Salve a tutti!
Sono nuovo qui e purtroppo è da poco che conosco anche questo sito che mi sembra che sia veramente ben fatto. Io ho diversi anni passati sul pc anche se non mi considero un esperto visto che c'è sempre molto da imparare...soprattutto da quando sono venuto a conoscenza di questo forum!!!!
Sono qua per sottoporvi il mio problema che sembra non avere fine...
Mentre navigo si aprono delle finestre popup (o di casino o di programmi per sistemare errori nel pc o di donnine nude) e non riesco ad eliminarle... Credo di aver usato tutto l'utilizzabile, io ho norton come base, ho fatto scansioni con ADware,search&destroy,Bazooka, Spywareblaster,microsoft antispyware,ewido (seguendo le istruzioni descritte negli altri vari post)... non so piu che fare... io provo a postarvi anche il log di hija... ah, un altra cosa... a volte mi si avvia il pc senza protezione antivirus Norton e non me la fa attivare... se potete darmi una mano ve ne sarei molto grato...
Un saluto a tutti
Filippo
Your used version of a-squared HiJackFree: 1.20
The current version of a-squared HiJackFree: 1.20
Your used operating system version: Windows XP Service Pack 2
The current version of your operating system: Windows XP Service Pack 2
Registry Autoruns: Result ToDo
Name: ATIPTA
Path: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 4 - Bad: 0
View Details
Name: ATICCC
Path: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe runtime
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: CTSysVol
Path: C:\Programmi\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: CTDVDDET
Path: C:\Programmi\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 0
View Details
Name: UpdReg
Path: C:\WINDOWS\UpdReg.EXE
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: iamapp
Path: C:\Programmi\Norton Internet Security\IAMAPP.EXE
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: NAV Agent
Path: C:\PROGRA~1\NORTON~1\navapw32.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 3 - Bad: 4
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: Symantec NetDriver Monitor
Path: C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 0
View Details
Name: SunJavaUpdateSched
Path: C:\Programmi\Java\jre1.5.0_01\bin\jusched.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: BluetoothAuthenticationAgent
Path: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 14
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: SBDrvDet
Path: C:\Programmi\Creative\SB Drive Det\SBDrvDet.exe /r
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 0
View Details
Name: QuickTime Task
Path: C:\Programmi\QuickTime\qttask.exe -atboottime
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 3 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: Diagnostica SpeedTouch USB
Path: C:\Programmi\Alcatel\SpeedTouch USB\Dragdiag.exe /icon
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: WinampAgent
Path: C:\Programmi\Winamp\winampa.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 8
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: HydraVisionDesktopManager
Path: C:\Programmi\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: Draw Info Idle Bleh
Path: C:\Documents and Settings\All Users\Dati applicazioni\joy16drawinfo\Junk Loud.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 0 - Bad: 0
Unknown Item
Search at Google
Name: TkBellExe
Path: C:\Programmi\File comuni\Real\Update_OB\realsched.exe -osboot
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 5 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: gcasServ
Path: C:\Programmi\Microsoft AntiSpyware\gcasServ.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: MessengerPlus3
Path: C:\Programmi\MessengerPlus! 3\MsgPlus.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 3 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: CTFMON.EXE
Path: C:\WINDOWS\system32\ctfmon.exe
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: RemoteCenter
Path: C:\Programmi\Creative\MediaSource\RemoteControl\RcMan.exe
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: BIAS README
Path: C:\DOCUME~1\gnutti\DATIAP~1\CLOCKD~1\internet else manager.exe
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 0 - Bad: 0
Unknown Item
Search at Google
Name: TuneUp MemOptimizer
Path: C:\Programmi\TuneUp Utilities 2004\MemOptimizer.exe autostart
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: MessengerPlus3
Path: C:\Programmi\MessengerPlus! 3\MsgPlus.exe /WinStart
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 3 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: msnmsgr
Path: C:\Programmi\MSN Messenger\msnmsgr.exe /background
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 6
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Tricky and Other Autoruns: Result ToDo
Name: load
Path:
Location: win.ini
Not checked Unknown Item
Search at Google
Name: run
Path:
Location: win.ini
Not checked Unknown Item
Search at Google
Name: shell
Path: Explorer.exe
Location: win.ini
Not checked Unknown Item
Search at Google
Name: scrnsave.exe
Path:
Location: win.ini
Not checked Unknown Item
Search at Google
Name: nul
Path: C:\DOCUME~1\gnutti\IMPOST~1\Temp\~ef7194.tmp
Location: win.ini
Not checked Unknown Item
Search at Google
Name: nul
Path: C:\DOCUME~1\gnutti\IMPOST~1\Temp\~ef7194.tmp
Location: win.ini
Not checked Unknown Item
Search at Google
Name: nul
Path: C:\DOCUME~1\gnutti\IMPOST~1\Temp\~ef7194.tmp
Location: win.ini
Not checked Unknown Item
Search at Google
Name: Adobe Gamma
Path:
Location: C:\Documents and Settings\gnutti\Menu Avvio\Programmi\Esecuzione automatica\
Not checked Unknown Item
Search at Google
Name: ATI CATALYST System Tray
Path:
Location: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Not checked Unknown Item
Search at Google
Name: Avvio veloce di Adobe Reader
Path:
Location: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Not checked Unknown Item
Search at Google
Name: BTTray
Path:
Location: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Not checked Unknown Item
Search at Google
Name: 1-Click Maintenance
Path:
Location: C:\WINDOWS\tasks\
Not checked Unknown Item
Search at Google
Name: Norton AntiVirus - Scansione del computer
Path:
Location: C:\WINDOWS\tasks\
Not checked Unknown Item
Search at Google
Name: Symantec NetDetect
Path:
Location: C:\WINDOWS\tasks\
Not checked Unknown Item
Search at Google
Name: CTFMON.EXE
Path: C:\WINDOWS\system32\CTFMON.EXE
Location: HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run\
Not checked Unknown Item
Search at Google
Name: ATICCC
Path: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe runtime
Location: HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run\
Not checked Unknown Item
Search at Google
Name: Shell
Path: Explorer.exe
Location: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\
Not checked Unknown Item
Search at Google
Name: {22d6f312-b0f6-11d0-94ab-0080c74c7e95}
Path: C:\WINDOWS\inf\unregmp2.exe /ShowWMP
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {26923b43-4d38-484f-9b9e-de460746276c}
Path: C:\WINDOWS\system32\system32\shmgrate.exe OCInstallUserConfigIE
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {881dd1c5-3dcf-431b-b061-f3f88e8be88a}
Path: C:\WINDOWS\system32\system32\shmgrate.exe OCInstallUserConfigOE
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {2C7339CF-2B09-4501-B3F3-F3508C9228ED}
Path: C:\WINDOWS\system32\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\system32\themeui.dll
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
Path: C:\Programmi\Outlook Express\setup50.exe /APP:OE /CALLER:WINNT /user /install
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {44BBA842-CC51-11CF-AAFA-00AA00B6015B}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {5945c046-1e7d-11d1-bc44-00c04fd912be}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {6BF52A52-394A-11d3-B153-00C04F79FAA6}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {7790769C-0471-11d2-AF11-00C04FA35D02}
Path: C:\Programmi\Outlook Express\setup50.exe /APP:WAB /CALLER:WINNT /user /install
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {89820200-ECBD-11cf-8B85-00AA005B4340}
Path: regsvr32.exe /s /n /i:U shell32.dll
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {89820200-ECBD-11cf-8B85-00AA005B4383}
Path: C:\WINDOWS\system32\system32\ie4uinit.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {89B4C1CD-B018-4511-B0A1-5476DBF70820}
Path: C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: File di script VBScript
Path: C:\WINDOWS\system32\System32\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\vbsfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: File di script codificato in VBScript
Path: C:\WINDOWS\system32\System32\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\vbefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: File di script JScript
Path: C:\WINDOWS\system32\System32\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\jsfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: File di script codificato in JScript
Path: C:\WINDOWS\system32\System32\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\jsefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: File di impostazioni di Windows Script Host
Path: C:\WINDOWS\system32\System32\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\wshfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: File di script Windows
Path: C:\WINDOWS\system32\System32\WScript.exe %1 %*
Location: HKEY_CLASSES_ROOT\wsffile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Applicazione
Path: %1 %*
Location: HKEY_CLASSES_ROOT\exefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Applicazione per MS-DOS
Path: %1 %*
Location: HKEY_CLASSES_ROOT\comfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: File batch MS-DOS
Path: %1 %*
Location: HKEY_CLASSES_ROOT\batfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Screen saver
Path: %1 /S
Location: HKEY_CLASSES_ROOT\scrfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Collegamento ad un programma per MS-DOS
Path: %1 %*
Location: HKEY_CLASSES_ROOT\piffile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: BootExecute
Path: autocheck autochk *
Location: HKLM\System\CurrentControlSet\Control\Session Manager\
Not checked Unknown Item
Search at Google
Name: PostBootReminder
Path: C:\WINDOWS\system32\system32\SHELL32.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Name: CDBurn
Path: C:\WINDOWS\system32\system32\SHELL32.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Name: WebCheck
Path: C:\WINDOWS\system32\System32\webcheck.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Name: SysTray
Path: C:\WINDOWS\system32\stobject.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Layered Service Providers (LSP): Result ToDo
Name: mswsock.dll
Path: C:\WINDOWS\system32\system32\
Location: HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\
Good: 1 - Bad: 0
View Details
Name: rsvpsp.dll
Path: C:\WINDOWS\system32\system32\
Location: HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\
Good: 1 - Bad: 0
View Details
Explorer And Browser Addons: Result ToDo
Name: AcroIEHlprObj Class
Path: C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
ClsID: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
Good: 1 - Bad: 0
View Details
Name:
Path: C:\Programmi\Spybot - Search Destroy\SDHelper.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
ClsID: {53707962-6F74-2D53-2644-206D7942484F}
Good: 1 - Bad: 0
View Details
Name:
Path:
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
ClsID: {5CD448F4-8A09-F1EA-05E6-2FF6D406980F}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Name: CNavExtBho Class
Path: C:\Programmi\Norton AntiVirus\NavShExt.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
ClsID: {BDF3E430-B101-42AD-A544-FADC6B084872}
Good: 1 - Bad: 0
View Details
Name: Hook per lesecuzione degli URL
Path: shell32.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
ClsID: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Name: Microsoft.AntiSpyware.ShellExecuteHook.1
Path: C:\Programmi\Microsoft AntiSpyware\shellextension.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
ClsID: {9EF34FF2-3396-4527-9D27-04C8C1C67806}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Name: CShellExecuteHookImpl Object
Path: C:\Programmi\ewido anti-malware\shellhook.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
ClsID: {54D9498B-CF93-414F-8984-8CE7FDE0D391}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Name: Norton AntiVirus
Path: C:\Programmi\Norton AntiVirus\NavShExt.dll
Location: HKLM\Software\Microsoft\Internet Explorer\Toolbar\
ClsID: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}
Good: 1 - Bad: 0
View Details
Local Open Ports: Result ToDo
Port: 135 TCP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1012)
Good: 1 - Bad: 0
View Details
Port: 139 TCP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1108)
Good: 1 - Bad: 0
View Details
Port: 445 TCP
Path: ? (Process ID: 4)
Good: 1 - Bad: 0
View Details
Port: 1025 TCP
Path: C:\Programmi\Norton AntiVirus\navapw32.exe (Process ID: 320)
Good: 1 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Port: 1035 TCP
Path: C:\Programmi\Norton Internet Security\SymProxySvc.exe (Process ID: 2292)
Good: 1 - Bad: 0
View Details
Port: 1035 TCP
Path: C:\Programmi\Norton Internet Security\SymProxySvc.exe (Process ID: 2292)
Good: 1 - Bad: 0
View Details
Port: 1041 TCP
Path: C:\WINDOWS\system32\alg.exe (Process ID: 2864)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 1097 TCP
Path: C:\Programmi\MSN Messenger\msnmsgr.exe (Process ID: 2184)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Port: 1098 TCP
Path: C:\Programmi\Norton Internet Security\SymProxySvc.exe (Process ID: 2292)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Port: 1117 TCP
Path: C:\Programmi\MSN Messenger\msnmsgr.exe (Process ID: 2184)
Good: 1 - Bad: 0
View Details
Port: 1124 TCP
Path: C:\Programmi\MSN Messenger\msnmsgr.exe (Process ID: 2184)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 1200 TCP
Path: ? (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 1203 TCP
Path: ? (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 9 UDP
Path: C:\Programmi\MSN Messenger\msnmsgr.exe (Process ID: 2184)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 123 UDP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1108)
Good: 1 - Bad: 0
View Details
Port: 123 UDP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1108)
Good: 1 - Bad: 0
View Details
Port: 137 UDP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1108)
Good: 1 - Bad: 0
View Details
Port: 138 UDP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1108)
Good: 1 - Bad: 0
View Details
Port: 445 UDP
Path: ? (Process ID: 4)
Good: 1 - Bad: 0
View Details
Port: 500 UDP
Path: C:\WINDOWS\system32\lsass.exe (Process ID: 776)
Good: 1 - Bad: 0
View Details
Port: 1094 UDP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1220)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 1100 UDP
Path: C:\Programmi\MSN Messenger\msnmsgr.exe (Process ID: 2184)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 1101 UDP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1220)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 1121 UDP
Path: C:\Programmi\Internet Explorer\iexplore.exe (Process ID: 1172)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 4500 UDP
Path: C:\WINDOWS\system32\lsass.exe (Process ID: 776)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Running Processes: Result ToDo
Name: [System Process]
Process ID: 0
Path:
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: System
Process ID: 4
Path:
Info: Threads: 65 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: ewidoctrl.exe
Process ID: 148
Path: C:\Programmi\ewido anti-malware\
Info: Threads: 5 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: ewidoguard.exe
Process ID: 184
Path: C:\Programmi\ewido anti-malware\
Info: Threads: 9 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: CTSysVol.exe
Process ID: 248
Path: C:\Programmi\Creative\SBAudigy2ZS\Surround Mixer\
Info: Threads: 2 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: CTDVDDet.EXE
Process ID: 256
Path: C:\Programmi\Creative\SBAudigy2ZS\DVDAudio\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: IAMAPP.EXE
Process ID: 284
Path: C:\Programmi\Norton Internet Security\
Info: Threads: 7 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: navapw32.exe
Process ID: 320
Path: C:\Programmi\Norton AntiVirus\
Info: Threads: 10 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: jusched.exe
Process ID: 340
Path: C:\Programmi\Java\jre1.5.0_01\bin\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: rundll32.exe
Process ID: 344
Path: C:\WINDOWS\system32\
Info: Threads: 4 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: qttask.exe
Process ID: 484
Path: C:\Programmi\QuickTime\
Info: Threads: 2 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: realsched.exe
Process ID: 488
Path: C:\Programmi\File comuni\Real\Update_OB\
Info: Threads: 4 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: Dragdiag.exe
Process ID: 496
Path: C:\Programmi\Alcatel\SpeedTouch USB\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: winampa.exe
Process ID: 512
Path: C:\Programmi\Winamp\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: HydraDM.exe
Process ID: 520
Path: C:\Programmi\ATI Technologies\ATI HYDRAVISION\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: gcasServ.exe
Process ID: 576
Path: C:\Programmi\Microsoft AntiSpyware\
Info: Threads: 5 - Priority: Low - Visible: No
Good: 1 - Bad: 0
View Details
Name: smss.exe
Process ID: 616
Path: C:\WINDOWS\system32\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: navapsvc.exe
Process ID: 632
Path: C:\Programmi\Norton AntiVirus\
Info: Threads: 10 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: MsgPlus.exe
Process ID: 684
Path: C:\Programmi\MessengerPlus! 3\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: csrss.exe
Process ID: 696
Path: C:\WINDOWS\system32\
Info: Threads: 11 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: winlogon.exe
Process ID: 720
Path: C:\WINDOWS\system32\
Info: Threads: 25 - Priority: High - Visible: No
Good: 1 - Bad: 0
View Details
Name: services.exe
Process ID: 764
Path: C:\WINDOWS\system32\
Info: Threads: 16 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: lsass.exe
Process ID: 776
Path: C:\WINDOWS\system32\
Info: Threads: 19 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: NISUM.EXE
Process ID: 828
Path: C:\Programmi\Norton Internet Security\
Info: Threads: 5 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: Ati2evxx.exe
Process ID: 940
Path: C:\WINDOWS\system32\
Info: Threads: 4 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: svchost.exe
Process ID: 956
Path: C:\WINDOWS\system32\
Info: Threads: 15 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: svchost.exe
Process ID: 1012
Path: C:\WINDOWS\system32\
Info: Threads: 11 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: WinStylerThemeSvc.exe
Process ID: 1024
Path: C:\Programmi\TuneUp Utilities 2004\
Info: Threads: 4 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: svchost.exe
Process ID: 1108
Path: C:\WINDOWS\system32\
Info: Threads: 71 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: ctfmon.exe
Process ID: 1164
Path: C:\WINDOWS\system32\
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: iexplore.exe
Process ID: 1172
Path: C:\Programmi\Internet Explorer\
Info: Threads: 11 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: RcMan.exe
Process ID: 1192
Path: C:\Programmi\Creative\MediaSource\RemoteControl\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: svchost.exe
Process ID: 1220
Path: C:\WINDOWS\system32\
Info: Threads: 6 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: iexplore.exe
Process ID: 1228
Path: C:\Programmi\Internet Explorer\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: svchost.exe
Process ID: 1244
Path: C:\WINDOWS\system32\
Info: Threads: 8 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: svchost.exe
Process ID: 1280
Path: C:\WINDOWS\system32\
Info: Threads: 6 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: MemOptimizer.exe
Process ID: 1304
Path: C:\Programmi\TuneUp Utilities 2004\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: spoolsv.exe
Process ID: 1396
Path: C:\WINDOWS\system32\
Info: Threads: 12 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: BTTray.exe
Process ID: 1564
Path: C:\Programmi\WIDCOMM\Software Bluetooth\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: gcasDtServ.exe
Process ID: 1676
Path: C:\Programmi\Microsoft AntiSpyware\
Info: Threads: 6 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: Ati2evxx.exe
Process ID: 1792
Path: C:\WINDOWS\system32\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: Explorer.EXE
Process ID: 1844
Path: C:\WINDOWS\
Info: Threads: 14 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: svchost.exe
Process ID: 1920
Path: C:\WINDOWS\system32\
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: btwdins.exe
Process ID: 1968
Path: C:\Programmi\WIDCOMM\Software Bluetooth\bin\
Info: Threads: 4 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: CDAC11BA.EXE
Process ID: 1984
Path: C:\WINDOWS\system32\drivers\
Info: Threads: 4 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: CTsvcCDA.exe
Process ID: 2012
Path: C:\WINDOWS\system32\
Info: Threads: 2 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: wdfmgr.exe
Process ID: 2068
Path: C:\WINDOWS\system32\
Info: Threads: 4 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: MsPMSPSv.exe
Process ID: 2112
Path: C:\WINDOWS\system32\
Info: Threads: 2 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: NISSERV.EXE
Process ID: 2172
Path: C:\Programmi\Norton Internet Security\
Info: Threads: 10 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: msnmsgr.exe
Process ID: 2184
Path: C:\Programmi\MSN Messenger\
Info: Threads: 12 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: SymProxySvc.exe
Process ID: 2292
Path: C:\Programmi\Norton Internet Security\
Info: Threads: 20 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: SymWSC.exe
Process ID: 2332
Path: C:\Programmi\File comuni\Symantec Shared\Security Center\
Info: Threads: 10 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: alg.exe
Process ID: 2864
Path: C:\WINDOWS\system32\
Info: Threads: 6 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: wmiprvse.exe
Process ID: 3768
Path: C:\WINDOWS\system32\wbem\
Info: Threads: 6 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Name: a2hijackfree.exe (a-squared HiJackFree)
Process ID: 3908
Path: C:\Documents and Settings\gnutti\Desktop\
Info: Threads: 2 - Priority: Normal - Visible: Yes
Good: 1 - Bad: 0
View Details
This analysis is saved and available for at least 7 days at this website address.
Analysis generated on 1/19/2006 1:48:02 PM