Già che ci sei, elimina anche questi:
c:\documents and settings\All Users\Dati applicazioni\FreeRIP
c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\EmailScanner.dll
c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\EmailScannerBridge.dll
c:\documents and settings\All Users\Dati applicazioni\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
c:\documents and settings\All Users\Dati applicazioni\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe

Tutto quello che vedi marcato Lavasoft oppure Ad-Aware

Quelli sono "rimasugli" del software Ad-Aware, prodotto dalla casa Lavasoft .
Mi sà che è stato fatto tutto per niente....

Se fosse così, disistalla tutti i programmi che hai installato, dopo che si hanno verificato quelle anomalie.
Fai una pulizia con CCleaner, (registro compreso).
E, purtroppo, altra scansione con Combofix.

E' passata una mezz'oretta e.... si ferma ancora nello scrivere, nello scorrere delle pagine ecc.
Tutto come prima. Bel guaio

E se fosse Kaspersky?
Senti, hai fatto 30, fai 31.....
Disistalla Kaspersky.
Fai una pulizia con CCleaner.

Scarica Avira:
http://www.aiutamici.com/software?ID=10908

Lo configuri esattamente come in questa guida:
http://www.jacksoft.altervista.org/varie/configurareantivir/antivir.htm
Fai una scansione completa , e posta il log.
Male che vada, disistalliamo Avira, e reistalli Kaspersky.

Non importa se lo hai da 1 anno.
In 1 anno, ci sono vari aggiornamenti.
E forse la colpa può essere di uno di quegli aggiornamenti.
Comunque, provale tutte.

Io non l'ho presa assolutamente, come una tua scortesia.....
Dov'è la tua scortesia?
Io non la vedo.....

quando avverti il rallentamento apri il task manager e guarda quali processi stanno assorbendo risorse(ctrl+alt+canc) e a quanto è il ciclo idle del sistema.

hai scritto:"E' vero le posso provare tutte, ma Kaspersky è installato da più di un anno e non ha dato mai problemi, anzi.."
visto quello che è emerso dalle varie scansioni,e il titolo del post che lascia intendere che qualche infezione l avessi gia eliminata tu ,temo che ci sia qualcosa che non quadra nel tuo kaspersky,forse i settaggi,forse qualcos altro....io farei come ti ha suggerito r16,poi vedi un po tu.

hai fatto lo scandisk con correzione errori ?
Potresti anche provare a fare una scansione rapida e poi completa con DRWEW Cureit!, a volte scova ragnetti nascosti.
Dopo aver fatto questo, se ci sono ancora problemi, si potrebbe dare una pulita apporfondita al registro con un buon software che ti dirò in seguito.

Potresti ripostare il Log hijackthis?

Impazzito, il mouse si fermava a metà schermo e non si riusciva a spostare che con grande fatica.
Ho fatto il giro con combofix e poi ho disinstallato Kaspersky, riavviato e riinstallato.
Sembra andare bene, oramai l'ho detto troppe volte, vediamo .... To Be Continued

ComboFix 10-03-19.07 - 6750 25/03/2010 18.51.46.9.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2038.1484 [GMT 1:00]
Eseguito da: c:\documents and settings\6750\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\413.JPG
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\589.JPG
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\621.JPG
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\AO2B.tmp
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\AO2C.tmp
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\AO2D.tmp
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\AO2E.tmp
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\AO2F.tmp
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Articolo dal Cittadino pag.1(1).jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Articolo dal Cittadino pag.1(2).jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Articolo dal Cittadino pag.1.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Articolo dal Cittadino pag.2(1).jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Articolo dal Cittadino pag.2(2).jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Articolo dal Cittadino pag.2.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\att160.doc
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\att17.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\bello fuori.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\biffiarte nero small.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Descrizione Collezione didattica Museo(1).jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Descrizione Collezione didattica Museo.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Didocentrico postcard.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fm26
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fm27
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fm28
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fm2D
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fm2E
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fm2F
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fmB7
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\leftbg(03-25-14-19-02).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\leftbg(03-25-14-57-49).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\leftbg(03-25-15-03-47).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\leftbg(03-25-15-07-45).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\leftbg(03-25-15-18-19).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\leftbg(03-25-17-41-51).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\leftbg(03-25-17-51-50).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\leftbg.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Presentazione Collezione didattica Museo(1).jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Presentazione Collezione didattica Museo.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Proposte_attività(1).jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Proposte_attività(2).jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Proposte_attività.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\rightbg(03-25-14-19-02).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\rightbg(03-25-14-57-49).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\rightbg(03-25-15-03-47).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\rightbg(03-25-15-07-45).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\rightbg(03-25-15-18-19).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\rightbg(03-25-17-41-51).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\rightbg(03-25-17-51-50).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\rightbg.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\scrollbar.css
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\scuola primaria buono.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\toppic(03-25-14-19-02).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\toppic(03-25-14-57-49).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\toppic(03-25-15-03-47).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\toppic(03-25-15-07-45).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\toppic(03-25-15-18-19).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\toppic(03-25-17-41-51).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\toppic(03-25-17-51-50).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\toppic.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-24-17-40-18).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-24-17-40-25)(1).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-24-17-40-25).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-24-17-40-29).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-24-17-40-38).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-24-17-40-41).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-24-18-06-26).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-24-18-06-40).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-24-18-06-45).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-24-18-06-53).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-24-18-06-58).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-24-18-07-52).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-14-06-58).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-14-07-06).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-14-07-17).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-14-07-21).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-14-07-22).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-14-07-23).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-14-07-24).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-14-07-45).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-14-07-48)(1).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-14-07-48).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-14-15-36).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-14-19-02).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-14-57-49).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-15-03-47).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-15-06-55).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-15-06-58).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-15-07-45).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-15-17-54).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-15-18-16).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-15-18-17).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-15-18-19).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-15-18-21).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-15-18-23).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-15-18-29).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-16-16-30).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-16-16-37).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-17-41-51).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-17-47-16).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-17-51-50).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-25-17-51-52).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown.htm

.
((((((((((((((((((((((((( Files Creati Da 2010-02-25 al 2010-03-25 )))))))))))))))))))))))))))))))))))
.

2010-03-25 15:18 . 2010-03-25 15:23 -------- d-----w- C:\FirefoxPortable
2010-03-25 15:12 . 2010-03-25 15:16 -------- d-----w- C:\GestNewsletter
2010-03-25 14:55 . 2007-12-24 21:22 317520 ----a-w- c:\windows\system32\AddEmail.dll
2010-03-25 14:54 . 2010-03-25 14:54 -------- d-----w- c:\programmi\PesaroSystem
2010-03-25 14:51 . 2010-03-25 14:53 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\SmartDraw
2010-03-25 14:51 . 2010-03-25 14:51 -------- d-----w- c:\documents and settings\6750\System
2010-03-25 07:39 . 2010-03-25 07:39 -------- d-----w- c:\programmi\InCode Solutions
2010-03-23 14:11 . 2010-03-23 14:11 -------- d-----w- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Installer3748
2010-03-23 14:02 . 2010-03-23 14:02 79776 ----a-w- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-03-20 15:00 . 2010-03-20 15:00 -------- d-----w- c:\programmi\p-nand-q.com
2010-03-20 12:17 . 2010-03-20 12:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Autorun Eater
2010-03-19 23:31 . 2010-03-19 23:31 -------- d-----w- c:\programmi\Your Company Name
2010-03-19 23:31 . 2010-03-19 23:31 -------- d-----w- c:\programmi\eDisplay
2010-03-19 22:16 . 2010-03-19 22:16 -------- d-----w- c:\programmi\Arclab
2010-03-15 20:54 . 2010-03-15 20:54 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2010-03-15 20:50 . 2010-03-15 20:50 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Google
2010-03-15 20:49 . 2010-03-15 20:50 -------- d-----w- c:\programmi\Google
2010-03-11 16:53 . 2010-03-11 16:53 540568 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2010-03-10 19:13 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-03-10 19:13 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-03-10 19:13 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-03-10 19:13 . 2010-02-02 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-03-10 19:12 . 2010-03-10 19:16 -------- d-----w- c:\programmi\K-Lite Codec Pack
2010-03-09 22:06 . 2010-03-09 22:06 -------- d-----w- c:\programmi\Lame for Audacity
2010-03-09 19:10 . 2010-03-09 19:10 -------- d-----w- C:\MAGIX
2010-03-09 17:32 . 2010-03-11 13:44 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Audacity
2010-03-09 17:32 . 2010-03-09 17:32 -------- d-----w- c:\programmi\Audacity 1.3 Beta (Unicode)
2010-03-07 22:42 . 2010-03-07 22:42 -------- d-----w- c:\programmi\DIFX
2010-03-07 22:42 . 2010-03-07 22:42 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Phase One
2010-03-02 22:38 . 2010-03-02 22:40 -------- d-----w- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\WebPage
2010-03-02 17:29 . 2010-03-02 17:29 -------- d-----w- c:\programmi\MPC HomeCinema
2010-03-02 17:26 . 2010-03-02 17:26 38784 ----a-w- c:\documents and settings\Default User\Dati applicazioni\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-03-02 17:26 . 2010-03-02 17:26 -------- d-----w- c:\programmi\File comuni\Adobe AIR
2010-03-02 17:24 . 2010-03-02 17:26 38784 ----a-w- c:\documents and settings\6750\Dati applicazioni\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-25 17:40 . 2009-04-08 21:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2010-03-25 17:34 . 2009-04-08 21:10 3973152 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2010-03-25 17:34 . 2009-04-08 21:10 107564 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2010-03-25 17:34 . 2009-04-08 21:10 29449760 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-03-25 17:34 . 2009-04-08 21:10 293960 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-03-24 21:55 . 2009-04-16 22:37 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\FileZilla
2010-03-24 17:46 . 2009-11-27 11:43 1 ----a-w- c:\documents and settings\6750\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-03-24 13:19 . 2009-05-10 19:38 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\uTorrent
2010-03-23 16:26 . 2009-04-21 21:09 -------- d-----w- c:\programmi\DivX
2010-03-23 16:04 . 2009-04-08 21:04 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-03-23 16:04 . 2010-01-11 17:00 0 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLdw.DAT
2010-03-23 16:03 . 2009-05-31 07:53 -------- d-----w- c:\programmi\StartEd
2010-03-23 16:02 . 2009-09-09 10:50 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Spider Player
2010-03-23 16:02 . 2010-01-26 16:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Cakewalk
2010-03-23 15:59 . 2009-05-23 14:59 -------- d-----w- c:\programmi\File comuni\muvee Technologies
2010-03-23 15:55 . 2009-12-22 11:16 -------- d-----w- c:\programmi\MAGIX
2010-03-23 15:55 . 2009-12-22 11:16 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\MAGIX
2010-03-23 15:51 . 2009-04-20 15:49 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2010-03-23 15:51 . 2009-08-02 06:24 -------- d-----w- c:\programmi\IKEA HomePlanner
2010-03-23 15:49 . 2009-05-23 15:48 -------- d-----w- c:\programmi\HOTALBUMMyBOX
2010-03-23 15:48 . 2009-05-23 15:45 -------- d-----w- c:\programmi\CASIO
2010-03-23 15:46 . 2009-05-11 17:15 -------- d--h--w- c:\programmi\Freedom Scientific Installation Information
2010-03-23 15:46 . 2009-05-11 17:14 -------- d-----w- c:\programmi\Freedom Scientific
2010-03-23 15:42 . 2009-09-29 14:32 -------- d-----w- c:\programmi\Mozilla Thunderbird
2010-03-23 15:33 . 2009-05-05 21:28 -------- d-----w- c:\programmi\AVS4YOU
2010-03-23 15:33 . 2009-05-05 21:28 -------- d-----w- c:\programmi\File comuni\AVSMedia
2010-03-23 15:31 . 2010-01-09 14:16 -------- d-----w- c:\programmi\AnfyTeam
2010-03-20 08:22 . 2009-11-16 15:53 79776 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-03-18 17:52 . 2009-10-19 16:37 -------- d-----w- c:\programmi\File comuni\DVDVideoSoft
2010-03-18 17:45 . 2009-05-07 18:59 -------- d-----w- c:\programmi\RipTiger
2010-03-18 17:43 . 2009-12-30 12:50 -------- d-----w- c:\programmi\eBay
2010-03-18 16:48 . 2009-08-28 22:31 -------- d-----w- c:\programmi\PHPNukeIT
2010-03-17 17:56 . 2009-08-02 16:09 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-03-16 23:02 . 2009-05-13 14:06 -------- d-----w- c:\programmi\Direct MIDI to MP3 Converter
2010-03-16 23:01 . 2009-04-08 22:21 -------- d-----w- c:\programmi\eMule
2010-03-16 23:00 . 2009-10-01 13:50 -------- d-----w- c:\programmi\e107 Theme Creator Beta
2010-03-16 23:00 . 2009-10-01 13:52 -------- d-----w- c:\programmi\e107 Tool
2010-03-16 23:00 . 2010-01-12 21:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AppSoft
2010-03-11 16:40 . 2009-05-23 16:20 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\muvee Technologies
2010-03-11 08:57 . 2009-05-23 14:58 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\muvee Technologies
2010-03-11 08:56 . 2009-05-23 14:59 -------- d-----w- c:\programmi\muvee Technologies
2010-03-11 08:11 . 2010-01-11 16:18 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLbx.DAT
2010-03-10 20:57 . 2009-11-19 18:58 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Winamp
2010-03-10 20:56 . 2009-11-19 18:58 -------- d-----w- c:\programmi\Winamp
2010-03-10 19:10 . 2009-04-21 21:25 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\DivX
2010-03-06 20:29 . 2010-01-11 16:34 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLdu.DAT
2010-03-04 07:36 . 2009-07-27 21:49 -------- d-----w- c:\programmi\Microsoft ActiveSync
2010-03-03 14:56 . 2009-10-29 09:27 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-02-27 07:58 . 2009-04-21 21:13 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Any Video Converter
2010-02-25 18:41 . 2009-05-01 14:07 -------- d-----w- c:\programmi\FileZilla FTP Client
2010-02-22 19:10 . 2010-02-22 19:10 50354 ----a-w- c:\documents and settings\6750\Dati applicazioni\Facebook\uninstall.exe
2010-02-22 19:10 . 2010-02-22 19:10 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Facebook
2010-02-18 07:37 . 2010-01-21 22:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DVD Shrink
2010-02-16 21:28 . 2009-04-18 13:34 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\U3
2010-02-16 21:23 . 2010-01-05 12:21 -------- d-----w- c:\programmi\CA VMN Anti-Spyware
2010-02-14 18:46 . 2009-04-08 20:45 -------- d-----w- c:\programmi\microsoft frontpage
2010-02-14 15:15 . 2009-04-08 21:27 -------- d-----w- c:\programmi\Notepad++
2010-02-14 15:15 . 2009-04-08 21:27 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Notepad++
2010-02-10 21:49 . 2010-02-10 21:49 -------- d-----w- c:\programmi\STEARsoft
2010-02-10 19:22 . 2009-12-16 19:29 798 ----a-w- c:\windows\unins000.dat
2010-02-10 10:12 . 2009-06-08 21:13 -------- d-----w- c:\programmi\MSECache
2010-02-07 23:02 . 2009-04-28 15:36 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2010-02-06 08:23 . 2010-02-06 08:22 -------- d-----w- c:\programmi\linguavox
2010-02-06 08:22 . 2009-04-21 22:10 74752 ------w- c:\windows\ST6UNST.EXE
2010-02-03 14:47 . 2009-12-01 12:41 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\QuickScan
2010-02-01 22:04 . 2010-02-01 22:04 847040 ----a-w- c:\documents and settings\6750\Dati applicazioni\Facebook\axfbootloader.dll
2010-02-01 22:04 . 2010-02-01 22:04 5578752 ----a-w- c:\documents and settings\6750\Dati applicazioni\Facebook\npfbplugin_1_0_1.dll
2010-01-31 12:21 . 2010-01-31 12:10 -------- d-----w- c:\programmi\Esplorando 3 Matematica per le medie inferiori
2010-01-31 12:10 . 2010-01-31 12:10 -------- d-----w- c:\programmi\Finson Live Update
2010-01-26 16:36 . 2010-01-26 16:34 -------- d-----w- c:\programmi\Cakewalk
2010-01-26 16:33 . 2010-01-26 16:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ableton
2010-01-26 16:33 . 2010-01-26 16:33 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Ableton
2010-01-25 17:26 . 2010-01-25 17:26 -------- d-----w- c:\programmi\Oversoft
2010-01-24 22:27 . 2009-12-22 12:53 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\ACAMPREF
2010-01-22 18:11 . 2010-01-22 18:11 62800 ----a-w- c:\documents and settings\6750\Dati applicazioni\Mozilla\Firefox\Profiles\n5stigdk.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
2010-01-15 12:49 . 2010-01-15 12:49 1924744 ----a-w- c:\documents and settings\6750\Dati applicazioni\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
2010-01-11 17:01 . 2010-01-11 16:22 49152 ----a-r- c:\documents and settings\6750\Dati applicazioni\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe
2010-01-11 16:35 . 2010-01-11 16:35 335872 ----a-r- c:\documents and settings\6750\Dati applicazioni\Microsoft\Installer\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}\ARPPRODUCTICON.exe
2010-01-11 16:25 . 2010-01-11 16:25 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLck.DAT
2010-01-11 16:21 . 2010-01-11 16:21 57344 ----a-r- c:\documents and settings\6750\Dati applicazioni\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2010-01-07 15:07 . 2009-08-02 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-08-02 16:09 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 17:33 . 2010-01-06 17:33 295424 ----a-w- c:\windows\system32\bwmedia1.dll
2010-01-06 17:33 . 2010-01-06 17:33 150016 ----a-w- c:\windows\system32\bwmedia.dll
2010-01-05 13:42 . 2001-08-31 12:00 80946 ----a-w- c:\windows\system32\perfc010.dat
2010-01-05 13:42 . 2001-08-31 12:00 481680 ----a-w- c:\windows\system32\perfh010.dat
2009-12-31 16:50 . 2008-04-13 10:15 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-09-23 16:47 . 2009-09-23 16:47 28488 ----a-w- c:\programmi\mozilla firefox\plugins\atgpcdec.dll
2009-09-23 16:47 . 2009-09-23 16:47 185240 ----a-w- c:\programmi\mozilla firefox\plugins\atgpcext.dll
2009-09-23 16:50 . 2009-09-23 16:50 46408 ----a-w- c:\programmi\mozilla firefox\plugins\atmccli.dll
2009-09-23 16:47 . 2009-09-23 16:47 99224 ----a-w- c:\programmi\mozilla firefox\plugins\ieatgpc.dll
.

------- Sigcheck -------

[-] 2008-05-08 . 4ED067D8270174E777286A26FECDB3E8 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-03-23_13.05.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-25 17:39 . 2010-03-25 17:39 16384 c:\windows\temp\Perflib_Perfdata_690.dat
+ 2010-03-23 16:37 . 2007-04-16 06:16 57344 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igxprd32.dll
+ 2010-03-23 16:37 . 2007-04-16 04:50 47616 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igfxsrvc.dll
+ 2010-03-23 16:37 . 2007-04-16 04:51 24576 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igfxexps.dll
+ 2010-03-23 16:37 . 2007-04-16 06:16 57344 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igxprd32.dll
+ 2010-03-23 16:37 . 2007-04-16 04:50 47616 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igfxsrvc.dll
+ 2010-03-23 16:37 . 2007-04-16 04:51 24576 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igfxexps.dll
+ 2010-03-23 16:37 . 2007-04-16 06:16 150528 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igxpgd32.dll
+ 2010-03-23 16:37 . 2007-04-16 06:51 204800 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igxpco32.dll
+ 2010-03-23 16:37 . 2007-04-16 05:16 450560 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igldev32.dll
+ 2010-03-23 16:37 . 2007-04-20 05:57 170776 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igfxzoom.exe
+ 2010-03-23 16:37 . 2007-04-20 05:57 142104 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igfxtray.exe
+ 2010-03-23 16:37 . 2007-04-20 05:57 252696 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igfxsrvc.exe
+ 2010-03-23 16:37 . 2007-04-16 04:51 204800 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igfxpph.dll
+ 2010-03-23 16:37 . 2007-04-20 05:57 138008 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igfxpers.exe
+ 2010-03-23 16:37 . 2007-04-20 05:57 166680 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igfxext.exe
+ 2010-03-23 16:37 . 2007-04-16 04:51 135168 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igfxdo.dll
+ 2010-03-23 16:37 . 2007-04-16 04:50 204800 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igfxdev.dll
+ 2010-03-23 16:37 . 2007-04-20 05:57 527128 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igfxcfg.exe
+ 2010-03-23 16:37 . 2007-04-20 05:57 162584 c:\windows\system32\ReinstallBackups\0015\DriverFiles\hkcmd.exe
+ 2010-03-23 16:37 . 2007-04-16 04:50 102400 c:\windows\system32\ReinstallBackups\0015\DriverFiles\hccutils.dll
+ 2010-03-23 16:37 . 2007-04-16 06:16 150528 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igxpgd32.dll
+ 2010-03-23 16:37 . 2007-04-16 06:51 204800 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igxpco32.dll
+ 2010-03-23 16:37 . 2007-04-16 05:16 450560 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igldev32.dll
+ 2010-03-23 16:37 . 2007-04-20 05:57 170776 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igfxzoom.exe
+ 2010-03-23 16:37 . 2007-04-20 05:57 142104 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igfxtray.exe
+ 2010-03-23 16:37 . 2007-04-20 05:57 252696 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igfxsrvc.exe
+ 2010-03-23 16:37 . 2007-04-16 04:51 204800 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igfxpph.dll
+ 2010-03-23 16:37 . 2007-04-20 05:57 138008 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igfxpers.exe
+ 2010-03-23 16:37 . 2007-04-20 05:57 166680 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igfxext.exe
+ 2010-03-23 16:37 . 2007-04-16 04:51 135168 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igfxdo.dll
+ 2010-03-23 16:37 . 2007-04-16 04:50 204800 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igfxdev.dll
+ 2010-03-23 16:37 . 2007-04-20 05:57 527128 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igfxcfg.exe
+ 2010-03-23 16:37 . 2007-04-20 05:57 162584 c:\windows\system32\ReinstallBackups\0014\DriverFiles\hkcmd.exe
+ 2010-03-23 16:37 . 2007-04-16 04:50 102400 c:\windows\system32\ReinstallBackups\0014\DriverFiles\hccutils.dll
+ 2006-11-04 17:35 . 2009-05-18 13:01 670720 c:\windows\system32\MailBee.dll
- 2009-10-22 18:09 . 2010-01-03 17:49 295606 c:\windows\Installer\{AC76BA86-7AD7-1040-7B44-A81300000003}\SC_Reader.exe
+ 2009-10-22 18:09 . 2010-03-23 14:10 295606 c:\windows\Installer\{AC76BA86-7AD7-1040-7B44-A81300000003}\SC_Reader.exe
+ 2007-01-23 09:39 . 2007-01-23 09:39 443904 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7448A3100000030\8.1.3\JP2KLib.dll
+ 2010-03-23 16:37 . 2007-04-16 06:16 5760096 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igxpmp32.sys
+ 2010-03-23 16:37 . 2007-04-16 06:16 2681344 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igxpdx32.dll
+ 2010-03-23 16:37 . 2007-04-16 06:15 1717920 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igxpdv32.dll
+ 2010-03-23 16:37 . 2007-04-16 05:14 2334720 c:\windows\system32\ReinstallBackups\0015\DriverFiles\iglicd32.dll
+ 2010-03-23 16:37 . 2007-04-16 04:50 3293184 c:\windows\system32\ReinstallBackups\0015\DriverFiles\igfxress.dll
+ 2010-03-23 16:37 . 2007-04-16 06:16 5760096 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igxpmp32.sys
+ 2010-03-23 16:37 . 2007-04-16 06:16 2681344 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igxpdx32.dll
+ 2010-03-23 16:37 . 2007-04-16 06:15 1717920 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igxpdv32.dll
+ 2010-03-23 16:37 . 2007-04-16 05:14 2334720 c:\windows\system32\ReinstallBackups\0014\DriverFiles\iglicd32.dll
+ 2010-03-23 16:37 . 2007-04-16 04:50 3293184 c:\windows\system32\ReinstallBackups\0014\DriverFiles\igfxress.dll
+ 2010-03-23 14:12 . 2010-03-23 14:12 1840640 c:\windows\Installer\11f2f.msi
+ 2010-03-23 14:11 . 2010-03-23 14:11 1768448 c:\windows\Installer\11ecf.msi
+ 2010-01-12 22:45 . 2010-01-12 22:45 9680384 c:\windows\Installer\11ec9.msp
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 16126464]
"MaxBlastMonitor.exe"="c:\programmi\Maxtor\MaxBlast\MaxBlastMonitor.exe" [2007-08-30 1190760]
"AcronisTimounterMonitor"="c:\programmi\Maxtor\MaxBlast\TimounterMonitor.exe" [2007-08-30 1966376]
"Acronis Scheduler2 Service"="c:\programmi\File comuni\Maxtor\Schedule2\schedhlp.exe" [2007-08-30 148760]
"CAPON"="c:\windows\system32\Spool\Drivers\w32x86\3\CAPONN.EXE" [2000-04-20 22528]
"AdobeCS4ServiceManager"="c:\programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-02 201992]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-20 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-20 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-20 138008]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

c:\documents and settings\6750\Menu Avvio\Programmi\Esecuzione automatica\
Collegamento a html2pop3.exe (2).lnk - c:\documents and settings\6750\Desktop\html2pop3232win32\html2pop3.exe [2009-4-8 111104]
FastFX Trader.lnk - c:\programmi\FastFX Trader\terminal.exe [2009-5-14 2765520]
ibfx42l.exe.lnk - c:\programmi\Interbank42\terminal.exe [2009-7-10 2765520]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2009-4-25 113664]
Finestra di stato di Canon LBP-800.LNK - c:\windows\system32\spool\drivers\w32x86\3\CAPPSWK.EXE [2009-4-14 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Programmi\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Programmi\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\programmi\Microsoft ActiveSync\rapimgr.exe"= c:\programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programmi\Microsoft ActiveSync\wcescomm.exe"= c:\programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programmi\Microsoft ActiveSync\WCESMgr.exe"= c:\programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\File comuni\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programmi\\Opera\\opera.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [14/04/2009 16.58.59 40464]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17.29.38 33808]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [14/06/2008 18.02.12 17408]
R2 MailList Controller;MailList Controller;c:\programmi\Arclab\MailList Controller\amlcSVC.exe [19/03/2010 23.17.00 2214400]
R2 RapidPort;RapidPort;c:\windows\system32\drivers\CAPLPTN.SYS [20/10/2009 20.36.34 23008]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [08/04/2009 22.06.14 39424]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 18.02.46 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/12/2007 12.28.40 24592]
S2 gupdate;Google Update Service (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [15/03/2010 21.49.44 135664]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\programmi\MAGIX\Common\Database\bin\fbserver.exe [22/12/2009 12.17.45 1527900]
S3 JTVNCProxy_10.0;JTVNCProxy;c:\programmi\Freedom Scientific\JAWS\10.0\JTVNCProxy.exe [22/10/2008 23.22.00 17176]
.
Contenuto della cartella 'Scheduled Tasks'

2010-02-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-03-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-03-15 20:49]

2010-03-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-03-15 20:49]

2010-03-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1580818891-1801674531-1003Core.job
- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-09-17 19:18]

2010-03-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1580818891-1801674531-1003UA.job
- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-09-17 19:18]

2010-03-25 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 14:07]

2010-03-25 c:\windows\Tasks\User_Feed_Synchronization-{BEB02B75-5635-4488-9403-B5782412E6A5}.job
- c:\windows\system32\msfeedssync.exe [2001-08-31 03:31]

2010-03-25 c:\windows\Tasks\User_Feed_Synchronization-{F10321DB-C234-4692-8587-F00FC7DCB7DF}.job
- c:\windows\system32\msfeedssync.exe [2001-08-31 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.igoogle.it/
uInternet Connection Wizard,ShellNext = hxxp://www.incredimail.com/app/?tag=page_app_welcome&lang=16&version=5853823&setup_id=16000002&aff_id=1&addon=IncrediMail
IE: &BOM hinzufügen - c:\\PROGRA~1\\BID-O-~1\\\\AddToBOM.hta
IE: Aggiungi al banner Blocco pubblicità - c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti nel file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Ricerca - c:\programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
IE: Sothink SWF Catcher - c:\programmi\File comuni\SourceTec\SWF Catcher\InternetExplorer.htm
TCP: {6B4864BE-E218-4265-A013-AD9896B69D39} = 151.99.125.1,195.110.128.1
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\6750\Dati applicazioni\Mozilla\Firefox\Profiles\n5stigdk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
FF - prefs.js: browser.search.selectedEngine - Fast Browser Search
FF - prefs.js: browser.startup.homepage - www.igoogle.it
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - component: c:\documents and settings\6750\Dati applicazioni\Mozilla\Firefox\Profiles\n5stigdk.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\programmi\Google\Google Gears\Firefox\lib\ff36\gears.dll
FF - plugin: c:\documents and settings\6750\Dati applicazioni\Facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npatgpc.dll
FF - plugin: c:\programmi\Opera\program\plugins\NPMyrMus.dll
FF - plugin: c:\programmi\Opera\program\plugins\NPMyrMus.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

FF - user.js: browser.sessionstore.resume_from_crash - false
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

AddRemove-Collective2 MT4 - Free Version - c:\programmi\C2MetaTrader\uninstall.exe
AddRemove-Sail Simulator 4.1 - c:\progra~1\Stentec\SAILSI~1.0\UNWISE.EXE
AddRemove-Shockwave - c:\windows\system32\Macromed\SHOCKW~1\UNWISE.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-25 18:59
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
"0140210900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1320)
c:\windows\system32\klogon.dll
c:\programmi\File comuni\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'lsass.exe'(1376)
c:\windows\system32\relog_ap.dll
.
Ora fine scansione: 2010-03-25 19:02:04
ComboFix-quarantined-files.txt 2010-03-25 18:02
ComboFix2.txt 2010-03-23 16:24
ComboFix3.txt 2010-03-23 14:01
ComboFix4.txt 2010-03-23 13:14
ComboFix5.txt 2010-03-25 17:43

Pre-Run: 113.214.058.496 byte disponibili
Post-Run: 113.171.730.432 byte disponibili

- - End Of File - - 5F8A586B7052314927CA91CA5E740A27

ok, però lo faccio domani, ho delle cose che incominciano a gonfiarsi