Logfile of HijackThis v1.99.1
Scan saved at 22.27.29, on 31/05/05
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\SMSSU.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Tmntsrv32.EXE
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Programmi\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\Programmi\ahead\InCD\InCD.exe
C:\Programmi\Real\RealPlayer\RealPlay.exe
C:\Programmi\File comuni\Nokia\Tools\NclTray.exe
C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
E:\Programmi\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Twxkxt\Vrzcf.exe
C:\WINDOWS\System32\Linksts.exe
C:\Programmi\Adorons\Adorons Firewall\AdoronsFirewall.exe
C:\Programmi\Messenger\msmsgs.exe
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
E:\Programmi\Spyware Doctor\swdoctor.exe
C:\WINDOWS\System32\SMSSU.EXE
C:\WINDOWS\System32\Tmntsrv32.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\Microsoft Office\Office\OSA.EXE
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\Programmi\Nokia\PC Suite for Nokia 6600\connmngmntbox.exe
C:\Programmi\Nokia\PC Suite for Nokia 6600\ectaskscheduler.exe
C:\Programmi\Microsoft Office\Office\FINDFAST.EXE
C:\Programmi\WorkgroupMail\WMSvc.exe
C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe
C:\Programmi\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe
C:\PROGRA~1\WIDCOMM\SOFTWA~1\BTSTAC~1.EXE
C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE
C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe
C:\WINDOWS\System32\wuauclt.exe
E:\Programmi\Spybot - Search & Destroy\SpybotSD.exe
G:\ultimi\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://default.homeR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://default.homeR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
www.virgilio.itR0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
www.virgilio.itO2 - BHO: XMLDP Class - {60371670-81B9-4d06-9C42-4DEC1AABE62B} - C:\WINDOWS\xmllib.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Programmi\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programmi\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TrustInstaller] F:\Setup.exe
O4 - HKLM\..\Run: [RealTray] C:\Programmi\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Programmi\File comuni\Nokia\Tools\NclTray.exe
O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINDOWS\system32\defragfat32pi.exe
O4 - HKLM\..\Run: [Norton Personal Firewall] npmsys.exe
O4 - HKLM\..\Run: [Windows Media Player 3.6b] wmpa36b.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] C:\Programmi\File comuni\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Programmi\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Wgnxtc] C:\Program Files\Twxkxt\Vrzcf.exe
O4 - HKLM\..\Run: [ISDN Monitor] Linksts.exe W 1024
O4 - HKLM\..\Run: [Adorons Firewall] C:\Programmi\Adorons\Adorons Firewall\AdoronsFirewall.exe
O4 - HKLM\..\Run: [XFILTER] C:\Programmi\Adorons\Adorons Firewall\ESPfSdk.dll
O4 - HKLM\..\RunServices: [Norton Personal Firewall] npmsys.exe
O4 - HKLM\..\RunServices: [Windows Media Player 3.6b] wmpa36b.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Norton Personal Firewall] npmsys.exe
O4 - Global Startup: Avvio Office.lnk = C:\Programmi\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: PCSuiteperNokia6600 Detect.lnk = ?
O4 - Global Startup: PCSuiteperNokia6600 TS.lnk = ?
O4 - Global Startup: Ricerca rapida.lnk = C:\Programmi\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Start WorkgroupMail.lnk = C:\Programmi\WorkgroupMail\WMSvc.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\espfspi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\espfspi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\espfspi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\espfspi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\espfspi.dll
O15 - Trusted Zone: *.adorons.com
O16 - DPF: {1F831FA9-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://E:\Programmi\AutoCAD LT 2002 Ita\InstFred.ocx
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cabO16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Controllo AcDc oggi) - file://E:\Programmi\AutoCAD LT 2002 Ita\AcDcToday.ocx
O16 - DPF: {ADC3EA10-8A28-41A9-96B4-534ADFC3CA0A} (Configuratore Auto Control) -
http://www.sava.it/configuratore/configuratoreauto.cabO16 - DPF: {AE563729-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://E:\Programmi\AutoCAD LT 2002 Ita\InstBanr.ocx
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Controllo AcPreview) - file://E:\Programmi\AutoCAD LT 2002 Ita\AcPreview.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{4BE8617C-CEAF-4AEA-906F-15B9E81821C8}: NameServer = 213.205.32.70 213.205.36.70
O17 - HKLM\System\CCS\Services\Tcpip\..\{744408D3-39B9-4AE5-B6D6-41EAF8FA88CA}: NameServer = 192.168.0.200
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll
O23 - Service: Apache Tomcat 4.1 - Alexandria Software Consulting - C:\Programmi\Apache Group\Tomcat 4.1\bin\tomcat.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\Programmi\MATLAB6p1\webserver\bin\win32\matlabserver.exe
O23 - Service: MySql - Unknown owner - E:/Database/mysql/bin/mysqld-nt.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe