Salve, sono iscritto da poco al forum.
Sono entusiasta di far parte della vostra community.
Purtroppo ho un problema, inserisco le mie pen drive e a volte, non sempre, non riesco ad aprirle. Le ho scansionate con Avast Antivirus e mi trova VBS:Malvare-gen e BV:Bursted-A.
Il log con HijiackThis è il seguente:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16.29.00, on 01/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\CyberLink\PCM4Everio\EverioService.exe
C:\Programmi\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Pablo\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Programmi\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Programmi\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EverioService] "C:\Programmi\CyberLink\PCM4Everio\EverioService.exe"
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-21-1708537768-1035525444-725345543-1004\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background (User 'Gulliver')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F1363D0-015C-4BC0-8C70-3673FA92C611}: NameServer = 85.37.17.17 85.38.28.72
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Unknown owner - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

--
End of file - 6689 bytes

Resto in attesa di sapere cosa fixare.
Grazie.

Paolo.

il log e' pulito probabilmente il tuo pc deve essere visitato piu' a fondo

vai su questo sito ===> http://www.kaspersky.com/virusscanner


1. Clicca su Kaspersky Online Scanner
2. Clicca su Accept
3. Partirà un Update
4. Vai nella colonna di sinistra dov'è scritto Scan e scegli my computer
5. Al termine della scansione in fondo a destra trovi la voce View Scan Report. Cliccaci sopra e poi clicca su Save "Save Report As" e salvalo sul desktop.
Per la scansione è richiesta l'installazione del java.

Ecco il log di ComboFix:

ComboFix 08-08-31.01 - Pablo 2008-09-01 17.17.05.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.885 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Gulliver\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino

ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Gulliver\Dati applicazioni\macromedia\Flash Player\#SharedObjects\YK5HYV2Y\bin.clearspring.com
C:\Documents and Settings\Gulliver\Dati applicazioni\macromedia\Flash Player\#SharedObjects\YK5HYV2Y\bin.clearspring.com\clearspring.sol
C:\Documents and Settings\Gulliver\Dati applicazioni\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com
C:\Documents and Settings\Gulliver\Dati applicazioni\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com\settings.sol
C:\Documents and Settings\Pablo\Preferiti\Videos.url
C:\WINDOWS\system32\dao350.dll

.
((((((((((((((((((((((((( Files Creati Da 2008-08-01 al 2008-09-01 )))))))))))))))))))))))))))))))))))
.

2008-09-01 15:56 . 2008-09-01 15:56 268 --ah----- C:\sqmdata19.sqm
2008-09-01 15:56 . 2008-09-01 15:56 244 --ah----- C:\sqmnoopt19.sqm
2008-09-01 11:39 . 2008-09-01 11:39 <DIR> d-------- C:\Programmi\USBVirusKiller
2008-09-01 11:02 . 2008-09-01 11:02 268 --ah----- C:\sqmdata18.sqm
2008-09-01 11:02 . 2008-09-01 11:02 244 --ah----- C:\sqmnoopt18.sqm
2008-08-31 17:50 . 2008-08-31 17:50 268 --ah----- C:\sqmdata17.sqm
2008-08-31 17:50 . 2008-08-31 17:50 244 --ah----- C:\sqmnoopt17.sqm
2008-08-29 18:16 . 2008-08-29 18:16 268 --ah----- C:\sqmdata16.sqm
2008-08-29 18:16 . 2008-08-29 18:16 244 --ah----- C:\sqmnoopt16.sqm
2008-08-28 17:22 . 2008-08-28 17:22 268 --ah----- C:\sqmdata15.sqm
2008-08-28 17:22 . 2008-08-28 17:22 244 --ah----- C:\sqmnoopt15.sqm
2008-08-28 15:30 . 2008-08-28 15:30 268 --ah----- C:\sqmdata14.sqm
2008-08-28 15:30 . 2008-08-28 15:30 244 --ah----- C:\sqmnoopt14.sqm
2008-08-28 13:54 . 2008-08-28 13:54 268 --ah----- C:\sqmdata13.sqm
2008-08-28 13:54 . 2008-08-28 13:54 244 --ah----- C:\sqmnoopt13.sqm
2008-08-28 12:22 . 2008-08-28 12:22 268 --ah----- C:\sqmdata12.sqm
2008-08-28 12:22 . 2008-08-28 12:22 244 --ah----- C:\sqmnoopt12.sqm
2008-08-27 18:31 . 2008-08-27 18:31 268 --ah----- C:\sqmdata11.sqm
2008-08-27 18:31 . 2008-08-27 18:31 244 --ah----- C:\sqmnoopt11.sqm
2008-08-27 18:31 . 2008-08-27 18:31 22 --a------ C:\WINDOWS\ppdrv.ini
2008-08-27 17:58 . 2008-08-27 18:32 <DIR> d-------- C:\WINDOWS\ULEAD.DAT
2008-08-27 17:58 . 1995-07-11 11:50 322,832 --a------ C:\WINDOWS\system32\MFC30.DLL
2008-08-27 17:58 . 1995-07-20 02:00 133,904 --a------ C:\WINDOWS\system32\MFCANS32.DLL
2008-08-27 17:58 . 1995-07-11 11:50 133,392 --a------ C:\WINDOWS\system32\MFCO30.DLL
2008-08-27 17:58 . 1996-01-01 12:27 132,774 --a------ C:\WINDOWS\@ Ulead MT024.BMP
2008-08-27 17:58 . 1996-01-03 15:58 120,054 --a------ C:\WINDOWS\@ Ulead MT100.BMP
2008-08-27 17:58 . 1996-01-03 15:33 43,254 --a------ C:\WINDOWS\@ Ulead MT057.BMP
2008-08-27 17:58 . 1995-07-11 11:50 5,632 --a------ C:\WINDOWS\system32\MFCUIA32.DLL
2008-08-27 17:58 . 2008-08-27 17:58 20 --a------ C:\WINDOWS\ULEAD.INI
2008-08-27 17:53 . 2008-08-27 17:53 107 --a------ C:\WINDOWS\KPCMS.INI
2008-08-27 17:52 . 2008-08-27 17:52 268 --ah----- C:\sqmdata10.sqm
2008-08-27 17:52 . 2008-08-27 17:52 244 --ah----- C:\sqmnoopt10.sqm
2008-08-26 17:48 . 2008-08-26 17:48 268 --ah----- C:\sqmdata09.sqm
2008-08-26 17:48 . 2008-08-26 17:48 244 --ah----- C:\sqmnoopt09.sqm
2008-08-26 17:37 . 2008-08-26 17:37 268 --ah----- C:\sqmdata08.sqm
2008-08-26 17:37 . 2008-08-26 17:37 244 --ah----- C:\sqmnoopt08.sqm
2008-08-23 19:20 . 2008-08-23 19:20 268 --ah----- C:\sqmdata07.sqm
2008-08-23 19:20 . 2008-08-23 19:20 244 --ah----- C:\sqmnoopt07.sqm
2008-08-23 16:10 . 2008-08-23 16:10 268 --ah----- C:\sqmdata06.sqm
2008-08-23 16:10 . 2008-08-23 16:10 244 --ah----- C:\sqmnoopt06.sqm
2008-08-21 18:40 . 2008-08-21 18:40 268 --ah----- C:\sqmdata05.sqm
2008-08-21 18:40 . 2008-08-21 18:40 244 --ah----- C:\sqmnoopt05.sqm
2008-08-21 17:14 . 2008-08-21 17:15 <DIR> d-------- C:\Documents and Settings\Pablo\Dati applicazioni\CyberLink
2008-08-21 17:13 . 2008-08-21 17:13 268 --ah----- C:\sqmdata04.sqm
2008-08-21 17:13 . 2008-08-21 17:13 244 --ah----- C:\sqmnoopt04.sqm
2008-08-21 17:12 . 2008-08-21 17:12 <DIR> d-------- C:\Programmi\Digital Photo Navigator 1.5
2008-08-21 17:12 . 2008-08-21 17:07 <DIR> d-------- C:\Programmi\CyberLink
2008-08-21 17:06 . 2008-08-21 17:06 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Cyberlink
2008-08-21 17:05 . 2006-06-04 15:48 198,144 --------- C:\WINDOWS\system32\_psisdecd.dll
2008-08-21 17:05 . 2006-06-04 15:48 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll
2008-08-21 11:10 . 2008-08-21 11:10 268 --ah----- C:\sqmdata03.sqm
2008-08-21 11:10 . 2008-08-21 11:10 244 --ah----- C:\sqmnoopt03.sqm
2008-08-20 12:02 . 2008-08-20 12:02 <DIR> d-------- C:\Documents and Settings\Pablo\Dati applicazioni\AVS4YOU
2008-08-20 12:01 . 2008-08-20 12:01 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\AVS4YOU
2008-08-20 11:56 . 2008-08-20 11:57 <DIR> d-------- C:\Programmi\File comuni\AVSMedia
2008-08-20 11:56 . 2008-08-20 11:57 <DIR> d-------- C:\Programmi\AVS4YOU
2008-08-20 09:54 . 2008-08-20 09:54 268 --ah----- C:\sqmdata02.sqm
2008-08-20 09:54 . 2008-08-20 09:54 244 --ah----- C:\sqmnoopt02.sqm
2008-08-19 11:52 . 2008-08-19 11:52 268 --ah----- C:\sqmdata01.sqm
2008-08-19 11:52 . 2008-08-19 11:52 244 --ah----- C:\sqmnoopt01.sqm
2008-08-18 12:19 . 2008-08-18 12:19 268 --ah----- C:\sqmdata00.sqm
2008-08-18 12:19 . 2008-08-18 12:19 244 --ah----- C:\sqmnoopt00.sqm
2008-08-17 12:45 . 2008-08-17 12:45 <DIR> d-------- C:\Programmi\Maggioli Editore
2008-08-04 18:25 . 2008-08-04 18:25 <DIR> d-------- C:\Documents and Settings\Gulliver\Programmi
2008-08-04 18:25 . 2008-08-09 19:17 <DIR> d-------- C:\Documents and Settings\Gulliver\Dati applicazioni\uTorrent

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-28 15:35 --------- d-----w C:\Programmi\Neri Litestar 9
2008-08-21 15:08 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-08-18 12:36 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\FLEXnet
2008-07-24 10:06 --------- d-----w C:\Programmi\Virtual Earth 3D
2008-07-21 13:28 --------- d-----w C:\Documents and Settings\Pablo\Dati applicazioni\Autodesk
2008-07-21 13:28 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Autodesk
2008-07-16 07:47 --------- d-----w C:\Programmi\AutoCAD 2008
2008-07-16 07:42 --------- d-----w C:\Programmi\File comuni\Autodesk Shared
2008-07-02 16:27 --------- d-----w C:\Programmi\PVSYST4
2007-12-13 08:41 32 ----a-w C:\Documents and Settings\All Users\Dati applicazioni\ezsid.dat
.



((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w 620,152 2006-10-22 21:24:02 C:\Programmi\Adobe\Acrobat 8.0\Acrobat\bak\Acrotray.exe
----a-w 620,152 2006-10-22 22:24:02 C:\Programmi\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

----a-w 79,224 2007-12-04 13:00:23 C:\Programmi\Alwil Software\Avast4\bak\ashDisp.exe
----a-w 78,008 2008-07-19 14:38:34 C:\Programmi\Alwil Software\Avast4\ashDisp.exe

----a-w 132,496 2007-09-25 00:11:35 C:\Programmi\Java\jre1.6.0_03\bin\bak\jusched.exe

----a-w 5,674,352 2007-01-19 10:54:50 C:\Programmi\MSN Messenger\bak\MsnMsgr.Exe
----a-w 5,674,352 2007-01-19 11:54:50 C:\Programmi\MSN Messenger\msnmsgr.exe

----a-w 37,376 1998-07-07 15:04:24 C:\Programmi\TextBridge Classic 2.0\Bin\bak\INSTAN~1.EXE

----a-w 22,528 1998-07-07 15:20:30 C:\Programmi\TextBridge Classic 2.0\Bin\bak\REGIST~1.EXE

----a-w 25,088 1998-07-03 11:51:32 C:\Programmi\Ulead Systems\Ulead Photo Express 2 SE\bak\ChkFont.exe

----a-w 155,648 2001-07-09 09:50:42 C:\WINDOWS\system32\bak\NeroCheck.exe

----a-w 188,416 2002-11-03 22:54:26 C:\WINDOWS\system32\spool\drivers\w32x86\3\bak\hpztsb07.exe

.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Programmi\MSN Messenger\msnmsgr.exe" [2007-01-19 13:54 5674352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acrobat Assistant 8.0"="C:\Programmi\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-23 00:24 620152]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe" [N/A]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [N/A]
"RegisterDropHandler"="C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE" [N/A]
"PE2CKFNT SE"="C:\Programmi\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe" [N/A]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 16:38 78008]
"EverioService"="C:\Programmi\CyberLink\PCM4Everio\EverioService.exe" [2006-11-22 21:10 151552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"RegisterDropHandler"="C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE" [N/A]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:39 15360]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [2007-09-30 23:37:31 295606]
Adobe Acrobat Synchronizer.lnk - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 00:01:50 734872]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= ffdshow.ax
"SENTINEL"= snti386.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^20-20 Shortcut Bar.lnk]
path=C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\20-20 Shortcut Bar.lnk
backup=C:\WINDOWS\pss\20-20 Shortcut Bar.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Photo Express Calendar Checker SE.lnk]
path=C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Photo Express Calendar Checker SE.lnk
backup=C:\WINDOWS\pss\Photo Express Calendar Checker SE.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Tasto di scelta rapida per l'avvio di AutoCAD.lnk]
path=C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Tasto di scelta rapida per l'avvio di AutoCAD.lnk
backup=C:\WINDOWS\pss\Tasto di scelta rapida per l'avvio di AutoCAD.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Pablo^Menu Avvio^Programmi^Esecuzione automatica^reminder-Registrazione del prodotto Scansoft.lnk]
path=C:\Documents and Settings\Pablo\Menu Avvio\Programmi\Esecuzione automatica\reminder-Registrazione del prodotto Scansoft.lnk
backup=C:\WINDOWS\pss\reminder-Registrazione del prodotto Scansoft.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Pablo^Menu Avvio^Programmi^Esecuzione automatica^Watch.lnk]
path=C:\Documents and Settings\Pablo\Menu Avvio\Programmi\Esecuzione automatica\Watch.lnk
backup=C:\WINDOWS\pss\Watch.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
--a------ 2004-08-22 18:05 81920 C:\Programmi\D-Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-01-19 13:54 5674352 C:\Programmi\MSN Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"C:\\Programmi\\MSN Messenger\\livecall.exe"=
"C:\\Programmi\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"C:\\Documents and Settings\\Gulliver\\Impostazioni locali\\Dati applicazioni\\Skype\\Phone\\Skype.exe"=
"C:\\Programmi\\CyberLink\\PCM4Everio\\PCM4Everio.exe"=
"C:\\Programmi\\CyberLink\\PCM4Everio\\EverioService.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R2 cpwnt;cpwnt;C:\WINDOWS\system32\drivers\cpwnt.sys [1997-05-30 01:00]
S2 CPUSB;CPUsb.Sys driver;C:\WINDOWS\system32\Drivers\CPUSB.sys [2002-10-24 02:00]
S2 PPSCAN;PPSCAN;C:\WINDOWS\system32\drivers\PPSCAN.sys [1998-01-30 14:47]
S2 Utilità di pianificazione di LiveUpdate automatico;Utilità di pianificazione di LiveUpdate automatico;C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 eusk3usb;SmartKey 3 USB;C:\WINDOWS\system32\Drivers\eusk3usb.sys [2005-08-22 13:02]
S3 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\PLCNDIS5.SYS [2002-11-20 09:09]
S3 SFC4;SFC4;C:\WINDOWS\system32\drivers\SFC4.sys [1998-09-16 10:07]
S3 skeyusb;SmartKey USB;C:\WINDOWS\system32\Drivers\skeyusb.sys [2003-07-09 15:18]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b8314730-6f44-11dc-9139-806d6172696f}]
\Shell\AutoRun\command - M:\m6dqm2vd.exe
\Shell\explore\Command - M:\m6dqm2vd.exe
\Shell\open\Command - M:\m6dqm2vd.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b9314fbd-0d2e-11dd-b46c-000c6e46e55a}]
\Shell\AutoRun\command - m6dqm2vd.exe
\Shell\explore\Command - m6dqm2vd.exe
\Shell\open\Command - m6dqm2vd.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.it/
O8 -: Append to existing PDF - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 -: Convert link target to Adobe PDF - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 -: Convert link target to existing PDF - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 -: Convert selected links to Adobe PDF - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 -: Convert selected links to existing PDF - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 -: Convert selection to Adobe PDF - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 -: Convert selection to existing PDF - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 -: Convert to Adobe PDF - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 -: E&sporta in Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O16 -: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd

O16 -: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game11.zylom.com/activex/zylomgamesplayer.cab
C:\WINDOWS\Downloaded Program Files\ZylomGamesPlayer.inf
C:\WINDOWS\Downloaded Program Files\zylomgamesplayer.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-01 17:20:18
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2008-09-01 17:23:23
ComboFix-quarantined-files.txt 2008-09-01 15:23:20

Pre-Run: 8,257,675,264 byte disponibili
Post-Run: 9,467,138,048 byte disponibili

230


P.S. Virit non ha trovato nulla.

CIao e grazie.

Certo che puoi. Si chiama ClamWin Portable. Leggi qui. C'è anche il link diretto.
Ciao.

PS VirIt non ti ha trovato niente, perchè la pulizia l'ha fatta ComboFix.

---