da qualche tempo si è installata una colonia di virus all'interno del mio hard disk e non riesco a stanarli...mi date voi una mano contro questi esseri immondi??? grazie...

Logfile of HijackThis v1.99.1
Scan saved at 11.14.00, on 03/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.gooogle.bz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O1 - Hosts: 200.73.174.154 STORAGE.HOSTANCE.NET
O1 - Hosts: 200.73.174.154 STORAGE-TASP.COM
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_02\bin\jusched.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TrojanScanner] C:\Programmi\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [fix] C:\WINDOWS\system32\cefalo.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ScaricaMP3] C:\Documents and Settings\Administrator\Dati applicazioni\ScaricaMP3[1].exe t
O4 - HKCU\..\Run: [Microsoft Security] C:\WINDOWS\system32\msantivir.exe
O4 - HKCU\..\Run: [idrocefalo.exe] C:\WINDOWS\system32\idrocefalo.exe
O4 - Startup: Posta elettronica.lnk = ?
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: www.acquadirose.com
O15 - Trusted Zone: www.cisiamodibrutto.com
O15 - Trusted Zone: www.cywanstorage.biz
O15 - Trusted Zone: www.forteforte.com
O15 - Trusted Zone: www.gooogle.bz
O15 - Trusted Zone: www.playmore.biz
O15 - Trusted Zone: www.preferiti-windows.com
O15 - Trusted Zone: www.ricercadoppia.com
O15 - Trusted Zone: www.tuttaqualita.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {381E86E3-E7CE-46FC-BA2C-E83D3B6E4309} - http://www.cywanstorage.biz/WWE/Catto.exe
O16 - DPF: {64F2AAC0-5677-4B53-99D0-E0CB73E7C95C} (SmartCardReader.UCSmartCardReader) - https://reseller.indexpoint.it/DWL/SmartCardReader.cab
O16 - DPF: {84F7129F-9451-4202-B2F9-929F047FC126} - http://www.what-you-want.biz/idro.exe
O16 - DPF: {8838BDA8-9C2E-480C-8926-3104C642D7E4} - http://www.gooogle.bz/cywtr.exe
O16 - DPF: {8D7D6D73-8BC2-488A-A035-64D708FC038F} - http://www.cywanstorage.biz/LNKSHR/Checkout.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {96966B7C-CA72-4928-895B-1C2F0E5302A9} - http://www.cywanstorage.biz/CXDF2/pialla.exe
O16 - DPF: {9F5BB9E1-31AE-4A13-8734-15CED0F60A3D} - http://www.gooogle.bz/lateshow.cab
O16 - DPF: {C470A05D-3001-4836-9E5E-ACBD12159691} (SmartCardReader.UCSmartCardReader) - https://reseller.indexpoint.it/dwl/SmartCardReader.cab
O16 - DPF: {EC52F7A4-27A7-4319-9BA1-E7FE5C90D3AC} - http://td8eau9td.com/ab98ec65/50310/1/xp/FreeAccess.ocx
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe

Ciao ,
esegui queste operazioni

Disattiva il ripristino di configurazione, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=257&SH=N

Riavvia in modalità provvisoria, leggi qui come fare
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=344&SH=N

Vai a PANNELLO DI CONTROLLO e clicca su OPZIONI INTERNET
nella finestra che si apre clicca i tre pulsanti
ELIMINA COOKIES - ELIMINA FILE - CANCELLA CRONOOLOGIA
poi clicca il pulsante PAGINA PREDEFINITA e su OK

utilizza i programmi AD-AWARE e SPYBOT indicati in questo articolo
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=388&SH=N

sempre in modalità provvisoria fai una scansione Antivirus

quindi riavvia il computer e controlla se il problema e risolto, se e tutto OK riattiva il ripristino configurazione disattivato all'inizio di questa procedura e crea un nuovo punto di ripristino, leggi qui alla voce 8
http://www.aiutamici.com/software/view.asp?tipo=home&CodSw=170&SH=N

Fai una scansione antivirus on line da questo indirizzo
http://security.symantec.com/sscv6/default.asp?productid=globalsites&langid=it&venid=sym

Se la scansione antivirus on line rileva ancora virus, ti consiglio di formattare il disco fisso e reinstallare tutto.


Per quanto riguarda gli spyware, inserisci nuovamente il log DA FARE IN AVVIO NORMALE e non in modalità provvisoria.

---

Collaboratore Aiutamici