cuba75
28-09-2004, 22:29
sistema oprativo :winxp+patch(no sp2)
antivir guard aggiornato
firewall non presente
-----------------------------------------------------
Il pc di un amico è stato "penetrato" da moti malware,spyware ed altri,alcunio sono stati debellati tramite spybot ed altri(come potete veder piu' sotto)sono stati individuati da ad-aware6 aggiornato ma una volta terminata la scansione e trovati il programma non riesce a toglierli e si incasina.E pensare che sino ad oggi avevo trovato ad-aware infallibile.
Avete qualche soluzione di come "trattarli e sfrattarli"?
Ecco il log di ad-aware6:
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :lunedì 27 settembre 2004 23.17.49
Created with Ad-aware Personal, free for private use.
Using reference-file :01R342 25.09.2004
______________________________________________________
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
27-09-2004 23.17.49 - Scan started. (Smart mode)
Listing running processes
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 27-09-2004 21.09.38
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 27-09-2004 21.09.41
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 27-09-2004 21.09.42
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Applicazione Servizi e Controller
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Sistema operativo Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 27-09-2004 21.09.42
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 27-09-2004 21.09.42
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.43
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:7 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 27-09-2004 21.09.44
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:8 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 27-09-2004 21.09.44
BasePriority : Normal
FileSize : 980 KB
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
CompanyName : Microsoft Corporation
FileDescription : Esplora risorse
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Sistema operativo Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:9 [avguard.exe]
FilePath : C:\Programmi\AVPersonal\
ThreadCreationTime : 27-09-2004 21.09.44
BasePriority : Normal
FileSize : 232 KB
FileVersion : 6.27.00.02
ProductVersion : 6.27.00.02
Copyright : Copyright
CompanyName : H+BEDV Datentechnik GmbH
FileDescription : Antivirus Service for Windows XP/2000/NT
InternalName : NTGuard
OriginalFilename : Guard.exe
ProductName : Windows XP/2000/XP Guard Service
Created on : 04/08/2004 10.35.38
Last accessed : 26/09/2004 22.00.00
Last modified : 04/08/2004 10.35.38
#:10 [ati2evxx.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.44
BasePriority : Normal
FileSize : 288 KB
Created on : 25/06/2003 21.25.22
Last accessed : 26/09/2004 22.00.00
Last modified : 25/06/2003 21.25.22
#:11 [avwupsrv.exe]
FilePath : C:\Programmi\AVPersonal\
ThreadCreationTime : 27-09-2004 21.09.44
BasePriority : Normal
FileSize : 36 KB
FileVersion : 6.27.00.01
ProductVersion : 6.27.00.01
Copyright : Copyright
CompanyName : H+BEDV Datentechnik GmbH, Germany
FileDescription : AntiVir Software Update Service for Windows
InternalName : AntiVir Update Service
OriginalFilename : AVWUpSrv.exe
ProductName : AntiVir Update Service for Windows XP, 2000, NT
Created on : 27/09/2004 19.54.55
Last accessed : 26/09/2004 22.00.00
Last modified : 17/08/2004 11.02.44
#:12 [win9x.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.50
BasePriority : Normal
FileSize : 98 KB
Created on : 17/09/2004 18.12.58
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.13.14
#:13 [windnsd.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.56
BasePriority : Normal
FileSize : 88 KB
Created on : 27/09/2004 20.42.50
Last accessed : 26/09/2004 22.00.00
Last modified : 27/09/2004 20.42.48
#:14 [rundll32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.59
BasePriority : Normal
FileSize : 31 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Modulo di esecuzione DLL come applicazioni
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Sistema operativo Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:15 [vpc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.59
BasePriority : Normal
FileSize : 95 KB
Created on : 26/09/2004 20.44.42
Last accessed : 26/09/2004 22.00.00
Last modified : 26/09/2004 20.45.36
#:16 [winboot32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.59
BasePriority : Normal
FileSize : 261 KB
Created on : 17/09/2004 18.00.58
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.07.32
#:17 [xwinxrpc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.59
BasePriority : Normal
FileSize : 97 KB
Created on : 17/09/2004 20.05.32
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 20.05.30
#:18 [winu32l.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.10.00
BasePriority : Normal
FileSize : 111 KB
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:19 [win32dlli.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 27-09-2004 21.10.00
BasePriority : Normal
FileSize : 22 KB
Created on : 19/09/2004 21.25.58
Last accessed : 26/09/2004 22.00.00
Last modified : 19/09/2004 21.26.30
#:20 [winres32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.10.00
BasePriority : Normal
FileSize : 58 KB
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:21 [avgnt.exe]
FilePath : C:\Programmi\AVPersonal\
ThreadCreationTime : 27-09-2004 21.10.00
BasePriority : Normal
FileSize : 120 KB
FileVersion : 6.27.00.00
ProductVersion : 6.27.00.00
Copyright : Copyright
CompanyName : H+BEDV Datentechnik GmbH
FileDescription : AntiVir Guard/XP Control Program
InternalName : AVGNT
OriginalFilename : AVGNT.EXE
ProductName : AntiVir Guard Control Program
Created on : 30/07/2004 8.03.32
Last accessed : 26/09/2004 22.00.00
Last modified : 30/07/2004 8.03.32
#:22 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.10.01
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:23 [msmsgs.exe]
FilePath : C:\Programmi\Messenger\
ThreadCreationTime : 27-09-2004 21.10.01
BasePriority : Normal
FileSize : 1052 KB
FileVersion : 4.0.0155
ProductVersion : Version 4.0
Copyright : Copyright (c) Microsoft Corporation 1997-2001
CompanyName : Microsoft Corporation
FileDescription : Messenger Client
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 16/09/2004 20.11.36
Last accessed : 26/09/2004 22.00.00
Last modified : 02/08/2001 5.14.34
#:24 [msgrsv32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.10.03
BasePriority : Normal
FileSize : 23 KB
Created on : 17/09/2004 20.06.02
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 20.06.04
#:25 [mpbtn.exe]
FilePath : C:\Programmi\HELPExpress\bin\
ThreadCreationTime : 27-09-2004 21.10.06
BasePriority : Normal
FileSize : 180 KB
Created on : 16/09/2004 20.34.45
Last accessed : 26/09/2004 22.00.00
Last modified : 20/11/2003 15.53.38
#:26 [ad-aware.exe]
FilePath : C:\PROGRA~1\LAVASOFT\AD-AWA~1\
ThreadCreationTime : 27-09-2004 21.17.23
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 27/09/2004 18.49.14
Last accessed : 26/09/2004 22.00.00
Last modified : 12/07/2003 19.00.20
Memory scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Started registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
ClickSpring Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\ClickSpring
ClickSpring Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9EB320CE-BE1D-4304-A081-4B4665414BEF}
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{cea206e8-8057-4a04-ace9-ff0d69a92297}
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : DyFuCA_BH.BHObj
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : DyFuCA_BH.BHObj.1
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : dyfuca_bh.sinkobj
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : dyfuca_bh.sinkobj.1
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Avenue Media
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Avenue Media
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Avenue Media\Internet Optimizer
DyFuCA Object recognized!
Type : RegKey
Data : DyFuCA
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DyFuCA
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{0BE10B0D-B4DB-4693-9B1F-9AEAD54D17DC}
istbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTbarISTbar
istbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{6d3f5de4-e980-4407-a10f-9ac771abaae6}
Search Miracle Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{A74CD7DD-EA6F-11D4-ABF3-000102378429}
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : browserhelperobject.bahelper
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : browserhelperobject.bahelper.1
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{8CBA1B49-8144-4721-A7B1-64C578C9EED7}
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{A3FDD654-A057-4971-9844-4ED8E67DBBB8}
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : SideFind.Finder
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : SideFind.Finder.1
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\SideFind
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SideFind
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\SideFind
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{58634367-D62B-4C2C-86BE-5AAC45CDB671}
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{D0288A41-9855-4A9B-8316-BABE243648DA}
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{10E42047-DEB9-4535-A118-B3F6EC39B807}
VX2 Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : localnrddll.localnrddllobj.1
VX2 Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{00320615-b6c2-40a6-8f99-f1c52d674fad}
istbar Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
Value : {5F1ABCDB-A875-46C1-8345-B72A4567E486}
Powerscan Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Powerscan
Value : account_id
Windows Object recognized!
Type : RegData
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Policies\Microsoft\Internet Explorer\Control Panel
Value : Homepage
Data :
Registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 32
Objects found so far: 32
Started deep registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Deep registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 32
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Deep scanning and examining files (C:)
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Performing conditional scans..
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
ClickSpring Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{3E4C3E0B-6BBE-4C94-86CA-6F055A989693}
ClickSpring Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{81EB72D7-3949-450F-B035-DE599959814F}
ClickSpring Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9EB320CE-BE1D-4304-A081-4B4665414BEF}\Contains\Files
Value : C:\WINDOWS\Downloaded Program Files\MediaTicketsInstaller.ocx
ClickSpring Object recognized!
Type : File
Data : mediaticketsinstaller.inf
Object : c:\windows\downloaded program files\
FileSize : 2 KB
Created on : 01/06/2004 13.39.44
Last accessed : 26/09/2004 22.00.00
Last modified : 01/06/2004 13.39.44
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSEM Update
DyFuCA Object recognized!
Type : Folder
Object : c:\program files\Internet Optimizer
DyFuCA Object recognized!
Type : File
Data : sim
Object : c:\program files\internet optimizer\
Created on : 17/09/2004 18.29.48
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.29.50
istbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{0985C112-2562-46F2-8DA6-92648BA4630F}
istbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{67907B3C-A6EF-4A01-99AD-3FCD5F526429}
istbar Object recognized!
Type : Folder
Object : c:\programmi\180Solutions
istbar Object recognized!
Type : Folder
Object : c:\programmi\ISTbar
istbar Object recognized!
Type : File
Data : sais.exe
Object : c:\programmi\180solutions\
FileSize : 108 KB
FileVersion : 5, 12, 0, 13
ProductVersion : 5, 12, 0, 13
Copyright : Copyright
CompanyName : 180solutions, Inc.
FileDescription : Search Assistant
ProductName : Search Assistant
Created on : 17/09/2004 18.30.50
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.30.50
istbar Object recognized!
Type : File
Data : fleok
Object : c:\programmi\180solutions\
Created on : 17/09/2004 18.31.03
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.31.04
istbar Object recognized!
Type : File
Data : saishook.dll
Object : c:\programmi\180solutions\
FileSize : 56 KB
Created on : 17/09/2004 18.31.08
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.31.10
istbar Object recognized!
Type : File
Data : sais.log
Object : c:\programmi\180solutions\
Created on : 17/09/2004 18.30.50
Last accessed : 26/09/2004 22.00.00
Last modified : 27/09/2004 20.08.02
istbar Object recognized!
Type : File
Data : saisau.dat
Object : c:\programmi\180solutions\
FileSize : 42 KB
Created on : 17/09/2004 18.30.59
Last accessed : 26/09/2004 22.00.00
Last modified : 26/09/2004 19.16.28
istbar Object recognized!
Type : File
Data : sais_kyf.dat
Object : c:\programmi\180solutions\
FileSize : 4095 KB
Created on : 21/09/2004 19.39.32
Last accessed : 26/09/2004 22.00.00
Last modified : 26/09/2004 19.16.28
istbar Object recognized!
Type : File
Data : xml_istbar.php
Object : c:\programmi\istbar\
FileSize : 11 KB
Created on : 17/09/2004 18.30.56
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.31.00
istbar Object recognized!
Type : File
Data : navmain.bmp
Object : c:\programmi\istbar\
FileSize : 7 KB
Created on : 17/09/2004 18.30.56
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.31.00
istbar Object recognized!
Type : File
Data : search.bmp
Object : c:\programmi\istbar\
FileSize : 1 KB
Created on : 17/09/2004 18.30.57
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.31.00
istbar Object recognized!
Type : File
Data : version_xml.php
Object : c:\programmi\istbar\
Created on : 17/09/2004 18.30.58
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.31.00
istbar Object recognized!
Type : File
Data : istactivex.inf
Object : c:\windows\downloaded program files\
Created on : 22/07/2004 11.37.00
Last accessed : 26/09/2004 22.00.00
Last modified : 22/07/2004 11.37.00
Search Miracle Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{02C20140-76F8-4763-83D5-B660107B7A11}
Search Miracle Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{A74CD7DE-EA6F-11D4-ABF3-000102378429}
Search Miracle Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{A74CD7DF-EA6F-11D4-ABF3-000102378429}
Search Miracle Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : PLOT.PlotCtrl.1
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{339D8AFF-0B42-4260-AD82-78CE605A9543}
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{A36A5936-CFD9-4B41-86BD-319A1931887F}
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Explorer Bars\{8CBA1B49-8144-4721-A7B1-64C578C9EED7}
SideFind Object recognized!
Type : Folder
Object : c:\programmi\SideFind
SideFind Object recognized!
Type : File
Data : update
Object : c:\programmi\sidefind\
Created on : 17/09/2004 18.29.26
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.29.28
SideFind Object recognized!
Type : File
Data : sfexd001
Object : c:\programmi\sidefind\
FileSize : 31 KB
Created on : 17/09/2004 18.29.28
Last accessed : 26/09/2004 22.00.00
Last modified : 19/09/2004 20.38.48
VX2 Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Multimpp
VX2 Object recognized!
Type : File
Data : dummy.htm
Object : c:\docume~1\mari\impost~1\temp\
Created on : 17/09/2004 18.29.35
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.29.36
Powerscan Object recognized!
Type : Folder
Object : c:\documents and settings\mari\menu avvio\programmi\Power Scan
Powerscan Object recognized!
Type : File
Data : power scan.lnk
Object : c:\documents and settings\mari\menu avvio\programmi\power scan\
Created on : 17/09/2004 18.31.03
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.31.04
Conditional scan result:
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 36
Objects found so far: 68
23.20.14 Scan complete
Summary of this scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Total scanning time :00.02.23.953
Objects scanned :44955
Objects identified :68
Objects ignored :0
New objects :68
--------------------------------------------------------
Muchas gracias y adios companeros!!!!
antivir guard aggiornato
firewall non presente
-----------------------------------------------------
Il pc di un amico è stato "penetrato" da moti malware,spyware ed altri,alcunio sono stati debellati tramite spybot ed altri(come potete veder piu' sotto)sono stati individuati da ad-aware6 aggiornato ma una volta terminata la scansione e trovati il programma non riesce a toglierli e si incasina.E pensare che sino ad oggi avevo trovato ad-aware infallibile.
Avete qualche soluzione di come "trattarli e sfrattarli"?
Ecco il log di ad-aware6:
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :lunedì 27 settembre 2004 23.17.49
Created with Ad-aware Personal, free for private use.
Using reference-file :01R342 25.09.2004
______________________________________________________
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
27-09-2004 23.17.49 - Scan started. (Smart mode)
Listing running processes
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 27-09-2004 21.09.38
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 27-09-2004 21.09.41
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 27-09-2004 21.09.42
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Applicazione Servizi e Controller
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Sistema operativo Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 27-09-2004 21.09.42
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 27-09-2004 21.09.42
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.43
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:7 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 27-09-2004 21.09.44
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:8 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 27-09-2004 21.09.44
BasePriority : Normal
FileSize : 980 KB
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
CompanyName : Microsoft Corporation
FileDescription : Esplora risorse
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Sistema operativo Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:9 [avguard.exe]
FilePath : C:\Programmi\AVPersonal\
ThreadCreationTime : 27-09-2004 21.09.44
BasePriority : Normal
FileSize : 232 KB
FileVersion : 6.27.00.02
ProductVersion : 6.27.00.02
Copyright : Copyright
CompanyName : H+BEDV Datentechnik GmbH
FileDescription : Antivirus Service for Windows XP/2000/NT
InternalName : NTGuard
OriginalFilename : Guard.exe
ProductName : Windows XP/2000/XP Guard Service
Created on : 04/08/2004 10.35.38
Last accessed : 26/09/2004 22.00.00
Last modified : 04/08/2004 10.35.38
#:10 [ati2evxx.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.44
BasePriority : Normal
FileSize : 288 KB
Created on : 25/06/2003 21.25.22
Last accessed : 26/09/2004 22.00.00
Last modified : 25/06/2003 21.25.22
#:11 [avwupsrv.exe]
FilePath : C:\Programmi\AVPersonal\
ThreadCreationTime : 27-09-2004 21.09.44
BasePriority : Normal
FileSize : 36 KB
FileVersion : 6.27.00.01
ProductVersion : 6.27.00.01
Copyright : Copyright
CompanyName : H+BEDV Datentechnik GmbH, Germany
FileDescription : AntiVir Software Update Service for Windows
InternalName : AntiVir Update Service
OriginalFilename : AVWUpSrv.exe
ProductName : AntiVir Update Service for Windows XP, 2000, NT
Created on : 27/09/2004 19.54.55
Last accessed : 26/09/2004 22.00.00
Last modified : 17/08/2004 11.02.44
#:12 [win9x.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.50
BasePriority : Normal
FileSize : 98 KB
Created on : 17/09/2004 18.12.58
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.13.14
#:13 [windnsd.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.56
BasePriority : Normal
FileSize : 88 KB
Created on : 27/09/2004 20.42.50
Last accessed : 26/09/2004 22.00.00
Last modified : 27/09/2004 20.42.48
#:14 [rundll32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.59
BasePriority : Normal
FileSize : 31 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Modulo di esecuzione DLL come applicazioni
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Sistema operativo Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:15 [vpc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.59
BasePriority : Normal
FileSize : 95 KB
Created on : 26/09/2004 20.44.42
Last accessed : 26/09/2004 22.00.00
Last modified : 26/09/2004 20.45.36
#:16 [winboot32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.59
BasePriority : Normal
FileSize : 261 KB
Created on : 17/09/2004 18.00.58
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.07.32
#:17 [xwinxrpc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.09.59
BasePriority : Normal
FileSize : 97 KB
Created on : 17/09/2004 20.05.32
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 20.05.30
#:18 [winu32l.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.10.00
BasePriority : Normal
FileSize : 111 KB
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:19 [win32dlli.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 27-09-2004 21.10.00
BasePriority : Normal
FileSize : 22 KB
Created on : 19/09/2004 21.25.58
Last accessed : 26/09/2004 22.00.00
Last modified : 19/09/2004 21.26.30
#:20 [winres32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.10.00
BasePriority : Normal
FileSize : 58 KB
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:21 [avgnt.exe]
FilePath : C:\Programmi\AVPersonal\
ThreadCreationTime : 27-09-2004 21.10.00
BasePriority : Normal
FileSize : 120 KB
FileVersion : 6.27.00.00
ProductVersion : 6.27.00.00
Copyright : Copyright
CompanyName : H+BEDV Datentechnik GmbH
FileDescription : AntiVir Guard/XP Control Program
InternalName : AVGNT
OriginalFilename : AVGNT.EXE
ProductName : AntiVir Guard Control Program
Created on : 30/07/2004 8.03.32
Last accessed : 26/09/2004 22.00.00
Last modified : 30/07/2004 8.03.32
#:22 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.10.01
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 31/08/2001 8.00.00
Last accessed : 26/09/2004 22.00.00
Last modified : 31/08/2001 8.00.00
#:23 [msmsgs.exe]
FilePath : C:\Programmi\Messenger\
ThreadCreationTime : 27-09-2004 21.10.01
BasePriority : Normal
FileSize : 1052 KB
FileVersion : 4.0.0155
ProductVersion : Version 4.0
Copyright : Copyright (c) Microsoft Corporation 1997-2001
CompanyName : Microsoft Corporation
FileDescription : Messenger Client
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 16/09/2004 20.11.36
Last accessed : 26/09/2004 22.00.00
Last modified : 02/08/2001 5.14.34
#:24 [msgrsv32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 27-09-2004 21.10.03
BasePriority : Normal
FileSize : 23 KB
Created on : 17/09/2004 20.06.02
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 20.06.04
#:25 [mpbtn.exe]
FilePath : C:\Programmi\HELPExpress\bin\
ThreadCreationTime : 27-09-2004 21.10.06
BasePriority : Normal
FileSize : 180 KB
Created on : 16/09/2004 20.34.45
Last accessed : 26/09/2004 22.00.00
Last modified : 20/11/2003 15.53.38
#:26 [ad-aware.exe]
FilePath : C:\PROGRA~1\LAVASOFT\AD-AWA~1\
ThreadCreationTime : 27-09-2004 21.17.23
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 27/09/2004 18.49.14
Last accessed : 26/09/2004 22.00.00
Last modified : 12/07/2003 19.00.20
Memory scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Started registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
ClickSpring Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\ClickSpring
ClickSpring Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9EB320CE-BE1D-4304-A081-4B4665414BEF}
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{cea206e8-8057-4a04-ace9-ff0d69a92297}
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : DyFuCA_BH.BHObj
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : DyFuCA_BH.BHObj.1
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : dyfuca_bh.sinkobj
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : dyfuca_bh.sinkobj.1
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Avenue Media
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Avenue Media
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Avenue Media\Internet Optimizer
DyFuCA Object recognized!
Type : RegKey
Data : DyFuCA
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DyFuCA
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{0BE10B0D-B4DB-4693-9B1F-9AEAD54D17DC}
istbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTbarISTbar
istbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{6d3f5de4-e980-4407-a10f-9ac771abaae6}
Search Miracle Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{A74CD7DD-EA6F-11D4-ABF3-000102378429}
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : browserhelperobject.bahelper
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : browserhelperobject.bahelper.1
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{8CBA1B49-8144-4721-A7B1-64C578C9EED7}
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{A3FDD654-A057-4971-9844-4ED8E67DBBB8}
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : SideFind.Finder
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : SideFind.Finder.1
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\SideFind
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SideFind
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\SideFind
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{58634367-D62B-4C2C-86BE-5AAC45CDB671}
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{D0288A41-9855-4A9B-8316-BABE243648DA}
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{10E42047-DEB9-4535-A118-B3F6EC39B807}
VX2 Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : localnrddll.localnrddllobj.1
VX2 Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{00320615-b6c2-40a6-8f99-f1c52d674fad}
istbar Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
Value : {5F1ABCDB-A875-46C1-8345-B72A4567E486}
Powerscan Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Powerscan
Value : account_id
Windows Object recognized!
Type : RegData
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Policies\Microsoft\Internet Explorer\Control Panel
Value : Homepage
Data :
Registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 32
Objects found so far: 32
Started deep registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Deep registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 32
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Deep scanning and examining files (C:)
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Performing conditional scans..
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
ClickSpring Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{3E4C3E0B-6BBE-4C94-86CA-6F055A989693}
ClickSpring Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{81EB72D7-3949-450F-B035-DE599959814F}
ClickSpring Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9EB320CE-BE1D-4304-A081-4B4665414BEF}\Contains\Files
Value : C:\WINDOWS\Downloaded Program Files\MediaTicketsInstaller.ocx
ClickSpring Object recognized!
Type : File
Data : mediaticketsinstaller.inf
Object : c:\windows\downloaded program files\
FileSize : 2 KB
Created on : 01/06/2004 13.39.44
Last accessed : 26/09/2004 22.00.00
Last modified : 01/06/2004 13.39.44
DyFuCA Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSEM Update
DyFuCA Object recognized!
Type : Folder
Object : c:\program files\Internet Optimizer
DyFuCA Object recognized!
Type : File
Data : sim
Object : c:\program files\internet optimizer\
Created on : 17/09/2004 18.29.48
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.29.50
istbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{0985C112-2562-46F2-8DA6-92648BA4630F}
istbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{67907B3C-A6EF-4A01-99AD-3FCD5F526429}
istbar Object recognized!
Type : Folder
Object : c:\programmi\180Solutions
istbar Object recognized!
Type : Folder
Object : c:\programmi\ISTbar
istbar Object recognized!
Type : File
Data : sais.exe
Object : c:\programmi\180solutions\
FileSize : 108 KB
FileVersion : 5, 12, 0, 13
ProductVersion : 5, 12, 0, 13
Copyright : Copyright
CompanyName : 180solutions, Inc.
FileDescription : Search Assistant
ProductName : Search Assistant
Created on : 17/09/2004 18.30.50
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.30.50
istbar Object recognized!
Type : File
Data : fleok
Object : c:\programmi\180solutions\
Created on : 17/09/2004 18.31.03
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.31.04
istbar Object recognized!
Type : File
Data : saishook.dll
Object : c:\programmi\180solutions\
FileSize : 56 KB
Created on : 17/09/2004 18.31.08
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.31.10
istbar Object recognized!
Type : File
Data : sais.log
Object : c:\programmi\180solutions\
Created on : 17/09/2004 18.30.50
Last accessed : 26/09/2004 22.00.00
Last modified : 27/09/2004 20.08.02
istbar Object recognized!
Type : File
Data : saisau.dat
Object : c:\programmi\180solutions\
FileSize : 42 KB
Created on : 17/09/2004 18.30.59
Last accessed : 26/09/2004 22.00.00
Last modified : 26/09/2004 19.16.28
istbar Object recognized!
Type : File
Data : sais_kyf.dat
Object : c:\programmi\180solutions\
FileSize : 4095 KB
Created on : 21/09/2004 19.39.32
Last accessed : 26/09/2004 22.00.00
Last modified : 26/09/2004 19.16.28
istbar Object recognized!
Type : File
Data : xml_istbar.php
Object : c:\programmi\istbar\
FileSize : 11 KB
Created on : 17/09/2004 18.30.56
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.31.00
istbar Object recognized!
Type : File
Data : navmain.bmp
Object : c:\programmi\istbar\
FileSize : 7 KB
Created on : 17/09/2004 18.30.56
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.31.00
istbar Object recognized!
Type : File
Data : search.bmp
Object : c:\programmi\istbar\
FileSize : 1 KB
Created on : 17/09/2004 18.30.57
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.31.00
istbar Object recognized!
Type : File
Data : version_xml.php
Object : c:\programmi\istbar\
Created on : 17/09/2004 18.30.58
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.31.00
istbar Object recognized!
Type : File
Data : istactivex.inf
Object : c:\windows\downloaded program files\
Created on : 22/07/2004 11.37.00
Last accessed : 26/09/2004 22.00.00
Last modified : 22/07/2004 11.37.00
Search Miracle Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{02C20140-76F8-4763-83D5-B660107B7A11}
Search Miracle Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{A74CD7DE-EA6F-11D4-ABF3-000102378429}
Search Miracle Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{A74CD7DF-EA6F-11D4-ABF3-000102378429}
Search Miracle Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : PLOT.PlotCtrl.1
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{339D8AFF-0B42-4260-AD82-78CE605A9543}
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{A36A5936-CFD9-4B41-86BD-319A1931887F}
SideFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Explorer Bars\{8CBA1B49-8144-4721-A7B1-64C578C9EED7}
SideFind Object recognized!
Type : Folder
Object : c:\programmi\SideFind
SideFind Object recognized!
Type : File
Data : update
Object : c:\programmi\sidefind\
Created on : 17/09/2004 18.29.26
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.29.28
SideFind Object recognized!
Type : File
Data : sfexd001
Object : c:\programmi\sidefind\
FileSize : 31 KB
Created on : 17/09/2004 18.29.28
Last accessed : 26/09/2004 22.00.00
Last modified : 19/09/2004 20.38.48
VX2 Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Multimpp
VX2 Object recognized!
Type : File
Data : dummy.htm
Object : c:\docume~1\mari\impost~1\temp\
Created on : 17/09/2004 18.29.35
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.29.36
Powerscan Object recognized!
Type : Folder
Object : c:\documents and settings\mari\menu avvio\programmi\Power Scan
Powerscan Object recognized!
Type : File
Data : power scan.lnk
Object : c:\documents and settings\mari\menu avvio\programmi\power scan\
Created on : 17/09/2004 18.31.03
Last accessed : 26/09/2004 22.00.00
Last modified : 17/09/2004 18.31.04
Conditional scan result:
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 36
Objects found so far: 68
23.20.14 Scan complete
Summary of this scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Total scanning time :00.02.23.953
Objects scanned :44955
Objects identified :68
Objects ignored :0
New objects :68
--------------------------------------------------------
Muchas gracias y adios companeros!!!!