Utilizzando come Browser "Acoo Browser" qualche volta kliccando su un link di un indirizzo internet,anche "aiutamici" non si apre nessuna pagina,sulla barra inferiore viene indicato:About:Blank (Spazio o pagina bianca) o sulla barra degli indirizzi il seguente:http://as1.falkag.de/sel?rdm=1407.6347887475287andscx=1024andscy=768andscc=32andjav=1&cmd=win&kid=157375&bid=602547&dat=55881&bls3=111111A&dlv=209,5676,55881,157375,602547&dmn=host224-8.pool8252.interbusiness.it&sta=,,,,,,,,,,0,0,0,2225,2161,1791,724,0&xl=400&yl=430,di cosa può trattarsi ??? GrazieLogfile of HijackThis v1.99.1
Scan saved at 23.17.27, on 28/04/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\CTSVCCDA.EXE
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\Programmi\Dantz\Retrospect\retrorun.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\LexmarkX84-X85\ACMonitor_X84-X85.exe
C:\PROGRA~1\LexmarkX84-X85\AcBtnMgr_X84-X85.exe
C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
C:\Programmi\RAMpage\RAMpage.exe
C:\PROGRA~1\Norton AntiVirus\navapw32.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\File comuni\ACD Systems\IT\DevDetect.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
C:\Programmi\ATI Technologies\ATI.ACE\CLI.exe
C:\Programmi\ARESCOM\Modem Telindus Arescom ND220\dslmon.exe
C:\Programmi\GetRight\getright.exe
C:\Programmi\GetRight\getright.exe
C:\Programmi\PopTray\PopTray.exe
F:\Papà\Programmi\Acoo Browser\AcooBrowser.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Documents and Settings\Osvaldo\Desktop\HijackThis.exe
C:\Documents and Settings\Osvaldo\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.wlhwxfdmijsnxt.com/UCEYpxQdDOXCtEHqW8aZ0qhgNpVMAf8nuzPzyqSxQ6mQK5nLm7_Mp6uKAQdbDcn8.htmlR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.virgilio.it/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.creative.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Programmi\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: InstantGet IECatcher - {569E7719-1A11-415E-9206-AC1860FB8BFF} - F:\Papà\Programmi\InstantGet\IGCatcher.dll
O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\system32\IETie.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: InstantGet Bar - {98C92840-EB1C-40bd-B6A5-395EC9CD6510} - F:\Papà\Programmi\InstantGet\IGIEBar.dll
O4 - HKLM\..\Run: [Lexmark X84-X85 Button Monitor] C:\PROGRA~1\LexmarkX84-X85\ACMonitor_X84-X85.exe
O4 - HKLM\..\Run: [Lexmark X84-X85 Button Manager] C:\PROGRA~1\LexmarkX84-X85\AcBtnMgr_X84-X85.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [RAMpage] "C:\Programmi\RAMpage\RAMpage.exe" M=28 T=4 P="C:\Programmi\RAMpage\RAMpageConfig.exe"
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\Norton AntiVirus\navapw32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SymNetDrv\SNDMon.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\Programmi\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"
O4 - Startup: PopTray.lnk = C:\Programmi\PopTray\PopTray.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Programmi\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk.disabled
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Start GetRight.lnk = C:\Programmi\GetRight\getright.exe
O8 - Extra context menu item: &Download with InstantGet - res://F:\Papà\Programmi\InstantGet\IGCatcher.dll/IGLink.htm
O8 - Extra context menu item: Download &all with InstantGet - res://F:\Papà\Programmi\InstantGet\IGCatcher.dll/IGAll.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: @C:\Programmi\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Programmi\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {D147430C-86CD-4E6F-A807-93FBC496D201} (NCSLayeredView Class) -
http://www.cartografia.regione.lombardia.it/ecwplugins/ncs.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{328CCDCB-3148-4F2D-B0FC-459C049EB081}: NameServer = 85.37.17.7 151.99.125.1
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSVCCDA.EXE
O23 - Service: Servizio iPod (iPodService) - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Programmi\Dantz\Retrospect\retrorun.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - :ProgramFiles:\WinPcap\rpcapd.exe" -d -f ":ProgramFiles:\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe