Ciao.
Dicevi anche il problema, era meglio.

ecco i problemi e cosa fatto finora per risolverli (senza successo!)allego i mess. postati nella sez.
problemi hardware.

buona sera a tutti
ho il seguente problema:
ho installato un driver per una macchina fotografica Sanyo e alcuni prg contenuti nel cd originale.
a installazione avvenuta correttamente ho cercato di collegare la macchina fotografica ma il pc si spegne e compare la schermata blu con i seguenti indirizzi di memoria:
0x0000007e (0xc000001d-0xf78d28ea-0xf78d27f4-0xf78d24f0)!
ho provato a disinstallare tutto ma mi rimane la cartella sanyo con dentro un file di log un file di configurazione e un file unwiswe che lancio ma mi dice 'impossibile aprire il file di log'.
cosa più grave di tutte pero è che ora su qualunque porta usb se collego un qualunque device (perdrive, altra macchina fotografica,ecc) il sistema va in crash.
mi potete aiutare?
vi ringrazio molto e vi saluto
claude1948

RISPOSTA
Per prima cosa cerca di eliminare tutto quello che riguarda la fotocamera Sanyo(usa la funzione "cerca"),se qualche file non si elimina prova a farlo fuori in modalità provvisoria e se non va anche questa opzione puoi usare un programma come Unlocker o RevoUnistaller.
Dopo aver fatto questo dai una ripulita ai file di windows e al registro con Ccleaner e riavvia il pc e prova a collegare una pen drive.
Se va ancora in crash disinstalla i driver delle porte usb riavvia il computer e reinstalla i driver.
Se il problema è stato causato da un conflitto di driver dovresti risolvere.

prima di tutto grazie per la risposta;
seconda cosa: il problema non è risolto, ho seguito tutte le tue istruzioni fino a disinstallare i drivers e spegnere il pc.quando lo riacccendo si accorge che mancano drive e li reinstalla ma con drivers uguali a quelli già utilizzati quindi con errore di conflitto compreso! ho cercato di caricare (aggiorna drive) quelli del cd della scheda madre
ma quando specifico il path sull'unità cd non ne trova neanche uno!
boh, non so proprio cosa fare
un saluto
c. mabritto

RISPOSTA
Sembra un guaio serio, sembrano sintomi d'infezione, causato dal CD mi sembra strano, però???
Se riesci a fare una scansione con Hijack This, che trovi su aiutamici, leggi bene la scheda di Alfonso,
posta il log nella sezione "Sicurezza e Virus" in modo da controllare che il PC sia pulito.
Ciao

TUOI CONSIGLI
Fai queste 2 scansioni:

Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.aiutamici.com/software?id=80346
Prima di fare la scansione AGGIORNALO. (è molto importante)
Esegui una scansione completa del sistema.
Posta il log.

Malwarebytes' Anti-Malware 1.41
Versione del database: 2973
Windows 5.1.2600 Service Pack 3

17/10/2009 12.13.55
mbam-log-2009-10-17 (12-13-36).txt

Tipo di scansione: Scansione completa (C:\|D:\|G:\|)
Elementi scansionati: 265094
Tempo trascorso: 2 hour(s), 48 minute(s), 58 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 28
Valori di registro infetti: 3
Elementi dato del registro infetti: 2
Cartelle infette: 0
File infetti: 14

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
HKEY_CLASSES_ROOT\googleplusvideos.bhobridge (Hijack.SearchPage) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1e3cfdfe-79c8-4225-81b9-20fc99da6972} (Hijack.SearchPage) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c8cd2017-f1e5-4f1a-b58a-ee0b1af0d0d8} (Hijack.SearchPage) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c8cd2017-f1e5-4f1a-b58a-ee0b1af0d0d8} (Hijack.SearchPage) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c8cd2017-f1e5-4f1a-b58a-ee0b1af0d0d8} (Hijack.SearchPage) -> No action taken.
HKEY_CLASSES_ROOT\googleplusvideos.bhobridge.1 (Hijack.SearchPage) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f4982bab-80e9-4838-a2a0-95d30f348161} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Swizzor) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{837b45d6-bf85-457d-aabf-6d2e7815f791} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f4982bab-80e9-4838-a2a0-95d30f348161} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{c24d7016-d00f-41ef-9781-984b6b5ff38f} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{ec88fcd0-2ed5-4d65-9b4c-71d146b43a2e} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e532cfb1-5edd-4663-8c22-bcd67b5e5bd4} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{497dddb6-6eee-4561-9621-b77dc82c1f84} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{4e980492-027b-47f1-a7ab-ab086dacbb9e} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{5ead8321-fcbb-4c3f-888c-ac373d366c3f} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{31f3cf6e-a71a-4daa-852b-39ac230940b4} (Rogue.Ascentive) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.

Valori di registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{f4982bab-80e9-4838-a2a0-95d30f348161} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\ConTest.dll (Rogue.Ascentive) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\SysRestore.dll (Rogue.Ascentive) -> No action taken.

Elementi dato del registro infetti:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
C:\Programmi\GooglePlusVideos\16.GooglePlusVideos.dll (Hijack.SearchPage) -> No action taken.
C:\Documents and Settings\claude\Dati applicazioni\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> No action taken.
C:\System Volume Information\_restore{2E60096D-ED05-4F5C-9B66-98A1D3DF899F}\RP334\A0164790.exe (Trojan.Dropper) -> No action taken.
C:\System Volume Information\_restore{2E60096D-ED05-4F5C-9B66-98A1D3DF899F}\RP345\A0175149.exe (Rogue.Ascentive) -> No action taken.
C:\System Volume Information\_restore{2E60096D-ED05-4F5C-9B66-98A1D3DF899F}\RP345\A0175148.exe (Rogue.PCSpeedScan) -> No action taken.
C:\System Volume Information\_restore{2E60096D-ED05-4F5C-9B66-98A1D3DF899F}\RP353\A0185080.exe (Trojan.Dropper) -> No action taken.
C:\System Volume Information\_restore{2E60096D-ED05-4F5C-9B66-98A1D3DF899F}\RP353\A0185081.exe (Trojan.Downloader) -> No action taken.
C:\System Volume Information\_restore{2E60096D-ED05-4F5C-9B66-98A1D3DF899F}\RP353\A0185083.exe (Trojan.Dropper) -> No action taken.
C:\System Volume Information\_restore{2E60096D-ED05-4F5C-9B66-98A1D3DF899F}\RP353\A0185084.exe (Trojan.Downloader) -> No action taken.
C:\utility\Speed Downloading\Speed-Downloading_setup.exe (Adware.NaviPromo) -> No action taken.
C:\WINDOWS\system32\ConTest.dll (Rogue.Ascentive) -> No action taken.
C:\WINDOWS\system32\SysRestore.dll (Rogue.Ascentive) -> No action taken.
C:\WINDOWS\system32\gjkkj.bak1 (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\gjkkj.ini (Malware.Trace) -> No action taken.

------------------------------------------------------------------------------------------------------
COMBOFIX

Scarica Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe


Salvalo sul desktop.

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (comparirà una videata.)
Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.
E' probabile che ti siano inviati messaggi dall'antivirus, tu ignorali.
Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.
ComboFix 09-10-16.09 - claude 17/10/2009 20.29.36.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2047.1534 [GMT 2:00]
Eseguito da: c:\documents and settings\claude\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {00000002-0002-0000-7C25-9E7C08000A00}
AV: avast! antivirus 4.8.1351 [VPS 091017-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\claude\Dati applicazioni\Desktopicon
c:\documents and settings\claude\x.exe
c:\programmi\GooglePlusVideos
c:\programmi\GooglePlusVideos\DeploymentHelper.exe
c:\programmi\GooglePlusVideos\FFExt\chrome.manifest
c:\programmi\GooglePlusVideos\FFExt\chrome\content\googleplusvideos.xul
c:\programmi\GooglePlusVideos\FFExt\chrome\content\script-injector.js
c:\programmi\GooglePlusVideos\FFExt\install.rdf
c:\programmi\GooglePlusVideos\GooglePlusVideosLicense.txt
c:\programmi\GooglePlusVideos\GooglePlusVideosXPCOM.dll
c:\programmi\GooglePlusVideos\GVConfig.ini
c:\programmi\GooglePlusVideos\IGooglePlusVideosXPCOM.xpt
c:\programmi\GooglePlusVideos\MFC42U.DLL
c:\programmi\GooglePlusVideos\Uninstall.bat
c:\programmi\Spytech Software
c:\programmi\Spytech Software\Spytech SpyCheck\common.htm
c:\programmi\Spytech Software\Spytech SpyCheck\contact.htm
c:\programmi\Spytech Software\Spytech SpyCheck\custom.htm
c:\programmi\Spytech Software\Spytech SpyCheck\delhistory.exe
c:\programmi\Spytech Software\Spytech SpyCheck\gettingstarted.htm
c:\programmi\Spytech Software\Spytech SpyCheck\help.htm
c:\programmi\Spytech Software\Spytech SpyCheck\history.htm
c:\programmi\Spytech Software\Spytech SpyCheck\launching.htm
c:\programmi\Spytech Software\Spytech SpyCheck\license.txt
c:\programmi\Spytech Software\Spytech SpyCheck\nav.htm
c:\programmi\Spytech Software\Spytech SpyCheck\nethistory.exe
c:\programmi\Spytech Software\Spytech SpyCheck\Order Spytech Software Online!!.url
c:\programmi\Spytech Software\Spytech SpyCheck\purchasing.htm
c:\programmi\Spytech Software\Spytech SpyCheck\readme!.txt
c:\programmi\Spytech Software\Spytech SpyCheck\results.htm
c:\programmi\Spytech Software\Spytech SpyCheck\spyagent.htm
c:\programmi\Spytech Software\Spytech SpyCheck\SpyCheck.exe
c:\programmi\Spytech Software\Spytech SpyCheck\spycheckhelpheader.gif
c:\programmi\Spytech Software\Spytech SpyCheck\welcome.htm
c:\windows\Installer\1568b7.msp
c:\windows\Installer\1568b8.msp
c:\windows\Installer\1568b9.msp
c:\windows\Installer\1568ba.msp
c:\windows\Installer\1568bb.msp
c:\windows\Installer\1568bc.msp
c:\windows\Installer\1568bd.msp
c:\windows\Installer\1568be.msp
c:\windows\Installer\1568bf.msp
c:\windows\Installer\1568c0.msp
c:\windows\Installer\185a9e.msi
c:\windows\Installer\185a9f.msp
c:\windows\Installer\185aa0.msp
c:\windows\Installer\185aa1.msp
c:\windows\Installer\185aa2.msp
c:\windows\Installer\185aa3.msp
c:\windows\Installer\185aa4.msp
c:\windows\Installer\185aa5.msp
c:\windows\Installer\185aa6.msp
c:\windows\Installer\185aa7.msp
c:\windows\Installer\1e59c.msi
c:\windows\Installer\2464603.msi
c:\windows\Installer\2464604.msp
c:\windows\Installer\2464605.msp
c:\windows\Installer\2464606.msp
c:\windows\Installer\2464607.msp
c:\windows\Installer\2464608.msp
c:\windows\Installer\2464609.msp
c:\windows\Installer\246460a.msp
c:\windows\Installer\246460b.msp
c:\windows\Installer\246460c.msp
c:\windows\Installer\61947.msi
c:\windows\Installer\61948.msp
c:\windows\Installer\61949.msp
c:\windows\Installer\6194a.msp
c:\windows\Installer\6194b.msp
c:\windows\Installer\6194c.msp
c:\windows\Installer\6194d.msp
c:\windows\Installer\6194e.msp
c:\windows\Installer\6194f.msp
c:\windows\Installer\61950.msp
c:\windows\Installer\6838a.msi
c:\windows\Installer\6838b.msp
c:\windows\Installer\6838c.msp
c:\windows\Installer\6838d.msp
c:\windows\Installer\6838e.msp
c:\windows\Installer\6838f.msp
c:\windows\Installer\68390.msp
c:\windows\Installer\68391.msp
c:\windows\Installer\68392.msp
c:\windows\Installer\68393.msp
c:\windows\Installer\6ca2e.msi
c:\windows\Installer\6ca2f.msp
c:\windows\Installer\6ca30.msp
c:\windows\Installer\6ca31.msp
c:\windows\Installer\6ca32.msp
c:\windows\Installer\6ca33.msp
c:\windows\Installer\6ca34.msp
c:\windows\Installer\6ca35.msp
c:\windows\Installer\6ca36.msp
c:\windows\Installer\6ca37.msp
c:\windows\Installer\ca1e4.msp
c:\windows\Installer\ca1e5.msp
c:\windows\Installer\ca1e6.msp
c:\windows\Installer\ca1e7.msp
c:\windows\Installer\ca1e8.msp
c:\windows\Installer\ca1e9.msp
c:\windows\Installer\ca1ea.msp
c:\windows\Installer\ca1eb.msp
c:\windows\Installer\ca1ec.msp
c:\windows\system32\axaltocm.dll
c:\windows\system32\clrviddc.dll
c:\windows\system32\nmpvyhwk.ini
c:\windows\system32\olqgndkv.ini
c:\windows\system32\qstwa.ini
c:\windows\system32\rybnxbqx.ini
c:\windows\system32\ututv.bak1
c:\windows\system32\ututv.ini
c:\windows\system32\vxyhifte.ini
c:\windows\system32\wjdjleiq.ini

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NWCWORKSTATION
-------\Service_NWCWorkstation


((((((((((((((((((((((((( Files Creati Da 2009-09-17 al 2009-10-17 )))))))))))))))))))))))))))))))))))
.

2009-10-17 12:15 . 2009-10-17 12:15 -------- d-----w- C:\libri online
2009-10-17 07:23 . 2009-10-17 07:23 -------- d-----w- c:\documents and settings\claude\Dati applicazioni\Malwarebytes
2009-10-17 07:23 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-17 07:23 . 2009-10-17 07:23 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-10-17 07:23 . 2009-10-17 07:23 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-10-17 07:23 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-16 18:28 . 2009-07-28 14:34 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-10-16 18:28 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-10-16 18:28 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-10-16 18:28 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-10-16 18:28 . 2009-10-16 18:28 -------- d-----w- c:\programmi\Avira
2009-10-16 18:28 . 2009-10-16 18:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2009-10-14 15:33 . 2009-10-14 15:33 -------- d-----w- c:\documents and settings\claude\Dati applicazioni\Blitware
2009-10-14 15:33 . 2009-10-14 15:33 -------- d-----w- c:\programmi\Driver Robot
2009-10-13 11:21 . 2009-10-13 11:29 -------- d-----w- c:\programmi\CCleaner
2009-10-13 10:58 . 2009-10-13 10:58 -------- d-----w- c:\programmi\VS Revo Group
2009-10-13 10:51 . 2009-10-13 10:56 -------- d-----w- c:\programmi\Unlocker
2009-10-13 10:46 . 2009-10-13 10:46 -------- d-----w- C:\bilancio familiare
2009-10-13 10:06 . 2008-05-26 20:18 350208 ----a-w- c:\windows\system32\mssph.dll
2009-10-12 18:08 . 2009-10-12 18:08 -------- d-----w- C:\undelete
2009-10-12 15:38 . 2009-10-12 16:26 -------- d-----w- c:\documents and settings\claude\Dati applicazioni\Smart PC Solutions
2009-10-12 15:38 . 2009-10-12 16:25 -------- d-----w- c:\programmi\Smart PC Solutions
2009-10-12 14:07 . 2009-10-12 14:07 -------- d-----w- c:\documents and settings\claude\Dati applicazioni\InstallShield
2009-10-12 09:08 . 2009-10-12 16:39 -------- d-----w- c:\programmi\Ascentive
2009-10-12 08:24 . 2009-10-12 08:29 -------- d-----w- c:\windows\drivers imossi
2009-10-12 07:36 . 2009-10-12 07:36 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-10-12 07:35 . 2009-10-12 07:35 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Adobe
2009-10-12 07:34 . 2009-10-12 07:34 -------- d-----w- c:\documents and settings\claude\Dati applicazioni\Windows Search
2009-10-12 07:33 . 2009-10-14 14:17 -------- d-----w- c:\programmi\Windows Desktop Search
2009-10-12 07:32 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2009-10-12 07:32 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2009-10-12 07:32 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2009-10-05 06:42 . 2009-10-05 06:42 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ulead Systems
2009-10-03 19:14 . 2009-10-03 19:14 -------- d-----w- c:\programmi\File comuni\Ulead Systems
2009-10-03 19:14 . 2006-11-22 16:13 16024 ------w- c:\windows\system32\drivers\iviaspi.sys
2009-10-03 19:14 . 2009-10-03 19:14 -------- d-----w- c:\programmi\InterVideo Information Service
2009-10-03 19:14 . 2009-10-03 19:14 -------- d-----w- c:\programmi\File comuni\Ulead
2009-10-03 19:12 . 2009-10-03 19:12 -------- d-----w- c:\programmi\File comuni\InterVideo
2009-10-03 19:12 . 2009-10-03 19:12 -------- d-----w- c:\programmi\InterVideo
2009-10-03 19:12 . 2009-10-03 19:12 -------- d-----w- c:\documents and settings\claude\Dati applicazioni\InterVideo
2009-10-03 19:11 . 2009-10-03 19:11 -------- d-----w- c:\programmi\Ulead Systems
2009-09-25 17:46 . 2009-09-25 17:47 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SSScanAppDataDir
2009-09-23 19:46 . 2009-09-26 08:02 -------- d-----w- c:\programmi\r2 Studios

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-17 08:18 . 2004-08-19 12:00 83934 ----a-w- c:\windows\system32\perfc010.dat
2009-10-17 08:18 . 2004-08-19 12:00 489038 ----a-w- c:\windows\system32\perfh010.dat
2009-10-16 22:11 . 2006-12-24 18:45 -------- d-----w- c:\programmi\ACD Systems
2009-10-14 15:25 . 2006-12-22 14:39 -------- d-----w- c:\programmi\ASUS
2009-10-14 14:05 . 2006-12-27 13:45 -------- d-----w- c:\programmi\File comuni\Logitech
2009-10-13 11:34 . 2006-12-28 18:17 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-10-12 16:22 . 2006-12-26 11:32 -------- d-----w- c:\programmi\Smart Panel
2009-10-12 14:08 . 2006-12-22 14:30 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-10-01 15:13 . 2009-09-13 16:30 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLdu.DAT
2009-09-26 08:01 . 2009-09-03 17:57 -------- d-----w- c:\programmi\IrfanView
2009-09-25 17:47 . 2006-12-26 12:08 -------- d-----w- c:\programmi\File comuni\ScanSoft Shared
2009-09-18 13:26 . 2007-11-13 09:25 61792 -c-ha-w- c:\windows\system32\mlfcache.dat
2009-09-16 14:01 . 2007-02-23 16:09 -------- d-----w- c:\documents and settings\claude\Dati applicazioni\Nikon
2009-09-16 14:01 . 2007-02-23 16:07 -------- d-----w- c:\programmi\File comuni\Nikon
2009-09-15 09:15 . 2006-12-18 15:30 95880 ----a-w- c:\documents and settings\claude\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-09-15 09:13 . 2009-06-16 18:35 -------- d-----w- c:\programmi\GARMIN
2009-09-15 07:45 . 2009-08-13 18:41 -------- d-----w- c:\programmi\Double Driver
2009-09-15 07:44 . 2009-09-08 07:25 -------- d-----w- c:\programmi\micla-multimedia
2009-09-15 07:40 . 2006-12-28 18:17 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2009-09-15 07:34 . 2009-09-15 07:34 23 ----a-w- c:\windows\scsys.dat
2009-09-13 18:47 . 2009-09-03 18:03 -------- d-----w- c:\programmi\Exifer
2009-09-13 16:31 . 2009-09-13 16:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nikon
2009-09-13 16:31 . 2007-02-23 16:08 -------- d-----w- c:\programmi\Nikon
2009-09-13 16:30 . 2007-02-23 16:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ultima_T15
2009-09-13 16:30 . 2007-02-23 16:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\EnterNHelp
2009-09-13 16:30 . 2006-12-27 13:45 106496 ----a-w- c:\windows\system32\ATL71.DLL
2009-09-13 16:01 . 2009-09-13 16:01 -------- d-----w- c:\documents and settings\claude\Dati applicazioni\KC Softwares
2009-09-11 14:17 . 2004-08-19 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-08 18:49 . 2007-03-29 06:55 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLbz.DAT
2009-09-08 07:19 . 2006-12-21 16:00 -------- d-----w- c:\programmi\Opera
2009-09-07 07:08 . 2009-09-07 07:08 -------- d-----w- c:\programmi\MSBuild
2009-09-07 07:08 . 2009-09-07 07:08 -------- d-----w- c:\programmi\Reference Assemblies
2009-09-04 21:03 . 2004-08-19 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-03 08:19 . 2009-09-03 08:19 -------- d-----w- c:\documents and settings\claude\Dati applicazioni\Babylon
2009-09-03 08:19 . 2009-09-03 08:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Babylon
2009-09-03 08:15 . 2009-09-03 08:15 -------- d-----w- c:\documents and settings\claude\Dati applicazioni\MoioSMS
2009-08-29 07:56 . 2004-08-19 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2004-08-19 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-20 06:46 . 2009-08-20 06:46 0 ----a-w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLbx.DAT
2009-08-19 07:05 . 2006-12-31 16:45 -------- d-----w- c:\programmi\Java
2009-08-17 16:10 . 2009-01-21 19:05 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-08-17 16:06 . 2009-01-21 19:05 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-08-17 16:06 . 2009-01-21 19:05 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-08-17 16:05 . 2009-01-21 19:13 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-08-17 16:05 . 2009-01-21 19:13 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-08-17 16:04 . 2009-01-21 19:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-08-17 16:04 . 2009-01-21 19:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-08-17 16:03 . 2009-01-21 19:06 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-08-17 16:02 . 2009-01-21 19:05 97480 ----a-w- c:\windows\system32\AVASTSS.scr
2009-08-11 19:11 . 2009-08-11 19:11 604488 ----a-w- c:\windows\system32\TUProgSt.exe
2009-08-11 19:11 . 2009-08-11 19:11 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-08-05 08:59 . 2004-08-19 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 17:26 . 2004-08-19 12:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 17:26 . 2004-08-19 15:34 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-07-28 16:26 . 2009-07-28 16:26 2288640 ----a-w- c:\windows\system32\TUKernel.exe
2009-07-25 03:23 . 2009-07-18 18:12 411368 ----a-w- c:\windows\system32\deploytk.dll
2008-08-29 18:21 . 2008-12-09 16:03 106496 ----a-w- c:\programmi\mozilla firefox\components\FototaggerMGrab.dll
2007-11-08 18:44 . 2007-11-08 18:44 6807 -csha-w- c:\windows\system32\gjkkj.tmp
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StatBar"="c:\programmi\Globe Software\StatBar\StatBar.exe" [2003-07-25 335872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Ashampoo FireWall"="c:\programmi\Ashampoo\Ashampoo FireWall\FireWall.exe" [2007-04-05 3251800]
"Malwarebytes Anti-Malware (reboot)"="c:\programmi\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"Collegamento alla pagina delle proprietà di High Definition Audio"="HDAudPropShortcut.exe" - c:\windows\system32\Hdaudpropshortcut.exe [2004-03-17 61952]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CnxDslTaskBar
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Network Associates Error Reporting Service
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShStatEXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe"
"nwiz"=nwiz.exe /install
"anvshell"=anvshell.exe
"Nikon Transfer Monitor"=c:\programmi\File comuni\Nikon\Monitor\NkMonitor.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Programmi\\Network Associates\\Common Framework\\FrameworkService.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\ScanSoft\\OmniPagePro11.0\\EregIta\\NAVBrowser.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Opera\\opera.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Programmi\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=

R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [21/12/2006 11.52.30 24971]
R1 ANVIOCTL;ANVIOCTL;c:\windows\system32\drivers\anvioctl.sys [22/12/2006 17.06.25 233688]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [21/01/2009 21.13.28 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [21/01/2009 21.13.28 20560]
R2 CX88XBAR;Empire SERIE PVR Crossbar;c:\windows\system32\drivers\cx88xbar.sys [26/12/2006 14.13.02 9600]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [11/08/2009 21.11.25 604488]
S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [29/09/2008 11.23.09 33536]
S3 ASUSHWIO;ASUSHWIO;\??\c:\windows\system32\drivers\ASUSHWIO.sys --> c:\windows\system32\drivers\ASUSHWIO.sys [?]
S3 CobianBackupAmanita;Cobian Backup 9 servizio;c:\programmi\Cobian Backup 9\cbService.exe [12/08/2009 16.38.07 583168]
S3 OxUSBTIMOUT;OxUSBTIMOUT;c:\windows\system32\drivers\OxUSBTIMOUT.sys [07/06/2007 7.48.34 34152]
S3 PTWDrv;PTW - Process monitoring driver;\??\c:\programmi\MainSoft\PC TimeWatch\PTWatch.sys --> c:\programmi\MainSoft\PC TimeWatch\PTWatch.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'

2009-10-14 c:\windows\Tasks\Driver Robot.job
- c:\programmi\Driver Robot\1.1.0.5\DriverRobot.exe [2009-10-14 05:05]

2009-10-17 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-07 13:14]

2009-10-17 c:\windows\Tasks\Manutenzione in 1 clic.job
- c:\programmi\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 10:28]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://search.babylon.com/home
uInternet Settings,ProxyOverride = *.local
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\programmi\Ashampoo\Ashampoo FireWall\spi.dll
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

Notify-yayayww - yayayww.dll



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-17 20:40
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet011\Services\ASFWHide]
"ImagePath"="\??\c:\docume~1\claude\IMPOST~1\Temp\ASFWHide"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'lsass.exe'(1544)
c:\programmi\Ashampoo\Ashampoo FireWall\spi.dll

- - - - - - - > 'explorer.exe'(840)
c:\windows\system32\WININET.dll
c:\programmi\iTunes\iTunesMiniPlayer.dll
c:\programmi\iTunes\iTunesMiniPlayer.Resources\it.lproj\iTunesMiniPlayerLocalized.dll
c:\programmi\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll
c:\programmi\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
c:\programmi\Avira\AntiVir Desktop\shlext.dll
c:\programmi\Malwarebytes' Anti-Malware\mbamext.dll
c:\programmi\WinRAR\rarext.dll
c:\programmi\TuneUp Utilities 2009\SDShelEx-win32.dll
c:\programmi\TuneUp Utilities 2009\DseShExt-x86.dll
c:\programmi\Microsoft Office\OFFICE11\msohev.dll
c:\programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll
c:\programmi\File comuni\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\programmi\Logitech\Video\AlbuDBps.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Alwil Software\Avast4\aswUpdSv.exe
c:\programmi\Alwil Software\Avast4\ashServ.exe
c:\programmi\Avira\AntiVir Desktop\sched.exe
c:\programmi\Avira\AntiVir Desktop\avguard.exe
c:\windows\asuskbservice.exe
c:\programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\programmi\Alwil Software\Avast4\ashWebSv.exe
c:\programmi\Logitech\Video\FxSvr2.exe
.
**************************************************************************
.
Ora fine scansione: 2009-10-17 20.48.11 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-10-17 18:48

Pre-Run: 26.534.318.080 byte disponibili
Post-Run: 26.335.047.680 byte disponibili

368 --- E O F --- 2009-10-17 08:19

Disinstalla combofix in questo modo: (dopo che avrò visto il log)
Start
Esegui
nella finestra di dialogo, copia ed incolla questo comando: Combofix /u e premi Invio poi cancella le cartelle in "C" di Combofix e (qoobox)

Se il pc và bene, riattiva il ripristino.
Ciao.