Scusate la mia ignoranza ma mi sta capitando questa cosa strana il monitor di punto in bianco si spegne..soprattutto appena acceso, inoltre si aprono finestre a non finire di internet non richieste, non ho idea se le due cose possano esserer legate in qualche modo.
ho provato a leggere dei topic ma non ho trovato niente di simile.
vi allego il log se poteste darmi una mano
grazie
Logfile of HijackThis v1.99.0
Scan saved at 12.32.30, on 09/02/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DSLAGENT.EXE
C:\Programmi\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Documents and Settings\customer\Dati applicazioni\sgrunt\IE4321.exe
C:\Programmi\Messenger\msmsgs.exe
C:\WINDOWS\System32\windll32.exe
C:\WINDOWS\System32\windllsys32.exe
C:\WINDOWS\System32\winxpdll32.exe
C:\Documents and Settings\customer\Dati applicazioni\usnt.exe
C:\WINDOWS\System32\arpa.exe
C:\Programmi\StickyNote\StickyNote.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\taskmgr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\customer\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://mssearch4u.com/index.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\pirwj.dll/sp.html#35273
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\pirwj.dll/sp.html#35273
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.royalsearch.net/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.searchv.com/1/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.searchv.com/5/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://mssearch4u.com/sp.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.searchv.com/1/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://mssearch4u.com/index.htm
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: (no name) - {168DA9B8-3504-64A9-7006-3AB6006EF6C2} - C:\WINDOWS\System32\hkv.dll
O2 - BHO: (no name) - {1B07E071-1A11-FC7D-FF80-D4606785FD59} - C:\WINDOWS\syspc32.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] DSLAGENT.EXE USB
O4 - HKLM\..\Run: [CamMonitor] C:\Programmi\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [eMailEncryption] C:\PROGRA~1\ACCELE~1\VELOZD~1\velozsys.exe runstart
O4 - HKLM\..\Run: [7.tmp] C:\DOCUME~1\customer\IMPOST~1\Temp\7.tmp.exe 2 10001
O4 - HKLM\..\Run: [tqpcn] C:\WINDOWS\tqpcn.exe
O4 - HKLM\..\Run: [Admilli Service] C:\Program Files\Admilli Service\AdmilliServ.exe
O4 - HKLM\..\Run: [Windows ServeAd] C:\Program Files\Windows ServeAd\WinServAd.exe
O4 - HKLM\..\Run: [Olympic] C:\Documents and Settings\customer\Dati applicazioni\sgrunt\IE4321.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [windll32.exe] C:\WINDOWS\System32\windll32.exe
O4 - HKCU\..\Run: [windllsys32.exe] C:\WINDOWS\System32\windllsys32.exe
O4 - HKCU\..\Run: [winxpdll32.exe] C:\WINDOWS\System32\winxpdll32.exe
O4 - HKCU\..\Run: [Ouce] C:\Documents and Settings\customer\Dati applicazioni\usnt.exe
O4 - HKCU\..\Run: [Rudwlhr] C:\WINDOWS\System32\arpa.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Collegamento a StickyNote.lnk = C:\Programmi\StickyNote\StickyNote.exe
O4 - Global Startup: Command WorkStation.lnk = C:\Programmi\Fiery\CStation\cstation.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: http://www.master69.biz
O15 - Trusted Zone: http://www.sgrunt.biz
O15 - Trusted Zone: http://www.yeak.net
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O16 - DPF: {04365000-DFC6-11D3-B2BB-00105AE309D0} (/Quercia TLQJ 2000-Quercia) - https://cbi.tecmarket.it/ibbj/common/TlqJ2kQrc.cab
O16 - DPF: {13083D70-37BD-11D4-B315-00508B6D3B87} (/Quercia TLQJ 2000-QF24) - https://cbi.tecmarket.it/ibbj/common/TlqJ2kQF.cab
O16 - DPF: {22222222-2222-2222-2222-222222222222} - file://c:\x.cab
O16 - DPF: {2A5C1DD0-DFC5-11D3-B2BB-00105AE309D0} (/Quercia TLQJ 2000-Other) - https://cbi.tecmarket.it/ibbj/common/TlqJ2kOth.cab
O16 - DPF: {5140EE10-DFC4-11D3-B2BB-00105AE309D0} (/Quercia TLQJ 2000-Image) - https://cbi.tecmarket.it/ibbj/it/TlqJ2kImg.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (Damage Cleanup Server Control) - http://213.158.72.33/housecall/xscan53.cab
O16 - DPF: {9389EFC0-3B78-482E-9974-6A365C571126} (/Quercia TLQJ 2000-TabF24) - https://cbi.tecmarket.it/ibbj/common/TlqJ2kTabF.cab
O16 - DPF: {B1738950-DFC5-11D3-B2BB-00105AE309D0} (/Quercia TLQJ 2000-QCbi) - https://cbi.tecmarket.it/ibbj/common/TlqJ2kQCb.cab
O16 - DPF: {CB572CC0-E5F9-11D3-B2C1-00105AE309D0} (/Quercia TLQJ 2000-QData) - https://cbi.tecmarket.it/ibbj/common/TlqJ2kQDt.cab
O16 - DPF: {D8A8A7F1-53EF-41F2-B44D-F3E2E595DC27} - ms-its:mhtml:file://C:\MAIN.MHT!http://69.50.163.248/328//main.chm::/update.exe
O18 - Filter: text/html - {20C3EF96-7175-46CF-9E85-2CC0B1CE66D5} - C:\Documents and Settings\customer\Impostazioni locali\Dati applicazioni\microsoft\internet explorer\V0.26.dat
O21 - SSODL: eplrr - {BEB48BA6-7640-4117-A625-AAC3EECF9C19} - C:\WINDOWS\System32\eplrr3.dll
O23 - Service: Network Security Service - Unknown - C:\WINDOWS\atldn.exe (file missing)