Ciao, come da titolo oggi mi si è disattivato di colpo sia il firewall che l'antivirus Di quest'ultimo non funziona nemmeno la scansione.....

Ti posto sia il log fatto con Malwarebytes' Anti-Malware che quello con HijackThis..... Dimenticavo non mi fa andare nemmeno in modalità provvisoria......

Hai il Bagle, una brutta bestia.

---

come ho fatto a prenderlo e soprattutto come faccio a toglierlo

Crack, principalmente.

Finita quella scansione, fai questa:
Scarica Elibagla:

http://www.zonavirus.com/datos/descargas/95/elibagla.asp

scorri fino a fondo pagina e, clicca su Descargar Elibagla

clicca sulla icona di Elibagla per avviare il tool

spunta la voce Eliminar ficheros automaticamente

clicca su Explorar

lascia completare la scansione di default (C:\)

al termine dell'operazione verrà rilasciato un log in Disco Locale C: dal nome InfoSat.txt
Postalo qui.

Penso e spero, che sia inutile dirti che DEVI eliminare quello che hai scaricato da E-Mule. ( Crack, Keygen, e porcherie varie.
Svuota anche il Cestino.

Disistalla: (sono corrotti)
Antivirus BitDefender
AntiVir
COMODO Firewall

Fai una pulizia con CCleaner.
Riavvia il pc.
NON NAVIGARE IN INTERNET, (penso tu stia scrivendo da un'altro pc.)

Puoi solo navigare sul sito di AIUTAMICI per scaricare Combofix.
Scarica Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe


Salvalo sul desktop.

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (comparirà una videata.)
Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.
E' probabile che ti siano inviati messaggi dall'antivirus, tu ignorali.
Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.

Disinstalla combofix in questo modo: (dopo che avrò visto il log)
Start
Esegui
nella finestra di dialogo, copia ed incolla questo comando: Combofix /u e premi Invio poi cancella le cartelle in "C" di Combofix e (qoobox)

ecco il log di ComboFix



ComboFix 09-09-28.01 - G & S 29/09/2009 22.23.17.6.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2047.1529 [GMT 2:00]
Eseguito da: c:\documents and settings\G & S\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {00000000-0000-0000-1200-140000FCFD7F}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000000-0012-0014-00DC-FD7F00000802}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000000-0012-0014-00EC-FD7F00000802}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000000-0012-0014-00FC-FD7F00000802}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {001300D4-0000-0000-1000-00005454927C}
AV: Antivirus BitDefender *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\G & S\Dati applicazioni\Desktopicon
c:\documents and settings\G & S\Dati applicazioni\drivers\downld
c:\documents and settings\G & S\Dati applicazioni\Microsoft\Clip Organizer\mstore10.mgc
c:\documents and settings\G & S\Dati applicazioni\Microsoft\Clip Organizer\Offic10.MGC
C:\InfoSat.txt
c:\recycler\S-1-5-21-1645522239-1580818891-1417001333-500
c:\recycler\S-1-5-21-1957994488-1979792683-1606980848-500
c:\windows\Installer\62b0c4.msi
c:\windows\jestertb.dll

.
((((((((((((((((((((((((( Files Creati Da 2009-08-28 al 2009-09-29 )))))))))))))))))))))))))))))))))))
.

2009-09-29 20:11 . 2009-09-29 20:11 -------- d--h--w- c:\documents and settings\G & S\Dati applicazioni\drivers
2009-09-29 19:37 . 2009-09-29 19:48 -------- d-----w- C:\FindyKill
2009-09-29 09:29 . 2009-09-29 09:29 71 ----a-w- c:\documents and settings\G & S\Dati applicazionidMb.dat
2009-09-29 09:28 . 2009-09-29 09:28 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\U3
2009-09-27 14:32 . 2009-09-27 14:32 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\TVU Networks
2009-09-27 14:32 . 2009-09-27 14:32 -------- d-----w- c:\documents and settings\G & S\LocalLow
2009-09-27 14:29 . 2009-09-27 14:29 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\TVU networks
2009-09-26 10:24 . 2009-09-26 11:17 -------- d-----w- c:\documents and settings\G & S\Impostazioni locali\Dati applicazioni\JockerSoft
2009-09-26 10:23 . 2009-09-26 11:31 -------- d-----w- c:\programmi\JockerSoft
2009-09-25 22:58 . 2009-09-25 22:58 -------- d-sh--w- c:\documents and settings\G & S\PrivacIE
2009-09-25 22:53 . 2009-09-25 22:53 -------- d-sh--w- c:\documents and settings\G & S\IETldCache
2009-09-25 22:50 . 2009-09-25 22:50 -------- d-----w- c:\windows\ie8updates
2009-09-25 22:47 . 2009-09-25 22:49 -------- dc-h--w- c:\windows\ie8
2009-09-25 22:41 . 2009-08-07 08:48 100352 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-09-25 22:41 . 2009-07-03 16:55 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-09-25 22:40 . 2009-07-03 16:55 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-09-25 22:40 . 2009-07-03 16:55 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-09-25 22:40 . 2009-07-03 16:55 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll
2009-09-25 22:40 . 2009-07-03 16:55 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll
2009-09-24 13:02 . 2009-09-24 13:04 -------- d-----w- c:\documents and settings\G & S\.VirtualBox
2009-09-24 13:01 . 2009-09-09 18:15 115856 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2009-09-24 13:01 . 2009-09-09 18:15 91856 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2009-09-24 13:01 . 2009-09-09 18:15 41424 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2009-09-23 18:38 . 2009-09-27 13:26 -------- d-----w- c:\programmi\File comuni\uusee
2009-09-23 18:38 . 2009-09-27 13:25 -------- d-----w- c:\programmi\uusee
2009-09-23 18:32 . 2009-09-23 18:33 -------- d-----w- c:\programmi\SopCast
2009-09-23 12:34 . 2009-09-23 12:34 604488 ----a-w- c:\windows\system32\TUProgSt.exe
2009-09-23 12:34 . 2009-07-15 09:48 29000 ----a-w- c:\windows\system32\uxtuneup.dll
2009-09-23 12:34 . 2009-09-23 12:34 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-09-23 11:27 . 2009-09-23 11:27 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\Yahoo!
2009-09-23 11:27 . 2009-09-23 11:31 -------- d-----w- c:\programmi\Yahoo!
2009-09-22 19:17 . 2009-09-28 16:16 -------- d-----w- c:\documents and settings\G & S\Impostazioni locali\Dati applicazioni\Cyberlink
2009-09-22 19:11 . 2009-09-28 15:47 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\CyberLink
2009-09-22 19:11 . 2009-09-22 19:17 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\CyberLink
2009-09-22 19:11 . 2009-09-22 19:11 -------- d-----w- c:\programmi\Cyberlink
2009-09-22 19:10 . 2009-09-22 19:10 -------- d-----w- c:\programmi\File comuni\CyberLink
2009-09-22 19:07 . 2009-09-22 19:07 29480 ----a-w- c:\windows\system32\msxml3a.dll
2009-09-22 18:49 . 2009-09-22 18:49 -------- d-----w- c:\documents and settings\G & S\Bluetooth Software
2009-09-22 18:47 . 2009-09-22 18:47 -------- d-----w- c:\programmi\WIDCOMM
2009-09-22 12:01 . 2009-09-26 11:48 -------- d-----w- c:\programmi\r2 Studios
2009-09-21 15:50 . 2009-09-21 15:50 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\Malwarebytes
2009-09-21 15:50 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-21 15:50 . 2009-09-21 15:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-09-21 15:50 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-21 13:04 . 2009-09-21 13:04 -------- d-----w- C:\found.000
2009-09-21 12:28 . 2009-09-21 12:28 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\TuneUp Software
2009-09-21 12:27 . 2009-09-21 12:27 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\TuneUp Software
2009-09-21 12:23 . 2009-09-21 12:26 -------- d-----w- c:\programmi\AnVir Task Manager Free
2009-09-21 12:23 . 2009-09-21 12:26 -------- d-----w- c:\documents and settings\G & S\Impostazioni locali\Dati applicazioni\AnVir
2009-09-21 08:57 . 2009-09-21 08:58 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\GetRightToGo
2009-09-20 19:57 . 2005-05-25 05:00 90112 ------w- c:\windows\SDUnInst.exe
2009-09-20 17:33 . 2009-09-20 18:24 -------- d-----w- c:\windows\system32\NtmsData
2009-09-20 16:31 . 2009-09-20 16:31 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\JAM Software
2009-09-20 12:40 . 2009-09-20 12:40 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PPLive
2009-09-20 12:40 . 2009-09-20 12:40 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\PPLive
2009-09-20 12:33 . 2009-09-20 12:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\CCTV
2009-09-17 13:19 . 2009-09-17 13:39 -------- d-----w- c:\programmi\Hard Disk Sentinel
2009-09-09 18:15 . 2009-09-09 18:15 133648 ------w- c:\windows\system32\VBoxNetFltNotify.dll
2009-09-07 11:45 . 2009-09-07 11:46 -------- d-----w- c:\windows\speech
2009-09-07 11:45 . 2009-09-07 11:45 -------- d-----w- c:\windows\Lhsp
2009-09-07 09:33 . 2009-09-07 09:33 -------- d-----w- c:\documents and settings\G & S\Impostazioni locali\Dati applicazioni\IsolatedStorage
2009-09-07 09:32 . 2009-09-07 09:32 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\SAU KP
2009-09-03 19:12 . 2009-09-03 19:12 -------- d-----w- c:\programmi\File comuni\PCSuite
2009-09-03 14:09 . 2009-09-03 22:02 -------- d-----w- c:\programmi\AudioCommander
2009-09-03 14:01 . 2009-09-03 14:01 -------- d-----w- c:\programmi\MIKSOFT
2009-09-03 13:57 . 2009-09-03 13:57 249856 ------w- c:\windows\Setup1.exe
2009-09-03 13:57 . 2009-09-03 13:57 73216 ----a-w- c:\windows\ST6UNST.EXE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-29 20:18 . 2009-03-02 14:26 -------- d-----w- c:\programmi\COMODO
2009-09-29 20:18 . 2009-03-02 13:59 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\Comodo
2009-09-29 12:47 . 2009-03-02 15:36 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\uTorrent
2009-09-26 13:34 . 2009-03-02 14:22 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-09-26 12:23 . 2009-03-02 15:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-09-25 22:53 . 2009-03-17 20:03 -------- d-----w- c:\programmi\Microsoft Silverlight
2009-09-22 19:07 . 2009-08-24 15:31 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-09-22 19:07 . 2006-10-09 01:37 505128 ----a-w- c:\windows\system32\msvcp71.dll
2009-09-22 19:07 . 2006-02-03 02:30 353576 ----a-w- c:\windows\system32\msvcr71.dll
2009-09-22 14:24 . 2009-04-27 18:41 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\SolidDocuments
2009-09-21 15:40 . 2001-08-31 09:00 79910 ----a-w- c:\windows\system32\perfc010.dat
2009-09-21 15:40 . 2001-08-31 09:00 479740 ----a-w- c:\windows\system32\perfh010.dat
2009-09-21 13:51 . 2009-03-02 14:22 53896 ----a-w- c:\documents and settings\G & S\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-09-21 11:21 . 2009-03-20 13:05 -------- d-----w- c:\programmi\Codice Fiscale
2009-09-20 14:12 . 2009-07-28 10:10 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\Superenalotto 3000
2009-09-20 13:42 . 2009-03-02 16:56 -------- d-sh--w- c:\documents and settings\All Users\Dati applicazioni\{55A29068-F2CE-456C-9148-C869879E2357}
2009-09-14 14:55 . 2009-03-04 19:09 -------- d-----w- c:\programmi\Google
2009-09-07 09:46 . 2009-04-02 09:29 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\mIRC
2009-09-03 19:12 . 2009-06-20 13:13 -------- d-----w- c:\programmi\File comuni\Nokia
2009-09-03 19:05 . 2009-04-01 09:45 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Installations
2009-09-03 13:53 . 2009-04-01 09:57 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\Nokia
2009-08-28 13:13 . 2009-03-10 12:03 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\dvdcss
2009-08-25 16:58 . 2009-08-25 16:58 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\Thinstall
2009-08-20 11:53 . 2009-03-23 13:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-18 13:35 . 2009-08-18 13:35 -------- d-----w- c:\documents and settings\G & S\Dati applicazioni\OxyCube
2009-08-18 13:30 . 2009-08-18 13:30 -------- d-----w- c:\programmi\Oxygen Software
2009-08-07 22:32 . 2009-03-02 14:23 -------- d-----w- c:\programmi\Alice ti aiuta
2009-07-03 16:55 . 2008-04-13 17:13 915456 ----a-w- c:\windows\system32\wininet.dll
.

------- Sigcheck -------

[-] 2008-04-13 . 97CBB1689BB951AD8DEE44C9F9C44318 . 724992 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2008-04-13 . 10AA0E13B4D20EE798E3382C9B89B3E3 . 617472 . . [5.82] . . c:\windows\VistaMizer\old\comctl32.dll
[7] 2008-04-13 . 9530E35D9033ACED20CDA2509A21073A . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2001-08-31 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

[-] 2009-03-01 . 1F39C7BDBA4C5F3F01C4EABF7EDBF4B3 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys

[-] 2009-03-01 13:10 . EA518D0002F4338DB0E7D83370D61845 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll

[-] 2009-03-01 . E0C98D37A349DC9688FE802F623B16F6 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll

[-] 2009-03-01 . 948FD43022363203761659A8B27B5E94 . 2450176 . . [5.1.2600.5657] . . c:\windows\system32\ntoskrnl.exe
[-] 2009-03-01 . 0EE73494680235D59F4E57301D7AD580 . 2192896 . . [5.1.2600.5657] . . c:\windows\VistaMizer\old\ntoskrnl.exe

[-] 2008-04-13 . 3DBD6DC6D74C517D55A1B3AECA88EF48 . 588800 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[7] 2008-04-13 . FA94696C0727BD59E517C674CD6E7C72 . 579584 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\user32.dll

[-] 2008-04-13 . 6DC43081C760EEC1130D2C8C145DF375 . 549888 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[7] 2008-04-13 . 9259170D29B5A256735FCB8B80280857 . 510464 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\winlogon.exe

[-] 2008-04-13 . 287B3020F1324E99F313C9E7FCFCCCCC . 1554944 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-13 . 70D7F99D95615C3C278367756287DB71 . 1036288 . . [6.00.2900.5512] . . c:\windows\VistaMizer\old\explorer.exe

[-] 2008-04-13 . 91B6AAC828F8BBE1796275424E44DFB0 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[7] 2008-04-13 . F53CDDEF33A4C41336A782BE3D170158 . 15360 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\ctfmon.exe

[-] 2009-03-01 . 2D10EEB83EEBDCE43E9F0214057C03F2 . 2327040 . . [5.1.2600.5657] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-03-01 . C812D8551FD3B6ACDBF7EB6B18B1B992 . 2069760 . . [5.1.2600.5657] . . c:\windows\VistaMizer\old\ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2005-07-07 851968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartupDelayer"="c:\programmi\r2 Studios\Startup Delayer\Startup Launcher.exe" [2007-12-14 26112]
"Malwarebytes Anti-Malware (reboot)"="d:\programmi\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 25088]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-03-08 128512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"=c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"bgmonitor_{79662e04-7c6c-4d9f-84c7-88d8a56b10aa}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"epson stylus c42 series"=c:\windows\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
"sunjavaupdatesched"="d:\programmi\Java\jre6\bin\jusched.exe"
"remotecontrol"=c:\windows\system32\rmctrl.exe
"QuickTime Task"=c:\windows\system32\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Programmi\\Microsoft LifeCam\\LifeExp.exe"=
"d:\\Programmi\\PoivY.com\\PoivY\\PoivY.exe"=
"c:\\Programmi\\uusee\\UUSeePlayer.exe"=

R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/09/22 21:11];d:\programmi\CyberLink\PowerDVD9\PowerDVD9\000.fcl [07/05/2009 21.05.22 87536]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [23/09/2009 14.34.14 604488]
S2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [31/07/2009 18.35.34 8192]
S3 A5AGU;D-Link USB Wireless Network Adapter Service;c:\windows\system32\drivers\A5AGU.sys [21/09/2006 11.19.04 347648]
S3 aspi;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [05/04/2009 18.17.33 16512]
S3 CrystalSysInfo;CrystalSysInfo;d:\programmi\MediaCoder\SysInfo.sys [25/09/2007 16.59.46 15152]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [20/06/2009 15.07.36 136704]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [24/09/2009 15.01.20 91856]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
S3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\drivers\VX6000Xp.sys [13/10/2006 18.04.44 2383152]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\programmi\File comuni\LightScribe\LSRunOnce.exe"
.
Contenuto della cartella 'Scheduled Tasks'

2009-09-29 c:\windows\Tasks\Manutenzione in 1 clic.job
- d:\programmi\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 10:28]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.noceraterinese.com/
uInternet Connection Wizard,ShellNext = hxxp://www.personalfirewall.comodo.com/uninst_survey.html?serial=3.0.25.376_E33C8A2CD88A4ed3B2BD332E72436F25
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&sporta in Microsoft Excel - d:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Invia a &Bluetooth - c:\programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
TCP: {BE9B2EEB-6D7D-4216-AAFF-F996702F2109} = 192.168.1.1
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\G & S\Dati applicazioni\Mozilla\Firefox\Profiles\kx1lt5y4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.inter.it/aas/hp?L=it
FF - component: d:\programmi\Mozilla Firefox\components\FFComm.dll
FF - plugin: c:\documents and settings\G & S\Dati applicazioni\Mozilla\Firefox\Profiles\kx1lt5y4.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\programmi\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\programmi\Adobe\Reader 9.0\Reader\browser\nppdf32.dll
FF - plugin: d:\programmi\Java\jre6\bin\new_plugin\npdeploytk.dll
FF - plugin: d:\programmi\Java\jre6\bin\new_plugin\npjp2.dll
FF - plugin: d:\programmi\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: d:\programmi\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections-per-server - 8
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-29 22:26
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\d:\programmi\CyberLink\PowerDVD9\PowerDVD9\000.fcl"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1044)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(1116)
c:\windows\system32\scecli.dll
c:\windows\system32\SETUPAPI.dll
.
Ora fine scansione: 2009-09-29 22.28.07
ComboFix-quarantined-files.txt 2009-09-29 20:27

Pre-Run: 6.247.514.112 byte disponibili
Post-Run: 6.217.433.088 byte disponibili

263

Segui le indicazioni: portali in Automatico.
Mi interessa sapere che problemi riscontri.

In ogni caso:
Reistalla Avira, e Comodo.

P.S:
Già che ci sei, fai anche una scansione con AVIRA.

Rifai la disistallazione, e la reistallazione seguendo alla lettera questa guida.

http://www.zeusnews.it/zz_upload/PSV/Guida%20completa%20di%20%20AVIRA%20Antivir%209.pdf
Le voci indicate nella prima immagine a pagina 11 della Guida, spuntale tutte (nell'immagine non lo sono).
Ci sono anche delle istruzioni per l'Aggiornamento Manuale.