PDA

Visualizza la versione completa : finalizing installation malware ??


 
leapon75
10-11-2009, 00:25
Salve,

da qualche giorno, aprendo internet explorer, mi compare un testo scorrevole : "finalizing installation".....e si aprono popup indesiderati....potrebbe essere un malware ??
Facendo la scansione con ewido ha trovato qualcosam l'ho cancellato ma nel restart il problema si ripresentato...

Potete, per favore, darmi una mano ??

grazie mille per la collaborazione.

saluti.
Leandro.

report di ewido

C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\IESkins -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\Weather -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\Weather\WeatherDPA -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\Weather\WeatherDPA\Weather_XML -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\Weather\WeatherStartup.xml -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\Weather\Weather_XML -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\Weather\Weather_XML\General -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5 -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\HostOI -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\HostOI\dynamic -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\HostOL -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\HostOL\dynamic -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1 -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2 -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\bu siness_promo.htm -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\bu siness_promo.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\bu ttondir.txt -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\bu ttondir.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\cu rsors.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\cu rsors.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_buttons_1000.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_buttons_1000.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_buttons_2000.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_buttons_2000.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_buttons_3000.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_buttons_3000.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_buttons_bar.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_buttons_bar.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_buttons_bbar1.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_buttons_bbar1.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_buttons_logos.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_buttons_logos.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_buttons_other.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_buttons_other.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_weather.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_ icons_weather.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ed itblbuttons.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ed itblbuttons.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ho tbar_promo.htm -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ho tbar_promo.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ie _games_icon.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ie _games_icon.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ie _video.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ie _video.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ke ywords.idx -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ke ywords.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\la yout.cdf -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\la yout.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\li nkpathlegal.txt -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\li nkpathlegal.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\mo re.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\mo re.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\pr ogress.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\pr ogress.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\s_ icons_buttons.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\s_ icons_buttons.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\sa les_buttons.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\sa les_buttons.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\sa mplegroups2.txt -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\sa mplegroups2.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\sd fmodifier.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\sd fmodifier.xml -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\t2 _bg.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\t2 _bg.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ts d_bg.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ts d_bg.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\we athericon.res -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\we athericon.xip -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0 -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\CntntCntr.dll -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\CoreSrv.dll -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\HostIE.dll -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\HostOL.dll -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\HotbarSAAX.dll -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\HotbarSADF.exe -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\HotbarUninstalle r.exe -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\Srv.exe -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\Toolbar.dll -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\WeSkin.dll -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\Weather.exe -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\__delete_on_rebo ot__H_o_t_b_a_r_S_A_._e_x_e_ -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\__delete_on_rebo ot__h_o_t_b_a_r_s_a_h_o_o_k_._d_l_l_ -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\arrow.ico -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\copyright.txt -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\firefox -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\firefox\extensio ns -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\firefox\extensio ns\chrome.manifest -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\firefox\extensio ns\components -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\firefox\extensio ns\components\npclntax.xpt -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\firefox\extensio ns\install.rdf -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\firefox\extensio ns\plugins -> Adware.HotBar : No action taken.
C:\Programmi\Hotbar\bin\11.0.78.0\firefox\extensio ns\plugins\npclntax_HotbarSA.dll -> Adware.HotBar : No action taken.
C:\Documents and Settings\Leandro\Cookies\leandro@avgtechnologies.1 12.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Leandro\Cookies\leandro@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.

darksoullight88
10-11-2009, 00:47
ciao.
per aiutare di pi potresti leggere i post in rilievo e quindi postare i log di hijackthis.

leapon75
10-11-2009, 01:40
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0.33.25, on 10/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Programmi\Cisco Systems\VPN Client\cvpnd.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
d:\Programmi\ewido anti-spyware 4.0\guard.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\Programmi\Acer Bio Protection\BASVC.exe
C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Programmi\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe
C:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Programmi\AVG\AVG8\avgcsrvx.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\PLFSetI.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\Programmi\Apoint2K\ApMsgFwd.exe
C:\Programmi\Apoint2K\HidFind.exe
C:\Programmi\Apoint2K\Apntex.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmi\Acer Bio Protection\PdtWzd.exe
D:\Programmi\ewido anti-spyware 4.0\ewido.exe
C:\Programmi\Acer Bio Protection\PwdBank.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Mobile Partner\Mobile Partner.exe
d:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=0&o=xpp&d=0109&m=travelmate_5730
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=0&o=xpp&d=0109&m=travelmate_5730
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=0&o=xpp&d=0109&m=travelmate_5730
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Programmi\ShoppingReport\Bin\2.6.58\ShoppingRep ort.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Programmi\Hotbar\bin\11.0.78.0\HostIE.dll (file missing)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugi n.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Programmi\Hotbar\bin\11.0.78.0\HostIE.dll (file missing)
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Programmi\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Programmi\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [StartCCC] "C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\Audio\InstallShield\AzMixerSe l.exe
O4 - HKLM\..\Run: [ProductReg] C:\Programmi\Acer\WR_PopUp\ProductReg.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Programmi\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Programmi\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Programmi\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [VitaKeyPdtWzd] "C:\Programmi\Acer Bio Protection\PdtWzd.exe"
O4 - HKLM\..\Run: [!ewido] "D:\Programmi\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a Bluetooth - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programmi\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programmi\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Programmi\ShoppingReport\Bin\2.6.58\ShoppingRep ort.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Programmi\ShoppingReport\Bin\2.6.58\ShoppingRep ort.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{06B5A258-D334-4617-8020-DC0D96742761}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{10B217EA-EBDB-46D9-8172-0345623EF591}: NameServer = 156.54.17.165
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Programmi\Acer Bio Protection\WinNotify.dll
O20 - Winlogon Notify: spba - C:\Programmi\File comuni\SPBA\homefus2.dll
O23 - Service: Apache2.2 - Apache Software Foundation - C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Programmi\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programmi\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - d:\Programmi\ewido anti-spyware 4.0\guard.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: EgisTec Service (IGBASVC) - Egis Technology Inc. - C:\Programmi\Acer Bio Protection\BASVC.exe
O23 - Service: IviRegMgr - InterVideo - C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: MySQL - Unknown owner - C:\Programmi\MySQL\MySQL.exe (file missing)
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Programmi\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

darksoullight88
10-11-2009, 09:11
ciao.
il log non completo.devi copiare fino a End of file...

leapon75
10-11-2009, 10:41
Originariamente inviato da darksoullight88
ciao.
il log non completo.devi copiare fino a End of file...

purtroppo ho dovuto tagliare il file perch troppo lungo....la parte tagliata sembra irrilevante ai fini del problema per hotbar !!

comunque se necessario stasera inoltro il file completo.

Fammi sapere per favore.

grazie mille per la collaborazione.

darksoullight88
10-11-2009, 14:47
non irrilevante!!!
inoltre la scansione va fatta con tutte le applicazioni chiuse.
e se non ti entra in un post puoi sempre metterla su 2.

leapon75
10-11-2009, 21:45
Originariamente inviato da darksoullight88
non irrilevante!!!
inoltre la scansione va fatta con tutte le applicazioni chiuse.
e se non ti entra in un post puoi sempre metterla su 2.

Allora posto con due quote :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20.41.43, on 10/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Programmi\Cisco Systems\VPN Client\cvpnd.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
d:\Programmi\ewido anti-spyware 4.0\guard.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\Programmi\Acer Bio Protection\BASVC.exe
C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Programmi\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe
C:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Programmi\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\PLFSetI.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\Programmi\Apoint2K\ApMsgFwd.exe
C:\Programmi\Apoint2K\HidFind.exe
C:\Programmi\Apoint2K\Apntex.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmi\Acer Bio Protection\PdtWzd.exe
C:\Programmi\Acer Bio Protection\PwdBank.exe
D:\Programmi\ewido anti-spyware 4.0\ewido.exe
C:\Programmi\Mobile Partner\Mobile Partner.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Programmi\Trend Micro\HijackThis\HijackThis.exe

leapon75
10-11-2009, 21:46
[QUOTE]Originariamente inviato da leapon75
Allora posto con due quote :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=0&o=xpp&d=0109&m=travelmate_5730
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=0&o=xpp&d=0109&m=travelmate_5730
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=0&o=xpp&d=0109&m=travelmate_5730
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Programmi\ShoppingReport\Bin\2.6.58\ShoppingRep ort.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Programmi\Hotbar\bin\11.0.78.0\HostIE.dll (file missing)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugi n.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Programmi\Hotbar\bin\11.0.78.0\HostIE.dll (file missing)
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Programmi\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Programmi\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [StartCCC] "C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\Audio\InstallShield\AzMixerSe l.exe
O4 - HKLM\..\Run: [ProductReg] C:\Programmi\Acer\WR_PopUp\ProductReg.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Programmi\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Programmi\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Programmi\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [VitaKeyPdtWzd] "C:\Programmi\Acer Bio Protection\PdtWzd.exe"
O4 - HKLM\..\Run: [!ewido] "D:\Programmi\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a Bluetooth - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programmi\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programmi\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Programmi\ShoppingReport\Bin\2.6.58\ShoppingRep ort.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Programmi\ShoppingReport\Bin\2.6.58\ShoppingRep ort.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{06B5A258-D334-4617-8020-DC0D96742761}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{10B217EA-EBDB-46D9-8172-0345623EF591}: NameServer = 156.54.17.165
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Programmi\Acer Bio Protection\WinNotify.dll
O20 - Winlogon Notify: spba - C:\Programmi\File comuni\SPBA\homefus2.dll
O23 - Service: Apache2.2 - Apache Software Foundation - C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Programmi\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programmi\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - d:\Programmi\ewido anti-spyware 4.0\guard.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: EgisTec Service (IGBASVC) - Egis Technology Inc. - C:\Programmi\Acer Bio Protection\BASVC.exe
O23 - Service: IviRegMgr - InterVideo - C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: MySQL - Unknown owner - C:\Programmi\MySQL\MySQL.exe (file missing)
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Programmi\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Programmi\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Programmi\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: ONDA Autorun CDROM Monitor - Unknown owner - C:\WINDOWS\system32\SupportAppXL\onda_mon.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

--
End of file - 13640 bytes

darksoullight88
10-11-2009, 22:58
ciao
fixa queste voci


R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Programmi\Hotbar\bin\11.0.78.0\HostIE.dll (file missing)
O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Programmi\Hotbar\bin\11.0.78.0\HostIE.dll (file missing)
O4 - HKLM\..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O23 - Service: MySQL - Unknown owner - C:\Programmi\MySQL\MySQL.exe (file missing)
O23 - Service: ONDA Autorun CDROM Monitor - Unknown owner - C:\WINDOWS\system32\SupportAppXL\onda_mon.exe (file missing)

al termine disistalla ewido .
fai una pulizia del pc con ccleaner (http://www.filehippo.com/download_ccleaner/).
elimina anche tutti i cookie e i vecchi file di registro sempre con ccleaner.
poi scarica ed istalla malwarebytes anti malware (http://www.malwarebytes.org/mbam.php) , scarica gli aggiornamenti ed fai una scansione.
scarica ed istalla spybot (http://download.html.it/software/vedi/1477/spybot-search-and-destroy/) aggiornalo e fai una scansione.
facci sapere poi come procede.

leapon75
11-11-2009, 01:06
ho seguito le tue indicazioni e sia malwarebytes che spybot non trovano problemi
solo che nel registro, facendo una ricerca per hotbar, ancora vengono trovate voci :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0.00.59, on 11/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Programmi\Cisco Systems\VPN Client\cvpnd.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Programmi\Acer Bio Protection\BASVC.exe
C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Programmi\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe
C:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Programmi\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Programmi\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\Programmi\Apoint2K\ApMsgFwd.exe
C:\Programmi\Apoint2K\HidFind.exe
C:\Programmi\Apoint2K\Apntex.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmi\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Programmi\Acer Bio Protection\PdtWzd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Acer Bio Protection\PwdBank.exe
D:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=0&o=xpp&d=0109&m=travelmate_5730
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=0&o=xpp&d=0109&m=travelmate_5730
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=0&o=xpp&d=0109&m=travelmate_5730
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugi n.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Programmi\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Programmi\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [StartCCC] "C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\Audio\InstallShield\AzMixerSe l.exe
O4 - HKLM\..\Run: [ProductReg] C:\Programmi\Acer\WR_PopUp\ProductReg.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Programmi\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Programmi\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Programmi\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [VitaKeyPdtWzd] "C:\Programmi\Acer Bio Protection\PdtWzd.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "d:\Programmi\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a Bluetooth - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programmi\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programmi\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{06B5A258-D334-4617-8020-DC0D96742761}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{10B217EA-EBDB-46D9-8172-0345623EF591}: NameServer = 156.54.17.165
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Programmi\Acer Bio Protection\WinNotify.dll
O20 - Winlogon Notify: spba - C:\Programmi\File comuni\SPBA\homefus2.dll
O23 - Service: Apache2.2 - Apache Software Foundation - C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Programmi\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programmi\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: EgisTec Service (IGBASVC) - Egis Technology Inc. - C:\Programmi\Acer Bio Protection\BASVC.exe
O23 - Service: IviRegMgr - InterVideo - C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Programmi\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Programmi\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Programmi\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

--
End of file - 12169 bytes

Loading