Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
Service.exe - E' toccato pure a me!!!!!
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
Bavarello
Eroe
Eroe


Registrato: 27/08/07 09:37
Messaggi: 46
Residenza: Bergamo
MessaggioInviato: 27 Ago 2007 09:50    Oggetto: Service.exe - E' toccato pure a me!!!!! Rispondi citando
Ciao a Tutti!

E' dura con questo trojan, chiedo un aiuto...per toglierlo di mezzo.

Qui di seguito c'è il log di HiJackThis. Grazie per la cortesia

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 9.31.02, on 27/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
d:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
D:\Programmi\a-squared Anti-Dialer\a2service.exe
E:\Programmi\NavNT\defwatch.exe
D:\WINDOWS\system32\cba\pds.exe
E:\Programmi\NavNT\rtvscan.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
E:\PROGRA~1\NavNT\vptray.exe
D:\Programmi\a-squared Anti-Dialer\a2adguard.exe
D:\Programmi\Conexant\AccessRunner ADSL\CnxDslTb.exe
D:\WINDOWS\system32\CTHELPER.EXE
D:\Programmi\Java\jre1.6.0_02\bin\jusched.exe
D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\WINDOWS\System32\alg.exe
D:\Programmi\Internet Explorer\iexplore.exe
E:\Prestazioni\HiJackThis_v2.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://oiswww.eumetsat.org/SDDI/cgi/listImages.pl?m=bnw,a=0,sa=9,pr=COLOUR,f=1,se=2,n=6,d=1,v=400,pp=0,t=200705020600#controls
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - E:\Programmi\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmi\google\googletoolbar2.dll
O3 - Toolbar: Manifold - {d0c8da2f-95d8-3b5a-8162-3a396fc59a78} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [vptray] E:\PROGRA~1\NavNT\vptray.exe
O4 - HKLM\..\Run: [a-squared Anti-Dialer] "D:\Programmi\a-squared Anti-Dialer\a2adguard.exe" /d=60
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] "D:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CnxDslTaskBar] D:\Programmi\Conexant\AccessRunner ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] D:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Programmi\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKLM\..\Policies\Explorer\Run: [5T19I3B27A] D:\WINDOWS\csrs.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = D:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk.disabled
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk.disabled
O8 - Extra context menu item: Download with GetRight - E:\Programmi\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - E:\Programmi\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - D:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1187963323968
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1183066814171
O17 - HKLM\System\CCS\Services\Tcpip\..\{17117DE2-32DA-4C8A-BF47-B6D5933F497D}: NameServer = 213.205.32.70 213.205.36.70
O18 - Protocol: bw+0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - D:\Programmi\a-squared Anti-Dialer\a2service.exe
O23 - Service: DefWatch - Symantec Corporation - E:\Programmi\NavNT\defwatch.exe
O23 - Service: DirectX Service (DirectQorf) - Unknown owner - D:\WINDOWS\system32\directx.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - D:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - D:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel File Transfer - Intel Corporation - D:\WINDOWS\system32\cba\xfr.exe
O23 - Service: Intel PDS - Intel Corporation - D:\WINDOWS\system32\cba\pds.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - d:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - D:\Programmi\File comuni\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - E:\Programmi\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - E:\Programmi\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe

--
End of file - 20262 bytes
Top
Profilo Invia messaggio privato
Sante62
Dio maturo
Dio maturo


Registrato: 27/06/07 17:55
Messaggi: 3477
Residenza: Floridia
MessaggioInviato: 27 Ago 2007 14:38    Oggetto: Rispondi citando
Ciao Bavarello Very Happy

esegui hijackthis
metti il segno di spunta a sinistra di queste voci:

O3 - Toolbar: Manifold - {d0c8da2f-95d8-3b5a-8162-3a396fc59a78} - mscoree.dll (file missing)
O4 - HKLM\..\Policies\Explorer\Run: [5T19I3B27A] D:\WINDOWS\csrs.exe
O23 - Service: DirectX Service (DirectQorf) - Unknown owner - D:\WINDOWS\system32\directx.exe (file missing)

clicca fix checked
Riavvia il pc, rifai il log di hijackthis e postalo



Poi, fai anche questi passaggi:
http://forum.zeusnews.com/viewtopic.php?p=194965#194965 passaggio 1 -

http://forum.zeusnews.com/viewtopic.php?p=194966#194966 passaggio 2 -
Top
Profilo Invia messaggio privato
Bavarello
Eroe
Eroe


Registrato: 27/08/07 09:37
Messaggi: 46
Residenza: Bergamo
MessaggioInviato: 27 Ago 2007 18:42    Oggetto: Rispondi citando
Ciao Sante62,

fatto il fix checked ...credo che sia rimasto ancora solo il 023....

Il ripristino di sistema è disabilitato già da prima.

Questo è il log file

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18.25.25, on 27/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\savedump.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
d:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
D:\Programmi\a-squared Anti-Dialer\a2service.exe
E:\Programmi\NavNT\defwatch.exe
D:\WINDOWS\system32\cba\pds.exe
E:\Programmi\NavNT\rtvscan.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
E:\PROGRA~1\NavNT\vptray.exe
D:\Programmi\a-squared Anti-Dialer\a2adguard.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Programmi\Conexant\AccessRunner ADSL\CnxDslTb.exe
D:\WINDOWS\system32\CTHELPER.EXE
D:\Programmi\Java\jre1.6.0_02\bin\jusched.exe
D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
D:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
D:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
E:\Prestazioni\HijackThis.exe
D:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://oiswww.eumetsat.org/SDDI/cgi/listImages.pl?m=bnw,a=0,sa=9,pr=COLOUR,f=1,se=2,n=6,d=1,v=400,pp=0,t=200705020600#controls
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - E:\Programmi\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [vptray] E:\PROGRA~1\NavNT\vptray.exe
O4 - HKLM\..\Run: [a-squared Anti-Dialer] "D:\Programmi\a-squared Anti-Dialer\a2adguard.exe" /d=60
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] "D:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CnxDslTaskBar] D:\Programmi\Conexant\AccessRunner ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] D:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Programmi\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = D:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk.disabled
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk.disabled
O8 - Extra context menu item: Download with GetRight - E:\Programmi\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - E:\Programmi\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - D:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1187963323968
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1183066814171
O17 - HKLM\System\CCS\Services\Tcpip\..\{17117DE2-32DA-4C8A-BF47-B6D5933F497D}: NameServer = 213.205.32.70 213.205.36.70
O18 - Protocol: bw+0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - D:\Programmi\a-squared Anti-Dialer\a2service.exe
O23 - Service: DefWatch - Symantec Corporation - E:\Programmi\NavNT\defwatch.exe
O23 - Service: DirectX Service (DirectQorf) - Unknown owner - D:\WINDOWS\system32\directx.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - D:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - D:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel File Transfer - Intel Corporation - D:\WINDOWS\system32\cba\xfr.exe
O23 - Service: Intel PDS - Intel Corporation - D:\WINDOWS\system32\cba\pds.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - d:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - D:\Programmi\File comuni\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - E:\Programmi\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - E:\Programmi\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe

--
End of file - 20069 bytes
Top
Profilo Invia messaggio privato
Sante62
Dio maturo
Dio maturo


Registrato: 27/06/07 17:55
Messaggi: 3477
Residenza: Floridia
MessaggioInviato: 27 Ago 2007 19:37    Oggetto: Rispondi citando
Ciao.

Scarica Avenger e mettilo in una sua cartella in C:\
http://swandog46.geekstogo.com/avenger.zip
Avvialo
Clicca su input script manually
Clicca sulla lente d'ingrandimento
Inserisci queste righe:

Files to delete:
D:\WINDOWS\system32\directx.exe
D:\WINDOWS\csrs.exe

Registry keys to delete:
HKLM\system\currentcontrolset\services\DirectQorf

Clicca su Done
Clicca sul semaforo
Il pc dovrebbe riavviarsi, se così non fosse, riavvialo tu.
Al termine dell'operazione, posta qui il risultato con un log aggiornato di hijackthis.

Fai anche gli altri passaggi che ti ho indicato.
Top
Profilo Invia messaggio privato
Bavarello
Eroe
Eroe


Registrato: 27/08/07 09:37
Messaggi: 46
Residenza: Bergamo
MessaggioInviato: 27 Ago 2007 20:53    Oggetto: Rispondi citando
Sad resiste ancora!!!!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20.44.16, on 27/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\savedump.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
d:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
D:\Programmi\a-squared Anti-Dialer\a2service.exe
E:\Programmi\NavNT\defwatch.exe
D:\WINDOWS\system32\cba\pds.exe
E:\Programmi\NavNT\rtvscan.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
E:\PROGRA~1\NavNT\vptray.exe
D:\Programmi\a-squared Anti-Dialer\a2adguard.exe
D:\Programmi\Conexant\AccessRunner ADSL\CnxDslTb.exe
D:\WINDOWS\system32\CTHELPER.EXE
D:\Programmi\Java\jre1.6.0_02\bin\jusched.exe
D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\WINDOWS\System32\alg.exe
D:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
D:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
D:\WINDOWS\system32\wuauclt.exe
E:\Prestazioni\HijackThis.exe
E:\Prestazioni\HijackThis.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://oiswww.eumetsat.org/SDDI/cgi/listImages.pl?m=bnw,a=0,sa=9,pr=COLOUR,f=1,se=2,n=6,d=1,v=400,pp=0,t=200705020600#controls
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - E:\Programmi\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [vptray] E:\PROGRA~1\NavNT\vptray.exe
O4 - HKLM\..\Run: [a-squared Anti-Dialer] "D:\Programmi\a-squared Anti-Dialer\a2adguard.exe" /d=60
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] "D:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CnxDslTaskBar] D:\Programmi\Conexant\AccessRunner ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] D:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Programmi\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = D:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk.disabled
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk.disabled
O8 - Extra context menu item: Download with GetRight - E:\Programmi\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - E:\Programmi\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - D:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1188234398500
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1183066814171
O18 - Protocol: bw+0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - D:\Programmi\a-squared Anti-Dialer\a2service.exe
O23 - Service: DefWatch - Symantec Corporation - E:\Programmi\NavNT\defwatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - D:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - D:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel File Transfer - Intel Corporation - D:\WINDOWS\system32\cba\xfr.exe
O23 - Service: Intel PDS - Intel Corporation - D:\WINDOWS\system32\cba\pds.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - d:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - D:\Programmi\File comuni\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - E:\Programmi\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - E:\Programmi\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe

--
End of file - 19868 bytes

//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Error: could not create zip file.
Error code: 0


//////////////////////////////////////////


Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\wfcwabur

*******************

Script file located at: \??\D:\WINDOWS\nyppdkuh.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at D:\Avenger

*******************

Beginning to process script file:

Registry key HKLM\system\currentcontrolset\services\DirectQorf deleted successfully.

Completed script processing.

*******************

Finished! Terminate.//////////////////////////////////////////


Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\usehuqul

*******************

Script file located at: \??\D:\Documents and Settings\bcnioayq.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at D:\Avenger

*******************

Beginning to process script file:



Registry key HKLM\system\currentcontrolset\services\DirectQorf not found!
Deletion of registry key HKLM\system\currentcontrolset\services\DirectQorf failed!

Could not process line:
HKLM\system\currentcontrolset\services\DirectQorf
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.



I due passaggi che mi hai detto non riesco a farli manca il programma a quel link.

....................

service.exe c'è sempre e se non fosse perchè io ho trovato un modo per fregarlo non riuscirei a fare niente percè si spegne sempre dopo un minuto ...invece io ci sto lavorando lo stesso su questo PC...

come faccio te lo dico via @: bavarello@inwind.it
Top
Profilo Invia messaggio privato
Sante62
Dio maturo
Dio maturo


Registrato: 27/06/07 17:55
Messaggi: 3477
Residenza: Floridia
MessaggioInviato: 27 Ago 2007 23:24    Oggetto: Rispondi citando
Bavarello ha scritto:
Sad

I due passaggi che mi hai detto non riesco a farli manca il programma a quel link.


A quale programma ti riferisci?
....................
Bavarello ha scritto:

service.exe c'è sempre e se non fosse perchè io ho trovato un modo per fregarlo non riuscirei a fare niente percè si spegne sempre dopo un minuto ...invece io ci sto lavorando lo stesso su questo PC...


Se hai risolto in qualche modo sono contento, probabilmente è legato a qualche altro malware o chiave di registro. Per questo ci vogliono quegli altri passaggi.

Bavarello ha scritto:

come faccio te lo dico via @: bavarello@inwind.it


Non c'è nessun segreto (almeno credo) puoi dirlo, se vuoi, tranquillamente quì.
Top
Profilo Invia messaggio privato
Bavarello
Eroe
Eroe


Registrato: 27/08/07 09:37
Messaggi: 46
Residenza: Bergamo
MessaggioInviato: 28 Ago 2007 21:02    Oggetto: Rispondi citando
Per poter lavorare con questo PC ...prima del caricamento logo di Windows premo F5 e poi vado sull'ultima configurazione sicuramente funzionante...

solo cosi non mi dà il blocco di service.exe.

Ho fatto il primo passaggio questo è il link

http://www.freefilehosting.net/download/MTY1NTA=

facendo il secondo passaggio surante lo scan il PC da la schermata Blu .... già la terza volta. Ci riprovo
Top
Profilo Invia messaggio privato
Sante62
Dio maturo
Dio maturo


Registrato: 27/06/07 17:55
Messaggi: 3477
Residenza: Floridia
MessaggioInviato: 28 Ago 2007 21:47    Oggetto: Rispondi citando
Bavarello ha scritto:

facendo il secondo passaggio surante lo scan il PC da la schermata Blu .... già la terza volta. Ci riprovo


Questo ci fa pensare...
Se non ci riesci, scarica Virit da quì: http://www.tgsoft.it/italy/download.htm

Aggiornalo e fagli fare la scansione completa del PC.
Fai in modo che rimuova automaticamente i file infetti trovati.
Non dimenticare di disattivare momentaneamente il tuo antivirus.
Incolla poi quì il risultato.
Top
Profilo Invia messaggio privato
Bavarello
Eroe
Eroe


Registrato: 27/08/07 09:37
Messaggi: 46
Residenza: Bergamo
MessaggioInviato: 29 Ago 2007 22:18    Oggetto: Rispondi citando
Alleluja Sante c'è l'hai fatta ....sei stato grande!!!! Grazie

una passata di quel antivirus e lo ha spazzato via:

Trojan .Win32.Costrat.G

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21.42.04, on 29/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\savedump.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
d:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
D:\Programmi\a-squared Anti-Dialer\a2service.exe
E:\Programmi\NavNT\defwatch.exe
D:\WINDOWS\system32\cba\pds.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
E:\VEXPLITE\viritsvc.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Programmi\a-squared Anti-Dialer\a2adguard.exe
D:\Programmi\Conexant\AccessRunner ADSL\CnxDslTb.exe
D:\WINDOWS\system32\CTHELPER.EXE
D:\Programmi\Java\jre1.6.0_02\bin\jusched.exe
E:\VEXPLITE\MONLITE.EXE
D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\system32\wuauclt.exe
E:\VEXPLITE\VIRITEXP.EXE
E:\Prestazioni\HijackThis.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://oiswww.eumetsat.org/SDDI/cgi/listImages.pl?m=bnw,a=0,sa=9,pr=COLOUR,f=1,se=2,n=6,d=1,v=400,pp=0,t=200705020600#controls
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - E:\Programmi\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [a-squared Anti-Dialer] "D:\Programmi\a-squared Anti-Dialer\a2adguard.exe" /d=60
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] "D:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CnxDslTaskBar] D:\Programmi\Conexant\AccessRunner ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] D:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Programmi\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] E:\VEXPLITE\MONLITE.EXE
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] E:\Programmi\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = D:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk.disabled
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk.disabled
O8 - Extra context menu item: Download with GetRight - E:\Programmi\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - E:\Programmi\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - D:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1188234398500
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1183066814171
O17 - HKLM\System\CCS\Services\Tcpip\..\{17117DE2-32DA-4C8A-BF47-B6D5933F497D}: NameServer = 213.205.32.70 213.205.36.70
O18 - Protocol: bw+0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - D:\Programmi\a-squared Anti-Dialer\a2service.exe
O23 - Service: DefWatch - Symantec Corporation - E:\Programmi\NavNT\defwatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - D:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - D:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel File Transfer - Intel Corporation - D:\WINDOWS\system32\cba\xfr.exe
O23 - Service: Intel PDS - Intel Corporation - D:\WINDOWS\system32\cba\pds.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - d:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - D:\Programmi\File comuni\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - E:\Programmi\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - E:\Programmi\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - E:\VEXPLITE\viritsvc.exe

--
End of file - 20065 bytes


VirIT eXplorer Lite Log

[SCANSIONE DELLA MEMORIA]
OK
[SCANSIONE DELLA MEMORIA]
[Hidden Services]
xpdx - xpdx system driver - \??\D:\WINDOWS\system32\xpdx.sys

VIRUS ATTIVO IN MEMORIA: (Rootkit \??\D:\WINDOWS\SYSTEM32\XPDX.SYS) Trojan.Win32.Costrat.G
--------------------------------------------------------
29/08/2007 - 21:32:08

[SCANSIONE DEL REGISTRO]
OK

Chiavi Registro infette: 0.
Files Infetti: 0.
Files Sospetti: 0.
Files Analizzati: 0.
Files Totali: 0.
Chiavi Registro rimosse: 0.
Virus Rimossi: 0.
Top
Profilo Invia messaggio privato
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 29 Ago 2007 22:51    Oggetto: Rispondi citando
Ciao Bavarello, Ciao
VirIt non te l'ha eliminato... te lo segnala e basta. Think

Scarica questo e scompattalo in una sua cartella non temporanea e non sul desktop

Avvia AVENGER
Clicca su input script manually
Clicca sulla lente d'ingrandimento
Inserisci queste righe:
Citazione:
Files to delete:
D:\WINDOWS\system32\xpdx.sys

Clicca su Done
Clicca sul semaforo
Il pc dovrebbe riavviarsi, se così non fosse, riavvialo tu.
Al termine dell'operazione, posta qui il risultato.
Top
Profilo Invia messaggio privato
Bavarello
Eroe
Eroe


Registrato: 27/08/07 09:37
Messaggi: 46
Residenza: Bergamo
MessaggioInviato: 30 Ago 2007 22:13    Oggetto: Rispondi citando
Ciao


Error: selected file does not appear to be a valid script
(INVIO)

non c'e' neanche il file Error log

Error: cos 0

Comunque stasera ho aperto il PC e non ho avuto errore di Service.exe.

però a caricare le singole pagine di iternet e' sempre lento

Grazie per l'interessamento.
Top
Profilo Invia messaggio privato
Orange
Dio maturo
Dio maturo


Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
MessaggioInviato: 30 Ago 2007 22:31    Oggetto: Rispondi citando
L'unico che dà l'errore services.exe con SP2 installato è rustock... (almeno credo Rolling Eyes )
lo vediamo subito: scarica questo: http://www.uploads.ejvindh.net/rustbfix.exe (una volta installato, devi riavviare il PC per far partire il tool)
posta poi il contenuto del log pelog.txt che ti si apre
Top
Profilo Invia messaggio privato
Bavarello
Eroe
Eroe


Registrato: 27/08/07 09:37
Messaggi: 46
Residenza: Bergamo
MessaggioInviato: 31 Ago 2007 21:00    Oggetto: Rispondi citando
Ciao Orange,

Rustfis: Dopo averlo installato e riavviato il PC ... avvio il file bat chkrustb.

si avvia ... compare il cmd.exe e non dà più nessun messaggio/avviso Embarassed

************************* Rustock.b-fix v. 1.01 -- By ejvindh *************************
31/08/2007 20.49.29.35

questo è tutto quello che c'è nel log
Top
Profilo Invia messaggio privato
Orange
Dio maturo
Dio maturo


Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
MessaggioInviato: 31 Ago 2007 23:14    Oggetto: Rispondi citando
Sei sicuro? Confused
al massimo il log dovrebbe essere così:
Citazione:
************************* Rustock.b-fix v. 1.01 -- By ejvindh *************************
31/08/2007 21.12.42,64

No Rustock.b-rootkits found

******************************* End of Logfile ********************************


vai su C:--> rustbfix--> pelog e controlla il file log.
Top
Profilo Invia messaggio privato
Bavarello
Eroe
Eroe


Registrato: 27/08/07 09:37
Messaggi: 46
Residenza: Bergamo
MessaggioInviato: 01 Set 2007 16:28    Oggetto: Rispondi citando
Confermo ... il log è quello

...e come ti dicevo avvio il file bat ... si apre cmd.exe

... c'è solo il cursore lampeggiante e non va più oltre.
Top
Profilo Invia messaggio privato
Sante62
Dio maturo
Dio maturo


Registrato: 27/06/07 17:55
Messaggi: 3477
Residenza: Floridia
MessaggioInviato: 01 Set 2007 18:27    Oggetto: Rispondi citando
Ciao Bavarello Smile

Credo che il file xpdx.sys, non si sia eliminato.

Prova a utilizzare nuovamente Avenger con queste scritte:

Files to delete:
D:\WINDOWS\system32\xpdx.sys

drivers to unload:
xpdx
Top
Profilo Invia messaggio privato
Orange
Dio maturo
Dio maturo


Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
MessaggioInviato: 01 Set 2007 20:02    Oggetto: Rispondi citando
Bavarello ha scritto:
Confermo ... il log è quello

...e come ti dicevo avvio il file bat ... si apre cmd.exe

... c'è solo il cursore lampeggiante e non va più oltre.

allora, ho fatto qualche prova....
secondo me hai forzato la chiusura di Rustbfix senza aspettare la fine della scansione.... Rolling Eyes
è normale una volta avviata l'applicazione, l'apertura della finestra DOS. però dovresti pazientare ed aspettare che si chiude da sola, rilasciando poi il logfile...
Top
Profilo Invia messaggio privato
Bavarello
Eroe
Eroe


Registrato: 27/08/07 09:37
Messaggi: 46
Residenza: Bergamo
MessaggioInviato: 02 Set 2007 10:08    Oggetto: Rispondi citando
Ciao Sante...Ciao Orange

fatto con Avenger ...questo è il log

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\skmbbmej

*******************

Script file located at: \??\D:\Documents and Settings\morlnymo.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at D:\Avenger

*******************

Beginning to process script file:



Registry key \Registry\Machine\System\CurrentControlSet\Services\xpdx not found!
Unload of driver xpdx failed!

Could not process line:
xpdx
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.


Orange ...avevi ragione tu ...non aspettavo la fine

Comunque adesso il pelog è cosi:
************************* Rustock.b-fix v. 1.01 -- By ejvindh *************************


in più c'è anche il file tmp1.txt

D:\WINDOWS\system32
No streams found.




...poi ho rifatto



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9.39.40, on 02/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
d:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
D:\Programmi\a-squared Anti-Dialer\a2service.exe
E:\Programmi\NavNT\defwatch.exe
D:\WINDOWS\system32\cba\pds.exe
E:\Programmi\NavNT\rtvscan.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
E:\VEXPLITE\viritsvc.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Programmi\a-squared Anti-Dialer\a2adguard.exe
D:\Programmi\Conexant\AccessRunner ADSL\CnxDslTb.exe
D:\WINDOWS\system32\CTHELPER.EXE
D:\Programmi\Java\jre1.6.0_02\bin\jusched.exe
E:\PROGRA~1\NavNT\vptray.exe
D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\WINDOWS\system32\notepad.exe
D:\WINDOWS\System32\alg.exe
D:\Programmi\Windows Media Player\wmplayer.exe
D:\Programmi\Internet Explorer\iexplore.exe
E:\Prestazioni\HijackThis.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://oiswww.eumetsat.org/SDDI/cgi/listImages.pl?m=bnw,a=0,sa=9,pr=COLOUR,f=1,se=2,n=6,d=1,v=400,pp=0,t=200705020600#controls
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - E:\Programmi\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [a-squared Anti-Dialer] "D:\Programmi\a-squared Anti-Dialer\a2adguard.exe" /d=60
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] "D:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CnxDslTaskBar] D:\Programmi\Conexant\AccessRunner ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] D:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Programmi\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] E:\VEXPLITE\MONLITE.EXE
O4 - HKLM\..\Run: [vptray] E:\PROGRA~1\NavNT\vptray.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] E:\Programmi\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = D:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk.disabled
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk.disabled
O8 - Extra context menu item: Download with GetRight - E:\Programmi\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - E:\Programmi\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1188234398500
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1183066814171
O17 - HKLM\System\CCS\Services\Tcpip\..\{17117DE2-32DA-4C8A-BF47-B6D5933F497D}: NameServer = 213.205.32.70 213.205.36.70
O18 - Protocol: bw+0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2E7DB6E3-55C0-4D3C-8B42-210F45380902} - D:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - D:\Programmi\a-squared Anti-Dialer\a2service.exe
O23 - Service: DefWatch - Symantec Corporation - E:\Programmi\NavNT\defwatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - D:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - D:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel File Transfer - Intel Corporation - D:\WINDOWS\system32\cba\xfr.exe
O23 - Service: Intel PDS - Intel Corporation - D:\WINDOWS\system32\cba\pds.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - d:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - D:\Programmi\File comuni\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - E:\Programmi\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - E:\Programmi\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - E:\VEXPLITE\viritsvc.exe

--
End of file - 20010 bytes
Top
Profilo Invia messaggio privato
ste_95
Dio maturo
Dio maturo


Registrato: 03/08/07 14:41
Messaggi: 1920
Residenza: Italy
MessaggioInviato: 02 Set 2007 11:09    Oggetto: Rispondi citando
il log è pulito....
Top
Profilo Invia messaggio privato HomePage
Orange
Dio maturo
Dio maturo


Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
MessaggioInviato: 02 Set 2007 19:11    Oggetto: Rispondi
log HJT risulta pulito, ma non mi pare che il nostro amico Rustock è stato eliminato. Confused
Che problemi riscontri ancora?
Possiamo fare quest'altro controllo (i pezzi da 90 8) ): segui le indicazioni di questo topic e posta i link richiesto.
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 2 ore
Vai a 1, 2  Successivo
Pagina 1 di 2

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi