Olimpo Informatico

[profiteroles]

ciao avevo già scritto qui per il pc che si bloccava in continuazione, grazie al vostro aiuto ho risolto, continuava a bloccarsi internet exlorer ma ora uso mozilla ed è tutto ok.

invece msn mi da problemi, chi mi aiuta?

appena lo apro si blocca!

[profiteroles]

scusate ho aperto una nuova discussione perchè non trovavo più questa

vi ringrazio, uso mozilla e non ho problemi, ma continuo ad avere problemi con messenger

[Sante62]

Ciao profiteroles
Quello che ti posso dire per ora è di postare un log di Hijackthis per vedere se è tutto a posto in termini di infezioni...
Se invece sei sicuro/a che non ci siano infezioni prova a disinstallare e reinstallare nuovamente Messenger...

[profiteroles]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13.10.22, on 13/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Apoint2K\Apoint.exe
C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
C:\Programmi\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Programmi\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Programmi\TOSHIBA\Tvs\TvsTray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Programmi\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
C:\Programmi\Apoint2K\Apntex.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Programmi\HP\hpcoretech\hpcmpmgr.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSServ.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Winamp\winampa.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\Programmi\Macrogaming\SweetIM\SweetIM.exe
C:\Programmi\ARESCOM\Modem Telindus Arescom ND220b\dslmon.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\HP\Digital Imaging\bin\hpqgalry.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\eMule\emule.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/results.aspx?mkt=it-it&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alice.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programmi\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programmi\MegauploadToolbar\megauploadtoolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programmi\MegauploadToolbar\megauploadtoolbar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PadTouch] C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [HWSetup] C:\Programmi\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Programmi\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [TPNF] C:\Programmi\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [SmoothView] C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [Tvs] C:\Programmi\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [DDWMon] C:\Programmi\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programmi\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SweetIM] C:\Programmi\Macrogaming\SweetIM\SweetIM.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio rapido di HP Image Zone.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: ZoneAlarm.lnk = C:\Programmi\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-5b2ad6e7b08b6104.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E68E42CA-DB84-47E1-A4C0-711BAAD1D9B3}: NameServer = 85.37.17.58 85.38.28.94
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 11825 bytes

[Sante62]

Avvia Hijackthis ed elimina queste righe; sono superflue:

[profiteroles]

niente, ho cancellato quei file, ho disinstallato messenger e installato nuovamente ma si blocca ancora

[Sante62]

Fai la scansione con Systemscan e posta il log generato come
indicato quì

[profiteroles]

non riesco a usarlo, ho messo in pausa l'antivirus, ho tolto la connessione ma il programma si blocca quando arriva al 9-10 punto

[bdoriano]

Disabilita (togli la spunta) il punto che ti blocca.

[profiteroles]

niente da fare, si blocca lo stesso!

[profiteroles]

riporto di nuovo il file di hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14.56.34, on 21/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
C:\Programmi\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Programmi\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Programmi\TOSHIBA\ConfigFree\NDSTray.exe
C:\Programmi\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\Zone Labs\ZoneAlarm\zonealarm.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\dumprep.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programmi\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programmi\MegauploadToolbar\megauploadtoolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programmi\MegauploadToolbar\megauploadtoolbar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PadTouch] C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [HWSetup] C:\Programmi\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Programmi\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [TPNF] C:\Programmi\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [SmoothView] C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [DDWMon] C:\Programmi\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: ZoneAlarm.lnk = C:\Programmi\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-5b2ad6e7b08b6104.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E68E42CA-DB84-47E1-A4C0-711BAAD1D9B3}: NameServer = 85.37.17.58 85.38.28.94
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 11069 bytes

[profiteroles]

nessuno?

[profiteroles]

è un mese che non posso usare msn

[bdoriano]

Segui le istruzioni di questo topic per postare il log di combofix.

[Riverside]

[profiteroles]

questo è il log combofix

ComboFix 08-03-01.3 - marina 2008-03-01 15.15.43.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.540 [GMT 1:00]
Eseguito da: C:\Documents and Settings\marina\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Creati Da 2008-02-01 al 2008-03-01 )))))))))))))))))))))))))))))))))))
.

2008-03-01 15:10 . 2008-03-01 15:10 <DIR> d-------- C:\ComboFix(2)
2008-03-01 14:27 . 2008-03-01 14:27 <DIR> d-------- C:\Programmi\MSN Messenger
2008-03-01 12:19 . 2008-03-01 12:19 <DIR> d-------- C:\WINDOWS\Content.IE5
2008-02-27 19:55 . 2008-02-27 19:55 <DIR> d-------- C:\Programmi\TuneUp Utilities 2007
2008-02-27 19:55 . 2008-02-27 19:55 <DIR> d-------- C:\Documents and Settings\marina\Dati applicazioni\TuneUp Software
2008-02-27 19:55 . 2007-03-28 19:42 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-02-27 19:54 . 2008-02-27 19:54 <DIR> d-------- C:\Programmi\File comuni\Wise Installation Wizard
2008-02-27 19:54 . 2008-02-27 19:54 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\TuneUp Software
2008-02-23 21:36 . 2008-02-23 21:36 268 --ah----- C:\sqmdata18.sqm
2008-02-23 21:36 . 2008-02-23 21:36 244 --ah----- C:\sqmnoopt18.sqm
2008-02-14 18:22 . 2008-02-21 11:12 <DIR> d-------- C:\suspectfile
2008-02-14 09:37 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-02-14 09:37 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-02-14 09:37 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-02-13 17:40 . 2008-02-13 17:40 <DIR> d-------- C:\Programmi\Windows Live Favorites
2008-02-13 17:38 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-02-13 17:37 . 2008-02-13 17:37 <DIR> d-------- C:\Programmi\Microsoft SQL Server Compact Edition
2008-02-13 17:05 . 2008-02-27 22:33 <DIR> d-------- C:\Programmi\Windows Live
2008-02-13 17:05 . 2008-02-13 17:16 <DIR> d--hsc--- C:\Programmi\File comuni\WindowsLiveInstaller
2008-02-13 17:05 . 2008-02-13 21:26 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2008-02-08 19:58 . 2008-02-08 19:58 268 --ah----- C:\sqmdata17.sqm
2008-02-08 19:58 . 2008-02-08 19:58 268 --ah----- C:\sqmdata16.sqm
2008-02-08 19:58 . 2008-02-08 19:58 244 --ah----- C:\sqmnoopt17.sqm
2008-02-08 19:58 . 2008-02-08 19:58 244 --ah----- C:\sqmnoopt16.sqm
2008-02-07 13:57 . 2008-02-07 13:57 244 --ah----- C:\sqmnoopt15.sqm
2008-02-07 13:57 . 2008-02-07 13:57 232 --ah----- C:\sqmdata15.sqm
2008-02-02 17:42 . 2008-02-02 17:42 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-02 17:33 . 2008-02-02 17:33 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-02-02 11:01 . 2008-02-17 20:56 <DIR> d-------- C:\unzipped
2008-02-01 15:40 . 2008-02-01 15:40 <DIR> d-------- C:\Programmi\Trend Micro
2008-02-01 11:17 . 2008-02-01 11:17 586,752 --a------ C:\WINDOWS\WLXPGSS.SCR

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-01 10:50 --------- d-----w C:\Programmi\eMule
2008-02-27 19:16 2,710,528 ----a-w C:\WINDOWS\Internet Logs\xDB15E.tmp
2008-02-27 13:44 3,553,280 ----a-w C:\WINDOWS\Internet Logs\xDB108.tmp
2008-02-26 21:48 3,553,280 ----a-w C:\WINDOWS\Internet Logs\xDB15D.tmp
2008-02-26 13:38 2,941,440 ----a-w C:\WINDOWS\Internet Logs\xDB15B.tmp
2008-02-26 12:10 3,558,400 ----a-w C:\WINDOWS\Internet Logs\xDBB1.tmp
2008-02-23 21:03 3,273,216 ----a-w C:\WINDOWS\Internet Logs\xDB163.tmp
2008-02-23 19:11 3,553,280 ----a-w C:\WINDOWS\Internet Logs\xDBE1.tmp
2008-02-13 16:41 --------- d-----w C:\Programmi\Windows Live Toolbar
2008-02-08 19:02 2,799,616 ----a-w C:\WINDOWS\Internet Logs\xDB150.tmp
2008-02-08 15:58 3,281,408 ----a-w C:\WINDOWS\Internet Logs\xDB66.tmp
2008-02-02 16:26 --------- d-----w C:\Programmi\Messenger Plus! Live
2008-02-02 16:05 --------- d-----w C:\Programmi\SONY
2008-02-02 10:08 --------- d-----w C:\Programmi\Winamp
2008-02-02 10:08 --------- d-----w C:\Programmi\Apoint2K
2008-02-01 12:44 3,219,456 ----a-w C:\WINDOWS\Internet Logs\xDBBE.tmp
2008-02-01 12:44 211,968 ----a-w C:\WINDOWS\Internet Logs\xDB137.tmp
2008-01-31 19:41 --------- d-----w C:\Programmi\Toshiba Connect
2008-01-31 16:29 --------- d-----w C:\Programmi\Redmon17
2008-01-31 14:16 2,940,416 ----a-w C:\WINDOWS\Internet Logs\xDB12F.tmp
2008-01-31 09:18 3,216,384 ----a-w C:\WINDOWS\Internet Logs\xDBA8.tmp
2008-01-30 09:10 3,216,384 ----a-w C:\WINDOWS\Internet Logs\xDB61.tmp
2008-01-26 21:36 3,010,048 ----a-w C:\WINDOWS\Internet Logs\xDB135.tmp
2008-01-26 10:59 3,210,752 ----a-w C:\WINDOWS\Internet Logs\xDB67.tmp
2008-01-20 18:09 --------- d-----w C:\Documents and Settings\marina\Dati applicazioni\Image Zone Express
2008-01-20 00:52 2,784,256 ----a-w C:\WINDOWS\Internet Logs\xDB122.tmp
2008-01-19 19:07 3,211,776 ----a-w C:\WINDOWS\Internet Logs\xDB105.tmp
2008-01-18 22:07 1,504,768 ----a-w C:\WINDOWS\Internet Logs\xDB121.tmp
2008-01-18 16:53 3,211,264 ----a-w C:\WINDOWS\Internet Logs\xDB106.tmp
2008-01-18 11:08 1,177,600 ----a-w C:\WINDOWS\Internet Logs\xDB120.tmp
2008-01-18 09:16 3,209,728 ----a-w C:\WINDOWS\Internet Logs\xDBA6.tmp
2008-01-17 22:40 3,210,240 ----a-w C:\WINDOWS\Internet Logs\xDB5E.tmp
2008-01-17 22:40 2,926,080 ----a-w C:\WINDOWS\Internet Logs\xDB5F.tmp
2008-01-15 23:02 3,210,240 ----a-w C:\WINDOWS\Internet Logs\xDB115.tmp
2008-01-15 23:02 2,884,608 ----a-w C:\WINDOWS\Internet Logs\xDB127.tmp
2008-01-08 22:06 2,641,408 ----a-w C:\WINDOWS\Internet Logs\xDBD7.tmp
2008-01-08 12:41 3,208,704 ----a-w C:\WINDOWS\Internet Logs\xDB5D.tmp
2008-01-05 22:33 2,930,176 ----a-w C:\WINDOWS\Internet Logs\xDB114.tmp
2008-01-05 19:54 3,205,120 ----a-w C:\WINDOWS\Internet Logs\xDB5C.tmp
2008-01-04 23:02 3,205,632 ----a-w C:\WINDOWS\Internet Logs\xDB5B.tmp
2008-01-03 22:16 3,205,632 ----a-w C:\WINDOWS\Internet Logs\xDB59.tmp
2008-01-03 22:16 2,869,760 ----a-w C:\WINDOWS\Internet Logs\xDB111.tmp
2007-12-28 23:06 2,849,280 ----a-w C:\WINDOWS\Internet Logs\xDB10A.tmp
2007-12-28 18:36 3,207,680 ----a-w C:\WINDOWS\Internet Logs\xDB5A.tmp
2007-12-26 21:43 3,314,176 ----a-w C:\WINDOWS\Internet Logs\xDB107.tmp
2007-12-26 18:25 3,200,512 ----a-w C:\WINDOWS\Internet Logs\xDB57.tmp
2007-12-24 23:43 3,200,000 ----a-w C:\WINDOWS\Internet Logs\xDB58.tmp
2007-12-24 23:43 15,360 ----a-w C:\WINDOWS\Internet Logs\xDBBD.tmp
2007-12-24 21:33 3,200,512 ----a-w C:\WINDOWS\Internet Logs\xDB55.tmp
2007-12-24 21:33 2,859,520 ----a-w C:\WINDOWS\Internet Logs\xDB103.tmp
2007-12-23 22:09 310,784 ----a-w C:\WINDOWS\Internet Logs\xDB102.tmp
2007-12-23 22:09 3,200,000 ----a-w C:\WINDOWS\Internet Logs\xDB56.tmp
2007-12-23 17:10 3,200,000 ----a-w C:\WINDOWS\Internet Logs\xDB53.tmp
2007-12-23 17:10 2,750,464 ----a-w C:\WINDOWS\Internet Logs\xDB101.tmp
2007-12-21 21:33 3,202,048 ----a-w C:\WINDOWS\Internet Logs\xDB52.tmp
2007-12-19 20:47 3,199,488 ----a-w C:\WINDOWS\Internet Logs\xDBA5.tmp
2007-12-19 20:47 3,017,728 ----a-w C:\WINDOWS\Internet Logs\xDB104.tmp
2007-12-10 13:28 3,187,712 ----a-w C:\WINDOWS\Internet Logs\xDB50.tmp
2007-12-07 00:45 668,672 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 21:55 3,186,688 ----a-w C:\WINDOWS\Internet Logs\xDB4D.tmp
2007-12-04 21:55 3,100,672 ----a-w C:\WINDOWS\Internet Logs\xDBED.tmp
2007-12-04 18:40 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 -c--a-w C:\WINDOWS\system32\AVASTSS.scr
2007-11-27 17:50 2,938,880 ----a-w C:\WINDOWS\Internet Logs\xDB51.tmp
2007-11-27 17:50 2,741,760 ----a-w C:\WINDOWS\Internet Logs\xDBDE.tmp
2007-11-23 21:19 2,920,960 ----a-w C:\WINDOWS\Internet Logs\xDBD9.tmp
2007-11-23 21:17 2,937,856 ----a-w C:\WINDOWS\Internet Logs\xDB4E.tmp
2007-11-21 21:52 21,724 ----a-w C:\WINDOWS\Fonts\action_jackson.zip
2007-11-16 11:22 2,929,152 ----a-w C:\WINDOWS\Internet Logs\xDB49.tmp
2007-11-16 11:22 180,224 ----a-w C:\WINDOWS\Internet Logs\xDBD4.tmp
2007-11-15 20:58 2,930,688 ----a-w C:\WINDOWS\Internet Logs\xDBCF.tmp
2007-11-15 20:58 2,682,368 ----a-w C:\WINDOWS\Internet Logs\xDBD3.tmp
2007-11-13 20:44 2,927,616 ----a-w C:\WINDOWS\Internet Logs\xDB48.tmp
2007-11-13 20:44 1,486,336 ----a-w C:\WINDOWS\Internet Logs\xDBCC.tmp
2007-11-13 07:41 2,958,336 ----a-w C:\WINDOWS\Internet Logs\xDB47.tmp
2007-11-13 07:41 2,927,616 ----a-w C:\WINDOWS\Internet Logs\xDB45.tmp
2007-11-09 22:12 2,910,720 ----a-w C:\WINDOWS\Internet Logs\xDBC6.tmp
2007-11-09 22:12 1,806,336 ----a-w C:\WINDOWS\Internet Logs\xDBC7.tmp
2007-11-09 17:51 2,910,208 ----a-w C:\WINDOWS\Internet Logs\xDB46.tmp
2007-11-09 17:51 2,845,696 ----a-w C:\WINDOWS\Internet Logs\xDBC4.tmp
2007-11-06 22:00 2,944,000 ----a-w C:\WINDOWS\Internet Logs\xDBCA.tmp
2007-11-06 22:00 2,904,064 ----a-w C:\WINDOWS\Internet Logs\xDB44.tmp
2007-10-29 21:10 2,895,872 ----a-w C:\WINDOWS\Internet Logs\xDB42.tmp
2007-10-29 21:09 3,122,688 ----a-w C:\WINDOWS\Internet Logs\xDBBC.tmp
2007-10-20 13:09 722,944 ----a-w C:\WINDOWS\Internet Logs\xDBA4.tmp
2007-10-20 13:09 2,894,336 ----a-w C:\WINDOWS\Internet Logs\xDBA3.tmp
2007-10-19 21:19 2,894,336 ----a-w C:\WINDOWS\Internet Logs\xDB8D.tmp
2007-10-19 21:19 2,860,544 ----a-w C:\WINDOWS\Internet Logs\xDBA2.tmp
2007-10-10 16:40 2,997,248 ----a-w C:\WINDOWS\Internet Logs\xDB98.tmp
2007-10-10 16:39 2,893,824 ----a-w C:\WINDOWS\Internet Logs\xDB97.tmp
2007-10-09 16:29 691,200 ----a-w C:\WINDOWS\Internet Logs\xDB41.tmp
2007-10-09 16:29 2,891,776 ----a-w C:\WINDOWS\Internet Logs\xDB40.tmp
2007-10-08 21:18 2,891,776 ----a-w C:\WINDOWS\Internet Logs\xDB3F.tmp
2007-10-08 21:18 1,673,728 ----a-w C:\WINDOWS\Internet Logs\xDB93.tmp
2007-10-07 21:04 2,896,896 ----a-w C:\WINDOWS\Internet Logs\xDB60.tmp
2007-10-07 21:04 2,705,920 ----a-w C:\WINDOWS\Internet Logs\xDB96.tmp
2007-10-05 15:26 2,962,944 ----a-w C:\WINDOWS\Internet Logs\xDB95.tmp
2007-10-05 15:26 2,892,288 ----a-w C:\WINDOWS\Internet Logs\xDB3E.tmp
2007-09-27 18:43 2,923,008 ----a-w C:\WINDOWS\Internet Logs\xDB88.tmp
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 11:00 15360]
"TOSCDSPD"="C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 09:14 65536]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe" [2005-10-28 16:25 94208]
"MsnMsgr"="C:\Programmi\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54 5674352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-02-07 16:39 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-02-07 16:36 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-02-07 16:40 118784]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 23:34 16143872 C:\WINDOWS\RTHDCPL.exe]
"PadTouch"="C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe" [2005-12-22 13:16 1077330]
"CeEKEY"="C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe" [2006-04-12 15:31 638976]
"HWSetup"="C:\Programmi\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-05-01 12:45 28672]
"SVPWUTIL"="C:\Programmi\Toshiba\Windows Utilities\SVPWUTIL.exe" [2004-05-01 12:45 65536]
"TPNF"="C:\Programmi\TOSHIBA\TouchPad\TPTray.exe" [2006-04-04 13:57 53248]
"TPSMain"="TPSMain.exe" [2005-08-12 10:58 266240 C:\WINDOWS\system32\TPSMain.exe]
"Zooming"="ZoomingHook.exe" [2005-06-06 08:58 24576 C:\WINDOWS\system32\ZoomingHook.exe]
"SmoothView"="C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-05-12 12:33 118784]
"TCtryIOHook"="TCtrlIOHook.exe" [2006-01-03 15:11 28672 C:\WINDOWS\system32\TCtrlIOHook.exe]
"TFncKy"="TFncKy.exe" []
"NDSTray.exe"="NDSTray.exe" []
"DDWMon"="C:\Programmi\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe" [2006-04-28 10:45 262144]
"IntelZeroConfig"="C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-05 12:37 667718]
"IntelWireless"="C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-28 11:41 602182]
"AGRSMMSG"="AGRSMMSG.exe" [2006-03-18 16:22 89541 C:\WINDOWS\agrsmmsg.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"CFSServ.exe"="CFSServ.exe" []
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"WinampAgent"="C:\Programmi\Winamp\winampa.exe" [2004-12-20 19:41 33792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 11:00 15360]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Avvio veloce di Adobe Reader.lnk - C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26 29696]
HP Digital Imaging Monitor.lnk - C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22 288472]
ZoneAlarm.lnk - C:\Programmi\Zone Labs\ZoneAlarm\zonealarm.exe [2007-01-03 15:12:44 623720]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\eMule\\emule.exe"=
"C:\\Programmi\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"C:\\Programmi\\MSN Messenger\\livecall.exe"=

R1 TPwSav;Common Driver;C:\WINDOWS\system32\Drivers\TPwSav.sys [2006-01-05 15:31]
R2 tdudf;TOSHIBA UDF File System Driver;C:\WINDOWS\system32\DRIVERS\tdudf.sys [2006-04-18 14:12]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-19 11:00]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver;C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys [2006-03-02 18:49]
S3 ICDSX;Sony IC Recorder (SX);C:\WINDOWS\system32\Drivers\ICDSX.sys [2003-10-01 16:44]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e2e63d2-8d0e-11dc-a953-4d6564696130}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5dfd0be5-fd43-11db-a826-4d6564696130}]
\Shell\AutoRun\command - E:\n1deiect.com
\Shell\explore\Command - E:\n1deiect.com
\Shell\open\Command - E:\n1deiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bd84d838-f595-11db-a80a-4d6564696130}]
\Shell\AutoRun\command - ntde1ect.com
\Shell\explore\Command - ntde1ect.com
\Shell\open\Command - ntde1ect.com

*Newly Created Service* - USNJSVC
.
Contenuto della cartella 'Scheduled Tasks'
"2008-02-29 16:17:40 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Programmi\TuneUp Utilities 2007\SystemOptimizer.exe
"2008-03-01 13:50:02 C:\WINDOWS\Tasks\Verifica aggiornamenti per Windows Live Toolbar.job"
- C:\Programmi\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-01 15:21:50
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2008-03-01 15.23.29
.
2008-02-27 21:34:10 --- E O F ---

[profiteroles]

questo quello di hjackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15.25.59, on 01/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
C:\Programmi\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Programmi\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Programmi\TOSHIBA\ConfigFree\NDSTray.exe
C:\Programmi\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\MSN Messenger\usnsvc.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programmi\MegauploadToolbar\megauploadtoolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programmi\MegauploadToolbar\megauploadtoolbar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PadTouch] C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [HWSetup] C:\Programmi\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Programmi\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [TPNF] C:\Programmi\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [SmoothView] C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [DDWMon] C:\Programmi\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: ZoneAlarm.lnk = C:\Programmi\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-5b2ad6e7b08b6104.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E68E42CA-DB84-47E1-A4C0-711BAAD1D9B3}: NameServer = 85.37.17.58 85.38.28.94
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 11238 bytes

[profiteroles]

ah che significa quella scritta in rosso????

[bdoriano]

[profiteroles]