Condividi:        

Problema con motore di ricerca... Link optimizer credo...

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Problema con motore di ricerca... Link optimizer credo...

Postdi maxwell023 » 08/10/06 10:24

Quando effettuo una ricerca su google, il sistema mi manda un errore dicendo che il file C:\...console.html non si trova e si apre un pop up. Subito dopo il sistema chiude internet explorer...

C'è qualcuno che potrebbe dire come risolvere il problema?

Ho già effettuato una scansione con hijackthis e questo è il risultato...


Logfile of HijackThis v1.99.1
Scan saved at 11.21.08, on 08/10/2006
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAMMI\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\DOWNLOADED PROGRAM FILES\YGX2JN\KWNN7SX.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\IRMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\ASP4TRAY.EXE
C:\MEDIASCAPE\MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\Mediascape\OnScreen Display\OSD.exe
C:\PROGRAM FILES\AHEAD\INCD\INCD.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAMMI\LOGITECH\SETPOINT\SETPOINT.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\TEMP\CQMN2.EXE
C:\PROGRAMMI\PALM\HOTSYNC.EXE
C:\WINDOWS\DVZCOMMON\DVZMSGR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMMI\WINZIP\WZQKPICK.EXE
C:\PROGRAMMI\FILE COMUNI\LOGITECH\KHAL\KHALMNPR.EXE
C:\PROGRAMMI\ALICE TI AIUTA\BIN\MPBTN.EXE
C:\PROGRAMMI\ALICE\ALICE ENTERNET\APP\ENTERNET.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gw.aliceadsl.it/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gw.aliceadsl.it/home
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
F1 - win.ini: run=hpfsched
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: Class - {DCD24710-C56C-2E34-4217-21F9692E757A} - C:\WINDOWS\KDIPN1.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1040,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [IrMon] irmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [VortexTray] ASP4TRAY.EXE
O4 - HKLM\..\Run: [Multimedia Keyboard] C:\Mediascape\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [OnScreen Display] C:\Mediascape\OnScreen Display\OSD.exe
O4 - HKLM\..\Run: [PCHealth] c:\windows\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [EM_EXEC] C:\MOUSE\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [gCac] C:\WINDOWS\gcac.exe
O4 - HKLM\..\Run: [SERVICES.EXE] C:\WINDOWS\__P9HEPQKBJ.EXE
O4 - HKLM\..\Run: [lich] lich.exe
O4 - HKLM\..\Run: [SetPoint] C:\Programmi\Logitech\SetPoint\SetPoint.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe c:\windows\EB1070.USB\CnxTrApp.dll,AppEntryA -REG "Aethra\ADSL EB1070 USB"
O4 - HKLM\..\Run: [CQMN2.EXE] C:\WINDOWS\TEMP\CQMN2.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [NPROTECT] C:\programmi\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServicesOnce: [*OU] "C:\PROGRAMMI\FILE COMUNI\SYSTEM\VGD.EXE" CBkEXCi
O4 - Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\OFFICE\OSA9.EXE
O4 - Startup: Manager HotSync.lnk = C:\Programmi\Palm\HOTSYNC.EXE
O4 - Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O4 - Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &eBay Search - res://C:\PROGRAMMI\EBAY\EBAY TOOLBAR2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Alice - {10E7D600-A300-4DCC-8909-BCCAA34AD688} - http://gw.aliceadsl.it/alice (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://gw.aliceadsl.it/home
O15 - Trusted Zone: http://www.redfunny.com
O15 - Trusted Zone: http://www.skymasters.biz
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/res ... nPUpld.cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://c6.community.alice.it/download/D ... ctiveX.cab
O18 - Protocol: offline-8876480 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\GAPLUGPROTOCOL-8876480.DLL
maxwell023
Newbie
 
Post: 8
Iscritto il: 05/10/06 16:07

Sponsor
 

Postdi Luke57 » 08/10/06 10:34

Ciao, scarica Virit: http://www.tgsoft.it/files/vnlt6121.exe
versione di prova 30gg, aggiornalo alle ultime definizioni e fai una scansione in modalita' normale e una in modalità provvisoria (per entrarci premi ripetutamente il tasto F8 all'accesnione del computer e prima che si carichi windows, nella schermata che appare scegli Modalità provvisoria spostandoti con le freccette e premendo Invio)

Posta il report delle scansioni.

Posta altro log di hiajckthis.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi maxwell023 » 09/10/06 09:48

Posto il log di virlt:

VirIT eXplorer Lite Log

[SCANSIONE DELLA MEMORIA]
OK
--------------------------------------------------------
09/10/2006 - 09:38:26

[SCANSIONE DEL REGISTRO]
{2a6af021-17a2-4014-8624-cf6015f82fad} Infetto da BHO.Agent.BA
* * * RIMOSSO * * *

[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK

C:\WINDOWS\2131.TMP Infetto da BHO.LinkOptimizer.G
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\xFfpsmI.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\wingpai.wnd Infetto da Trojan.Win32.RootKit.G
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\tsdf2.dll Infetto da Trojan.Win32.RootKit.G
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\fCXgGLbcy.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\eaEsLjPhu.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\jGicsmnBpX.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\WtXRXNrJodS.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\nrrbvqN.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\EklsHmc.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\cEoSSAAIjOD.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\itbYhnbQqHB.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\kruWhMDrt.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\geGDmQuX.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\ItbbFbbv.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\BgknGVsMhBk.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\icovIsPCkm.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\fBbfJmR.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\dBLcJkqc.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\tlaa.dll Infetto da BHO.Agent.BD
* * * RIMOSSO * * *
C:\WINDOWS\TEMP\cqmn1.exe Infetto da Trojan.Win32.Agent.ADM
* * * RIMOSSO * * *
C:\WINDOWS\TEMP\cqmn2.exe Infetto da Trojan.Win32.Agent.ADM
* * * RIMOSSO * * *
C:\WINDOWS\Downloaded Program Files\xn82s\nuwsq3.exe Infetto da Trojan.Win32.Small.CD
* * * RIMOSSO * * *
C:\WINDOWS\Downloaded Program Files\ygx2jn\kwnn7sx.exe Infetto da Trojan.Win32.Small.CD
* * * RIMOSSO * * *
C:\WINDOWS\80D4.TMP Infetto da BHO.LinkOptimizer.I
* * * RIMOSSO * * *
C:\WINDOWS\F080.TMP Infetto da BHO.LinkOptimizer.I
* * * RIMOSSO * * *
C:\WINDOWS\461773851.exe Infetto da Trojan.Win32.Small.NE
* * * RIMOSSO * * *
C:\WINDOWS\kdipn1.dll Infetto da BHO.LinkOptimizer.H
* * * RIMOSSO * * *
C:\WINDOWS\E351.TMP Infetto da BHO.LinkOptimizer.I
* * * RIMOSSO * * *
C:\WINDOWS\160190239224.exe Infetto da Trojan.Win32.Small.NE
* * * RIMOSSO * * *
C:\_RESTORE\TEMP\A0010440.CPY Infetto da Trojan.Win32.Small.NE
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017880.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017881.CPY Infetto da Trojan.Win32.RootKit.G
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017882.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017883.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017884.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017885.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017886.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017887.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017888.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017889.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017890.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017891.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017892.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017893.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017894.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017895.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017896.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017897.CPY Infetto da BHO.Agent.BD
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017898.CPY Infetto da Trojan.Win32.Small.NE
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017899.CPY Infetto da BHO.LinkOptimizer.H
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017900.CPY Infetto da Trojan.Win32.Small.NE
Contattare il Supporto Tecnico TG Soft

Chiavi Registro infette: 1.
Files Infetti: 52.
Files Sospetti: 0.
Files Analizzati: 23497.
Files Totali: 23497.
Chiavi Registro rimosse: 1.
Virus Rimossi: 30.

log in modalità provvisoria:

VirIT eXplorer Lite Log

[SCANSIONE DELLA MEMORIA]
OK
--------------------------------------------------------
09/10/2006 - 09:38:26

[SCANSIONE DEL REGISTRO]
{2a6af021-17a2-4014-8624-cf6015f82fad} Infetto da BHO.Agent.BA
* * * RIMOSSO * * *

[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK

C:\WINDOWS\2131.TMP Infetto da BHO.LinkOptimizer.G
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\xFfpsmI.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\wingpai.wnd Infetto da Trojan.Win32.RootKit.G
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\tsdf2.dll Infetto da Trojan.Win32.RootKit.G
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\fCXgGLbcy.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\eaEsLjPhu.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\jGicsmnBpX.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\WtXRXNrJodS.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\nrrbvqN.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\EklsHmc.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\cEoSSAAIjOD.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\itbYhnbQqHB.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\kruWhMDrt.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\geGDmQuX.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\ItbbFbbv.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\BgknGVsMhBk.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\icovIsPCkm.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\fBbfJmR.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\dBLcJkqc.dll Infetto da BHO.MyIEHelper.I
* * * RIMOSSO * * *
C:\WINDOWS\SYSTEM\tlaa.dll Infetto da BHO.Agent.BD
* * * RIMOSSO * * *
C:\WINDOWS\TEMP\cqmn1.exe Infetto da Trojan.Win32.Agent.ADM
* * * RIMOSSO * * *
C:\WINDOWS\TEMP\cqmn2.exe Infetto da Trojan.Win32.Agent.ADM
* * * RIMOSSO * * *
C:\WINDOWS\Downloaded Program Files\xn82s\nuwsq3.exe Infetto da Trojan.Win32.Small.CD
* * * RIMOSSO * * *
C:\WINDOWS\Downloaded Program Files\ygx2jn\kwnn7sx.exe Infetto da Trojan.Win32.Small.CD
* * * RIMOSSO * * *
C:\WINDOWS\80D4.TMP Infetto da BHO.LinkOptimizer.I
* * * RIMOSSO * * *
C:\WINDOWS\F080.TMP Infetto da BHO.LinkOptimizer.I
* * * RIMOSSO * * *
C:\WINDOWS\461773851.exe Infetto da Trojan.Win32.Small.NE
* * * RIMOSSO * * *
C:\WINDOWS\kdipn1.dll Infetto da BHO.LinkOptimizer.H
* * * RIMOSSO * * *
C:\WINDOWS\E351.TMP Infetto da BHO.LinkOptimizer.I
* * * RIMOSSO * * *
C:\WINDOWS\160190239224.exe Infetto da Trojan.Win32.Small.NE
* * * RIMOSSO * * *
C:\_RESTORE\TEMP\A0010440.CPY Infetto da Trojan.Win32.Small.NE
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017880.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017881.CPY Infetto da Trojan.Win32.RootKit.G
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017882.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017883.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017884.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017885.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017886.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017887.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017888.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017889.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017890.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017891.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017892.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017893.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017894.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017895.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017896.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017897.CPY Infetto da BHO.Agent.BD
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017898.CPY Infetto da Trojan.Win32.Small.NE
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017899.CPY Infetto da BHO.LinkOptimizer.H
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017900.CPY Infetto da Trojan.Win32.Small.NE
Contattare il Supporto Tecnico TG Soft

Chiavi Registro infette: 1.
Files Infetti: 52.
Files Sospetti: 0.
Files Analizzati: 23497.
Files Totali: 23497.
Chiavi Registro rimosse: 1.
Virus Rimossi: 30.

log con hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 10.35.42, on 09/10/2006
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAMMI\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\IRMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\ASP4TRAY.EXE
C:\MEDIASCAPE\MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\Mediascape\OnScreen Display\OSD.exe
C:\PROGRAM FILES\AHEAD\INCD\INCD.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAMMI\LOGITECH\SETPOINT\SETPOINT.EXE
C:\WINDOWS\KHALMNPR.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMMI\PALM\HOTSYNC.EXE
C:\WINDOWS\DVZCOMMON\DVZMSGR.EXE
C:\PROGRAMMI\WINZIP\WZQKPICK.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
C:\PROGRAMMI\ALICE TI AIUTA\BIN\MPBTN.EXE
C:\PROGRAMMI\FILE COMUNI\LOGITECH\KHAL\KHALMNPR.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gw.aliceadsl.it/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gw.aliceadsl.it/home
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
F1 - win.ini: run=hpfsched
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: Class - {DCD24710-C56C-2E34-4217-21F9692E757A} - C:\WINDOWS\KDIPN1.DLL (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1040,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [IrMon] irmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [VortexTray] ASP4TRAY.EXE
O4 - HKLM\..\Run: [Multimedia Keyboard] C:\Mediascape\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [OnScreen Display] C:\Mediascape\OnScreen Display\OSD.exe
O4 - HKLM\..\Run: [PCHealth] c:\windows\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [EM_EXEC] C:\MOUSE\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [gCac] C:\WINDOWS\gcac.exe
O4 - HKLM\..\Run: [SERVICES.EXE] C:\WINDOWS\__P9HEPQKBJ.EXE
O4 - HKLM\..\Run: [lich] lich.exe
O4 - HKLM\..\Run: [SetPoint] C:\Programmi\Logitech\SetPoint\SetPoint.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe c:\windows\EB1070.USB\CnxTrApp.dll,AppEntryA -REG "Aethra\ADSL EB1070 USB"
O4 - HKLM\..\Run: [CQMN2.EXE] C:\WINDOWS\TEMP\CQMN2.EXE
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [NPROTECT] C:\programmi\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServicesOnce: [*Ua] "C:\PROGRAMMI\FILE COMUNI\SYSTEM\VGD.EXE" gT
O4 - Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\OFFICE\OSA9.EXE
O4 - Startup: Manager HotSync.lnk = C:\Programmi\Palm\HOTSYNC.EXE
O4 - Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O4 - Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &eBay Search - res://C:\PROGRAMMI\EBAY\EBAY TOOLBAR2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Alice - {10E7D600-A300-4DCC-8909-BCCAA34AD688} - http://gw.aliceadsl.it/alice (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://gw.aliceadsl.it/home
O15 - Trusted Zone: http://www.redfunny.com
O15 - Trusted Zone: http://www.skymasters.biz
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/res ... nPUpld.cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://c6.community.alice.it/download/D ... ctiveX.cab
O18 - Protocol: offline-8876480 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\GAPLUGPROTOCOL-8876480.DLL


Grazie mille. Google per ora sembra funzionare come prima.

Volevo chiederti però cosa dovevo fare con quei file infetti che il programma non mi elimina. E volevo pure chiederti quale programma mi consigli da scaricare per evitare altre intrusioni e che le elimini appena arrivano. Va bene virlt?

Grazie di nuovo.
maxwell023
Newbie
 
Post: 8
Iscritto il: 05/10/06 16:07

Postdi Luke57 » 09/10/06 10:05

Ciao, hai altre infezioni però.
scarica killbox:
http://download.bleepingcomputer.com/sp ... illBox.zip
estrailo sul desktop e apri la cartella che lo contiene e quindi avvialo
Seleziona l'opzione Delete on Reboot . Nello spazio scrivi il percorso del file da eliminare
C:\WINDOWS\__P9HEPQKBJ.EXE
e clicca sulla crocetta rossa (rispondi di no alla richiesta di riavvio)
Poi inserisci nello spazio:
C:\WINDOWS\gcac.exe
a questo punto dici di sì alla richiesta di riavvio

Apri hijackthis, disconnesso da inetrnet, browser e applicazioni chiusi, premi "do a system scan only", cerchi e spunti:
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {DCD24710-C56C-2E34-4217-21F9692E757A} - C:\WINDOWS\KDIPN1.DLL (file missing)
O4 - HKLM\..\Run: [gCac] C:\WINDOWS\gcac.exe
O4 - HKLM\..\Run: [SERVICES.EXE] C:\WINDOWS\__P9HEPQKBJ.EXE
O4 - HKLM\..\Run: [lich] lich.exe
O4 - HKLM\..\Run: [CQMN2.EXE] C:\WINDOWS\TEMP\CQMN2.EXE
O4 - HKLM\..\RunServicesOnce: [*Ua] "C:\PROGRAMMI\FILE COMUNI\SYSTEM\VGD.EXE
O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O15 - Trusted Zone: http://www.redfunny.com
O15 - Trusted Zone: http://www.skymasters.biz

premi fix checked.

Elimina tutti i file temp e tmp di windows, quelli di IE, cookies, svuota il cestino.

Esegui una nuova scansione con Virit, posta nuovo log e report di virit.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi maxwell023 » 09/10/06 11:28

Ecco il nuovo log.

09/10/2006 - 11:55:29

[SCANSIONE DEL REGISTRO]
OK

[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK

C:\_RESTORE\TEMP\A0010440.CPY Infetto da Trojan.Win32.Small.NE
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017880.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017881.CPY Infetto da Trojan.Win32.RootKit.G
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017882.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017883.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017884.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017885.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017886.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017887.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017888.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017889.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017890.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017891.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017892.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017893.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017894.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017895.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017896.CPY Infetto da BHO.MyIEHelper.I
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017897.CPY Infetto da BHO.Agent.BD
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017898.CPY Infetto da Trojan.Win32.Small.NE
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017899.CPY Infetto da BHO.LinkOptimizer.H
Contattare il Supporto Tecnico TG Soft
C:\_RESTORE\TEMP\A0017900.CPY Infetto da Trojan.Win32.Small.NE
Contattare il Supporto Tecnico TG Soft

Chiavi Registro infette: 0.
Files Infetti: 22.
Files Sospetti: 0.
Files Analizzati: 22855.
Files Totali: 22855.
Chiavi Registro rimosse: 0.
Virus Rimossi: 0.

Per quanto riguarda programmi che mi proteggono va bene virit? Però ogni trenta giorni devo reinstallarlo giussto?
maxwell023
Newbie
 
Post: 8
Iscritto il: 05/10/06 16:07

Postdi Luke57 » 09/10/06 11:39

Ciao, ma le altre cose suggerite le hai eseguite?
Posta poi nuovo log di hijackthis.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi maxwell023 » 09/10/06 11:57

Si ho fatto tutto quello che mi hai detto te... Però non ci sono problemi se non riesci a darmi una soluzione immediata al problema, l'importante era quel fastidioso optimizer...

Però se riesco a eliminare anche queste cose meglio...

Grazie di nuovo...

Logfile of HijackThis v1.99.1
Scan saved at 12.53.39, on 09/10/2006
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAMMI\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\IRMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\ASP4TRAY.EXE
C:\MEDIASCAPE\MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\Mediascape\OnScreen Display\OSD.exe
C:\PROGRAM FILES\AHEAD\INCD\INCD.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAMMI\LOGITECH\SETPOINT\SETPOINT.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\VEXPLITE\MONLITE.EXE
C:\PROGRAMMI\PALM\HOTSYNC.EXE
C:\WINDOWS\DVZCOMMON\DVZMSGR.EXE
C:\PROGRAMMI\WINZIP\WZQKPICK.EXE
C:\PROGRAMMI\ALICE TI AIUTA\BIN\MPBTN.EXE
C:\PROGRAMMI\FILE COMUNI\LOGITECH\KHAL\KHALMNPR.EXE
C:\PROGRAMMI\MICROSOFT OFFICE\OFFICE\EXCEL.EXE
C:\PROGRAMMI\ALICE\ALICE ENTERNET\APP\ENTERNET.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gw.aliceadsl.it/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gw.aliceadsl.it/home
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F1 - win.ini: run=hpfsched
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1040,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [IrMon] irmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [VortexTray] ASP4TRAY.EXE
O4 - HKLM\..\Run: [Multimedia Keyboard] C:\Mediascape\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [OnScreen Display] C:\Mediascape\OnScreen Display\OSD.exe
O4 - HKLM\..\Run: [PCHealth] c:\windows\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [EM_EXEC] C:\MOUSE\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [SetPoint] C:\Programmi\Logitech\SetPoint\SetPoint.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe c:\windows\EB1070.USB\CnxTrApp.dll,AppEntryA -REG "Aethra\ADSL EB1070 USB"
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKLM\..\Run: [CQMN1.EXE] C:\WINDOWS\TEMP\CQMN1.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [NPROTECT] C:\programmi\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\OFFICE\OSA9.EXE
O4 - Startup: Manager HotSync.lnk = C:\Programmi\Palm\HOTSYNC.EXE
O4 - Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O4 - Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &eBay Search - res://C:\PROGRAMMI\EBAY\EBAY TOOLBAR2\eBayTb.dll/RCSearch.html
O14 - IERESET.INF: START_PAGE_URL=http://gw.aliceadsl.it/home
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/res ... nPUpld.cab
O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://c6.community.alice.it/download/D ... ctiveX.cab
O18 - Protocol: offline-8876480 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0 - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0s - {E0E47F87-FDCC-4C30-8030-97438F8BF530} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\PROGRAMMI\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\GAPLUGPROTOCOL-8876480.DLL
maxwell023
Newbie
 
Post: 8
Iscritto il: 05/10/06 16:07

Postdi Luke57 » 09/10/06 12:27

Ciao, con hiajckthis elimina questa voce:
O4 - HKLM\..\Run: [CQMN1.EXE] C:\WINDOWS\TEMP\CQMN1.EXE

Poi elimina anche i files (se si faranno eliminare):
C:\WINDOWS\TEMP\CQMN1.EXE
C:\PROGRAMMI\FILE COMUNI\SYSTEM\VGD.EXE
Svuota il cestino.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi maxwell023 » 09/10/06 12:53

Ciao, l'ho fatto, però il primo file c.\windows....exe non lo trovo. L'altro l'ho cancellato.

Ho provato a utilizzare di nuovo virit ma la cartella _restore contiene file infetti che il programma non riesce a individuare...

Dovrei chiederti un'altra cosa già che ci sono.
A volte quando apro dal menù avvio "cerca" inizio una ricerca dei file presenti nel computer il programma si blocca ed esce un errore che il sistema ha caustao un errore in kernell32.exe.

Però non sempre a volte...
maxwell023
Newbie
 
Post: 8
Iscritto il: 05/10/06 16:07

Postdi maxwell023 » 09/10/06 12:56

Scusa ho commesso un errore, quando utilizzo virit, riconosce i virus presenti nella cartella _restore però non li cancella, lo stesso di prima insomma...
maxwell023
Newbie
 
Post: 8
Iscritto il: 05/10/06 16:07


Torna a Sicurezza e Privacy


Topic correlati a "Problema con motore di ricerca... Link optimizer credo...":

problema blocco note
Autore: carlin
Forum: Software Windows
Risposte: 7

Chi c’è in linea

Visitano il forum: Nessuno e 36 ospiti