Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17.23.50, on 15/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
D:\Programmi\DAEMON Tools Lite\daemon.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programmi\Vtune\TBPanel.exe
D:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Programmi\Raxco\PerfectDisk2008\PD91Agent.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Programmi\Raxco\PerfectDisk2008\PerfectDisk.exe
D:\Programmi\Raxco\PerfectDisk2008\PD91Engine.exe
D:\Programmi\Raxco\PerfectDisk2008\PD91Scanner.exe
D:\Programmi\Messenger\msmsgs.exe
D:\Programmi\Mozilla Firefox\firefox.exe
D:\Documents and Settings\giuliano\Desktop\Nuova cartella\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVP] "D:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [MsnMsgr] "D:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programmi\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TBPanel] D:\Programmi\Vtune\TBPanel.exe /A
O4 - HKCU\..\Run: [DWQueuedReporting] "D:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [MSMSGS] "D:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1957994488-879983540-839522115-1003\..\Run: [MsnMsgr] "D:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background (User '?')
O4 - HKUS\S-1-5-21-1957994488-879983540-839522115-1003\..\Run: [TBPanel] D:\Programmi\Vtune\TBPanel.exe /A (User '?')
O4 - HKUS\S-1-5-21-1957994488-879983540-839522115-1003\..\Run: [DWQueuedReporting] "D:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" -t (User '?')
O4 - HKUS\S-1-5-21-1957994488-879983540-839522115-1003\..\Run: [MSMSGS] "D:\Programmi\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Aggiungi al banner Blocco pubblicità - D:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: Statistiche sulla protezione del traffico Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) -
http://www.nvidia.com/content/DriverDow ... eqlab3.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 7112572625O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) -
http://www.nvidia.com/content/DriverDow ... rtScan.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{60048EA2-5565-4B87-BA58-40D4268C45AF}: NameServer = 85.37.17.50 85.38.28.76
O20 - AppInit_DLLs: D:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,D:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,D:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - D:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - D:\Programmi\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - D:\Programmi\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - D:\Programmi\Raxco\PerfectDisk2008\PD91Engine.exe
--
End of file - 5876 bytes