fatto ecco il log:

ComboFix 09-04-04.01 - G & S 2009-04-09 19.28.35.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.2047.1612 [GMT 2:00]
Eseguito da: c:\documents and settings\G & S\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\G & S\Desktop\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated)
AV: Antivirus BitDefender *On-access scanning disabled* (Updated)
FW: COMODO Firewall *enabled*
* Creato nuovo punto di ripristino

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!

FILE ::
c:\windows\system32\drivers\ovfsthnkoavacrunxeqnwqbvexvmknwmovwbkb.sys
c:\windows\system32\ovfsthssrxqpdmslhmbhvthteovorhdbvbwhml.dat
c:\windows\system32\ovfsthvshisuqpfukxsjufdrcjlffsjwvqqyqj.dat
c:\windows\system32\Remover.ini
.
Error: Cfolders.dat

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\ovfsthnkoavacrunxeqnwqbvexvmknwmovwbkb.sys
c:\windows\system32\ovfsthssrxqpdmslhmbhvthteovorhdbvbwhml.dat
c:\windows\system32\ovfsthvshisuqpfukxsjufdrcjlffsjwvqqyqj.dat
c:\windows\system32\Remover.ini

.
((((((((((((((((((((((((( Files Creati Da 2009-03-09 al 2009-04-09 )))))))))))))))))))))))))))))))))))
.

2009-04-09 16:35 . 2009-04-09 16:35 <DIR> d-------- c:\programmi\PowerQuest
2009-04-08 22:01 . 2009-04-09 09:36 <DIR> d-------- c:\programmi\VEXPLITE
2009-04-08 22:01 . 2008-03-17 19:23 39,808 --a------ c:\windows\system32\drivers\VIRAGTLT.SYS
2009-04-08 17:19 . 2009-04-08 17:19 <DIR> d-------- c:\windows\system32\xircom
2009-04-08 17:19 . 2009-04-08 17:19 <DIR> d-------- c:\programmi\microsoft frontpage
2009-04-08 15:19 . 2009-04-08 15:19 155 --a------ c:\windows\system32\SelfDel.bat
2009-04-08 15:04 . 2009-04-08 17:04 <DIR> d--hs---- c:\windows\system32\lowsec
2009-04-08 15:03 . 2009-04-08 15:03 89,088 --a------ c:\windows\system32\fyd.exe
2009-04-07 22:36 . 2009-04-08 11:17 <DIR> d-------- c:\windows\BDOSCAN8
2009-04-07 21:41 . 2009-04-07 21:41 81,984 --a------ c:\windows\system32\bdod.bin
2009-04-07 21:41 . 2009-04-07 21:41 121 --a------ c:\windows\bdagent.INI
2009-04-07 21:34 . 2009-04-07 21:34 850 --a------ c:\windows\system32\ProductTweaks.xml
2009-04-07 21:34 . 2009-04-07 21:34 385 --a------ c:\windows\system32\user_gensett.xml
2009-04-07 21:31 . 2009-04-07 21:32 <DIR> d-------- c:\programmi\File comuni\BitDefender
2009-04-07 21:31 . 2009-04-07 21:34 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\BitDefender
2009-04-07 21:02 . 2009-04-07 21:50 842 --a------ c:\windows\system32\ovfsthlog.dat
2009-04-07 19:39 . 2009-04-07 19:39 <DIR> d-------- c:\programmi\Trend Micro
2009-04-07 19:23 . 2009-04-07 19:23 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2009-04-05 18:17 . 2009-04-05 18:17 <DIR> d-------- C:\OUT_MEDIA_FILES
2009-04-05 18:17 . 2002-07-17 09:05 16,512 --a------ c:\windows\system32\drivers\ASPI32.SYS
2009-04-02 11:29 . 2009-04-02 11:51 <DIR> d-------- c:\documents and settings\G & S\Dati applicazioni\mIRC
2009-04-01 22:25 . 2009-04-01 22:25 <DIR> d-------- c:\documents and settings\G & S\Dati applicazioni\Wireshark
2009-04-01 22:05 . 2009-04-01 22:28 3,284 --a------ c:\windows\system32\ANIWZCS{F6FF7E7F-25B5-4C20-B883-F8FBF4B60EB4}
2009-04-01 22:04 . 2009-04-01 22:05 6 --a------ c:\windows\system32\ANIWZCSUSERNAME{F6FF7E7F-25B5-4C20-B883-F8FBF4B60EB4}
2009-04-01 21:37 . 2009-04-01 21:37 <DIR> d-------- C:\cygwin
2009-04-01 18:55 . 2009-04-01 18:55 <DIR> d-------- c:\programmi\File comuni\PAC207
2009-04-01 18:55 . 2009-04-01 18:55 <DIR> d-------- c:\programmi\Aecotech
2009-04-01 18:55 . 2008-02-13 13:17 618,112 --a------ c:\windows\system32\drivers\PFC027.SYS
2009-04-01 18:55 . 2008-02-18 09:15 129,024 --------- c:\windows\system32\SP207.ax
2009-04-01 18:55 . 2006-10-12 11:57 14,336 --------- c:\windows\system32\P207USD.dll
2009-04-01 18:55 . 2007-10-25 19:02 566 --------- c:\windows\system32\SP207.ini
2009-04-01 18:54 . 2009-04-01 18:54 <DIR> d-------- c:\documents and settings\G & S\Dati applicazioni\InstallShield
2009-04-01 11:59 . 2009-04-01 11:59 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-04-01 11:59 . 2009-04-01 11:59 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-04-01 11:58 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll
2009-04-01 11:57 . 2009-04-01 12:00 <DIR> d-------- c:\documents and settings\G & S\Dati applicazioni\PC Suite
2009-04-01 11:57 . 2009-04-01 12:00 <DIR> d-------- c:\documents and settings\G & S\Dati applicazioni\Nokia
2009-04-01 11:57 . 2009-04-01 11:59 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\PC Suite
2009-04-01 11:53 . 2009-04-01 11:53 <DIR> d-------- c:\programmi\File comuni\PCSuite
2009-04-01 11:52 . 2009-04-01 11:53 <DIR> d-------- c:\programmi\File comuni\Nokia
2009-04-01 11:52 . 2009-04-01 11:52 <DIR> d-------- c:\programmi\DIFX
2009-04-01 11:52 . 2008-08-26 09:26 18,816 --a------ c:\windows\system32\drivers\pccsmcfd.sys
2009-04-01 11:50 . 2009-04-01 11:50 <DIR> d-------- c:\programmi\PC Connectivity Solution
2009-04-01 11:50 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys
2009-04-01 11:50 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\usbser_lowerfltj.sys
2009-04-01 11:50 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\usbser_lowerflt.sys
2009-04-01 11:49 . 2009-04-01 11:56 <DIR> d----c--- c:\windows\system32\DRVSTORE
2009-04-01 11:49 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll
2009-04-01 11:49 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll
2009-04-01 11:49 . 2008-09-15 07:56 91,136 --a------ c:\windows\system32\nmwcdcls.dll
2009-04-01 11:49 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys
2009-04-01 11:45 . 2009-04-01 11:45 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Installations
2009-03-25 14:40 . 1998-10-06 19:57 327,168 --a------ c:\windows\IsUn0410.exe
2009-03-25 12:37 . 2009-03-25 12:37 7 --a------ c:\windows\system32\ANIWZCSUSERNAME{299450D7-2341-46EB-8A81-2EAF63CCBDD4}
2009-03-24 18:40 . 2009-03-25 12:56 <DIR> d-------- c:\documents and settings\G & S\Dati applicazioni\PoivY
2009-03-23 23:56 . 2008-04-13 19:13 221,184 --a------ c:\windows\system32\wmpns.dll
2009-03-23 23:48 . 2008-12-12 19:01 3,088,896 --------- c:\windows\system32\dllcache\mshtml.dll
2009-03-23 23:48 . 2008-10-16 03:00 1,499,648 --------- c:\windows\system32\dllcache\shdocvw.dll
2009-03-23 23:48 . 2008-10-16 03:00 668,672 --------- c:\windows\system32\dllcache\wininet.dll
2009-03-23 23:48 . 2008-10-16 03:00 619,520 --------- c:\windows\system32\dllcache\urlmon.dll
2009-03-23 23:19 . 2009-03-23 23:19 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Office Genuine Advantage
2009-03-23 21:44 . 2009-03-23 21:44 <DIR> d-------- c:\programmi\Avira
2009-03-23 21:44 . 2009-03-23 21:44 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Avira
2009-03-23 15:33 . 2009-02-13 12:31 55,640 --a------ c:\windows\system32\drivers\avgntflt.sys
2009-03-21 17:26 . 2009-03-21 17:26 74,752 --a------ c:\windows\cadkasdeinst01e.exe
2009-03-21 17:25 . 2009-03-21 17:25 73,216 --a------ c:\windows\cadkasdeinst01s.exe
2009-03-20 15:05 . 2009-03-20 15:05 <DIR> d-------- c:\programmi\Codice Fiscale
2009-03-20 15:05 . 2009-03-20 15:05 <DIR> d-------- c:\documents and settings\G & S\Dati applicazioni\Palmlex
2009-03-17 22:03 . 2009-03-17 22:03 <DIR> d-------- c:\programmi\Microsoft Silverlight
2009-03-17 21:24 . 2007-11-02 12:07 6,656 --a------ c:\windows\system32\CoInst_080213.dll
2009-03-17 16:43 . 2009-03-17 16:43 <DIR> d-------- c:\programmi\File comuni\Wise Installation Wizard
2009-03-17 16:36 . 2009-03-17 16:36 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\MakeMusic
2009-03-17 16:31 . 2009-03-17 16:31 <DIR> d-------- c:\windows\Cache
2009-03-17 16:30 . 2009-03-18 18:10 <DIR> d-------- C:\Psfonts
2009-03-17 16:30 . 2001-08-17 22:02 8,576 --a------ c:\windows\system32\drivers\hidgame.sys
2009-03-17 16:27 . 2009-03-17 16:39 308 --a------ c:\windows\winiini.fin
2009-03-17 16:24 . 2009-03-17 16:24 <DIR> d-------- c:\documents and settings\G & S\Bluetooth Software
2009-03-17 16:24 . 2003-06-25 17:05 266,360 --a------ c:\windows\system32\TweakUI.exe
2009-03-17 16:24 . 2002-06-21 16:09 160,217 --a------ c:\windows\system32\PowerToysLicense.rtf
2009-03-17 16:18 . 2008-04-13 11:51 101,120 --a------ c:\windows\system32\drivers\bthpan.sys
2009-03-17 16:17 . 2008-04-13 19:14 152,576 --a------ c:\windows\system32\irftp.exe
2009-03-17 16:17 . 2008-04-13 11:46 59,136 --a------ c:\windows\system32\drivers\rfcomm.sys
2009-03-17 16:17 . 2008-04-13 19:13 29,696 --a------ c:\windows\system32\irmon.dll
2009-03-17 16:17 . 2008-04-13 11:46 18,944 --a------ c:\windows\system32\drivers\BTHUSB.SYS
2009-03-17 16:17 . 2008-04-13 11:46 17,024 --a------ c:\windows\system32\drivers\BthEnum.sys
2009-03-17 16:17 . 2008-04-13 19:13 8,192 --a------ c:\windows\system32\wshirda.dll
2009-03-17 16:13 . 2009-03-17 16:13 <DIR> d-------- c:\programmi\File comuni\EPSON
2009-03-17 16:13 . 2001-08-23 02:04 139,264 --a------ c:\windows\system32\EBAPI2.dll
2009-03-17 16:12 . 2009-03-17 16:13 <DIR> d-------- c:\programmi\EPSON
2009-03-17 16:12 . 2009-03-17 16:13 13,046 --a------ c:\windows\EPSTPLOG.BAK
2009-03-17 16:11 . 2008-04-13 11:47 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2009-03-17 15:38 . 2009-03-21 16:28 1,440,024 --a------ C:\DC6810xp-001.raw
2009-03-17 15:35 . 2009-03-17 15:35 <DIR> d-------- c:\programmi\Microsoft LifeCam
2009-03-17 14:49 . 2008-04-13 11:45 60,032 --a------ c:\windows\system32\drivers\USBAUDIO.sys
2009-03-17 14:47 . 2005-05-26 16:34 2,297,552 --a------ c:\windows\system32\d3dx9_26.dll
2009-03-17 14:32 . 2009-03-17 14:32 <DIR> d-------- c:\programmi\MSBuild
2009-03-17 14:27 . 2009-03-17 14:34 <DIR> d-------- c:\windows\system32\XPSViewer
2009-03-17 14:26 . 2009-03-17 14:26 <DIR> d-------- c:\programmi\Reference Assemblies
2009-03-17 14:25 . 2006-06-29 14:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-03-17 14:20 . 2007-07-19 19:14 3,727,720 --a------ c:\windows\system32\d3dx9_35.dll
2009-03-14 17:34 . 2009-03-14 17:34 <DIR> d-------- c:\windows\usbbin
2009-03-14 17:34 . 2009-03-14 17:34 <DIR> d-------- c:\windows\system32\color
2009-03-14 17:34 . 2002-04-06 11:52 172,032 -r------- c:\windows\ESUSDX.DLL
2009-03-14 17:34 . 2002-04-06 11:51 77,824 -r------- c:\windows\ESUSD.DLL
2009-03-14 17:34 . 2002-04-06 11:53 66,560 -r------- c:\windows\system32\WNASPI32.DLL
2009-03-14 17:34 . 2002-04-06 11:52 24,576 --------- c:\windows\system32\RSRC32.dll
2009-03-14 17:34 . 2002-04-06 11:52 5,741 -r------- c:\windows\GULP.VXD
2009-03-14 17:34 . 2002-04-06 11:52 1,312 --------- c:\windows\system32\RSRC16.dll
2009-03-14 17:33 . 2009-03-14 17:33 <DIR> d-------- c:\programmi\Escntl
2009-03-14 17:33 . 2008-04-13 11:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-03-13 00:03 . 2009-03-13 00:03 <DIR> d-------- c:\windows\system32\IOSUBSYS
2009-03-11 12:25 . 2009-03-11 12:25 <DIR> d-------- c:\documents and settings\G & S\Dati applicazioni\ArcSoft
2009-03-11 12:19 . 1995-07-31 14:44 212,480 --a------ c:\windows\PCDLIB32.DLL
2009-03-11 12:19 . 2001-11-02 18:06 163,840 --a------ c:\windows\system32\PhotoImpression Screen Saver.scr
2009-03-10 21:53 . 2009-03-10 21:55 <DIR> d-------- c:\programmi\File comuni\uusee
2009-03-10 14:03 . 2009-04-05 21:49 <DIR> d-------- c:\documents and settings\G & S\Dati applicazioni\dvdcss
2009-03-10 14:00 . 2009-04-04 13:24 116 --a------ c:\windows\NeroDigital.ini
2009-03-09 17:12 . 2009-03-09 17:12 <DIR> d-------- c:\documents and settings\G & S\Dati applicazioni\Malwarebytes
2009-03-09 17:12 . 2009-03-09 17:12 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-03-09 17:12 . 2009-03-26 16:49 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-09 17:12 . 2009-03-26 16:49 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-09 12:08 . 2009-03-09 12:08 <DIR> d-------- c:\documents and settings\G & S\Dati applicazioni\Foxit

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-09 17:26 --------- d-----w c:\documents and settings\G & S\Dati applicazioni\uTorrent
2009-04-01 20:31 --------- d--h--w c:\programmi\InstallShield Installation Information
2009-03-30 12:38 --------- d-----w c:\documents and settings\G & S\Dati applicazioni\Ahead
2009-03-29 22:00 --------- d-----w c:\programmi\TuneUp Utilities 2009
2009-03-23 16:36 25,088 ----a-w c:\windows\system32\ctfmon.exe
2009-03-16 19:16 --------- d-----w c:\programmi\File comuni\InstallShield
2009-03-11 16:44 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2009-03-09 03:19 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-03-07 20:56 --------- d-----w c:\programmi\Borland
2009-03-07 20:49 --------- d-----w c:\programmi\WinRicette
2009-03-07 20:10 478 ---ha-w C:\os678647.bin
2009-03-07 19:49 --------- d-----w c:\programmi\Ulead Systems
2009-03-07 13:42 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Ulead Systems
2009-03-07 12:39 --------- d-----w c:\documents and settings\G & S\Dati applicazioni\Ulead Systems
2009-03-06 16:09 --------- d-----w c:\documents and settings\G & S\Dati applicazioni\FileMaker
2009-03-05 21:53 --------- d-----w c:\programmi\Windows Sidebar
2009-03-05 16:58 --------- d-----w c:\documents and settings\G & S\Dati applicazioni\Broad Intelligence
2009-03-04 19:10 --------- d-----w c:\programmi\Google
2009-03-04 16:45 --------- d-----w c:\documents and settings\G & S\Dati applicazioni\vlc
2009-03-04 10:30 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\comodo
2009-03-03 15:24 --------- d-----w c:\programmi\Microsoft.NET
2009-03-03 12:52 --------- d-----w c:\documents and settings\G & S\Dati applicazioni\Windows Sidebar Styler
2009-03-03 12:12 --------- d-----w c:\programmi\Thoosje Sidebar V2.3
2009-03-03 12:06 --------- d-----w c:\documents and settings\G & S\Dati applicazioni\Convivea
2009-03-03 09:56 --------- d-----w c:\documents and settings\G & S\Dati applicazioni\Desktopicon
2009-03-03 09:05 24,336 ----a-w c:\windows\system32\drivers\cmdhlp.sys
2009-03-03 09:05 155,384 ----a-w c:\windows\system32\guard32.dll
2009-03-03 09:05 110,992 ----a-w c:\windows\system32\drivers\cmdguard.sys
2009-03-02 21:19 --------- d-----w c:\programmi\Messenger Plus! Live
2009-03-02 19:37 --------- d-----w c:\programmi\Windows Live
2009-03-02 19:37 --------- d-----w c:\programmi\Microsoft
2009-03-02 19:36 --------- d-----w c:\programmi\Windows Live SkyDrive
2009-03-02 19:33 --------- d-----w c:\programmi\File comuni\Windows Live
2009-03-02 18:53 --------- d-----w c:\programmi\r2 Studios
2009-03-02 17:03 --------- d-----w c:\programmi\eMule
2009-03-02 16:57 603,904 ----a-w c:\windows\system32\TUProgSt.exe
2009-03-02 16:57 360,192 ----a-w c:\windows\system32\TuneUpDefragService.exe
2009-03-02 16:57 --------- d-----w c:\documents and settings\G & S\Dati applicazioni\TuneUp Software
2009-03-02 16:56 --------- d-sh--w c:\documents and settings\All Users\Dati applicazioni\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-02 16:56 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\TuneUp Software
2009-03-02 16:28 --------- d-----w c:\programmi\File comuni\Stardock
2009-03-02 16:19 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\LightScribe
2009-03-02 16:17 --------- d-----w c:\programmi\File comuni\LightScribe
2009-03-02 16:12 --------- d-----w c:\programmi\File comuni\Ahead
2009-03-02 15:53 --------- d-----w c:\documents and settings\G & S\Dati applicazioni\r2 Studios
2009-03-02 15:53 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\r2 Studios
2009-03-02 15:52 --------- d-----w c:\programmi\File comuni\Adobe
2009-03-02 15:49 --------- d-----w c:\documents and settings\G & S\Dati applicazioni\Apple Computer
2009-03-02 15:45 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2009-03-02 15:40 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-03-02 15:36 --------- d-----w c:\programmi\uTorrent
2009-03-02 15:29 --------- d-----w c:\programmi\CyberLink
2009-03-02 15:29 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\CyberLink
2009-03-02 15:25 --------- d-----w c:\programmi\xp-AntiSpy
2009-03-02 15:15 219,648 ----a-w c:\windows\system32\uxtheme.dll
2009-03-02 14:47 --------- d-----w c:\programmi\Windows Media Connect 2
2009-03-02 14:26 --------- d-----w c:\programmi\COMODO
2009-03-02 14:26 --------- d-----w c:\documents and settings\G & S\Dati applicazioni\Comodo
2009-03-02 14:23 155,995 ----a-w c:\windows\java\Packages\CHB5N1B1.ZIP
2009-03-02 14:23 --------- d-----w c:\programmi\Motive
2009-03-02 14:23 --------- d-----w c:\programmi\File comuni\Motive
2009-03-02 14:23 --------- d-----w c:\programmi\Common Files
2009-03-02 14:23 --------- d-----w c:\programmi\Alice ti aiuta
2009-03-02 14:23 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Motive
2009-03-02 14:22 --------- d-----w c:\programmi\Telecom Italia
2009-03-02 14:12 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\SlySoft
2009-03-02 14:07 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2009-03-02 14:00 249,592 ----a-w c:\windows\system32\cssdll32.dll
2009-03-02 13:57 --------- d-----w c:\programmi\Alwil Software
2009-03-02 13:38 --------- d-----w c:\programmi\Servizi in linea
2009-03-01 13:18 81,920 ----a-w c:\windows\system32\dvdplay.exe
2009-03-01 13:18 8,192 ----a-w c:\windows\system32\tsbyuv.dll
2009-03-01 13:18 8,192 ----a-w c:\windows\system32\streamci.dll
2009-03-01 13:18 21,376 ----a-w c:\windows\system32\drivers\tsbvcap.sys
2009-03-01 13:18 18,688 ----a-w c:\windows\system32\drivers\cdaudio.sys
2009-03-01 13:18 12,288 ----a-w c:\windows\system32\drivers\fsvga.sys
2009-03-01 13:18 12,160 ----a-w c:\windows\system32\drivers\mouhid.sys
2009-03-01 13:15 361,600 ----a-w c:\windows\system32\drivers\tcpip.sys
2009-03-01 13:15 171,520 ----a-w c:\windows\system32\sfc_os.dll
2009-03-01 13:13 2,052,096 ----a-w c:\windows\system32\syssetup.dll
2009-03-01 13:12 455,936 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2009-03-01 13:12 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2009-03-01 13:12 286,720 ----a-w c:\windows\system32\gdi32.dll
2009-03-01 13:12 247,326 ----a-w c:\windows\system32\strmdll.dll
2009-03-01 13:11 74,752 ----a-w c:\windows\system32\msw3prt.dll
2009-03-01 13:11 712,704 ----a-w c:\windows\system32\windowscodecs.dll
2009-03-01 13:11 347,648 ----a-w c:\windows\system32\windowscodecsext.dll
2009-03-01 13:11 2,450,176 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-01 13:11 138,496 ----a-w c:\windows\system32\drivers\afd.sys
2009-03-01 13:11 105,472 ----a-w c:\windows\system32\win32spl.dll
2009-03-01 13:11 1,148,416 ----a-w c:\windows\system32\msxml3.dll
2009-03-01 13:10 90,112 ----a-w c:\windows\system32\wshext.dll
2009-03-01 13:10 74,240 ----a-w c:\windows\system32\mscms.dll
2009-03-01 13:10 430,080 ----a-w c:\windows\system32\vbscript.dll
2009-03-01 13:10 253,952 ----a-w c:\windows\system32\es.dll
2009-03-01 13:10 247,296 ----a-w c:\windows\system32\mswsock.dll
2009-03-01 13:10 225,856 ----a-w c:\windows\system32\drivers\tcpip6.sys
2009-03-01 13:10 204,800 ----a-w c:\windows\system32\wscript.exe
2009-03-01 13:10 188,416 ----a-w c:\windows\system32\scrobj.dll
2009-03-01 13:10 172,032 ----a-w c:\windows\system32\scrrun.dll
.

------- Sigcheck -------

2008-04-13 19:13 588800 3dbd6dc6d74c517d55a1b3aeca88ef48 c:\windows\system32\user32.dll
2008-04-13 19:13 579584 fa94696c0727bd59e517c674cd6e7c72 c:\windows\VistaMizer\old\user32.dll

2009-03-01 15:15 361600 1f39c7bdba4c5f3f01c4eabf7edbf4b3 c:\windows\system32\drivers\tcpip.sys

2008-04-13 19:14 549888 6dc43081c760eec1130d2c8c145df375 c:\windows\system32\winlogon.exe
2008-04-13 19:14 510464 9259170d29b5a256735fcb8b80280857 c:\windows\VistaMizer\old\winlogon.exe

2009-03-01 15:19 2327040 2d10eeb83eebdce43e9f0214057c03f2 c:\windows\system32\ntkrnlpa.exe
2009-03-01 15:19 2069760 c812d8551fd3b6acdbf7eb6b18b1b992 c:\windows\VistaMizer\old\ntkrnlpa.exe

2009-03-01 15:11 2450176 948fd43022363203761659a8b27b5e94 c:\windows\system32\ntoskrnl.exe
2009-03-01 15:11 2192896 0ee73494680235d59f4e57301d7ad580 c:\windows\VistaMizer\old\ntoskrnl.exe

2008-04-13 19:14 1554944 287b3020f1324e99f313c9e7fcfccccc c:\windows\explorer.exe
2008-04-13 19:14 1036288 70d7f99d95615c3c278367756287db71 c:\windows\VistaMizer\old\explorer.exe

2009-03-23 18:36 25088 91b6aac828f8bbe1796275424e44dfb0 c:\windows\system32\ctfmon.exe
2008-04-13 19:14 15360 f53cddef33a4c41336a782be3d170158 c:\windows\VistaMizer\old\ctfmon.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-04-08_17.21.10.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 18:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2009-04-09 14:35:09 22,486 ----a-r c:\windows\Installer\{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}\ARPPRODUCTICON.exe
- 2009-04-08 15:15:09 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-04-09 07:36:22 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-04-08 15:15:09 32,768 ----a-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat
+ 2009-04-09 07:36:22 32,768 ----a-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat
- 2009-04-08 15:15:09 32,768 ----a-w c:\windows\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat
+ 2009-04-09 07:36:22 32,768 ----a-w c:\windows\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat
+ 2002-09-16 16:24:54 4,228 ----a-w c:\windows\system32\drivers\PQNTDRV.sys
+ 2002-09-16 16:27:18 1,377,452 ----a-w c:\windows\system32\XMNT2002.exe
+ 2009-04-09 17:33:23 16,384 ----atw c:\windows\temp\Perflib_Perfdata_398.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-04 39408]
"bgmonitor_{79662e04-7c6c-4d9f-84c7-88d8a56b10aa}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2006-09-13 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Firewall Pro"="c:\programmi\COMODO\Firewall\cfp.exe" [2009-03-03 1851128]
"COMODO Internet Security"="c:\programmi\COMODO\Firewall\cfp.exe" [2009-03-03 1851128]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"vx6000"="c:\windows\vVX6000.exe" [2006-10-13 994096]
"sunjavaupdatesched"="d:\programmi\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"startupdelayer"="c:\programmi\r2 Studios\Startup Delayer\Startup Launcher.exe" [2009-02-28 73728]
"remotecontrol"="c:\windows\system32\rmctrl.exe" [2000-10-16 32768]
"motive smartbridge"="c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
"lifecam"="c:\programmi\Microsoft LifeCam\LifeExp.exe" [2006-10-13 277296]
"epson stylus c42 series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE" [2002-07-01 74752]
"bluetoothauthenticationagent"="bthprops.cpl" [2008-04-13 c:\windows\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2009-03-23 25088]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2008-04-13 c:\windows\system32\advpack.dll]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Programmi\\uusee\\UUSeePlayer.exe"=
"c:\\Programmi\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Programmi\\Microsoft LifeCam\\LifeExp.exe"=
"d:\\Programmi\\PoivY.com\\PoivY\\PoivY.exe"=

R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-03-02 110992]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2009-03-02 24336]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\programmi\Avira\AntiVir Desktop\sched.exe [2009-03-23 108289]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-03-02 603904]
R3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\drivers\VX6000Xp.sys [2006-10-13 2383152]
S3 A5AGU;D-Link USB Wireless Network Adapter Service;c:\windows\system32\drivers\A5AGU.sys [2006-09-21 347648]
S3 aspi;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2009-04-05 16512]
S3 CrystalSysInfo;CrystalSysInfo;d:\programmi\MediaCoder\SysInfo.sys [2007-09-25 15152]
S3 PAC207;PC Camer@;c:\windows\system32\drivers\PFC027.SYS [2009-04-01 618112]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\programmi\File comuni\LightScribe\LSRunOnce.exe"
.
Contenuto della cartella 'Scheduled Tasks'

2009-04-09 c:\windows\Tasks\Manutenzione in 1 clic.job
- c:\programmi\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 17:20]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.personalfirewall.comodo.com/uninst_survey.html?serial=3.0.25.376_E33C8A2CD88A4ed3B2BD332E72436F25
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&sporta in Microsoft Excel - d:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Invia a &Bluetooth - d:\programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\G & S\Dati applicazioni\Mozilla\Firefox\Profiles\kx1lt5y4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.inter.it/aas/hp?L=it
FF - prefs.js: keyword.URL - about:neterror?e=query&u=
FF - component: d:\programmi\Mozilla Firefox\components\FFComm.dll
FF - component: d:\programmi\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: d:\programmi\Adobe\Reader 9.0\Reader\browser\nppdf32.dll
FF - plugin: d:\programmi\Java\jre6\bin\new_plugin\npdeploytk.dll
FF - plugin: d:\programmi\Java\jre6\bin\new_plugin\npjp2.dll
FF - plugin: d:\programmi\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: d:\programmi\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: d:\programmi\QuickTime\Plugins\npqtplugin.dll
FF - plugin: d:\programmi\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: d:\programmi\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: d:\programmi\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: d:\programmi\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: d:\programmi\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: d:\programmi\QuickTime\Plugins\npqtplugin7.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-09 19:34:07
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1212)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\guard32.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(1304)
c:\windows\system32\guard32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\scecli.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\COMODO\Firewall\cmdagent.exe
c:\programmi\Avira\AntiVir Desktop\avguard.exe
d:\programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
c:\programmi\File comuni\EPSON\EBAPI\SAgent2.exe
d:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\LightScribe\LSSrvc.exe
c:\programmi\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\rundll32.exe
c:\programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2009-04-09 19:36:53 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-04-09 17:36:45
ComboFix2.txt 2009-04-09 11:18:05
ComboFix3.txt 2009-04-09 08:51:33
ComboFix4.txt 2009-04-08 15:22:17

Pre-Run: 8.484.368.384 byte disponibili
Post-Run: 8,457,613,312 byte disponibili

424

GRAZIE......

ma l'auto play si può aggiustare in qualche modo, perchè nn si avvia....

non va il link....

tutto risolto.... grazie

ops ... sono entrato con l'account di mio fratello cmq grazie di nuovo....