eccotelo...
codice:
--- Search result list ---
--- Spybot - Search && Destroy version: 1.3 ---
2004-05-12 Includes\Cookies.sbi
2004-05-12 Includes\Dialer.sbi
2004-05-12 Includes\Hijackers.sbi
2004-05-12 Includes\Keyloggers.sbi
2004-05-12 Includes\LSP.sbi
2004-05-12 Includes\Malware.sbi
2004-05-12 Includes\Revision.sbi
2004-05-12 Includes\Security.sbi
2004-05-12 Includes\Spybots.sbi
2004-05-12 Includes\Tracks.uti
2004-05-12 Includes\Trojans.sbi
--- System information ---
Windows XP (Build: 2600)
/ DataAccess: Microsoft Data Access Components KB870669
/ Windows XP / SP1: Windows XP Hotfix - KB823980
/ Windows XP / SP1 / Q307869: Windows XP Hotfix (SP1) [See Q307869 for more information]
/ Windows XP / SP1 / Q308210: Windows XP Hotfix (SP1) [See Q308210 for more information]
/ Windows XP / SP1: Windows XP Hotfix (SP1) [See Q311542 for more information]
/ Windows XP / SP1: Windows XP Hotfix (SP1) [See Q312370 for more information]
/ Windows XP / SP1: Windows XP Hotfix (SP1) [See Q320174 for more information]
/ Windows XP / SP2: Aggiornamento rapido per Windows XP - KB835732
--- Startup entries list ---
Located: HK_LM:Run, AHQInit
command: C:\Programmi\Creative\SBLive\Program\AHQInit.exe
file: C:\Programmi\Creative\SBLive\Program\AHQInit.exe
size: 102400
MD5: a92a1e030d09d52ea0eb11bde231a34e
Located: HK_LM:Run, ccApp
command: "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
file: C:\Programmi\File comuni\Symantec Shared\ccApp.exe
size: 54296
MD5: ace91f1db4e08fa62c758adf2390c07e
Located: HK_LM:Run, ccRegVfy
command: "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe"
file: C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe
size: 58392
MD5: 8ab27947c7c2b3388f15ce7c3d595050
Located: HK_LM:Run, DU Meter
command: C:\DU Meter\DUMeter.exe
file: C:\DU Meter\DUMeter.exe
size: 1297920
MD5: c1768b8cc9057cc9ab9fb889bc143b8f
Located: HK_LM:Run, HPDJ Taskbar Utility
command: C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
file: C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
size: 188416
MD5: 2cec0358aeaf3d34e7faee85ed55e9eb
Located: HK_LM:Run, InCD
command: C:\Programmi\Ahead\InCD\InCD.exe
file: C:\Programmi\Ahead\InCD\InCD.exe
size: 1101824
MD5: 10123e660a81f92c7827d2474299f20a
Located: HK_LM:Run, LWBMOUSE
command: C:\Programmi\Tech\Wheel Mouse\5.2\MOUSE32A.EXE
file: C:\Programmi\Tech\Wheel Mouse\5.2\MOUSE32A.EXE
size: 357376
MD5: 13be264551e9ae48906c16fbe870edb3
Located: HK_LM:Run, MessengerPlus3
command: "C:\Programmi\Messenger Plus! 3\MsgPlus.exe"
file: C:\Programmi\Messenger Plus! 3\MsgPlus.exe
size: 163840
MD5: f0b53e5530de449de5f650ce5907fe89
Located: HK_LM:Run, NeroCheck
command: C:\WINDOWS\system32\NeroCheck.exe
file: C:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 31744
MD5: cc334a046437eaba500e4fb2b5f2dc4a
Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 31744
MD5: cc334a046437eaba500e4fb2b5f2dc4a
Located: HK_LM:Run, TkBellExe
command: C:\Programmi\File comuni\Real\Update_OB\evntsvc.exe -osboot
Located: HK_LM:Run, UpdReg
command: C:\WINDOWS\Updreg.exe
file: C:\WINDOWS\Updreg.exe
size: 90112
MD5: c419df63e0121d72411285780c2fc6cc
Located: HK_CU:Run, CTFMON.EXE
command: C:\WINDOWS\System32\ctfmon.exe
file: C:\WINDOWS\System32\ctfmon.exe
size: 13312
MD5: 9e907ffd27e55a7c8b85843ed22767a7
Located: HK_CU:Run, MessengerPlus3
command: "C:\Programmi\Messenger Plus! 3\MsgPlus.exe" /WinStart
file: C:\Programmi\Messenger Plus! 3\MsgPlus.exe
size: 163840
MD5: f0b53e5530de449de5f650ce5907fe89
Located: HK_CU:Run, msnmsgr
command: "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
file: C:\Programmi\MSN Messenger\msnmsgr.exe
size: 4882432
MD5: f914c780dc4a3eb6eec812f0dddc0e3a
Located: HK_CU:Run, SpySweeper
command: "C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe" /0
file: C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe
size: 3209728
MD5: 80dc5c8345a282edf5165b793eeafd93
Located: Esecuzione automatica (comune), Adobe Gamma Loader.lnk
command: C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
file: C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
size: 113664
MD5: c2ff17734176cd15221c10044ef0ba1a
--- Browser helper object list ---
{00C6482D-C502-44C8-8409-FCE54AD9C208} (HelperObject Class)
BHO name:
CLSID name: HelperObject Class
description: SnagIt
classification: Legitimate
known filename: SnagItBHO.dll
info link: http://www.techsmith.com/products/snagit/default.asp
info source: TonyKlein
Path: C:\Programmi\TechSmith\SnagIt 7\
Long name: SnagItBHO.dll
Short name: SNAGIT~3.DLL
Date (created): 30/05/2004 14:35:48
Date (last access): 01/09/2004 13:28:40
Date (last write): 26/01/2004 7:03:00
Filesize: 49152
Attributes: archive
MD5: 976B90AA69BB1C5015F6412D7D0BFA2B
CRC32: C8A5D218
Version: 0.1.0.0
{0494D0D1-F8E0-41ad-92A3-14154ECE70AC} (myBar BHO)
BHO name: myBar BHO
CLSID name: myBar BHO
description: MyWay.MyBar
classification: Confirmed as malware
known filename: Mybar.dll
info link: http://bfc.myway.com/soft/promo/id/myspeedbar.html
info source: TonyKlein
Path: C:\Programmi\MyWay\myBar\1.bin\
Long name: MYBAR.DLL
Short name:
Date (created): 30/05/2004 16:12:18
Date (last access): 01/09/2004 13:28:40
Date (last write): 30/05/2004 16:12:18
Filesize: 221184
Attributes: archive
MD5: DF2E72893275F6F2E3C9AD855EF14914
CRC32: 114D158A
Version: 0.1.0.0
{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDHelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 12/05/2004 1:03:00
Date (last access): 01/09/2004 13:20:38
Date (last write): 12/05/2004 1:03:00
Filesize: 744960
Attributes: archive
MD5: ABF5BA518C6A5ED104496FF42D19AD88
CRC32: 5587736E
Version: 0.1.0.3
{BDF3E430-B101-42AD-A544-FADC6B084872} (NAV Helper)
BHO name: NAV Helper
CLSID name: CNavExtBho Class
description: Norton Antivirus
classification: Legitimate
known filename: NavShExt.dll
info link: http://www.symantec.com/nav/nav_9xnt/
info source: TonyKlein
Path: C:\Programmi\Norton AntiVirus\
Long name: NAVSHEXT.DLL
Short name:
Date (created): 30/05/2004 13:17:42
Date (last access): 01/09/2004 13:28:40
Date (last write): 15/11/2002 0:09:06
Filesize: 112248
Attributes: archive
MD5: 988409CE6ED638AAFDBECFB6EC863F4F
CRC32: 04DD2C8F
Version: 0.9.0.5
--- ActiveX list ---
{4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class)
DPF name:
CLSID name: EPUImageControl Class
Path: C:\WINDOWS\Downloaded Program Files\
Long name: EPUWALcontrol.dll
Short name: EPUWAL~1.DLL
Date (created): 13/08/2004 18:10:50
Date (last access): 01/09/2004 12:11:46
Date (last write): 13/08/2004 18:10:50
Filesize: 894544
Attributes: archive
MD5: 540A29546F451463084FB90486271620
CRC32: 8A4BE0F3
Version: 0.1.0.0
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.1_02)
DPF name: Java Runtime Environment 1.4.1_02
CLSID name: Java Plug-in 1.4.1_02
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Programmi\Java\j2re1.4.1_02\bin\
Long name: NPJPI141_02.dll
Short name: NPJPI1~1.DLL
Date (created): 30/05/2004 14:14:42
Date (last access): 31/08/2004 15:51:50
Date (last write): 20/02/2003 16:42:34
Filesize: 61553
Attributes: archive
MD5: E4EFF4ADF1367AA79815A9061E64C0D9
CRC32: A0446F8E
Version: 0.1.0.4
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Path: C:\WINDOWS\Downloaded Program Files\CONFLICT.1\
Long name: messengerstatsclient.dll
Short name: MESSEN~1.DLL
Date (created): 29/05/2003 15:00:20
Date (last access): 14/06/2004 0:24:58
Date (last write): 29/05/2003 15:00:20
Filesize: 160864
Attributes: archive
MD5: B069B555A00AA026F657AA4FD13AE154
CRC32: 89BB01E1
Version: 0.7.0.1
{9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class)
DPF name:
CLSID name: Update Class
description: Windows Update
classification: Legitimate
known filename: %WINDIR%\System32\iuctl.dll,iuengine.dll
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\System32\
Long name: iuctl.dll
Short name:
Date (created): 25/08/2003 18:06:50
Date (last access): 03/08/2004 14:25:42
Date (last write): 25/08/2003 18:06:50
Filesize: 115808
Attributes: archive
MD5: 8757E24D6B002FD7E9EF3A6DF697BA57
CRC32: C4F85003
Version: 0.5.0.4
{AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class)
DPF name:
CLSID name: HeartbeatCtl Class
Path: C:\WINDOWS\DOWNLO~1\CONFLICT.1\
Long name: hrtbeat.ocx
Short name:
Date (created): 18/09/2001 18:37:48
Date (last access): 27/06/2004 14:44:48
Date (last write): 18/09/2001 18:37:48
Filesize: 101451
Attributes: archive
MD5: 06DDD56BB43CB6FDA26C9D65396EDA78
CRC32: 8BFE3040
Version: 0.6.0.2
{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02)
DPF name: Java Runtime Environment 1.4.1_02
CLSID name: Java Plug-in 1.4.1_02
Path: C:\Programmi\Java\j2re1.4.1_02\bin\
Long name: NPJPI141_02.dll
Short name: NPJPI1~1.DLL
Date (created): 30/05/2004 14:14:42
Date (last access): 01/09/2004 13:35:14
Date (last write): 20/02/2003 16:42:34
Filesize: 61553
Attributes: archive
MD5: E4EFF4ADF1367AA79815A9061E64C0D9
CRC32: A0446F8E
Version: 0.1.0.4