Grazie
Logfile of HijackThis v1.99.1
Scan saved at 16.08.41, on 09/11/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\Explorer.EXE
C:\WINNT\service32.exe
C:\Programmi\Analog Devices\SoundMAX\Smtray.exe
C:\Programmi\COMPAQ\Easy Access Button Support\StartEAK.exe
C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE
C:\Programmi\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Programmi\Network Associates\VirusScan\SHSTAT.EXE
C:\Programmi\Network Associates\Common Framework\UpdaterUI.exe
C:\Programmi\cmagent\cmagent.exe
C:\Programmi\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Programmi\QuickTime\qttask.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Documents and Settings\Adriano.Conti\Menu Avvio\Programmi\Esecuzione automatica\ayyc.exe
C:\Programmi\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\WINNT\43168174226.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\Adriano.Conti\Documenti\UTILITA'\Hijack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.extremeaccess.info/?rid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://internos
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0410/bl8.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,,C:\WINNT\svchost.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: edit_html Class - {14D1A72D-8705-11D8-B120-0040F46CB696} - C:\Documents and Settings\Adriano.Conti\11964623.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: (no name) - {f250d521-225d-4d6b-8829-e064f944e180} - C:\WINNT\system32\vfaa.dll
O3 - Toolbar: @msdxmLC.dll,-1@1040,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Smapp] C:\Programmi\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Programmi\COMPAQ\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [ChkAdmin] C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Programmi\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programmi\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programmi\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [WinVNC] "C:\Programmi\RealVNC\winvnc\winvnc.exe" -servicehelper
O4 - HKLM\..\Run: [CMAgent] C:\Programmi\cmagent\cmagent.exe LISTNER 1000 C:\CMListner.log
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Scadenze] C:\Programmi\scadenze51\scad_win.exe /check
O4 - HKLM\..\Run: [aouei] C:\Documents and Settings\Adriano.Conti\Dati applicazioni\ratorefaci\sysrtmvs.exe
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINNT\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe
O4 - Startup: ayyc.exe
O4 - Global Startup: AboutTime.lnk = C:\Program Files\abouttime\PROGRAM\AboutTime.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\MsOff00\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Studenti - {FF4D2994-6575-4F03-A5C6-6559C8793A15} - c:\Studenti.exe (file missing)
O9 - Extra 'Tools' menuitem: Studenti - {FF4D2994-6575-4F03-A5C6-6559C8793A15} - c:\Studenti.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://internos
O15 - Trusted Zone: www.1987324.com
O15 - Trusted Zone: www.adslconnection.name
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: www.contentdiscount.info
O15 - Trusted Zone: www.extremeaccess.info
O15 - Trusted Zone: www.hastalavista.it
O15 - Trusted Zone: http://*.internos
O15 - Trusted Zone: http://*.lusky
O15 - Trusted Zone: http://*.paper-ap
O15 - Trusted Zone: http://*.paper-doc
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.softlab.name
O15 - Trusted Zone: www.xxx-content.name
O16 - DPF: {3A471221-E332-4240-A709-C6D087007ADE} - http://www.silver-bullet.biz/ddd/55/cam ... eramia.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6428195701
O16 - DPF: {878A0D61-48D2-11D3-A75D-00A0245382DE} (WebIdCli Class) - http://www.tuttorifiuti.it/checkpointAM ... /WICli.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/606874.exe
O16 - DPF: {FFFF0029-0001-101A-A3C9-08002B2F49FB} - http://www.tesinecopiate.com/e/STUDENT02.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = papernet.provincia.mc.it
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = papernet.provincia.mc.it
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = papernet.provincia.mc.it
O23 - Service: Altiris Client Service (AClient) - Altiris, Inc. - C:\COMPAQ\ACLIENT\ACLIENT.exe
O23 - Service: Compaq Local Alerter (CPQALERT) - Compaq Computer Corporation - C:\Programmi\Compaq\Compaq Management Agents\cpqalert.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent (CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINNT\Cpqdiag\Cpqdfwag.exe
O23 - Service: cpqdmi - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe
O23 - Service: Compaq DMI Web Agent (cpqWebDmi) - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Programmi\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Programmi\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Programmi\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINNT\System32\NMSSvc.exe
O23 - Service: Win32Sl (WIN32SL) - Intel - C:\Programmi\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Programmi\RealVNC\winvnc\winvnc.exe" -service (file missing)