Non si tratta di avere paura, mi si aprono cose che io non richiedo! tra l'altro con tutte le scansione fatte ho eliminato 27 virus, quindi qlc c'era!

Poi mi si apre da solo window messenger che tra l'altro non ho mai usato! Oggi l'ho eliminato direttamente dai programmi, spero di nn avere fatto confusione; poi un'altra cosa che riscontro è che ultimamente è lentissimo, navigo con Alice 7 Mega e nn era così!

Se puoi aiutarmi ti sarei grata!

Grazie!

Grazie x il consiglio... ti posto qui il log di combofix! Grazie ancora! Simona


ComboFix 09-04-04.01 - Simona 2009-04-08 15.34.22.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.958.639 [GMT 2:00]
Eseguito da: c:\documents and settings\Simona\Desktop\ComboFix.exe
FW: PC Tools Firewall Plus *enabled*
* Creato nuovo punto di ripristino

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((( Files Creati Da 2009-03-08 al 2009-04-08 )))))))))))))))))))))))))))))))))))
.

2009-04-08 15:31 . 2009-04-08 15:31 <DIR> d-------- C:\32788R22FWJFW

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-08 13:26 --------- d---a-w c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-04-07 19:23 --------- d-----w c:\documents and settings\Simona\Dati applicazioni\Skype
2009-04-07 14:08 --------- d-----w c:\documents and settings\Simona\Dati applicazioni\skypePM
2009-04-06 13:22 --------- d-----w c:\programmi\eMule
2009-04-04 14:54 41,728 ----a-w c:\windows\system32\drivers\VIRAGTLT.SYS
2009-03-26 13:14 --------- d-----w c:\programmi\PC Tools Firewall Plus
2009-03-16 17:43 130,424 ----a-w c:\windows\system32\drivers\PCTCore.sys
2009-03-05 15:26 7,956 ----a-w C:\hkcurs1.zip
2009-03-05 15:26 2,013 ----a-w C:\hkcurs2.zip
2009-03-05 15:25 39,162 ----a-w C:\kqicon003.zip
2009-03-05 15:25 18,485 ----a-w C:\dnl_kt_icon.zip
2009-03-03 15:25 --------- d-----w c:\programmi\File comuni\Skype
2009-03-03 15:25 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Skype
2009-03-03 15:25 --------- d-----r c:\programmi\skype
2009-02-25 15:37 73,840 ----a-w c:\windows\system32\drivers\PCTAppEvent.sys
2009-02-25 15:36 95,640 ----a-w c:\windows\system32\drivers\pctplfw.sys
2008-10-29 13:27 62,928 ----a-w c:\documents and settings\Simona\Dati applicazioni\GDIPFONTCACHEV1.DAT
2008-10-25 12:20 6,637,592 ----a-w c:\programmi\SUPERAntiSpyware.exe
2008-10-11 13:30 812,344 ----a-w c:\programmi\HJTInstall.exe
2008-09-13 08:46 24,192 ----a-w c:\documents and settings\Simona\usbsermptxp.sys
2008-09-13 08:46 22,768 ----a-w c:\documents and settings\Simona\usbsermpt.sys
2006-01-26 12:20 189,764 ----a-w c:\programmi\mp3DC139.exe
.

((((((((((((((((((((((((((((( snapshot@2008-10-15_21.58.53,57 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-11-02 05:22:52 51,680 -c----w c:\windows\$NtUninstallWdf01005$\spuninst\Kmdfcustom.dll
+ 2006-10-08 19:51:14 221,488 -c----w c:\windows\$NtUninstallWdf01005$\spuninst\spuninst.exe
+ 2006-10-08 19:51:14 379,184 -c----w c:\windows\$NtUninstallWdf01005$\spuninst\updspapi.dll
+ 2009-03-03 15:25:09 364,726 ----a-r c:\windows\Installer\{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}\SkypeIcon.exe
- 2008-09-13 08:32:42 167,936 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2008-11-05 13:41:00 167,936 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2008-09-13 08:32:42 2,560 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2008-11-05 13:41:00 2,560 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2008-09-13 08:32:42 34,304 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2008-11-05 13:41:00 34,304 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2008-09-13 08:32:42 8,192 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2008-11-05 13:41:00 8,192 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2008-09-13 08:32:42 3,584 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2008-11-05 13:41:00 3,584 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2008-09-13 08:32:42 114,688 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2008-11-05 13:41:00 114,688 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2008-09-13 08:32:42 16,384 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2008-11-05 13:41:00 16,384 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2008-09-13 08:32:42 30,720 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2008-11-05 13:41:00 30,720 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2008-09-13 08:32:42 22,528 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2008-11-05 13:41:00 22,528 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2008-09-13 08:32:42 45,056 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2008-11-05 13:41:00 45,056 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2008-09-13 08:32:42 90,112 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2008-11-05 13:41:00 90,112 ----a-r c:\windows\Installer\{90110410-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2008-10-25 12:56:29 18,944 ----a-r c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
+ 2008-10-25 12:56:29 65,024 ----a-r c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
+ 2007-04-11 13:32:22 56,080 ----a-w c:\windows\KHALMNPR.Exe
- 2000-08-31 06:00:00 28,672 ----a-w c:\windows\NIRCMD.exe
+ 2000-08-31 06:00:00 29,696 ----a-w c:\windows\NIRCMD.exe
- 2004-08-19 13:39:06 66,560 ----a-w c:\windows\system32\cdm.dll
+ 2007-07-30 18:19:20 92,504 ----a-w c:\windows\system32\cdm.dll
- 2004-08-19 13:39:06 66,560 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2007-07-30 18:19:20 92,504 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2004-08-03 21:08:20 36,224 -c--a-w c:\windows\system32\dllcache\hidclass.sys
+ 2004-08-03 21:08:18 24,960 -c--a-w c:\windows\system32\dllcache\hidparse.sys
+ 2001-08-17 20:02:20 9,600 -c--a-w c:\windows\system32\dllcache\hidusb.sys
+ 2004-08-19 13:26:40 53,632 -c--a-w c:\windows\system32\dllcache\i8042prt.sys
+ 2004-08-19 13:30:20 25,088 -c--a-w c:\windows\system32\dllcache\kbdclass.sys
+ 2004-08-19 13:22:38 23,552 -c--a-w c:\windows\system32\dllcache\mouclass.sys
+ 2001-08-30 18:41:06 12,160 -c--a-w c:\windows\system32\dllcache\mouhid.sys
+ 2004-08-03 21:58:46 15,104 -c--a-w c:\windows\system32\dllcache\usbscan.sys
- 2004-08-19 13:39:34 432,128 -c--a-w c:\windows\system32\dllcache\wuapi.dll
+ 2007-07-30 18:19:36 549,720 -c--a-w c:\windows\system32\dllcache\wuapi.dll
- 2004-08-19 13:39:48 111,616 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2007-07-30 18:19:16 53,080 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
- 2004-08-19 13:39:34 1,134,592 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2007-07-30 18:19:42 1,712,984 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
- 2004-08-19 13:39:34 114,176 -c--a-w c:\windows\system32\dllcache\wucltui.dll
+ 2007-07-30 18:19:32 325,976 -c--a-w c:\windows\system32\dllcache\wucltui.dll
- 2004-08-19 13:39:34 36,864 -c--a-w c:\windows\system32\dllcache\wups.dll
+ 2007-07-30 18:18:40 33,624 -c--a-w c:\windows\system32\dllcache\wups.dll
- 2004-08-19 13:39:34 120,320 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2007-07-30 18:19:46 203,096 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2001-08-17 20:02:20 9,600 ----a-w c:\windows\system32\drivers\hidusb.sys
+ 2003-03-09 19:31:00 51,024 ----a-w c:\windows\system32\drivers\hpzid412.sys
+ 2003-03-09 19:31:02 16,080 ----a-w c:\windows\system32\drivers\HPZipr12.sys
+ 2005-10-22 06:22:48 21,568 ----a-w c:\windows\system32\drivers\HPZius12.sys
+ 2007-04-11 13:32:30 20,496 ----a-w c:\windows\system32\drivers\L8042Kbd.sys
+ 2007-04-11 13:32:38 63,248 ----a-w c:\windows\system32\drivers\L8042mou.Sys
+ 2007-04-11 13:32:52 34,832 ----a-w c:\windows\system32\drivers\LHidFilt.Sys
+ 2007-04-11 13:32:58 36,112 ----a-w c:\windows\system32\drivers\LMouFilt.Sys
+ 2007-04-11 13:33:06 79,376 ----a-w c:\windows\system32\drivers\LMouKE.Sys
+ 2007-04-11 13:33:14 28,688 ----a-w c:\windows\system32\drivers\LUsbFilt.sys
- 2004-08-19 13:50:30 23,552 ----a-w c:\windows\system32\drivers\mouclass.sys
+ 2004-08-19 13:22:38 23,552 ----a-w c:\windows\system32\drivers\mouclass.sys
+ 2001-08-30 18:41:06 12,160 ----a-w c:\windows\system32\drivers\mouhid.sys
+ 2008-09-22 11:29:18 97,408 ----a-w c:\windows\system32\drivers\pctfw.sys
+ 2008-12-11 07:38:22 159,600 ----a-w c:\windows\system32\drivers\pctgntdi.sys
+ 2004-08-03 21:58:46 15,104 ----a-w c:\windows\system32\drivers\usbscan.sys
+ 2006-11-02 05:22:54 492,000 ------w c:\windows\system32\drivers\wdf01000.sys
+ 2006-11-02 05:22:52 32,224 ------w c:\windows\system32\drivers\wdfldr.sys
+ 2007-04-11 13:32:52 34,832 -c--a-w c:\windows\system32\DRVSTORE\lfhidhid_AE49CF7A8ECC1A99B793E188BDD77103BF9A4571\LHidFilt.sys
+ 2007-04-11 13:33:20 1,419,024 -c--a-w c:\windows\system32\DRVSTORE\lfhidhid_AE49CF7A8ECC1A99B793E188BDD77103BF9A4571\WdfCoInstaller01005.dll
+ 2007-04-11 13:33:14 28,688 -c--a-w c:\windows\system32\DRVSTORE\lfhidusb_34C0B169C0F0216ABB2FADCF857761C40513C0EC\LUsbFilt.sys
+ 2007-04-11 13:33:20 1,419,024 -c--a-w c:\windows\system32\DRVSTORE\lfhidusb_34C0B169C0F0216ABB2FADCF857761C40513C0EC\WdfCoInstaller01005.dll
+ 2007-04-11 13:32:52 34,832 -c--a-w c:\windows\system32\DRVSTORE\lfkbdhid_3787EF478DB0DC00ADEE4DCD2D3B66B57B8CE09C\LHidFilt.sys
+ 2007-04-11 13:33:20 1,419,024 -c--a-w c:\windows\system32\DRVSTORE\lfkbdhid_3787EF478DB0DC00ADEE4DCD2D3B66B57B8CE09C\WdfCoInstaller01005.dll
+ 2007-04-11 13:32:22 56,080 -c--a-w c:\windows\system32\DRVSTORE\lfmouhid_10C7F3421939DA6E2806F5500B0342437634A347\KHALMNPR.exe
+ 2007-04-11 13:32:52 34,832 -c--a-w c:\windows\system32\DRVSTORE\lfmouhid_10C7F3421939DA6E2806F5500B0342437634A347\LHidFilt.sys
+ 2007-04-11 13:32:58 36,112 -c--a-w c:\windows\system32\DRVSTORE\lfmouhid_10C7F3421939DA6E2806F5500B0342437634A347\LMouFilt.sys
+ 2007-04-11 13:33:20 1,419,024 -c--a-w c:\windows\system32\DRVSTORE\lfmouhid_10C7F3421939DA6E2806F5500B0342437634A347\WdfCoInstaller01005.dll
+ 2007-04-11 13:32:30 20,496 -c--a-w c:\windows\system32\DRVSTORE\lkbdps2k_9596CEA748EB5F658C6E5BB53EACD081280A4C4D\L8042Kbd.sys
+ 2007-04-11 13:32:22 56,080 -c--a-w c:\windows\system32\DRVSTORE\lmoups2k_6C72A33CEA374B8F0F934E4770A12C1E8A8096CD\KHALMNPR.Exe
+ 2007-04-11 13:32:38 63,248 -c--a-w c:\windows\system32\DRVSTORE\lmoups2k_6C72A33CEA374B8F0F934E4770A12C1E8A8096CD\L8042mou.Sys
+ 2007-04-11 13:33:06 79,376 -c--a-w c:\windows\system32\DRVSTORE\lmoups2k_6C72A33CEA374B8F0F934E4770A12C1E8A8096CD\LMouKE.Sys
- 2003-02-28 08:10:02 274,432 ----a-w c:\windows\system32\hpgwiamd.dll
+ 2003-03-09 19:31:04 274,432 ----a-w c:\windows\system32\hpgwiamd.dll
+ 2003-03-09 19:31:04 561,152 ----a-w c:\windows\system32\hpotscl.dll
+ 2003-03-09 19:31:04 81,920 ----a-w c:\windows\system32\hpovst08.dll
+ 2003-03-09 19:30:42 237,568 ----a-w c:\windows\system32\HPZc3212.dll
+ 2003-03-09 19:31:00 233,528 ----a-w c:\windows\system32\HPZidr12.dll
+ 2003-03-09 19:31:02 61,699 ----a-w c:\windows\system32\HPZinw12.exe
+ 2003-03-09 19:31:02 65,795 ----a-w c:\windows\system32\HPZipm12.exe
+ 2003-03-09 19:31:02 167,936 ----a-w c:\windows\system32\HPZipr12.dll
+ 2003-03-09 19:31:02 94,208 ----a-w c:\windows\system32\HPZipt12.dll
+ 2003-03-09 19:31:02 57,344 ----a-w c:\windows\system32\HPZisn12.dll
+ 2007-04-23 02:00:00 163,840 ----a-w c:\windows\system32\kemutb.dll
+ 2007-04-23 02:00:00 135,168 ----a-w c:\windows\system32\KemUtil.dll
+ 2007-04-23 02:00:00 110,592 ----a-w c:\windows\system32\KemWnd.dll
+ 2007-04-23 02:00:00 69,632 ----a-w c:\windows\system32\KemXML.dll
- 2001-03-08 17:30:00 24,064 ------w c:\windows\system32\msxml3a.dll
+ 2002-02-21 16:56:34 24,576 ----a-w c:\windows\system32\msxml3a.dll
- 2008-09-14 14:36:05 58,930 ----a-w c:\windows\system32\perfc009.dat
+ 2009-04-01 09:55:36 58,930 ----a-w c:\windows\system32\perfc009.dat
- 2008-09-14 14:36:05 69,988 ----a-w c:\windows\system32\perfc010.dat
+ 2009-04-01 09:55:36 69,988 ----a-w c:\windows\system32\perfc010.dat
- 2008-09-14 14:36:05 392,630 ----a-w c:\windows\system32\perfh009.dat
+ 2009-04-01 09:55:36 392,630 ----a-w c:\windows\system32\perfh009.dat
- 2008-09-14 14:36:05 437,882 ----a-w c:\windows\system32\perfh010.dat
+ 2009-04-01 09:55:36 437,882 ----a-w c:\windows\system32\perfh010.dat
+ 2004-08-19 13:50:30 20,992 ----a-w c:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\hid.dll
+ 2004-08-03 21:08:20 36,224 ----a-w c:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\hidclass.sys
+ 2004-08-03 21:08:18 24,960 ----a-w c:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\hidparse.sys
+ 2001-08-17 20:02:20 9,600 ----a-w c:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\hidusb.sys
+ 2004-08-19 13:50:30 23,552 ----a-w c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\mouclass.sys
+ 2001-08-30 18:41:06 12,160 ----a-w c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\mouhid.sys
+ 2004-08-19 13:26:40 53,632 ----a-w c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\i8042prt.sys
+ 2004-08-19 13:30:20 25,088 ----a-w c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\kbdclass.sys
+ 2007-07-30 18:19:36 549,720 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.0.6000.381\wuapi.dll
+ 2007-07-30 18:18:40 33,624 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381\wups.dll
+ 2006-10-08 19:51:14 14,640 ------w c:\windows\system32\spmsg.dll
+ 2004-08-19 14:39:24 134,656 ----a-w c:\windows\system32\spool\drivers\w32x86\3\PS5UI.DLL
+ 2004-08-19 14:39:24 464,384 ----a-w c:\windows\system32\spool\drivers\w32x86\3\PSCRIPT5.DLL
+ 2006-10-08 19:51:14 23,856 ----a-w c:\windows\system32\spupdsvc.exe
+ 2007-04-11 13:33:20 1,419,024 ----a-w c:\windows\system32\WdfCoInstaller01005.dll
- 2004-08-19 13:39:34 432,128 ----a-w c:\windows\system32\wuapi.dll
+ 2007-07-30 18:19:36 549,720 ----a-w c:\windows\system32\wuapi.dll
- 2004-08-19 13:39:48 111,616 ----a-w c:\windows\system32\wuauclt.exe
+ 2007-07-30 18:19:16 53,080 ----a-w c:\windows\system32\wuauclt.exe
- 2004-08-19 13:39:34 1,134,592 ----a-w c:\windows\system32\wuaueng.dll
+ 2007-07-30 18:19:42 1,712,984 ----a-w c:\windows\system32\wuaueng.dll
- 2004-08-19 13:39:34 114,176 ----a-w c:\windows\system32\wucltui.dll
+ 2007-07-30 18:19:32 325,976 ----a-w c:\windows\system32\wucltui.dll
- 2004-08-19 13:39:34 36,864 ----a-w c:\windows\system32\wups.dll
+ 2007-07-30 18:18:40 33,624 ----a-w c:\windows\system32\wups.dll
+ 2007-07-30 18:19:12 43,352 ----a-w c:\windows\system32\wups2.dll
- 2004-08-19 13:39:34 120,320 ----a-w c:\windows\system32\wuweb.dll
+ 2007-07-30 18:19:46 203,096 ----a-w c:\windows\system32\wuweb.dll
+ 2005-09-22 21:49:12 95,744 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2005-09-22 23:16:02 1,093,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2005-09-22 23:16:06 1,079,808 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2005-09-22 23:16:08 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2005-09-22 23:16:10 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2005-09-22 22:58:06 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2005-09-22 22:58:06 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2005-09-22 22:58:06 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2005-09-22 22:58:06 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2005-09-22 22:58:06 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2005-09-22 22:58:06 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2005-09-22 22:58:06 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2005-09-22 22:58:06 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2005-09-22 22:58:06 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2005-09-22 23:35:10 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiS Windows KeyHook"="c:\windows\system32\keyhook.exe" [2005-03-04 32768]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"AnyDVD"="c:\programmi\SlySoft\AnyDVD\AnyDVD.exe" [2008-09-13 462848]
"Ulead AutoDetector v2"="c:\programmi\File comuni\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 90112]
"00PCTFW"="c:\programmi\PC Tools Firewall Plus\FirewallGUI.exe" [2009-02-25 2652056]
"SiSPower"="SiSPower.dll" [2005-02-25 c:\windows\system32\SiSPower.dll]
"AGRSMMSG"="AGRSMMSG.exe" [2004-10-08 c:\windows\AGRSMMSG.exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 c:\windows\KHALMNPR.Exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 c:\windows\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Intelligent Wireless Utility.lnk - c:\programmi\Intelligent\Common\RaUI.exe [2008-09-14 1110016]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-27 12:36 352256 c:\programmi\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\skype\\Phone\\Skype.exe"=

R0 VIRAGTLT;VIRAGTLT;c:\windows\system32\drivers\VIRAGTLT.SYS [2008-10-24 41728]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009-01-26 159600]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [2008-09-03 8944]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [2008-09-03 55024]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2009-01-26 73840]
R2 viritsvclite;Virit eXplorer Lite;c:\vexplite\VIRITSVC.EXE [2007-10-10 57344]
R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [2009-01-26 95640]
S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [2008-09-03 7408]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKCU-Run-MSMSGS - c:\programmi\Messenger\msmsgs.exe


.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: Crawler Search - tbr:iemenu
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: {EDC70768-92FB-465E-9CB6-D153AABBBCAC} = 194.183.64.10,151.99.125.3
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-08 15:35:41
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(752)
c:\programmi\SUPERAntiSpyware\SASWINLO.DLL
.
Ora fine scansione: 2009-04-08 15.37.03
ComboFix-quarantined-files.txt 2009-04-08 13:37:00

Pre-Run: 2.218.442.752 byte disponibili
Post-Run: 2,709,250,048 byte disponibili

267

Ciao, per intanto lancia HijackThis e fixa queste due righe, dovresti risolver il problema del Messenger;

---

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe (file missing)

---

Poi scarica VirIt , installalo e aggiornalo. Fai due scansioni in modalità provvisoria e pubblica il rapporto. Non serve disattivare il tuo antivirus residente. Pubblica il report e riferisci se il problema è risolto.

---