no,devi cliccare start,esegui,nella finestra che si apre digitare "notepad.exe"(senza virgolette)cliccare su "ok"e sul foglio del blocknotes che ti appare incollare cio' che ti ha preparato r16,e seguire tutte le sue istruzioni.

Ah dimenticavo! Ieri dopo aver fatto la scansione con Combofix il pc si è bloccato di nuovo

R16 ha scritto:

Apri un file di testo sul Desktop (start\esegui\digita: notepad.exe e poi clicca Ok
Ci incolli il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente con il nome CFScript

Code:
File::
c:\windows\system32\WFXSNT40.EXE

Folder::
C:\AVGTemp
c:\programmi\IObit
c:\programmi\AVG

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFaxAppPortStarter]

e trascinalo sull'icona di ComboFix.
Attendi la fine dei lavori, senza toccare tastiera, mouse o altro.
Posta il log aggiornato di combofix


ComboFix 10-02-07.07 - Desk 09/02/2010 16.48.12.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.511.165 [GMT 1:00]
Eseguito da: c:\documents and settings\Desk\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\Desk\Desktop\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00000002-0002-0000-7C25-9E7C08000A00}

FILE ::
"c:\windows\system32\WFXSNT40.EXE"
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\AVGTemp
c:\avgtemp\reset_access_avg9_it\7za.exe
c:\avgtemp\reset_access_avg9_it\definitions.txt
c:\avgtemp\reset_access_avg9_it\info.bat
c:\avgtemp\reset_access_avg9_it\permavg.7z
c:\avgtemp\reset_access_avg9_it\permavg\avg9inst_2010-01-19_17-11.xml
c:\avgtemp\reset_access_avg9_it\permavg\avg9inst_2010-01-19_17-13.xml
c:\avgtemp\reset_access_avg9_it\permavg\Davg9inst_2010-01-19_17-11.log
c:\avgtemp\reset_access_avg9_it\permavg\Davg9inst_2010-01-19_17-13.log
c:\avgtemp\reset_access_avg9_it\permavg\Iavg9inst_2010-01-19_17-11.log
c:\avgtemp\reset_access_avg9_it\permavg\Iavg9inst_2010-01-19_17-13.log
c:\avgtemp\reset_access_avg9_it\permavg\permavg.log
c:\avgtemp\reset_access_avg9_it\permavg\tasklist.log
c:\avgtemp\reset_access_avg9_it\readme.txt
c:\avgtemp\reset_access_avg9_it\reset_access.bat
c:\avgtemp\reset_access_avg9_it\subinacl.exe
c:\programmi\AVG
c:\programmi\AVG\AVG8\cfg\mail.cfg
c:\programmi\AVG\AVG9\setup.dat
c:\programmi\AVG\AVG9\setup.exe
c:\programmi\AVG\AVG9\setupit.lns
c:\programmi\AVG\AVG9\setupus.lns
c:\programmi\IObit
c:\programmi\IObit\Advanced SystemCare 3\License.dat
c:\programmi\IObit\Advanced SystemCare 3\UpdateLog.txt
c:\windows\system32\WFXSNT40.EXE

.
((((((((((((((((((((((((( Files Creati Da 2010-01-09 al 2010-02-09 )))))))))))))))))))))))))))))))))))
.

2010-02-07 12:22 . 2010-02-07 12:45 37888 ----a-w- c:\windows\system32\setupnt.dll
2010-02-07 12:22 . 2010-02-07 12:45 28928 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2010-02-07 12:22 . 2010-02-07 12:45 213888 ----a-w- c:\windows\system32\drivers\timntr.sys
2010-02-07 12:22 . 2010-02-07 12:45 82464 ----a-w- c:\windows\system32\drivers\snapman.sys
2010-02-07 12:22 . 2010-02-07 12:45 126976 ----a-w- c:\windows\system32\snapapi.dll
2010-02-07 12:21 . 2010-02-07 12:21 -------- d-----w- c:\programmi\File comuni\Acronis
2010-02-07 12:21 . 2010-02-07 12:21 -------- d-----w- c:\programmi\Acronis
2010-02-05 16:21 . 2010-02-05 16:21 -------- d-----w- c:\programmi\Trend Micro
2010-02-05 12:18 . 2010-02-05 12:18 -------- d-----w- c:\documents and settings\Desk\Dati applicazioni\Auslogics
2010-02-05 12:18 . 2010-02-05 12:18 -------- d-----w- c:\programmi\Auslogics
2010-02-04 16:02 . 2010-02-04 16:02 6144 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator\sp_rsdel.exe
2010-02-04 16:02 . 2010-02-04 16:02 5632 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator\fileobjinfo.sys
2010-02-04 16:02 . 2010-02-04 16:02 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-02-04 16:02 . 2010-02-08 17:18 -------- d-----w- c:\documents and settings\Desk\Dati applicazioni\Spyware Terminator
2010-02-04 16:01 . 2010-02-09 10:21 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator
2010-02-04 16:01 . 2010-02-07 13:06 -------- d-----w- c:\programmi\Spyware Terminator
2010-02-04 11:38 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-04 11:38 . 2010-02-04 11:38 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-02-04 11:38 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-19 18:15 . 2009-11-25 10:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-01-19 18:15 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-01-19 18:15 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-01-19 18:15 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-01-19 18:15 . 2010-01-19 18:15 -------- d-----w- c:\programmi\Avira
2010-01-19 18:15 . 2010-01-19 18:15 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2010-01-14 12:01 . 2010-01-14 12:01 -------- d-----w- c:\documents and settings\Desk\Dati applicazioni\Malwarebytes
2010-01-14 12:01 . 2010-01-14 12:01 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-01-14 10:56 . 2010-01-14 10:56 -------- d-----w- c:\programmi\TrendMicro
2010-01-14 10:53 . 2010-01-17 12:52 -------- d-----w- C:\HijackThis

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-08 19:03 . 2009-03-16 17:41 -------- d-----w- c:\documents and settings\Desk\Dati applicazioni\gtk-2.0
2010-01-20 16:18 . 2009-03-29 12:58 -------- d-----w- c:\programmi\Microsoft Silverlight
2010-01-19 18:18 . 2010-01-21 16:38 594296 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aescript.dll
2010-01-19 18:18 . 2010-01-21 16:38 127348 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aescn.dll
2010-01-19 18:18 . 2010-01-21 16:38 479605 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aerdl.dll
2010-01-19 18:18 . 2010-01-21 16:38 422262 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aepack.dll
2010-01-19 18:18 . 2010-01-21 16:38 2232695 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aeheur.dll
2010-01-19 18:18 . 2010-01-21 16:38 237942 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aehelp.dll
2010-01-19 18:18 . 2010-01-21 16:38 369014 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aegen.dll
2010-01-19 18:18 . 2010-01-21 16:38 184693 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Avira\AntiVir Desktop\FAILSAVE\aecore.dll
2010-01-18 12:10 . 2009-12-19 10:17 -------- d-----w- c:\documents and settings\Desk\Dati applicazioni\HpUpdate
2010-01-10 15:55 . 2010-01-10 15:55 -------- d-----w- c:\programmi\VIA Technologies, Inc
2010-01-05 10:39 . 2008-11-11 09:45 90800 ----a-w- c:\documents and settings\Desk\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-01-05 09:53 . 2003-04-08 12:00 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 09:53 . 2008-11-11 09:32 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:53 . 2003-04-08 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-23 22:04 . 2009-12-20 18:07 -------- d-----w- c:\programmi\WinDS PRO
2009-12-19 10:18 . 2008-11-15 13:31 -------- d-----w- c:\programmi\HP
2009-12-13 11:56 . 2009-12-13 11:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\IObit
2009-12-10 09:47 . 2003-04-08 12:00 80730 ----a-w- c:\windows\system32\perfc010.dat
2009-12-10 09:47 . 2003-04-08 12:00 482354 ----a-w- c:\windows\system32\perfh010.dat
2009-11-24 09:12 . 2009-11-24 09:12 152576 ----a-w- c:\documents and settings\Desk\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-24 09:11 . 2009-11-23 13:12 79488 ----a-w- c:\documents and settings\Desk\Dati applicazioni\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-21 15:54 . 2003-04-08 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-15 13:07 . 2009-11-15 13:07 2232 ----a-w- c:\windows\java\Packages\Data\J5VN9V9Z.DAT
2009-11-15 13:07 . 2009-11-15 13:07 155995 ----a-w- c:\windows\java\Packages\9NRHJDJJ.ZIP
2009-11-15 13:07 . 2009-11-15 13:07 2678 ----a-w- c:\windows\java\Packages\Data\MNJP3J35.DAT
2009-11-15 13:07 . 2009-11-15 13:07 2678 ----a-w- c:\windows\java\Packages\Data\SLJHZBHV.DAT
2009-11-15 13:07 . 2009-11-15 13:07 2678 ----a-w- c:\windows\java\Packages\Data\8EYZJR1V.DAT
2009-11-15 13:07 . 2009-11-15 13:07 2678 ----a-w- c:\windows\java\Packages\Data\FTR3J5F7.DAT
2009-11-15 13:07 . 2009-11-15 13:07 2678 ----a-w- c:\windows\java\Packages\Data\1FFN97HV.DAT
.

((((((((((((((((((((((((((((( SnapShot@2010-02-08_17.12.41 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-09 15:27 . 2010-02-09 15:27 16384 c:\windows\temp\Perflib_Perfdata_ac.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"SpywareTerminatorUpdate"="c:\programmi\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-02-04 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CARPService"="carpserv.exe" [2001-12-23 4608]
"HP Software Update"="c:\programmi\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"PE2CKFNT SE"="c:\programmi\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe" [1998-07-03 25088]
"D-Link AirPlus G"="c:\programmi\D-Link\AirPlus G\AirGCFG.exe" [2006-11-17 1552384]
"ANIWZCS2Service"="c:\programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2006-06-29 49152]
"Google Quick Search Box"="c:\programmi\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-12 122368]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SpywareTerminator"="c:\programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2010-02-04 2166784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2005-12-15 282624]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Photo Express Calendar Checker SE.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Photo Express Calendar Checker SE.lnk
backup=c:\windows\pss\Photo Express Calendar Checker SE.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Desk^Menu Avvio^Programmi^Esecuzione automatica^CTI Tray Icon.lnk]
path=c:\documents and settings\Desk\Menu Avvio\Programmi\Esecuzione automatica\CTI Tray Icon.lnk
backup=c:\windows\pss\CTI Tray Icon.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:14 1695232 ----a-w- c:\programmi\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44 3883856 ----a-w- c:\programmi\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-r- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipStunt]
2007-12-13 15:31 8824112 ----a-w- c:\programmi\VoipStunt.com\VoipStunt\VoipStunt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WFXSwtch]
2001-09-10 18:03 27648 ----a-w- c:\progra~1\Symantec\WinFax\WFXSWTCH.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\VoipStunt.com\\VoipStunt\\VoipStunt.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Metin2_Italiano\\metin2.bin"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Documents and Settings\\Desk\\Desktop\\Simone\\Emule\\eMule\\emule.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=

R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [04/02/2010 17.02.06 142592]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [29/03/2009 13.57.53 54752]
S2 gupdate1ca4128ce09348c;Servizio di Google Update (gupdate1ca4128ce09348c);c:\programmi\Google\Update\GoogleUpdate.exe [29/09/2009 18.17.57 133104]
S3 fsssvc;Servizio Windows Live Family Safety;c:\programmi\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22.48.42 704864]
.
Contenuto della cartella 'Scheduled Tasks'

2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-09-29 17:17]

2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-09-29 17:17]

2010-02-07 c:\windows\Tasks\WebReg Deskjet F300 series.job
- c:\programmi\HP\Digital Imaging\bin\hpqwrg.exe [2005-12-15 15:45]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-09 16:54
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•Ñw*]
"0140211900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(728)
c:\windows\system32\Ati2evxx.dll
.
Ora fine scansione: 2010-02-09 16:58:29
ComboFix-quarantined-files.txt 2010-02-09 15:58
ComboFix2.txt 2010-02-08 17:15
ComboFix3.txt 2010-01-16 13:11

Pre-Run: 47.436.767.232 byte disponibili
Post-Run: 47.400.558.592 byte disponibili

- - End Of File - - E221D4AFE91381BA670C1FDB759ECE3D

Si, propria 5 minuti fà.
Ancora non ho eseguito le seguenti operazioni che mi hai consigliato prima. Le devo fare o hai un'altra strategia?

Fai queste operazioni di pulizia:

Per eliminare i vari Tooll scaricati: (Combofix)
Scarica OTC by OldTimer sul desktop:
http://oldtimer.geekstogo.com/OTC.exe
doppio clic per eseguirlo
Clicca su CleanUp.
Ti chiederà di riavviare il pc.
Clicca sì.

Disattiva il ripristino configurazione di sistema,
http://guide.aiutamici.com/guide?C1=7&C2=68&ID=80121


Dai una pulita (registro compreso)con CCleaner: http://www.aiutamici.com/software?ID=11223
Nella schermata iniziale di CCleaner, clicca su Opzioni e poi Avanzate, togli il segno di spunta a: Cancella i file in Windows Temp solo se più vecchi di 48 ore. (poi esegui le pulizie)

Poi:
Start\Esegui\copia e incolla la stringa %temp% clicca su Ok, svuota la cartella temp. (non eliminare la cartella)
Poi:
Provvedi a svuotare del suo contenuto la cartella Prefetch :
clicca su Risorse del Computer
clicca su Disco locale C:
cerca, all’interno delle cartelle che saranno visualizzate la cartella Windows, aprila ed, al suo interno, cerca la cartella Prefetch, la apri ed elimina tutte le voci conservate al suo interno ( non eliminare la cartella)
SVUOTA IL CESTINO
Poi:
Lancia Hijackthis e pulisci gli ADS in questo modo:
clicca sulla voce Open the misc tool section
clicca su Open ads spy
togli la spunta alla voce Quick scan (windows base folder only)
clicca su Scan.
Aspetta pazientemente la fine della scansione.
se venissero rilevati ADS, spunta tutte (senza paura) le caselline e clicca su Remove selected

Fai una deframmentazione del HD.
Riattiva il ripristino configurazione di sistema e, se tutto è a posto, creane uno nuovo.

scusate se mi intrometto...ho visto che hai installato spywareterminator,per caso quando l hai scaricato hai anche attivato la protezione virus?te lo chiedo perchè non vorrei che il suo antivirus(clamwin)ti creasse qualche conflitto con l antivirus residente(avira se non sbaglio)...

Ciao.
In ogni caso, esegui le indicazioni che ti ho dato.
Poi, non costa nulla, provare a seguire le indicazioni di paolopa.
Prova a disistallare Spyware Terminator.
E' già positivo, che Avira finisca le sue scansioni. (senza rilevare nulla, spero)

Per disinstallare "bene" Spyware Terminator che devo fare?

LOG DI SYS
report.txt

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File "C:\WINDOWS\MBR.exe" deleted successfully.
File "C:\WINDOWS\SWXCACLS.exe" deleted successfully.
File "C:\WINDOWS\NIRCMD.exe" deleted successfully.
File "C:\WINDOWS\zip.exe" deleted successfully.
File "C:\WINDOWS\grep.exe" deleted successfully.
File "C:\WINDOWS\SWREG.exe" deleted successfully.
File "C:\WINDOWS\sed.exe" deleted successfully.
File "C:\WINDOWS\SWSC.exe" deleted successfully.
File "C:\WINDOWS\PEV.exe" deleted successfully.
File "c:\windows\java\Packages\Data\J5VN9V9Z.DAT" deleted successfully.
File "c:\windows\java\Packages\9NRHJDJJ.ZIP" deleted successfully.
File "c:\windows\java\Packages\Data\MNJP3J35.DAT" deleted successfully.
File "c:\windows\java\Packages\Data\SLJHZBHV.DAT" deleted successfully.
File "c:\windows\java\Packages\Data\8EYZJR1V.DAT" deleted successfully.
File "c:\windows\java\Packages\Data\FTR3J5F7.DAT" deleted successfully.
File "c:\windows\java\Packages\Data\1FFN97HV.DAT" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\STS1E.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR1B.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR1A.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\STS23.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR19.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR18.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\STS1F.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR17.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR16.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\STS1C.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR15.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR14.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\STS1B.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR13.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR12.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\STS1A.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR11.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR10.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\STS19.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MARF.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MARE.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\STS18.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MARD.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MARC.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\STS14.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MARB.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MARA.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\STSE.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR5.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR4.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\STS11.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR7.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR6.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\STS10.tmp" deleted successfully.
File "C:\DOCUME~1\Desk\IMPOST~1\Temp\MAR8.tmp" deleted successfully.

Error: folder "c:\windows\java\Packages\9NRHJDJJ.ZIP" not found!
Deletion of folder "c:\windows\java\Packages\9NRHJDJJ.ZIP" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Registry key "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WFXSwtch" replaced with dummy successfully.

Completed script processing.

*******************

Finished! Terminate.

Fra tutta questa roba che ho cancellato pensi che c'era la causa del problemi del mio pc?