Logfile of HijackThis v1.99.1
Scan saved at 13.08.46, on 09/07/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmi\EPSON\ESM2\eEBSVC.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
C:\Programmi\File comuni\Panda Software\PavShld\pavprsrv.exe
C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\pavsrv50.exe
C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\AVENGINE.EXE
C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\atiptaxx.exe
C:\WINNT\Hcontrol.exe
C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE
C:\Programmi\File comuni\ACD Systems\IT\DevDetect.exe
C:\WINNT\ATKOSD.exe
C:\Programmi\Java\jre1.5.0_02\bin\jusched.exe
C:\WINNT\system32\internat.exe
C:\Programmi\EPSON\ESM2\Stms.exe
C:\Programmi\D-Link AirPlus\AirPlus.exe
C:\WINNT\twain_32\A4CIS600\WATCH.exe
C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\WebProxy.exe
C:\Programmi\eMule\emule.exe
C:\Programmi\Avant Browser\avant.exe
C:\Programmi\Microsoft Office\Office10\EXCEL.EXE
C:\WINNT\system32\svchost.exe
C:\Programmi\Microsoft Office\Office10\OUTLOOK.EXE
C:\Programmi\Microsoft Office\Office10\WINWORD.EXE
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\xxx\IMPOST~1\Temp\Rar$EX33.2579\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.virgilio.it/free
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [Hcontrol] C:\WINNT\Hcontrol.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [Device Detector] "C:\Programmi\File comuni\ACD Systems\IT\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker] javaw -cp "C:\Programmi\EbatesMoeMoneyMaker\System\Code" Main lp: "C:\Programmi\EbatesMoeMoneyMaker"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Startup: Watch.lnk = C:\WINNT\twain_32\A4CIS600\WATCH.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: CmmLogon.lnk = C:\Programmi\Fortech\ComMa32\Bin\CmmLogon.exe
O4 - Global Startup: Controllo in background EPSON.lnk = C:\Programmi\EPSON\ESM2\Stms.exe
O4 - Global Startup: D-Link AirPlus.lnk = C:\Programmi\D-Link AirPlus\AirPlus.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Blocca tutte le immagini provenienti dal server di questa - C:\Programmi\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{08DD3688-0A2E-40AA-A0CF-695E4012F661}: NameServer = 151.99.125.2,151.99.250.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{08DD3688-0A2E-40AA-A0CF-695E4012F661}: NameServer = 151.99.125.2,151.99.250.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{08DD3688-0A2E-40AA-A0CF-695E4012F661}: NameServer = 151.99.125.2,151.99.250.2
O17 - HKLM\System\CS3\Services\Tcpip\..\{08DD3688-0A2E-40AA-A0CF-695E4012F661}: NameServer = 151.99.125.2,151.99.250.2
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: DCS Loader (DCSLoader) - Oki Data Corporation - C:\WINNT\system32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Programmi\EPSON\ESM2\eEBSVC.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Programmi\File comuni\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\pavsrv50.exe
O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Programmi\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe