\asycfilt.dll 2007-07-03 17:29 76,800 --a------ C:\WINDOWS\system32\dmscript.dll 2007-07-03 17:29 76,800 --a------ C:\WINDOWS\system32\dfrgfat.exe 2007-07-03 17:29 76,800 --a------ C:\WINDOWS\system32\avifil32.dll 2007-07-03 17:29 74,810 --a------ C:\WINDOWS\system32\atl.dll 2007-07-03 17:29 723,968 --a------ C:\WINDOWS\system32\dpnet.dll 2007-07-03 17:29 71,680 --a------ C:\WINDOWS\system32\browsewm.dll 2007-07-03 17:29 70,656 --a------ C:\WINDOWS\system32\defrag.exe 2007-07-03 17:29 70,656 --a------ C:\WINDOWS\system32\cryptdlg.dll 2007-07-03 17:29 7,680 --a------ C:\WINDOWS\system32\dciman32.dll 2007-07-03 17:29 7,680 --a------ C:\WINDOWS\system32\bitsprx2.dll 2007-07-03 17:29 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll 2007-07-03 17:29 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll 2007-07-03 17:29 68,096 --a------ C:\WINDOWS\system32\browselc.dll 2007-07-03 17:29 64,512 --a------ C:\WINDOWS\system32\ciodm.dll 2007-07-03 17:29 64,512 --a------ C:\WINDOWS\system32\amstream.dll 2007-07-03 17:29 62,464 --a------ C:\WINDOWS\system32\cleanmgr.exe 2007-07-03 17:29 62,464 --a------ C:\WINDOWS\system32\adsmsext.dll 2007-07-03 17:29 61,440 --a------ C:\WINDOWS\system32\dbnetlib.dll 2007-07-03 17:29 6,656 --a------ C:\WINDOWS\system32\batt.dll 2007-07-03 17:29 59,904 --a------ C:\WINDOWS\system32\cabinet.dll 2007-07-03 17:29 59,392 --a------ C:\WINDOWS\system32\6to4svc.dll 2007-07-03 17:29 582,656 --a------ C:\WINDOWS\system32\catsrvut.dll 2007-07-03 17:29 582,656 --a------ C:\WINDOWS\system32\autofmt.exe 2007-07-03 17:29 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll 2007-07-03 17:29 57,344 --a------ C:\WINDOWS\system32\admparse.dll 2007-07-03 17:29 561,664 --a------ C:\WINDOWS\system32\crypt32.dll 2007-07-03 17:29 56,832 --a------ C:\WINDOWS\system32\colbact.dll 2007-07-03 17:29 55,296 --a------ C:\WINDOWS\system32\digest.dll 2007-07-03 17:29 55,296 --a------ C:\WINDOWS\system32\cmstp.exe 2007-07-03 17:29 54,272 --a------ C:\WINDOWS\system32\clusapi.dll 2007-07-03 17:29 54,016 --a------ C:\WINDOWS\system32\dosx.exe 2007-07-03 17:29 53,248 --a------ C:\WINDOWS\system32\dmutil.dll 2007-07-03 17:29 53,248 --a------ C:\WINDOWS\system32\cryptsvc.dll 2007-07-03 17:29 53,248 --a------ C:\WINDOWS\system32\cryptnet.dll 2007-07-03 17:29 52,224 --a------ C:\WINDOWS\system32\dataclen.dll 2007-07-03 17:29 51,200 --a------ C:\WINDOWS\system32\authz.dll 2007-07-03 17:29 5,120 --a------ C:\WINDOWS\system32\hccoin.dll 2007-07-03 17:29 5,120 --a------ C:\WINDOWS\system32\cisvc.exe 2007-07-03 17:29 5,120 --a------ C:\WINDOWS\system32\asferror.dll 2007-07-03 17:29 495,616 --a------ C:\WINDOWS\system32\comuid.dll 2007-07-03 17:29 49,152 --a------ C:\WINDOWS\system32\cryptext.dll 2007-07-03 17:29 49,152 --a------ C:\WINDOWS\system32\browser.dll 2007-07-03 17:29 489,984 --a------ C:\WINDOWS\system32\dbghelp.dll 2007-07-03 17:29 482,304 --a------ C:\WINDOWS\system32\cryptui.dll 2007-07-03 17:29 48,128 --a------ C:\WINDOWS\system32\cnbjmon.dll 2007-07-03 17:29 468,480 --a------ C:\WINDOWS\system32\clbcatq.dll 2007-07-03 17:29 46,592 --a------ C:\WINDOWS\twain_32.dll 2007-07-03 17:29 45,632 --a------ C:\WINDOWS\system32\cliconfg.exe 2007-07-03 17:29 45,568 --a------ C:\WINDOWS\system32\docprop2.dll 2007-07-03 17:29 45,056 --a------ C:\WINDOWS\system32\camocx.dll 2007-07-03 17:29 441,344 --a------ C:\WINDOWS\system32\certmgr.dll 2007-07-03 17:29 44,032 --a------ C:\WINDOWS\system32\dnsrslvr.dll 2007-07-03 17:29 44,032 --a------ C:\WINDOWS\system32\basesrv.dll 2007-07-03 17:29 41,984 --a------ C:\WINDOWS\system32\alg.exe 2007-07-03 17:29 41,472 --a------ C:\WINDOWS\system32\cmdl32.exe (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-06 22:59:27 12,528 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-07-03 16:03:11 63,180 ----a-w C:\WINDOWS\system32\perfc010.dat 2007-07-03 16:03:11 425,432 ----a-w C:\WINDOWS\system32\perfh010.dat 2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] 2007-03-14 03:43 501400 --a------ C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] 2006-08-31 20:33 322368 --a------ C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] 2007-07-04 00:01 2423872 -ra------ c:\programmi\google\googletoolbar2.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C4749A1D-547A-4A91-BA28-EA6F1D506166}] C:\WINDOWS\System32\jkhfd.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Net"="ipcvcxyukdn.exe" [] "TRIXX"="C:\Programmi\TRIXX\TRIXX.exe" [2005-08-16 13:18] "Cmaudio"="cmicnfg.cpl" [] "nod32kui"="C:\Programmi\Eset\nod32kui.exe" [2007-07-03 18:06] "SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "00PCTFW"="C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe" [2007-04-28 08:13] "VIRIT LITE MONITOR"="C:\VEXPLITE\MONLITE.EXE" [2007-07-08 12:30] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2003-04-08 14:00] "Windows Net"="ipcvcxyukdn.exe" [] "swg"="C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-07-04 00:01] "MsnMsgr"="C:\Programmi\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices] "Windows Net"=ipcvcxyukdn.exe [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "Windows Net"=ipcvcxyukdn.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvuuvwv] wvuuvwv.dll *Newly Created Service* - CATCHME *Newly Created Service* - VIRAGTLT Contents of the 'Scheduled Tasks' folder 2007-07-08 10:53:18 C:\WINDOWS\tasks\zjocaz.job ************************************************************************** catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-08 13:35:28 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-07-08 13.35.57 C:\ComboFix-quarantined-files.txt ... 2007-07-08 13:35 C:\ComboFix2.txt ... 2007-07-08 13:11 --- E O F --- hijackthis.log VirIT_eXplorer_Lite_Log.txt

Ok appena ho tempo faccio tutto e ti comunico. Per il momento allora grazie mille per la cortesia.

Salve a tutti. Ho da poco formattato il pc per vari problemi dovuti a virus e compagnia bella ma ho notato che e' servito solo in parte. Vi posto il Log Hijack mi date una controllata per cortesia??? Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 1.10.15, on 08/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\windows\system32\svchost.exe C:\Programmi\Eset\nod32krn.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programmi\TRIXX\TRIXX.exe C:\WINDOWS\System32\RunDll32.exe C:\Programmi\Eset\nod32kui.exe C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\System32\ctfmon.exe C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Programmi\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\wpabaln.exe C:\WINDOWS\System32\cmd.exe C:\Documents and Settings\Proprietario\Desktop\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fastweb.it/portale/?benvenuto= R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: (no name) - {54CBB12C-3481-4C5D-942D-4976C0F0A406} - C:\WINDOWS\System32\rqrpmml.dll O2 - BHO: (no name) - {5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} - C:\WINDOWS\System32\mcusxcqd.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7D60B38C-7F7B-432F-8C6B-1039791B605C} - C:\WINDOWS\System32\jkhfd.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll O4 - HKLM\..\Run: [Windows Net] ipcvcxyukdn.exe O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\System32\slbtqxjq.dll",realset O4 - HKLM\..\Run: [TRIXX] "C:\Programmi\TRIXX\TRIXX.exe" -s O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Winamp Agent] C:\WINDOWS\System32\winamp.exe O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\RunServices: [Windows Net] ipcvcxyukdn.exe O4 - HKLM\..\RunOnce: [borra Disinst_Panzers] command /c del "C:\Programmi\FX Uninstall Information\Disinst_Panzers.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Windows Net] ipcvcxyukdn.exe O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: up.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O20 - Winlogon Notify: jkhfd - C:\WINDOWS\System32\jkhfd.dll O20 - Winlogon Notify: rqrpmml - C:\WINDOWS\SYSTEM32\rqrpmml.dll O20 - Winlogon Notify: wvuuvwv - wvuuvwv.dll (file missing) O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: DomainService - Unknown owner - C:\WINDOWS\System32\ycpqtkjs.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe -- End of file - 4931 bytes