Xanty
08-02-2007, 21:07
Ciao ragazzi,ho bisogno del vostro aiuto per un pc virato e non solo.
ho i log di hijack prima e dopo aver fatto un fissaggio.Ma mi sono accorta di aver eliminato un valore importante forse ip del router poichè, dal computer in questione ,non si puo piu accedere ad internet mentre dagli altri pc connessi in rete si .
Dunque dovrei eliminare questi trojan e ripristinare la connessione ad internet
vi posto i log
prima del fissaggio:
Logfile of HijackThis v1.99.1
Scan saved at 0.20.51, on 01/01/2001
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\PROGRAMMI\FILE COMUNI\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\SCANJET\PRECISIONSCANLT\HPPWRSAV.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAMMI\CLAMWIN\BIN\CLAMTRAY.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\VEXPLITE\MONLITE.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\PROGRAMMI\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE
C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAMMI\SPYWARE DOCTOR\SWDOCTOR.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\VEXPLITE\VIRITEXP.EXE
C:\PROGRAMMI\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F1 - win.ini: run=hpfsched
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDSG.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Magic Install...] D:\SETUP.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
O4 - HKLM\..\Run: [hppwrsav] C:\SCANJET\PrecisionScanLT\hppwrsav.exe
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [MSConfigReminder] C:\WINDOWS\SYSTEM\msconfig.exe /reminder
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\FILECO~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
O4 - HKLM\..\RunServices: [MDM7] "C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
O4 - HKLM\..\RunServices: [avast!] C:\Programmi\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Programmi\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\RunServices: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\RunServices: [SpySweeper] C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\RunServices: [msnmsgr] "C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\RunServices: [Spyware Doctor] "C:\Programmi\Spyware Doctor\swdoctor.exe" /Q
O4 - Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - http://ricercaperfetta.com/ (file missing)
O9 - Extra 'Tools' menuitem: Loghi e suonerie - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - http://ricercaperfetta.com/ (file missing)
O9 - Extra button: Sfondi Computer - {FF4D2994-6575-4F03-A5C6-6559C8793A06} - c:\Sfondi Computer.exe (file missing)
O9 - Extra 'Tools' menuitem: Sfondi Computer - {FF4D2994-6575-4F03-A5C6-6559C8793A06} - c:\Sfondi Computer.exe (file missing)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 212.216.172.62,212.216.112.112
dopo il fissaggio:
Logfile of HijackThis v1.99.1
Scan saved at 2.06.25, on 01/01/2001
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\PROGRAMMI\FILE COMUNI\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\SCANJET\PRECISIONSCANLT\HPPWRSAV.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAMMI\CLAMWIN\BIN\CLAMTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\PROGRAMMI\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE
C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAMMI\SPYWARE DOCTOR\SWDOCTOR.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHSIMPL.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAMMI\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F1 - win.ini: run=hpfsched
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDSG.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Magic Install...] D:\SETUP.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
O4 - HKLM\..\Run: [hppwrsav] C:\SCANJET\PrecisionScanLT\hppwrsav.exe
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [MSConfigReminder] C:\WINDOWS\SYSTEM\msconfig.exe /reminder
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\FILECO~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
O4 - HKLM\..\RunServices: [MDM7] "C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
O4 - HKLM\..\RunServices: [avast!] C:\Programmi\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Programmi\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\RunServices: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\RunServices: [SpySweeper] C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\RunServices: [msnmsgr] "C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\RunServices: [Spyware Doctor] "C:\Programmi\Spyware Doctor\swdoctor.exe" /Q
O4 - Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
vi posto anche il resoconto di virt:
VirIT Lite Monitor: Lista dei programmi e servizi in esecuzione automatica
Sistema Operativo: Microsoft Windows ME
1 - 01/01/2001 - 00:13:12
0
TaskMonitor
C:\WINDOWS\taskmon.exe
Stato: File TROVATO
2 - 01/01/2001 - 00:13:12
0
PCHealth
C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
Stato: File TROVATO
3 - 01/01/2001 - 00:13:12
0
SystemTray
SysTray.Exe
Stato: File TROVATO
4 - 01/01/2001 - 00:13:12
0
LoadPowerProfile
Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
Stato: File TROVATO
5 - 01/01/2001 - 00:13:12
0
Magic Install...
D:\SETUP.EXE
Stato: File NON trovato
6 - 01/01/2001 - 00:13:12
0
SoundMan
SOUNDMAN.EXE
Stato: File TROVATO
7 - 01/01/2001 - 00:13:12
0
LVComs
C:\WINDOWS\SYSTEM\LVComS.exe
Stato: File TROVATO
8 - 01/01/2001 - 00:13:12
0
hppwrsav
C:\SCANJET\PrecisionScanLT\hppwrsav.exe
Stato: File TROVATO
9 - 01/01/2001 - 00:13:12
0
!!!011
Stato: File NON trovato
10 - 01/01/2001 - 00:13:12
0
avast! Web Scanner
C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
Stato: File TROVATO
11 - 01/01/2001 - 00:13:12
0
LoadQM
loadqm.exe
Stato: File TROVATO
12 - 01/01/2001 - 00:13:12
0
ClamWin
"C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
Stato: File TROVATO
13 - 01/01/2001 - 00:13:12
0
MSConfigReminder
C:\WINDOWS\SYSTEM\msconfig.exe /reminder
Stato: File TROVATO
14 - 01/01/2001 - 00:13:12
0
ashMaiSv
C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
Stato: File TROVATO
15 - 01/01/2001 - 00:13:12
0
VIRIT LITE MONITOR
C:\VEXPLITE\MONLITE.EXE
Stato: File TROVATO
16 - 01/01/2001 - 00:13:12
3
LoadPowerProfile
Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
Stato: File TROVATO
17 - 01/01/2001 - 00:13:12
3
SchedulingAgent
mstask.exe
Stato: File TROVATO
18 - 01/01/2001 - 00:13:12
3
SSDPSRV
C:\WINDOWS\SYSTEM\ssdpsrv.exe
Stato: File TROVATO
19 - 01/01/2001 - 00:13:12
3
*StateMgr
C:\WINDOWS\System\Restore\StateMgr.exe
Stato: File TROVATO
20 - 01/01/2001 - 00:13:12
3
MOSearch
C:\PROGRA~1\FILECO~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
Stato: File TROVATO
21 - 01/01/2001 - 00:13:12
3
MDM7
"C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
Stato: File TROVATO
22 - 01/01/2001 - 00:13:12
3
avast!
C:\Programmi\Alwil Software\Avast4\ashServ.exe
Stato: File TROVATO
23 - 01/01/2001 - 00:13:12
5
ctfmon.exe
ctfmon.exe
Stato: File TROVATO
24 - 01/01/2001 - 00:13:12
5
SpySweeper
C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe /0
Stato: File TROVATO
25 - 01/01/2001 - 00:13:12
5
msnmsgr
"C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE" /background
Stato: File TROVATO
26 - 01/01/2001 - 00:13:12
5
Spyware Doctor
"C:\Programmi\Spyware Doctor\swdoctor.exe" /Q
Stato: File TROVATO
27 - 01/01/2001 - 00:13:12
7
"%1" %*
Stato: File NON trovato
28 - 01/01/2001 - 00:13:12
8
"%1" %*
Stato: File NON trovato
29 - 01/01/2001 - 00:13:12
9
"%1" %*
Stato: File NON trovato
30 - 01/01/2001 - 00:13:12
10
"%1" %*
Stato: File NON trovato
31 - 01/01/2001 - 00:13:12
11
"%1" /S
Stato: File NON trovato
32 - 01/01/2001 - 00:13:12
24
WebCheck
C:\WINDOWS\SYSTEM\WEBCHECK.DLL
Stato: File TROVATO
33 - 01/01/2001 - 00:13:12
24
UPnPMonitor
C:\WINDOWS\SYSTEM\UPNPUI.DLL
Stato: File TROVATO
34 - 01/01/2001 - 00:13:12
24
AUHook
C:\WINDOWS\SYSTEM\AUHOOK.DLL
Stato: File TROVATO
35 - 01/01/2001 - 00:13:12
34
{8E718888-423F-11D2-876E-00A0C9082467}
C:\WINDOWS\SYSTEM\MSDXM.OCX
Stato: File TROVATO
36 - 01/01/2001 - 00:13:12
35
{438755C2-A8BA-11D1-B96B-00A0C90312E1}
C:\WINDOWS\SYSTEM\BROWSEUI.DLL
Stato: File TROVATO
37 - 01/01/2001 - 00:13:12
35
{8C7461EF-2B13-11d2-BE35-3078302C2030}
C:\WINDOWS\SYSTEM\BROWSEUI.DLL
Stato: File TROVATO
38 - 01/01/2001 - 00:13:12
23
Microsoft XML Parser for Java
file://C:\WINDOWS\Java\classes\xmldso4.cab
Stato: File NON trovato
39 - 01/01/2001 - 00:13:12
23
DirectAnimation Java Classes
file://C:\WINDOWS\SYSTEM\dajava.cab
Stato: File NON trovato
40 - 01/01/2001 - 00:13:12
25
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
C:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
Stato: File TROVATO
41 - 01/01/2001 - 00:13:12
25
{53707962-6F74-2D53-2644-206D7942484F}
C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
Stato: File TROVATO
42 - 01/01/2001 - 00:13:12
25
{B56A7D7D-6927-48C8-A975-17DF180C71AC}
C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
Stato: File TROVATO
43 - 01/01/2001 - 00:13:12
25
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}
C:\PROGRA~1\SPYWAR~1\TOOLS\IESDSG.DLL
Stato: File TROVATO
44 - 01/01/2001 - 00:13:12
26
000000000001
C:\WINDOWS\SYSTEM\rnr20.dll
Stato: File TROVATO
45 - 01/01/2001 - 00:13:12
27
000000000001
C:\WINDOWS\SYSTEM\mswsosp.dll
Stato: File TROVATO
46 - 01/01/2001 - 00:13:12
27
000000000002
C:\WINDOWS\SYSTEM\msafd.dll
Stato: File TROVATO
47 - 01/01/2001 - 00:13:12
27
000000000003
C:\WINDOWS\SYSTEM\msafd.dll
Stato: File TROVATO
48 - 01/01/2001 - 00:13:12
27
000000000004
C:\WINDOWS\SYSTEM\msafd.dll
Stato: File TROVATO
49 - 01/01/2001 - 00:13:12
27
000000000005
C:\WINDOWS\SYSTEM\rsvpsp.dll
Stato: File TROVATO
50 - 01/01/2001 - 00:13:12
27
000000000006
C:\WINDOWS\SYSTEM\rsvpsp.dll
Stato: File TROVATO
51 - 01/01/2001 - 00:13:12
30
C:\WINDOWS\Menu Avvio\Programmi\Esecuzione automatica\Microsoft Office.lnk
C:\Programmi\Microsoft Office\Office10\OSA.EXE
Stato: File TROVATO
52 - 01/01/2001 - 00:13:13
40
Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
Stato: File NON trovato
53 - 01/01/2001 - 00:13:13
41
Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Stato: File NON trovato
54 - 01/01/2001 - 00:13:13
43
Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Stato: File NON trovato
55 - 01/01/2001 - 00:13:13
44
Start Page
http://www.google.it
Stato: File NON trovato
56 - 01/01/2001 - 00:13:13
45
CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
Stato: File NON trovato
57 - 01/01/2001 - 00:13:13
46
SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
Stato: File NON trovato
58 - 01/01/2001 - 00:13:13
48
Default_Search_URL
about:blank
Stato: File NON trovato
59 - 01/01/2001 - 00:13:13
49
Search Bar
about:blank
Stato: File NON trovato
60 - 01/01/2001 - 00:13:13
50
Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Stato: File NON trovato
61 - 01/01/2001 - 00:13:13
51
Start Page
http://www.google.it
Stato: File NON trovato
ho i log di hijack prima e dopo aver fatto un fissaggio.Ma mi sono accorta di aver eliminato un valore importante forse ip del router poichè, dal computer in questione ,non si puo piu accedere ad internet mentre dagli altri pc connessi in rete si .
Dunque dovrei eliminare questi trojan e ripristinare la connessione ad internet
vi posto i log
prima del fissaggio:
Logfile of HijackThis v1.99.1
Scan saved at 0.20.51, on 01/01/2001
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\PROGRAMMI\FILE COMUNI\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\SCANJET\PRECISIONSCANLT\HPPWRSAV.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAMMI\CLAMWIN\BIN\CLAMTRAY.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\VEXPLITE\MONLITE.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\PROGRAMMI\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE
C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAMMI\SPYWARE DOCTOR\SWDOCTOR.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\VEXPLITE\VIRITEXP.EXE
C:\PROGRAMMI\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F1 - win.ini: run=hpfsched
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDSG.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Magic Install...] D:\SETUP.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
O4 - HKLM\..\Run: [hppwrsav] C:\SCANJET\PrecisionScanLT\hppwrsav.exe
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [MSConfigReminder] C:\WINDOWS\SYSTEM\msconfig.exe /reminder
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\FILECO~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
O4 - HKLM\..\RunServices: [MDM7] "C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
O4 - HKLM\..\RunServices: [avast!] C:\Programmi\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Programmi\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\RunServices: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\RunServices: [SpySweeper] C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\RunServices: [msnmsgr] "C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\RunServices: [Spyware Doctor] "C:\Programmi\Spyware Doctor\swdoctor.exe" /Q
O4 - Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - http://ricercaperfetta.com/ (file missing)
O9 - Extra 'Tools' menuitem: Loghi e suonerie - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - http://ricercaperfetta.com/ (file missing)
O9 - Extra button: Sfondi Computer - {FF4D2994-6575-4F03-A5C6-6559C8793A06} - c:\Sfondi Computer.exe (file missing)
O9 - Extra 'Tools' menuitem: Sfondi Computer - {FF4D2994-6575-4F03-A5C6-6559C8793A06} - c:\Sfondi Computer.exe (file missing)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 212.216.172.62,212.216.112.112
dopo il fissaggio:
Logfile of HijackThis v1.99.1
Scan saved at 2.06.25, on 01/01/2001
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\PROGRAMMI\FILE COMUNI\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\SCANJET\PRECISIONSCANLT\HPPWRSAV.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAMMI\CLAMWIN\BIN\CLAMTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\PROGRAMMI\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE
C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAMMI\SPYWARE DOCTOR\SWDOCTOR.EXE
C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHSIMPL.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAMMI\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F1 - win.ini: run=hpfsched
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDSG.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Magic Install...] D:\SETUP.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
O4 - HKLM\..\Run: [hppwrsav] C:\SCANJET\PrecisionScanLT\hppwrsav.exe
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [MSConfigReminder] C:\WINDOWS\SYSTEM\msconfig.exe /reminder
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\FILECO~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
O4 - HKLM\..\RunServices: [MDM7] "C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
O4 - HKLM\..\RunServices: [avast!] C:\Programmi\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Programmi\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\RunServices: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\RunServices: [SpySweeper] C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\RunServices: [msnmsgr] "C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\RunServices: [Spyware Doctor] "C:\Programmi\Spyware Doctor\swdoctor.exe" /Q
O4 - Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
vi posto anche il resoconto di virt:
VirIT Lite Monitor: Lista dei programmi e servizi in esecuzione automatica
Sistema Operativo: Microsoft Windows ME
1 - 01/01/2001 - 00:13:12
0
TaskMonitor
C:\WINDOWS\taskmon.exe
Stato: File TROVATO
2 - 01/01/2001 - 00:13:12
0
PCHealth
C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
Stato: File TROVATO
3 - 01/01/2001 - 00:13:12
0
SystemTray
SysTray.Exe
Stato: File TROVATO
4 - 01/01/2001 - 00:13:12
0
LoadPowerProfile
Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
Stato: File TROVATO
5 - 01/01/2001 - 00:13:12
0
Magic Install...
D:\SETUP.EXE
Stato: File NON trovato
6 - 01/01/2001 - 00:13:12
0
SoundMan
SOUNDMAN.EXE
Stato: File TROVATO
7 - 01/01/2001 - 00:13:12
0
LVComs
C:\WINDOWS\SYSTEM\LVComS.exe
Stato: File TROVATO
8 - 01/01/2001 - 00:13:12
0
hppwrsav
C:\SCANJET\PrecisionScanLT\hppwrsav.exe
Stato: File TROVATO
9 - 01/01/2001 - 00:13:12
0
!!!011
Stato: File NON trovato
10 - 01/01/2001 - 00:13:12
0
avast! Web Scanner
C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
Stato: File TROVATO
11 - 01/01/2001 - 00:13:12
0
LoadQM
loadqm.exe
Stato: File TROVATO
12 - 01/01/2001 - 00:13:12
0
ClamWin
"C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
Stato: File TROVATO
13 - 01/01/2001 - 00:13:12
0
MSConfigReminder
C:\WINDOWS\SYSTEM\msconfig.exe /reminder
Stato: File TROVATO
14 - 01/01/2001 - 00:13:12
0
ashMaiSv
C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
Stato: File TROVATO
15 - 01/01/2001 - 00:13:12
0
VIRIT LITE MONITOR
C:\VEXPLITE\MONLITE.EXE
Stato: File TROVATO
16 - 01/01/2001 - 00:13:12
3
LoadPowerProfile
Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
Stato: File TROVATO
17 - 01/01/2001 - 00:13:12
3
SchedulingAgent
mstask.exe
Stato: File TROVATO
18 - 01/01/2001 - 00:13:12
3
SSDPSRV
C:\WINDOWS\SYSTEM\ssdpsrv.exe
Stato: File TROVATO
19 - 01/01/2001 - 00:13:12
3
*StateMgr
C:\WINDOWS\System\Restore\StateMgr.exe
Stato: File TROVATO
20 - 01/01/2001 - 00:13:12
3
MOSearch
C:\PROGRA~1\FILECO~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
Stato: File TROVATO
21 - 01/01/2001 - 00:13:12
3
MDM7
"C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
Stato: File TROVATO
22 - 01/01/2001 - 00:13:12
3
avast!
C:\Programmi\Alwil Software\Avast4\ashServ.exe
Stato: File TROVATO
23 - 01/01/2001 - 00:13:12
5
ctfmon.exe
ctfmon.exe
Stato: File TROVATO
24 - 01/01/2001 - 00:13:12
5
SpySweeper
C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe /0
Stato: File TROVATO
25 - 01/01/2001 - 00:13:12
5
msnmsgr
"C:\PROGRAMMI\MSN MESSENGER\MSNMSGR.EXE" /background
Stato: File TROVATO
26 - 01/01/2001 - 00:13:12
5
Spyware Doctor
"C:\Programmi\Spyware Doctor\swdoctor.exe" /Q
Stato: File TROVATO
27 - 01/01/2001 - 00:13:12
7
"%1" %*
Stato: File NON trovato
28 - 01/01/2001 - 00:13:12
8
"%1" %*
Stato: File NON trovato
29 - 01/01/2001 - 00:13:12
9
"%1" %*
Stato: File NON trovato
30 - 01/01/2001 - 00:13:12
10
"%1" %*
Stato: File NON trovato
31 - 01/01/2001 - 00:13:12
11
"%1" /S
Stato: File NON trovato
32 - 01/01/2001 - 00:13:12
24
WebCheck
C:\WINDOWS\SYSTEM\WEBCHECK.DLL
Stato: File TROVATO
33 - 01/01/2001 - 00:13:12
24
UPnPMonitor
C:\WINDOWS\SYSTEM\UPNPUI.DLL
Stato: File TROVATO
34 - 01/01/2001 - 00:13:12
24
AUHook
C:\WINDOWS\SYSTEM\AUHOOK.DLL
Stato: File TROVATO
35 - 01/01/2001 - 00:13:12
34
{8E718888-423F-11D2-876E-00A0C9082467}
C:\WINDOWS\SYSTEM\MSDXM.OCX
Stato: File TROVATO
36 - 01/01/2001 - 00:13:12
35
{438755C2-A8BA-11D1-B96B-00A0C90312E1}
C:\WINDOWS\SYSTEM\BROWSEUI.DLL
Stato: File TROVATO
37 - 01/01/2001 - 00:13:12
35
{8C7461EF-2B13-11d2-BE35-3078302C2030}
C:\WINDOWS\SYSTEM\BROWSEUI.DLL
Stato: File TROVATO
38 - 01/01/2001 - 00:13:12
23
Microsoft XML Parser for Java
file://C:\WINDOWS\Java\classes\xmldso4.cab
Stato: File NON trovato
39 - 01/01/2001 - 00:13:12
23
DirectAnimation Java Classes
file://C:\WINDOWS\SYSTEM\dajava.cab
Stato: File NON trovato
40 - 01/01/2001 - 00:13:12
25
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
C:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
Stato: File TROVATO
41 - 01/01/2001 - 00:13:12
25
{53707962-6F74-2D53-2644-206D7942484F}
C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
Stato: File TROVATO
42 - 01/01/2001 - 00:13:12
25
{B56A7D7D-6927-48C8-A975-17DF180C71AC}
C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
Stato: File TROVATO
43 - 01/01/2001 - 00:13:12
25
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}
C:\PROGRA~1\SPYWAR~1\TOOLS\IESDSG.DLL
Stato: File TROVATO
44 - 01/01/2001 - 00:13:12
26
000000000001
C:\WINDOWS\SYSTEM\rnr20.dll
Stato: File TROVATO
45 - 01/01/2001 - 00:13:12
27
000000000001
C:\WINDOWS\SYSTEM\mswsosp.dll
Stato: File TROVATO
46 - 01/01/2001 - 00:13:12
27
000000000002
C:\WINDOWS\SYSTEM\msafd.dll
Stato: File TROVATO
47 - 01/01/2001 - 00:13:12
27
000000000003
C:\WINDOWS\SYSTEM\msafd.dll
Stato: File TROVATO
48 - 01/01/2001 - 00:13:12
27
000000000004
C:\WINDOWS\SYSTEM\msafd.dll
Stato: File TROVATO
49 - 01/01/2001 - 00:13:12
27
000000000005
C:\WINDOWS\SYSTEM\rsvpsp.dll
Stato: File TROVATO
50 - 01/01/2001 - 00:13:12
27
000000000006
C:\WINDOWS\SYSTEM\rsvpsp.dll
Stato: File TROVATO
51 - 01/01/2001 - 00:13:12
30
C:\WINDOWS\Menu Avvio\Programmi\Esecuzione automatica\Microsoft Office.lnk
C:\Programmi\Microsoft Office\Office10\OSA.EXE
Stato: File TROVATO
52 - 01/01/2001 - 00:13:13
40
Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
Stato: File NON trovato
53 - 01/01/2001 - 00:13:13
41
Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Stato: File NON trovato
54 - 01/01/2001 - 00:13:13
43
Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Stato: File NON trovato
55 - 01/01/2001 - 00:13:13
44
Start Page
http://www.google.it
Stato: File NON trovato
56 - 01/01/2001 - 00:13:13
45
CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
Stato: File NON trovato
57 - 01/01/2001 - 00:13:13
46
SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
Stato: File NON trovato
58 - 01/01/2001 - 00:13:13
48
Default_Search_URL
about:blank
Stato: File NON trovato
59 - 01/01/2001 - 00:13:13
49
Search Bar
about:blank
Stato: File NON trovato
60 - 01/01/2001 - 00:13:13
50
Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Stato: File NON trovato
61 - 01/01/2001 - 00:13:13
51
Start Page
http://www.google.it
Stato: File NON trovato