Innanzitutto grazie!
Ho provato una scansione con Malwarebytes, il problema è che non mi fa aggiornare il database. é aggiornato al 2008.

Sono riuscito ad aggiornarlo ed ecco il risultato della scansione con Malwarebytes:
Faccio comunque la procedure descritta su?


Malwarebytes' Anti-Malware 1.44
Versione del database: 3510
Windows 6.0.6000
Internet Explorer 7.0.6000.16711
11/03/2010 12.40.53
mbam-log-2010-03-11 (12-40-53).txt
Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 215536
Tempo trascorso: 45 minute(s), 21 second(s)
Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 1
Valori di registro infetti: 2
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 6
Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)
Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)
Chiavi di registro infette:
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
Valori di registro infetti:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wisac (Trojan.Agent.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lqdchu (Trojan.Agent.H) -> Quarantined and deleted successfully.
Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)
Cartelle infette:
(Nessun elemento malevolo rilevato)
File infetti:
C:\Downloads\get.php (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Windows\bk23567.dat (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\Windows\fdgg34353edfgdfdf (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\Program Files\webserver\webserver.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Uninstall.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Proprietario\AppData\Local\Temp\zpskon_1267927671.exe (Worm.Koobface) -> Quarantined and deleted successfully.

shapiro ha ragione,siamo alla versione da lui detta,ho aggiornato anch io per scansionare un file che ho scaricato.
credo che sia bene che esegui anche combofix,cosi' magari sondiamo piu' a fondo.
@shapiro:nessuna intromissione,anzi....se secondo te è meglio fare qualcos altro dillo tranquillamente,io ho solo da imparare.non ho fatto fixare le voci perchè preferisco che lo facciano i software,ma se pensi che sia meglio digli serenamente cio che deve fare.

Buonasera....ecco finalmente la scanzione che mi avete chiesto col combofix.


ComboFix 10-03-21.05 - Proprietario 22/03/2010 19.04.44.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.39.1040.18.1022.450 [GMT 1:00]
Eseguito da: c:\users\Proprietario\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! Antivirus *disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\webserver
c:\users\Proprietario\AppData\Local\010112010146111103.xxe
c:\users\Proprietario\AppData\Local\lqdchu.dat
c:\users\Proprietario\AppData\Local\lqdchu_nav.dat
c:\users\Proprietario\AppData\Local\lqdchu_navps.dat
c:\users\Proprietario\AppData\Local\rdr_1267902418.exe
c:\users\Proprietario\AppData\Local\rdr_1267902419.exe
c:\users\Proprietario\AppData\Local\rdr_1267902420.exe
c:\users\Proprietario\AppData\Local\rdr_1267902421.exe
c:\users\Proprietario\AppData\Local\rdr_1268210151.exe
c:\users\Proprietario\AppData\Local\rdr_1268211286.exe
c:\users\Proprietario\AppData\Local\rdr_1268237198.exe
c:\users\Proprietario\AppData\Local\rdr_1268237898.exe
c:\users\Proprietario\AppData\Local\rdr_1268244325.exe
c:\users\Proprietario\AppData\Local\rdr_1268296746.exe
c:\users\Proprietario\AppData\Local\rdr_1268297059.exe
c:\users\Proprietario\AppData\Local\rdr_1268302156.exe
c:\users\Proprietario\AppData\Local\rdr_1268302462.exe
c:\users\Proprietario\AppData\Local\wisac_nav.dat
c:\users\Proprietario\AppData\Local\wisac_navps.dat
c:\windows\bill103.exe
c:\windows\ligh
c:\windows\system32\Connect.dll

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_webserver


((((((((((((((((((((((((( Files Creati Da 2010-02-22 al 2010-03-22 )))))))))))))))))))))))))))))))))))
.

2010-03-22 17:02 . 2010-03-22 17:02 -------- d-----w- c:\program files\TrendMicro
2010-03-17 09:01 . 2010-03-17 09:01 -------- d-----w- c:\users\Proprietario\AppData\Roaming\Conviva
2010-03-16 09:14 . 2010-03-16 09:14 -------- d-----w- c:\windows\Sun
2010-03-11 10:15 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-11 10:15 . 2010-03-11 10:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-11 10:15 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-11 08:57 . 2010-03-09 11:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-03-11 08:57 . 2010-03-09 11:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-03-11 08:57 . 2010-03-09 11:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-03-11 08:57 . 2010-03-09 11:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-03-11 08:57 . 2010-03-09 11:08 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-03-11 08:55 . 2010-03-09 11:24 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-03-11 08:55 . 2010-03-09 11:24 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-03-11 08:55 . 2010-03-11 08:55 -------- d-----w- c:\programdata\Alwil Software
2010-03-11 08:55 . 2010-03-11 08:55 -------- d-----w- c:\program files\Alwil Software
2010-03-10 18:21 . 2010-03-10 18:21 -------- d-----w- c:\program files\Sophos
2010-03-10 18:04 . 2010-03-10 18:04 -------- d-----w- c:\users\Proprietario\AppData\Roaming\Malwarebytes
2010-03-10 18:04 . 2010-03-10 18:04 -------- d-----w- c:\programdata\Malwarebytes
2010-03-10 16:26 . 2010-03-19 10:17 -------- d-----w- c:\users\Proprietario\AppData\Roaming\TeamViewer
2010-03-10 16:26 . 2010-03-10 16:26 -------- d-----w- c:\program files\TeamViewer
2010-03-10 08:51 . 2010-03-11 08:43 -------- dc----w- c:\windows\system32\DRVSTORE
2010-03-10 08:49 . 2010-03-11 08:43 -------- d-----w- c:\programdata\Lavasoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-22 18:11 . 2009-05-08 10:37 -------- d-----w- c:\users\Proprietario\AppData\Roaming\Free Download Manager
2010-03-22 17:23 . 2009-07-23 15:59 -------- d-----w- c:\program files\Yahoo!
2010-03-22 17:02 . 2010-03-22 17:02 388096 ----a-r- c:\users\Proprietario\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-03-22 11:24 . 2006-05-30 20:54 -------- d-----w- c:\users\Proprietario\AppData\Roaming\OpenOffice.org2
2010-03-22 11:03 . 2006-05-30 20:56 1 ----a-w- c:\users\Proprietario\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2010-03-13 19:14 . 2007-01-04 05:58 682184 ----a-w- c:\windows\system32\perfh010.dat
2010-03-13 19:14 . 2007-01-04 05:58 114622 ----a-w- c:\windows\system32\perfc010.dat
2010-03-11 08:47 . 2008-10-06 10:45 -------- d-----w- c:\programdata\avg8
2010-03-10 08:29 . 2009-04-20 14:40 -------- d-----w- c:\programdata\NOS
2010-03-10 08:29 . 2009-04-20 14:40 -------- d-----w- c:\program files\NOS
2010-02-27 20:08 . 2009-04-17 08:59 -------- d-----w- c:\users\Proprietario\AppData\Roaming\FileZilla
2010-02-24 09:16 . 2009-10-03 11:07 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr
2010-02-05 18:47 . 2007-01-03 21:26 -------- d-----w- c:\program files\Google
2010-02-05 17:33 . 2010-02-05 17:33 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbF987.tmp.exe
2010-01-25 17:48 . 2010-01-25 17:48 -------- d-----w- c:\users\Proprietario\AppData\Roaming\DivX
2010-01-19 18:02 . 2010-01-19 18:02 53472 ----a-w- c:\windows\system32\wuauclt.exe
2010-01-19 18:02 . 2010-01-19 18:02 44768 ----a-w- c:\windows\system32\wups2.dll
2010-01-19 18:02 . 2010-01-19 18:02 2421760 ----a-w- c:\windows\system32\wucltux.dll
2010-01-19 18:02 . 2010-01-19 18:02 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2010-01-19 18:01 . 2010-01-19 18:01 87552 ----a-w- c:\windows\system32\wudriver.dll
2010-01-19 18:01 . 2010-01-19 18:01 575704 ----a-w- c:\windows\system32\wuapi.dll
2010-01-19 18:01 . 2010-01-19 18:01 35552 ----a-w- c:\windows\system32\wups.dll
2010-01-19 18:01 . 2010-01-19 18:01 33792 ----a-w- c:\windows\system32\wuapp.exe
2010-01-19 18:01 . 2010-01-19 18:01 171608 ----a-w- c:\windows\system32\wuwebv.dll
2008-08-18 07:45 . 2008-08-18 07:45 22 --sha-w- c:\windows\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-09-10 1232896]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 221184]
"Google Update"="c:\users\Proprietario\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-12-16 133104]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-02-27 3399727]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-05-19 3561720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-09-10 1006264]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-08-27 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-08-27 8473120]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-08-27 81920]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2008-8-23 593920]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:28ab7d3a47

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1730336886-3869713857-2092326480-1000]
"EnableNotificationsRef"=dword:00000002

R2 gupdate;Servizio di Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 135664]
R3 XZVW;XZVW;c:\users\PROPRI~1\AppData\Local\Temp\XZVW.exe [x]
R4 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2008-12-09 234888]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-03-09 51792]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-02-11 172328]
S3 SNXPCARD;Sunix PCI Multi I/O Card Driver;c:\windows\system32\DRIVERS\snxpcard.sys [2006-02-05 20864]
S3 SNXPSERX;Sunix PCI Serial Port Driver;c:\windows\system32\DRIVERS\snxpserx.sys [2006-02-05 54528]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
netsvc6 REG_MULTI_SZ srvoko6
.
Contenuto della cartella 'Scheduled Tasks'

2010-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 18:47]

2010-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 18:47]

2010-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1730336886-3869713857-2092326480-1000Core.job
- c:\users\Proprietario\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-16 08:39]

2010-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1730336886-3869713857-2092326480-1000UA.job
- c:\users\Proprietario\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-16 08:39]

2010-03-22 c:\windows\Tasks\User_Feed_Synchronization-{A59E10AE-F285-414E-91C7-DCB9EE714009}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Scansione supplementare -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://it.yahoo.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Scarica con Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Scarica i video con Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Scarica selezionati con Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Scarica tutto con Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
DPF: {4819DFDF-ABC4-488C-A323-919848C51175}
DPF: {A1FE3DE0-CF77-11D4-8340-0080C8D7ED4A} - hxxp://194.244.16.117/g_bin/eng/demon_2_0_0_30.cab
DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} - hxxp://194.244.16.117/g_bin/eng/pirate_2_0_0_30.cab
DPF: {BFA1F11D-3121-AFE1-4112-983219421AEF} - hxxp://194.244.16.117/g_bin/eng/wordssingle_2_0_0_48.cab
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKCU-Run-PcSync - c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
HKCU-Run-libipwha - c:\users\Proprietario\AppData\Roaming\ahfdxdyg.dll
AddRemove-HijackThis - c:\users\Proprietario\AppData\Local\Temp\Temp1_HiJackThis.zip\HijackThis.exe
AddRemove-myphotobook - j:\fotoalb\myphotobook\uninst.exe
AddRemove-SNAPFISH - C:\uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-22 19:16
Windows 6.0.6000 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-1730336886-3869713857-2092326480-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EA88F9F8-5478-97BC-8169-ACC79C8E2EDC}*]
"hajlnihbemoooija"=hex:6b,61,70,6c,70,6a,64,66,64,69,68,61,6c,6a,70,62,6b,6f,
70,69,6b,63,00,00
"ialodjleahlaofodcj"=hex:6b,61,66,6c,68,6c,66,70,70,6a,68,70,6a,67,64,6f,6c,6c,
6b,66,67,63,00,00
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\WUDFHost.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\rundll32.exe
c:\program files\Alwil Software\Avast5\AvastUI.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
.
**************************************************************************
.
Ora fine scansione: 2010-03-22 19:19:14 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-03-22 18:19

Pre-Run: 67.536.805.888 byte disponibili
Post-Run: 72.387.055.616 byte disponibili

- - End Of File - - D2BE41A7BCF06F6C09351969929A2764

scusate ma dal log di haijakthis non compare nessun antivirus installato o sbaglio?

solo queste infezioni rimosse:
c:\program files\webserver
c:\users\Proprietario\AppData\Local\010112010146111103.xxe
c:\users\Proprietario\AppData\Local\lqdchu.dat
c:\users\Proprietario\AppData\Local\lqdchu_nav.dat
c:\users\Proprietario\AppData\Local\lqdchu_navps.dat
c:\users\Proprietario\AppData\Local\rdr_1267902418.exe
c:\users\Proprietario\AppData\Local\rdr_1267902419.exe
c:\users\Proprietario\AppData\Local\rdr_1267902420.exe
c:\users\Proprietario\AppData\Local\rdr_1267902421.exe
c:\users\Proprietario\AppData\Local\rdr_1268210151.exe
c:\users\Proprietario\AppData\Local\rdr_1268211286.exe
c:\users\Proprietario\AppData\Local\rdr_1268237198.exe
c:\users\Proprietario\AppData\Local\rdr_1268237898.exe
c:\users\Proprietario\AppData\Local\rdr_1268244325.exe
c:\users\Proprietario\AppData\Local\rdr_1268296746.exe
c:\users\Proprietario\AppData\Local\rdr_1268297059.exe
c:\users\Proprietario\AppData\Local\rdr_1268302156.exe
c:\users\Proprietario\AppData\Local\rdr_1268302462.exe
c:\users\Proprietario\AppData\Local\wisac_nav.dat
c:\users\Proprietario\AppData\Local\wisac_navps.dat
c:\windows\bill103.exe
c:\windows\ligh
c:\windows\system32\Connect.dll

posteresti un log aggiornato di hijack?