grazie fin da ora. gianluca
Logfile of HijackThis v1.98.0
Scan saved at 19.43.46, on 03/08/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)
Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE
C:PROGRAMMIFILE COMUNISYMANTEC SHAREDCCEVTMGR.EXE
C:WINDOWSSYSTEMMDM.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSIEEN.EXE
C:WINDOWSAPPJP.EXE
C:WINDOWSSYSTEMNTLT.EXE
C:WINDOWSSYSTEMRESTORESTMGR.EXE
C:WINDOWSMFCFI.EXE
C:WINDOWSSYSTEMADDSN.EXE
C:WINDOWSSYSTEMJAVADB.EXE
C:WINDOWSMFCFN.EXE
C:WINDOWSSYSTEMADDWI32.EXE
C:WINDOWSSYSTEMSDKZS.EXE
C:WINDOWSSYSTEMJAVADB.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:PROGRAMMIFILE COMUNISYMANTEC SHAREDCCAPP.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:PROGRAMMIDIRECTCDDIRECTCD.EXE
C:WINDOWSSYSTEMGSICON.EXE
C:WINDOWSSYSTEMDSLAGENT.EXE
C:PROGRAMMIDAPDAP.EXE
C:PROGRAMMIFILE COMUNIREALUPDATE_OBREALSCHED.EXE
C:PROGRAMMITRUST250S SERIESLWBWHEEL.EXE
C:PROGRAMMISYMANTECLIVEUPDATEALUNOTIFY.EXE
C:PROGRAMMIWINZIPWZQKPICK.EXE
C:WINDOWSSYSTEMADDWI32.EXE
C:PROGRAMMIINTERNET EXPLORERIEXPLORE.EXE
C:WINDOWSSYSTEMNTLT.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:WINDOWSSYSTEMNTLT.EXE
C:WINDOWSSYSTEMJAVADB.EXE
C:WINDOWSSYSTEMAPPEQ.EXE
C:WINDOWSSYSTEMNTTD32.EXE
C:WINDOWSAPPJP.EXE
C:PROGRAMMIWINZIPWINZIP32.EXE
C:WINDOWSTEMPHIJACKTHIS.EXE
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = res://C:WINDOWShercs.dll/sp.html#96676
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = res://hercs.dll/index.html#96676
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = res://hercs.dll/index.html#96676
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = res://C:WINDOWShercs.dll/sp.html#96676
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = res://C:WINDOWShercs.dll/sp.html#96676
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = res://hercs.dll/index.html#96676
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:ProgrammiNorton AntiVirusNavShExt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:PROGRAMMIADOBEACROBAT 5.0READERACTIVEXACROIEHELPER.OCX
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:programmigooglegoogletoolbar1.dll
O2 - BHO: (no name) - {DE3BEBDB-AEE7-4277-8B6E-4EEFFA9508AE} - C:WINDOWSSYSTEMTIUIS.DLL (file missing)
O2 - BHO: ICOO Loader BHO - {B9D90B27-AD4A-413a-88CB-3E6DDC10DC2D} - C:WINDOWSMSOPT.DLL (file missing)
O2 - BHO: Class - {7CDA428B-E678-4696-262A-B07C9ECE7D9C} - C:WINDOWSATLBV32.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:ProgrammiNorton AntiVirusNavShExt.dll
O3 - Toolbar: @msdxmLC.dll,-1@1040,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programmigooglegoogletoolbar1.dll
O4 - HKLM..Run: [PCHealth] C:WINDOWSPCHealthSupportPCHSchd.exe -s
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [ccApp] "C:ProgrammiFile comuniSymantec SharedccApp.exe"
O4 - HKLM..Run: [ccRegVfy] "C:ProgrammiFile comuniSymantec SharedccRegVfy.exe"
O4 - HKLM..Run: [Adaptec DirectCD] C:ProgrammiDirectCDDIRECTCD.EXE
O4 - HKLM..Run: [GSICONEXE] GSICON.EXE
O4 - HKLM..Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM..Run: [DownloadAccelerator] C:PROGRA~1DAPDAP.EXE /STARTUP
O4 - HKLM..Run: [TkBellExe] "C:ProgrammiFile comuniRealUpdate_OB ealsched.exe" -osboot
O4 - HKLM..Run: [LWBMOUSE] C:ProgrammiTrust250S Serieslwbwheel.exe
O4 - HKLM..Run: [MFCFN.EXE] C:WINDOWSMFCFN.EXE
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM..RunServices: [*StateMgr] C:WINDOWSSystemRestoreStateMgr.exe
O4 - HKLM..RunServices: [ccEvtMgr] "C:ProgrammiFile comuniSymantec SharedccEvtMgr.exe"
O4 - HKLM..RunServices: [ScriptBlocking] "C:ProgrammiFile comuniSymantec SharedScript BlockingSBServ.exe" -reg
O4 - HKLM..RunServices: [Machine Debug Manager] C:WINDOWSSYSTEMMDM.EXE
O4 - HKLM..RunServices: [IEEN.EXE] C:WINDOWSIEEN.EXE
O4 - HKLM..RunServices: [APPJP.EXE] C:WINDOWSAPPJP.EXE
O4 - HKLM..RunServices: [MFCFI.EXE] C:WINDOWSMFCFI.EXE
O4 - HKLM..RunServices: [NTLT.EXE] C:WINDOWSSYSTEMNTLT.EXE
O4 - HKLM..RunServices: [ADDSN.EXE] C:WINDOWSSYSTEMADDSN.EXE
O4 - HKLM..RunServices: [JAVADB.EXE] C:WINDOWSSYSTEMJAVADB.EXE
O4 - HKLM..RunServices: [ADDWI32.EXE] C:WINDOWSSYSTEMADDWI32.EXE
O4 - HKLM..RunServices: [SDKZS.EXE] C:WINDOWSSYSTEMSDKZS.EXE
O4 - HKLM..RunServices: [APPEQ.EXE] C:WINDOWSSYSTEMAPPEQ.EXE
O4 - HKLM..RunServices: [NTTD32.EXE] C:WINDOWSSYSTEMNTTD32.EXE
O4 - HKCU..Run: [ALUAlert] C:ProgrammiSymantecLiveUpdateALUNotify.exe
O4 - Startup: WinZip Quick Pick.lnk = C:ProgrammiWinZipWZQKPICK.EXE
O4 - Startup: Microsoft Office.lnk = C:ProgrammiMicrosoft OfficeOfficeOSA9.EXE
O8 - Extra context menu item: &Download with &DAP - C:PROGRA~1DAPdapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:PROGRA~1DAPdapextie2.htm
O8 - Extra context menu item: &Google Search - res://C:PROGRAMMIGOOGLEGOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:PROGRAMMIGOOGLEGOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:PROGRAMMIGOOGLEGOOGLETOOLBAR1.D ... milar.html
O8 - Extra context menu item: Backward &Links - res://C:PROGRAMMIGOOGLEGOOGLETOOLBAR1.D ... links.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSweb elated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSweb elated.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:PROGRA~1MESSEN~1MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:PROGRA~1MESSEN~1MSMSGS.EXE
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:PROGRA~1DAPDAP.EXE
O12 - Plugin for .pdf: C:PROGRA~1INTERN~1PLUGINS
ppdf32.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/19fd9f6f520 ... 601_it.cab
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:WINDOWSMSOPT.DLL
O21 - SSODL: AUHook - {BCBCD383-3E06-11D3-91A9-00C04F68105C} - C:WINDOWSSYSTEMAUHOOK.DLL