Cheza89
12-06-2006, 16:43
Salve a tutti!
Purtroppo questa mattina quando ho acceso il computer mi è arrivato un messaggio allarmante dal mio antivirus‚ avast‚ che mi ha avvertita dell'invasione di questo strano virus (WIN32:ADWARE–GEN·?[adw])·
Le conseguenze sono state immediate infatti questo maledetto virus deve aver scombinato qualcosa all'interno tanto che ora non posso più nemmeno andare in internet (compare la pagina “impossibile trovare il server") e così via per qualunque cosa (non si aggiorna nemmeno avast perchè dice che non riesce a connettersi a nessun server)·?Lì per lì ho pensato subito a un problema di connessione ma invece ho scoperto che nel computer (un mac dal quale sto scrivendo ora) di mia madre va tutto benissimo·
Aiutatemi‚ vi prego‚ non so come fare!
Ho fatto fare la scansione di ogni singola parte del computer da parte di avast: inizialmente mi ha trovato una valanga di virus che ho cancellato immediatamente poi non ha più rilevato nulla ma il problema non è risolto‚ anzi‚ persiste!
Ho letto su vari forum che per aiutarmi era necessario una cosa di cui non avevo mai sentito parlare‚ il logfile di HijackThis‚ ma che ho fatto nella speranza di risolvere questo disastro·
Eccol0:
Logfile of HijackThis v1.99.1
Scan saved at 16.04.08‚ on 12/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Programmi\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\PROGRA~1\HPQ\ONE–TO~1\OneTouch.EXE
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\QuickTime\qttask.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Programmi\MessengerPlus! 3\MsgPlus.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\HbTools\Bin\4.7.7.0\HbtOEAddOn.exe
C:\WINDOWS\system32\ctfmon.exe
D:\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main‚Start Page = http://www.google.it/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main‚Default_Page_URL = http://desktop.presario.net/scripts/red … 410&ac
R1 – HKLM\Software\Microsoft\Internet Explorer\Main‚Search Bar = http://search.presario.net/scripts/redi … mp;ap=b204
R0 – HKLM\Software\Microsoft\Internet Explorer\Main‚Start Page = http://desktop.presario.net/scripts/red … 410&ac
R0 – HKLM\Software\Microsoft\Internet Explorer\Search‚SearchAssistant = http://resultsmaster.com/SmartOffers/Se … ftPane.htm
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar‚LinksFolderName = Collegamenti
R3 – URLSearchHook: (no name) – {00A6FAF6–072E–44cf–8957–5838F569A31D} – C:\Programmi\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 – BHO: My Search BHO – {014DA6C1–189F–421a–88CD–07CFE51CFF10} – C:\Programmi\MySearch\bar\1.bin\S4BAR.DLL
O2 – BHO: Yahoo! Companion BHO – {02478D38–C3F9–4efb–9B51–7695ECA05670} – C:\Programmi\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O2 – BHO: MySearch Search Assistant BHO – {04079851–5845–4dea–848C–3ECD647AA554} – C:\Programmi\MySearch\SrchAstt\1.bin\MYSRCHAS.DLL
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 – BHO: mwsBar BHO – {07B18EA1–A523–4961–B6BB–170DE4475CCA} – C:\Programmi\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 – BHO: ST – {9394EDE7–C8B5–483E–8773–474BF36AF6E4} – C:\Programmi\MSN Apps\ST\01.03.0000.1005\en–xu\stmain.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\programmi\google\googletoolbar1.dll
O2 – BHO: MSNToolBandBHO – {BDBD1DAD–C946–4A17–ADC1–64B5B4FF55D0} – C:\Programmi\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O3 – Toolbar: MSN – {BDAD1DAD–C946–4A17–ADC1–64B5B4FF55D0} – C:\Programmi\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O3 – Toolbar: Yahoo! Companion – {EF99BD32–C1FB–11D2–892F–0090271D4F88} – C:\Programmi\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\programmi\google\googletoolbar1.dll
O3 – Toolbar: My Search Bar – {014DA6C9–189F–421a–88CD–07CFE51CFF10} – C:\Programmi\MySearch\bar\1.bin\S4BAR.DLL
O4 – HKLM\..\Run: [CARPService] carpserv.exe
O4 – HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe –d
O4 – HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 – HKLM\..\Run: [Display Settings] C:\Programmi\HPQ\Notebook Utilities\hptasks.exe /s
O4 – HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HPQ\ONE–TO~1\OneTouch.EXE
O4 – HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 – HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 – HKLM\..\Run: [Cpqset] C:\Programmi\HPQ\Default Settings\cpqset.exe
O4 – HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 – HKLM\..\Run: [iTunesHelper] “C:\Programmi\iTunes\iTunesHelper.exe"
O4 – HKLM\..\Run: [QuickTime Task] “C:\Programmi\QuickTime\qttask.exe” –atboottime
O4 – HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [MessengerPlus3] “C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [WeatherOnTray] C:\Programmi\HbTools\Bin\4.7.7.0\HbtWeatherOnTray.exe
O4 – HKLM\..\Run: [HbTools] C:\Programmi\HbTools\Bin\4.7.7.0\HbtOEAddOn.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe –quiet
O4 – Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 – Global Startup: MyWebSearch Email Plugin.lnk = C:\Programmi\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 – Extra context menu item: &Google Search – res://c:\programmi\google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: &Search – http://bar.mywebsearch.com/menusearch.h … zeb01264IT
O8 – Extra context menu item: &Translate English Word – res://c:\programmi\google\GoogleToolbar1.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://c:\programmi\google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\programmi\google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Similar Pages – res://c:\programmi\google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://c:\programmi\google\GoogleToolbar1.dll/cmtrans.html
O9 – Extra button: Yahoo! Messenger – {E5D12C4E–7B4F–11D3–B5C9–0050045C3C96} – C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O9 – Extra 'Tools' menuitem: Yahoo! Messenger – {E5D12C4E–7B4F–11D3–B5C9–0050045C3C96} – C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Programmi\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Programmi\Messenger\msmsgs.exe
O10 – Broken Internet access because of LSP provider 'c:\programmi\newdotnet\newdotnet7_22.dll' missing
O16 – DPF: {00B71CFB–6864–4346–A978–C0A14556272C} (Checkers Class) – http://messenger.zone.msn.com/binary/ms … b31267.cab
O16 – DPF: {14B87622–7E19–4EA8–93B3–97215F77A6BC} (MessengerStatsClient Class) – http://messenger.zone.msn.com/binary/Me … b31267.cab
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {1D4DB7D2–6EC9–47A3–BD87–1E41684E07BB} – http://ak.imgfarm.com/images/nocache/fu … 8211;2.cab
O16 – DPF: {1EDF25DE–DFB2–40CA–AA83–30AE7DA8C203} (FileSharingCtrl Class) – http://appdirectory.messenger.msn.com/A … ngctrl.cab
O16 – DPF: {205FF73B–CA67–11D5–99DD–444553540006} (CInstall Class) – http://www.errorguard.com/installation/Install.cab
O16 – DPF: {2917297F–F02B–4B9D–81DF–494B6333150B} (Minesweeper Flags Class) – http://messenger.zone.msn.com/binary/Mi … b31267.cab
O16 – DPF: {4F1E5B1A–2A80–42CA–8532–2D05CB959537} (MSN Photo Upload Tool) – http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 – DPF: {8E0D4DE5–3180–4024–A327–4DFAD1796A8D} (MessengerStatsClient Class) – http://messenger.zone.msn.com/binary/Me … b31267.cab
O16 – DPF: {9122D757–5A4F–4768–82C5–B4171D8556A7} (PhotoPickConvert Class) – http://appdirectory.messenger.msn.com/A … tPkMSN.cab
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 – DPF: {B38870E4–7ECB–40DA–8C6A–595F0A5519FF} (MsnMessengerSetupDownloadControl Class) – http://messenger.msn.com/download/MsnMe … loader.cab
O16 – DPF: {B8BE5E93–A60C–4D26–A2DC–220313175592} (ZoneIntro Class) – http://messenger.zone.msn.com/binary/ZI … b32846.cab
O16 – DPF: {E6187999–9FEC–46A1–A20F–F4CA977D5643} (ZoneChess Object) – http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 – DPF: {F04A8AE2–A59D–11D2–8792–00C04F8EF29D} (Hotmail Attachments Control) – http://by109fd.bay109.hotmail.msn.com/a … Atchmt.ocx
O16 – DPF: {F6BF0D00–0B2A–4A75–BF7B–F385591623AF} (Solitaire Showdown Class) – http://messenger.zone.msn.com/binary/So … b31267.cab
O18 – Protocol: msnim – {828030A1–22C1–4009–854F–8E305202313F} – “C:\PROGRA~1\MSNMES~1\msgrapp.dll” (file missing)
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe” /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Programmi\Alwil Software\Avast4\ashWebSv.exe” /service (file missing)
O23 – Service: C–DillaCdaC11BA – C–Dilla Ltd – C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 – Service: HP Configuration Interface Service (HPConfig) – Hewlett–Packard – C:\WINDOWS\system32\HPConfig.exe
O23 – Service: HPWirelessMgr – Hewlett–Packard Co·?– C:\Programmi\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 – Service: iPod Service (iPodService) – Apple Computer‚ Inc·?– C:\Programmi\iPod\bin\iPodService.exe
O23 – Service: Macromedia Licensing Service – Macromedia – C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
O23 – Service: Symantec Network Drivers Service (SNDSrvc) – Symantec Corporation – C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
Spero che qualcuno di voi possa aiutarmi perchè sto letteralmente impazzendo a causa di tutto questo!!!
Vi ringrazio per l'attenzione‚
Buona giornata!
Sofia
Purtroppo questa mattina quando ho acceso il computer mi è arrivato un messaggio allarmante dal mio antivirus‚ avast‚ che mi ha avvertita dell'invasione di questo strano virus (WIN32:ADWARE–GEN·?[adw])·
Le conseguenze sono state immediate infatti questo maledetto virus deve aver scombinato qualcosa all'interno tanto che ora non posso più nemmeno andare in internet (compare la pagina “impossibile trovare il server") e così via per qualunque cosa (non si aggiorna nemmeno avast perchè dice che non riesce a connettersi a nessun server)·?Lì per lì ho pensato subito a un problema di connessione ma invece ho scoperto che nel computer (un mac dal quale sto scrivendo ora) di mia madre va tutto benissimo·
Aiutatemi‚ vi prego‚ non so come fare!
Ho fatto fare la scansione di ogni singola parte del computer da parte di avast: inizialmente mi ha trovato una valanga di virus che ho cancellato immediatamente poi non ha più rilevato nulla ma il problema non è risolto‚ anzi‚ persiste!
Ho letto su vari forum che per aiutarmi era necessario una cosa di cui non avevo mai sentito parlare‚ il logfile di HijackThis‚ ma che ho fatto nella speranza di risolvere questo disastro·
Eccol0:
Logfile of HijackThis v1.99.1
Scan saved at 16.04.08‚ on 12/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Programmi\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\PROGRA~1\HPQ\ONE–TO~1\OneTouch.EXE
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\QuickTime\qttask.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Programmi\MessengerPlus! 3\MsgPlus.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\HbTools\Bin\4.7.7.0\HbtOEAddOn.exe
C:\WINDOWS\system32\ctfmon.exe
D:\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main‚Start Page = http://www.google.it/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main‚Default_Page_URL = http://desktop.presario.net/scripts/red … 410&ac
R1 – HKLM\Software\Microsoft\Internet Explorer\Main‚Search Bar = http://search.presario.net/scripts/redi … mp;ap=b204
R0 – HKLM\Software\Microsoft\Internet Explorer\Main‚Start Page = http://desktop.presario.net/scripts/red … 410&ac
R0 – HKLM\Software\Microsoft\Internet Explorer\Search‚SearchAssistant = http://resultsmaster.com/SmartOffers/Se … ftPane.htm
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar‚LinksFolderName = Collegamenti
R3 – URLSearchHook: (no name) – {00A6FAF6–072E–44cf–8957–5838F569A31D} – C:\Programmi\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 – BHO: My Search BHO – {014DA6C1–189F–421a–88CD–07CFE51CFF10} – C:\Programmi\MySearch\bar\1.bin\S4BAR.DLL
O2 – BHO: Yahoo! Companion BHO – {02478D38–C3F9–4efb–9B51–7695ECA05670} – C:\Programmi\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O2 – BHO: MySearch Search Assistant BHO – {04079851–5845–4dea–848C–3ECD647AA554} – C:\Programmi\MySearch\SrchAstt\1.bin\MYSRCHAS.DLL
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 – BHO: mwsBar BHO – {07B18EA1–A523–4961–B6BB–170DE4475CCA} – C:\Programmi\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 – BHO: ST – {9394EDE7–C8B5–483E–8773–474BF36AF6E4} – C:\Programmi\MSN Apps\ST\01.03.0000.1005\en–xu\stmain.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\programmi\google\googletoolbar1.dll
O2 – BHO: MSNToolBandBHO – {BDBD1DAD–C946–4A17–ADC1–64B5B4FF55D0} – C:\Programmi\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O3 – Toolbar: MSN – {BDAD1DAD–C946–4A17–ADC1–64B5B4FF55D0} – C:\Programmi\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\it\msntb.dll
O3 – Toolbar: Yahoo! Companion – {EF99BD32–C1FB–11D2–892F–0090271D4F88} – C:\Programmi\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\programmi\google\googletoolbar1.dll
O3 – Toolbar: My Search Bar – {014DA6C9–189F–421a–88CD–07CFE51CFF10} – C:\Programmi\MySearch\bar\1.bin\S4BAR.DLL
O4 – HKLM\..\Run: [CARPService] carpserv.exe
O4 – HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe –d
O4 – HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 – HKLM\..\Run: [Display Settings] C:\Programmi\HPQ\Notebook Utilities\hptasks.exe /s
O4 – HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HPQ\ONE–TO~1\OneTouch.EXE
O4 – HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 – HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 – HKLM\..\Run: [Cpqset] C:\Programmi\HPQ\Default Settings\cpqset.exe
O4 – HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 – HKLM\..\Run: [iTunesHelper] “C:\Programmi\iTunes\iTunesHelper.exe"
O4 – HKLM\..\Run: [QuickTime Task] “C:\Programmi\QuickTime\qttask.exe” –atboottime
O4 – HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [MessengerPlus3] “C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [WeatherOnTray] C:\Programmi\HbTools\Bin\4.7.7.0\HbtWeatherOnTray.exe
O4 – HKLM\..\Run: [HbTools] C:\Programmi\HbTools\Bin\4.7.7.0\HbtOEAddOn.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe –quiet
O4 – Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 – Global Startup: MyWebSearch Email Plugin.lnk = C:\Programmi\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 – Extra context menu item: &Google Search – res://c:\programmi\google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: &Search – http://bar.mywebsearch.com/menusearch.h … zeb01264IT
O8 – Extra context menu item: &Translate English Word – res://c:\programmi\google\GoogleToolbar1.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://c:\programmi\google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\programmi\google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Similar Pages – res://c:\programmi\google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://c:\programmi\google\GoogleToolbar1.dll/cmtrans.html
O9 – Extra button: Yahoo! Messenger – {E5D12C4E–7B4F–11D3–B5C9–0050045C3C96} – C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O9 – Extra 'Tools' menuitem: Yahoo! Messenger – {E5D12C4E–7B4F–11D3–B5C9–0050045C3C96} – C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Programmi\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Programmi\Messenger\msmsgs.exe
O10 – Broken Internet access because of LSP provider 'c:\programmi\newdotnet\newdotnet7_22.dll' missing
O16 – DPF: {00B71CFB–6864–4346–A978–C0A14556272C} (Checkers Class) – http://messenger.zone.msn.com/binary/ms … b31267.cab
O16 – DPF: {14B87622–7E19–4EA8–93B3–97215F77A6BC} (MessengerStatsClient Class) – http://messenger.zone.msn.com/binary/Me … b31267.cab
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {1D4DB7D2–6EC9–47A3–BD87–1E41684E07BB} – http://ak.imgfarm.com/images/nocache/fu … 8211;2.cab
O16 – DPF: {1EDF25DE–DFB2–40CA–AA83–30AE7DA8C203} (FileSharingCtrl Class) – http://appdirectory.messenger.msn.com/A … ngctrl.cab
O16 – DPF: {205FF73B–CA67–11D5–99DD–444553540006} (CInstall Class) – http://www.errorguard.com/installation/Install.cab
O16 – DPF: {2917297F–F02B–4B9D–81DF–494B6333150B} (Minesweeper Flags Class) – http://messenger.zone.msn.com/binary/Mi … b31267.cab
O16 – DPF: {4F1E5B1A–2A80–42CA–8532–2D05CB959537} (MSN Photo Upload Tool) – http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 – DPF: {8E0D4DE5–3180–4024–A327–4DFAD1796A8D} (MessengerStatsClient Class) – http://messenger.zone.msn.com/binary/Me … b31267.cab
O16 – DPF: {9122D757–5A4F–4768–82C5–B4171D8556A7} (PhotoPickConvert Class) – http://appdirectory.messenger.msn.com/A … tPkMSN.cab
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 – DPF: {B38870E4–7ECB–40DA–8C6A–595F0A5519FF} (MsnMessengerSetupDownloadControl Class) – http://messenger.msn.com/download/MsnMe … loader.cab
O16 – DPF: {B8BE5E93–A60C–4D26–A2DC–220313175592} (ZoneIntro Class) – http://messenger.zone.msn.com/binary/ZI … b32846.cab
O16 – DPF: {E6187999–9FEC–46A1–A20F–F4CA977D5643} (ZoneChess Object) – http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 – DPF: {F04A8AE2–A59D–11D2–8792–00C04F8EF29D} (Hotmail Attachments Control) – http://by109fd.bay109.hotmail.msn.com/a … Atchmt.ocx
O16 – DPF: {F6BF0D00–0B2A–4A75–BF7B–F385591623AF} (Solitaire Showdown Class) – http://messenger.zone.msn.com/binary/So … b31267.cab
O18 – Protocol: msnim – {828030A1–22C1–4009–854F–8E305202313F} – “C:\PROGRA~1\MSNMES~1\msgrapp.dll” (file missing)
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe” /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Programmi\Alwil Software\Avast4\ashWebSv.exe” /service (file missing)
O23 – Service: C–DillaCdaC11BA – C–Dilla Ltd – C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 – Service: HP Configuration Interface Service (HPConfig) – Hewlett–Packard – C:\WINDOWS\system32\HPConfig.exe
O23 – Service: HPWirelessMgr – Hewlett–Packard Co·?– C:\Programmi\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 – Service: iPod Service (iPodService) – Apple Computer‚ Inc·?– C:\Programmi\iPod\bin\iPodService.exe
O23 – Service: Macromedia Licensing Service – Macromedia – C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
O23 – Service: Symantec Network Drivers Service (SNDSrvc) – Symantec Corporation – C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
Spero che qualcuno di voi possa aiutarmi perchè sto letteralmente impazzendo a causa di tutto questo!!!
Vi ringrazio per l'attenzione‚
Buona giornata!
Sofia