mi controllate il log per favore è urgente..grazie tante della vostra disponibilità e gentilezza..

Logfile of HijackThis v1.99.1
Scan saved at 11.21.09, on 30/05/2006
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SOINTGR.EXE
C:\PROGRAMMI\FILE COMUNI\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\PROGRAMMI\MCAFEE.COM\VSO\MCSHLD9X.EXE
C:\WINDOWS\CARPSERV.EXE
C:\PROGRAMMI\MCAFEE.COM\MPS\MSCIFAPP.EXE
C:\PROGRAMMI\MCAFEE.COM\VSO\OASCLNT.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAMMI\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAMMI\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAMMI\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAMMI\MCAFEE.COM\AGENT\MCTSKSHD.EXE
C:\PROGRAMMI\MCAFEE.COM\PERSONAL FIREWALL\MPFTRAY.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAMMI\MCAFEE\SPAMKILLER\MSKAGENT.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAMMI\MCAFEE\SPAMKILLER\MSKSRVR.EXE
C:\PROGRAMMI\SKYPE\PHONE\SKYPE.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\SLIDE\OFFICE\OSA.EXE
C:\PROGRAMMI\HELPEXPRESS\BIN\MPBTN.EXE
C:\PROGRAMMI\MCAFEE.COM\PERSONAL FIREWALL\MPFAGENT.EXE
C:\PROGRAMMI\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAMMI\MCAFEE.COM\VSO\MCMNHDLR.EXE
C:\PROGRAMMI\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.olidata.it
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.giustizia.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - C:\PROGRAMMI\MCAFEE.COM\MPS\POPUPKILLER.DLL
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - C:\PROGRAMMI\MCAFEE.COM\MPS\MCBRHLPR.DLL
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - C:\PROGRAMMI\MCAFEE\SPAMKILLER\MCAPFBHO.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\PROGRAMMI\MCAFEE.COM\VSO\MCVSSHL.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SO5 Integrator Pass Two] C:\WINDOWS\SOINTGR.EXE
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CDWCheckRubrica] C:\SEAT\CDItalia\Chkrub_cdi
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [MCTskShd] C:\PROGRA~1\MCAFEE.COM\AGENT\mctskshd.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\MCAFEE.COM\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MPSExe] C:\PROGRA~1\MCAFEE.COM\MPS\mscifapp.exe /embedding
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\MCAFEE\SPAMKI~1\MSKAGENT.EXE
O4 - HKLM\..\Run: [MSKServerExe] C:\Programmi\McAfee\SpamKiller\MSKSrvr.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\MCAFEE\SPAMKI~1\MSKDETCT.EXE /startup
O4 - HKLM\..\Run: [CleanUp] C:\PROGRA~1\MCAFEE.COM\SHARED\MCAPPINS.EXE /v=3 /cleanup
O4 - HKLM\..\RunServices: [SO5 Integrator Pass One] C:\WINDOWS\SOINTGR.EXE
O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\FILECO~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [McShld9x] C:\Programmi\McAfee.com\VSO\mcshld9x.exe
O4 - HKCU\..\Run: [Skype] "C:\PROGRAMMI\SKYPE\PHONE\SKYPE.EXE" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Startup: HELPExpress.lnk = C:\Programmi\HELPExpress\bin\matcli.exe
O4 - Startup: Avvio Office.lnk = C:\Slide\Office\OSA.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - C:\PROGRAMMI\MCAFEE\SPAMKILLER\MCAPFBHO.DLL
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - C:\PROGRAMMI\MCAFEE\SPAMKILLER\MCAPFBHO.DLL
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 151.99.125.2,151.99.250.2

Ciao ,
esegui queste operazioni

Disattiva il ripristino di configurazione, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=298&SH=N

Riavvia in modalità provvisoria, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=344&SH=N

apri HIJAC THIS ed elimina come indicato in questo articolo
http://www.aiutamici.com/software/descrizione.asp?CodSw=1175
le righe che seguono.

==================================
O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\FILECO~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
==================================

Con la funzione CERCA di Windows, cerca ed elimina questi file,
==================================
MOSEARCH.EXE
==================================


Vai a PANNELLO DI CONTROLLO e clicca su OPZIONI INTERNET
nella finestra che si apre clicca i tre pulsanti
ELIMINA COOKIES - ELIMINA FILE - CANCELLA CRONOOLOGIA

al termine utilizza i programmi AD-AWARE e SPYBOT indicati in questo articolo
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=388&SH=N

sempre in modalità provvisoria fai una scansione Antivirus

quindi riavvia il computer e controlla se il problema e risolto, se e tutto OK riattiva il ripristino configurazione disattivato all'inizio di questa procedura e crea un nuovo punto di ripristino

Fai una scansione antivirus on line da questo indirizzo
http://it.mcafee.com/root/mfs/default.asp

Nel sistema non é presente ne un Firewall, ne un Antivirus, probabilmente disattivati dal virus, se la scansione on line rileva virus ti consiglio di formattare il disco fisso e reinstallare tutto

Utilizza questo programma
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=1041

---

alfonso_aiutamici@hotmail.it