Hardware Upgrade Forum - View Single Post - aprendo internet explorer si blocca..le ho provate tutte

supermarco81 · 07-09-2007, 10:37

grazie intanto ho fatto tutto (fix + virit) trovando un trojan cancellato e un BHO mysearch, ma oggi non si apre nemmeno più Internet. Si blocca quando faccio doppio clic sull'icona.

awf

Find AWF report by noahdfear ©2006
Version 1.40

bak folders found
~~~~~~~~~~~

Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\PROGRA~1\ITUNES\BAK

01/06/2007 16.51 257.088 iTunesHelper.exe
1 File 257.088 byte
2 Directory 46.227.779.584 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\PROGRA~1\QUICKT~1\BAK

27/04/2007 09.41 282.624 qttask.exe
1 File 282.624 byte
2 Directory 46.227.779.584 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\VIRUSF~1\BIN\BAK

25/05/2005 14.11 135.168 ZLH.EXE
1 File 135.168 byte
2 Directory 46.227.775.488 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\WINDOWS\SYSTEM32\BAK

0 File 0 byte
2 Directory 46.227.775.488 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\PROGRA~1\AHEAD\INCD\BAK

06/04/2004 19.36 1.298.542 InCD.exe
1 File 1.298.542 byte
2 Directory 46.227.775.488 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\PROGRA~1\ALWILS~1\AVAST4\BAK

0 File 0 byte
2 Directory 46.227.775.488 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\PROGRA~1\ATITEC~1\ATICON~1\BAK

25/08/2004 12.52 339.968 atiptaxx.exe
1 File 339.968 byte
2 Directory 46.227.775.488 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\PROGRA~1\CYBERL~1\POWERDVD\BAK

08/12/2003 18.35 32.768 PDVDServ.exe
1 File 32.768 byte
2 Directory 46.227.775.488 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\PROGRA~1\GOOGLE\GOOGLE~1\BAK

27/07/2007 22.02 68.856 GoogleToolbarNotifier.exe
1 File 68.856 byte
2 Directory 46.227.775.488 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\PROGRA~1\GRISOFT\AVGFRE~1\BAK

16/02/2007 10.58 411.648 avgcc.exe
1 File 411.648 byte
2 Directory 46.227.775.488 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\PROGRA~1\NOKIA\NOKIAP~1\BAK

23/03/2004 13.20 147.968 TRAYAP~1.EXE
1 File 147.968 byte
2 Directory 46.227.775.488 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\PROGRA~1\SITEAD~1\6066\BAK

03/02/2007 20.25 36.904 SiteAdv.exe
1 File 36.904 byte
2 Directory 46.227.771.392 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\PROGRA~1\FILECO~1\PCSUITE\DATALA~1\BAK

06/05/2004 16.47 1.159.168 DATALA~1.EXE
1 File 1.159.168 byte
2 Directory 46.227.771.392 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\PROGRA~1\FILECO~1\REAL\UPDATE~1\BAK

05/02/2006 13.30 180.269 realsched.exe
1 File 180.269 byte
2 Directory 46.227.771.392 byte disponibili
Il volume nell'unit… C non ha etichetta.
Numero di serie del volume: 5CCC-F0A7

Directory di C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\BAK

04/03/2004 05.00 98.304 E_FATI9BE.EXE
1 File 98.304 byte
2 Directory 46.227.771.392 byte disponibili

Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

24080 5 Sep 2007 "C:\Programmi\iTunes\iTunesHelper.exe"
257088 1 Jun 2007 "C:\Programmi\iTunes\bak\iTunesHelper.exe"
102400 24 Jun 2007 "C:\WINDOWS\Installer\{553E56C3-7AA1-45FE-A2FC-2C43DC27F765}\iTunesIco.exe"
116288 1 Jun 2007 "C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\iTunes 7.2.0.35\iTunesSetupAdmin.exe"
24080 5 Sep 2007 "C:\Programmi\QuickTime\qttask.exe"
282624 27 Apr 2007 "C:\Programmi\QuickTime\bak\qttask.exe"
24080 5 Sep 2007 "C:\VIRUSfighter\Bin\ZLH.EXE"
135168 25 May 2005 "C:\VIRUSfighter\Bin\bak\ZLH.EXE"
24080 5 Sep 2007 "C:\Programmi\Ahead\InCD\InCD.exe"
1298542 6 Apr 2004 "C:\Programmi\Ahead\InCD\bak\InCD.exe"
24080 5 Sep 2007 "C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe"
339968 25 Aug 2004 "C:\Programmi\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe"
24080 5 Sep 2007 "C:\Programmi\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
32768 8 Dec 2003 "C:\Programmi\CyberLink DVD Solution\PowerDVD\bak\PDVDServ.exe"
52272 16 Feb 2007 "C:\Programmi\Google\googletoolbar2user.exe"
24080 5 Sep 2007 "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
69632 29 Mar 2007 "C:\Programmi\Google\Google Earth\googleearth.exe"
892496 14 Feb 2007 "C:\Documents and Settings\utente\Desktop\Marco\GoogleToolbarInstaller.exe"
608936 5 Feb 2006 "C:\Programmi\File comuni\Real\GToolbar\GoogleToolbarInstaller.exe"
138168 16 Feb 2007 "C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe"
68856 27 Jul 2007 "C:\Programmi\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
416256 6 Sep 2007 "C:\Programmi\Grisoft\AVG Free\avgcc.exe"
416256 6 Sep 2007 "C:\Documents and Settings\Guest\Desktop\AVG7\avgcc.exe"
411648 16 Feb 2007 "C:\Programmi\Grisoft\AVG Free\bak\avgcc.exe"
24080 5 Sep 2007 "C:\Documents and Settings\All Users\Dati applicazioni\Grisoft\Avg7Data\avg7upd\backup\avgcc.exe"
24080 5 Sep 2007 "C:\Programmi\Nokia\Nokia PC Suite 6\TrayApplication.exe"
147968 23 Mar 2004 "C:\Programmi\Nokia\Nokia PC Suite 6\bak\TRAYAP~1.EXE"
24080 5 Sep 2007 "C:\Programmi\SiteAdvisor\6066\SiteAdv.exe"
36904 3 Feb 2007 "C:\Programmi\SiteAdvisor\6066\bak\SiteAdv.exe"
24080 5 Sep 2007 "C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe"
1159168 6 May 2004 "C:\Programmi\File comuni\PCSuite\DataLayer\bak\DATALA~1.EXE"
24080 5 Sep 2007 "C:\Programmi\File comuni\Real\Update_OB\realsched.exe"
180269 5 Feb 2006 "C:\Programmi\File comuni\Real\Update_OB\bak\realsched.exe"
24080 5 Sep 2007 "C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATI9BE.EXE"
98304 4 Mar 2004 "C:\WINDOWS\system32\spool\drivers\w32x86\epsonstylus_cx360043de\E_FATI9BE.EXE"
98304 4 Mar 2004 "C:\WINDOWS\system32\spool\drivers\w32x86\3\bak\E_FATI9BE.EXE"

end of report

HIJACK:

Logfile of HijackThis v1.99.1
Scan saved at 10.29.56, on 07/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\Programmi\SiteAdvisor\6066\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\VEXPLITE\viritsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\VEXPLITE\MONLITE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\SiteAdvisor\6066\SiteAdv.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\utente\Desktop\antivirus\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.it
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.it
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Programmi\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Programmi\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programmi\SiteAdvisor\6066\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programmi\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O5 "LPT1:" /M "Stylus CX3600"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series (Copia 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P36 "EPSON Stylus CX3600 Series (Copia 1)" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [Norman ZANDA] C:\VIRUSfighter\Bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [SiteAdvisor] C:\Programmi\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Programmi\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Programmi\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1098952079015
O17 - HKLM\System\CCS\Services\Tcpip\..\{FABBC955-A858-4F44-B7B3-2F1931880BCA}: NameServer = 212.216.112.112,212.216.172.62
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Programmi\SiteAdvisor\6066\SiteAdv.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programmi\Ahead\InCD\InCDsrv.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Programmi\SiteAdvisor\6066\SAService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\CµB2©à%PUAU Zï€%gÀ§ÁU•w€µ`ª‚ª µ?…W˜¢=YBˆ„–¼*ºðŸ£6…4Ïû_¶eÔƒuwìà*É~\ów¯Gú{kNÇÚ¸y ’ÚüŒNF:"D‹×§[j!Sc*14wP§¶P³H‘éGUÄ˜m§"

07-09-2007, 10:37	#12
supermarco81 Junior Member Iscritto dal: Aug 2006 Messaggi: 28	grazie intanto ho fatto tutto (fix + virit) trovando un trojan cancellato e un BHO mysearch, ma oggi non si apre nemmeno più Internet. Si blocca quando faccio doppio clic sull'icona. awf Find AWF report by noahdfear ©2006 Version 1.40 bak folders found ~~~~~~~~~~~ Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\PROGRA~1\ITUNES\BAK 01/06/2007 16.51 257.088 iTunesHelper.exe 1 File 257.088 byte 2 Directory 46.227.779.584 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\PROGRA~1\QUICKT~1\BAK 27/04/2007 09.41 282.624 qttask.exe 1 File 282.624 byte 2 Directory 46.227.779.584 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\VIRUSF~1\BIN\BAK 25/05/2005 14.11 135.168 ZLH.EXE 1 File 135.168 byte 2 Directory 46.227.775.488 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\WINDOWS\SYSTEM32\BAK 0 File 0 byte 2 Directory 46.227.775.488 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\PROGRA~1\AHEAD\INCD\BAK 06/04/2004 19.36 1.298.542 InCD.exe 1 File 1.298.542 byte 2 Directory 46.227.775.488 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\PROGRA~1\ALWILS~1\AVAST4\BAK 0 File 0 byte 2 Directory 46.227.775.488 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\PROGRA~1\ATITEC~1\ATICON~1\BAK 25/08/2004 12.52 339.968 atiptaxx.exe 1 File 339.968 byte 2 Directory 46.227.775.488 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\PROGRA~1\CYBERL~1\POWERDVD\BAK 08/12/2003 18.35 32.768 PDVDServ.exe 1 File 32.768 byte 2 Directory 46.227.775.488 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\PROGRA~1\GOOGLE\GOOGLE~1\BAK 27/07/2007 22.02 68.856 GoogleToolbarNotifier.exe 1 File 68.856 byte 2 Directory 46.227.775.488 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\PROGRA~1\GRISOFT\AVGFRE~1\BAK 16/02/2007 10.58 411.648 avgcc.exe 1 File 411.648 byte 2 Directory 46.227.775.488 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\PROGRA~1\NOKIA\NOKIAP~1\BAK 23/03/2004 13.20 147.968 TRAYAP~1.EXE 1 File 147.968 byte 2 Directory 46.227.775.488 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\PROGRA~1\SITEAD~1\6066\BAK 03/02/2007 20.25 36.904 SiteAdv.exe 1 File 36.904 byte 2 Directory 46.227.771.392 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\PROGRA~1\FILECO~1\PCSUITE\DATALA~1\BAK 06/05/2004 16.47 1.159.168 DATALA~1.EXE 1 File 1.159.168 byte 2 Directory 46.227.771.392 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\PROGRA~1\FILECO~1\REAL\UPDATE~1\BAK 05/02/2006 13.30 180.269 realsched.exe 1 File 180.269 byte 2 Directory 46.227.771.392 byte disponibili Il volume nell'unit… C non ha etichetta. Numero di serie del volume: 5CCC-F0A7 Directory di C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\BAK 04/03/2004 05.00 98.304 E_FATI9BE.EXE 1 File 98.304 byte 2 Directory 46.227.771.392 byte disponibili Duplicate files of bak directory contents ~~~~~~~~~~~~~~~~~~~~~~~ 24080 5 Sep 2007 "C:\Programmi\iTunes\iTunesHelper.exe" 257088 1 Jun 2007 "C:\Programmi\iTunes\bak\iTunesHelper.exe" 102400 24 Jun 2007 "C:\WINDOWS\Installer\{553E56C3-7AA1-45FE-A2FC-2C43DC27F765}\iTunesIco.exe" 116288 1 Jun 2007 "C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\iTunes 7.2.0.35\iTunesSetupAdmin.exe" 24080 5 Sep 2007 "C:\Programmi\QuickTime\qttask.exe" 282624 27 Apr 2007 "C:\Programmi\QuickTime\bak\qttask.exe" 24080 5 Sep 2007 "C:\VIRUSfighter\Bin\ZLH.EXE" 135168 25 May 2005 "C:\VIRUSfighter\Bin\bak\ZLH.EXE" 24080 5 Sep 2007 "C:\Programmi\Ahead\InCD\InCD.exe" 1298542 6 Apr 2004 "C:\Programmi\Ahead\InCD\bak\InCD.exe" 24080 5 Sep 2007 "C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" 339968 25 Aug 2004 "C:\Programmi\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe" 24080 5 Sep 2007 "C:\Programmi\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" 32768 8 Dec 2003 "C:\Programmi\CyberLink DVD Solution\PowerDVD\bak\PDVDServ.exe" 52272 16 Feb 2007 "C:\Programmi\Google\googletoolbar2user.exe" 24080 5 Sep 2007 "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" 69632 29 Mar 2007 "C:\Programmi\Google\Google Earth\googleearth.exe" 892496 14 Feb 2007 "C:\Documents and Settings\utente\Desktop\Marco\GoogleToolbarInstaller.exe" 608936 5 Feb 2006 "C:\Programmi\File comuni\Real\GToolbar\GoogleToolbarInstaller.exe" 138168 16 Feb 2007 "C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe" 68856 27 Jul 2007 "C:\Programmi\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe" 416256 6 Sep 2007 "C:\Programmi\Grisoft\AVG Free\avgcc.exe" 416256 6 Sep 2007 "C:\Documents and Settings\Guest\Desktop\AVG7\avgcc.exe" 411648 16 Feb 2007 "C:\Programmi\Grisoft\AVG Free\bak\avgcc.exe" 24080 5 Sep 2007 "C:\Documents and Settings\All Users\Dati applicazioni\Grisoft\Avg7Data\avg7upd\backup\avgcc.exe" 24080 5 Sep 2007 "C:\Programmi\Nokia\Nokia PC Suite 6\TrayApplication.exe" 147968 23 Mar 2004 "C:\Programmi\Nokia\Nokia PC Suite 6\bak\TRAYAP~1.EXE" 24080 5 Sep 2007 "C:\Programmi\SiteAdvisor\6066\SiteAdv.exe" 36904 3 Feb 2007 "C:\Programmi\SiteAdvisor\6066\bak\SiteAdv.exe" 24080 5 Sep 2007 "C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe" 1159168 6 May 2004 "C:\Programmi\File comuni\PCSuite\DataLayer\bak\DATALA~1.EXE" 24080 5 Sep 2007 "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" 180269 5 Feb 2006 "C:\Programmi\File comuni\Real\Update_OB\bak\realsched.exe" 24080 5 Sep 2007 "C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATI9BE.EXE" 98304 4 Mar 2004 "C:\WINDOWS\system32\spool\drivers\w32x86\epsonstylus_cx360043de\E_FATI9BE.EXE" 98304 4 Mar 2004 "C:\WINDOWS\system32\spool\drivers\w32x86\3\bak\E_FATI9BE.EXE" end of report HIJACK: Logfile of HijackThis v1.99.1 Scan saved at 10.29.56, on 07/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe C:\Programmi\SiteAdvisor\6066\SAService.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe C:\VEXPLITE\viritsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\AGRSMMSG.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe C:\VEXPLITE\MONLITE.EXE C:\WINDOWS\system32\wuauclt.exe C:\Programmi\Nikon\PictureProject\NkbMonitor.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\SiteAdvisor\6066\SiteAdv.exe C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Documents and Settings\utente\Desktop\antivirus\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.it R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.it R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Programmi\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Programmi\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programmi\SiteAdvisor\6066\SiteAdv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programmi\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O5 "LPT1:" /M "Stylus CX3600" O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series (Copia 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P36 "EPSON Stylus CX3600 Series (Copia 1)" /O6 "USB001" /M "Stylus CX3600" O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE O4 - HKLM\..\Run: [Norman ZANDA] C:\VIRUSfighter\Bin\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\Run: [SiteAdvisor] C:\Programmi\SiteAdvisor\6066\SiteAdv.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Programmi\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [InCD] C:\Programmi\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programmi\Nikon\PictureProject\NkbMonitor.exe O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1098952079015 O17 - HKLM\System\CCS\Services\Tcpip\..\{FABBC955-A858-4F44-B7B3-2F1931880BCA}: NameServer = 212.216.112.112,212.216.172.62 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Programmi\SiteAdvisor\6066\SiteAdv.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programmi\Ahead\InCD\InCDsrv.exe O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Programmi\SiteAdvisor\6066\SAService.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\CµB2©à%PUAU Zï€%gÀ§ÁU•w€µ`ª‚ª µ?…W˜¢=YBˆ„–¼ºðŸ£6…4Ïû_¶eÔƒuwìàÉ~\ów¯Gú{kNÇÚ¸y ’ÚüŒNF:"D‹×§[j!Sc*14wP§¶P³H‘éGUÄ˜m§"