Ciao, grazie mille per quello che hai fatto finora... ho scaricato sia Spyware blaster che Hijackthis... Allora per quanto riguarda Spywareblaster ho schiacciato su enable, ma non so come si usa poi... cioè, quando lo apro compare una schermata dove c'è scritto che 0 items have protection disabled (di fianco all'icona tipo di explorer e di un bloc notes), ma per il resto non so come muovermi con questo software... Per quanto riguarda il secondo questo è il log (non ho eliminato né fatto niente, solo lo scan e ho creato il log)...
Logfile of HijackThis v1.97.7
Scan saved at 19.26.51, on 25/06/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)
Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMSTASK.EXE
C:WINDOWSSYSTEMMDM.EXE
G:TRENDPCCIOMON.EXE
C:WINDOWSSYSTEMWINUPD.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:WINDOWSSYSTEMATIPTAAA.EXE
C:PROGRAMMIWINAMPWINAMPA.EXE
C:PROGRAMMIREALREALPLAYERREALPLAY.EXE
C:PROGRAMMIREALREALJUKEBOXTSYSTRAY.EXE
G:TRENDPOP3TRAP.EXE
G:TRENDWEBTRAP.EXE
C:WINDOWSSYSTEMSTIMON.EXE
C:WINDOWSHELPW.EXE
C:PROGRAMMIDSBDSB.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
G:PROGRAMMIDAPDAP.EXE
C:WINDOWSNOTEPAD.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSDESKTOPHIJACKTHIS.EXE
R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchURL =
http://searchbar.findthewebsiteyouneed.com/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://searchbar.findthewebsiteyouneed.com/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://searchbar.findthewebsiteyouneed.com/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://searchbar.findthewebsiteyouneed.com/
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
http://searchbar.findthewebsiteyouneed.com/
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) =
http://www.searchwww.com/search.cgi?s=%s
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Collegamenti
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,SearchAssistant =
http://searchbar.findthewebsiteyouneed.com/
F1 - win.ini: run=hpfsched
O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - G:PROGRAMMIDAPDAPBHO.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [ATIGART] c:atigartatigart.exe
O4 - HKLM..Run: [AtiPTA] Atiptaaa.exe
O4 - HKLM..Run: [NewsUpd] C:ProgrammiCreativeNewsNewsUpd.EXE /q
O4 - HKLM..Run: [IOMON98.EXE] "C:ProgrammiTrend PC-cillin 98IOMON98.EXE"
O4 - HKLM..Run: [WinampAgent] "C:PROGRAMMIWINAMPWINAMPa.exe"
O4 - HKLM..Run: [RealTray] C:ProgrammiRealRealPlayerRealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM..Run: [RealJukeboxSystray] "C:PROGRAMMIREALREALJUKEBOX systray.exe"
O4 - HKLM..Run: [PCCIOMON.EXE] g:TrendPCCIOMON.EXE
O4 - HKLM..Run: [pop3trap.exe] g:Trendpop3trap.exe
O4 - HKLM..Run: [WebTrap.exe] g:TrendWebTrap.exe
O4 - HKLM..Run: [DXM6Patch_981116] C:WINDOWSp_981116.exe /Q:A
O4 - HKLM..Run: [WhenUSave] C:PROGRA~1SAVESave.exe
O4 - HKLM..Run: [StillImageMonitor] C:WINDOWSSYSTEMSTIMON.EXE
O4 - HKLM..Run: [helpw] "helpw.exe"
O4 - HKLM..Run: [DSB] C:ProgrammiDSBDSB.exe
O4 - HKLM..Run: [RegCompres] C:WINDOWSSYSTEMREGCPM32.EXE
O4 - HKLM..Run: [MSStartOptimizer] C:WINDOWSSYSTEMWINUPD.EXE
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [SchedulingAgent] C:WINDOWSSYSTEMmstask.exe
O4 - HKLM..RunServices: [Machine Debug Manager] C:WINDOWSSYSTEMMDM.EXE
O4 - HKLM..RunServices: [IOMON98.EXE] "C:ProgrammiTrend PC-cillin 98IOMON98.EXE"
O4 - HKLM..RunServices: [PCCIOMON.EXE] g:TrendPCCIOMON.EXE
O4 - HKLM..RunServices: [MSStartOptimizer] C:WINDOWSSYSTEMWINUPD.EXE
O4 - HKLM..RunServices: [RegCompres] C:WINDOWSSYSTEMREGCPM32.EXE
O8 - Extra context menu item: &Download with &DAP - G:PROGRA~1DAPdapextie.htm
O8 - Extra context menu item: Download &all with DAP - G:PROGRA~1DAPdapextie2.htm
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Run DAP (HKLM)
O9 - Extra button: Umail (HKCU)
O12 - Plugin for .mid: C:PROGRA~1INTERN~1PLUGINS
pvmidi.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/italy/start
O14 - IERESET.INF: MS_START_PAGE_URL=http://www.microsoft.com/italy/start
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shoc ... wflash.cab
Grazie comunque per ora!!!