Logfile of HijackThis v1.99.1
Scan saved at 14.47.23, on 29/11/2005
Platform: Windows XP SP2 (WinNT
5.01.2600)
MSIE: Internet Explorer v6.00 SP2
(6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Symantec
Shared\ccSetMgr.exe
C:\PROGRA~1\NORTON~1\NORTON
~4\GHOSTS~2.EXE
C:\WINDOWS\system32\drivers\Kodak
CCS.exe
C:\Programmi\Norton
SystemWorks\Norton
Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON
~2\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\PROGRA~1\NORTON~1\NORTON
~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec
Shared\ccEvtMgr.exe
C:\Programmi\LifeView
TVR\Remote.exe
C:\Programmi\LifeView
TVR\RecSche.exe
C:\Programmi\File comuni\Symantec
Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Symantec\Web
Tools\CKA.exe
C:\Programmi\File comuni\Symantec
Shared\Security Center\SymWSC.exe
C:\Programmi\Norton
SystemWorks\Norton
Antivirus\SAVScan.exe
C:\Programmi\Internet
Explorer\iexplore.exe
C:\Programmi\Messenger\msmsgs.exe
D:\PC -VARIE\HijackThis.exe
R0 -
HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName =
Collegamenti
O1 - Hosts: 205.238.40.2
www.winmx.comO1 - Hosts: 205.238.40.2
err.winmx.com
O1 - Hosts: 205.238.40.2
c3310.z1301.winmx.com
O1 - Hosts: 67.18.233.36
c3311.z1301.winmx.com
O1 - Hosts: 82.43.224.20
c3312.z1301.winmx.com
O1 - Hosts: 209.67.209.50
c3313.z1301.winmx.com
O1 - Hosts: 212.227.64.159
c3314.z1301.winmx.com
O1 - Hosts: 205.238.40.2
c3315.z1301.winmx.com
O1 - Hosts: 67.18.233.36
c3316.z1301.winmx.com
O1 - Hosts: 82.43.224.20
c3317.z1301.winmx.com
O1 - Hosts: 209.67.209.50
c3318.z1301.winmx.com
O1 - Hosts: 212.227.64.159
c3319.z1301.winmx.com
O1 - Hosts: 205.238.40.2
c3310.z1302.winmx.com
O1 - Hosts: 67.18.233.36
c3311.z1302.winmx.com
O1 - Hosts: 82.43.224.20
c3312.z1302.winmx.com
O1 - Hosts: 209.67.209.50
c3313.z1302.winmx.com
O1 - Hosts: 212.227.64.159
c3314.z1302.winmx.com
O1 - Hosts: 205.238.40.2
c3315.z1302.winmx.com
O1 - Hosts: 67.18.233.36
c3316.z1302.winmx.com
O1 - Hosts: 82.43.224.20
c3317.z1302.winmx.com
O1 - Hosts: 209.67.209.50
c3318.z1302.winmx.com
O1 - Hosts: 212.227.64.159
c3319.z1302.winmx.com
O1 - Hosts: 82.43.224.20
c3310.z1303.winmx.com
O1 - Hosts: 67.18.233.36
c3311.z1303.winmx.com
O1 - Hosts: 205.238.40.2
c3312.z1303.winmx.com
O1 - Hosts: 82.43.224.20
c3313.z1303.winmx.com
O1 - Hosts: 67.18.233.36
c3314.z1303.winmx.com
O1 - Hosts: 205.238.40.2
c3315.z1303.winmx.com
O1 - Hosts: 82.43.224.20
c3316.z1303.winmx.com
O1 - Hosts: 67.18.233.36
c3317.z1303.winmx.com
O1 - Hosts: 205.238.40.2
c3318.z1303.winmx.com
O1 - Hosts: 82.43.224.20
c3319.z1303.winmx.com
O1 - Hosts: 205.238.40.2
c3310.z1304.winmx.com
O1 - Hosts: 67.18.233.36
c3311.z1304.winmx.com
O1 - Hosts: 82.43.224.20
c3312.z1304.winmx.com
O1 - Hosts: 209.67.209.50
c3313.z1304.winmx.com
O1 - Hosts: 212.227.64.159
c3314.z1304.winmx.com
O1 - Hosts: 205.238.40.2
c3315.z1304.winmx.com
O1 - Hosts: 67.18.233.36
c3316.z1304.winmx.com
O1 - Hosts: 82.43.224.20
c3317.z1304.winmx.com
O1 - Hosts: 209.67.209.50
c3318.z1304.winmx.com
O1 - Hosts: 212.227.64.159
c3319.z1304.winmx.com
O1 - Hosts: 205.238.40.2
c3310.z1305.winmx.com
O1 - Hosts: 67.18.233.36
c3311.z1305.winmx.com
O1 - Hosts: 82.43.224.20
c3312.z1305.winmx.com
O1 - Hosts: 209.67.209.50
c3313.z1305.winmx.com
O1 - Hosts: 212.227.64.159
c3314.z1305.winmx.com
O1 - Hosts: 205.238.40.2
c3315.z1305.winmx.com
O1 - Hosts: 67.18.233.36
c3316.z1305.winmx.com
O1 - Hosts: 82.43.224.20
c3317.z1305.winmx.com
O1 - Hosts: 209.67.209.50
c3318.z1305.winmx.com
O1 - Hosts: 212.227.64.159
c3319.z1305.winmx.com
O1 - Hosts: 205.238.40.2
c3310.z1306.winmx.com
O1 - Hosts: 67.18.233.36
c3311.z1306.winmx.com
O1 - Hosts: 82.43.224.20
c3312.z1306.winmx.com
O1 - Hosts: 209.67.209.50
c3313.z1306.winmx.com
O1 - Hosts: 212.227.64.159
c3314.z1306.winmx.com
O1 - Hosts: 205.238.40.2
c3315.z1306.winmx.com
O1 - Hosts: 67.18.233.36
c3316.z1306.winmx.com
O1 - Hosts: 82.43.224.20
c3317.z1306.winmx.com
O1 - Hosts: 209.67.209.50
c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159
c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.2
c3520.z1301.winmx.com
O1 - Hosts: 67.18.233.36
c3521.z1301.winmx.com
O1 - Hosts: 82.43.224.20
c3522.z1301.winmx.com
O1 - Hosts: 209.67.209.50
c3523.z1301.winmx.com
O1 - Hosts: 212.227.64.159
c3524.z1301.winmx.com
O1 - Hosts: 205.238.40.2
c3525.z1301.winmx.com
O1 - Hosts: 67.18.233.36
c3526.z1301.winmx.com
O1 - Hosts: 82.43.224.20
c3527.z1301.winmx.com
O1 - Hosts: 209.67.209.50
c3528.z1301.winmx.com
O1 - Hosts: 212.227.64.159
c3529.z1301.winmx.com
O1 - Hosts: 205.238.40.2
c3520.z1302.winmx.com
O1 - Hosts: 67.18.233.36
c3521.z1302.winmx.com
O1 - Hosts: 82.43.224.20
c3522.z1302.winmx.com
O1 - Hosts: 209.67.209.50
c3523.z1302.winmx.com
O1 - Hosts: 212.227.64.159
c3524.z1302.winmx.com
O1 - Hosts: 205.238.40.2
c3525.z1302.winmx.com
O1 - Hosts: 67.18.233.36
c3526.z1302.winmx.com
O1 - Hosts: 82.43.224.20
c3527.z1302.winmx.com
O1 - Hosts: 209.67.209.50
c3528.z1302.winmx.com
O1 - Hosts: 212.227.64.159
c3529.z1302.winmx.com
O1 - Hosts: 205.238.40.2
c3520.z1303.winmx.com
O1 - Hosts: 67.18.233.36
c3521.z1303.winmx.com
O1 - Hosts: 82.43.224.20
c3522.z1303.winmx.com
O1 - Hosts: 209.67.209.50
c3523.z1303.winmx.com
O1 - Hosts: 212.227.64.159
c3524.z1303.winmx.com
O1 - Hosts: 205.238.40.2
c3525.z1303.winmx.com
O1 - Hosts: 67.18.233.36
c3526.z1303.winmx.com
O1 - Hosts: 82.43.224.20
c3527.z1303.winmx.com
O1 - Hosts: 209.67.209.50
c3528.z1303.winmx.com
O1 - Hosts: 212.227.64.159
c3529.z1303.winmx.com
O1 - Hosts: 205.238.40.2
c3520.z1304.winmx.com
O1 - Hosts: 67.18.233.36
c3521.z1304.winmx.com
O1 - Hosts: 82.43.224.20
c3522.z1304.winmx.com
O1 - Hosts: 209.67.209.50
c3523.z1304.winmx.com
O1 - Hosts: 212.227.64.159
c3524.z1304.winmx.com
O1 - Hosts: 205.238.40.2
c3525.z1304.winmx.com
O1 - Hosts: 67.18.233.36
c3526.z1304.winmx.com
O1 - Hosts: 82.43.224.20
c3527.z1304.winmx.com
O1 - Hosts: 209.67.209.50
c3528.z1304.winmx.com
O2 - BHO: AcroIEHlprObj Class -
{06849E9F-C8D7-4D59-B87D-784B7D
6BE0B3} -
C:\Programmi\Adobe\Acrobat
6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: CNavExtBho Class -
{BDF3E430-B101-42AD-A544-FADC6B
084872} - C:\Programmi\Norton
SystemWorks\Norton
Antivirus\NavShExt.dll
O3 - Toolbar: Easy-WebPrint -
{327C2873-E90D-4c37-AA9D-10AC9B
ABA46C} -
C:\Programmi\Canon\Easy-WebPrint\T
oolband.dll
O3 - Toolbar: Norton AntiVirus -
{42CDD1BF-3FFB-4238-8AD1-7859DF0
0B1D6} - C:\Programmi\Norton
SystemWorks\Norton
Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon]
RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvSt
artup
O4 - HKLM\..\Run: [Remote]
C:\Programmi\LifeView
TVR\Remote.exe
O4 - HKLM\..\Run: [RecSche]
"C:\Programmi\LifeView
TVR\RecSche.exe"
O4 - HKLM\..\Run: [ccApp]
"C:\Programmi\File comuni\Symantec
Shared\ccApp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SymKeepAlive]
C:\Programmi\Symantec\Web
Tools\CKA.exe
O8 - Extra context menu item: Aggiungi
all'elenco di stampa Easy-WebPrint -
res://C:\Programmi\Canon\Easy-WebPri
nt\Resource.dll/RC_AddToList.html
O8 - Extra context menu item:
Anteprima Easy-WebPrint -
res://C:\Programmi\Canon\Easy-WebPri
nt\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Stampa
ad alta velocità Easy-WebPrint -
res://C:\Programmi\Canon\Easy-WebPri
nt\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Stampa
Easy-WebPrint -
res://C:\Programmi\Canon\Easy-WebPri
nt\Resource.dll/RC_Print.html
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C60
8501} -
C:\Programmi\Java\j2re1.4.2_01\bin\npj
pi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java
Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C60
8501} -
C:\Programmi\Java\j2re1.4.2_01\bin\npj
pi142_01.dll
O9 - Extra button: Messenger -
{4528BBE0-4E08-11D5-AD55-00010333
D0AD} -
C:\PROGRA~1\Yahoo!\Common\yhexb
mesit.dll
O9 - Extra 'Tools' menuitem: Yahoo!
Messenger -
{4528BBE0-4E08-11D5-AD55-00010333
D0AD} -
C:\PROGRA~1\Yahoo!\Common\yhexb
mesit.dll
O9 - Extra button: Organizzatore
ricerche -
{9455301C-CF6B-11D3-A266-00C04F68
9C50} - C:\Programmi\File
comuni\Microsoft Shared\Encarta
Researcher\EROPROJ.DLL
O9 - Extra button: (no name) -
{B205A35E-1FC4-4CE3-818B-899DBBB
3388C} - C:\Programmi\File
comuni\Microsoft Shared\Encarta
Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795
683} -
C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows
Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795
683} -
C:\Programmi\Messenger\msmsgs.exe
O12 - Plugin for .mov:
C:\Programmi\Internet
Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .mpeg:
C:\Programmi\Internet
Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF:
{17492023-C23A-453E-A040-C7C580B
BF700} (Windows Genuine Advantage
Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF:
{2BC66F54-93A8-11D3-BEB6-00105AA
9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF:
{30528230-99f7-4bb4-88d8-fa1d4f56a
2ab} (YInstStarter Class) -
C:\Programmi\Yahoo!\Common\yinsthe
lper.dll
O16 - DPF:
{6414512B-B978-451D-A0D8-FCFDF33
E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wu
web_site.cab?1131124957843
O16 - DPF:
{644E432F-49D3-41A1-8DD5-E099162E
EEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{6
E589B13-630B-4D4A-88BE-B5B123D10
ED6}: NameServer = 151.99.125.2
151.99.125.3
O23 - Service: Symantec Event Manager
(ccEvtMgr) - Symantec Corporation -
C:\Programmi\File comuni\Symantec
Shared\ccEvtMgr.exe
O23 - Service: Symantec Password
Validation (ccPwdSvc) - Symantec
Corporation - C:\Programmi\File
comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings
Manager (ccSetMgr) - Symantec
Corporation - C:\Programmi\File
comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: GhostStartService -
Symantec Corporation -
C:\PROGRA~1\NORTON~1\NORTON
~4\GHOSTS~2.EXE
O23 - Service: Kodak Camera
Connection Software (KodakCCS) -
Eastman Kodak Company -
C:\WINDOWS\system32\drivers\Kodak
CCS.exe
O23 - Service: Servizio Norton
AntiVirus Auto-Protect (navapsvc) -
Symantec Corporation -
C:\Programmi\Norton
SystemWorks\Norton
Antivirus\navapsvc.exe
O23 - Service: Norton Unerase
Protection (NProtectService) - Symantec
Corporation -
C:\PROGRA~1\NORTON~1\NORTON
~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper
Service (NVSvc) - NVIDIA Corporation
- C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec
Corporation - C:\Programmi\Norton
SystemWorks\Norton
Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service
(SBService) - Symantec Corporation -
C:\PROGRA~1\FILECO~1\SYMANT~1
SCRIPT~1\SBServ.exe
O23 - Service: ScsiAccess - Unknown
owner -
C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Symantec Network
Drivers Service (SNDSrvc) - Symantec
Corporation - C:\Programmi\File
comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service -
Symantec Corporation -
C:\PROGRA~1\NORTON~1\NORTON
~2\SPEEDD~1\NOPDB.EXE
O23 - Service: STI Simulator -
Unknown owner -
C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: SymWMI Service
(SymWSC) - Symantec Corporation -
C:\Programmi\File comuni\Symantec
Shared\Security Center\SymWSC.exe