Logfile di Trend Micro HijackThis v2.0.2
Scansione salvato 22.38.24, su 27/04/2010
Piattaforma: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
processi in esecuzione:
C: \ Windows \ system32 \ dwm.exe
C: \ Windows \ Explorer.EXE
C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ Xfyqea.exe
C: \ Windows \ system32 \ taskeng.exe
C: \ Programmi \ Sony \ VAIO Update 5 \ VAIOUpdt.exe
C: \ Programmi \ Sony \ VAIO SPMgr.exe Power Management \
C: \ Programmi \ Windows Defender \ msascui.exe
C: \ Programmi \ Synaptics \ \ SynTP \ Syntpenh.exe
C: \ Programmi \ Sony \ Utility ISBMgr.exe ISB \
C: \ Programmi \ \ Google Google Desktop GoogleDesktop.exe \ Search
C: \ Programmi \ Sony \ Strumenti di marketing \ MarketingTools.exe
C: \ Programmi \ File comuni \ Java \ jusched.exe Aggiornamento Java \
C: \ Program Files \ Avira \ AntiVir Desktop avgnt.exe \
C: \ Programmi \ ATI Technologies \ ATI.ACE \ MOM.exe \ Core-Static
C: \ Programmi \ \ Google Google Desktop GoogleDesktop.exe \ Search
C: \ Programmi \ Sony \ Utility LANUtil.exe Network \
C: \ Programmi \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe
C: \ Program Files \ Windows Live \ Messenger msnmsgr.exe \
C: \ Windows \ \ ehtray.exe ehome
C: \ Program Files \ Windows Media Player wmpnscfg.exe \
C: \ Programmi \ Spybot - Search & Destroy \ TeaTimer.exe
C: \ Windows \ \ ehmsas.exe ehome
C: \ Programmi \ ATI Technologies \ ATI.ACE \ CCC.exe \ Core-Static
C: \ Windows \ System32 mobsync.exe \
C: \ Windows \ system32 \ Macromed \ Flash \ FlashUtil10e.exe
C: \ Users \ pina \ Desktop \ HijackThis.exe
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer Main, Search Bar = Preserve
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.club-vaio.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - \ Software HKLM \ Search \ Microsoft \ Internet Explorer, SearchAssistant =
R0 - \ Software HKLM \ Search \ Microsoft \ Internet Explorer, CustomizeSearch =
R0 - \ Software HKCU \ Toolbar \ Microsoft \ Internet Explorer, LinksFolderName =
O1 - Hosts::: 1 localhost
O2 - BHO: SuggestMeYesBHO - (0FB6A909-6.086-458F-BD92-1F8EE10042A0) - C: \ Programmi \ AutocompletePro \ AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4.283-A596-FA578C2EBDC3) - C: \ Programmi \ File comuni \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: Spybot-S & D di protezione di IE - (53707962-6F74-2D53-2644-206D7942484F) - C: \ progra ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: (no name) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no file)
O2 - BHO: Helper ricerca - (6EBF7485-159F-4bff-A14F-B9E3AAC4465B) - C: \ Programmi \ Microsoft \ Enhancement Pack Search \ Helper SEPsearchhelperie.dll Search \
O2 - BHO: Guida per l'acces un Windows Live - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Programmi \ File comuni \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8.333-CF10577473F7) - C: \ Programmi \ Google \ Google Toolbar \ GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4.638-B6FA-CE66B5AD205D) - C: \ Programmi \ Google \ GoogleToolbarNotifier \ 5.5.4723.1820 \ swg.dll
O2 - BHO: Indirizzo Error Redirector Browser - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ progra ~ 1 \ GOOGLE ~ 1 \ BAE.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435B-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: Google Gears Helper - (E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53) - C: \ Programmi \ Google \ Google Gears \ Internet Explorer \ 0.5.36.0 \ gears.dll
O2 - BHO: Windows Live Toolbar Helper - (E15A8DC0-8.516-42A1-81EA-DC94EC1ACF10) - C: \ Program Files \ Windows Live \ Toolbar wltcore.dll \
O3 - Toolbar: & Windows Live Toolbar - (21FA44EF-376D-4D53-9B0F-8A89D3229068) - C: \ Program Files \ Windows Live \ Toolbar \ wltcore.dll
O3 - Toolbar: (no name) - (CCC7A320-B3CA-4.199-B1A6-9F516DD69829) - (no file)
O3 - Toolbar: Google Toolbar - (2318C2B1-4.965-11D4-9B18-009027A5CD4F) - C: \ Programmi \ Google \ Google Toolbar \ GoogleToolbar_32.dll
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ msascui.exe-hide
O4 - HKLM \ .. \ Run: [RtHDVCpl.exe] RtHDVCpl
O4 - HKLM \ .. Run \: [] SynTPEnh C: \ Programmi \ Synaptics \ \ SynTP \ Syntpenh.exe
O4 - HKLM \ .. Run \: [] ISBMgr.exe "C: \ Programmi \ Sony \ Utility ISB \ ISBMgr.exe"
O4 - HKLM \ .. \ Run: [Google Desktop Search] "C: \ Programmi \ Google \ Google Desktop Search \ GoogleDesktop.exe" / startup
O4 - HKLM \ .. Run \: [] MarketingTools C: \ Programmi \ Sony \ Strumenti di marketing \ MarketingTools.exe
O4 - HKLM \ .. \ Run: [Google Quick Search Box] "C: \ Programmi \ Google \ Casella di ricerca rapida \ GoogleQuickSearchBox.exe" / autorun
O4 - HKLM \ .. \ Run: [Skytel] Skytel.exe
O4 - HKLM \ .. Run \: [] StartCCC "C: \ Programmi \ ATI Technologies \ ATI.ACE" MSRun \ CLIStart.exe Core-Static \
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Programmi \ File comuni \ Java \ Java Update \ jusched.exe"
O4 - HKLM \ .. \ Run:] avgnt ["C: \ Program Files \ Avira \ AntiVir Desktop avgnt.exe \" / min
O4 - HKLM \ .. Run \: Adobe Reader [] Speed Launcher "C: \ Programmi \ Adobe \ Reader 9.0 \ Reader Reader_sl.exe \"
O4 - HKLM \ .. Run \: [] ARM Adobe "C: \ Programmi \ File comuni \ Adobe \ ARM \ 1.0 AdobeARM.exe \"
O4 - HKCU \ .. \ Run: [WindowsWelcomeCenter oobefldr.dll] rundll32.exe, ShowWelcomeCenter
O4 - HKCU \ .. Run \: [NSUFloatingUI] "C: \ Programmi \ Sony \ Utility Network \ LANUtil.exe"
O4 - HKCU \ .. Run \: [] SWG "C: \ Programmi \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run:] msnmsgr ["C: \ Program Files \ Windows Live Messenger msnmsgr.exe \ \" / background
O4 - HKCU \ .. \ Run: [ehTray.exe] C: \ Windows \ \ ehTray.exe ehome
O4 - HKCU \ .. Run \: [] WMPNSCFG C: \ Programmi \ Windows Media Player \ wmpnscfg.exe
O4 - HKCU \ .. Run \: [] TeaTimer spybotsd C: \ Programmi \ Spybot - Search & Destroy \ TeaTimer.exe
O4 - HKCU \ .. \ RunOnce: [Shockwave Updater] C: \ Windows \ System32 \ Adobe \ SHOCKW ~ 1 \ ~ SWHELP 1.EXE-Update -1.103.472 - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB6.4; SLCC1;. NET CLR 2.0.50727; Media Center PC 5.0;. NET CLR 3.5.30729; InfoPath.2; OfficeLiveConnector.1.3; OfficeLivePatch.0.0;. NET CLR 3.0.30729) "- "http://king.it.msn.com/play.jsp?tournamentId=6899"
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter oobefldr.dll] rundll32.exe, ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'SERVIZIO DI RETE')
O8 - elemento di contesto extra menu: Add to Google Photos Screensa & ver - res: / / C: \ Windows \ system32 \ GPhotos.scr/200
O8 - elemento di contesto extra menu: Google Sidewiki ... - Res: / / C: \ Programmi \ Google \ Google Toolbar Component \ GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html \
O9 - Pulsante extra: (no name) - (09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5) - C: \ Programmi \ Google \ Google Gears \ Internet Explorer \ 0.5.36.0 \ gears.dll
O9 - Extra 'Tools' menuitem: & Impostazioni di Google Gears - (09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5) - C: \ Programmi \ Google \ Google Gears \ Internet Explorer \ 0.5.36.0 \ gears.dll
O9 - Pulsante extra: blog Inserisci - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci & Blog di Windows Live Writer - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Pulsante extra: (no name) - (85d1f590-48f4-11d9-9.669-0800200c9a66) - C: \ Windows bdoscandel.exe \
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - (85d1f590-48f4-11d9-9.669-0800200c9a66) - C: \ Windows bdoscandel.exe \
O9 - Pulsante extra: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ REFIEBAR.DLL
O9 - Pulsante extra: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
Ø13 - Gopher Prefix:
O15 - Trusted IP range: http://192.168.1.1
O15 - Trusted ESC range IP: http://192.168.1.1
O16 - DPF: (3860DD98-0549-4D50-AA72-5D17D200EE10) (Windows Live OneCare Safety scanner di controllo) - http://cdn.scan.onecare.live.com/resour ... /wlscctrl2. cabina
O16 - DPF: (5D86DDB5-BDF9-441b-9E9E-D4730F4EE499) (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (8DF1EFB5-1215-4C4D-A7A0-29359A24222B): NameServer = 192.168.1.1
O18 - Protocol: skyline - (3A4F9195-65A8-11d5-85C1-0001023952C1) - (no file)
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9.458-1830C7DD7F5D) - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ Skype \ SKYPE4 ~ 1.dll
Ø20 - AppInit_DLLs: C: \ progra ~ 1 \ \ Google GOOGLE ~ 1 \ GOEC62 ~ 1.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C: \ Program Files \ Avira \ AntiVir Desktop sched.exe \
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C: \ Program Files \ Avira \ AntiVir Desktop avguard.exe \
O23 - Service: Ati esterno Event Utility - ATI Technologies Inc. - C: \ Windows \ system32 \ Ati2evxx.exe
Servizio O23 -: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel (R) Corporation - C: \ Programmi \ Intel \ WiFi \ bin \ EvtEng.exe
O23 - Service: getPlus (R) Helper - NOS Microsystems Ltd. - C: \ Program Files \ NOS \ bin \ getPlus_HelperSvc.exe
Servizio O23 -: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110.309-193.829) - Google - C: \ Programmi \ \ Google Google Desktop GoogleDesktop.exe \ Search
O23 - Service: Google Update Service (gupdate1c9a35ea15716de) (gupdate1c9a35ea15716de) - Google Inc. - C: \ Programmi \ Google \ Update \ GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C: \ Programmi \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - C: \ Programmi \ File comuni \ InterVideo \ RegMgr iviRegMgr.exe \
O23 - Service: MSCSPTISRV - proprietario Sconosciuto - c: \ Programmi \ File comuni \ Sony Shared \ AVLib \ MSCSPTISRV.exe (file missing)
Servizio O23 -: NSUService - Sony Corporation - C: \ Programmi \ Sony \ Utility NSUService.exe Network \
Servizio O23 -: PACSPTISVR - Sony Corporation - C: \ Programmi \ File comuni \ Sony Shared \ PACSPTISVR.exe \ AVLib
Servizio O23 -: Intel (R) PROSet / Wireless Service Registry (RegSrvc) - Intel (R) Corporation - C: \ Programmi \ File comuni \ Intel RegSrvc.exe \ \ WirelessCommon
Servizio O23 -: Service Audio Realtek (RtkAudioService) - Realtek Semiconductor - C: \ Windows RtkAudioService.exe \
Servizio O23 -: SBSD Centro Servizi di sicurezza (SBSDWSCService) - Safer Networking Ltd. - C: \ Programmi \ Spybot - Search & Destroy \ SDWinSec.exe
Servizio O23 -: ServiceLayer - Nokia - C: \ Programmi \ PC Connectivity Solution ServiceLayer.exe \
O23 - Service: VAIO Media Plus Content Importer (SOHCImp) - Sony Corporation - C: \ Program Files \ Sony \ VAIO Media plus \ SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C: \ Program Files \ Sony \ VAIO Media plus \ SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C: \ Program Files \ Sony \ VAIO Media plus \ SOHDs.exe
O23 - Service: Sony SPTI Service (SPTISRV) - proprietario Unknown - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SPTISRV.exe (file missing)
Servizio O23 -: VAIO TV Mobile Device Service compromissoria - Sony Corporation - C: \ Programmi \ File comuni \ Sony Shared \ VAIO Entertainment Platform \ VzHardwareResourceManager \ VzHardwareResourceManager \ VzHardwareResourceManager.exe
Servizio O23 -: Service Event VAIO - Sony Corporation - C: \ Programmi \ Sony \ VESMgr.exe VAIO Event Service \
Servizio O23 -: VAIO Power Management - Sony Corporation - C: \ Programmi \ Sony \ VAIO SPMService.exe Power Management \
Servizio O23 -: VAIO Watcher cartella di contenuto (VCFw) - Sony Corporation - C: \ Programmi \ File comuni \ Sony Shared \ Content VAIO VCFw.exe Watcher Folder \
Servizio O23 -: VAIO Intelligent Content Metadata Manager analisi (VcmIAlzMgr) - Sony Corporation - C: \ Programmi \ Sony \ VCM \ Intelligent Manager Analisi VcmIAlzMgr.exe
Servizio O23 -: metadati di contenuti VAIO interfaccia XML (VcmXmlIfHelper) - Sony Corporation - C: \ Programmi \ File comuni \ Sony Shared \ VcmXmlIfHelper.exe \ VcmXml
Servizio O23 -: UPnP adattatore VAIO Entertainment Client (Vcsw) - Sony Corporation - C: \ Programmi \ File comuni \ Sony Shared \ VAIO \ Platform Entertainment VCSW \ VCSW.exe
Servizio O23 -: VUAgent - Sony Corporation - C: \ Programmi \ Sony \ VAIO Update 5 \ VUAgent.exe
Servizio O23 -: VAIO Service Database Entertainment (VzCdbSvc) - Sony Corporation - C: \ Programmi \ File comuni \ Sony Shared \ Entertainment \ VAIO Platform VzCdb \ VzCdbSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C: \ Windows \ system32 \ DRIVERS \ xaudio.exe
-
Fine del file - 13.276 bytes