Logfile of HijackThis v1.99.1
Scan saved at 20.06.22, on 26/06/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\PROGRAMMI\MESSENGERPLUS! 3\MSGPLUS.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
C:\PROGRAMMI\LEXMARK X1100 SERIES\LXBKBMGR.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAMMI\LEXMARK X1100 SERIES\LXBKBMON.EXE
C:\PROGRAMMI\TRUST\280KS KEYBOARD & WIRELESS OPTICAL MOUSE\KEYBOARD\IKEYMAIN.EXE
C:\PROGRAMMI\TRUST\280KS KEYBOARD & WIRELESS OPTICAL MOUSE\MOUSE\AMOUMAIN.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\PROGRAMMI\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAMMI\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAMMI\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAMMI\FREE SURFER\FS20.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\PROGRAMMI\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAMMI\WINZIP\WZQKPICK.EXE
C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAMMI\MOZILLA FIREFOX\FIREFOX.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAMMI\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.kemdmommsx.net/BtoDrhShPcUst_KaK5Yb1/ZmgYPPzkP_IjZ2rBRFOpAElGnijhFXWwlpL/6BCAUv.phpR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - TELE2Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: - {A4B47C20-1975-11D9-A6FF-00C0DFEF4351} - C:\WINDOWS\LBBHO.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: (no name) - {56A49276-A1A4-17BE-3C27-0716C2043277} - C:\WINDOWS\APPLICATION DATA\WAVEENCBORE\COOL EQ.EXE
O2 - BHO: CWebDirObj Object - {C003C49F-53E4-4A72-B7D6-0B2B9997392F} - C:\WINDOWS\WEBDIR.DLL
O2 - BHO: iMeshBar BHO - {5345A7A1-805A-4923-B505-86B2FEBA3FE0} - C:\PROGRAMMI\IMESHBAR\BAR\1.BIN\IMESHBAR.DLL (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll (file missing)
O3 - Toolbar: iMeshBar - {5345A7A9-805A-4923-B505-86B2FEBA3FE0} - C:\PROGRAMMI\IMESHBAR\BAR\1.BIN\IMESHBAR.DLL (file missing)
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [LexStart] lexstart.exe
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\TRUST\280KSK~1\KEYBOARD\IKEYMAIN.EXE
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\TRUST\280KSK~1\MOUSE\AMOUMAIN.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [Filetopia] C:\FILETOPIA3\FILETOPIA.EXE /TRAY
O4 - HKLM\..\Run: [ProPort StartUp] C:\WINDOWS\TEMP\PROPORT.exe /StartUp
O4 - HKLM\..\Run: [freesurfer] C:\PROGRAMMI\FREE SURFER\fs20.exe
O4 - HKLM\..\Run: [Soft logo media film] C:\WINDOWS\Application Data\SKIP COMP SOFT LOGO\Way acid.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Programmi\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Zone Labs Client] "C:\PROGRAMMI\ZONE LABS\ZONEALARM\ZLCLIENT.EXE"
O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\WINDOWS\TEMP\ImInstaller\IncrediMail\INCREDIMAIL_INSTALL-2.EXE -startup -product IncrediMail
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [WinFrag] C:\WINDOWS\DATIAP~1\POPMES~1\mpeg real.exe
O4 - Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: Salva oggetto con Star Downloader - C:\PROGRAMMI\STAR DOWNLOADER\sdie.htm
O8 - Extra context menu item: Download with Go!Zilla - file://C:\PROGRAMMI\GO!ZILLA\download-with-gozilla.html
O8 - Extra context menu item: Download by Free Download Manager - file://C:\Programmi\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Programmi\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Programmi\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Programmi\Free Download Manager\dlselected.htm
O8 - Extra context menu item: &Google Search - res://C:\PROGRAMMI\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: Versione cache della pagina - res://C:\PROGRAMMI\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Pagine simili - res://C:\PROGRAMMI\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Collegamenti a ritroso - res://C:\PROGRAMMI\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O9 - Extra button: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:\Programmi\Free Surfer\FS20.exe
O9 - Extra 'Tools' menuitem: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:\Programmi\Free Surfer\FS20.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O15 - Trusted Zone: http://*.msn.it
O15 - Trusted Zone:
http://it.bitdefender.comO15 - Trusted Zone:
www.softwin.roO15 - Trusted Zone:
http://www.bitdefender.roO15 - Trusted Zone:
http://www.pandasoftware.itO15 - Trusted Zone:
http://www.pandasoftware.comO15 - Trusted Zone:
www.ilsoftware.itO15 - Trusted Zone:
http://housecall.antivirus.comO15 - Trusted Zone:
www.zonelab.comO15 - Trusted Zone:
http://download.zonelabs.comO15 - Trusted Zone:
http://messenger.msn.comO15 - Trusted Zone:
http://www.todiscoassicurazioni.itO15 - Trusted Zone:
www.gourmet-cat.itO16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cabO16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cabO16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) -
http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoftware.com/activescan/as5/asinst.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/msnmessengersetupdownloader.cab