No, non ho la più pallida idea di cosa siano!!!

Fatto!!! Mi da questo:

; DelDomains.inf © 11-28-04 | Revised 01-15-06
; Created by: Mike Burgess Microsoft MVP
; http://mvps.org/winhelp2002/
;
; Warning: Deletes all entries in the Restricted & Trusted Zone list
; http://mvps.org/winhelp2002/restricted.htm
;
; Revised to include the EscDomains key
;
; To execute this file: in Explorer - right-click (this file)
; Select Install from the Menu.
; Note: you will not see any onscreen action.

[version]
signature="$CHICAGO$"

[DefaultInstall]
DelReg=DelTemps
AddReg=AddTemps

[DelTemps]
HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges"
HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges"
HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains"

; Recreate the keys to avoid a restart

[AddTemps]
HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges"
HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges"
HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains"

Ecco il nuovo log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22.49.16, on 19/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programmi\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\ASUS\ASUS Remote\RemoteControlAppl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Logitech\SetPoint\SetPoint.exe
C:\Programmi\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe
C:\Programmi\File comuni\Logishrd\KHAL2\KHALMNPR.EXE
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\NOTEPAD.EXE
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programmi\Orbitdownloader\orbitcth.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Programmi\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programmi\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programmi\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll
O2 - BHO: (no name) - {6A87B991-A31F-4130-AE72-6D0C294BF082} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programmi\Norton Internet Security\Engine\17.8.0.5\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - (no file)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programmi\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\ASUS\ASUS Remote\RemoteControlAppl.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Scarica con IDM - C:\Programmi\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Scarica con IDM contenuti video FLV - C:\Programmi\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Scarica tutti i link con IDM - C:\Programmi\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\WINDOWS\system32\shdocvw.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{A21903E7-2B40-48CE-8DA8-980657545E32}: NameServer = 213.205.32.70,213.205.36.70
O17 - HKLM\System\CS2\Services\Tcpip\..\{6CC10D7F-28BF-42A3-B0A7-B0A49A32A2EF}: NameServer = 213.205.32.70,213.205.36.70
O18 - Protocol: bw+0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {762B2D5C-AE31-4353-9EE5-B722CB9333E5} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\Skype4COM.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmi\File comuni\Logitech\Bluetooth\LBTServ.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programmi\File comuni\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Programmi\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

--
End of file - 19863 bytes

Ecco qui:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Versione database: 5156

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

20/11/2010 17.48.45
mbam-log-2010-11-20 (17-48-45).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi esaminati: 252195
Tempo trascorso: 4 ore, 34 minuti, 3 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Voci infette nei dati di registro: 0
Cartelle infette: 0
File infetti: 0

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
(Non sono stati rilevati elementi nocivi)

Valori di registro infetti:
(Non sono stati rilevati elementi nocivi)

Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)

Cartelle infette:
(Non sono stati rilevati elementi nocivi)

File infetti:
(Non sono stati rilevati elementi nocivi)

ComboFix 10-11-20.03 - Administrator 20/11/2010 22.18.26.8.2 - x86
Eseguito da: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
* Creato nuovo punto di ripristino

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\XSxS
.
---- Esecuzione precedente -------
.
c:\documents and settings\Administrator\Dati applicazioni\BITS\BITS.ini
c:\documents and settings\Administrator\Dati applicazioni\BITS\DHTTable.dat
c:\documents and settings\Administrator\Dati applicazioni\BITS\ProxyList.ini
c:\documents and settings\Administrator\Dati applicazioni\FlashGetBHO\FlashGetBHO3.dll
c:\documents and settings\Administrator\Dati applicazioni\FlashGetBHO\FlashGetHook.dll
c:\documents and settings\Administrator\Dati applicazioni\FlashGetBHO\GetAllUrl.htm
c:\documents and settings\Administrator\Dati applicazioni\FlashGetBHO\GetUrl.htm
c:\programmi\FlashGet Network\FlashGet 3\adns.dll
c:\programmi\FlashGet Network\FlashGet 3\btcoreu.dll
c:\programmi\FlashGet Network\FlashGet 3\BugReport.dll
c:\programmi\FlashGet Network\FlashGet 3\BugReport.exe
c:\programmi\FlashGet Network\FlashGet 3\cd1.ico
c:\programmi\FlashGet Network\FlashGet 3\ckcore.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\14_43260.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\28_83260.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\atrc.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\Codecs.zip
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\cook.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\ddnt3260.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\dnet3260.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\drv1.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\drv2.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\drvc.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\hxltcolor.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\raac.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\ralf.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\rv10.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\rv20.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\rv30.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\rv40.dll
c:\programmi\FlashGet Network\FlashGet 3\codec\real\Codecs\sipr.dll
c:\programmi\FlashGet Network\FlashGet 3\commonlib.dll
c:\programmi\FlashGet Network\FlashGet 3\componentskrnl.dll
c:\programmi\FlashGet Network\FlashGet 3\config\clients.met
c:\programmi\FlashGet Network\FlashGet 3\config\clients.met.bak
c:\programmi\FlashGet Network\FlashGet 3\config\cryptkey.dat
c:\programmi\FlashGet Network\FlashGet 3\config\emfriends.met
c:\programmi\FlashGet Network\FlashGet 3\config\known.met
c:\programmi\FlashGet Network\FlashGet 3\config\known2_64.met
c:\programmi\FlashGet Network\FlashGet 3\config\preferences.dat
c:\programmi\FlashGet Network\FlashGet 3\config\preferences.ini
c:\programmi\FlashGet Network\FlashGet 3\config\server.met
c:\programmi\FlashGet Network\FlashGet 3\config\server_met.old
c:\programmi\FlashGet Network\FlashGet 3\config\upload.met
c:\programmi\FlashGet Network\FlashGet 3\corestat.dll
c:\programmi\FlashGet Network\FlashGet 3\dat\Appsetting.cfg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\client_1_2.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\client_107_73.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\client_107x73_1.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\client_123.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\client_2_1.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\client_3_1.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\client_4.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\client_543333.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\client_5989898989.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\client_hz1.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\client_qg.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\client_tj.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\dian.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\directui_new_1288925810.zip
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\gameall.gif
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\gametop.gif
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\newgame.gif
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\newmovie-game.gif
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\newmovie.gif
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\p1.gif
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\p2.gif
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\p3.gif
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\p4.gif
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\p5.gif
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\p6.gif
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\p7.gif
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\p8.gif
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\reom-1.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\reom.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\rescenter.txt
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\soft-100920.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\soft.jpg
c:\programmi\FlashGet Network\FlashGet 3\dat\directui\tab.gif
c:\programmi\FlashGet Network\FlashGet 3\dat\FlashGet3db.bak
c:\programmi\FlashGet Network\FlashGet 3\dat\FlashGet3db.db
c:\programmi\FlashGet Network\FlashGet 3\dat\stat\advertisement\domain_url_list_en.zip
c:\programmi\FlashGet Network\FlashGet 3\dat\stat\advertisement\port.ini
c:\programmi\FlashGet Network\FlashGet 3\dat\stat\statdata\statinfo.dat
c:\programmi\FlashGet Network\FlashGet 3\dbghelp.dll
c:\programmi\FlashGet Network\FlashGet 3\fg.ico
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\default.htm
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\FGResDetector.conf
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\banner.gif
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\bullet.gif
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\close.gif
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\closelabel.gif
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\download-icon.gif
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\explorer.gif
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\ftp.gif
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\image.gif
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\introTextBg.gif
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\loading.gif
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\nextlabel.gif
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\prevlabel.gif
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\software.gif
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\vod.gif
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\FGResDetector.exe
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\image\about.png
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\image\ftplist_tree_icon.png
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\image\option_icon.png
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\image\quickop_hide.png
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\image\quickop_show.png
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\image\statusbar_bk.png
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\image\tasktab_close.png
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_back.png
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_bk.png
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_close.png
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_forward.png
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_refresh.png
c:\programmi\FlashGet Network\FlashGet 3\FGResDetector_I\lang\l.eng.xml
c:\programmi\FlashGet Network\FlashGet 3\FGSoftware.exe
c:\programmi\FlashGet Network\FlashGet 3\Flashget3.exe
c:\programmi\FlashGet Network\FlashGet 3\FlashGet3.xpi
c:\programmi\FlashGet Network\FlashGet 3\FlashGetBHO3.dll
c:\programmi\FlashGet Network\FlashGet 3\FlashGetHook.dll
c:\programmi\FlashGet Network\FlashGet 3\fnsArchive.dll
c:\programmi\FlashGet Network\FlashGet 3\fnsDirectuix.dll
c:\programmi\FlashGet Network\FlashGet 3\fnsLanguage.dll
c:\programmi\FlashGet Network\FlashGet 3\fnslanguage_en.dll
c:\programmi\FlashGet Network\FlashGet 3\fnsScheduler.dll
c:\programmi\FlashGet Network\FlashGet 3\fnsSecurity.dll
c:\programmi\FlashGet Network\FlashGet 3\fnsSkinX.dll
c:\programmi\FlashGet Network\FlashGet 3\fnsStatistics.dll
c:\programmi\FlashGet Network\FlashGet 3\game.ico
c:\programmi\FlashGet Network\FlashGet 3\gb2312-unicode.dic
c:\programmi\FlashGet Network\FlashGet 3\gdiplus.dll
c:\programmi\FlashGet Network\FlashGet 3\GetAllUrl.htm
c:\programmi\FlashGet Network\FlashGet 3\GetUrl.htm
c:\programmi\FlashGet Network\FlashGet 3\GoogleToolbarInstaller_download_signed.exe
c:\programmi\FlashGet Network\FlashGet 3\libem.dll
c:\programmi\FlashGet Network\FlashGet 3\license.txt
c:\programmi\FlashGet Network\FlashGet 3\lst_tz.bin
c:\programmi\FlashGet Network\FlashGet 3\P2PCfg.ini
c:\programmi\FlashGet Network\FlashGet 3\p2pcore.dll
c:\programmi\FlashGet Network\FlashGet 3\p2score.dll
c:\programmi\FlashGet Network\FlashGet 3\perf.ini
c:\programmi\FlashGet Network\FlashGet 3\pncrt.dll
c:\programmi\FlashGet Network\FlashGet 3\pstat.dat
c:\programmi\FlashGet Network\FlashGet 3\pup.dat
c:\programmi\FlashGet Network\FlashGet 3\RdOldDb.dll
c:\programmi\FlashGet Network\FlashGet 3\RealMediaSplitter.ax
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\BarSet.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\btn_check.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\btn_normal.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\btn_radio.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\desktoplink.ico
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\login_line.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\menu_icon.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\option_line.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\option_page_line.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\skin.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\SuspendLogo.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\SuspendNoLogo.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_backgrand.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_cancle.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_catgroy.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_group.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_new.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_open.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_option.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_pause.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_recly.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_start.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\toolbarbutton_left.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\toolbarbutton_middle.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\toolbarbutton_right.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\top_logotitle.gif
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\torrent.ico
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\userinfo_head.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\image\VistaStyleListItems.bmp
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\preview.png
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\skin.xml
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\sound\loginfailed.wav
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\sound\loginsucc.wav
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\sound\msgnotify.wav
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\sound\notify.wav
c:\programmi\FlashGet Network\FlashGet 3\skin\international\default\topmain.png
c:\programmi\FlashGet Network\FlashGet 3\SnapShot.dll
c:\programmi\FlashGet Network\FlashGet 3\storage.dll
c:\programmi\FlashGet Network\FlashGet 3\SysOptimize.exe
c:\programmi\FlashGet Network\FlashGet 3\uninst.exe
c:\programmi\FlashGet Network\FlashGet 3\VodCore.dll
c:\programmi\FlashGet Network\FlashGet 3\zlib.dll
c:\windows\libem.INI
c:\windows\system32\secustat.dat
c:\windows\system32\vbzlib1.dll
D:\install.exe

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF


((((((((((((((((((((((((( Files Creati Da 2010-10-20 al 2010-11-20 )))))))))))))))))))))))))))))))))))
.

2010-11-06 17:24 . 2010-11-20 21:18 -------- d-----w- c:\windows\system32\CatRoot2
2010-11-06 13:12 . 2006-10-18 18:05 232448 ----a-w- c:\windows\system32\mp3fhg.acm
2010-11-05 14:45 . 2010-11-06 19:12 -------- d-----w- C:\found.000
2010-11-03 16:39 . 2010-11-03 16:39 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\ProgSense
2010-10-30 20:09 . 2004-08-19 13:39 33280 -c--a-w- c:\windows\system32\dllcache\rundll32.exe
2010-10-30 20:09 . 2004-08-19 13:39 33280 ----a-w- c:\windows\system32\rundll32.exe
2010-10-24 16:07 . 2010-10-24 16:07 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Mozilla
2010-10-22 15:33 . 2010-09-10 05:49 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-10-22 15:23 . 2009-08-06 17:23 15584 ----a-w- c:\windows\system32\wuapi.dll.mui

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-05 11:27 . 2009-03-02 18:54 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-10-18 08:00 . 2010-10-20 15:14 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-09-15 02:50 . 2010-06-14 15:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 00:29 . 2008-10-13 15:09 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-10 05:49 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:49 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:49 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-08-29 17:26 . 2010-08-29 17:26 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-08-29 17:26 . 2010-08-29 17:26 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
.

------- Sigcheck -------

[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 4AFB3B0919649F95C1964AA1FAD27D73 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2006-03-02 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2006-03-02 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\tcpip.sys

[7] 2008-04-14 . 9259170D29B5A256735FCB8B80280857 . 510464 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . 6DC43081C760EEC1130D2C8C145DF375 . 549888 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 6DC43081C760EEC1130D2C8C145DF375 . 549888 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[7] 2006-03-02 . 4166454E2BCFCC20D1B8A5AC9FEAB243 . 504832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
[7] 2006-03-02 . 4166454E2BCFCC20D1B8A5AC9FEAB243 . 504832 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\winlogon.exe

[7] 2008-04-14 . 10AA0E13B4D20EE798E3382C9B89B3E3 . 617472 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2008-04-14 . 6B00176C49AD983527346A0CB3B29BD1 . 643072 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 6B00176C49AD983527346A0CB3B29BD1 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2008-04-14 . 9530E35D9033ACED20CDA2509A21073A . 1054208 . . [6.0] . . c:\windows\WinSxS\InstallTemp\4637342\comctl32.dll
[7] 2008-04-14 . 9530E35D9033ACED20CDA2509A21073A . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2006-03-02 . 0FE5F5912C30795C455A9645970E6C7C . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[7] 2006-03-02 . 0FE5F5912C30795C455A9645970E6C7C . 611328 . . [5.82] . . c:\windows\ERDNT\cache\comctl32.dll
[7] 2006-03-02 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\InstallTemp\80014\comctl32.dll
[7] 2006-03-02 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2006-03-02 . D81759006D620D41F7FD1D2A4A10C7F3 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

[7] 2009-02-10 . 3B5928FCD0DD3E10DEB1C13CA35201F6 . 2192896 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2009-02-09 . AAC0F03E70F066D2E13FA2BA534BB2A8 . 2192768 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2009-02-09 . 592F44BB500F995BEAD0EB8BA06BC104 . 2148864 . . [5.1.2600.5755] . . c:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe
[-] 2009-02-09 . B330561E515AA626F81407978AB5C72C . 2310144 . . [5.1.2600.5755] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2009-02-09 . B330561E515AA626F81407978AB5C72C . 2310144 . . [5.1.2600.5755] . . c:\windows\system32\ntoskrnl.exe
[-] 2009-02-09 . B330561E515AA626F81407978AB5C72C . 2310144 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2008-08-14 . 0EE73494680235D59F4E57301D7AD580 . 2192896 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[7] 2008-04-14 . 85B6D05F83DFBAFEF5F58836CE39586C . 2148864 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[7] 2006-03-02 . 8AB08C18BED548F7A534E9650911F660 . 2151936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[7] 2006-03-02 . 8AB08C18BED548F7A534E9650911F660 . 2151936 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ntoskrnl.exe

[7] 2008-04-14 . FA94696C0727BD59E517C674CD6E7C72 . 579584 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . 3E163C943AC3ECC44826954A579E0F87 . 579584 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . 3E163C943AC3ECC44826954A579E0F87 . 579584 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[7] 2006-03-02 . 08447BDFCE5D1B1956F962602381F5C1 . 578048 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
[7] 2006-03-02 . 08447BDFCE5D1B1956F962602381F5C1 . 578048 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\user32.dll

[-] 2008-04-14 . 889676A942A232F349C9F8177CD9B782 . 1543168 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . 70D7F99D95615C3C278367756287DB71 . 1036288 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . 889676A942A232F349C9F8177CD9B782 . 1543168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2006-03-02 . 178D42BD8FC34A9837417A6CE1D6BB7B . 1034752 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[7] 2006-03-02 . 178D42BD8FC34A9837417A6CE1D6BB7B . 1034752 . . [6.00.2900.2180] . . c:\windows\ERDNT\cache\explorer.exe

[7] 2008-04-14 . DA5AB646CDA75F2801660F5754990D2F . 1287168 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ole32.dll
[-] 2008-04-14 . 9C53CD8539F65CB380347F6689C8F188 . 1312256 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2008-04-14 . 9C53CD8539F65CB380347F6689C8F188 . 1312256 . . [5.1.2600.5512] . . c:\windows\system32\ole32.dll
[7] 2006-03-02 . 66364440C71911D07468F3791206FB87 . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ole32.dll

[7] 2008-04-14 . F53CDDEF33A4C41336A782BE3D170158 . 15360 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 7F4C43F75EBF781352DB3B5EF6BF8230 . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 7F4C43F75EBF781352DB3B5EF6BF8230 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[7] 2006-03-02 . 5B33B4265966EE063C7FBEA28958D9C2 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
[7] 2006-03-02 . 5B33B4265966EE063C7FBEA28958D9C2 . 15360 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ctfmon.exe

[7] 2009-02-10 . 310B4DD8E34D9281D609B5EBDFDE34A7 . 2069760 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2009-02-09 . 844C5BC1F022E7790BA6DD2610823BE6 . 2027520 . . [5.1.2600.5755] . . c:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe
[-] 2009-02-09 . 58067AE0C38014627F3B5AF32E0E7C2B . 2188800 . . [5.1.2600.5755] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2009-02-09 . 58067AE0C38014627F3B5AF32E0E7C2B . 2188800 . . [5.1.2600.5755] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-02-09 . 58067AE0C38014627F3B5AF32E0E7C2B . 2188800 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2009-02-09 . FF69166080436A31A3EAC9CC7C3F1847 . 2069888 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . C812D8551FD3B6ACDBF7EB6B18B1B992 . 2069760 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[7] 2008-04-14 . FE93732DE7D6EA191E2FF816341D6FFF . 2027520 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[7] 2006-03-02 . 4B42A1C0085CE18E4BE81A25A3D1C9CF . 2018816 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[7] 2006-03-02 . 4B42A1C0085CE18E4BE81A25A3D1C9CF . 2018816 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ntkrnlpa.exe

[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\NiwradSoft Shell Pack\Backup\iexplore.exe
[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . c:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe
[7] 2008-08-23 . E8305C30D35E85D6657ED3E9934CB302 . 635848 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
[-] 2008-06-23 . 64E376A47763DAEABCDA14BD5B6EA286 . 625664 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\iexplore.exe
[-] 2008-06-23 . C52A9EF571E91535EB78DB4B8B95EA07 . 625664 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
[7] 2008-04-14 . 173E49AEBB665C0577D751BA55F84B6C . 93184 . . [6.00.2900.5512] . . c:\windows\ie7\iexplore.exe
[7] 2008-04-14 . 173E49AEBB665C0577D751BA55F84B6C . 93184 . . [6.00.2900.5512] . . c:\windows\ie8\iexplore.exe
[-] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . c:\windows\ie7updates\KB953838-IE7\iexplore.exe
[7] 2006-03-02 . C49ED6E4358FFAECFE70FC8F3C67D224 . 93184 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\iexplore.exe
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-07-26 12:09 70776 ----a-w- c:\programmi\Internet Download Manager\IDMShellExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\programmi\ASUS\ASUS Remote\RemoteControlAppl.exe" [2006-02-14 69632]
"nwiz"="nwiz.exe" [2008-10-07 1630208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2006-03-02 44544]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Logitech SetPoint.lnk - c:\programmi\Logitech\SetPoint\SetPoint.exe [2008-10-11 813584]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-20 10:51 548352 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 10:28 72208 ----a-w- c:\programmi\File comuni\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\beep.sys]
@="beep"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Avvio^Programmi^Esecuzione automatica^Logitech . Registrazione prodotti.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^BlueSoleil.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Logitech Desktop Messenger.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^TSS Instrument API Tray Utility.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^WinZip Quick Pick.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD9LanguageShortcut
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04 1164584 ----a-w- c:\programmi\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2008-10-11 17:33 32768 ----a-w- c:\programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2006-12-18 13:34 868352 ----a-r- c:\programmi\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Nero BackItUp Scheduler 4.0"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"BlueSoleil Hid Service"=2 (0x2)
"a2free"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" -osboot

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\Orbitdownloader\\orbitdm.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitnet.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\PeerBlock\\peerblock.exe"=
"c:\\Programmi\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

R0 sonyhcb;Sony Digital Imaging Base;c:\windows\system32\drivers\sonyhcb.sys [12/11/2009 19.45.25 6097]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [02/03/2009 19.54.35 717296]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1108000.005\symds.sys [24/09/2010 11.28.20 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1108000.005\symefa.sys [24/09/2010 11.28.20 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20101104.001\BHDrvx86.sys [04/11/2010 1.07.06 691248]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1108000.005\cchpx86.sys [24/09/2010 11.28.20 501888]
R1 dk2drv;DK2 WindowsNT Driver;c:\windows\system32\drivers\dk2drv.sys [04/11/2008 20.20.04 49720]
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [26/07/2010 16.13.39 74208]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\SASDIFSV.SYS [15/01/2009 16.17.40 9968]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [15/01/2009 16.17.38 74480]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1108000.005\ironx86.sys [24/09/2010 11.28.20 116784]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/04/11 00:08];c:\programmi\CyberLink\PowerDVD10\NavFilter\000.fcl [13/03/2010 11.58.52 87536]
R2 FLE5WNNT;FLE-5 WindowsNT Driver;c:\windows\system32\drivers\fle5wnnt.sys [04/11/2008 20.20.23 33404]
R2 FLSIFACE;FLSIface;c:\windows\system32\drivers\flsiface.sys [04/11/2008 20.20.24 13440]
R2 FLSPAR;FLSPar;c:\windows\system32\drivers\flspar.sys [04/11/2008 20.20.24 16314]
R2 FLSSER;FLSSer;c:\windows\system32\drivers\flsser.sys [04/11/2008 20.20.24 8344]
R2 FLSVCOM;FLSVCom;c:\windows\system32\drivers\flsvcom.sys [04/11/2008 20.20.24 34080]
R2 NIS;Norton Internet Security;c:\programmi\Norton Internet Security\Engine\17.8.0.5\ccsvchst.exe [24/09/2010 11.28.04 126392]
R2 PARLDR2K;ParLdr2k;c:\windows\system32\drivers\parldr2k.sys [04/11/2008 20.34.04 10454]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [11/10/2008 18.35.51 2825088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programmi\File comuni\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12/11/2010 12.32.31 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20101119.001\IDSXpx86.sys [19/10/2010 21.36.22 341880]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 12.16.28 130384]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [27/04/2010 11.47.57 136176]
S3 MBLAUDRV;Mobiola Audio Service;c:\windows\system32\drivers\BTCamAudioDrv.sys [31/10/2008 17.57.30 13312]
S3 MBLAUDRVOUT;Mobiola Audio Out Service;c:\windows\system32\drivers\BTCamAudioDrvOut.sys [31/10/2008 17.57.30 18304]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2); [x]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [04/11/2008 20.19.40 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [04/11/2008 20.19.40 8320]
S3 pbfilter;pbfilter;c:\programmi\PeerBlock\pbfilter.sys [20/01/2010 18.41.07 14424]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [04/11/2008 21.45.45 32377]
S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [15/01/2009 16.17.42 7408]
S3 scrcap;scrcap;c:\windows\system32\DRIVERS\scrcap.sys --> c:\windows\system32\DRIVERS\scrcap.sys [?]
S3 sonyhcs;Sony Digital Imaging Video;c:\windows\system32\drivers\sonyhcs.sys [12/11/2009 19.45.25 299923]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 12.16.28 753504]
S3 z3f2bus;Sony Ericsson driver (WDM);c:\windows\system32\DRIVERS\z3f2bus.sys --> c:\windows\system32\DRIVERS\z3f2bus.sys [?]
S3 z3f2mgmt;Sony Ericsson USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\z3f2mgmt.sys --> c:\windows\system32\DRIVERS\z3f2mgmt.sys [?]
S4 a2free;a-squared Free Service;c:\programmi\a-squared Free\a2service.exe [12/10/2008 15.09.07 1872320]
.
Contenuto della cartella 'Scheduled Tasks'

2010-11-20 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary Utilities\initialize.exe [2010-11-06 20:55]

2010-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-04-27 10:47]

2010-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-04-27 10:47]

2010-10-16 c:\windows\Tasks\switchShakeIcon.job
- c:\programmi\NCH Swift Sound\Switch\switch.exe [2010-10-14 16:45]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.tiscali.it/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local
IE: &Download by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/202
IE: Download all by FlashGet3
IE: Download by FlashGet3
IE: Scarica con IDM - c:\programmi\Internet Download Manager\IEExt.htm
IE: Scarica con IDM contenuti video FLV - c:\programmi\Internet Download Manager\IEGetVL.htm
IE: Scarica tutti i link con IDM - c:\programmi\Internet Download Manager\IEGetAll.htm
TCP: {A21903E7-2B40-48CE-8DA8-980657545E32} = 213.205.32.70,213.205.36.70
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\7ob7qfnc.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.tiscali.it/
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 9666
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 9666
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\Administrator\Dati applicazioni\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\documents and settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\7ob7qfnc.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashgetXpi.dll
FF - component: c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\programmi\Orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabXpcom.dll
FF - plugin: c:\programmi\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\programmi\Veetle\Player\npvlc.dll
FF - plugin: c:\programmi\Veetle\plugins\npVeetle.dll
FF - plugin: c:\programmi\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: c:\programmi\Virtual Earth 3D\npVE3D.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

Toolbar-Locked - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-20 22:24
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\programmi\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe\" /s \"NIS\" /m \"c:\programmi\Norton Internet Security\Engine\17.8.0.5\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\programmi\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-682003330-261478967-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,9b,a2,59,d0,3b,e7,0f,42,a8,30,c3,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,34,4e,0b,97,3e,b9,26,4d,95,f6,48,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d9,9e,4f,e8,e8,ab,7a,46,b1,14,cb,\

[HKEY_USERS\S-1-5-21-682003330-261478967-725345543-500\Software\SecuROM\License information*]
"datasecu"=hex:5c,98,4e,c6,4e,90,2d,56,12,a9,4c,42,d1,03,2d,bf,e0,a8,d9,01,62,
54,60,b8,15,1c,db,03,28,67,09,75,49,4e,f6,50,a2,0d,27,8a,dd,e9,e2,ac,84,a6,\
"rkeysecu"=hex:2c,52,5d,b9,5f,aa,c5,74,96,0e,bc,61,95,03,45,cb

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{21b66ec7-2a3d-4c49-8114-92e2d5f9730a}]
@Denied: (Full) (Everyone)
"Model"=dword:00000091
"Therad"=dword:00000015
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):b9,1c,79,1c,8f,e7,4e,cf,14,d2,a2,1b,d1,bc,ec,0b,84,ef,c2,99,81,
17,f9,e4,e0,f2,6f,f7,a4,2f,83,77,ce,6e,f4,6e,74,7a,8c,3a,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NTAKRNL\0000\LogConf]
@DACL=(02 0000)
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1724)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\programmi\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\programmi\file comuni\logitech\bluetooth\LBTWlgn.dll
c:\programmi\file comuni\logitech\bluetooth\LBTServ.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(1908)
c:\windows\system32\setupapi.dll
c:\windows\system32\scecli.dll

- - - - - - - > 'explorer.exe'(2404)
c:\windows\system32\WININET.dll
c:\programmi\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\COMRes.dll
c:\programmi\Internet Download Manager\IDMShellExt.dll
c:\windows\System32\cscui.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\LINKINFO.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
.
Ora fine scansione: 2010-11-20 22:29:05
ComboFix-quarantined-files.txt 2010-11-20 21:29
ComboFix2.txt 2009-09-11 19:13
ComboFix3.txt 2009-08-20 15:36
ComboFix4.txt 2009-08-18 10:35
ComboFix5.txt 2009-09-12 13:55

Pre-Run: 13.528.555.520 byte disponibili
Post-Run: 13.487.775.744 byte disponibili

Current=1 Default=1 Failed=0 LastKnownGood=6 Sets=1,2,3,4,5,6
- - End Of File - - 8D3D28F09CD62F61BC73292F1CC82FB4

Si lo avevo già usato....perchè??

E vabbè dai :D Ora che mi consigli di fare?

No! C'è solo l'ultimo =(

Ho eliminato combofix e avviato la scansione completa, ma DOPO 9 ORE ERA ANCORA AL 12%...e l'ho interrotta!