Logfile of HijackThis v1.99.1
Scan saved at 12:41:45, on 02/06/07
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\INETSRV\INETINFO.EXE
C:\PROGRAMMI\KERIO\PERSONAL FIREWALL 4\KPF4SS.EXE
C:\WINDOWS\SYSTEM\MSDTCW.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAMMI\KERIO\PERSONAL FIREWALL 4\KPF4GUI.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\PWSTRAY.EXE
C:\PROGRAMMI\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAMMI\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMMI\MOZILLA FIREFOX\FIREFOX.EXE
C:\PROGRAMMI\GRISOFT\AVG FREE\AVGWB.DAT
C:\ARCHIVI\UTILITY\HIJACKTHIS.EXE
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 5.0\ACROBAT\ACTIVEX\ACROIEHELPER.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [PWSTray] PwsTray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [MSDTC] msdtcw -start
O4 - HKLM\..\RunServices: [inetinfo.exe] C:\WINDOWS\SYSTEM\inetsrv\inetinfo.exe -e w3svc
O4 - HKLM\..\RunServices: [KPF4] C:\Programmi\Kerio\Personal Firewall 4\kpf4ss.exe
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 212.216.112.112,212.216.172.62
E siccome mi è successo anche sulla macchina su cui ho installato XP (Effettuerò l'aggiornamento di kerio ora) sarei curioso di conoscere qualcosa di più del lavoro di questi simpaticoni che non hanno di megli da fare che rompere i marroni al prossimo.
