ciao ragazzi, per piacere una controllatina al mio log di combofix? non ho problemi, ma, credo che ogni tanto ci vuole un controllino.
grazie mile, smeraldia.
ComboFix 10-10-30.09 - SANDA 31/10/2010 17.23.46.10.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1014.464 [GMT 1:00]
Eseguito da: c:\documents and settings\SANDA\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00000000-0000-0000-0000-000000000000}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-6C25-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {0012EE84-FFFC-FFFF-0200-00004FBCC4F1}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {001300D4-0000-0000-1000-00007454927C}
AV: Digital Patrol *On-access scanning enabled* (Updated) {35237DD9-776F-4485-A7AF-729074E24B96}
FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((( Files Creati Da 2010-09-28 al 2010-10-31 )))))))))))))))))))))))))))))))))))
.

2010-10-28 12:50 . 2010-10-28 12:50 -------- d-----w- c:\documents and settings\SANDA\Dati applicazioni\KeePass
2010-10-22 09:40 . 2010-10-22 09:40 -------- d-----w- c:\programmi\Zards software
2010-10-22 08:10 . 2010-10-22 08:12 -------- d-----w- c:\programmi\IZArc
2010-10-21 07:09 . 2010-10-31 06:55 -------- d-----w- c:\programmi\Moo0
2010-10-19 11:26 . 2010-10-19 11:26 -------- d-----w- c:\programmi\File comuni\Java
2010-10-19 11:25 . 2010-10-19 11:25 472808 ----a-w- c:\programmi\Mozilla Firefox\plugins\npdeployJava1.dll
2010-10-19 11:25 . 2010-10-19 11:25 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-10-19 11:25 . 2010-10-19 11:25 -------- d-----w- c:\programmi\Java
2010-10-15 15:13 . 2010-10-31 15:03 -------- d-----w- c:\documents and settings\SANDA\Dati applicazioni\skypePM
2010-10-15 15:05 . 2010-10-15 15:05 -------- d-----w- c:\programmi\File comuni\Skype
2010-10-15 15:05 . 2010-10-21 09:38 -------- d-----r- c:\programmi\Skype
2010-10-15 15:05 . 2010-10-31 16:19 -------- d-----w- c:\documents and settings\SANDA\Dati applicazioni\Skype
2010-10-15 15:05 . 2010-10-15 15:05 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2010-10-15 13:19 . 2010-10-15 13:21 -------- d-----w- c:\documents and settings\SANDA\Dati applicazioni\Steganos
2010-10-05 09:41 . 2010-10-05 09:41 -------- d-----w- c:\documents and settings\SANDA\Dati applicazioni\SUPERAntiSpyware.com
2010-10-05 09:41 . 2010-10-28 06:33 -------- d-----w- c:\programmi\SUPERAntiSpyware
2010-10-05 08:35 . 2010-10-05 08:35 -------- d-----w- c:\programmi\COMODO
2010-10-04 08:44 . 2010-10-04 08:44 -------- d-----w- C:\VritualRoot

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 11:25 . 2010-04-15 15:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-18 10:23 . 2009-01-16 09:24 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2009-01-16 09:24 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2009-01-16 09:24 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2009-01-16 09:24 953856 ------w- c:\windows\system32\mfc40u.dll
2010-09-10 21:41 . 2010-09-10 21:41 285480 ----a-w- c:\windows\system32\guard32.dll
2010-09-10 21:40 . 2010-09-10 21:40 91560 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-09-10 21:40 . 2010-09-10 21:40 25240 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-09-10 21:40 . 2010-09-10 21:40 239240 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2010-09-10 21:40 . 2010-09-10 21:40 15592 ----a-w- c:\windows\system32\drivers\cmderd.sys
2010-09-10 05:49 . 2009-01-16 09:24 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:49 . 2009-01-16 09:24 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:49 . 2009-01-16 09:24 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:51 . 2009-01-16 09:24 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:54 . 2009-01-16 09:24 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2009-01-16 09:24 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:58 . 2009-01-16 09:24 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2009-01-16 09:24 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2009-01-16 09:24 617472 ------w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2009-01-16 09:24 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:44 . 2009-01-16 09:24 590848 ----a-w- c:\windows\system32\rpcrt4.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"ccleaner"="c:\programmi\CCleaner\CCleaner.exe" [2010-10-27 1861944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\programmi\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-15 178712]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-12-30 875016]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"COMODO Internet Security"="c:\programmi\COMODO\COMODO Internet Security\cfp.exe" [2010-09-10 2500552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^SANDA^Menu Avvio^Programmi^Esecuzione automatica^PandaUSBVaccine.lnk]
backup=c:\windows\pss\PandaUSBVaccine.lnkStartup
path=c:\documents and settings\SANDA\Menu Avvio\Programmi\Esecuzione automatica\PandaUSBVaccine.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\programmi\File comuni\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\Skype\\Plugin Manager\\skypePM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Gestione remota Windows

R0 02213742;02213742 Boot Guard Driver;c:\windows\system32\drivers\02213742.sys [05/06/2010 15.44.16 37392]
R1 02213741;02213741;c:\windows\system32\drivers\02213741.sys [05/06/2010 15.44.16 128016]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [10/09/2010 22.40.52 239240]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [10/09/2010 22.40.52 25240]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 19.25.48 12872]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [10/05/2010 19.41.30 67656]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\programmi\Avira\AntiVir Desktop\avmailc.exe [16/09/2010 16.14.25 194817]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\programmi\Avira\AntiVir Desktop\sched.exe [16/09/2010 16.14.27 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\programmi\Avira\AntiVir Desktop\avwebgrd.exe [16/09/2010 16.14.26 434945]
R3 M3000Srv;USB2.0 UVC WebCam Driver;c:\windows\system32\drivers\M3000KNT.sys [10/08/2009 13.33.03 145408]
R3 ONDA_MW823UP_dc_enum;ONDA MW823UP DC Enumerator;c:\windows\system32\drivers\ONDA_MW823UP_dc_enum.sys [27/01/2010 15.43.48 80000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 12.16.28 130384]
S2 Communication Modem Device Manager II;Communication Modem Device Manager II;c:\windows\system32\RegService.exe [10/08/2009 13.57.40 135168]
S3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\drivers\cmnsusbser.sys [02/09/2009 18.31.33 103424]
S3 cmusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2051;c:\windows\system32\drivers\cmusbser.sys [10/08/2009 13.57.42 103552]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys --> c:\windows\system32\DRIVERS\ewusbnet.sys [?]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys --> c:\windows\system32\DRIVERS\ewusbfake.sys [?]
S3 NDISKIO;NDISKIO;\??\c:\docume~1\SANDA\IMPOST~1\Temp\00000da5.nmc\nse\bin\ndiskio.sys --> c:\docume~1\SANDA\IMPOST~1\Temp\00000da5.nmc\nse\bin\ndiskio.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys --> c:\windows\system32\drivers\nmwcdnsu.sys [?]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys --> c:\windows\system32\drivers\nmwcdnsuc.sys [?]
S3 nsak;nsak;\??\c:\docume~1\SANDA\IMPOST~1\Temp\0000058d.nmc\nse\bin\nsak.sys --> c:\docume~1\SANDA\IMPOST~1\Temp\0000058d.nmc\nse\bin\nsak.sys [?]
S3 ONDA_MW823UP_cdc_acm;ONDA MW823UP CDC-ACM driver;c:\windows\system32\drivers\ONDA_MW823UP_cdc_acm.sys [27/01/2010 15.43.46 86016]
S3 ONDA_MW823UP_cdc_ecm;ONDA_MW823UP_cdc_ecm;c:\windows\system32\drivers\ONDA_MW823UP_cdc_ecm.sys [27/01/2010 15.43.48 49920]
S3 ONDA_MW823UP_cpo;ONDA MW823UP Install;c:\windows\system32\drivers\ONDA_MW823UP_cpo.sys [27/01/2010 15.43.46 9728]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys --> c:\windows\system32\Drivers\RTS5121.sys [?]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [16/01/2009 10.24.20 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 12.16.28 753504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.giustizia.it/giustizia/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\programmi\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: giustizia.it\www
Trusted Zone: microsoft.com\update
Trusted Zone: microsoft.com\windowsupdate
FF - ProfilePath - c:\documents and settings\SANDA\Dati applicazioni\Mozilla\Firefox\Profiles\qr00g8m3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://it.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:it:official
FF - plugin: c:\programmi\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

ShellExecuteHooks-{4F07DA45-8170-4859-9B5F-037EF2970034} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-10-31 17:30
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(588)
c:\programmi\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll

- - - - - - - > 'lsass.exe'(644)
c:\windows\system32\guard32.dll
c:\programmi\Avira\AntiVir Desktop\avsda.dll

- - - - - - - > 'explorer.exe'(2276)
c:\windows\system32\WININET.dll
c:\windows\system32\guard32.dll
c:\windows\system32\webcheck.dll
.
Ora fine scansione: 2010-10-31 17:33:43
ComboFix-quarantined-files.txt 2010-10-31 16:33

Pre-Run: 142.049.239.040 byte disponibili
Post-Run: 142.023.467.008 byte disponibili

- - End Of File - - 2CE8AB82F521701EE448CDB6027153A3

posta il logo di hijackthis ... grazie :O)

---

vi ringrazio e posto il log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8.09.59, on 01/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\RegService.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\COMODO\COMODO Internet Security\cfp.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\Programmi\Avira\AntiVir Desktop\avmailc.exe
C:\Programmi\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Onda Connection Manager\UIMain.exe
C:\Programmi\Trend Micro\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.giustizia.it/giustizia/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Programmi\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Programmi\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "C:\Programmi\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249906866726
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1249951163015
O17 - HKLM\System\CCS\Services\Tcpip\..\{A80EC0CF-A172-4F4C-870F-2FA88084E9D4}: NameServer = 193.70.152.25 193.70.192.25
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Programmi\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Communication Modem Device Manager II - Unknown owner - C:\WINDOWS\system32\RegService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe

--
End of file - 5612 bytes

Vedo che hai sia Avira che Comodo, di Comodo cosa usi ? ti ricordo che 2 antivirus non vanno bene.

La controllatina non ha evidenziato problemi.
Vedo che hai due antivirus residenti: COMODO Internet Security e Avira.
Due antivirus residenti potrebbero creare conflitti.


Che significa?

---

Scusa non avevo visto. Potrebbe spiegarsi anche la frase poco chiara di smeralda:
uso solo il firewall e difense, va bene?
Ciao.

---