aiutooooo consigliatemi!!!!!!!!!!!!!!!!!

Malwarebytes' Anti-Malware 1.44
Versione del database: 3770
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/04/2010 11.16.03
mbam-log-2010-04-10 (11-16-03).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 321869
Tempo trascorso: 5 hour(s), 54 minute(s), 5 second(s)

Processi delle memoria infetti: 2
Moduli della memoria infetti: 2
Chiavi di registro infette: 9
Valori di registro infetti: 16
Elementi dato del registro infetti: 3
Cartelle infette: 0
File infetti: 16

Processi delle memoria infetti:
C:\WINDOWS\Fonts\services.exe (Trojan.Agent) -> Unloaded process successfully.
C:\WINDOWS\Fonts\services.exe (Trojan.Agent) -> Unloaded process successfully.

Moduli della memoria infetti:
C:\WINDOWS\system32\MSWINSCK.OCX (Worm.Nyxem) -> Delete on reboot.
C:\WINDOWS\system32\BtwSvc.dll (Backdoor.Bot) -> Delete on reboot.

Chiavi di registro infette:
HKEY_CLASSES_ROOT\TypeLib\{248dd890-bb45-11cf-9abc-0080c7e7b78d} (Worm.Nyxem) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{248dd892-bb45-11cf-9abc-0080c7e7b78d} (Worm.Nyxem) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{248dd893-bb45-11cf-9abc-0080c7e7b78d} (Worm.Nyxem) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{248dd896-bb45-11cf-9abc-0080c7e7b78d} (Worm.Nyxem) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{248dd897-bb45-11cf-9abc-0080c7e7b78d} (Worm.Nyxem) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\synsend (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDORSYS (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\btwsvc (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> Quarantined and deleted successfully.

Valori di registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\exec (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\buildw (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\guid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\i (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\ulrn (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\update (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\updatenew (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\regedit32 (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mbt (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\udpe (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mpe (Malware.Trace) -> Quarantined and deleted successfully.

Elementi dato del registro infetti:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Data: c:\windows\fonts\services.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Run (Trojan.Agent) -> Data: c:\windows\fonts\services.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
C:\WINDOWS\Fonts\services.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Emma\Impostazioni locali\Temporary Internet Files\Content.IE5\7GTR9323\base_lsb_allicons_128c_8_noicons1[1].png (Spyware.Onlinegames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Emma\Impostazioni locali\Temporary Internet Files\Content.IE5\KC818VXT\base_lsb_allicons_128c_8_noicons1[1].png (Spyware.Onlinegames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Emma\Impostazioni locali\Temporary Internet Files\Content.IE5\RJUYHU26\base_lsb_allicons_128c_8_noicons1[1].png (Spyware.Onlinegames) -> Quarantined and deleted successfully.
C:\Programmi\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Programmi\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{180274D7-FC37-4C21-8ED4-4771D7FD997B}\RP1\A0005029.OCX (Worm.Nyxem) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\d.bin (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\MSWINSCK.OCX (Worm.Nyxem) -> Quarantined and deleted successfully.
C:\Programmi\Internet Explorer\js.mui (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\PC CASA\Impostazioni locali\Temp\wmpscfgs.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\w.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Drivers\str.sys (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\BtwSvc.dll (Backdoor.Bot) -> Delete on reboot.
C:\Documents and Settings\PC CASA\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\PC CASA\rundll32.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

sono stati eliminati alcuni file infetti.
Posta un log Hijackthis così vediamo meglio cosa succede

giustissssssssima osservazione, mi era sfuggito,grazie.
Quindi prima di postare il log hijackthis fai una scansione con MBAN aggiornato.

probabilmente ha impiegato tutto quel tempo a causa delle molte infezioni, cmq credo proprio che tu abbia ragione.
Posta un log hijackthis e poi facciamo le varie scansioni