Options
Virus auto protect and firewall disabled; system hung up: please help!
Hi everybody.
I'm going crazy because I can not understand what's going on. :bawling:
I noticed that the Norton Antivirus 2004 Auto protect was disabled and the Blackice firewall was also disabled. I tried some tasks ...
When I try to enable auto protect or firewall the program stop to respond to the mopuse click on the status bar.
The system hung up when I shut down Windows and does not go off (you see the standard msg "I'm updating the configuration files" in Italian - or something like that): I have to manually switch off.
I scanned the system with installed norton (the scan still works), with Symantec on-line scan, with TrojanHunter, with Spybot, with McAfee Stinger and found nothing.
I noticed that the system icon didn't work so I started the safe mode (F8) and disabled the system recovery mode. The system in safe mode shut down normally. After having disabled system recovery the icon appears in normal mode but hangs up when I access to the update section.
When I close and reopen the firewall, the following msg appears: "the blackice service is pausing to allow for system recovery".
Another odd thing: I can not uninstall Norton and can nto upgrade Blackice, but i can update virus definition with intelligent updater.
Here is my hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 20.38.52, on 29/07/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\APC\PowerChute Business Edition\agent\pbeagent.exe
C:\Programmi\APC\PowerChute Business Edition\server\pbeserver.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\ati2sgag.exe
D:\Programmi\ISS\BlackICE\blackd.exe
C:\Programmi\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Programmi\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\GEARSec.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
D:\Programmi\ISS\BlackICE\rapapp.exe
C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
C:\Programmi\File comuni\Stardock\TrayServer.exe
C:\Programmi\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Programmi\Java\j2re1.4.2_01\bin\jusched.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\Elaborate Bytes\CloneDVD\ElbyCheck.exe
C:\Programmi\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
D:\Programmi\DU Meter\DUMeter.exe
C:\PROGRAMMI\FAXTALK COMMUNICATOR\FTCtrl32.exe
C:\Programmi\File comuni\Nokia\NCLTools\NclTray.exe
C:\Programmi\File comuni\Symantec Shared\Security Center\UsrPrmpt.exe
C:\PROGRAMMI\FAXTALK COMMUNICATOR\FAPIEXE.EXE
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Programmi\ScanSoft\OmniPagePro14.0\WorkFlowTray.exe
C:\Programmi\ScanSoft\OmniPagePro14.0\Opware14.exe
C:\Programmi\ScanSoft\OmniPagePro14.0\OpScheduler.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\COMMON~1\Nokia\Services\SERVIC~1.EXE
C:\Programmi\HP\HP Share-to-Web\hpgs2wnf.exe
D:\Programmi\ISS\BlackICE\blackice.exe
C:\Programmi\Bluetooth Software\BTTray.exe
C:\PROGRA~1\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\fpdisp5a.exe
C:\Programmi\Gigabyte\Gigabyte Windows Utility Manager\gwum.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\Nokia\PC Suite for Nokia 6600\connmngmntbox.exe
C:\Programmi\Nokia\PC Suite for Nokia 6600\ectaskscheduler.exe
C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe
C:\Programmi\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe
D:\Programmi\Sony Handheld\Hotsync.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE
C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe
E:\Utilities\procexp.exe
C:\WINDOWS\System32\wuauclt.exe
E:\temp\marco_sicur\HijackThis.exe
C:\Programmi\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///E:/www%20MyIntranet/www.infinito.it/aikikai.tn/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programmi\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: WsftpBrowserHelper Class - {601ED020-FB6C-11D3-87D8-0050DA59922B} - D:\Programmi\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: IECatcher Class - {B930BA63-9E5A-11D3-A288-0000E80E2EDE} - D:\Programmi\Mass Downloader\MDHELPER.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: SYSTRAN Premium 4.0 - {D3919E1A-D6A5-11D6-AC3E-00B0D094B576} - C:\PROGRA~1\Systran\4_0\Premium\IEPlugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programmi\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] "C:\Programmi\File comuni\Stardock\TrayServer.exe"
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Programmi\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmi\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Programmi\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmi\Elaborate Bytes\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [LogonStudio] "C:\Programmi\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DU Meter] D:\Programmi\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [CallControl 4.5] C:\PROGRAMMI\FAXTALK COMMUNICATOR\FTCtrl32.exe /autoload
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Programmi\File comuni\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programmi\File comuni\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Babylon Client] C:\Programmi\Babylon\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmi\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [WorkFlowTray] "C:\Programmi\ScanSoft\OmniPagePro14.0\WorkFlowTray.exe"
O4 - HKLM\..\Run: [Opware14] "C:\Programmi\ScanSoft\OmniPagePro14.0\Opware14.exe"
O4 - HKLM\..\Run: [OpScheduler] "C:\Programmi\ScanSoft\OmniPagePro14.0\OpScheduler.exe"
O4 - HKLM\..\Run: [THGuard] "D:\Programmi\TrojanHunter\THGuard.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Programmi\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [updateMgr] C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_1
O4 - Startup: HotSync Manager.lnk = D:\Programmi\Sony Handheld\Hotsync.exe
O4 - Startup: Webshots.lnk = C:\Programmi\Webshots\Launcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlackICE PC Protection.lnk = D:\Programmi\ISS\BlackICE\blackice.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Event Reminder.lnk = C:\Programmi\PrintMaster 16\pmremind.exe
O4 - Global Startup: FinePrint Dispatcher.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\fpdisp5a.exe
O4 - Global Startup: gwum.lnk = C:\Programmi\Gigabyte\Gigabyte Windows Utility Manager\gwum.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PCSuiteperNokia6600 Detect.lnk = ?
O4 - Global Startup: PCSuiteperNokia6600 TS.lnk = ?
O4 - Global Startup: Quicken Scheduled Updates.lnk = D:\Programmi\Quicken\bagent.exe
O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://D:\Programmi\Offline Explorer Enterprise\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://D:\Programmi\Offline Explorer Enterprise\Add_AllO.htm
O8 - Extra context menu item: Collegamenti a ritroso - res://c:\programmi\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pagine simili - res://c:\programmi\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Scarica &tutto con Mass Downloader - D:\Programmi\Mass Downloader\Add_All.htm
O8 - Extra context menu item: Scarica con &Mass Downloader - D:\Programmi\Mass Downloader\Add_Url.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Programmi\File comuni\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Versione cache della pagina - res://c:\programmi\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - D:\Programmi\Mass Downloader\massdown.exe
O9 - Extra 'Tools' menuitem: &Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - D:\Programmi\Mass Downloader\massdown.exe
O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Programmi\File comuni\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Programmi\File comuni\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D9FECE6-6940-4670-A40C-7AEE7A447AFC}: NameServer = 130.244.127.161,130.244.127.169,192.168.1.1
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\FILECO~1\Stardock\mcpstub.dll (file missing)
O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: APC PBE Agent (APCPBEAgent) - APC - C:\Programmi\APC\PowerChute Business Edition\agent\pbeagent.exe
O23 - Service: APC PBE Server (APCPBEServer) - APC - C:\Programmi\APC\PowerChute Business Edition\server\pbeserver.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlackICE - Internet Security Systems, Inc. - D:\Programmi\ISS\BlackICE\blackd.exe
O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Programmi\Bluetooth Software\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Programmi\Executive Software\Diskeeper\DkService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Programmi\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RapApp - Internet Security Systems, Inc. - D:\Programmi\ISS\BlackICE\rapapp.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Programmi\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: V2i Protector - PowerQuest Corporation - C:\Programmi\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
I'm going crazy because I can not understand what's going on. :bawling:
I noticed that the Norton Antivirus 2004 Auto protect was disabled and the Blackice firewall was also disabled. I tried some tasks ...
When I try to enable auto protect or firewall the program stop to respond to the mopuse click on the status bar.
The system hung up when I shut down Windows and does not go off (you see the standard msg "I'm updating the configuration files" in Italian - or something like that): I have to manually switch off.
I scanned the system with installed norton (the scan still works), with Symantec on-line scan, with TrojanHunter, with Spybot, with McAfee Stinger and found nothing.
I noticed that the system icon didn't work so I started the safe mode (F8) and disabled the system recovery mode. The system in safe mode shut down normally. After having disabled system recovery the icon appears in normal mode but hangs up when I access to the update section.
When I close and reopen the firewall, the following msg appears: "the blackice service is pausing to allow for system recovery".
Another odd thing: I can not uninstall Norton and can nto upgrade Blackice, but i can update virus definition with intelligent updater.
Here is my hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 20.38.52, on 29/07/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\APC\PowerChute Business Edition\agent\pbeagent.exe
C:\Programmi\APC\PowerChute Business Edition\server\pbeserver.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\ati2sgag.exe
D:\Programmi\ISS\BlackICE\blackd.exe
C:\Programmi\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Programmi\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\GEARSec.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
D:\Programmi\ISS\BlackICE\rapapp.exe
C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
C:\Programmi\File comuni\Stardock\TrayServer.exe
C:\Programmi\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Programmi\Java\j2re1.4.2_01\bin\jusched.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\Elaborate Bytes\CloneDVD\ElbyCheck.exe
C:\Programmi\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
D:\Programmi\DU Meter\DUMeter.exe
C:\PROGRAMMI\FAXTALK COMMUNICATOR\FTCtrl32.exe
C:\Programmi\File comuni\Nokia\NCLTools\NclTray.exe
C:\Programmi\File comuni\Symantec Shared\Security Center\UsrPrmpt.exe
C:\PROGRAMMI\FAXTALK COMMUNICATOR\FAPIEXE.EXE
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Programmi\ScanSoft\OmniPagePro14.0\WorkFlowTray.exe
C:\Programmi\ScanSoft\OmniPagePro14.0\Opware14.exe
C:\Programmi\ScanSoft\OmniPagePro14.0\OpScheduler.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\COMMON~1\Nokia\Services\SERVIC~1.EXE
C:\Programmi\HP\HP Share-to-Web\hpgs2wnf.exe
D:\Programmi\ISS\BlackICE\blackice.exe
C:\Programmi\Bluetooth Software\BTTray.exe
C:\PROGRA~1\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\fpdisp5a.exe
C:\Programmi\Gigabyte\Gigabyte Windows Utility Manager\gwum.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\Nokia\PC Suite for Nokia 6600\connmngmntbox.exe
C:\Programmi\Nokia\PC Suite for Nokia 6600\ectaskscheduler.exe
C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe
C:\Programmi\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe
D:\Programmi\Sony Handheld\Hotsync.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE
C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe
E:\Utilities\procexp.exe
C:\WINDOWS\System32\wuauclt.exe
E:\temp\marco_sicur\HijackThis.exe
C:\Programmi\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///E:/www%20MyIntranet/www.infinito.it/aikikai.tn/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programmi\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: WsftpBrowserHelper Class - {601ED020-FB6C-11D3-87D8-0050DA59922B} - D:\Programmi\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: IECatcher Class - {B930BA63-9E5A-11D3-A288-0000E80E2EDE} - D:\Programmi\Mass Downloader\MDHELPER.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: SYSTRAN Premium 4.0 - {D3919E1A-D6A5-11D6-AC3E-00B0D094B576} - C:\PROGRA~1\Systran\4_0\Premium\IEPlugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programmi\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] "C:\Programmi\File comuni\Stardock\TrayServer.exe"
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Programmi\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmi\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Programmi\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmi\Elaborate Bytes\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [LogonStudio] "C:\Programmi\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DU Meter] D:\Programmi\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [CallControl 4.5] C:\PROGRAMMI\FAXTALK COMMUNICATOR\FTCtrl32.exe /autoload
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Programmi\File comuni\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programmi\File comuni\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Babylon Client] C:\Programmi\Babylon\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmi\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [WorkFlowTray] "C:\Programmi\ScanSoft\OmniPagePro14.0\WorkFlowTray.exe"
O4 - HKLM\..\Run: [Opware14] "C:\Programmi\ScanSoft\OmniPagePro14.0\Opware14.exe"
O4 - HKLM\..\Run: [OpScheduler] "C:\Programmi\ScanSoft\OmniPagePro14.0\OpScheduler.exe"
O4 - HKLM\..\Run: [THGuard] "D:\Programmi\TrojanHunter\THGuard.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Programmi\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [updateMgr] C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_1
O4 - Startup: HotSync Manager.lnk = D:\Programmi\Sony Handheld\Hotsync.exe
O4 - Startup: Webshots.lnk = C:\Programmi\Webshots\Launcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlackICE PC Protection.lnk = D:\Programmi\ISS\BlackICE\blackice.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Event Reminder.lnk = C:\Programmi\PrintMaster 16\pmremind.exe
O4 - Global Startup: FinePrint Dispatcher.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\fpdisp5a.exe
O4 - Global Startup: gwum.lnk = C:\Programmi\Gigabyte\Gigabyte Windows Utility Manager\gwum.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PCSuiteperNokia6600 Detect.lnk = ?
O4 - Global Startup: PCSuiteperNokia6600 TS.lnk = ?
O4 - Global Startup: Quicken Scheduled Updates.lnk = D:\Programmi\Quicken\bagent.exe
O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://D:\Programmi\Offline Explorer Enterprise\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://D:\Programmi\Offline Explorer Enterprise\Add_AllO.htm
O8 - Extra context menu item: Collegamenti a ritroso - res://c:\programmi\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pagine simili - res://c:\programmi\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Scarica &tutto con Mass Downloader - D:\Programmi\Mass Downloader\Add_All.htm
O8 - Extra context menu item: Scarica con &Mass Downloader - D:\Programmi\Mass Downloader\Add_Url.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Programmi\File comuni\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Versione cache della pagina - res://c:\programmi\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - D:\Programmi\Mass Downloader\massdown.exe
O9 - Extra 'Tools' menuitem: &Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - D:\Programmi\Mass Downloader\massdown.exe
O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Programmi\File comuni\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Programmi\File comuni\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D9FECE6-6940-4670-A40C-7AEE7A447AFC}: NameServer = 130.244.127.161,130.244.127.169,192.168.1.1
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\FILECO~1\Stardock\mcpstub.dll (file missing)
O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: APC PBE Agent (APCPBEAgent) - APC - C:\Programmi\APC\PowerChute Business Edition\agent\pbeagent.exe
O23 - Service: APC PBE Server (APCPBEServer) - APC - C:\Programmi\APC\PowerChute Business Edition\server\pbeserver.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlackICE - Internet Security Systems, Inc. - D:\Programmi\ISS\BlackICE\blackd.exe
O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Programmi\Bluetooth Software\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Programmi\Executive Software\Diskeeper\DkService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Programmi\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RapApp - Internet Security Systems, Inc. - D:\Programmi\ISS\BlackICE\rapapp.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Programmi\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: V2i Protector - PowerQuest Corporation - C:\Programmi\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
0