PROBLEMA V.IRUS ODIOSO

[...:::lukino:::...]

vi scrivo per chiedervi aiuto per un problema che mi assilla da qualche tempo. Stavo su MSN quando ad un certo punto mi arriva un messaggio da un mio amico che dice che sadd.am h,ussein è ancora vivo e che ci sono le foto come prova, io da perfetto imbecille accetto di vedere le foto e mi scarica un file picture.jpg da quel momento il pc è impazzito: bombardo i miei contatti di messaggi che incitano a scaricare il file, se vado su internet e vado su una pagina contenente le parole v.irus, a.ntivi.rus, f.irew.all ecc. firefox si chiude e così explorer, se su pannello di controllo clicco su f.irewall questo non si apre e avast è diventato un a.ntiv.irus fantoccio...aiutatemi vi prego perche sto impazzendo, ho il pc senza f.irew.all e antivirus e non posso prenderne altri perche chiede qualsiasi download o istallazione di programmi che potrebbero ostacolare il vi.rus che ho preso.


tutte le parole con il punto in mezzo sono per evitare che il v.irus capisca e mi chiuda tutto

[Luke57]

vi scrivo per chiedervi aiuto per un problema che mi assilla da qualche tempo. Stavo su MSN quando ad un certo punto mi arriva un messaggio da un mio amico che dice che sadd.am h,ussein è ancora vivo e che ci sono le foto come prova, io da perfetto imbecille accetto di vedere le foto e mi scarica un file picture.jpg da quel momento il pc è impazzito: bombardo i miei contatti di messaggi che incitano a scaricare il file, se vado su internet e vado su una pagina contenente le parole v.irus, a.ntivi.rus, f.irew.all ecc. firefox si chiude e così explorer, se su pannello di controllo clicco su f.irewall questo non si apre e avast è diventato un a.ntiv.irus fantoccio...aiutatemi vi prego perche sto impazzendo, ho il pc senza f.irew.all e antivirus e non posso prenderne altri perche chiede qualsiasi download o istallazione di programmi che potrebbero ostacolare il vi.rus che ho preso.


tutte le parole con il punto in mezzo sono per evitare che il v.irus capisca e mi chiuda tutto

Ciao, apri il taskmanager (ctrl+alt+canc), seleziona il tab.Processi, riporta quali processi hai in esecuzione nel computer.

[...:::lukino:::...]

le ultime sono incomplete xke ho scordato di copiarle

grazie in anticipo per l'aiuto

[Luke57]

Ciao, vai qui:
http://w13.easy-share.com/1065783.html
scarica il file zio.zip sul dektop.
Decomprimilo e colloca il file zio.exe in una cartella del disco fisso appositamente dedicata.
Da tale cartella, lo apri, premi "do a system scan and save a log file", attendi che si apra un file di testo al cui interno viene elaborato un contenuto.
Copi e incolli detto contenuto in un successivo post.

[...:::lukino:::...]

il virus è intelligente e capisce che è un qualcosa che lo danneggia e non me lo apre, non so che fare, apre per un attimo la finestra e poi la chiude all'improvviso

[edo_aol]

allora cmq se stato un po scemo(scherzosamente ad accettare le notizie)sela mia memoria quadra in quelle notizie dovrebbe nascondersi trojan.small.dam un noto virus antipatico..incomincia disabilitare il rispristino configurazione di sistema e fai una scansione con un buona antivirus(kaspersky fai la prova di 30 gg)ed eliminalo.un tool e http://www.housecall.trendmicro.com

[Luke57]

Ciao, puoi provare questo?
Apri il taskmanager, tab.Processi, evidenzi explorer.exe, clicca su termina processo, il desktop scomparirà, è normale. A questo punto, sempre dalla finestra del taskmanager clicca su File>Nuova operazione>sfoglia, individui il percorso del file zio.exe, provi a lanciarlo come suggerito. Se l'operazione riesce, posti il log.
Poi, per ripristinare il desktop, sempre dal taskmanager, clicchi su File>Nuova operazione, nello spazio scrivi
explorer.exe>OK.

[...:::lukino:::...]

si lo so che sono stato un pò scemo, cmq non ho ben capito cosa devo disattivare e il link che mi hai dato non esiste.

cmq ho panda antivirus 2007 originale, credi che possa andare.

cmq ho specificato che me li distrugge li antivirus, è inutile non me li apre

[...:::lukino:::...]

aiutatemi vi prego

[Luke57]

aiutatemi vi prego

Ciao, ma hai provato a fare quello che ti ho detto riguardo a explorer.exe?

[...:::lukino:::...]

si ma pultroppo lo chiude anche là... che posso fare

[Luke57]

si ma pultroppo lo chiude anche là... che posso fare

Ciao, apri il taskmanager, evidenzia i seguenti processi e terminali:
IObitSmartdefrag.exe
wks-nt-xp.exe
fswitch.exe

poi prova a lanciare zio.exe.

Inoltre, scarica runanalyzer da qui:
http://www.safer-networking.org/files/runalyz.exe
lasciagli caricare le informazioni, poi vai su "Rapporti" e clicca su "Crea Rapporto stile HJT",salvalo cliccando sull'icona apposita.
Poi lo incolli in un post.

[...:::lukino:::...]

wks-nt-xp.exe
fswitch.exe

questi due quando li termino si ri-aprono

però sono riuscito a fare la scanzione











Logfile of RunAlyzer 0.3. Copyright © 2000-2005 Safer Networking Limited. All rights reserved.
Scan saved at 08/05/2007 14.21.01
Platform: Windows XP (Build: 2600) Service Pack 2 (5.1.2600)

Running processes:
[System]
System
D:\zio\RunAlyzer\RunAlyzer.exe
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avast4\aswUpdSv.exe
C:\Programmi\Avast4\ashServ.exe
C:\WINDOWS\system32\dllcache\Azureus.exe
C:\Programmi\NavNT\defwatch.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Avast4\ashMaiSv.exe
C:\Programmi\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\The All-Seeing Eye\eye.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\taskmgr.exe
C:\WINDOWS\system32\dllcache\wks-nt-xp.exe
C:\WINDOWS\system32\dllcache\fswitch.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - HKCU\..\Run: [RealPlayer] C:\Programmi\Real\RealPlayer\realplay.exe
O4 - HKCU\..\Run: [Sonic RecordNow! Deluxe]
O4 - HKCU\..\Run: [H/PC Connection Agent] C:\Programmi\Microsoft ActiveSync\Wcescomm.exe
O4 - HKLM\..\Run: [UserFaultCheck] C:\WINDOWS\system32\dumprep.exe
O4 - HKLM\..\Run: [vptray] C:\Programmi\NavNT\vptray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Programmi\QuickTime\qttask.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmi\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [InCD] C:\Programmi\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SmartDefrag] C:\Programmi\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
O4 - HKLM\..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
O23 - Service: avast! Asynchronous Virus Monitor (Aavmker4) - /owner unsupported/ -
O23 - Service: Driver ACPI Microsoft (ACPI) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ACPI.sys
O23 - Service: Eliminatore di eco acustico del kernel Microsoft (aec) - /owner unsupported/ - C:\WINDOWS\system32\drivers\aec.sys
O23 - Service: Ambiente supporto di rete AFD (AFD) - /owner unsupported/ - C:\WINDOWS\System32\drivers\afd.sys
O23 - Service: Filtro bus Intel AGP (agp440) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\agp440.sys
O23 - Service: Service for WDM 3D Audio Driver (ALCXSENS) - /owner unsupported/ - C:\WINDOWS\system32\drivers\ALCXSENS.SYS
O23 - Service: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - /owner unsupported/ - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O23 - Service: Avvisi (Alerter) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Servizio Gateway di livello applicazione (ALG) - /owner unsupported/ - C:\WINDOWS\System32\alg.exe
O23 - Service: AnyDVD (AnyDVD) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\AnyDVD.sys
O23 - Service: Gestione applicazione (AppMgmt) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: ASP.NET State Service (aspnet_state) - /owner unsupported/ - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
O23 - Service: avast! Standard Shield Support (aswMon2) - /owner unsupported/ -
O23 - Service: aswRdr (aswRdr) - /owner unsupported/ -
O23 - Service: avast! Network Shield Support (aswTdi) - /owner unsupported/ -
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - /owner unsupported/ - C:\Programmi\Avast4\aswUpdSv.exe
O23 - Service: Driver per supporti asincroni RAS (AsyncMac) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\asyncmac.sys
O23 - Service: Controller disco rigido IDE/ESDI standard (atapi) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\atapi.sys
O23 - Service: Protocollo client ARP ATM (Atmarpc) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\atmarpc.sys
O23 - Service: Audio Windows (AudioSrv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver stub audio (audstub) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\audstub.sys
O23 - Service: avast! Antivirus (avast! Antivirus) - /owner unsupported/ - C:\Programmi\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! Mail Scanner) - /owner unsupported/ - C:\Programmi\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! Web Scanner) - /owner unsupported/ - C:\Programmi\Avast4\ashWebSv.exe
O23 - Service: Azureus Service (Azureus Service) - /owner unsupported/ - C:\WINDOWS\system32\dllcache\Azureus.exe
O23 - Service: Servizio trasferimento intelligente in background (BITS) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Browser di computer (Browser) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Decoder sottotitoli codificati (CCDECODE) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O23 - Service: Driver del CD-ROM (Cdrom) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\cdrom.sys
O23 - Service: Servizio di indicizzazione (CiSvc) - /owner unsupported/ - C:\WINDOWS\system32\cisvc.exe
O23 - Service: ClipBook (ClipSrv) - /owner unsupported/ - C:\WINDOWS\system32\clipsrv.exe
O23 - Service: Applicazione di sistema COM+ (COMSysApp) - /owner unsupported/ - C:\WINDOWS\System32\dllhost.exe
O23 - Service: Servizi di crittografia (CryptSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: Utilità di avvio processo server DCOM (DcomLaunch) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: DefWatch (DefWatch) - /owner unsupported/ - C:\Programmi\NavNT\defwatch.exe
O23 - Service: Client DHCP (Dhcp) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver del disco (Disk) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\disk.sys
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - /owner unsupported/ - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Driver Gestione dischi logici (dmio) - /owner unsupported/ - C:\WINDOWS\System32\drivers\dmio.sys
O23 - Service: Gestione dischi logici (dmserver) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Sintetizzatore DLS Microsoft Kernel (DMusic) - /owner unsupported/ - C:\WINDOWS\system32\drivers\DMusic.sys
O23 - Service: Client DNS (Dnscache) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Decodificatore audio DRM del kernel Microsoft (drmkaud) - /owner unsupported/ - C:\WINDOWS\system32\drivers\drmkaud.sys
O23 - Service: ElbyCDIO Driver (ElbyCDIO) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\ElbyCDIO.sys
O23 - Service: Servizio di segnalazione errori (ERSvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Registro eventi (Eventlog) - /owner unsupported/ - C:\WINDOWS\system32\services.exe
O23 - Service: Sistema di eventi COM+ (EventSystem) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Fast Switching Compatibility (Fast Switching Compatibility) - /owner unsupported/ - C:\WINDOWS\system32\dllcache\fswitch.exe
O23 - Service: Compatibilità di Cambio rapido utente (FastUserSwitchingCompatibility) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver controller disco floppy (Fdc) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\fdc.sys
O23 - Service: Driver disco floppy (Flpydisk) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\flpydisk.sys
O23 - Service: FltMgr (FltMgr) - /owner unsupported/ - C:\WINDOWS\system32\drivers\fltmgr.sys
O23 - Service: Driver archiviazione volumi (Ftdisk) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ftdisk.sys
O23 - Service: Enumeratore porta giochi (gameenum) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\gameenum.sys
O23 - Service: GEARAspiWDM (GEARAspiWDM) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
O23 - Service: Utilità di classificazione pacchetti generica (Gpc) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\msgpc.sys
O23 - Service: Guida in linea e supporto tecnico (helpsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Attivatore da Microsoft Hid a porta joystick (hidgame) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\hidgame.sys
O23 - Service: HID Input Service (HidServ) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver di classe HID Microsoft (HidUsb) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O23 - Service: HTTP (HTTP) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\HTTP.sys
O23 - Service: SSL HTTP (HTTPFilter) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver di porta mouse PS/2 e tastiera i8042 (i8042prt) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
O23 - Service: Intel(R) Ultra ATA Controller (IdeChnDr) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\IdeChnDr.sys
O23 - Service: InstallDriver Table Manager (IDriverT) - /owner unsupported/ - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Driver filtro masterizzazione CD (Imapi) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\imapi.sys
O23 - Service: Servizio COM di masterizzazione CD IMAPI (ImapiService) - /owner unsupported/ - C:\WINDOWS\System32\imapi.exe
O23 - Service: InCD File System (InCDfs) - /owner unsupported/ -
O23 - Service: InCDPass (InCDPass) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\InCDPass.sys
O23 - Service: InCD EasyWrite Reader (incdrm) - /owner unsupported/ -
O23 - Service: InCD Helper (InCDsrv) - /owner unsupported/ - C:\Programmi\Ahead\InCD\InCDsrv.exe
O23 - Service: Driver processore Intel (intelppm) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\intelppm.sys
O23 - Service: Driver Windows Firewall IPv6 (ip6fw) - /owner unsupported/ - C:\WINDOWS\system32\drivers\ip6fw.sys
O23 - Service: Driver filtro traffico IP (IpFilterDriver) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys
O23 - Service: Driver tunnel IP in IP (IpInIp) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ipinip.sys
O23 - Service: Traduttore indirizzi di rete IP (IpNat) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ipnat.sys
O23 - Service: iPod Service (iPod Service) - /owner unsupported/ - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Driver IPSEC (IPSec) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ipsec.sys
O23 - Service: Servizio enumeratore infrarossi (IRENUM) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\irenum.sys
O23 - Service: Driver bus PnP ISA/EISA (isapnp) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\isapnp.sys
O23 - Service: iTouch Keyboard Filter (itchfltr) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\itchfltr.sys
O23 - Service: Driver classe tastiera (Kbdclass) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
O23 - Service: Driver di tastiera HID (kbdhid) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O23 - Service: Mixer wave audio del kernel Microsoft (kmixer) - /owner unsupported/ - C:\WINDOWS\system32\drivers\kmixer.sys
O23 - Service: Server (lanmanserver) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Workstation (lanmanworkstation) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Logitech USB Filter Driver (LCcfltr) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\LCcFltr.Sys
O23 - Service: Logitech USB Receiver device driver (LHidUsb) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\LHidUsb.Sys
O23 - Service: Helper NetBIOS di TCP/IP (LmHosts) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Machine Debug Manager (MDM) - /owner unsupported/ - C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
O23 - Service: Messenger (Messenger) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Microsoft Workstation Services (Microsoft Workstation Services) - /owner unsupported/ - C:\WINDOWS\system32\dllcache\wks-nt-xp.exe
O23 - Service: Condivisione desktop remoto di NetMeeting (mnmsrvc) - /owner unsupported/ - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Driver classe mouse (Mouclass) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\mouclass.sys
O23 - Service: Driver di mouse HID (mouhid) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\mouhid.sys
O23 - Service: Gestore installazione (Mounting) (MountMgr) - /owner unsupported/ -
O23 - Service: Redirector del client WebDav (MRxDAV) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\mrxdav.sys
O23 - Service: MRXSMB (MRxSmb) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
O23 - Service: Distributed Transaction Coordinator (MSDTC) - /owner unsupported/ - C:\WINDOWS\System32\msdtc.exe
O23 - Service: Windows Installer (MSIServer) - /owner unsupported/ - C:\WINDOWS\system32\msiexec.exe
O23 - Service: Proxy di servizio di flusso Microsoft (MSKSSRV) - /owner unsupported/ - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O23 - Service: Proxy clock di flusso Microsoft (MSPCLOCK) - /owner unsupported/ - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O23 - Service: Proxy di gestione qualità di flusso Microsoft (MSPQM) - /owner unsupported/ - C:\WINDOWS\system32\drivers\MSPQM.sys
O23 - Service: Driver BIOS Microsoft System Management (mssmbios) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\mssmbios.sys
O23 - Service: Convertitore a T/Sito a sito per flusso Microsoft (MSTEE) - /owner unsupported/ - C:\WINDOWS\system32\drivers\MSTEE.sys
O23 - Service: Driver Microsoft MPU-401 MIDI UART (ms_mpu401) - /owner unsupported/ - C:\WINDOWS\system32\drivers\msmpu401.sys
O23 - Service: Mup (Mup) - /owner unsupported/ -
O23 - Service: NABTS/FEC VBI Codec (NABTSFEC) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O23 - Service: Driver di sistema NDIS (NDIS) - /owner unsupported/ -
O23 - Service: Connesione TV/Video Microsoft (NdisIP) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O23 - Service: Driver TAPI NDIS di accesso remoto (NdisTapi) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ndistapi.sys
O23 - Service: Protocollo I/O modalità utente su NDIS (Ndisuio) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ndisuio.sys
O23 - Service: Driver WAN NDIS di accesso remoto (NdisWan) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ndiswan.sys
O23 - Service: Interfaccia NetBIOS (NetBIOS) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\netbios.sys
O23 - Service: NetBios su Tcpip (NetBT) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\netbt.sys
O23 - Service: DDE di rete (NetDDE) - /owner unsupported/ - C:\WINDOWS\system32\netdde.exe
O23 - Service: DDE DSDM di rete (NetDDEdsdm) - /owner unsupported/ - C:\WINDOWS\system32\netdde.exe
O23 - Service: Accesso rete (Netlogon) - /owner unsupported/ - C:\WINDOWS\System32\lsass.exe
O23 - Service: Connessioni di rete (Netman) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: NLA (Network Location Awareness) (Nla) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver di Network Monitor (nm) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\NMnt.sys
O23 - Service: Norton AntiVirus Server (Norton AntiVirus Server) - /owner unsupported/ - C:\Programmi\NavNT\rtvscan.exe
O23 - Service: NetGroup Packet Filter Driver (NPF) - /owner unsupported/ - C:\WINDOWS\system32\drivers\npf.sys
O23 - Service: Provider supporto protezione LM NT (NtLmSsp) - /owner unsupported/ - C:\WINDOWS\System32\lsass.exe
O23 - Service: Archivi rimovibili (NtmsSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - /owner unsupported/ - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Driver filtro traffico IPX (NwlnkFlt) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys
O23 - Service: Driver inoltratore traffico IPX (NwlnkFwd) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys
O23 - Service: Trust WB-1400T Webcam (PAC207) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\pfc027.sys
O23 - Service: Driver della porta parallela (Parport) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\parport.sys
O23 - Service: Gestore partizioni (PartMgr) - /owner unsupported/ -
O23 - Service: Panda Antispam Service (PASSRV) - /owner unsupported/ - C:\Programmi\Panda Software\Panda Platinum Internet Security\passrv.exe
O23 - Service: Panda anti-virus driver (PAVDRV) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\pavdrv51.sys
O23 - Service: Panda Firewall Service (PAVFIRES) - /owner unsupported/ -
O23 - Service: Panda anti-virus service (PAVSRV) - /owner unsupported/ -
O23 - Service: Driver bus PCI (PCI) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\pci.sys
O23 - Service: Padus ASPI Shell (pfc) - /owner unsupported/ - C:\WINDOWS\system32\drivers\pfc.sys
O23 - Service: Plug and Play (PlugPlay) - /owner unsupported/ - C:\WINDOWS\system32\services.exe
O23 - Service: PnkBstrA (PnkBstrA) - /owner unsupported/ - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB (PnkBstrB) - /owner unsupported/ - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: PnkBstrK (PnkBstrK) - /owner unsupported/ - C:\WINDOWS\system32\drivers\PnkBstrK.sys
O23 - Service: Servizi IPSEC (PolicyAgent) - /owner unsupported/ - C:\WINDOWS\System32\lsass.exe
O23 - Service: WAN Miniport (PPTP) (PptpMiniport) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\raspptp.sys
O23 - Service: Driver processore (Processor) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\processr.sys
O23 - Service: Archiviazione protetta (ProtectedStorage) - /owner unsupported/ - C:\WINDOWS\system32\lsass.exe
O23 - Service: Utilità di pianificazione pacchetti QoS (PSched) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\psched.sys
O23 - Service: Panda Imanager Service (PSIMSVC) - /owner unsupported/ - C:\Programmi\Panda Software\Panda Platinum Internet Security\psimsvc.exe
O23 - Service: Driver Direct Parallel Link (Ptilink) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ptilink.sys
O23 - Service: PxHelp20 (PxHelp20) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O23 - Service: Driver connessione automatica Accesso remoto (RasAcd) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O23 - Service: Auto Connection Manager di Accesso remoto (RasAuto) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: WAN Miniport (L2TP) (Rasl2tp) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\rasl2tp.sys
O23 - Service: Connection Manager di Accesso remoto (RasMan) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver PPPOE di accesso remoto (RasPppoe) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\raspppoe.sys
O23 - Service: Direct Parallel (Raspti) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\raspti.sys
O23 - Service: Rdbss (Rdbss) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O23 - Service: Driver redirector periferica Terminal Server (rdpdr) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\rdpdr.sys
O23 - Service: Gestione sessione di assistenza mediante desktop remoto (RDSessMgr) - /owner unsupported/ - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Driver filtro riproduzione CD-ROM audio digitale (redbook) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\redbook.sys
O23 - Service: Routing e Accesso remoto (RemoteAccess) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Registro di sistema remoto (RemoteRegistry) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: Microsoft Legacy Modem Driver (ROOTMODEM) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\RootMdm.sys
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - /owner unsupported/ - C:\Programmi\WinPcap\rpcapd.exe
O23 - Service: RPC Locator (RpcLocator) - /owner unsupported/ - C:\WINDOWS\System32\locator.exe
O23 - Service: RPC (Remote Procedure Call) (RpcSs) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: QoS RSVP (RSVP) - /owner unsupported/ - C:\WINDOWS\System32\rsvp.exe
O23 - Service: Driver NT scheda Fast Ethernet PCI Realtek basata su RTL8139 (rtl8139) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
O23 - Service: Gestione account di protezione (SAM) (SamSs) - /owner unsupported/ - C:\WINDOWS\system32\lsass.exe
O23 - Service: smart card (SCardSvr) - /owner unsupported/ - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Utilità di pianificazione (Schedule) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Secdrv (Secdrv) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\secdrv.sys
O23 - Service: Accesso secondario (seclogon) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Notifica eventi di sistema (SENS) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: Driver filtro Serenum (serenum) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\serenum.sys
O23 - Service: Driver della porta seriale (Serial) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\serial.sys
O23 - Service: Driver del mouse seriale (sermouse) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\sermouse.sys
O23 - Service: StarForce Protection Environment Driver (version 1.x) (sfdrv01) - /owner unsupported/ - C:\WINDOWS\System32\drivers\sfdrv01.sys
O23 - Service: StarForce Protection Helper Driver (version 2.x) (sfhlp02) - /owner unsupported/ - C:\WINDOWS\System32\drivers\sfhlp02.sys
O23 - Service: StarForce Protection Synchronization Driver (version 2.x) (sfsync02) - /owner unsupported/ - C:\WINDOWS\System32\drivers\sfsync02.sys
O23 - Service: Windows Firewall / Condivisione connessione Internet (ICS) (SharedAccess) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Rilevamento hardware shell (ShellHWDetection) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: BDA Slip De-Framer (SLIP) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O23 - Service: Frazionatore audio del kernel Microsoft (splitter) - /owner unsupported/ - C:\WINDOWS\system32\drivers\splitter.sys
O23 - Service: Spooler di stampa (Spooler) - /owner unsupported/ - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Driver filtro Ripristino configurazione di sistema (sr) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\sr.sys
O23 - Service: Servizio Ripristino configurazione di sistema (srservice) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Srv (Srv) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\srv.sys
O23 - Service: Servizio di rilevamento SSDP (SSDPSRV) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: STI Simulator (STI Simulator) - /owner unsupported/ - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Acquisizione di immagini di Windows (WIA) (stisvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: BDA IPSink (streamip) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O23 - Service: Driver bus software (swenum) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\swenum.sys
O23 - Service: Sintetizzatore Wavetable GS kernel Microsoft (swmidi) - /owner unsupported/ - C:\WINDOWS\system32\drivers\swmidi.sys
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - /owner unsupported/ - C:\WINDOWS\System32\dllhost.exe
O23 - Service: Periferica audio di sistema Microsoft Kernel (sysaudio) - /owner unsupported/ - C:\WINDOWS\system32\drivers\sysaudio.sys
O23 - Service: Avvisi e registri di prestazioni (SysmonLog) - /owner unsupported/ - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telefonia (TapiSrv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver protocollo TCP/IP (Tcpip) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\tcpip.sys
O23 - Service: Teefer for NT (Teefer) - /owner unsupported/ - C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys
O23 - Service: Driver della periferica terminale (TermDD) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\termdd.sys
O23 - Service: Servizi terminal (TermService) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Temi (Themes) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Telnet (TlntSvr) - /owner unsupported/ - C:\WINDOWS\System32\tlntsvr.exe
O23 - Service: Manutenzione collegamenti distribuiti client (TrkWks) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: Driver aggiornamento microcodice (Update) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\update.sys
O23 - Service: Host di periferiche Plug and Play universali (upnphost) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Gruppo di continuità (UPS) - /owner unsupported/ - C:\WINDOWS\System32\ups.exe
O23 - Service: Driver principale generico USB Microsoft (usbccgp) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O23 - Service: Driver Miniport controller enhanced host USB 2.0 Microsoft (usbehci) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\usbehci.sys
O23 - Service: Driver hub USB standard Microsoft (usbhub) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\usbhub.sys
O23 - Service: Driver archiviazione di massa USB (USBSTOR) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
O23 - Service: Driver Miniport Controller Universal Host USB Microsoft (usbuhci) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\usbuhci.sys
O23 - Service: Servizio Messenger Sharing Folders USN Journal Reader (usnjsvc) - /owner unsupported/ - C:\Programmi\MSN Messenger\usnsvc.exe
O23 - Service: Controller video VGA. (VgaSave) - /owner unsupported/ - C:\WINDOWS\System32\drivers\vga.sys
O23 - Service: Copia replicata del volume (VSS) - /owner unsupported/ - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Ora di Windows (W32Time) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver ARP IP di accesso remoto (Wanarp) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\wanarp.sys
O23 - Service: Windows CE USB Serial Host Driver (wceusbsh) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
O23 - Service: Driver di compatibilità audio Microsoft WINMM WDM (wdmaud) - /owner unsupported/ - C:\WINDOWS\system32\drivers\wdmaud.sys
O23 - Service: WebClient (WebClient) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: SyGate for NT, wg3n (wg3n) - /owner unsupported/ - C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys
O23 - Service: Strumentazione gestione Windows (winmgmt) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: Servizio Numero di serie per dispositivi multimediali portatili (WmdmPmSN) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Estensioni driver di Strumentazione gestione Windows (Wmi) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Scheda WMI Performance (WmiApSrv) - /owner unsupported/ - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - /owner unsupported/ - C:\Programmi\Windows Media Player\WMPNetwk.exe
O23 - Service: wpsdrvnt (wpsdrvnt) - /owner unsupported/ - C:\WINDOWS\system32\drivers\wpsdrvnt.sys
O23 - Service: Ambiente di supporto del provider del Servizio Non-IFS di Windows Socket 2.0 (WS2IFSL) - /owner unsupported/ - C:\WINDOWS\System32\drivers\ws2ifsl.sys
O23 - Service: Centro sicurezza PC (wscsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Codec World Standard Teletext (WSTCODEC) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
O23 - Service: Aggiornamenti automatici (wuauserv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O23 - Service: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\wudfrd.sys
O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: Zero Configuration reti senza fili (WZCSVC) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Servizio Provisioning di rete (xmlprov) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} () - http://fpdownload.macromedia.com/get/sh ... tor/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} () - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} () - http://www.th4.org/toolbar/Install.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} () - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} () - http://lucasblog1992.spaces.live.com//P ... nPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} () - http://messenger.zone.msn.com/IT-IT/a-U ... E_UNO1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
O16 - DPF: {99BDE9B5-0D50-43E8-9981-773C48CF25EF} () - http://67.15.5.151/ProWeb899.CAB
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) - http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) - http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} () - http://download.macromedia.com/pub/shoc ... wflash.cab

[Luke57]

Ciao, scarica KILLBOX da qui
http://www.bleepingcomputer.com/files/s ... illBox.zip
mettilo sul desktop

Poi, riavvia in modalità provvisoria
(Avviare il computer.Subito dopo il calcolo della RAM e prima che inizi a caricarsi Windows, iniziare a premere ripetutamente il tasto F8 sulla tastiera. Continuare a farlo fino a visualizzare il menu Opzioni avanzate di Windows.
Usando i tasti freccia sulla tastiera, scorrere le opzioni e selezionare il menu Modalità Provvisoria, quindi premere Invio)

Rendi visibili file e cartelle nascosti:
da risorse del computer>strumenti>Opzioni Cartella
Seleziona Visualizza
Spunta "mostra file e cartelle nascoste"
Togli la spunta da "nascondi file di sistema protetti (consigliato)"
Click Ok

Vai a cercare ed elimina questi file:
C:\WINDOWS\system32\dllcache\wks-nt-xp.exeC:\WINDOWS\system32\dllcache\fswitch.exe


Se non fosse possibile,
- estrai killbox.exe e apri la cartella che lo contiene e quindi avvialo
- Seleziona l'opzione Delete on Reboot . Nello spazio scrivi il percorso del file da eliminare
C:\WINDOWS\system32\dllcache\wks-nt-xp.exe
e clicchi sulla crocetta rossa (rispondi di No alla richiesta di riavvio)
Poi inserisci:
C:\WINDOWS\system32\dllcache\fswitch.exe
e clicchi sulla crocetta rossa (questa volta rispondi sì alla richiesta di riavvio)
Riavvia in mod.normale, prova a usare hijackthis.

[...:::lukino:::...]

ho fatto ma non mi apre hijackth.is...che faccio ora???

[...:::lukino:::...]

Logfile of RunAlyzer 0.3. Copyright © 2000-2005 Safer Networking Limited. All rights reserved.
Scan saved at 08/05/2007 19.00.36
Platform: Windows XP (Build: 2600) Service Pack 2 (5.1.2600)

Running processes:
[System]
System
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\Programmi\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Avast4\aswUpdSv.exe
C:\Programmi\Avast4\ashServ.exe
C:\WINDOWS\system32\dllcache\Azureus.exe
C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe
C:\Programmi\NavNT\defwatch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Avast4\ashMaiSv.exe
C:\Programmi\Avast4\ashWebSv.exe
C:\Programmi\File comuni\System\skypetalk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Documents and Settings\querzola\Desktop\KillBox.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\zio\RunAlyzer\RunAlyzer.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - HKCU\..\Run: [Sonic RecordNow! Deluxe]
O4 - HKCU\..\Run: [RealPlayer] C:\Programmi\Real\RealPlayer\realplay.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] C:\Programmi\Microsoft ActiveSync\Wcescomm.exe
O4 - HKLM\..\Run: [Windows Update] C:\Programmi\File comuni\System\skypetalk.exe
O4 - HKLM\..\Run: [vptray] C:\Programmi\NavNT\vptray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmi\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [InCD] C:\Programmi\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE
O4 - HKLM\..\Run: [UserFaultCheck] C:\WINDOWS\system32\dumprep.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Programmi\QuickTime\qttask.exe
O4 - HKLM\..\Run: [SmartDefrag] C:\Programmi\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
O23 - Service: avast! Asynchronous Virus Monitor (Aavmker4) - /owner unsupported/ -
O23 - Service: Driver ACPI Microsoft (ACPI) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ACPI.sys
O23 - Service: Eliminatore di eco acustico del kernel Microsoft (aec) - /owner unsupported/ - C:\WINDOWS\system32\drivers\aec.sys
O23 - Service: Ambiente supporto di rete AFD (AFD) - /owner unsupported/ - C:\WINDOWS\System32\drivers\afd.sys
O23 - Service: Filtro bus Intel AGP (agp440) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\agp440.sys
O23 - Service: Service for WDM 3D Audio Driver (ALCXSENS) - /owner unsupported/ - C:\WINDOWS\system32\drivers\ALCXSENS.SYS
O23 - Service: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - /owner unsupported/ - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O23 - Service: Avvisi (Alerter) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Servizio Gateway di livello applicazione (ALG) - /owner unsupported/ - C:\WINDOWS\System32\alg.exe
O23 - Service: AnyDVD (AnyDVD) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\AnyDVD.sys
O23 - Service: Gestione applicazione (AppMgmt) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: ASP.NET State Service (aspnet_state) - /owner unsupported/ - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
O23 - Service: avast! Standard Shield Support (aswMon2) - /owner unsupported/ -
O23 - Service: aswRdr (aswRdr) - /owner unsupported/ -
O23 - Service: avast! Network Shield Support (aswTdi) - /owner unsupported/ -
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - /owner unsupported/ - C:\Programmi\Avast4\aswUpdSv.exe
O23 - Service: Driver per supporti asincroni RAS (AsyncMac) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\asyncmac.sys
O23 - Service: Controller disco rigido IDE/ESDI standard (atapi) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\atapi.sys
O23 - Service: Protocollo client ARP ATM (Atmarpc) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\atmarpc.sys
O23 - Service: Audio Windows (AudioSrv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver stub audio (audstub) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\audstub.sys
O23 - Service: avast! Antivirus (avast! Antivirus) - /owner unsupported/ - C:\Programmi\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! Mail Scanner) - /owner unsupported/ - C:\Programmi\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! Web Scanner) - /owner unsupported/ - C:\Programmi\Avast4\ashWebSv.exe
O23 - Service: Azureus Service (Azureus Service) - /owner unsupported/ - C:\WINDOWS\system32\dllcache\Azureus.exe
O23 - Service: Servizio trasferimento intelligente in background (BITS) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Browser di computer (Browser) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Decoder sottotitoli codificati (CCDECODE) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O23 - Service: Driver del CD-ROM (Cdrom) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\cdrom.sys
O23 - Service: Servizio di indicizzazione (CiSvc) - /owner unsupported/ - C:\WINDOWS\system32\cisvc.exe
O23 - Service: ClipBook (ClipSrv) - /owner unsupported/ - C:\WINDOWS\system32\clipsrv.exe
O23 - Service: Applicazione di sistema COM+ (COMSysApp) - /owner unsupported/ - C:\WINDOWS\System32\dllhost.exe
O23 - Service: Servizi di crittografia (CryptSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: Utilità di avvio processo server DCOM (DcomLaunch) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: DefWatch (DefWatch) - /owner unsupported/ - C:\Programmi\NavNT\defwatch.exe
O23 - Service: Client DHCP (Dhcp) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver del disco (Disk) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\disk.sys
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - /owner unsupported/ - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Driver Gestione dischi logici (dmio) - /owner unsupported/ - C:\WINDOWS\System32\drivers\dmio.sys
O23 - Service: Gestione dischi logici (dmserver) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Sintetizzatore DLS Microsoft Kernel (DMusic) - /owner unsupported/ - C:\WINDOWS\system32\drivers\DMusic.sys
O23 - Service: Client DNS (Dnscache) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Decodificatore audio DRM del kernel Microsoft (drmkaud) - /owner unsupported/ - C:\WINDOWS\system32\drivers\drmkaud.sys
O23 - Service: ElbyCDIO Driver (ElbyCDIO) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\ElbyCDIO.sys
O23 - Service: Servizio di segnalazione errori (ERSvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Registro eventi (Eventlog) - /owner unsupported/ - C:\WINDOWS\system32\services.exe
O23 - Service: Sistema di eventi COM+ (EventSystem) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Fast Switching Compatibility (Fast Switching Compatibility) - /owner unsupported/ - C:\WINDOWS\system32\dllcache\fswitch.exe
O23 - Service: Compatibilità di Cambio rapido utente (FastUserSwitchingCompatibility) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver controller disco floppy (Fdc) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\fdc.sys
O23 - Service: Driver disco floppy (Flpydisk) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\flpydisk.sys
O23 - Service: FltMgr (FltMgr) - /owner unsupported/ - C:\WINDOWS\system32\drivers\fltmgr.sys
O23 - Service: Driver archiviazione volumi (Ftdisk) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ftdisk.sys
O23 - Service: Enumeratore porta giochi (gameenum) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\gameenum.sys
O23 - Service: GEARAspiWDM (GEARAspiWDM) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
O23 - Service: Utilità di classificazione pacchetti generica (Gpc) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\msgpc.sys
O23 - Service: Guida in linea e supporto tecnico (helpsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Attivatore da Microsoft Hid a porta joystick (hidgame) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\hidgame.sys
O23 - Service: HID Input Service (HidServ) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver di classe HID Microsoft (HidUsb) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O23 - Service: HTTP (HTTP) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\HTTP.sys
O23 - Service: SSL HTTP (HTTPFilter) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver di porta mouse PS/2 e tastiera i8042 (i8042prt) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
O23 - Service: Intel(R) Ultra ATA Controller (IdeChnDr) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\IdeChnDr.sys
O23 - Service: InstallDriver Table Manager (IDriverT) - /owner unsupported/ - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Driver filtro masterizzazione CD (Imapi) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\imapi.sys
O23 - Service: Servizio COM di masterizzazione CD IMAPI (ImapiService) - /owner unsupported/ - C:\WINDOWS\System32\imapi.exe
O23 - Service: InCD File System (InCDfs) - /owner unsupported/ -
O23 - Service: InCDPass (InCDPass) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\InCDPass.sys
O23 - Service: InCD EasyWrite Reader (incdrm) - /owner unsupported/ -
O23 - Service: InCD Helper (InCDsrv) - /owner unsupported/ - C:\Programmi\Ahead\InCD\InCDsrv.exe
O23 - Service: Driver processore Intel (intelppm) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\intelppm.sys
O23 - Service: Driver Windows Firewall IPv6 (ip6fw) - /owner unsupported/ - C:\WINDOWS\system32\drivers\ip6fw.sys
O23 - Service: Driver filtro traffico IP (IpFilterDriver) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys
O23 - Service: Driver tunnel IP in IP (IpInIp) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ipinip.sys
O23 - Service: Traduttore indirizzi di rete IP (IpNat) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ipnat.sys
O23 - Service: iPod Service (iPod Service) - /owner unsupported/ - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Driver IPSEC (IPSec) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ipsec.sys
O23 - Service: Servizio enumeratore infrarossi (IRENUM) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\irenum.sys
O23 - Service: Driver bus PnP ISA/EISA (isapnp) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\isapnp.sys
O23 - Service: iTouch Keyboard Filter (itchfltr) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\itchfltr.sys
O23 - Service: Driver classe tastiera (Kbdclass) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
O23 - Service: Driver di tastiera HID (kbdhid) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O23 - Service: Mixer wave audio del kernel Microsoft (kmixer) - /owner unsupported/ - C:\WINDOWS\system32\drivers\kmixer.sys
O23 - Service: Server (lanmanserver) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Workstation (lanmanworkstation) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Logitech USB Filter Driver (LCcfltr) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\LCcFltr.Sys
O23 - Service: Logitech USB Receiver device driver (LHidUsb) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\LHidUsb.Sys
O23 - Service: Helper NetBIOS di TCP/IP (LmHosts) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Machine Debug Manager (MDM) - /owner unsupported/ - C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
O23 - Service: Messenger (Messenger) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Microsoft Workstation Services (Microsoft Workstation Services) - /owner unsupported/ - C:\WINDOWS\system32\dllcache\wks-nt-xp.exe
O23 - Service: Condivisione desktop remoto di NetMeeting (mnmsrvc) - /owner unsupported/ - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Driver classe mouse (Mouclass) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\mouclass.sys
O23 - Service: Driver di mouse HID (mouhid) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\mouhid.sys
O23 - Service: Gestore installazione (Mounting) (MountMgr) - /owner unsupported/ -
O23 - Service: Redirector del client WebDav (MRxDAV) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\mrxdav.sys
O23 - Service: MRXSMB (MRxSmb) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
O23 - Service: Distributed Transaction Coordinator (MSDTC) - /owner unsupported/ - C:\WINDOWS\System32\msdtc.exe
O23 - Service: Windows Installer (MSIServer) - /owner unsupported/ - C:\WINDOWS\system32\msiexec.exe
O23 - Service: Proxy di servizio di flusso Microsoft (MSKSSRV) - /owner unsupported/ - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O23 - Service: Proxy clock di flusso Microsoft (MSPCLOCK) - /owner unsupported/ - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O23 - Service: Proxy di gestione qualità di flusso Microsoft (MSPQM) - /owner unsupported/ - C:\WINDOWS\system32\drivers\MSPQM.sys
O23 - Service: Driver BIOS Microsoft System Management (mssmbios) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\mssmbios.sys
O23 - Service: Convertitore a T/Sito a sito per flusso Microsoft (MSTEE) - /owner unsupported/ - C:\WINDOWS\system32\drivers\MSTEE.sys
O23 - Service: Driver Microsoft MPU-401 MIDI UART (ms_mpu401) - /owner unsupported/ - C:\WINDOWS\system32\drivers\msmpu401.sys
O23 - Service: Mup (Mup) - /owner unsupported/ -
O23 - Service: NABTS/FEC VBI Codec (NABTSFEC) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O23 - Service: Driver di sistema NDIS (NDIS) - /owner unsupported/ -
O23 - Service: Connesione TV/Video Microsoft (NdisIP) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O23 - Service: Driver TAPI NDIS di accesso remoto (NdisTapi) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ndistapi.sys
O23 - Service: Protocollo I/O modalità utente su NDIS (Ndisuio) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ndisuio.sys
O23 - Service: Driver WAN NDIS di accesso remoto (NdisWan) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ndiswan.sys
O23 - Service: Interfaccia NetBIOS (NetBIOS) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\netbios.sys
O23 - Service: NetBios su Tcpip (NetBT) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\netbt.sys
O23 - Service: DDE di rete (NetDDE) - /owner unsupported/ - C:\WINDOWS\system32\netdde.exe
O23 - Service: DDE DSDM di rete (NetDDEdsdm) - /owner unsupported/ - C:\WINDOWS\system32\netdde.exe
O23 - Service: Accesso rete (Netlogon) - /owner unsupported/ - C:\WINDOWS\System32\lsass.exe
O23 - Service: Connessioni di rete (Netman) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: NLA (Network Location Awareness) (Nla) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver di Network Monitor (nm) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\NMnt.sys
O23 - Service: Norton AntiVirus Server (Norton AntiVirus Server) - /owner unsupported/ - C:\Programmi\NavNT\rtvscan.exe
O23 - Service: NetGroup Packet Filter Driver (NPF) - /owner unsupported/ - C:\WINDOWS\system32\drivers\npf.sys
O23 - Service: Provider supporto protezione LM NT (NtLmSsp) - /owner unsupported/ - C:\WINDOWS\System32\lsass.exe
O23 - Service: Archivi rimovibili (NtmsSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - /owner unsupported/ - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Driver filtro traffico IPX (NwlnkFlt) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys
O23 - Service: Driver inoltratore traffico IPX (NwlnkFwd) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys
O23 - Service: Trust WB-1400T Webcam (PAC207) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\pfc027.sys
O23 - Service: Driver della porta parallela (Parport) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\parport.sys
O23 - Service: Gestore partizioni (PartMgr) - /owner unsupported/ -
O23 - Service: Panda Antispam Service (PASSRV) - /owner unsupported/ - C:\Programmi\Panda Software\Panda Platinum Internet Security\passrv.exe
O23 - Service: Panda anti-virus driver (PAVDRV) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\pavdrv51.sys
O23 - Service: Panda Firewall Service (PAVFIRES) - /owner unsupported/ -
O23 - Service: Panda anti-virus service (PAVSRV) - /owner unsupported/ -
O23 - Service: Driver bus PCI (PCI) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\pci.sys
O23 - Service: Padus ASPI Shell (pfc) - /owner unsupported/ - C:\WINDOWS\system32\drivers\pfc.sys
O23 - Service: Plug and Play (PlugPlay) - /owner unsupported/ - C:\WINDOWS\system32\services.exe
O23 - Service: PnkBstrA (PnkBstrA) - /owner unsupported/ - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB (PnkBstrB) - /owner unsupported/ - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: PnkBstrK (PnkBstrK) - /owner unsupported/ - C:\WINDOWS\system32\drivers\PnkBstrK.sys
O23 - Service: Servizi IPSEC (PolicyAgent) - /owner unsupported/ - C:\WINDOWS\System32\lsass.exe
O23 - Service: WAN Miniport (PPTP) (PptpMiniport) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\raspptp.sys
O23 - Service: Driver processore (Processor) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\processr.sys
O23 - Service: Archiviazione protetta (ProtectedStorage) - /owner unsupported/ - C:\WINDOWS\system32\lsass.exe
O23 - Service: Utilità di pianificazione pacchetti QoS (PSched) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\psched.sys
O23 - Service: Panda Imanager Service (PSIMSVC) - /owner unsupported/ - C:\Programmi\Panda Software\Panda Platinum Internet Security\psimsvc.exe
O23 - Service: Driver Direct Parallel Link (Ptilink) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\ptilink.sys
O23 - Service: PxHelp20 (PxHelp20) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O23 - Service: Driver connessione automatica Accesso remoto (RasAcd) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O23 - Service: Auto Connection Manager di Accesso remoto (RasAuto) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: WAN Miniport (L2TP) (Rasl2tp) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\rasl2tp.sys
O23 - Service: Connection Manager di Accesso remoto (RasMan) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver PPPOE di accesso remoto (RasPppoe) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\raspppoe.sys
O23 - Service: Direct Parallel (Raspti) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\raspti.sys
O23 - Service: Rdbss (Rdbss) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O23 - Service: Driver redirector periferica Terminal Server (rdpdr) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\rdpdr.sys
O23 - Service: Gestione sessione di assistenza mediante desktop remoto (RDSessMgr) - /owner unsupported/ - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Driver filtro riproduzione CD-ROM audio digitale (redbook) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\redbook.sys
O23 - Service: Routing e Accesso remoto (RemoteAccess) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Registro di sistema remoto (RemoteRegistry) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: Microsoft Legacy Modem Driver (ROOTMODEM) - /owner unsupported/ - C:\WINDOWS\System32\Drivers\RootMdm.sys
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - /owner unsupported/ - C:\Programmi\WinPcap\rpcapd.exe
O23 - Service: RPC Locator (RpcLocator) - /owner unsupported/ - C:\WINDOWS\System32\locator.exe
O23 - Service: RPC (Remote Procedure Call) (RpcSs) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: QoS RSVP (RSVP) - /owner unsupported/ - C:\WINDOWS\System32\rsvp.exe
O23 - Service: Driver NT scheda Fast Ethernet PCI Realtek basata su RTL8139 (rtl8139) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
O23 - Service: Gestione account di protezione (SAM) (SamSs) - /owner unsupported/ - C:\WINDOWS\system32\lsass.exe
O23 - Service: smart card (SCardSvr) - /owner unsupported/ - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Utilità di pianificazione (Schedule) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Secdrv (Secdrv) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\secdrv.sys
O23 - Service: Accesso secondario (seclogon) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Notifica eventi di sistema (SENS) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: Driver filtro Serenum (serenum) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\serenum.sys
O23 - Service: Driver della porta seriale (Serial) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\serial.sys
O23 - Service: Driver del mouse seriale (sermouse) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\sermouse.sys
O23 - Service: StarForce Protection Environment Driver (version 1.x) (sfdrv01) - /owner unsupported/ - C:\WINDOWS\System32\drivers\sfdrv01.sys
O23 - Service: StarForce Protection Helper Driver (version 2.x) (sfhlp02) - /owner unsupported/ - C:\WINDOWS\System32\drivers\sfhlp02.sys
O23 - Service: StarForce Protection Synchronization Driver (version 2.x) (sfsync02) - /owner unsupported/ - C:\WINDOWS\System32\drivers\sfsync02.sys
O23 - Service: Windows Firewall / Condivisione connessione Internet (ICS) (SharedAccess) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Rilevamento hardware shell (ShellHWDetection) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: BDA Slip De-Framer (SLIP) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O23 - Service: Frazionatore audio del kernel Microsoft (splitter) - /owner unsupported/ - C:\WINDOWS\system32\drivers\splitter.sys
O23 - Service: Spooler di stampa (Spooler) - /owner unsupported/ - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Driver filtro Ripristino configurazione di sistema (sr) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\sr.sys
O23 - Service: Servizio Ripristino configurazione di sistema (srservice) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Srv (Srv) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\srv.sys
O23 - Service: Servizio di rilevamento SSDP (SSDPSRV) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: STI Simulator (STI Simulator) - /owner unsupported/ - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Acquisizione di immagini di Windows (WIA) (stisvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: BDA IPSink (streamip) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O23 - Service: Driver bus software (swenum) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\swenum.sys
O23 - Service: Sintetizzatore Wavetable GS kernel Microsoft (swmidi) - /owner unsupported/ - C:\WINDOWS\system32\drivers\swmidi.sys
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - /owner unsupported/ - C:\WINDOWS\System32\dllhost.exe
O23 - Service: Periferica audio di sistema Microsoft Kernel (sysaudio) - /owner unsupported/ - C:\WINDOWS\system32\drivers\sysaudio.sys
O23 - Service: Avvisi e registri di prestazioni (SysmonLog) - /owner unsupported/ - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telefonia (TapiSrv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver protocollo TCP/IP (Tcpip) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\tcpip.sys
O23 - Service: Teefer for NT (Teefer) - /owner unsupported/ - C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys
O23 - Service: Driver della periferica terminale (TermDD) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\termdd.sys
O23 - Service: Servizi terminal (TermService) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Temi (Themes) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Telnet (TlntSvr) - /owner unsupported/ - C:\WINDOWS\System32\tlntsvr.exe
O23 - Service: Manutenzione collegamenti distribuiti client (TrkWks) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: Driver aggiornamento microcodice (Update) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\update.sys
O23 - Service: Host di periferiche Plug and Play universali (upnphost) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Gruppo di continuità (UPS) - /owner unsupported/ - C:\WINDOWS\System32\ups.exe
O23 - Service: Driver principale generico USB Microsoft (usbccgp) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O23 - Service: Driver Miniport controller enhanced host USB 2.0 Microsoft (usbehci) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\usbehci.sys
O23 - Service: Driver hub USB standard Microsoft (usbhub) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\usbhub.sys
O23 - Service: Driver archiviazione di massa USB (USBSTOR) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
O23 - Service: Driver Miniport Controller Universal Host USB Microsoft (usbuhci) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\usbuhci.sys
O23 - Service: Servizio Messenger Sharing Folders USN Journal Reader (usnjsvc) - /owner unsupported/ - C:\Programmi\MSN Messenger\usnsvc.exe
O23 - Service: Controller video VGA. (VgaSave) - /owner unsupported/ - C:\WINDOWS\System32\drivers\vga.sys
O23 - Service: Copia replicata del volume (VSS) - /owner unsupported/ - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Ora di Windows (W32Time) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Driver ARP IP di accesso remoto (Wanarp) - /owner unsupported/ - C:\WINDOWS\System32\DRIVERS\wanarp.sys
O23 - Service: Windows CE USB Serial Host Driver (wceusbsh) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
O23 - Service: Driver di compatibilità audio Microsoft WINMM WDM (wdmaud) - /owner unsupported/ - C:\WINDOWS\system32\drivers\wdmaud.sys
O23 - Service: WebClient (WebClient) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: SyGate for NT, wg3n (wg3n) - /owner unsupported/ - C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys
O23 - Service: Strumentazione gestione Windows (winmgmt) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: Servizio Numero di serie per dispositivi multimediali portatili (WmdmPmSN) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Estensioni driver di Strumentazione gestione Windows (Wmi) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Scheda WMI Performance (WmiApSrv) - /owner unsupported/ - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - /owner unsupported/ - C:\Programmi\Windows Media Player\WMPNetwk.exe
O23 - Service: wpsdrvnt (wpsdrvnt) - /owner unsupported/ - C:\WINDOWS\system32\drivers\wpsdrvnt.sys
O23 - Service: Ambiente di supporto del provider del Servizio Non-IFS di Windows Socket 2.0 (WS2IFSL) - /owner unsupported/ - C:\WINDOWS\System32\drivers\ws2ifsl.sys
O23 - Service: Centro sicurezza PC (wscsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Codec World Standard Teletext (WSTCODEC) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
O23 - Service: Aggiornamenti automatici (wuauserv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O23 - Service: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - /owner unsupported/ - C:\WINDOWS\system32\DRIVERS\wudfrd.sys
O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe
O23 - Service: Zero Configuration reti senza fili (WZCSVC) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O23 - Service: Servizio Provisioning di rete (xmlprov) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} () - http://fpdownload.macromedia.com/get/sh ... tor/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} () - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} () - http://www.th4.org/toolbar/Install.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} () - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} () - http://lucasblog1992.spaces.live.com//P ... nPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} () - http://messenger.zone.msn.com/IT-IT/a-U ... E_UNO1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
O16 - DPF: {99BDE9B5-0D50-43E8-9981-773C48CF25EF} () - http://67.15.5.151/ProWeb899.CAB
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) - http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) - http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} () - http://download.macromedia.com/pub/shoc ... wflash.cab

[Luke57]

ho fatto ma non mi apre hijackth.is...che faccio ora???

Ciao, apri il registro di sistema:
start>esegui>regedit (lo digiti nello spazio)>OK
aperto l'editor, cliccando sul segno + accanto alle singole voci, segui questo percorso:
HKEY_LOCAL_MACHINE
Software
Microsof
Windows NT
CurrentVersion
Image file execution options
dopo aver cliccato sul segno + accanto alla voce in neretto, controlla tra le varie sottovoci dell'elenco a discesa la presenza di
explorer.exe
Se è presente, ci clicchi sopra e riporti che cosa trovi al suo interno.

[...:::lukino:::...]

ok ora lo faccio, cmq entrando in modalità provvisoria sono riuscito a far partire hijackthis, ecco il log

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 19.10.19, on 08/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\zio\zio.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://myhomepage.capitan-trash.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: PK IE Plugin - {1E1B2879-88FF-11D3-8D96-D7ACAC95951A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {EE392A64-F30B-47C8-A363-CDA1CEC7DC1B} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programmi\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmi\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [vptray] C:\Programmi\NavNT\vptray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SmartDefrag] "C:\Programmi\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Windows Update] C:\Programmi\File comuni\System\skypetalk.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RealPlayer] "C:\Programmi\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1060284298-789336058-682003330-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1060284298-789336058-682003330-1003\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\Wcescomm.exe" (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\WINDOWS\System32\shdocvw.dll
O15 - Trusted Zone: http://www.thesimpson.it
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.th4.org/toolbar/Install.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lucasblog1992.spaces.live.com//P ... nPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-U ... E_UNO1.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {99BDE9B5-0D50-43E8-9981-773C48CF25EF} (Pro_Web899.ProWeb899) - http://67.15.5.151/ProWeb899.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b32846.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Avast4\ashWebSv.exe
O23 - Service: Azureus Service - Unknown owner - C:\WINDOWS\system32\dllcache\Azureus.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Programmi\NavNT\defwatch.exe
O23 - Service: Fast Switching Compatibility - Unknown owner - C:\WINDOWS\system32\dllcache\fswitch.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programmi\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Microsoft Workstation Services - Unknown owner - C:\WINDOWS\system32\dllcache\wks-nt-xp.exe (file missing)
O23 - Service: Norton AntiVirus Server - Symantec Corporation - C:\Programmi\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Antispam Service (PASSRV) - Unknown owner - C:\Programmi\Panda Software\Panda Platinum Internet Security\passrv.exe (file missing)
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - (no file)
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - (no file)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Panda Imanager Service (PSIMSVC) - Unknown owner - C:\Programmi\Panda Software\Panda Platinum Internet Security\psimsvc.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programmi\WinPcap\rpcapd.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/querzola/IMPOST~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 9680 bytes

[...:::lukino:::...]

HKEY_LOCAL_MACHINE
Software
Microsof
Windows NT
CurrentVersion
Image file execution options
dopo aver cliccato sul segno + accanto alla voce in neretto, controlla tra le varie sottovoci dell'elenco a discesa la presenza di
explorer.exe

non c'è explorer.exe

[Luke57]

Ciao, apri hijackthis, premi "do a system scan only", cerca e spunta le voci seguenti:
O2 - BHO: PK IE Plugin - {1E1B2879-88FF-11D3-8D96-D7ACAC95951A} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {EE392A64-F30B-47C8-A363-CDA1CEC7DC1B} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SmartDefrag] "C:\Programmi\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKLM\..\Run: [Windows Update] C:\Programmi\File comuni\System\skypetalk.exe
O23 - Service: Fast Switching Compatibility - Unknown owner - C:\WINDOWS\system32\dllcache\fswitch.exe (file missing)
O23 - Service: Microsoft Workstation Services - Unknown owner - C:\WINDOWS\system32\dllcache\wks-nt-xp.exe (file missing)
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/querzola/IMPOST~1/Temp/msohtml1/01/clip_image002.jpg

premi fix checked.

Controlla che non ci siano e se presenti cancella questi file:
C:\Programmi\File comuni\System\skypetalk.exe
C:\WINDOWS\system32\dllcache\wks-nt-xp.exe
C:\WINDOWS\system32\dllcache\fswitch.exe

cancella il contenuto di Windows\temp, windows\tmp
(temp e tmp da start>cerca>tutti i file e cartelle, copi e incolli: *.temp;*.tmp, ed elimini tutti quelli trovati)

sulle opzioni Internet cancella la cache di IE ( sull’opzione elimina file temporanei spunta anche “elimina il contenuto non in linea”, i cookies, cronologia)

svuota il cestino

fai una scansione complweta con l'antivirus.