log

[handlepass]

Questo è il mio log cosa dovrei fixare secondo voi esperti? Grazie
Logfile of HijackThis v1.98.2
Scan saved at 9.18.56, on 24/11/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\SYSTEM32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Programmi\File comuni\EPSON\EBAPI\eEBSVC.exe
D:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
D:\Programmi\Alwil Software\Avast4\ashserv.exe
D:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
D:\WINDOWS\System32\inetsrv\inetinfo.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\Thomson\SpeedTouch USB\Dragdiag.exe
D:\Programmi\QuickTime\qttask.exe
D:\Programmi\Alwil Software\Avast4\ashDisp.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC 2.EXE
D:\Programmi\Messenger Plus! 3\MsgPlus.exe
D:\WINDOWS\System32\ctfmon.exe
d:\progra~1\intern~1\iexplore.exe
D:\Programmi\Internet Explorer\iexplore.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Documents and Settings\Antonella Maselli\Desktop\Nuova cartella\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://msibgqopvg.com//sKSJjVmOoAiOA...CeVc37QDEY.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "D:\Programmi\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] D:\Programmi\Alwil Software\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3200] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC 2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Programmi\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Shareaza] "D:\Programmi\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [loudinternet] D:\DOCUME~2\ANTONE~1\DATIAP~1\BLUEVC~1\Birdlocksmi x.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Programmi\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - Global Startup: Microsoft Office.lnk = D:\Programmi\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://D:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Collegamenti a ritroso - res://D:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pagine simili - res://D:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Versione cache della pagina - res://D:\Programmi\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\MSMSGS.EXE
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (AxisCamControl) - http://caldarulocam.webstudioitalia....CamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

[amvinfe]

Disinstalla Messenger Plus! 3, in quanto lo stesso installa spyware.
Poi dalla provvisoria elimina:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://msibgqopvg.com// sKSJjVmOoAi...HCeVc37QDEY.htm
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Programmi\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [loudinternet] D:\DOCUME~2\ANTONE~1\DATIAP~1\BLUEVC~1\Birdlocksmi x.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Programmi\Messenger Plus! 3\MsgPlus.exe" /WinStart

elimina

D:\Programmi\Messenger Plus! 3 \MsgPlus.exe" <=== la cartella.

Riavvia e posta un nuovo log

[handlepass]

Ecco il nuovo log
Logfile of HijackThis v1.98.2
Scan saved at 14.11.07, on 24/11/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\SYSTEM32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Programmi\File comuni\EPSON\EBAPI\eEBSVC.exe
D:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
D:\Programmi\Alwil Software\Avast4\ashserv.exe
D:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
D:\WINDOWS\System32\inetsrv\inetinfo.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\Thomson\SpeedTouch USB\Dragdiag.exe
D:\Programmi\QuickTime\qttask.exe
D:\Programmi\Alwil Software\Avast4\ashDisp.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC 2.EXE
D:\WINDOWS\System32\ctfmon.exe
D:\Documents and Settings\Antonella Maselli\Desktop\Nuova cartella\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "D:\Programmi\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] D:\Programmi\Alwil Software\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3200] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC 2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programmi\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://D:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://D:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://D:\Programmi\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Collegamenti a ritroso - res://D:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pagine simili - res://D:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Si&milar Pages - res://D:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://D:\Programmi\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Versione cache della pagina - res://D:\Programmi\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\MSMSGS.EXE (file missing)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (AxisCamControl) - http://caldarulocam.webstudioitalia....CamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

[Habanero]

la prossima volta stai attento ad non aprire un nuovo thread... ho unito le discusioni.

[amvinfe]

elimina questi valori
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\MSMSGS.EXE (file missing)