Logfile of HijackThis v1.99.1
Scan saved at 19.28.44, on 01/05/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
H:\WINNT\System32\smss.exe
H:\WINNT\system32\winlogon.exe
H:\WINNT\system32\services.exe
H:\WINNT\system32\lsass.exe
H:\WINNT\system32\svchost.exe
H:\WINNT\system32\LEXBCES.EXE
H:\WINNT\system32\spoolsv.exe
H:\WINNT\system32\LEXPPS.EXE
H:\Programmi\AntiVir PersonalEdition Classic\sched.exe
H:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
H:\WINNT\system32\ZoneLabs\isafe.exe
H:\WINNT\system32\CTSvcCDA.exe
H:\WINNT\system32\svchost.exe
H:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\WINNT\system32\mgabg.exe
H:\WINNT\system32\MSTask.exe
H:\WINNT\system32\stisvc.exe
H:\WINNT\system32\ZoneLabs\vsmon.exe
H:\WINNT\System32\WBEM\WinMgmt.exe
H:\WINNT\system32\mspmspsv.exe
H:\WINNT\system32\svchost.exe
H:\WINNT\Explorer.EXE
H:\WINNT\system32\dcomcfg.exe
H:\WINNT\system32\PDesk.exe
H:\Programmi\Creative\ShareDLL\CtNotify.exe
H:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe
H:\WINNT\system32\USBMonit.exe
H:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe
H:\WINNT\system32\rundll32.exe
H:\Programmi\Creative\ShareDLL\MediaDet.Exe
H:\Programmi\Lexmark X1100 Series\lxbkbmon.exe
H:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
H:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
H:\WINNT\system32\internat.exe
H:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
H:\Programmi\Mozilla Firefox\firefox.exe
F:\CWS\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.libero.itR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - H:\WINNT\system32\hp6100.tmp
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - H:\WINNT\system32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Matrox Powerdesk] H:\WINNT\system32\PDesk.exe /Autolaunch
O4 - HKLM\..\Run: [Disc Detector] H:\Programmi\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] H:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [Gene USB Monitor] H:\WINNT\system32\USBMonit.exe
O4 - HKLM\..\Run: [NeroCheck] H:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "H:\WINNT\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] H:\Programmi\ACE Mega CoDecS Pack\Media Player Classic\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [REGSHAVE] H:\Programmi\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [ICQ Lite] H:\Programmi\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Lexmark X1100 Series] "H:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [Zone Labs Client] H:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avgnt] "H:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Skype] "H:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Exif Launcher.lnk = H:\Programmi\FinePixViewer\QuickDCF.exe
O8 - Extra context menu item: &Cerca con Google - res://h:\programmi\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Traduci parola in italiano - res://h:\programmi\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Link a ritroso - res://h:\programmi\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pagine simili - res://h:\programmi\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Ricerca utilizzando PGWeb - e:\programmi\pgsoft\agent\pgweb.exe
O8 - Extra context menu item: Versione cache della pagina - res://h:\programmi\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programmi\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programmi\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra button: (no name) - {4B30061A-5B39-11D3-80F8-0090276F843F} - H:\WINNT\system32\shdocvw.dll
O9 - Extra button: (no name) - {4B30061A-5D22-11D3-80F8-0090276F843F} - e:\programmi\pgsoft\agent\pgweb.exe (file missing)
O9 - Extra 'Tools' menuitem: Cerca con pgweb - {4B30061A-5D22-11D3-80F8-0090276F843F} - e:\programmi\pgsoft\agent\pgweb.exe (file missing)
O9 - Extra button: PGWeb - {4B30061A-5D23-11D3-80F8-0090276F843F} - e:\programmi\pgsoft\agent\pgweb.exe (file missing)
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - H:\Programmi\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - H:\Programmi\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - H:\WINNT\system32\Shdocvw.dll
O12 - Plugin for .mp4: H:\Programmi\Internet Explorer\PLUGINS\npqtplugin4.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cabO16 - DPF: {99802379-7362-40E2-9D28-8A3B9AF880B7} -
http://hotsearchbar.com/toolbar2/winhot32.cabO16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocxO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cabO16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) -
http://fdl.msn.com/zone/datafiles/heartbeat.cabO16 - DPF: {F5BC716E-2650-4B08-9235-C110CF95017F} (Connessione Tiscali) -
http://selfcare.tiscali.it/scripts/oneclick/ConnessioneTiscali.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{173EBEFA-720D-446A-B377-460EF921705D}: NameServer = 193.12.150.2 212.247.152.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{173EBEFA-720D-446A-B377-460EF921705D}: NameServer = 193.12.150.2 212.247.152.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{173EBEFA-720D-446A-B377-460EF921705D}: NameServer = 193.12.150.2 212.247.152.2
O20 - Winlogon Notify: nwprovau - H:\WINNT\SYSTEM32\nwprovau.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - H:\Programmi\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - H:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - H:\WINNT\system32\ZoneLabs\isafe.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - H:\WINNT\system32\CTSvcCDA.exe
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - H:\WINNT\System32\dmadmin.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - H:\WINNT\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - H:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - H:\WINNT\system32\mgabg.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - H:\WINNT\system32\ZoneLabs\vsmon.exe