Aiutatemi con HijackThis
Inviato: mer gen 05, 2005 1:24 pm
Ciao a tutti. Sono un nuovo utente di questo forum e ho visto che qualcuno di voi se ne intende parecchio di HijackThis. Se potete darmi una mano ve ne sarei riconoscente visto che il problema non viene risolto da nessun programma standard che viene consigliato su internet.
Ciò che mi succede è una specie di popup che ogni tanto compare mentre sto navigando. Ciò che compare in realtà non è un vero e proprio popup, perché entra a far parte della schermata di IE che sto visualizzando. E' un rettangolo a sfondo nero che contiene scritte verdi...Dice di fre una scansione del mio sistema...Quando finisce dice che sono appestato da malware e vari...
Inoltre saltuariamente compare anche una barra di colore blu che si posiziona sul fondo dello schermo e mi da link verso aiu, virus, hp, mini ed altre cose...Tutte seguite da una icona con scritto New
Spero vediate l'immagine allegata.
Logfile of HijackThis v1.99.0
Scan saved at 11.59.20, on 05/01/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAMMI\NORTON ANTIVIRUS\ADVTOOLS\NPROTECT.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAMMI\CREATIVE\LAUNCHER\CTLAUNCHER.EXE
C:\PROGRAMMI\CREATIVE\SBLIVE\AUDIOHQ\AHQTB.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAMMI\ACD SYSTEMS\DEVDETECT\DEVDETECT.EXE
C:\WINDOWS\APPLICATION DATA\COTA.EXE
C:\WINDOWS\SYSTEM\GAIT.EXE
C:\PROGRAMMI\NOKIA\PC SUITE PER NOKIA 9210I COMMUNICATOR\CONNECTSTATE.EXE
C:\PROGRAMMI\NOKIA\PC SUITE PER NOKIA 9210I COMMUNICATOR\ECTASKSCHEDULER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMMI\NOKIA\PC SUITE PER NOKIA 9210I COMMUNICATOR\BROADCASTPROXY.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\MIRC\MIRC.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAMMI\EMULE\EMULE.EXE
C:\WINDOWS\TEMP\HKOP.DAT
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://
R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = http://
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\ejpvc.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ejpvc.dll/sp.html#29126
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.seekfast.f2s.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {5FE6FB84-7685-9F29-EC94-E255A85850C4} - C:\WINDOWS\SYSTEM\OADAPAK.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Creative Launcher] C:\Programmi\Creative\Launcher\CTLauncher.EXE
O4 - HKLM\..\Run: [AudioHQ] C:\Programmi\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [HyCD Drive Splash] C:\PROGRA~1\HYCD\HYCDPL~1\Play&Record.exe /s
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\ADVTOOLS\ADVCHK.EXE
O4 - HKLM\..\Run: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [voxildpn] C:\WINDOWS\SYSTEM\vchwnx.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -off
O4 - HKLM\..\Run: [qhuryx] C:\WINDOWS\qhuryx.exe
O4 - HKLM\..\Run: [AT-Watch] C:\Programmi\Anti-Trojan-55\ATWatch.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Programmi\File comuni\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [ADDJN32.EXE] C:\WINDOWS\ADDJN32.EXE
O4 - HKLM\..\RunServices: [IPEJ32.EXE] C:\WINDOWS\IPEJ32.EXE
O4 - HKLM\..\RunServices: [NTEP.EXE] C:\WINDOWS\NTEP.EXE
O4 - HKLM\..\RunServices: [APIIT.EXE] C:\WINDOWS\APIIT.EXE
O4 - HKLM\..\RunServices: [SDKHK32.EXE] C:\WINDOWS\SDKHK32.EXE
O4 - HKLM\..\RunServices: [MSPZ.EXE] C:\WINDOWS\MSPZ.EXE
O4 - HKLM\..\RunServices: [MFCDF.EXE] C:\WINDOWS\MFCDF.EXE
O4 - HKLM\..\RunServices: [D3XV32.EXE] C:\WINDOWS\D3XV32.EXE
O4 - HKLM\..\RunServices: [NETCR32.EXE] C:\WINDOWS\NETCR32.EXE
O4 - HKLM\..\RunServices: [NTYJ32.EXE] C:\WINDOWS\NTYJ32.EXE
O4 - HKCU\..\Run: [Shic] C:\WINDOWS\Application Data\cota.exe
O4 - HKCU\..\Run: [Icymqlar] C:\WINDOWS\SYSTEM\gait.exe
O4 - Startup: Collegamento a PC Suite per Nokia 9210i Communicator.lnk = C:\Programmi\Nokia\PC Suite per Nokia 9210i Communicator\ConnectState.exe
O4 - Startup: Utilità di pianificazione di PC Suite per Nokia 9210i Communicator.lnk = C:\Programmi\Nokia\PC Suite per Nokia 9210i Communicator\ECTaskScheduler.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Corel Network monitor worker - {77061680-2DF7-11D9-8F8A-006008307F25} - C:\WINDOWS\SYSTEM\IEGFXFRW.DLL
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {77061680-2DF7-11D9-8F8A-006008307F25} - C:\WINDOWS\SYSTEM\IEGFXFRW.DLL
O9 - Extra button: Alice - {A72E6E40-58C1-11D8-8F89-E9C63F1CA00F} - http://gw.aliceadsl.it/alice (file missing) (HKCU)
O9 - Extra button: Corel Network monitor worker - {77061680-2DF7-11D9-8F8A-006008307F25} - C:\WINDOWS\SYSTEM\IEGFXFRW.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {77061680-2DF7-11D9-8F8A-006008307F25} - C:\WINDOWS\SYSTEM\IEGFXFRW.DLL (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://gw.aliceadsl.it/home
O15 - Trusted Zone: www.yeak.net
O15 - Trusted IP range: (HKLM)
O16 - DPF: {DDF44FD9-749F-4761-89BB-E8A59339E459} - http://akamai.downloadv3.com/binaries/L ... e_9_EN.cab
O16 - DPF: {1F3FCD0B-5FF5-7C19-2060-616117556753} - http://205.252.161.238/1/rdgIT1391.exe
O16 - DPF: {15320607-1001-1831-1000-118599957123} - ms-its:mhtml:file://C:\PATH.MHT!http://195.225.176.5//d//qxjteam//huyxuze//ruhvwtq//rytgqp//IT//arct.chm::/painter.exe
Grazie a tutti in anticipo
Ciò che mi succede è una specie di popup che ogni tanto compare mentre sto navigando. Ciò che compare in realtà non è un vero e proprio popup, perché entra a far parte della schermata di IE che sto visualizzando. E' un rettangolo a sfondo nero che contiene scritte verdi...Dice di fre una scansione del mio sistema...Quando finisce dice che sono appestato da malware e vari...
Inoltre saltuariamente compare anche una barra di colore blu che si posiziona sul fondo dello schermo e mi da link verso aiu, virus, hp, mini ed altre cose...Tutte seguite da una icona con scritto New
Spero vediate l'immagine allegata.
Logfile of HijackThis v1.99.0
Scan saved at 11.59.20, on 05/01/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAMMI\NORTON ANTIVIRUS\ADVTOOLS\NPROTECT.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAMMI\CREATIVE\LAUNCHER\CTLAUNCHER.EXE
C:\PROGRAMMI\CREATIVE\SBLIVE\AUDIOHQ\AHQTB.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAMMI\ACD SYSTEMS\DEVDETECT\DEVDETECT.EXE
C:\WINDOWS\APPLICATION DATA\COTA.EXE
C:\WINDOWS\SYSTEM\GAIT.EXE
C:\PROGRAMMI\NOKIA\PC SUITE PER NOKIA 9210I COMMUNICATOR\CONNECTSTATE.EXE
C:\PROGRAMMI\NOKIA\PC SUITE PER NOKIA 9210I COMMUNICATOR\ECTASKSCHEDULER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMMI\NOKIA\PC SUITE PER NOKIA 9210I COMMUNICATOR\BROADCASTPROXY.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\MIRC\MIRC.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAMMI\EMULE\EMULE.EXE
C:\WINDOWS\TEMP\HKOP.DAT
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://
R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = http://
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\ejpvc.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ejpvc.dll/sp.html#29126
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.seekfast.f2s.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {5FE6FB84-7685-9F29-EC94-E255A85850C4} - C:\WINDOWS\SYSTEM\OADAPAK.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Creative Launcher] C:\Programmi\Creative\Launcher\CTLauncher.EXE
O4 - HKLM\..\Run: [AudioHQ] C:\Programmi\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [HyCD Drive Splash] C:\PROGRA~1\HYCD\HYCDPL~1\Play&Record.exe /s
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\ADVTOOLS\ADVCHK.EXE
O4 - HKLM\..\Run: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [voxildpn] C:\WINDOWS\SYSTEM\vchwnx.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -off
O4 - HKLM\..\Run: [qhuryx] C:\WINDOWS\qhuryx.exe
O4 - HKLM\..\Run: [AT-Watch] C:\Programmi\Anti-Trojan-55\ATWatch.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Programmi\File comuni\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [ADDJN32.EXE] C:\WINDOWS\ADDJN32.EXE
O4 - HKLM\..\RunServices: [IPEJ32.EXE] C:\WINDOWS\IPEJ32.EXE
O4 - HKLM\..\RunServices: [NTEP.EXE] C:\WINDOWS\NTEP.EXE
O4 - HKLM\..\RunServices: [APIIT.EXE] C:\WINDOWS\APIIT.EXE
O4 - HKLM\..\RunServices: [SDKHK32.EXE] C:\WINDOWS\SDKHK32.EXE
O4 - HKLM\..\RunServices: [MSPZ.EXE] C:\WINDOWS\MSPZ.EXE
O4 - HKLM\..\RunServices: [MFCDF.EXE] C:\WINDOWS\MFCDF.EXE
O4 - HKLM\..\RunServices: [D3XV32.EXE] C:\WINDOWS\D3XV32.EXE
O4 - HKLM\..\RunServices: [NETCR32.EXE] C:\WINDOWS\NETCR32.EXE
O4 - HKLM\..\RunServices: [NTYJ32.EXE] C:\WINDOWS\NTYJ32.EXE
O4 - HKCU\..\Run: [Shic] C:\WINDOWS\Application Data\cota.exe
O4 - HKCU\..\Run: [Icymqlar] C:\WINDOWS\SYSTEM\gait.exe
O4 - Startup: Collegamento a PC Suite per Nokia 9210i Communicator.lnk = C:\Programmi\Nokia\PC Suite per Nokia 9210i Communicator\ConnectState.exe
O4 - Startup: Utilità di pianificazione di PC Suite per Nokia 9210i Communicator.lnk = C:\Programmi\Nokia\PC Suite per Nokia 9210i Communicator\ECTaskScheduler.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Corel Network monitor worker - {77061680-2DF7-11D9-8F8A-006008307F25} - C:\WINDOWS\SYSTEM\IEGFXFRW.DLL
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {77061680-2DF7-11D9-8F8A-006008307F25} - C:\WINDOWS\SYSTEM\IEGFXFRW.DLL
O9 - Extra button: Alice - {A72E6E40-58C1-11D8-8F89-E9C63F1CA00F} - http://gw.aliceadsl.it/alice (file missing) (HKCU)
O9 - Extra button: Corel Network monitor worker - {77061680-2DF7-11D9-8F8A-006008307F25} - C:\WINDOWS\SYSTEM\IEGFXFRW.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {77061680-2DF7-11D9-8F8A-006008307F25} - C:\WINDOWS\SYSTEM\IEGFXFRW.DLL (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://gw.aliceadsl.it/home
O15 - Trusted Zone: www.yeak.net
O15 - Trusted IP range: (HKLM)
O16 - DPF: {DDF44FD9-749F-4761-89BB-E8A59339E459} - http://akamai.downloadv3.com/binaries/L ... e_9_EN.cab
O16 - DPF: {1F3FCD0B-5FF5-7C19-2060-616117556753} - http://205.252.161.238/1/rdgIT1391.exe
O16 - DPF: {15320607-1001-1831-1000-118599957123} - ms-its:mhtml:file://C:\PATH.MHT!http://195.225.176.5//d//qxjteam//huyxuze//ruhvwtq//rytgqp//IT//arct.chm::/painter.exe
Grazie a tutti in anticipo