Ecco il log che ha creato la scansione con combo fix:

ComboFix 10-04-06.05 - gio 08/04/2010 14.38.51.2.2 - x86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1014.747 [GMT 2:00]
Eseguito da: c:\documents and settings\gio\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\gio\Impostazioni locali\Dati applicazioni\kswae.dat
c:\documents and settings\gio\Impostazioni locali\Dati applicazioni\kswae_nav.dat
c:\documents and settings\gio\Impostazioni locali\Dati applicazioni\kswae_navps.dat
c:\windows\system32\Thumbs.db

.
((((((((((((((((((((((((( Files Creati Da 2010-03-08 al 2010-04-08 )))))))))))))))))))))))))))))))))))
.

2010-04-07 22:30 . 2010-04-07 22:31 52224 ----a-w- c:\documents and settings\gio\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-04-07 19:21 . 2010-03-16 18:41 1324720 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100407.002\NAVEX15.SYS
2010-04-07 19:21 . 2010-03-16 18:41 84912 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100407.002\NAVENG.SYS
2010-04-07 19:21 . 2010-03-16 18:41 371248 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100407.002\EECTRL.SYS
2010-04-07 19:21 . 2010-03-16 18:41 2747440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100407.002\CCERASER.DLL
2010-04-07 19:21 . 2010-03-16 18:41 259440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100407.002\ECMSVR32.DLL
2010-04-07 19:21 . 2010-03-16 18:41 177520 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100407.002\NAVENG32.DLL
2010-04-07 19:21 . 2010-03-16 18:41 1647984 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100407.002\NAVEX32A.DLL
2010-04-07 19:21 . 2010-03-16 18:41 102448 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100407.002\ERASER.SYS
2010-04-07 14:59 . 2010-04-07 14:59 5918776 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-04-07 14:58 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-07 14:58 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-07 14:47 . 2010-04-07 14:47 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-04-07 14:16 . 2010-04-07 14:25 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Norman
2010-04-07 14:16 . 2010-04-07 14:16 -------- d-----w- c:\programmi\Norman
2010-04-06 15:24 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100402.001\Scxpx86.dll
2010-04-06 15:24 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100402.001\IDSvix86.sys
2010-04-06 15:24 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100402.001\IDSXpx86.sys
2010-04-06 15:24 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100402.001\IDSxpx86.dll
2010-04-06 15:24 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100402.001\IDSviA64.sys
2010-03-30 17:31 . 2010-03-30 17:31 503808 ----a-w- c:\documents and settings\gio\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7c5e8d70-n\msvcp71.dll
2010-03-30 17:31 . 2010-03-30 17:31 61440 ----a-w- c:\documents and settings\gio\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-48adf395-n\decora-sse.dll
2010-03-30 17:31 . 2010-03-30 17:31 499712 ----a-w- c:\documents and settings\gio\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7c5e8d70-n\jmc.dll
2010-03-30 17:31 . 2010-03-30 17:31 348160 ----a-w- c:\documents and settings\gio\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7c5e8d70-n\msvcr71.dll
2010-03-30 17:31 . 2010-03-30 17:31 12800 ----a-w- c:\documents and settings\gio\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-48adf395-n\decora-d3d.dll
2010-03-26 13:42 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100326.001\Scxpx86.dll
2010-03-26 13:42 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100326.001\IDSxpx86.dll
2010-03-26 13:42 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100326.001\IDSvix86.sys
2010-03-26 13:42 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100326.001\IDSXpx86.sys
2010-03-26 13:42 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100326.001\IDSviA64.sys
2010-03-24 20:38 . 2010-03-24 20:38 536112 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHDrvx86.sys
2010-03-24 20:38 . 2010-03-24 20:38 201616 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHRules.dll
2010-03-24 20:38 . 2010-03-24 20:38 1407888 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHEngine.dll
2010-03-24 20:38 . 2010-03-24 20:38 678960 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHDrvx64.sys
2010-03-24 20:38 . 2010-03-24 20:38 611216 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\bbRGen.dll
2010-03-23 00:51 . 2010-03-23 00:52 -------- d-----w- c:\programmi\Foto Sketcher
2010-03-23 00:36 . 2010-03-23 01:38 -------- d-----w- c:\programmi\P2s
2010-03-10 18:37 . 2009-10-23 15:28 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-07 23:30 . 2008-07-30 00:37 -------- d-----w- c:\programmi\HJTInstal
2010-04-07 22:31 . 2009-07-12 23:13 117760 ----a-w- c:\documents and settings\gio\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-04-07 14:58 . 2009-07-12 22:34 -------- d-----w- c:\programmi\Malwarebytes
2010-03-30 17:31 . 2008-07-29 21:50 -------- d-----w- c:\programmi\File comuni\Java
2010-03-30 17:28 . 2008-07-29 21:50 -------- d-----w- c:\programmi\Java
2010-03-30 17:28 . 2004-10-25 19:40 84354 ----a-w- c:\windows\system32\perfc010.dat
2010-03-30 17:28 . 2004-10-25 19:40 489648 ----a-w- c:\windows\system32\perfh010.dat
2010-03-26 00:45 . 2008-07-30 00:25 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2010-03-26 00:42 . 2008-07-30 00:58 -------- d-----w- c:\programmi\ccleaner
2010-03-25 23:29 . 2010-01-07 03:44 786800 ----a-r- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll
2010-03-23 01:55 . 2008-07-30 13:44 -------- d-----w- c:\documents and settings\gio\Dati applicazioni\Corel
2010-03-23 01:54 . 2008-07-30 13:32 88 --sh--r- c:\windows\system32\BFDB3A66EF.sys
2010-03-23 01:54 . 2008-07-30 13:32 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-03-23 00:13 . 2009-07-18 22:29 -------- d-----w- c:\documents and settings\gio\Dati applicazioni\vlc
2010-03-09 02:28 . 2008-11-27 20:50 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-07 19:50 . 2010-01-17 15:13 819 ----a-w- c:\documents and settings\gio\Dati applicazioni\settings.dat
2010-03-06 21:46 . 2010-03-06 21:29 -------- d-----w- c:\programmi\Emule
2010-02-25 23:32 . 2008-07-29 21:50 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-02-25 23:31 . 2008-07-30 14:57 -------- d-----w- c:\documents and settings\gio\Dati applicazioni\U3
2010-02-25 06:16 . 2004-10-25 19:39 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 09:16 . 2009-10-03 09:02 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 13:11 . 2010-02-23 13:10 -------- d-----w- c:\programmi\registrybooster
2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr
2010-01-21 20:28 . 2010-01-21 20:28 454838 ----a-r- c:\documents and settings\gio\Dati applicazioni\Microsoft\Installer\{51E4FE53-D6B0-43A0-B98C-7DE233D53EAB}\_AA3EAD0EB9C7C0B428AF0C.exe
2010-01-21 20:28 . 2010-01-21 20:28 454838 ----a-r- c:\documents and settings\gio\Dati applicazioni\Microsoft\Installer\{51E4FE53-D6B0-43A0-B98C-7DE233D53EAB}\_0D5C3650016DE5753C8488.exe
2009-09-14 14:30 . 2009-09-14 14:30 200620 ----a-w- c:\programmi\LazyFarmer_V2.zip
2009-05-20 23:27 . 2009-05-20 23:26 16742799 ----a-w- c:\programmi\vlc-0.9.9-win32.exe
.

------- Sigcheck -------

[7] 2008-04-14 . 5526482DCBA6047641B13BF9C75A74E0 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2004-09-07 . F9672BB64F213209EB4A8F79BB650B78 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll

c:\windows\System32\xmlprov.dll ... è mancante !!
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-12-08 975360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\programmi\Synaptics\SynTP\SynTPLpr.exe" [2005-03-10 98394]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2005-03-10 688218]
"Collegamento alla pagina delle proprietà di High Definition Audio"="HDAShCut.exe" [2005-01-07 61952]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"DetectorApp"="c:\programmi\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 102400]
"ISUSScheduler"="c:\programmi\File comuni\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader\Reader_sl.exe" [2008-10-15 39792]
"ISUSPM Startup"="c:\progra~1\FILECO~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 221184]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2006-11-11 98304]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\programmi\SuperAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Emule\\emule.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [27/02/2006 16.00.50 34880]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20/02/2006 17.01.06 29056]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1106000.020\symds.sys [07/04/2010 0.25.58 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1106000.020\symefa.sys [07/04/2010 0.25.58 172592]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHDrvx86.sys [24/03/2010 22.38.08 536112]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1106000.020\cchpx86.sys [07/04/2010 0.25.57 501888]
R1 kioport;kioport Library Driver;c:\windows\system32\drivers\kioport.sys [11/11/2006 16.18.15 3968]
R1 SASDIFSV;SASDIFSV;c:\programmi\SuperAntiSpyware\sasdifsv.sys [23/06/2009 11.01.40 9968]
R1 SASKUTIL;SASKUTIL;c:\programmi\SuperAntiSpyware\SASKUTIL.SYS [23/06/2009 11.01.40 72944]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1106000.020\ironx86.sys [07/04/2010 0.25.57 116784]
R2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [03/08/2008 21.59.02 8192]
R2 NIS;Norton Internet Security;c:\programmi\Norton Internet Security\Engine\17.6.0.32\ccsvchst.exe [07/04/2010 0.25.39 126392]
R2 WinDefend;Windows Defender;c:\programmi\Windows Defender\MsMpEng.exe [03/11/2006 19.19.58 13592]
R3 CIR;Hid Device;c:\windows\system32\drivers\CIR.sys [30/09/2005 12.37.14 5120]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programmi\File comuni\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [24/02/2010 15.46.39 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100402.001\IDSXpx86.sys [06/04/2010 17.24.06 329592]
R3 kbd;Keyboard;c:\windows\system32\drivers\kbd.sys [30/09/2005 12.36.40 21504]
S3 bsusbser;PHD USB Device for Legacy Serial Communication;c:\windows\system32\drivers\bsusbser.sys [15/04/2009 22.18.20 94848]
S3 SASENUM;SASENUM;c:\programmi\SuperAntiSpyware\SASENUM.SYS [23/06/2009 11.01.42 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contenuto della cartella 'Scheduled Tasks'

2010-04-08 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary_unlimited\Glary Utilities\initialize.exe [2008-08-28 09:08]

2010-04-08 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmi\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2010-04-07 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2010-04-08 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2010-04-08 c:\windows\Tasks\User_Feed_Synchronization-{282A4A53-C5DD-4A46-92CE-A4191E30B7FB}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.virgilio.it/
uInternet Settings,ProxyOverride = 127.0.0.1
IE: &Clean Traces - c:\programmi\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\programmi\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\programmi\DAP\dapextie2.htm
Trusted Zone: unicreditbanca.it
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\gio\Dati applicazioni\Mozilla\Firefox\Profiles\2aiophvb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.virgilio.it/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - component: c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\programmi\DAP\DAPFireFox\components\DAPFireFox.dll
FF - plugin: c:\programmi\Adobe\Reader\browser\nppdf32.dll
FF - plugin: c:\programmi\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\programmi\Pcasa\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\programmi\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-08 14:59
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\programmi\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe\" /s \"NIS\" /m \"c:\programmi\Norton Internet Security\Engine\17.6.0.32\diMaster.dll\" /prefetch:1"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1124)
c:\programmi\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(2200)
c:\windows\system32\WININET.dll
c:\progra~1\WINDOW~3\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programmi\Nokia\Nokia PC Suite 6\phonebrowser.dll
c:\programmi\Nokia\Nokia PC Suite 6\NGSCM.DLL
c:\programmi\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_ita.nlr
c:\programmi\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
c:\windows\system32\o2flash.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\PSIService.exe
c:\programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
c:\programmi\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2010-04-08 15:04:11 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-04-08 13:04

Pre-Run: 83.253.792.768 byte disponibili
Post-Run: 82.076.643.328 byte disponibili

- - End Of File - - D25A2F457853EB9AF7A8CDB57963D93A

ok, grazie... mi metto al lavoro ;)

oppsss...scusa non avevo capito cosa intendevi con "mbam,"l'ho cercato con google,hahhahaha...
adesso faccio scansione e poi ti so dire... grazie per adesso... ciaooo!

aspetta un attimo,c è un altra operazione da fare:
Scarica OTC by OldTimer sul desktop:
http://oldtimer.geekstogo.com/OTC.exe
doppio clic per eseguirlo
Clicca su CleanUp.
Ti chiederà di riavviare il pc.
Clicca sì.(è per una corretta disinstallazione di combofix)
disattiva il ripristino configurazione di sistema
start,pannello di controllo,sistema,configurazione di sistema,metti la spunta a
"disattiva ripristino configurazione di sistema su tutte le unita'",applica,ok.
spegni e riaccendi il pc e fai l operazione inversa per riattivarlo.
se hai problemi fallo sapere e vedrai che qualcuno ti aiutera'.

Ok fatto, e normale che dopo il riavvio sia sparita dal desktop l'icona di OTC ?

Ok non mi resta che ringraziarvi, il pc va bene, e tutto sembra risolto... grazieee