Aggiungo solamente che non m'è parso di veder alcun valido FIREWALL (il che, spiega abbondantemente perché un sacco di scatenatissimi malwares bramino follemente d'abbracciarti)... Installa quanto prima un valido firewall, sennò... tu ripulisci l'HD e nuovi pimpanti fetecchi, in pochi minuti di connessione non-protetta, gioiosamente lo ri-sporcano...
Inoltre: guarda che di SweetIM (e di consimili programmi) non è che ci sia poi molto da fidarsi... Pensa a quello che installi, PRIMA di installarlo...
http://tuttosulcomputer.forumcommunity.net/?t=8962875

Il firewall che mi pare il più indicato, nel caso in questione (dato che l'antivirus "residente" è Avast!) è PC Tools Firewall Plus (valido, gratuito, in italiano e scaricabile da Aiutamici).
http://www.aiutamici.com/software?ID=80142

PS (per r16): l'avevo letto, infatti, che già avevi scritto che c'era gran bisogno di un buon firewall: l'ho solamente ribadito (m'è parso proprio questo del firewall, in questa discussione, il punto più importante).

Se c'è una "valida collaborazione", qui, è quella TUA...
Sono davvero onorato di collaborare a questo bel forum con te.

salve amici, pultropo questo periodo sembro una calamita, anzi un vero magnete, pero grazie a voi non tutto è IMPOSIBLE, ho fatto come da voi detto ed ho installato anche pc tool,ora vi allego i log

ComboFix 08-07-05.1 - Luca 2008-07-06 15.41.32.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.324 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Luca\Documenti\ComboFix.exe
* Creato nuovo punto di ripristino

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
ADS - WINDOWS: deleted 0 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Menu Avvio\Programmi\MessengerSkinner
C:\Documents and Settings\All Users\Menu Avvio\Programmi\MessengerSkinner\Condizioni generali.url
C:\Documents and Settings\All Users\Menu Avvio\Programmi\MessengerSkinner\Disinstalla.lnk
C:\Documents and Settings\All Users\Menu Avvio\Programmi\MessengerSkinner\MessengerSkinner.lnk
C:\Documents and Settings\All Users\Menu Avvio\Programmi\MessengerSkinner\Riservatezza.url
C:\Documents and Settings\All Users\Menu Avvio\Programmi\MessengerSkinner\Website.url
C:\Documents and Settings\Luca\Documenti\File ricevuti\Drivers\LAN_Realtek_5_649_0615_2006\WIN2000\_desktop.ini
C:\Documents and Settings\Luca\Documenti\File ricevuti\Drivers\LAN_Realtek_5_649_0615_2006\WIN98SE\_desktop.ini
C:\Documents and Settings\Luca\Documenti\File ricevuti\Drivers\LAN_Realtek_5_649_0615_2006\WINME\_desktop.ini
C:\Documents and Settings\Luca\Documenti\File ricevuti\Drivers\LAN_Realtek_5_649_0615_2006\WINXP\_desktop.ini
c:\Documents and Settings\Luca\Impostazioni locali\Dati applicazioni\mgmaq.dat
c:\documents and settings\luca\impostazioni locali\dati applicazioni\mgmaq.exe
c:\Documents and Settings\Luca\Impostazioni locali\Dati applicazioni\mgmaq_nav.dat
c:\Documents and Settings\Luca\Impostazioni locali\Dati applicazioni\mgmaq_navps.dat
C:\WINDOWS\OPTIONS\CABS\_desktop.ini

.
((((((((((((((((((((((((( Files Creati Da 2008-06-06 al 2008-07-06 )))))))))))))))))))))))))))))))))))
.

2008-07-06 14:29 . 2008-07-06 14:29 469 --a------ C:\WINDOWS\wininit.ini
2008-07-06 11:24 . 2008-07-06 11:24 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-07-06 11:06 . 2008-07-06 11:06 <DIR> d-------- C:\Programmi\CCleaner
2008-07-06 11:01 . 2008-07-06 11:01 <DIR> d-------- C:\Programmi\Spybot - Search & Destroy
2008-07-06 11:01 . 2008-07-06 11:01 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-07-06 10:46 . 2008-03-17 19:23 39,808 --a------ C:\WINDOWS\system32\drivers\VIRAGTLT.SYS
2008-07-06 10:45 . 2008-07-06 15:30 <DIR> d-------- C:\VEXPLITE
2008-07-04 23:17 . 2008-07-04 23:17 <DIR> d-------- C:\Programmi\Trend Micro
2008-07-01 14:12 . 2008-07-01 14:12 <DIR> d-------- C:\Programmi\File comuni\Adobe
2008-06-28 15:33 . 2008-06-28 15:33 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-06-28 15:32 . 2008-06-28 15:32 <DIR> d-------- C:\Programmi\File comuni\Skype
2008-06-28 14:07 . 2008-06-28 14:43 <DIR> d-------- C:\Documents and Settings\Luca\Dati applicazioni\PowerChallenge
2008-06-27 13:48 . 2008-06-29 20:31 <DIR> d-------- C:\Programmi\Windows Live Safety Center
2008-06-26 18:22 . 2008-06-27 16:48 <DIR> d-------- C:\Programmi\Lavasoft(2)
2008-06-26 00:53 . 2008-06-27 16:48 <DIR> d-------- C:\Programmi\Football Generation
2008-06-26 00:36 . 2008-06-27 16:48 <DIR> d-------- C:\Programmi\Il Gioco dei Pacchi
2008-06-26 00:36 . 2008-06-26 09:42 8 --a------ C:\WINDOWS\system32\PackGame.tmp
2008-06-25 13:00 . 2008-06-27 16:48 <DIR> d-------- C:\Programmi\Smart_PC
2008-06-25 12:23 . 2008-07-06 09:13 <DIR> d-------- C:\Documents and Settings\Luca\Dati applicazioni\Lavasoft
2008-06-25 11:11 . 2008-06-25 11:11 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\SweetIM
2008-06-22 20:12 . 2008-06-22 20:12 <DIR> d-------- C:\Programmi\SLOWGLUE
2008-06-20 10:51 . 2008-06-20 10:51 121,439 --a------ C:\WINDOWS\system32\63F15B6B14AF427FA17CCE7D54235929
2008-06-20 10:34 . 2008-06-20 10:35 <DIR> d-------- C:\Virtual
2008-06-20 10:32 . 2008-06-20 11:35 <DIR> d-a------ C:\Programmi\securedie
2008-06-20 10:32 . 2008-06-20 11:35 <DIR> d-------- C:\Programmi\Secured IE
2008-06-20 10:32 . 2008-06-20 11:35 <DIR> d-------- C:\Programmi\BufferZone
2008-06-19 15:58 . 2008-06-19 15:58 <DIR> d-------- C:\Documents and Settings\simone\Dati applicazioni\Ahead
2008-06-18 22:00 . 2008-06-18 22:00 <DIR> d-------- C:\Programmi\Web Hottest Videos Personal Player
2008-06-16 20:14 . 2008-06-16 20:17 1,685 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-06-16 18:29 . 2008-06-16 18:29 1,208 --a------ C:\WINDOWS\mozver.dat
2008-06-16 18:20 . 2008-06-16 18:20 <DIR> d-------- C:\Documents and Settings\Luca\Dati applicazioni\.wyzo
2008-06-16 18:20 . 2008-06-16 18:20 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-16 18:11 . 2008-07-06 11:28 <DIR> d-a------ C:\Documents and Settings\All Users\Dati applicazioni\Admin Inter 1 Mags
2008-06-16 18:10 . 2008-06-16 18:14 <DIR> d-------- C:\Programmi\BitDownload
2008-06-16 17:32 . 2008-06-27 18:02 <DIR> d-------- C:\Programmi\Thoosje Sidebar V2.3
2008-06-16 14:11 . 2008-06-16 20:17 29,523 --a------ C:\WINDOWS\BricoPackUninst.cmd
2008-06-16 14:10 . 2008-06-16 20:15 3,932,214 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
2008-06-16 14:07 . 2008-06-16 20:13 <DIR> d-------- C:\WINDOWS\BricoPacks
2008-06-16 10:27 . 2008-06-16 10:27 <DIR> d-------- C:\Programmi\Conduit
2008-06-15 12:02 . 2008-06-27 21:21 <DIR> d-------- C:\Documents and Settings\simone\Contacts
2008-06-14 17:41 . 2008-06-14 17:41 <DIR> d-------- C:\Programmi\Multi_Media_Italy
2008-06-14 15:15 . 2008-06-14 16:59 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-06-14 11:57 . 2008-06-18 20:37 <DIR> d-------- C:\Programmi\Incomplete

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-03 12:42 --------- d--h--w C:\Programmi\FX Uninstall Information
2008-07-01 12:22 --------- d-----w C:\Documents and Settings\Luca\Dati applicazioni\AdobeUM
2008-06-28 17:42 --------- d-----w C:\Documents and Settings\Luca\Dati applicazioni\LimeWire
2008-06-28 17:40 --------- d-----w C:\Programmi\eMule
2008-06-28 13:41 --------- d-----w C:\Documents and Settings\Luca\Dati applicazioni\Skype
2008-06-28 13:33 --------- d-----w C:\Documents and Settings\Luca\Dati applicazioni\skypePM
2008-06-27 14:59 --------- d-----w C:\Programmi\Online_TV
2008-06-27 08:55 --------- d-----w C:\Programmi\Windows Live
2008-06-27 08:49 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2008-06-25 22:53 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-06-18 17:43 --------- d-----w C:\Programmi\LimeWire
2008-06-16 12:11 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-06-03 20:55 --------- d-----w C:\Documents and Settings\simone\Dati applicazioni\InterVideo
2008-06-02 11:06 --------- d-----w C:\Documents and Settings\simone\Dati applicazioni\ZipGenius
2008-06-01 11:24 --------- d-----w C:\Documents and Settings\simone\Dati applicazioni\ATI
2008-05-30 11:17 --------- d-----w C:\Programmi\Panzers
2008-05-26 18:00 --------- d-----w C:\Documents and Settings\Luca\Dati applicazioni\Nero
2008-05-26 17:51 --------- d-----w C:\Programmi\Heart Of Darkness Mini-Gioco
2008-05-23 12:45 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\CanonIJPLM
2008-01-12 17:31 32 ----a-w C:\Documents and Settings\All Users\Dati applicazioni\ezsid.dat
2007-08-02 17:47 16,384 -csha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2007-08-02 17:47 32,768 -csha-w C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat
2007-08-02 17:47 32,768 -csha-w C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012007080220070803\index.dat
2007-08-02 17:47 32,768 -csha-w C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
2007-12-10 14:46 1510424 --a------ C:\Programmi\P2P_Energy\tbP2P_.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2007-12-02 16:12 394672 --a------ C:\Programmi\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "C:\Programmi\P2P_Energy\tbP2P_.dll" [2007-12-10 14:46 1510424]

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2BAE58C2-79F9-45D1-A286-81F911301C3A}"= "C:\Programmi\P2P_Energy\tbP2P_.dll" [2007-12-10 14:46 1510424]

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:39 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 16:14 147456]
"TypingSatellite"="C:\Programmi\TypingMaster\KBOOST.EXE" [2005-06-27 14:52 762368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 17:41 45056]
"AzMixerSel"="C:\Programmi\Realtek\InstallShield\AzMixerSel.exe" [2006-04-15 13:35 53248]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 15:00 79224]
"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"VIRIT LITE MONITOR"="C:\VEXPLITE\MONLITE.EXE" [2008-07-06 10:48 245760]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 14:54 16248320 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:39 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.JDCT"= jl_jdct.drv

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\InterVideo\\DVD6\\WinDVD.exe"=
"C:\\Programmi\\eMule\\emule.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Programmi\\LimeWire\\LimeWire.exe"=
"C:\\Programmi\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"C:\\Programmi\\Skype\\Phone\\Skype.exe"=

R0 VIRAGTLT;VIRAGTLT;C:\WINDOWS\system32\drivers\VIRAGTLT.SYS [2008-03-17 19:23]
R2 IJPLMSVC;PIXMA Extended Survey Program;C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE [2006-11-10 08:12]
R2 viritsvclite;Virit eXplorer Lite;C:\VEXPLITE\viritsvc.exe [2008-07-06 10:48]
S3 camvid20;Philips ToUcam Camera; Video;C:\WINDOWS\system32\DRIVERS\camdrv21.sys []
S3 JL2005C;Dual Mode Camera;C:\WINDOWS\system32\Drivers\jl2005c.sys [2006-06-18 14:44]
S3 usbscan;Driver scanner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 USBSTOR;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

*Newly Created Service* - CATCHME
.
Contenuto della cartella 'Scheduled Tasks'
"2008-07-06 13:00:00 C:\WINDOWS\Tasks\A2F14B36918AC6BA.job"
- c:\docume~1\luca\datiap~1\slowglue\inside sixth frag.exe
"2008-07-06 13:22:01 C:\WINDOWS\Tasks\Verifica aggiornamenti per Windows Live Toolbar.job"
- C:\Programmi\Windows Live Toolbar\MSNTBUP.EXE
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{7A3A9C78-3715-4FAB-A21F-150DBD3D3D90} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-06 15:43:26
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2008-07-06 15.44.54
ComboFix-quarantined-files.txt 2008-07-06 13:44:49

15 Directory 36,208,877,568 byte disponibili
17 Directory 36,416,217,088 byte disponibili

171

---

ComboFix 08-07-05.1 - Luca 2008-07-06 15.41.32.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.324 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Luca\Documenti\ComboFix.exe
* Creato nuovo punto di ripristino

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
ADS - WINDOWS: deleted 0 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Menu Avvio\Programmi\MessengerSkinner
C:\Documents and Settings\All Users\Menu Avvio\Programmi\MessengerSkinner\Condizioni generali.url
C:\Documents and Settings\All Users\Menu Avvio\Programmi\MessengerSkinner\Disinstalla.lnk
C:\Documents and Settings\All Users\Menu Avvio\Programmi\MessengerSkinner\MessengerSkinner.lnk
C:\Documents and Settings\All Users\Menu Avvio\Programmi\MessengerSkinner\Riservatezza.url
C:\Documents and Settings\All Users\Menu Avvio\Programmi\MessengerSkinner\Website.url
C:\Documents and Settings\Luca\Documenti\File ricevuti\Drivers\LAN_Realtek_5_649_0615_2006\WIN2000\_desktop.ini
C:\Documents and Settings\Luca\Documenti\File ricevuti\Drivers\LAN_Realtek_5_649_0615_2006\WIN98SE\_desktop.ini
C:\Documents and Settings\Luca\Documenti\File ricevuti\Drivers\LAN_Realtek_5_649_0615_2006\WINME\_desktop.ini
C:\Documents and Settings\Luca\Documenti\File ricevuti\Drivers\LAN_Realtek_5_649_0615_2006\WINXP\_desktop.ini
c:\Documents and Settings\Luca\Impostazioni locali\Dati applicazioni\mgmaq.dat
c:\documents and settings\luca\impostazioni locali\dati applicazioni\mgmaq.exe
c:\Documents and Settings\Luca\Impostazioni locali\Dati applicazioni\mgmaq_nav.dat
c:\Documents and Settings\Luca\Impostazioni locali\Dati applicazioni\mgmaq_navps.dat
C:\WINDOWS\OPTIONS\CABS\_desktop.ini

.
((((((((((((((((((((((((( Files Creati Da 2008-06-06 al 2008-07-06 )))))))))))))))))))))))))))))))))))
.

2008-07-06 14:29 . 2008-07-06 14:29 469 --a------ C:\WINDOWS\wininit.ini
2008-07-06 11:24 . 2008-07-06 11:24 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-07-06 11:06 . 2008-07-06 11:06 <DIR> d-------- C:\Programmi\CCleaner
2008-07-06 11:01 . 2008-07-06 11:01 <DIR> d-------- C:\Programmi\Spybot - Search & Destroy
2008-07-06 11:01 . 2008-07-06 11:01 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-07-06 10:46 . 2008-03-17 19:23 39,808 --a------ C:\WINDOWS\system32\drivers\VIRAGTLT.SYS
2008-07-06 10:45 . 2008-07-06 15:30 <DIR> d-------- C:\VEXPLITE
2008-07-04 23:17 . 2008-07-04 23:17 <DIR> d-------- C:\Programmi\Trend Micro
2008-07-01 14:12 . 2008-07-01 14:12 <DIR> d-------- C:\Programmi\File comuni\Adobe
2008-06-28 15:33 . 2008-06-28 15:33 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-06-28 15:32 . 2008-06-28 15:32 <DIR> d-------- C:\Programmi\File comuni\Skype
2008-06-28 14:07 . 2008-06-28 14:43 <DIR> d-------- C:\Documents and Settings\Luca\Dati applicazioni\PowerChallenge
2008-06-27 13:48 . 2008-06-29 20:31 <DIR> d-------- C:\Programmi\Windows Live Safety Center
2008-06-26 18:22 . 2008-06-27 16:48 <DIR> d-------- C:\Programmi\Lavasoft(2)
2008-06-26 00:53 . 2008-06-27 16:48 <DIR> d-------- C:\Programmi\Football Generation
2008-06-26 00:36 . 2008-06-27 16:48 <DIR> d-------- C:\Programmi\Il Gioco dei Pacchi
2008-06-26 00:36 . 2008-06-26 09:42 8 --a------ C:\WINDOWS\system32\PackGame.tmp
2008-06-25 13:00 . 2008-06-27 16:48 <DIR> d-------- C:\Programmi\Smart_PC
2008-06-25 12:23 . 2008-07-06 09:13 <DIR> d-------- C:\Documents and Settings\Luca\Dati applicazioni\Lavasoft
2008-06-25 11:11 . 2008-06-25 11:11 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\SweetIM
2008-06-22 20:12 . 2008-06-22 20:12 <DIR> d-------- C:\Programmi\SLOWGLUE
2008-06-20 10:51 . 2008-06-20 10:51 121,439 --a------ C:\WINDOWS\system32\63F15B6B14AF427FA17CCE7D54235929
2008-06-20 10:34 . 2008-06-20 10:35 <DIR> d-------- C:\Virtual
2008-06-20 10:32 . 2008-06-20 11:35 <DIR> d-a------ C:\Programmi\securedie
2008-06-20 10:32 . 2008-06-20 11:35 <DIR> d-------- C:\Programmi\Secured IE
2008-06-20 10:32 . 2008-06-20 11:35 <DIR> d-------- C:\Programmi\BufferZone
2008-06-19 15:58 . 2008-06-19 15:58 <DIR> d-------- C:\Documents and Settings\simone\Dati applicazioni\Ahead
2008-06-18 22:00 . 2008-06-18 22:00 <DIR> d-------- C:\Programmi\Web Hottest Videos Personal Player
2008-06-16 20:14 . 2008-06-16 20:17 1,685 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-06-16 18:29 . 2008-06-16 18:29 1,208 --a------ C:\WINDOWS\mozver.dat
2008-06-16 18:20 . 2008-06-16 18:20 <DIR> d-------- C:\Documents and Settings\Luca\Dati applicazioni\.wyzo
2008-06-16 18:20 . 2008-06-16 18:20 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-16 18:11 . 2008-07-06 11:28 <DIR> d-a------ C:\Documents and Settings\All Users\Dati applicazioni\Admin Inter 1 Mags
2008-06-16 18:10 . 2008-06-16 18:14 <DIR> d-------- C:\Programmi\BitDownload
2008-06-16 17:32 . 2008-06-27 18:02 <DIR> d-------- C:\Programmi\Thoosje Sidebar V2.3
2008-06-16 14:11 . 2008-06-16 20:17 29,523 --a------ C:\WINDOWS\BricoPackUninst.cmd
2008-06-16 14:10 . 2008-06-16 20:15 3,932,214 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
2008-06-16 14:07 . 2008-06-16 20:13 <DIR> d-------- C:\WINDOWS\BricoPacks
2008-06-16 10:27 . 2008-06-16 10:27 <DIR> d-------- C:\Programmi\Conduit
2008-06-15 12:02 . 2008-06-27 21:21 <DIR> d-------- C:\Documents and Settings\simone\Contacts
2008-06-14 17:41 . 2008-06-14 17:41 <DIR> d-------- C:\Programmi\Multi_Media_Italy
2008-06-14 15:15 . 2008-06-14 16:59 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-06-14 11:57 . 2008-06-18 20:37 <DIR> d-------- C:\Programmi\Incomplete

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-03 12:42 --------- d--h--w C:\Programmi\FX Uninstall Information
2008-07-01 12:22 --------- d-----w C:\Documents and Settings\Luca\Dati applicazioni\AdobeUM
2008-06-28 17:42 --------- d-----w C:\Documents and Settings\Luca\Dati applicazioni\LimeWire
2008-06-28 17:40 --------- d-----w C:\Programmi\eMule
2008-06-28 13:41 --------- d-----w C:\Documents and Settings\Luca\Dati applicazioni\Skype
2008-06-28 13:33 --------- d-----w C:\Documents and Settings\Luca\Dati applicazioni\skypePM
2008-06-27 14:59 --------- d-----w C:\Programmi\Online_TV
2008-06-27 08:55 --------- d-----w C:\Programmi\Windows Live
2008-06-27 08:49 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2008-06-25 22:53 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-06-18 17:43 --------- d-----w C:\Programmi\LimeWire
2008-06-16 12:11 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-06-03 20:55 --------- d-----w C:\Documents and Settings\simone\Dati applicazioni\InterVideo
2008-06-02 11:06 --------- d-----w C:\Documents and Settings\simone\Dati applicazioni\ZipGenius
2008-06-01 11:24 --------- d-----w C:\Documents and Settings\simone\Dati applicazioni\ATI
2008-05-30 11:17 --------- d-----w C:\Programmi\Panzers
2008-05-26 18:00 --------- d-----w C:\Documents and Settings\Luca\Dati applicazioni\Nero
2008-05-26 17:51 --------- d-----w C:\Programmi\Heart Of Darkness Mini-Gioco
2008-05-23 12:45 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\CanonIJPLM
2008-01-12 17:31 32 ----a-w C:\Documents and Settings\All Users\Dati applicazioni\ezsid.dat
2007-08-02 17:47 16,384 -csha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2007-08-02 17:47 32,768 -csha-w C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat
2007-08-02 17:47 32,768 -csha-w C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012007080220070803\index.dat
2007-08-02 17:47 32,768 -csha-w C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
2007-12-10 14:46 1510424 --a------ C:\Programmi\P2P_Energy\tbP2P_.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2007-12-02 16:12 394672 --a------ C:\Programmi\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "C:\Programmi\P2P_Energy\tbP2P_.dll" [2007-12-10 14:46 1510424]

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2BAE58C2-79F9-45D1-A286-81F911301C3A}"= "C:\Programmi\P2P_Energy\tbP2P_.dll" [2007-12-10 14:46 1510424]

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:39 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 16:14 147456]
"TypingSatellite"="C:\Programmi\TypingMaster\KBOOST.EXE" [2005-06-27 14:52 762368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 17:41 45056]
"AzMixerSel"="C:\Programmi\Realtek\InstallShield\AzMixerSel.exe" [2006-04-15 13:35 53248]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 15:00 79224]
"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"VIRIT LITE MONITOR"="C:\VEXPLITE\MONLITE.EXE" [2008-07-06 10:48 245760]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 14:54 16248320 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:39 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.JDCT"= jl_jdct.drv

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\InterVideo\\DVD6\\WinDVD.exe"=
"C:\\Programmi\\eMule\\emule.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Programmi\\LimeWire\\LimeWire.exe"=
"C:\\Programmi\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"C:\\Programmi\\Skype\\Phone\\Skype.exe"=

R0 VIRAGTLT;VIRAGTLT;C:\WINDOWS\system32\drivers\VIRAGTLT.SYS [2008-03-17 19:23]
R2 IJPLMSVC;PIXMA Extended Survey Program;C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE [2006-11-10 08:12]
R2 viritsvclite;Virit eXplorer Lite;C:\VEXPLITE\viritsvc.exe [2008-07-06 10:48]
S3 camvid20;Philips ToUcam Camera; Video;C:\WINDOWS\system32\DRIVERS\camdrv21.sys []
S3 JL2005C;Dual Mode Camera;C:\WINDOWS\system32\Drivers\jl2005c.sys [2006-06-18 14:44]
S3 usbscan;Driver scanner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 USBSTOR;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

*Newly Created Service* - CATCHME
.
Contenuto della cartella 'Scheduled Tasks'
"2008-07-06 13:00:00 C:\WINDOWS\Tasks\A2F14B36918AC6BA.job"
- c:\docume~1\luca\datiap~1\slowglue\inside sixth frag.exe
"2008-07-06 13:22:01 C:\WINDOWS\Tasks\Verifica aggiornamenti per Windows Live Toolbar.job"
- C:\Programmi\Windows Live Toolbar\MSNTBUP.EXE
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{7A3A9C78-3715-4FAB-A21F-150DBD3D3D90} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-06 15:43:26
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2008-07-06 15.44.54
ComboFix-quarantined-files.txt 2008-07-06 13:44:49

15 Directory 36,208,877,568 byte disponibili
17 Directory 36,416,217,088 byte disponibili


171

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15.46.58, on 06/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE
C:\WINDOWS\system32\svchost.exe
C:\VEXPLITE\viritsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.it/bb/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: P2P Energy Toolbar - {2BAE58C2-79F9-45D1-A286-81F911301C3A} - C:\Programmi\P2P_Energy\tbP2P_.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Programmi\P2P_Energy\tbP2P_.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Programmi\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Encarta Web Companion Oggetto helper - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Programmi\File comuni\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Programmi\File comuni\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Programmi\P2P_Energy\tbP2P_.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [TypingSatellite] "C:\Programmi\TypingMaster\KBOOST.EXE"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barra di ricerca di Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe

--
End of file - 7550 bytes

salve r16, ti mando il log di virit (che mi ero scordato )


VirIT eXplorer Lite Log

[SCANSIONE DELLA MEMORIA]
OK
[SCANSIONE DELLA MEMORIA]
OK
[SCANSIONE DELLA MEMORIA]
OK

---

06/07/2008 - 11:13:35

[SCANSIONE DEL REGISTRO]
{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} Infetto da Trojan.Win32.HotBar.AE
* * * RIMOSSO * * *

[E:]


Chiavi Registro infette: 1.
Files Infetti: 0.
Files Sospetti: 0.
Files Analizzati: 0.
Files Totali: 0.
Chiavi Registro rimosse: 1.
Virus Rimossi: 0.

---

06/07/2008 - 11:14:11

[SCANSIONE DEL REGISTRO]
OK

[D:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK

D:\Programmi Tino\Programmi 2007\Gestione PC\Winrar341\Uninstall.Exe Infetto da Backdoor.PoeBot.D
* * * RIMOSSO * * *

Chiavi Registro infette: 0.
Files Infetti: 1.
Files Sospetti: 0.
Files Analizzati: 20363.
Files Totali: 20363.
Chiavi Registro rimosse: 0.
Virus Rimossi: 1.

---

06/07/2008 - 11:28:10

[SCANSIONE DEL REGISTRO]
OK

[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK

C:\Documents and Settings\All Users\Dati applicazioni\Admin Inter 1 Mags\SURF VC.exe Infetto da Trojan.Win32.Swizzor.BH
* * * RIMOSSO * * *
C:\Programmi\Trend Micro\HijackThis\backups\backup-20080706-100958-616.dll Infetto da BHO.Shopper.D
* * * RIMOSSO * * *
C:\RECYCLER\S-1-5-21-746137067-926492609-725345543-1003\Dc5\aoiaddxf.exe Infetto da Trojan.Win32.Swizzor.BH
* * * RIMOSSO * * *

Chiavi Registro infette: 0.
Files Infetti: 3.
Files Sospetti: 0.
Files Analizzati: 81285.
Files Totali: 81285.
Chiavi Registro rimosse: 0.
Virus Rimossi: 3.

[SCANSIONE DELLA MEMORIA]
OK

ok , ora provero a vedere se le fetecchie sono sparite o no poi ti faro sapere , grazie