pupone

Controllo Hijackthis

9 messaggi in questa discussione

salve amici ho dei probfile of Trend Micro HijackThis v2.0.2

Scan saved at 18.32.46, on 21/07/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programmi\CONITECH\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe

C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe

C:\Programmi\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Programmi\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\Programmi\Java\jre6\bin\jqs.exe

c:\Programmi\File comuni\LightScribe\LSSrvc.exe

C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe

C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe

C:\Programmi\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\ps2.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe

C:\PROGRA~1\ALICET~1\vendors\AliceRE\content\template\driven~1\syncer\MCCITR~1.EXE

C:\Programmi\Spamihilator\spamihilator.exe

C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe

C:\Programmi\QuickTime\qttask.exe

C:\Programmi\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programmi\Windows Live\Messenger\msnmsgr.exe

C:\Programmi\Microsoft Student\Microsoft Encarta 2009 - Premium + Student DVD\EDICT.EXE

C:\Programmi\CONITECH\Bluetooth Software\BTTray.exe

C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE

C:\Programmi\Alice ti aiuta\bin\mad.exe

C:\Programmi\Alice ti aiuta\bin\mpbtn.exe

C:\Programmi\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\drwtsn32.exe

C:\WINDOWS\system32\drwtsn32.exe

C:\Programmi\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\drwtsn32.exe

C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe

C:\WINDOWS\system32\rundll32.exe

C:\Programmi\Internet Explorer\iexplore.exe

C:\Programmi\Internet Explorer\iexplore.exe

C:\Programmi\Internet Explorer\iexplore.exe

C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=66028

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66028

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66028

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66028

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66028

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: Vista HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Programmi\HP\Digital Imaging\bin\HPDTLK02.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe

O4 - HKLM\..\Run: [AliceRE_McciTrayApp] C:\PROGRA~1\ALICET~1\vendors\AliceRE\content\template\driven~1\syncer\MCCITR~1.EXE

O4 - HKLM\..\Run: [spamihilator] "C:\Programmi\Spamihilator\spamihilator.exe"

O4 - HKLM\..\Run: [Ad-Watch] C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [L09IXLRD_6652468] "C:\Programmi\Microsoft Student\Microsoft Encarta 2009 - Premium + Student DVD\EDICT.EXE" -m

O4 - Global Startup: BTTray.lnk = ?

O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Invia a Bluetooth - C:\Programmi\CONITECH\Bluetooth Software\btsendto_ie.htm

O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\CONITECH\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Barra di ricerca di Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\CONITECH\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\CONITECH\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra 'Tools' menuitem: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe

O9 - Extra button: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)

O9 - Extra 'Tools' menuitem: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab

O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/...101/CTSUEng.cab

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://veri92veronica.spaces.live.com/Phot...ad/MsnPUpld.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/...15106/CTPID.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{BB67D178-9B44-4C63-B75D-E2874A069BC0}: NameServer = 85.37.17.16 85.38.28.68

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.DLL

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\CONITECH\Bluetooth Software\bin\btwdins.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Programmi\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Programmi\File comuni\LightScribe\LSSrvc.exe

O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ServiceLayer - Nokia. - C:\Programmi\Nokia\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--

End of file - 13411 bytes

lemi con il pc le pagine scorrono da sole ed altro potete per favore controllare il mio hijackthis grazie

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

come richiesto allego il log di combo fix graComboFix 09-07-21.05 - HP_Proprietario 22/07/2009 18.36.33.2.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1534.953 [GMT 2:00]

Eseguito da: c:\documents and settings\HP_Proprietario\Documenti\CLAUDIO VARIE\ComboFix.exe

AV: avast! antivirus 4.8.1335 [VPS 090722-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

* Creato nuovo punto di ripristino

.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\HP_Proprietario\Dati applicazioni\inst.exe

c:\programmi\Adparatus\Adparatus.dll

c:\windows\Installer\166ed08.msi

c:\windows\Installer\2e64a.msi

c:\windows\Installer\4603f8.msp

c:\windows\Installer\460410.msp

c:\windows\Installer\460427.msp

c:\windows\Installer\6ed68.msi

.

((((((((((((((((((((((((( Files Creati Da 2009-06-22 al 2009-07-22 )))))))))))))))))))))))))))))))))))

.

2009-07-20 19:37 . 2009-07-20 19:37 314712 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\threatwork.exe

2009-06-27 15:36 . 2009-06-27 15:36 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache

2009-06-25 18:10 . 2009-06-25 18:10 -------- d-sh--w- c:\documents and settings\HP_Proprietario\IECompatCache

2009-06-25 17:59 . 2009-06-25 17:59 -------- d-sh--w- c:\documents and settings\HP_Proprietario\IETldCache

2009-06-25 17:57 . 2009-06-02 10:12 102912 ------w- c:\windows\system32\dllcache\iecompat.dll

2009-06-25 17:57 . 2009-06-25 17:57 -------- d-----w- c:\windows\ie8updates

2009-06-25 17:56 . 2009-04-30 21:13 12800 ------w- c:\windows\system32\dllcache\xpshims.dll

2009-06-25 17:56 . 2009-04-30 21:13 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-07-22 16:40 . 2008-07-18 20:39 -------- d-----w- c:\programmi\Adparatus

2009-07-22 09:41 . 2008-09-10 19:38 -------- d-----w- c:\programmi\eMule

2009-07-21 16:25 . 2008-09-14 11:10 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware

2009-07-21 16:24 . 2009-01-17 12:58 3775175 -c--a-w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

2009-07-21 14:24 . 2008-06-11 18:22 -------- d-----w- c:\documents and settings\HP_Proprietario\Dati applicazioni\Spamihilator

2009-07-18 13:37 . 2009-01-12 17:51 -------- d-----w- c:\programmi\Defraggler

2009-07-17 17:59 . 2008-12-27 11:08 -------- d-----w- c:\documents and settings\HP_Proprietario\Dati applicazioni\Vso

2009-07-15 09:35 . 2008-03-18 16:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help

2009-07-13 11:36 . 2008-09-14 11:10 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-07-13 11:36 . 2008-09-14 11:10 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-07-06 16:01 . 2008-09-13 11:25 -------- d-----w- c:\programmi\SUPERAntiSpyware

2009-07-06 09:45 . 2008-12-02 20:49 -------- d-----w- c:\programmi\Karaoke Star

2009-07-06 09:44 . 2009-03-28 11:49 -------- d-----w- c:\documents and settings\HP_Proprietario\Dati applicazioni\Audacity

2009-06-16 14:36 . 2008-03-09 18:35 119808 ----a-w- c:\windows\system32\t2embed.dll

2009-06-16 14:36 . 2008-03-09 18:31 81920 ----a-w- c:\windows\system32\fontsub.dll

2009-06-08 19:42 . 2009-06-08 19:42 15688 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\lsdelete.exe

2009-06-08 19:42 . 2009-01-26 20:52 15688 ----a-w- c:\windows\system32\lsdelete.exe

2009-06-08 19:41 . 2009-06-08 19:41 64160 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Drivers\32\lbd.sys

2009-06-08 19:41 . 2009-01-26 20:43 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys

2009-06-03 19:09 . 2008-03-09 18:34 1296384 ----a-w- c:\windows\system32\quartz.dll

2009-05-23 10:25 . 2009-04-01 14:23 152576 -c--a-w- c:\documents and settings\HP_Proprietario\Dati applicazioni\Sun\Java\jre1.6.0_13\lzma.dll

2009-05-13 05:02 . 2004-08-19 11:00 915456 ----a-w- c:\windows\system32\wininet.dll

2009-05-07 15:32 . 2008-03-09 18:33 347648 ----a-w- c:\windows\system32\localspl.dll

2008-03-09 18:34 . 2008-03-09 18:30 21364592 -c--a-w- c:\programmi\aaw2007.exe

2005-12-07 08:18 . 2008-03-09 19:11 32 -csha-w- c:\windows\SMINST\HPCD.SYS

.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* i valori vuoti & legittimi/default non sono visualizzati.

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

"L09IXLRD_6652468"="c:\programmi\Microsoft Student\Microsoft Encarta 2009 - Premium + Student DVD\EDICT.EXE" [2009-03-02 351000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]

"Motive SmartBridge"="c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]

"Spamihilator"="c:\programmi\Spamihilator\spamihilator.exe" [2008-12-23 1321984]

"Ad-Watch"="c:\programmi\Lavasoft\Ad-Aware\AAWTray.exe" [2009-07-20 520024]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-02-24 5537792]

"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2008-03-28 413696]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-03-09 148888]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\

BTTray.lnk - c:\programmi\CONITECH\Bluetooth Software\BTTray.exe [2007-6-27 572008]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-01-12 17:02 356352 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programmi\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=

"c:\\Programmi\\DNA\\btdna.exe"=

"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Programmi\\LimeWire\\LimeWire.exe"=

"c:\\Programmi\\iTunes\\iTunes.exe"=

"c:\\Programmi\\NetMeeting\\conf.exe"=

"c:\\Programmi\\eMule\\emule.exe"=

"c:\\Programmi\\Spamihilator\\cdcc.exe"=

"c:\\Programmi\\Spamihilator\\dccproc.exe"=

"c:\\Programmi\\Spamihilator\\spamihilator.exe"=

"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [26/01/2009 22.43.34 64160]

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [18/04/2008 16.29.20 114768]

R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\SASDIFSV.SYS [03/09/2008 14.07.14 9968]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18/04/2008 16.29.20 20560]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmi\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 23.34.37 1029456]

R2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [24/11/2008 11.52.31 8192]

R3 V0220Dev;Live! Cam Video IM;c:\windows\system32\drivers\V0220Dev.sys [09/03/2008 19.00.10 146112]

R3 V0220Vfx;V0220VFX;c:\windows\system32\drivers\V0220Vfx.sys [09/03/2008 19.00.13 6272]

S1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [03/09/2008 14.07.12 55024]

S3 getPlus® Helper;getPlus® Helper;c:\programmi\NOS\bin\getPlus_HelperSvc.exe [28/02/2009 14.32.15 33752]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [14/09/2008 13.10.34 38160]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [03/11/2008 22.07.08 138112]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [03/11/2008 22.07.11 8320]

S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [03/09/2008 14.07.16 7408]

S4 Utilità di pianificazione di LiveUpdate automatico;Utilità di pianificazione di LiveUpdate automatico; [x]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

Contenuto della cartella 'Scheduled Tasks'

2009-07-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 19:36]

2009-06-16 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-04-11 15:57]

2009-07-22 c:\windows\Tasks\Verifica e correzione automatica.job

- c:\programmi\TuneUp Utilities 2008\OneClickStarter.exe [2008-02-21 14:35]

.

.

------- Scansione supplementare -------

.

uStart Page = hxxp://www.google.it/

uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=IT_IT&c=Q305&bd=pavilion&pf=desktop

mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=IT_IT&c=Q305&bd=pavilion&pf=desktop

IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Invia a Bluetooth - c:\programmi\CONITECH\Bluetooth Software\btsendto_ie.htm

IE: Invia a periferica &Bluetooth... - c:\programmi\CONITECH\Bluetooth Software\btsendto_ie_ctx.htm

TCP: {BB67D178-9B44-4C63-B75D-E2874A069BC0} = 85.37.17.16 85.38.28.68

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-07-22 18:41

Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo

Files nascosti: 0

**************************************************************************

.

--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-1212589402-1187103232-3450700671-1008\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E9E794DB-2ADB-040C-3D71-72D44638B4AB}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

"oafoljbafegpbofkdbmomoakkfpinh"=hex:64,61,65,61,63,6d,61,63,00,90

"oablokdjkcgjkdecfhemgjpfdfaaih"=hex:6a,61,66,61,69,6d,62,64,66,6b,61,64,63,69,

6e,61,64,62,6b,67,00,fd

"nahljhpdmohomdelfkelbmdfggib"=hex:6a,61,66,61,6b,6d,64,64,70,65,6b,67,68,62,

61,61,65,6e,6e,6b,00,fd

.

--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(744)

c:\programmi\SUPERAntiSpyware\SASWINLO.DLL

c:\windows\system32\WININET.dll

.

Ora fine scansione: 2009-07-22 18.43.02

ComboFix-quarantined-files.txt 2009-07-22 16:42

ComboFix2.txt 2008-09-14 10:59

Pre-Run: 200.540.708.864 byte disponibili

Post-Run: 200.618.917.888 byte disponibili

174 --- E O F --- 2009-07-15 09:35

zie aspetto vostre istruzioni

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

prima di tutto grazie ,come posso mando il report della scanzione con skarpesky quello che volevo dire a riguardo delle pagine che scorrono velocemente ,e' che non so se e' un problema del mouse che come sfioro la rotella dello stesso le pagine mi scorrono via ,questo sia sulle pagine web o anche per guardare foto,un altra cosa che mi e' capitata nello stesso periodo di tempoe' che quando apro pagine di siti internet me li apre sempre in formato ridotto al centro della scrivania cosi' anche con la pagina di google di internet explorer pagina ristretta al centro ,ho mandato appunto i report dei vari controlli che ho fatto sotto suggerimento di uu vostro esperto di wininizio per il momento grazie al piu' presto mando l'ultimo report che mi hai chiesto grazie

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti
riguardo delle pagine che scorrono velocemente ,e' che non so se e' un problema del mouse che come sfioro la rotella dello stesso le pagine mi scorrono via ,questo sia sulle pagine web o anche per guardare foto

controlla le impostazioni del mouse

Start > Pannello di Controllo > Mouse

http://www.stilegames.com/2009/05/06/reimp...stro-mouse.html

quando apro pagine di siti internet me li apre sempre in formato ridotto al centro della scrivania

hai provato a selezionare il pulsante centrale in alto a destra della pagina?

pulsante.jpg

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Elimina questi file:

C:\Programmi\eMule\Incoming\( 2008 ) ti lascio una canzone .rar

C:\Programmi\eMule\Incoming\(2009 Portable) ti lascio una canzone .zip

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

vi ringrazio come sempre disponibili e gentili ciao

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Crea un account o accedi per lasciare un commento

Devi essere un utente registrato per partecipare

Crea un account

Iscriviti per un nuovo account nella nostra community. È facile!


Registra un nuovo account

Accedi

Sei già registrato? Accedi qui.


Accedi Ora