innanzitutto grazie per avermi risposto!

in realta' avevo avast come antivirus ma quando ho provato a fare la scansione ieri mattina mi e' uscito fuori questo avviso "non e' un applicazione di win32 valida" a questo punto ho installato bitdefender che ha funzionato per un po' ma stamattina non c'e' stato verso di avviarlo.
ho appena scaricato hijackthis ma posso avviarlo anche se c'e' la scansione online di panda antivirus oppure devo aspettare che termina?

Ci sono riuscita!!!!!!!!!!!!!!!!!!!
ecco il log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11.31.54, on 16/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\BitDefender\BitDefender Update Service\livesrv.exe
D:\Bit defender\programma installato\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\D-Tools\daemon.exe
D:\Malwarebytes.Anti-Malware\Programma installato\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmi\Logitech\Video\LogiTray.exe
D:\Adobe Acrobat PDF\PROGRAMMA INSTALLATO\Acrobat\Acrotray.exe
D:\Malwarebytes.Anti-Malware\Programma installato\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Logitech\Video\FxSvr2.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
D:\Mozilla\firefox.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://dt-updates.com/activate?query=Tbz%2btLjMtUO3Ju4%2fq0OeMxwNpcrobKjLola6hTdNF%2ftW7Daz2J2xWiSwfHnh%2b9LgdY14wijU%2bpyxiM0GSD2uP7bPgXhQZQV2FB7TOzsmhoGaWZM%2b1y4BUlSpQQEGn0bAxU0ZAfIg3Yl8pueYsKISPXoEc%2bk8T%2fzTCzmgh84EO0ZXIwVJVZ8T8SY%2fAgkXrQnjNkrsEtwAD2oT7EZUerjgwTkCD%2fj2c2tNlV7%2fXV2flZgyWfzfa77dDvC4BcdWi3cVORe%2fpj3PG682TXFj%2fmDxvFr9w5LYF0dwIKiykxbxCok%3d
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Spybot\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Adobe Acrobat PDF\PROGRAMMA INSTALLATO\Acrobat\AcroIEFavClient.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Adobe Acrobat PDF\PROGRAMMA INSTALLATO\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Bit defender\programma installato\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmi\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Name of App] C:\Programmi\SAMSUNG\FW LiveUpdate\FWManager.exe r
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmi\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmi\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avgnt] "D:\Avira antivirus\Avira Premium Security Suite v8.1.00.206 FULL Edition + KEY\Programma installato\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\AVG Antispyware\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Adobe Acrobat PDF\PROGRAMMA INSTALLATO\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Malwarebytes.Anti-Malware\Programma installato\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [BDAgent] "D:\Bit defender\programma installato\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "D:\Bit defender\programma installato\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] D:\Gadwin\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmi\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Superantispyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [drvsyskit] C:\Documents and Settings\Maru Rita Ily\Dati applicazioni\drivers\winupgro.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Spybot\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [A00F10DBDB.exe] C:\DOCUME~1\MARURI~1\IMPOST~1\Temp\_A00F10DBDB.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = D:\Adobe Acrobat PDF\PROGRAMMA INSTALLATO\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Aggiungi a PDF esistente - res://D:\Adobe Acrobat PDF\PROGRAMMA INSTALLATO\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?fddcd304f22846059e2a0b5a79083526
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?fddcd304f22846059e2a0b5a79083526
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://D:\Adobe Acrobat PDF\PROGRAMMA INSTALLATO\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://D:\Acrobat PDF\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://D:\Acrobat PDF\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://D:\Acrobat PDF\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://D:\Adobe Acrobat PDF\PROGRAMMA INSTALLATO\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://D:\Adobe Acrobat PDF\PROGRAMMA INSTALLATO\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://D:\Acrobat PDF\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Spybot\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Spybot\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {AD7013FF-1D9A-4F36-94A6-3CD408A663F9} (GameDesire BreakOut) - http://194.244.16.117/g_bin/eng/breakout_2_0_0_29.cab
O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) - http://194.244.16.123/g_bin/eng/words_2_0_0_51.cab
O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://194.244.16.117/g_bin/eng/mahjong_2_0_0_31.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{13BD9FF6-15F2-4993-A9CF-D1ACC2698988}: NameServer = 85.37.17.11 85.38.28.69
O17 - HKLM\System\CS1\Services\Tcpip\..\{13BD9FF6-15F2-4993-A9CF-D1ACC2698988}: NameServer = 85.37.17.11 85.38.28.69
O17 - HKLM\System\CS3\Services\Tcpip\..\{13BD9FF6-15F2-4993-A9CF-D1ACC2698988}: NameServer = 85.37.17.11 85.38.28.69
O20 - Winlogon Notify: !SASWinLogon - D:\Superantispyware\SASWINLO.dll
O20 - Winlogon Notify: __c007FF8A - C:\WINDOWS\system32\__c007FF8A.dat
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Programmi\File comuni\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\AVG Antispyware\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Programmi\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Programmi\File comuni\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Malwarebytes.Anti-Malware\Programma installato\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - D:\Bit defender\programma installato\BitDefender 2009\vsserv.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programmi\Windows Live\installer\WLSetupSvc.exe

--
End of file - 12107 bytes

ok adesso provo... ma che dici la continuo la scansione online di panda?

un ultima cosa ... ma la scansione devo farla solo su C o anche su D e I (disco esterno)?

Il programma e' partito ho avviato la scansione su C e D

no tranquilla sono qui, non ti abbandono

no ferma tutto

ti funziona l'antivirus?

ferma la scansione . elimina i file infetti e scarica
http://dc108.4shared.com/download/75022994/b07bff/FindyKill.exe?tsid=20090209-102651-de3379fb


Doppio click sull'icona Findykill per avviare l'installazione:
Inserisci la prima spunta per accettare la licenza e prosegui > Suivant
Clicca su "Si" per destinare una cartella al programma
Clicca su Dèmarrer > Quitter per terminare l'installazione.
Cerca l'icona del programma sul desktop o in programmi ed eseguilo
Usa solo l'opzione 2
Il report delle operazioni effettuate lo trovarai in C:\FindyKill.txt
Allega il rapporto nella tua risposta.

ha eliminato delle infezioni del bagle

ora usa il programmino findkill, usa solo l'opzione 2