Nonostante abbia eliminato il virus BadtransII con l'antivirus Kaspersky,e l'abbia setacciato il pc con AVG antispyware ,Spybot , Ad aware e Cw Srhedder mi ritrovo ancora un pc lentissimo come mai.
Posso postarvi il mio Hijackthis per qualche consiglio su come venirne fuori ? Grazie
Logfile of HijackThis v1.99.1
Scan saved at 22.58.12, on 13/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Acer\eManager\anbmServ.exe
C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\acer\epm\epm-dm.exe
C:\Programmi\Launch Manager\QtZgAcer.EXE
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe
C:\Programmi\Lexmark 5200 series\lxbtbmgr.exe
C:\Programmi\Lexmark 5200 series\lxbtbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Windows Media Player\WMPNSCFG.exe
C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462
\GoogleToolbarNotifier.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmi\Microsoft ActiveSync\wcescomm.exe
C:\Programmi\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Programmi\Digisoft AntiDialer\AntiDialer.exe
C:\Programmi\PrintKey2000\Printkey2000.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\Paolo\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://it.finance.yahoo.com/?u
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://www.ansa.it
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = rmdow2kprx:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
Collegamenti
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Programmi\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\programmi\google\googletoolbar3.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC}
- (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\programmi\google\googletoolbar3.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmi\Grisoft\AVG Anti-
Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl]
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe
bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
/SYNC
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control
Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Programmi\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Programmi\Lexmark Fax
Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File
comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -
atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVP] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus
6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_01
\bin\jusched.exe"
O4 - HKLM\..\Run: [LXBTCATS] rundll32 C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Lexmark 5200 series] "C:\Programmi\Lexmark 5200
series\lxbtbmgr.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil
/RemAdvDef /Migration32
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition
Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmi\Windows Media
Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash
/minimized
O4 - HKCU\..\Run: [swg]
C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128.5462
\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search &
Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft
ActiveSync\wcescomm.exe"
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programmi\Adobe\Acrobat
5.0\Distillr\AcroTray.exe
O4 - Global Startup: Digisoft AntiDialer.lnk = C:\Programmi\Digisoft
AntiDialer\AntiDialer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft
Office\Office10\OSA.EXE
O4 - Global Startup: Printkey2000.lnk = C:\Programmi\PrintKey2000
\Printkey2000.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions
present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
present
O8 - Extra context menu item: E&sporta in Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-
AA4ACF32ED8E} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0
\scieplugin.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84}
- C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-
00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferito portatile... - {2EAF5BB2-070F
-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %
windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-
82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file
missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E
-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Programmi\Internet
Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://www.fideuram.it
O15 - Trusted Zone: http://*.portale
O16 - DPF: {039CA294-C333-4AD8-9EF9-22C7B55139F1}
(PPFMotFP.FPProiezioneGap) - http://portale/CABS/PREVIDENZA/PPFMotFP.CAB
O16 - DPF: {08112862-6C10-4F49-B669-290B8C67C3ED}
(FiltriSelezioniXML.FiltriSelezioni) -
http://portale/CABS/SIMPBWeb/FiltriSelezioniXml.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {11AFDBD1-0703-11D4-8149-0010A4E64B76} (PrintForWeb.Print4Web)
- http://portale/cabs/simmng_sede/Print4Web.CAB
O16 - DPF: {12F47C16-3C78-11D5-94F7-005004BDFCAA}
(Download4Print.ctlDownload4Print) -
http://portale/CABS/GPF/Download4Print.CAB
O16 - DPF: {130366B6-11B6-11D3-947E-000000000000} (3DPieChart 6.0 Control)
- http://portale/CABS/SIMPBWeb/3DPieChartMEA.cab
O16 - DPF: {13E42EB7-9130-4CCA-93C3-98225475C1E0}
(PFPGeneratoreReport.Report) -
http://bfwvportale/Cabs/PFP/PFPGeneratoreReport.CAB
O16 - DPF: {16571C04-C2E4-411B-990E-DD930E0C564D}
(PPFMotUL.ULProiezioneGap) - http://portale/CABS/PREVIDENZA/PPFMotUL.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F}
(InstallerBehaviorFactory Class) -
https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {18E49819-DA10-4CAC-8216-B74A26473B7A} (Organization.usrOrg) -
(ScreenCapture.ScreenPrint) -
Registrazione