Posto il log di Hijackthis perchè non riesco a eliminare 1explorer... ho usato spyware terminator e ad-aware ma niente di fatto:( Spero che qualcuno mi possa aiutare, considerata la vostra immensa sapienza e bravura, nonchè gentilezza.

Logfile of HijackThis v1.99.1
Scan saved at 20.35.09, on 26/09/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://gw.alicebusiness.it/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.1987324.com/?301
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.1987324.com/?301
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice Business
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://192.168.1.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O1 - Hosts: 200.73.174.154 STORAGE.HOSTANCE.NET
O1 - Hosts: 200.73.174.154 STORAGE-TASP.COM
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {6CCF8D53-DBAF-E631-77B7-50DC7CE4A632} - C:\WINDOWS\vjtam1.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Programmi\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programmi\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Systems] C:\WINDOWS\System32\spoolsvc.exe
O4 - HKLM\..\Run: [MediaCtr] C:\WINDOWS\mediacon.exe -i
O4 - HKLM\..\Run: [ngcp2.exe] C:\WINDOWS\Temp\ngcp2.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Programmi\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: .protected
O4 - Global Startup: Magic Keyboard.lnk = C:\Programmi\Magic Keyboard\MagicKey.exe
O4 - Global Startup: Controllo dello stato.lnk = C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: .protected
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .2: C:\Programmi\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mpeg: C:\Programmi\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .tif: C:\Programmi\Internet Explorer\PLUGINS\npqtplugin5.dll
O14 - IERESET.INF: START_PAGE_URL=http://gw.alicebusiness.it/home
O15 - Trusted Zone: www.1987324.com
O15 - Trusted Zone: *.1987324.com
O15 - Trusted Zone: *.aflashcounter.com
O16 - DPF: {FBFF6F10-A2FC-9544-832F-A1F75A0501AE} - http://www.italian-toplist.com/cart/gs/gsa0129.exe
O16 - DPF: {FFFF0001-0001-101A-A3C9-08002B2F49FC} -
O20 - Winlogon Notify: -fftultpf - C:\WINDOWS\System32\orkabu.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: MpService - Canon Inc - C:\Programmi\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: UpdSxa - Unknown owner - \\?\C:\Programmi\File comuni\Services\com4.exe (file missing)

Guarda che non hai postato tutto il log, manca la prima parte.
I log inoltre vanno postati qui
http://www.hwupgrade.it/forum/showthread.php?t=937676

Intanto fixa questi
R3 - Default URLSearchHook is missing
O1 - Hosts: 200.73.174.154 STORAGE.HOSTANCE.NET
O1 - Hosts: 200.73.174.154 STORAGE-TASP.COM
O2 - BHO: Class - {6CCF8D53-DBAF-E631-77B7-50DC7CE4A632} - C:\WINDOWS\vjtam1.dll (file missing)
O4 - HKLM\..\Run: [Systems] C:\WINDOWS\System32\spoolsvc.exe
O4 - HKLM\..\Run: [MediaCtr] C:\WINDOWS\mediacon.exe -i
O4 - HKLM\..\Run: [ngcp2.exe] C:\WINDOWS\Temp\ngcp2.exe
O4 - Startup: .protected
O4 - Global Startup: .protected
O15 - Trusted Zone: www.1987324.com
O15 - Trusted Zone: *.1987324.com
O15 - Trusted Zone: *.aflashcounter.com
O16 - DPF: {FFFF0001-0001-101A-A3C9-08002B2F49FC} -
O20 - Winlogon Notify: -fftultpf - C:\WINDOWS\System32\orkabu.dll (file missing)
O23 - Service: UpdSxa - Unknown owner - \\?\C:\Programmi\File comuni\Services\com4.exe (file missing)

Manca l'Sp2, devi installarlo.

Leggi la guida in rilievo di eraser
http://www.hwupgrade.it/forum/showthread.php?t=1142673
e dopo aver effettuato le operazioni li consigliate riposta un log di hijackthis completo nell'altro topic che ti ho indicato.

Chiedo scusa per lo sbaglio sezione. Riguardo al log ho postato il log che ha salvato Hijackthis, ma sicuramente ho sbagliato. Grazie, fixo e riposto. Cordialissimi saluti.

Ho postato il log dove mi hai linkato, ma è stato cancellato. Lo riposto quì, non so che fare. In tutti i modi, ho fixato quello che mi hai detto, ho fatto lo scanner co ewido, ma mi dice "something bad happens ... e non mi fa cancellare i trojan che ha trovato. Non so perchè mi và in errore, devo andare a leggere i threads.
P.S. sto postando il file che salva Hijackthis 1.99 quando seleziono scan and save file.

Logfile of HijackThis v1.99.1
Scan saved at 20.38.32, on 27/09/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://gw.alicebusiness.it/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.1987324.com/?301
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.1987324.com/?301
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice Business
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://192.168.1.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {6CCF8D53-DBAF-E631-77B7-50DC7CE4A632} - C:\WINDOWS\vjtam1.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Programmi\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programmi\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Programmi\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: .protected
O4 - Global Startup: Magic Keyboard.lnk = C:\Programmi\Magic Keyboard\MagicKey.exe
O4 - Global Startup: Controllo dello stato.lnk = C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: .protected
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .2: C:\Programmi\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mpeg: C:\Programmi\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .tif: C:\Programmi\Internet Explorer\PLUGINS\npqtplugin5.dll
O14 - IERESET.INF: START_PAGE_URL=http://gw.alicebusiness.it/home
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe
O23 - Service: MpService - Canon Inc - C:\Programmi\Canon\MultiPASS4\MPSERVIC.EXE

Ho postato il log dove mi hai linkato, ma è stato cancellato.
non è stato cancellato ;)

Ok, ma non trovo il mio post. Potresti dirmi dov'è? Grazie ancora delle cortesi risposte.

Ok, ma non trovo il mio post. Potresti dirmi dov'è? Grazie ancora delle cortesi risposte.
lo trovi nell'ultima pagina del thread su hjackthis,sezione thread ufficiali