reindirizzamento a pagine pubblicitarie
Inviato: sab feb 26, 2011 3:28 pm
da mirien
Ciao! Sono nuova del forum, ho letto le vostre regole, ma non essendo molto esperta non sono riuscita a trovare nelle discussioni aperte la risposta al mio problema. Mi scuso sin d'ora, quindi, se già è stato affrontato.
Ecco il problema: utilizzando google per una ricerca (sia da google chrome che da explorer) e cliccando sui risultati vengo reindirizzata ad altri indirizzi sopratutto a :
http://wide.fullpageads.info/?ref=mall
Si tratta di un virus?
Vi allego il log di Hijackthis (sperando possa essere utile)
Come vi dicevo non so proprio come intervenire, ma devo risolvere la questione perché è divenuto davvero impossibile navigare!
Grazie
Mirien
Ecco il problema: utilizzando google per una ricerca (sia da google chrome che da explorer) e cliccando sui risultati vengo reindirizzata ad altri indirizzi sopratutto a :
http://wide.fullpageads.info/?ref=mall
Si tratta di un virus?
Vi allego il log di Hijackthis (sperando possa essere utile)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14.31.54, on 26/02/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programmi\Avira\AntiVir Desktop\sched.exe
D:\Programmi\Avira\AntiVir Desktop\avguard.exe
D:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache
Group\Apache2\bin\apache.exe
D:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
D:\Programmi\Avira\AntiVir Desktop\avshadow.exe
D:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
D:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache
Group\Apache2\bin\apache.exe
D:\WINDOWS\Explorer.EXE
D:\DOCUME~1\Vittorio\IMPOST~1\Temp\csrss.exe
D:\Programmi\Analog Devices\Core\smax4pnp.exe
D:\Programmi\Analog Devices\SoundMAX\Smax4.exe
D:\Programmi\Avira\AntiVir Desktop\avgnt.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE
D:\Documents and Settings\Vittorio\Dati
applicazioni\Microsoft\conhost.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
D:\Programmi\Skype\Phone\Skype.exe
D:\Programmi\ASUS WiFi-AP Solo\RtWLan.exe
D:\Programmi\WinZip\WZQKPICK.EXE
D:\Programmi\Skype\Plugin Manager\skypePM.exe
D:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe
D:\Documents and Settings\Vittorio\Dati applicazioni\dwm.exe
D:\WINDOWS\system32\dllhost.exe
D:\Programmi\Internet Explorer\iexplore.exe
D:\Programmi\Internet Explorer\iexplore.exe
D:\Programmi\Internet Explorer\iexplore.exe
D:\Programmi\Internet Explorer\iexplore.exe
D:\Programmi\Internet Explorer\iexplore.exe
O:\File temporanei Internet\Content.IE5\3ZGYH1IB\HiJackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
= http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = http=127.0.0.1:56545
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
= Collegamenti
R3 - URLSearchHook: Softonic-IT Toolbar -
{e3393495-8103-46a0-8181-270273eddd60} -
D:\Programmi\Softonic-IT\tbSoft.dll
R3 - URLSearchHook: Max IT Toolbar -
{609368c3-88c6-4b9d-9f8e-28e29bbb6131} - D:\Programmi\Max_IT\tbMax0.dll
F3 - REG:win.ini: load=D:\DOCUME~1\Vittorio\IMPOST~1\Temp\csrss.exe
F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe
O2 - BHO: Adobe PDF Link Helper -
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Programmi\File
comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} -
D:\Programmi\ConduitEngine\ConduitEngine.dll
O2 - BHO: Max IT Toolbar - {609368c3-88c6-4b9d-9f8e-28e29bbb6131} -
D:\Programmi\Max_IT\tbMax0.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Programmi\Google\Google
Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -
D:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -
D:\Programmi\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Softonic-IT Toolbar - {e3393495-8103-46a0-8181-270273eddd60}
- D:\Programmi\Softonic-IT\tbSoft.dll
O2 - BHO: EpsonToolBandKicker Class -
{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - D:\Programmi\EPSON\EPSON
Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page -
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - D:\Programmi\EPSON\EPSON
Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Softonic-IT Toolbar -
{e3393495-8103-46a0-8181-270273eddd60} -
D:\Programmi\Softonic-IT\tbSoft.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} -
D:\Programmi\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
D:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Max IT Toolbar - {609368c3-88c6-4b9d-9f8e-28e29bbb6131} -
D:\Programmi\Max_IT\tbMax0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
D:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMAXPnP] D:\Programmi\Analog
Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "D:\Programmi\Analog
Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [avgnt] "D:\Programmi\Avira\AntiVir
Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series]
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU
"D:\WINDOWS\TEMP\E_S9C.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher]
"D:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Programmi\File
comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [conhost] D:\Documents and Settings\Vittorio\Dati
applicazioni\Microsoft\conhost.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"D:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "D:\Programmi\Skype\Phone\Skype.exe"
/nosplash /minimized
O4 - HKCU\..\Run: [swg]
"D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "D:\Documents and
Settings\Vittorio\Impostazioni locali\Dati
applicazioni\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE
(User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32
advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO
LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE
(User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32
advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO DI
RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32
advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE
(User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32
advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = D:\Programmi\Microsoft
Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk =
D:\Programmi\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel -
res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... -
res://D:\Programmi\Google\Google
Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsi
dewiki.html
O9 - Extra button: Skype Plug-In -
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
D:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In -
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
D:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
D:\Programmi\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data -
{91774881-D725-4E58-B298-07617B9B86A8} -
D:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
D:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: d:\progra~1\wi9130~1\datamngr\datamngr.dll
O22 - SharedTaskScheduler: Precaricatore Browseui -
{438755C2-A8BA-11D1-B96B-00A0C90312E1} -
D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di
componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} -
D:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH
- D:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH -
D:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) -
Unknown owner - D:\Programmi\NVIDIA
Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache
Software Foundation - D:\Programmi\NVIDIA
Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google
Inc. - D:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google -
D:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited -
D:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation -
D:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA
Corporation - D:\Programmi\NVIDIA
Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - D:\WINDOWS\system32\nvsvc32.exe
--
End of file - 10948 bytes
Scan saved at 14.31.54, on 26/02/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programmi\Avira\AntiVir Desktop\sched.exe
D:\Programmi\Avira\AntiVir Desktop\avguard.exe
D:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache
Group\Apache2\bin\apache.exe
D:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
D:\Programmi\Avira\AntiVir Desktop\avshadow.exe
D:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
D:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache
Group\Apache2\bin\apache.exe
D:\WINDOWS\Explorer.EXE
D:\DOCUME~1\Vittorio\IMPOST~1\Temp\csrss.exe
D:\Programmi\Analog Devices\Core\smax4pnp.exe
D:\Programmi\Analog Devices\SoundMAX\Smax4.exe
D:\Programmi\Avira\AntiVir Desktop\avgnt.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE
D:\Documents and Settings\Vittorio\Dati
applicazioni\Microsoft\conhost.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
D:\Programmi\Skype\Phone\Skype.exe
D:\Programmi\ASUS WiFi-AP Solo\RtWLan.exe
D:\Programmi\WinZip\WZQKPICK.EXE
D:\Programmi\Skype\Plugin Manager\skypePM.exe
D:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe
D:\Documents and Settings\Vittorio\Dati applicazioni\dwm.exe
D:\WINDOWS\system32\dllhost.exe
D:\Programmi\Internet Explorer\iexplore.exe
D:\Programmi\Internet Explorer\iexplore.exe
D:\Programmi\Internet Explorer\iexplore.exe
D:\Programmi\Internet Explorer\iexplore.exe
D:\Programmi\Internet Explorer\iexplore.exe
O:\File temporanei Internet\Content.IE5\3ZGYH1IB\HiJackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
= http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = http=127.0.0.1:56545
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
= Collegamenti
R3 - URLSearchHook: Softonic-IT Toolbar -
{e3393495-8103-46a0-8181-270273eddd60} -
D:\Programmi\Softonic-IT\tbSoft.dll
R3 - URLSearchHook: Max IT Toolbar -
{609368c3-88c6-4b9d-9f8e-28e29bbb6131} - D:\Programmi\Max_IT\tbMax0.dll
F3 - REG:win.ini: load=D:\DOCUME~1\Vittorio\IMPOST~1\Temp\csrss.exe
F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe
O2 - BHO: Adobe PDF Link Helper -
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Programmi\File
comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} -
D:\Programmi\ConduitEngine\ConduitEngine.dll
O2 - BHO: Max IT Toolbar - {609368c3-88c6-4b9d-9f8e-28e29bbb6131} -
D:\Programmi\Max_IT\tbMax0.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Programmi\Google\Google
Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -
D:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -
D:\Programmi\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Softonic-IT Toolbar - {e3393495-8103-46a0-8181-270273eddd60}
- D:\Programmi\Softonic-IT\tbSoft.dll
O2 - BHO: EpsonToolBandKicker Class -
{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - D:\Programmi\EPSON\EPSON
Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page -
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - D:\Programmi\EPSON\EPSON
Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Softonic-IT Toolbar -
{e3393495-8103-46a0-8181-270273eddd60} -
D:\Programmi\Softonic-IT\tbSoft.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} -
D:\Programmi\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
D:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Max IT Toolbar - {609368c3-88c6-4b9d-9f8e-28e29bbb6131} -
D:\Programmi\Max_IT\tbMax0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
D:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMAXPnP] D:\Programmi\Analog
Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "D:\Programmi\Analog
Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [avgnt] "D:\Programmi\Avira\AntiVir
Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series]
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU
"D:\WINDOWS\TEMP\E_S9C.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher]
"D:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Programmi\File
comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [conhost] D:\Documents and Settings\Vittorio\Dati
applicazioni\Microsoft\conhost.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"D:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "D:\Programmi\Skype\Phone\Skype.exe"
/nosplash /minimized
O4 - HKCU\..\Run: [swg]
"D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "D:\Documents and
Settings\Vittorio\Impostazioni locali\Dati
applicazioni\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE
(User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32
advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO
LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE
(User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32
advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO DI
RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32
advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE
(User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32
advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = D:\Programmi\Microsoft
Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk =
D:\Programmi\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel -
res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... -
res://D:\Programmi\Google\Google
Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsi
dewiki.html
O9 - Extra button: Skype Plug-In -
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
D:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In -
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
D:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
D:\Programmi\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data -
{91774881-D725-4E58-B298-07617B9B86A8} -
D:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
D:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: d:\progra~1\wi9130~1\datamngr\datamngr.dll
O22 - SharedTaskScheduler: Precaricatore Browseui -
{438755C2-A8BA-11D1-B96B-00A0C90312E1} -
D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di
componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} -
D:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH
- D:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH -
D:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) -
Unknown owner - D:\Programmi\NVIDIA
Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache
Software Foundation - D:\Programmi\NVIDIA
Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google
Inc. - D:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google -
D:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited -
D:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation -
D:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA
Corporation - D:\Programmi\NVIDIA
Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - D:\WINDOWS\system32\nvsvc32.exe
--
End of file - 10948 bytes
Come vi dicevo non so proprio come intervenire, ma devo risolvere la questione perché è divenuto davvero impossibile navigare!
Grazie
Mirien