Crazy.cat.
Ho fatto come mi hai detto. Mi puoi suggerire quale o quali file, secondo te, sono da eliminare, come fare per eliminarli e suggerirmi il miglio modo di procedere?
Grazie per il consueto aiuto.
Ciao e grazie.
P.S. Dato che ho difficoltà a mandare il file, lo trascrivo qui sotto con il copia e incolla.
Logfile of HijackThis v1.99.0
Scan saved at 13.59.15, on 17/02/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAMMI\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAMMI\MICROSOFT HARDWARE\KEYBOARD\SPEEDKEY.EXE
C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\NVSVCA32.EXE
C:\WINDOWS\SYSTEM\E_S5I0B1.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAMMI\EPSON\EPSON CARDMONITOR\EPSON CARDMONITOR1.2.EXE
C:\PROGRAMMI\TELECOM ITALIA MEDIA\FAST 800-840 TIN.IT\DSLMON.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMMI\HELPEXPRESS\BIN\MPBTN.EXE
C:\PROGRAMMI\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.virgilio.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAMMI\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAMMI\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLL
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Microsoft IntelliType Pro] "C:\Programmi\Microsoft Hardware\Keyboard\speedkey.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb05.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\SYSTEM\E_S5I0B1.EXE /P26 "EPSON Stylus CX3600 Series" /O5 "LPT1:" /M "Stylus CX3600"
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [sssasasb32] C:\WINDOWS\sssasasb32.exe
O4 - HKLM\..\Run: [nvsvca32] C:\WINDOWS\nvsvca32.exe
O4 - HKLM\..\Run: [SheduIer] C:\WINDOWS\msexploren.exe /i
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\PROGRAMMI\ATI MULTIMEDIA\MAIN\LAUNCHPD.EXE"
O4 - HKCU\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\SYSTEM\E_S5I0B1.EXE /P26 "EPSON Stylus CX3600 Series" /M "Stylus CX3600" /EF "HKCU"
O4 - Startup: EPSON CardMonitor.lnk = C:\Programmi\epson\EPSON CardMonitor\EPSON CardMonitor1.2.exe
O4 - Startup: DSLMON.lnk = C:\Programmi\Telecom Italia Media\Fast 800-840 Tin.it\dslmon.exe
O4 - Startup: HELPExpress.lnk = C:\Programmi\HELPExpress\bin\matcli.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} -
http://deposito.hostance.net/dialer/1056270.exe
O16 - DPF: {11111111-1111-1111-1111-111191113457} -
file://c:\ied_s7.cab
O16 - DPF: {11111111-1111-1111-1111-611111193458} -
file://c:\wx.cab