Fondamentalmente non so come funzioni OpenVPN perchè lo usa mia madre per lavoro, però conta che è una utente molto inesperta, non sapendo come lo apre normalmente non vorrei che mi andasse in panico perchè abituata ad aprirlo in altro modo
Log ti posto quelli di HijackThis
*****************************************************************************************************************************************************
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20.05.01, on 26/07/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\DOCUME~1\Topo\IMPOST~1\Temp\RtkBtMnt.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Mozilla Firefox\plugin-container.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = About:Blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = About:Blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = About:Blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = About:Blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast] "C:\Programmi\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Google Sidewiki... -
res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\AVAST Software\Avast\AvastSvc.exe
--
End of file - 4047 bytes
***************************************************************************************************************************************************************
HijackThis--->Misc Tools Section---->Generate StartupList Log
StartupList report, 26/07/2011, 20.06.13
StartupList version: 1.52.2
Started from : C:\Programmi\Trend Micro\HiJackThis\HiJackThis.EXE
Detected: Windows XP SP3 (WinNT 5.01.2600)
Detected: Internet Explorer v8.00 (8.00.6001.18702)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\DOCUME~1\Topo\IMPOST~1\Temp\RtkBtMnt.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Mozilla Firefox\plugin-container.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\Documents and Settings\Topo\Menu Avvio\Programmi\Esecuzione automatica]
*No files*
Shell folders AltStartup:
*Folder not found*
User shell folders Startup:
*Folder not found*
User shell folders AltStartup:
*Folder not found*
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica]
*No files*
Shell folders Common AltStartup:
*Folder not found*
User shell folders Common Startup:
*Folder not found*
User shell folders Alternate Common Startup:
*Folder not found*
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*
[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LaunchApp = Alaunch
IgfxTray = C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds = C:\WINDOWS\system32\hkcmd.exe
Persistence = C:\WINDOWS\system32\igfxpers.exe
RTHDCPL = RTHDCPL.EXE
Alcmtr = ALCMTR.EXE
avast = "C:\Programmi\AVAST Software\Avast\avastUI.exe" /nogui
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
[OptionalComponents]
=
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command
(Default) = "%1" /S
--------------------------------------------------
File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command
(Default) = C:\WINDOWS\system32\mshta.exe "%1" %*
--------------------------------------------------
File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command
(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1
--------------------------------------------------
Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)
[<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] *
StubPath = C:\WINDOWS\system32\ieudinit.exe
[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP
[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] *
StubPath = "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll
[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
[{8b15971b-5355-4c82-8c07-7e181ea07608}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
--------------------------------------------------
Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps
*Registry key not found*
--------------------------------------------------
Load/Run keys from C:\WINDOWS\WIN.INI:
load=*INI section not found*
run=*INI section not found*
Load/Run keys from Registry:
HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Checking for EXPLORER.EXE instances:
C:\WINDOWS\Explorer.exe: PRESENT!
C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present
--------------------------------------------------
Checking for superhidden extensions:
.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden
--------------------------------------------------
Verifying REGEDIT.EXE integrity:
- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename OK: 'REGEDIT.EXE'
- File description: 'Editor del Registro di sistema'
Registry check passed
--------------------------------------------------
Enumerating Browser Helper Objects:
AcroIEHelperStub - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
(no name) - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
(no name) - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
--------------------------------------------------
Enumerating Task Scheduler jobs:
Ad-Aware Update (Weekly).job
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
--------------------------------------------------
Enumerating Winsock LSP files:
NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll
Protocol #16: C:\WINDOWS\system32\mswsock.dll
Protocol #17: C:\WINDOWS\system32\mswsock.dll
Protocol #18: C:\WINDOWS\system32\mswsock.dll
Protocol #19: C:\WINDOWS\system32\mswsock.dll
Protocol #20: C:\WINDOWS\system32\mswsock.dll
Protocol #21: C:\WINDOWS\system32\mswsock.dll
Protocol #22: C:\WINDOWS\system32\mswsock.dll
Protocol #23: C:\WINDOWS\system32\mswsock.dll
--------------------------------------------------
Enumerating Windows NT/2000/XP services
abp480n5: system32\DRIVERS\ABP480N5.SYS (system)
Driver ACPI Microsoft: system32\DRIVERS\ACPI.sys (system)
Driver del controller integrato Microsoft: system32\DRIVERS\ACPIEC.sys (system)
adpu160m: system32\DRIVERS\adpu160m.sys (system)
Eliminatore di eco acustico del kernel Microsoft: system32\drivers\aec.sys (manual start)
AFD: \SystemRoot\System32\drivers\afd.sys (system)
Filtro bus Intel AGP: system32\DRIVERS\agp440.sys (system)
Filtro bus Compaq AGP: system32\DRIVERS\agpCPQ.sys (system)
Aha154x: system32\DRIVERS\aha154x.sys (system)
aic78u2: system32\DRIVERS\aic78u2.sys (system)
aic78xx: system32\DRIVERS\aic78xx.sys (system)
Avvisi: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
Servizio Gateway di livello applicazione: %SystemRoot%\System32\alg.exe (manual start)
AliIde: system32\DRIVERS\aliide.sys (system)
Filtro bus ALI AGP: system32\DRIVERS\alim1541.sys (system)
Driver filtro bus AMD AGP: system32\DRIVERS\amdagp.sys (system)
amsint: system32\DRIVERS\amsint.sys (system)
Gestione applicazione: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Atheros AR5008 Wireless Network Adapter Service: system32\DRIVERS\athw.sys (manual start)
asc: system32\DRIVERS\asc.sys (system)
asc3350p: system32\DRIVERS\asc3350p.sys (system)
asc3550: system32\DRIVERS\asc3550.sys (system)
ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start)
Driver per supporti asincroni RAS: system32\DRIVERS\asyncmac.sys (manual start)
Controller disco rigido IDE/ESDI standard: system32\DRIVERS\atapi.sys (system)
Protocollo client ARP ATM: system32\DRIVERS\atmarpc.sys (manual start)
Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Driver stub audio: system32\DRIVERS\audstub.sys (manual start)
avast! Antivirus: "C:\Programmi\AVAST Software\Avast\AvastSvc.exe" (autostart)
Servizio trasferimento intelligente in background: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Browser di computer: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
cbidf: system32\DRIVERS\cbidf2k.sys (system)
Decoder sottotitoli codificati: system32\DRIVERS\CCDECODE.sys (manual start)
cd20xrnt: system32\DRIVERS\cd20xrnt.sys (system)
Driver del CD-ROM: system32\DRIVERS\cdrom.sys (system)
Servizio di indicizzazione: %SystemRoot%\system32\cisvc.exe (disabled)
ClipBook: %SystemRoot%\system32\clipsrv.exe (disabled)
.NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
Driver batteria a metodo di controllo ACPI Microsoft: system32\DRIVERS\CmBatt.sys (manual start)
CmdIde: system32\DRIVERS\cmdide.sys (system)
Driver della batteria composita Microsoft: system32\DRIVERS\compbatt.sys (system)
Applicazione di sistema COM+: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Cpqarray: system32\DRIVERS\cpqarray.sys (system)
Servizi di crittografia: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
dac2w2k: system32\DRIVERS\dac2w2k.sys (system)
dac960nt: system32\DRIVERS\dac960nt.sys (system)
Utilità di avvio processo server DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
Client DHCP: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Driver del disco: system32\DRIVERS\disk.sys (system)
Dritek Keyboard Filter Driver: system32\DRIVERS\DKbFltr.sys (manual start)
Servizio amministrativo di Gestione disco logico: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
dmio: System32\drivers\dmio.sys (disabled)
dmload: System32\drivers\dmload.sys (disabled)
Gestione dischi logici: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Sintetizzatore DLS Microsoft Kernel: system32\drivers\DMusic.sys (manual start)
Client DNS: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
Configurazione automatica reti cablate: %SystemRoot%\System32\svchost.exe -k dot3svc (manual start)
dpti2o: system32\DRIVERS\dpti2o.sys (system)
Decodificatore audio DRM del kernel Microsoft: system32\drivers\drmkaud.sys (manual start)
Servizio Extensible Authentication Protocol: %SystemRoot%\System32\svchost.exe -k eapsvcs (manual start)
Servizio di segnalazione errori: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Registro eventi: %SystemRoot%\system32\services.exe (autostart)
Sistema di eventi COM+: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start)
Compatibilità di Cambio rapido utente: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Fax: %systemroot%\system32\fxssvc.exe (manual start)
FltMgr: system32\DRIVERS\fltMgr.sys (system)
Windows Presentation Foundation Font Cache 3.0.0.0: c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (manual start)
Driver archiviazione volumi: system32\DRIVERS\ftdisk.sys (system)
Utilità di classificazione pacchetti generica: system32\DRIVERS\msgpc.sys (manual start)
GT UHS BUS: system32\DRIVERS\gtuhsbus.sys (manual start)
GT UHS IP NDIS: system32\DRIVERS\gtuhs51.sys (manual start)
GT UHS OMS: system32\DRIVERS\gtuhsoms.sys (manual start)
GT UHS SER: system32\DRIVERS\gtuhsser.sys (manual start)
Servizio Google Update (gupdatem): C:\Programmi\Google\Update\GoogleUpdate.exe /medsvc (disabled)
Driver bus UAA Microsoft per High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start)
Guida in linea e supporto tecnico: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Driver di classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start)
Servizio gestione chiavi e certificati di integrità: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
hpn: system32\DRIVERS\hpn.sys (system)
HTTP: System32\Drivers\HTTP.sys (manual start)
SSL HTTP: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
Huawei DataCard USB Modem and USB Serial: system32\DRIVERS\ewusbmdm.sys (manual start)
i2omp: system32\DRIVERS\i2omp.sys (system)
Driver di porta mouse PS/2 e tastiera i8042: system32\DRIVERS\i8042prt.sys (system)
ialm: system32\DRIVERS\igxpmp32.sys (manual start)
Windows CardSpace: "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" (manual start)
Driver filtro masterizzazione CD: system32\DRIVERS\imapi.sys (system)
Servizio COM di masterizzazione CD IMAPI: C:\WINDOWS\system32\imapi.exe (manual start)
ini910u: system32\DRIVERS\ini910u.sys (system)
int15.sys: \??\C:\Acer\Empowering Technology\eRecovery\int15.sys (manual start)
Service for Realtek HD Audio (WDM): system32\drivers\RtkHDAud.sys (manual start)
IntelIde: system32\DRIVERS\intelide.sys (system)
Driver processore Intel: system32\DRIVERS\intelppm.sys (system)
Driver Windows Firewall IPv6: system32\DRIVERS\Ip6Fw.sys (manual start)
Driver filtro traffico IP: system32\DRIVERS\ipfltdrv.sys (manual start)
Driver tunnel IP in IP: system32\DRIVERS\ipinip.sys (manual start)
Traduttore indirizzi di rete IP: system32\DRIVERS\ipnat.sys (manual start)
Driver IPSEC: system32\DRIVERS\ipsec.sys (system)
Servizio enumeratore infrarossi: system32\DRIVERS\irenum.sys (manual start)
Driver bus PnP ISA/EISA: system32\DRIVERS\isapnp.sys (system)
IviRegMgr: C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe (disabled)
JMCR: system32\DRIVERS\jmcr.sys (manual start)
Driver classe tastiera: system32\DRIVERS\kbdclass.sys (system)
Driver di tastiera HID: system32\DRIVERS\kbdhid.sys (system)
Mixer wave audio del kernel Microsoft: system32\drivers\kmixer.sys (manual start)
Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Lavasoft helper driver: \??\C:\Programmi\Lavasoft\Ad-Aware\KernExplorer.sys (manual start)
Helper NetBIOS di TCP/IP: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
Acer Crystal Eye webcam Driver: System32\Drivers\M3000KNT.sys (manual start)
Messenger: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
Condivisione desktop remoto di NetMeeting: C:\WINDOWS\system32\mnmsrvc.exe (manual start)
Driver classe mouse: system32\DRIVERS\mouclass.sys (system)
Driver di mouse HID: system32\DRIVERS\mouhid.sys (manual start)
mraid35x: system32\DRIVERS\mraid35x.sys (system)
Redirector del client WebDav: system32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: system32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start)
Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
Proxy di servizio di flusso Microsoft: system32\drivers\MSKSSRV.sys (manual start)
Proxy clock di flusso Microsoft: system32\drivers\MSPCLOCK.sys (manual start)
Proxy di gestione qualità di flusso Microsoft: system32\drivers\MSPQM.sys (manual start)
Driver BIOS Microsoft System Management: system32\DRIVERS\mssmbios.sys (manual start)
Convertitore a T/Sito a sito per flusso Microsoft: system32\drivers\MSTEE.sys (manual start)
NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start)
Agente protezione accesso alla rete: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Connesione TV/Video Microsoft: system32\DRIVERS\NdisIP.sys (manual start)
Driver TAPI NDIS di accesso remoto: system32\DRIVERS\ndistapi.sys (manual start)
Protocollo I/O modalità utente su NDIS: system32\DRIVERS\ndisuio.sys (manual start)
Driver WAN NDIS di accesso remoto: system32\DRIVERS\ndiswan.sys (manual start)
Interfaccia NetBIOS: system32\DRIVERS\netbios.sys (system)
NetBios su Tcpip: system32\DRIVERS\netbt.sys (system)
DDE di rete: %SystemRoot%\system32\netdde.exe (disabled)
DDE DSDM di rete: %SystemRoot%\system32\netdde.exe (disabled)
Accesso rete: %SystemRoot%\system32\lsass.exe (manual start)
Connessioni di rete: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Net.Tcp Port Sharing Service: "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" (disabled)
NLA (Network Location Awareness): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Provider supporto protezione LM NT: %SystemRoot%\system32\lsass.exe (manual start)
Archivi rimovibili: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Driver filtro traffico IPX: system32\DRIVERS\nwlnkflt.sys (manual start)
Driver inoltratore traffico IPX: system32\DRIVERS\nwlnkfwd.sys (manual start)
ONDA Proprietary USB Driver: system32\DRIVERS\ONDAusbmdm6k.sys (manual start)
ONDA Diagnostic Port: system32\DRIVERS\ONDAusbser6k.sys (manual start)
Driver bus PCI: system32\DRIVERS\pci.sys (system)
PCIIde: system32\DRIVERS\pciide.sys (system)
perc2: system32\DRIVERS\perc2.sys (system)
perc2hib: system32\DRIVERS\perc2hib.sys (system)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
Servizi IPSEC: %SystemRoot%\system32\lsass.exe (autostart)
WAN Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start)
Archiviazione protetta: %SystemRoot%\system32\lsass.exe (autostart)
Utilità di pianificazione pacchetti QoS: system32\DRIVERS\psched.sys (manual start)
Driver Direct Parallel Link: system32\DRIVERS\ptilink.sys (manual start)
PxHelp20: system32\Drivers\PxHelp20.sys (system)
ql1080: system32\DRIVERS\ql1080.sys (system)
Ql10wnt: system32\DRIVERS\ql10wnt.sys (system)
ql12160: system32\DRIVERS\ql12160.sys (system)
ql1240: system32\DRIVERS\ql1240.sys (system)
ql1280: system32\DRIVERS\ql1280.sys (system)
Driver connessione automatica Accesso remoto: system32\DRIVERS\rasacd.sys (system)
Auto Connection Manager di Accesso remoto: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
WAN Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start)
Connection Manager di Accesso remoto: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Driver PPPOE di accesso remoto: system32\DRIVERS\raspppoe.sys (manual start)
Direct Parallel: system32\DRIVERS\raspti.sys (manual start)
Rdbss: system32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Driver redirector periferica Terminal Server: system32\DRIVERS\rdpdr.sys (manual start)
Gestione sessione di assistenza mediante desktop remoto: C:\WINDOWS\system32\sessmgr.exe (manual start)
Driver filtro riproduzione CD-ROM audio digitale: system32\DRIVERS\redbook.sys (system)
Routing e Accesso remoto: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
RPC Locator: %SystemRoot%\system32\locator.exe (manual start)
RPC (Remote Procedure Call): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start)
Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver: system32\DRIVERS\Rtenicxp.sys (manual start)
Gestione account di protezione (SAM): %SystemRoot%\system32\lsass.exe (autostart)
smart card: %SystemRoot%\System32\SCardSvr.exe (manual start)
Utilità di pianificazione: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: system32\DRIVERS\secdrv.sys (manual start)
Accesso secondario: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Notifica eventi di sistema: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Windows Firewall / Condivisione connessione Internet (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Rilevamento hardware shell: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Filtro bus SIS AGP: system32\DRIVERS\sisagp.sys (system)
BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start)
Sparrow: system32\DRIVERS\sparrow.sys (system)
Frazionatore audio del kernel Microsoft: system32\drivers\splitter.sys (manual start)
Spooler di stampa: %SystemRoot%\system32\spoolsv.exe (autostart)
Driver filtro Ripristino configurazione di sistema: system32\DRIVERS\sr.sys (system)
Servizio Ripristino configurazione di sistema: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Srv: system32\DRIVERS\srv.sys (manual start)
Servizio di rilevamento SSDP: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Acquisizione di immagini di Windows (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (manual start)
BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
Driver bus software: system32\DRIVERS\swenum.sys (manual start)
Sintetizzatore Wavetable GS kernel Microsoft: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{E90B7B7E-A25A-4E4E-AF05-614D87E18780} (manual start)
symc810: system32\DRIVERS\symc810.sys (system)
symc8xx: system32\DRIVERS\symc8xx.sys (system)
sym_hi: system32\DRIVERS\sym_hi.sys (system)
sym_u3: system32\DRIVERS\sym_u3.sys (system)
Synaptics TouchPad Driver: system32\DRIVERS\SynTP.sys (manual start)
Periferica audio di sistema Microsoft Kernel: system32\drivers\sysaudio.sys (manual start)
Avvisi e registri di prestazioni: %SystemRoot%\system32\smlogsvc.exe (manual start)
TAP-Win32 Adapter V8: system32\DRIVERS\tap0801.sys (manual start)
Anchorfree HSS Adapter: system32\DRIVERS\taphss.sys (manual start)
Telefonia: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Driver protocollo TCP/IP: system32\DRIVERS\tcpip.sys (system)
Driver della periferica terminale: system32\DRIVERS\termdd.sys (system)
Servizi terminal: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
Temi: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TosIde: system32\DRIVERS\toside.sys (system)
Manutenzione collegamenti distribuiti client: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
ultra: system32\DRIVERS\ultra.sys (system)
Driver aggiornamento microcodice: system32\DRIVERS\update.sys (manual start)
Host di periferiche Plug and Play universali: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Gruppo di continuità: %SystemRoot%\System32\ups.exe (disabled)
Driver principale generico USB Microsoft: system32\DRIVERS\usbccgp.sys (manual start)
Driver Miniport controller enhanced host USB 2.0 Microsoft: system32\DRIVERS\usbehci.sys (manual start)
Hub abilitato USB2: system32\DRIVERS\usbhub.sys (manual start)
Classe stampanti USB Microsoft: system32\DRIVERS\usbprint.sys (manual start)
Driver scanner USB: system32\DRIVERS\usbscan.sys (manual start)
Driver archiviazione di massa USB: system32\DRIVERS\USBSTOR.SYS (manual start)
Driver Miniport Controller Universal Host USB Microsoft: system32\DRIVERS\usbuhci.sys (manual start)
VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
Filtro bus VIA AGP: system32\DRIVERS\viaagp.sys (system)
ViaIde: system32\DRIVERS\viaide.sys (system)
Copia replicata del volume: %SystemRoot%\System32\vssvc.exe (manual start)
Ora di Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Driver ARP IP di accesso remoto: system32\DRIVERS\wanarp.sys (manual start)
Driver di compatibilità audio Microsoft WINMM WDM: system32\drivers\wdmaud.sys (manual start)
WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Strumentazione gestione Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Servizio Numero di serie per dispositivi multimediali portatili: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Strumentazione gestione Microsoft Windows per ACPI: system32\DRIVERS\wmiacpi.sys (system)
Scheda WMI Performance: C:\WINDOWS\system32\wbem\wmiapsrv.exe (disabled)
Centro sicurezza PC: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Codec World Standard Teletext: system32\DRIVERS\WSTCODEC.SYS (manual start)
Aggiornamenti automatici: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Zero Configuration reti senza fili: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Servizio Provisioning di rete: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
--------------------------------------------------
Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*
Windows NT checkdisk command:
BootExecute = autocheck autochk *
Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
*Registry key not found*
--------------------------------------------------
End of report, 35.237 bytes
Report generated in 0,438 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
****************************************************************************************************************************************************************
HijackThis--->Misc Tools Section--->Open Process Manager----->Copy List to Clipboard (e quindi incollata qui
)
Process list saved on 20.08.33, on 26/07/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
[pid] [full path to filename] [file version] [company name]
840 C:\WINDOWS\System32\smss.exe 5.1.2600.5512 Microsoft Corporation
912 C:\WINDOWS\system32\winlogon.exe 5.1.2600.5512 Microsoft Corporation
956 C:\WINDOWS\system32\services.exe 5.1.2600.5755 Microsoft Corporation
968 C:\WINDOWS\system32\lsass.exe 5.1.2600.5512 Microsoft Corporation
1128 C:\WINDOWS\system32\svchost.exe 5.1.2600.5512 Microsoft Corporation
1236 C:\WINDOWS\System32\svchost.exe 5.1.2600.5512 Microsoft Corporation
1616 C:\Programmi\AVAST Software\Avast\AvastSvc.exe 6.0.1203.0 AVAST Software
180 C:\WINDOWS\system32\spoolsv.exe 5.1.2600.6024 Microsoft Corporation
2848 C:\WINDOWS\Explorer.EXE 6.0.2900.5512 Microsoft Corporation
3756 C:\WINDOWS\system32\igfxtray.exe 6.14.10.4926 Intel Corporation
3336 C:\WINDOWS\system32\hkcmd.exe 6.14.10.4926 Intel Corporation
2868 C:\WINDOWS\system32\igfxpers.exe 6.14.10.4926 Intel Corporation
3000 C:\WINDOWS\RTHDCPL.EXE 2.2.1.3 Realtek Semiconductor Corp.
2852 C:\Programmi\AVAST Software\Avast\avastUI.exe 6.0.1203.0 AVAST Software
3764 C:\WINDOWS\system32\ctfmon.exe 5.1.2600.5512 Microsoft Corporation
668 C:\WINDOWS\system32\igfxsrvc.exe 6.14.10.4926 Intel Corporation
2132 C:\Acer\Empowering Technology\eRecovery\eRAgent.exe 2.1.1.0 Acer Inc.
608 C:\DOCUME~1\Topo\IMPOST~1\Temp\RtkBtMnt.exe 1.0.0.10 Realtek Semiconductor Corp.
3300 C:\Programmi\Mozilla Firefox\firefox.exe 5.0.0.4183 Mozilla Corporation
3028 C:\Programmi\Mozilla Firefox\plugin-container.exe 5.0.0.4183 Mozilla Corporation
2144 C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe 2.0.0.4 Trend Micro Inc.
3540 C:\WINDOWS\system32\NOTEPAD.EXE 5.1.2600.5512 Microsoft Corporation
*********************************************************************************************************************************************************
Questi sono i log delle funzioni di log di HijackThis che ho trovato reportati in tempo reale (li generavo mentre scrivevo il post), più aggiornato di così non so coem fare
Grazie ancora
e fammi sapere cosa devo fare
Paraffine