Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17.23.59, on 31/07/2007
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\a-squared Free\a2service.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Navnt\navapsvc.exe
C:\PROGRA~1\Navnt\npssvc.exe
C:\WINDOWS\system32\MSTask.exe
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\PROGRA~1\Navnt\alertsvc.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\Navnt\npscheck.exe
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\1185526082t7tOa.exe
C:\WINDOWS\System32\internat.exe
C:\Programmi\Navnt\navapw32.exe
C:\Programmi\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\WINDOWS\System32\MsiExec.exe
C:\Documents and Settings\Administrator\Desktop\Utility Roberto\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://search.tiscali.it/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://search.tiscali.it/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.tiscali.it/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\SYSTEM\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [NPS Event Checker] C:\PROGRA~1\Navnt\npscheck.exe
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46"
O4 - HKLM\..\Run: [zzzHPSETUP] D:\Setup.exe \RESET
O4 - HKLM\..\Run: [crtfmon] C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\1185526082t7tOa.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Programmi\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Autoprotezione Norton AntiVirus.lnk = C:\Programmi\Navnt\navapw32.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = C:\Programmi\Navnt\navapw32.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O12 - Plugin for .pdf&&DI=118&IG=5844115e63234ac48a5fe61c726d7be4&POS=9&CM=WPU&CE=9&CS=AWP&SR=9: C:\Programmi\Internet Explorer\PLUGINS\nppdf32.dll
O14 - IERESET.INF: START_PAGE_URL=http://it.msn.com
O14 - IERESET.INF: MS_START_PAGE_URL=http://it.msn.com
O16 - DPF: {2057E707-FA09-451B-972F-9CFBA9F2423C} (Tiscali702) -
http://www.tiscali.it/cabs/Tiscali702.cabO16 - DPF: {F5BC716E-2650-4B08-9235-C110CF95017F} (Connessione Tiscali) -
http://selfcare.tiscali.it/scripts/oneclick/ConnessioneTiscali.cabO23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programmi\a-squared Free\a2service.exe
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Avviso NAV (NAV Alert) - Symantec Corporation - C:\PROGRA~1\Navnt\alertsvc.exe
O23 - Service: Autoprotezione NAV (NAV Auto-Protect) - Symantec Corporation - C:\PROGRA~1\Navnt\navapsvc.exe
O23 - Service: Norton Program Scheduler - Symantec Corporation - C:\PROGRA~1\Navnt\npssvc.exe
O24 - Desktop Component 0: (no name) -
http://w3.uniroma1.it/step/nad/ned/Beng/beng_raddriz.jpeg--
End of file - 4047 bytes