Logfile of HijackThis v1.99.1
Scan saved at 19.39.55, on 24/11/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\RunDll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\v1201.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\OpenOffice.org 2.0\program\soffice.exe
C:\Programmi\OpenOffice.org 2.0\program\soffice.BIN
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\TWF0dGVv\command.exe
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programmi\Opera\Opera.exe
C:\Documents and Settings\Matteo\Impostazioni locali\Temporary Internet Files\Content.IE5\0HQV85UN\drf1164391387[1].htm.exe
C:\Programmi\X-Chat 2\xchat.exe
C:\Programmi\mIRC\mirc.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\Matteo\IMPOST~1\Temp\Rar$EX00.937\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Programmi\DeluxeCommunications\DxcBho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search and Destroy\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A43914D7-73A9-4BF3-80C1-CC984CA86D8F} - C:\Programmi\Messenger\qukosa.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [VTPreset] VTPreset.exe
O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINDOWS\System32\sxistfp.exe
O4 - HKLM\..\Run: [Application Layer Gateway Service] C:\WINDOWS\System32\algs.exe
O4 - HKLM\..\Run: [Services] C:\prosys32.exe
O4 - HKLM\..\Run: [Spooler SubSystem App] C:\WINDOWS\System32\spooIsv.exe
O4 - HKLM\..\Run: [Microsft Security Monitor Process] cmh.exe
O4 - HKLM\..\Run: [Winamp Agent] C:\WINDOWS\System32\winamp.exe
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Programmi\DeluxeCommunications\Dxc.exe
O4 - HKLM\..\Run: [uojf7594] RUNDLL32.EXE w0037f33.dll,n 006f758e0000000a0037f33
O4 - HKLM\..\Run: [windows] C:\\windows_e56.exe
O4 - HKLM\..\Run: [ACTX1] C:\WINDOWS\v1201.exe
O4 - HKLM\..\Run: [KernelFaultCheck] :systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKLM\..\RunServices: [Microsft Security Monitor Process] cmh.exe
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Programmi\DeluxeCommunications\Dxc.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Gangsters2Setup.lnk = ?
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Programmi\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O16 - DPF: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
http://209.167.111.110/cb/7O16 - DPF: {1673EB8F-9A9F-4BB8-9BF8-11905E73160D} -
http://www.muiegaozsicur.com/ocx/intES_ver20b.CABO16 - DPF: {DC4C23C4-A7A3-4014-9A83-3C1BE131F39E} -
http://advnt01.com/dialer/IntES_ver34v.CABO17 - HKLM\System\CCS\Services\Tcpip\..\{5C3997E0-95F7-44BB-8F6D-EB89E4F9AFED}: NameServer = 85.37.17.55 85.38.28.93
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TWF0dGVv\command.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe