Ciò che mi succede è una specie di popup che ogni tanto compare mentre sto navigando. Ciò che compare in realtà non è un vero e proprio popup, perché entra a far parte della schermata di IE che sto visualizzando. E' un rettangolo a sfondo nero che contiene scritte verdi...Dice di fre una scansione del mio sistema...Quando finisce dice che sono appestato da malware e vari...
Inoltre saltuariamente compare anche una barra di colore blu che si posiziona sul fondo dello schermo e mi da link verso aiu, virus, hp, mini ed altre cose...Tutte seguite da una icona con scritto New
Spero vediate l'immagine allegata.
Logfile of HijackThis v1.99.0
Scan saved at 11.59.20, on 05/01/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\PROGRAMMI\FILE COMUNI\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAMMI\NORTON ANTIVIRUS\ADVTOOLS\NPROTECT.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAMMI\CREATIVE\LAUNCHER\CTLAUNCHER.EXE
C:\PROGRAMMI\CREATIVE\SBLIVE\AUDIOHQ\AHQTB.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAMMI\ACD SYSTEMS\DEVDETECT\DEVDETECT.EXE
C:\WINDOWS\APPLICATION DATA\COTA.EXE
C:\WINDOWS\SYSTEM\GAIT.EXE
C:\PROGRAMMI\NOKIA\PC SUITE PER NOKIA 9210I COMMUNICATOR\CONNECTSTATE.EXE
C:\PROGRAMMI\NOKIA\PC SUITE PER NOKIA 9210I COMMUNICATOR\ECTASKSCHEDULER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMMI\NOKIA\PC SUITE PER NOKIA 9210I COMMUNICATOR\BROADCASTPROXY.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\MIRC\MIRC.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAMMI\EMULE\EMULE.EXE
C:\WINDOWS\TEMP\HKOP.DAT
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://
R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = http://
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\ejpvc.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ejpvc.dll/sp.html#29126
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.seekfast.f2s.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {5FE6FB84-7685-9F29-EC94-E255A85850C4} - C:\WINDOWS\SYSTEM\OADAPAK.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Creative Launcher] C:\Programmi\Creative\Launcher\CTLauncher.EXE
O4 - HKLM\..\Run: [AudioHQ] C:\Programmi\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [HyCD Drive Splash] C:\PROGRA~1\HYCD\HYCDPL~1\Play&Record.exe /s
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\ADVTOOLS\ADVCHK.EXE
O4 - HKLM\..\Run: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [voxildpn] C:\WINDOWS\SYSTEM\vchwnx.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -off
O4 - HKLM\..\Run: [qhuryx] C:\WINDOWS\qhuryx.exe
O4 - HKLM\..\Run: [AT-Watch] C:\Programmi\Anti-Trojan-55\ATWatch.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Programmi\File comuni\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [ADDJN32.EXE] C:\WINDOWS\ADDJN32.EXE
O4 - HKLM\..\RunServices: [IPEJ32.EXE] C:\WINDOWS\IPEJ32.EXE
O4 - HKLM\..\RunServices: [NTEP.EXE] C:\WINDOWS\NTEP.EXE
O4 - HKLM\..\RunServices: [APIIT.EXE] C:\WINDOWS\APIIT.EXE
O4 - HKLM\..\RunServices: [SDKHK32.EXE] C:\WINDOWS\SDKHK32.EXE
O4 - HKLM\..\RunServices: [MSPZ.EXE] C:\WINDOWS\MSPZ.EXE
O4 - HKLM\..\RunServices: [MFCDF.EXE] C:\WINDOWS\MFCDF.EXE
O4 - HKLM\..\RunServices: [D3XV32.EXE] C:\WINDOWS\D3XV32.EXE
O4 - HKLM\..\RunServices: [NETCR32.EXE] C:\WINDOWS\NETCR32.EXE
O4 - HKLM\..\RunServices: [NTYJ32.EXE] C:\WINDOWS\NTYJ32.EXE
O4 - HKCU\..\Run: [Shic] C:\WINDOWS\Application Data\cota.exe
O4 - HKCU\..\Run: [Icymqlar] C:\WINDOWS\SYSTEM\gait.exe
O4 - Startup: Collegamento a PC Suite per Nokia 9210i Communicator.lnk = C:\Programmi\Nokia\PC Suite per Nokia 9210i Communicator\ConnectState.exe
O4 - Startup: Utilità di pianificazione di PC Suite per Nokia 9210i Communicator.lnk = C:\Programmi\Nokia\PC Suite per Nokia 9210i Communicator\ECTaskScheduler.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Corel Network monitor worker - {77061680-2DF7-11D9-8F8A-006008307F25} - C:\WINDOWS\SYSTEM\IEGFXFRW.DLL
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {77061680-2DF7-11D9-8F8A-006008307F25} - C:\WINDOWS\SYSTEM\IEGFXFRW.DLL
O9 - Extra button: Alice - {A72E6E40-58C1-11D8-8F89-E9C63F1CA00F} - http://gw.aliceadsl.it/alice (file missing) (HKCU)
O9 - Extra button: Corel Network monitor worker - {77061680-2DF7-11D9-8F8A-006008307F25} - C:\WINDOWS\SYSTEM\IEGFXFRW.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {77061680-2DF7-11D9-8F8A-006008307F25} - C:\WINDOWS\SYSTEM\IEGFXFRW.DLL (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://gw.aliceadsl.it/home
O15 - Trusted Zone: www.yeak.net
O15 - Trusted IP range: (HKLM)
O16 - DPF: {DDF44FD9-749F-4761-89BB-E8A59339E459} - http://akamai.downloadv3.com/binaries/L ... e_9_EN.cab
O16 - DPF: {1F3FCD0B-5FF5-7C19-2060-616117556753} - http://205.252.161.238/1/rdgIT1391.exe
O16 - DPF: {15320607-1001-1831-1000-118599957123} - ms-its:mhtml:file://C:\PATH.MHT!http://195.225.176.5//d//qxjteam//huyxuze//ruhvwtq//rytgqp//IT//arct.chm::/painter.exe
Grazie a tutti in anticipo