Jump to content

mattia74

Members
  • Content Count

    4
  • Joined

  • Last visited

About mattia74

  • Rank
    New Member

Previous Fields

  • System Specifications:
    windows xp prof
  1. Hi jwbirdsong, I followed all steps in your response. I stopped some scans while scanning my local disk F because on it there are only photos and music. I'm not able to attach any file to my post....... may be I'm not enable by administrator to do this! So, you can see them here Thank you ------------------------------------------------------------------------------------------------------ Logfile of HijackThis v1.99.1 Scan saved at 13.49.02, on 12/26/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\HijackStuff\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.google.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank F2 - REG:system.ini: Shell= O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll (file missing) O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\it\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\it\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Security Agent (scagent) - Unknown owner - C:\WINDOWS\system32\scagent.exe" start (file missing) O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SpyDetectorWatcher - Unknown owner - C:\Program Files\SpyDetector\spywatcher.exe (file missing) ------------------------------------------------------------------------------------------------------ smitRem © log file version 2.8 by noahdfear Microsoft Windows XP [Version 5.1.2600] The current date is: lun 12/26/2005 The current time is: 13.55.20,48 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ checking for ShudderLTD key ShudderLTD key not present! checking for PSGuard.com key PSGuard.com key not present! spyaxe uninstaller NOT present ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Existing Pre-run Files ~~~ Program Files ~~~ ~~~ Shortcuts ~~~ ~~~ Favorites ~~~ ~~~ system32 folder ~~~ 1024 dir ld****.tmp mssearchnet.exe ncompat.tlb mscornet.exe logfiles ~~~ Icons in System32 ~~~ ~~~ Windows directory ~~~ ~~~ Drive root ~~~ ~~~ Miscellaneous Files/folders ~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 888 'explorer.exe' Starting registry repairs Deleting files Remaining Post-run Files ~~~ Program Files ~~~ ~~~ Shortcuts ~~~ ~~~ Favorites ~~~ ~~~ system32 folder ~~~ ~~~ Icons in System32 ~~~ ~~~ Windows directory ~~~ ~~~ Drive root ~~~ ~~~ Miscellaneous Files/folders ~~~ ~~~ Wininet.dll ~~~ CLEAN! ------------------------------------------------------------------------------------------------------ --------------------------------------------------------- ewido anti-malware - Scan report --------------------------------------------------------- + Created on: 15.09.47, 12/26/2005 + Report-Checksum: A9BDD88B + Scan result: F:\GIOCHI\Warcraft 3\FFF-Warcraft.3.Reign.of.Chaos_KEYGEN.zip/start.exe -> Downloader.IstBar : Ignored F:\GIOCHI\Warcraft 3\start.exe -> Downloader.IstBar : Ignored :mozilla.6:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Hitbox : Ignored :mozilla.10:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Questionmarket : Ignored :mozilla.11:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Ignored :mozilla.29:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Hitbox : Ignored :mozilla.32:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Mediaplex : Ignored :mozilla.34:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Com : Ignored :mozilla.35:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Com : Ignored :mozilla.39:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Ignored :mozilla.40:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Ignored :mozilla.43:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.2o7 : Ignored :mozilla.49:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Fastclick : Ignored :mozilla.58:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Advertising : Ignored :mozilla.61:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Hitbox : Ignored :mozilla.65:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Falkag : Ignored :mozilla.66:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Falkag : Ignored :mozilla.67:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Falkag : Ignored :mozilla.68:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Falkag : Ignored :mozilla.74:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Atdmt : Ignored :mozilla.76:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Hitbox : Ignored :mozilla.77:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Ignored :mozilla.79:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Ignored :mozilla.80:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Ignored :mozilla.89:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Advertising : Ignored :mozilla.115:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Bluestreak : Ignored :mozilla.116:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Ignored :mozilla.121:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Falkag : Ignored :mozilla.122:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Falkag : Ignored :mozilla.123:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Falkag : Ignored :mozilla.124:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Falkag : Ignored F:\Mattia\Lubiana\VIDEO.AVI.exe -> Dialer.Generic : Ignored HKLM\SOFTWARE\Classes\CLSID\{DE3BEBDB-AEE7-4277-8B6E-4EEFFA9508AE} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\TypeLib\{C89E0F84-3C34-43D1-A72C-AF1A160A7C07} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Dbi -> Spyware.BetterInternet : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ISTactivex.dll -> Spyware.ISTBar : Cleaned with backup HKLM\SOFTWARE\sr -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\sr\sr -> Spyware.CoolWebSearch : Cleaned with backup C:\dlltmp.exe -> Trojan.Bizten : Cleaned with backup C:\Documents and Settings\Mattia\Cookies\mattia@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup C:\WINDOWS\fktyg.exe -> Dropper.Tibsis.a : Cleaned with backup C:\WINDOWS\homepage.htm -> Spyware.Hijacker.Generic : Cleaned with backup C:\WINDOWS\m7.exe -> Downloader.Swizzor.bt : Cleaned with backup C:\WINDOWS\odbs.log -> Spyware.Hijacker.Generic : Cleaned with backup C:\WINDOWS\rocky2.exe -> Logger.Briss.h : Cleaned with backup C:\WINDOWS\system\teen.exe -> Not-A-Virus.Pornware.Downloader.Tibsystems.a : Cleaned with backup C:\WINDOWS\tnmng.exe -> Downloader.Small.il : Cleaned with backup C:\WINDOWS\winum32.exe -> Downloader.Agent.ap : Cleaned with backup :mozilla.78:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup :mozilla.81:F:\Luca\Fisica\Fisica delle Particelle Elementari\Droide5\.mozilla\default\bxr4q96d.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup ::Report End ------------------------------------------------------------------------------------------------------ Incident Status Location Dialer:dialer.cos Not desinfected C:\Documents and Settings\Mattia\Favorites\exsplorer.lnk Dialer:Dialer.PK Not desinfected C:\Documents and Settings\Mattia74\Local Settings\Temporary Internet Files\Content.IE5\G9OWMRT3\EPlugin_IT[1].cab[EPlugin.inf] Adware:Adware/WinTools Not desinfected C:\Program Files\ASUS Features\insthlp.dat Adware:Adware/CWS Not desinfected C:\WINDOWS\color.css Adware:Adware/SAHAgent Not desinfected C:\WINDOWS\inf\bi.inf Spyware:Spyware/BetterInet Not desinfected C:\WINDOWS\inf\biini.inf Adware:Adware/CWS Not desinfected C:\WINDOWS\system.sam Adware:adware/cashsaver Not desinfected C:\WINDOWS\system32\CSUninstall.exe Adware:Adware/Stopzilla Not desinfected C:\WINDOWS\system32\StopzillaBH0.dll Adware:Adware/IST.ISTBar Not desinfected F:\GIOCHI\Warcraft 3\FFF-Warcraft.3.Reign.of.Chaos_KEYGEN.zip[start.exe] Adware:Adware/IST.ISTBar Not desinfected F:\GIOCHI\Warcraft 3\start.exe
  2. Thank you, I have downloaded last version of HijackThis. This is the new log: Logfile of HijackThis v1.99.1 Scan saved at 14.22.05, on 12/25/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\NavNT\defwatch.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\NavNT\rtvscan.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\mssearchnet.exe C:\WINDOWS\system32\MsgSys.EXE C:\Program Files\NavNT\vptray.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe C:\Program Files\Internet Explorer\iexplore.exe C:\HijackStuff\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.google.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank F2 - REG:system.ini: Shell= O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll (file missing) O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\it\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\it\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{CBADEB47-8121-49CF-BB9B-F683074513A6}: NameServer = 193.70.152.15 193.70.152.25 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Security Agent (scagent) - Unknown owner - C:\WINDOWS\system32\scagent.exe" start (file missing) O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SpyDetectorWatcher - Unknown owner - C:\Program Files\SpyDetector\spywatcher.exe (file missing)
  3. Please help me, my Norton Antivirus has detected the virus Trojan.Zlob by I'm not able to remove it. My internet default page has changed, and I have an alert pop-up in the task bar that says "your computer is infected with last versone of internet trojan (iworm-attck-v122.02a)" or "your computer performance has slowed down ..........". Sometimes my browser is automatically redirected to porno sites. Thanks This is my HijackThis.log: Logfile of HijackThis v1.98.2 Scan saved at 14.20.35, on 12/24/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\NavNT\defwatch.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\NavNT\rtvscan.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\MsgSys.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\mssearchnet.exe C:\Program Files\NavNT\vptray.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe C:\Program Files\Offline Course Player\OlpSynch.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe C:\Documents and Settings\Mattia\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.google.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\it\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\it\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe O4 - HKLM\..\Run: [OLPSYNCH] C:\Program Files\Offline Course Player\OlpSynch.exe O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Web Search - C:\WINDOWS\ex.htm O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Filter: text/html - {C00BDE70-757E-48E1-AEB5-E279BEDBE9B6} - C:\WINDOWS\System32\diih.dll O18 - Filter: text/plain - {C00BDE70-757E-48E1-AEB5-E279BEDBE9B6} - C:\WINDOWS\System32\diih.dll
×
×
  • Create New...