ciao,
a volte aprendo due o più pagine una di queste compare la clessidra e insistendo compare (non riaponde) ,
ecco il log hjt:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23.06.54, on 23/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Eset\nod32krn.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Programmi\PC Tools Firewall Plus\FWService.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\PMJ151LA.BIN
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe
C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\Mauro\IMPOST~1\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre6\bin\npjpi160_13.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre6\bin\npjpi160_13.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1222182782356
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FA7AE4C-6C0C-4B7F-8F00-16656305F801}: NameServer = 85.37.17.16 85.38.28.68
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Programmi\PC Tools Firewall Plus\FWService.exe
O23 - Service: PMJ151 AutoLaunch Service (PMJ151LA) - Matsushita Electric Industrial Co. ,Ltd, - C:\WINDOWS\PMJ151LA.BIN
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe

--
End of file - 5385 bytes
appena finisce allego log di malw.b.
grazie

ecco malawb.
alwarebytes' Anti-Malware 1.38
Versione del database: 2326
Windows 5.1.2600 Service Pack 3

23/06/2009 23.32.28
mbam-log-2009-06-23 (23-32-28).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 173137
Tempo trascorso: 15 minute(s), 47 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)

ecco combofix
ComboFix 09-06-22.0E - Mauro 24/06/2009 0.01.19.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2046.1577 [GMT 2:00]
Eseguito da: c:\documents and settings\Mauro\Desktop\ComboFix.exe
AV: Sistema Antivirus NOD32 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: PC Tools Firewall Plus *disabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
* Creato nuovo punto di ripristino
* Resident AV is active


ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Flavio Massimo.OK\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\SUPERAntiSpyware Free Edition.lnk
c:\documents and settings\Mauro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\SUPERAntiSpyware Free Edition.lnk

.
((((((((((((((((((((((((( Files Creati Da 2009-05-23 al 2009-06-23 )))))))))))))))))))))))))))))))))))
.

2009-06-05 19:32 . 2009-06-05 19:32 -------- d-----w- c:\documents and settings\mamma\Impostazioni locali\Dati applicazioni\Adobe
2009-05-31 09:03 . 2009-05-31 09:03 -------- d-----w- c:\documents and settings\ff\Impostazioni locali\Dati applicazioni\Adobe
2009-05-26 19:47 . 2009-05-26 19:47 152576 ----a-w- c:\documents and settings\Mauro\Dati applicazioni\Sun\Java\jre1.6.0_13\lzma.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-23 21:56 . 2008-01-31 18:43 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-06-23 21:24 . 2007-02-26 23:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-06-23 20:58 . 2009-03-18 19:07 117760 ----a-w- c:\documents and settings\Flavio Massimo.OK\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-06-23 20:56 . 2008-11-13 20:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator
2009-06-23 20:55 . 2008-11-14 13:54 -------- d-----w- c:\documents and settings\Flavio Massimo.OK\Dati applicazioni\Spyware Terminator
2009-06-22 19:41 . 2009-03-12 20:22 117760 ----a-w- c:\documents and settings\Mauro\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-06-22 19:39 . 2008-06-25 16:24 -------- d-----w- c:\programmi\SpywareBlaster
2009-06-22 19:38 . 2008-11-13 20:33 -------- d-----w- c:\documents and settings\Mauro\Dati applicazioni\Spyware Terminator
2009-06-17 20:11 . 2008-11-04 18:23 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-06-17 20:10 . 2008-12-04 17:07 3561743 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-06-17 09:27 . 2008-11-04 18:23 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-17 09:27 . 2008-11-04 18:23 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-10 11:57 . 2008-11-15 09:19 -------- d-----w- c:\documents and settings\ff\Dati applicazioni\Spyware Terminator
2009-06-09 09:46 . 2009-03-20 19:03 117760 ----a-w- c:\documents and settings\ff\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-06-05 19:32 . 2009-04-15 19:20 117760 ----a-w- c:\documents and settings\mamma\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-05-28 17:42 . 2008-11-05 14:24 -------- d-----w- c:\programmi\SUPERAntiSpyware
2009-05-26 20:47 . 2007-02-26 23:42 -------- d-----w- c:\programmi\File comuni\Adobe
2009-05-26 19:48 . 2008-11-06 17:30 -------- d-----w- c:\programmi\Java
2009-05-21 19:26 . 2008-11-13 20:33 -------- d-----w- c:\programmi\Spyware Terminator
2009-05-19 16:13 . 2008-02-29 19:30 -------- d-----w- c:\programmi\ESET
2009-05-15 20:14 . 2009-05-15 20:14 -------- d-----w- c:\documents and settings\Mauro\Dati applicazioni\dvdcss
2009-05-07 15:32 . 2002-09-09 12:50 347648 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:33 . 2002-09-09 12:51 669184 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:33 . 2007-02-26 23:34 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-04-27 17:15 . 2007-02-26 23:10 -------- d-----w- c:\programmi\eMule
2009-04-19 19:47 . 2002-09-09 12:45 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:52 . 2002-09-09 12:51 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-15 14:50 . 2001-08-31 11:00 72580 ----a-w- c:\windows\system32\perfc010.dat
2009-04-15 14:50 . 2001-08-31 11:00 444988 ----a-w- c:\windows\system32\perfh010.dat
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\programmi\Eset\nod32kui.exe" [2008-11-07 949376]
"SpywareTerminator"="c:\programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2008-11-13 1783808]
"00PCTFW"="c:\programmi\PC Tools Firewall Plus\FirewallGUI.exe" [2009-02-24 2652056]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2007-02-26 98304]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-13 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
EPSON Status Monitor 3 Environment Check 2.lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV02.EXE [2007-2-27 127488]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"JavaQuickStarterService"=2 (0x2)
"gusvc"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"<NO NAME>"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programmi\\MSN Messenger\\livecall.exe"=
"c:\\Programmi\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [07/11/2008 22.47.14 15424]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [13/02/2009 20.14.16 159600]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\SASDIFSV.SYS [03/09/2008 15.07.14 9968]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [03/09/2008 15.07.12 55024]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [13/11/2008 22.33.12 141312]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [13/02/2009 20.14.16 73840]
R2 PMJ151NM;Panasonic DVC Web Camera;c:\windows\system32\drivers\PMJ151NM.sys [27/02/2007 1.55.44 14848]
R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [13/02/2009 20.14.05 95640]
S3 MovRVDrv32;MovRVDrv32;c:\windows\system32\drivers\MovRVDrv32.sys [30/01/2008 20.18.25 3768]
S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [03/09/2008 15.07.16 7408]
S3 SDTHOOK;SDTHOOK;c:\windows\system32\drivers\SDTHOOK.SYS [02/03/2008 10.48.54 44928]
.
.
------- Scansione supplementare -------
.
uStart Page = about:blank
LSP: c:\windows\system32\imon.dll
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-24 00:03
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\PMJ151LA]
"ImagePath"="%SystemRoot%\PMJ151LA.BIN"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1056)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(1116)
c:\windows\system32\imon.dll
c:\programmi\Eset\pr_imon.dll
c:\windows\system32\nvappfilter.dll
.
Ora fine scansione: 2009-06-23 0.04.54
ComboFix-quarantined-files.txt 2009-06-23 22:04

Pre-Run: 67.500.998.656 byte disponibili
Post-Run: 67.484.168.192 byte disponibili

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
129 --- E O F --- 2009-06-10 18:01

si prima di avere il lettore schede sd l'attacavo al pc poi non più ma ho lasciato i drivers installati

sino ad oggi non hanno mai dato problemi;
devo disitallarne uno e poi reistallarlo o toglierlo definitivamente?
grazie

farò così e lo terrò d'occhio per un pò anche tra breve (sabato) mi trasferirò al mare e non lo userò per qualche settimana,
comunque mentre aspettavo le tue risposte ho pulito le temp e le teporary di tutti gli utenti, preftch, cclenear..... e sembra che già non lo faccia più, comunque seguirò il tuo consiglio.
b.notte