allora ecco il log di ComboFIX:
ComboFix 08-09-19.09 - alex 2008-09-20 12:33:51.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.2469 [GMT 2:00]
Eseguito da: C:\Documents and Settings\alex\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\Web\default.htt
C:\WINDOWS\winhelp.ini
.
((((((((((((((((((((((((( Files Creati Da 2008-08-20 al 2008-09-20 )))))))))))))))))))))))))))))))))))
.
2008-09-19 22:50 . 2008-09-19 22:50 <DIR> d-------- C:\Programmi\Trend Micro
2008-09-19 22:22 . 2008-09-19 22:22 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\Acronis
2008-09-19 21:59 . 2008-09-19 21:59 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\Uniblue
2008-09-19 20:48 . 2008-09-19 20:48 <DIR> d-------- C:\Documents and Settings\LocalService\Dati applicazioni\Acronis
2008-09-19 20:45 . 2008-09-19 20:45 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Acronis
2008-09-19 20:44 . 2008-09-19 20:44 <DIR> d-------- C:\Programmi\File comuni\Acronis
2008-09-19 20:44 . 2008-09-19 20:44 <DIR> d-------- C:\Programmi\Acronis
2008-09-19 20:44 . 2008-09-19 20:44 441,760 --a------ C:\WINDOWS\system32\drivers\timntr.sys
2008-09-19 20:44 . 2008-09-19 20:44 368,480 --a------ C:\WINDOWS\system32\drivers\tdrpman.sys
2008-09-19 20:44 . 2008-09-19 20:44 129,248 --a------ C:\WINDOWS\system32\drivers\snapman.sys
2008-09-19 20:44 . 2008-09-19 20:44 44,384 --a------ C:\WINDOWS\system32\drivers\tifsfilt.sys
2008-09-18 00:53 . 2008-09-18 00:53 <DIR> d-------- C:\Programmi\PrevxCSI
2008-09-18 00:53 . 2008-09-18 22:56 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\PrevxCSI
2008-09-18 00:53 . 2008-09-18 00:53 17,408 --a------ C:\WINDOWS\system32\drivers\pxark.sys
2008-09-18 00:21 . 2008-09-18 00:21 <DIR> d-------- C:\Programmi\Crawler
2008-09-18 00:20 . 2008-09-20 12:13 <DIR> d-------- C:\Programmi\Spyware Terminator
2008-09-18 00:20 . 2008-09-20 12:13 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Spyware Terminator
2008-09-18 00:20 . 2008-09-20 12:11 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\Spyware Terminator
2008-09-18 00:20 . 2008-09-18 00:20 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-09-18 00:11 . 2008-09-18 00:11 63 --a------ C:\WINDOWS\system\SysSD.dll
2008-09-17 21:07 . 2008-09-17 21:08 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2008-09-17 20:35 . 2008-09-17 21:00 <DIR> d-------- C:\Programmi\EsetOnlineScanner
2008-09-17 20:11 . 2008-09-17 20:15 <DIR> d-------- C:\Documents and Settings\alex\.housecall6.6
2008-09-17 16:20 . 2008-09-17 16:26 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-09-17 16:20 . 2008-09-17 16:26 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2008-09-17 16:15 . 2008-09-17 16:15 <DIR> d-------- C:\Programmi\Xvid
2008-09-17 16:15 . 2008-04-27 10:33 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-09-17 16:15 . 2008-04-27 10:35 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-09-17 16:15 . 2007-06-28 18:55 77,824 --a------ C:\WINDOWS\system32\xvid.ax
2008-09-17 14:42 . 2008-04-11 21:04 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-09-17 14:42 . 2008-05-01 16:34 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-09-17 14:42 . 2008-06-14 19:32 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-09-17 14:42 . 2008-05-08 16:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-09-17 13:16 . 2008-04-14 04:12 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-09-17 13:15 . 2008-09-17 13:15 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-09-17 13:15 . 2008-09-17 13:15 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-09-17 13:15 . 2008-09-17 13:15 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-09-17 13:15 . 2008-09-17 13:15 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-09-17 13:15 . 2008-09-17 13:15 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-09-17 13:14 . 2004-08-19 15:00 16,384 --a--c--- C:\WINDOWS\system32\dllcache\isignup.exe
2008-09-17 13:07 . 2004-08-19 15:00 1,086,058 -ra------ C:\WINDOWS\SET73.tmp
2008-09-17 13:07 . 2004-08-19 15:00 1,014,202 -ra------ C:\WINDOWS\SET70.tmp
2008-09-17 10:00 . 2008-09-17 10:00 <DIR> d-------- C:\Programmi\iolo
2008-09-17 10:00 . 2008-09-17 10:00 <DIR> d-------- C:\Documents and Settings\LocalService\Dati applicazioni\iolo
2008-09-17 10:00 . 2008-09-09 10:15 922,464 --a------ C:\WINDOWS\system32\Incinerator.dll
2008-09-17 10:00 . 2008-06-16 19:21 29,696 --a------ C:\WINDOWS\system32\iolobtdfg.exe
2008-09-17 10:00 . 2008-09-09 16:45 8,192 --a------ C:\WINDOWS\system32\smrgdf.exe
2008-09-17 10:00 . 2008-09-17 10:00 406 --a------ C:\WINDOWS\system32\ioloBootDefrag.cfg
2008-09-17 09:59 . 2008-09-17 09:59 74,703 --a------ C:\WINDOWS\system32\mfc45.dll
2008-09-17 09:56 . 2008-09-17 10:00 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\iolo
2008-09-17 09:56 . 2008-09-17 10:42 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\iolo
2008-09-17 09:50 . 2008-09-17 09:50 <DIR> d-------- C:\WINDOWS\system32\VIRepair
2008-09-17 09:50 . 2008-09-17 09:50 <DIR> d-------- C:\WINDOWS\Performance
2008-09-17 09:50 . 2008-09-17 09:50 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Microsoft Corporation
2008-09-17 09:30 . 2008-09-17 09:50 <DIR> d-------- C:\Programmi\Microsoft Windows Vista Upgrade Advisor
2008-09-17 09:17 . 2008-09-17 09:18 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\ViStart
2008-09-17 09:14 . 2008-09-17 09:14 <DIR> d-------- C:\Programmi\WinFlip
2008-09-17 09:14 . 2008-09-17 09:14 <DIR> d-------- C:\Programmi\TrueTransparency
2008-09-17 09:14 . 2008-09-17 09:50 <DIR> d-------- C:\Programmi\Styler
2008-09-17 09:14 . 2008-09-17 09:14 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\Styler
2008-09-17 09:12 . 2008-09-17 09:12 78,942 --a------ C:\WINDOWS\Icon_1.ico
2008-09-17 09:11 . 2008-09-17 09:50 <DIR> d-------- C:\WINDOWS\system32\VITrans
2008-09-17 09:11 . 2008-09-17 09:16 <DIR> d-------- C:\VTPFiles
2008-09-17 09:11 . 2006-12-03 17:15 111,104 --a------ C:\WINDOWS\system32\Uharc.exe
2008-09-17 09:11 . 2006-12-03 17:15 69,632 --a------ C:\WINDOWS\system32\moveex.exe
2008-09-17 09:11 . 2006-12-03 17:15 19,968 --a------ C:\WINDOWS\system32\reico.exe
2008-09-17 09:11 . 2006-12-03 17:14 8,636 --a------ C:\WINDOWS\system32\modifype.exe
2008-09-16 15:00 . 2008-09-16 15:00 <DIR> d-------- C:\Programmi\Infogrames
2008-09-15 23:21 . 2008-09-15 23:21 <DIR> d-------- C:\Programmi\IObit
2008-09-11 11:26 . 2008-09-11 11:26 <DIR> d-------- C:\Programmi\AbiSuite2
2008-09-11 11:26 . 2008-09-11 11:26 <DIR> d-------- C:\Documents and Settings\alex\AbiSuite
2008-09-11 11:10 . 2008-08-21 20:41 1,221,008 --a------ C:\WINDOWS\system32\zpeng25.dll
2008-09-11 01:11 . 2008-09-11 01:11 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\AltrixSoft
2008-09-10 21:01 . 2008-09-17 10:57 <DIR> d-------- C:\Programmi\File comuni\Symantec Shared
2008-09-10 21:01 . 2008-09-10 21:07 10,671 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-09-10 21:01 . 2008-09-10 21:07 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-09-10 19:30 . 2008-09-10 19:30 <DIR> d-------- C:\Programmi\CheckIt
2008-09-05 20:32 . 2008-09-05 20:32 <DIR> d-------- C:\Programmi\Audacity
2008-09-05 20:28 . 2008-09-05 20:49 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\gtk-2.0
2008-09-05 08:43 . 2008-09-05 08:43 <DIR> d-------- C:\Programmi\Paint.NET
2008-09-05 08:22 . 2008-09-10 11:43 <DIR> d-------- C:\Programmi\Picasa2
2008-09-05 08:22 . 2006-10-05 04:42 2,560 --a------ C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-09-05 08:22 . 2006-10-05 04:42 2,432 --a------ C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-09-04 10:24 . 2008-09-04 10:24 <DIR> d-------- C:\Programmi\File comuni\Adobe AIR
2008-09-03 21:39 . 2008-09-03 21:39 <DIR> d-------- C:\Programmi\filehippo.com
2008-09-03 20:26 . 2008-09-19 10:40 <DIR> d-------- C:\Programmi\Spyware Doctor
2008-09-03 20:26 . 2008-09-03 20:26 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\PC Tools
2008-09-03 20:26 . 2008-06-10 21:22 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-09-03 20:26 . 2008-06-02 15:19 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-09-03 20:26 . 2008-06-02 15:19 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-09-03 20:26 . 2008-06-02 15:19 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-09-03 20:25 . 2008-09-18 23:24 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Google Updater
2008-09-03 17:31 . 2008-09-03 17:31 <DIR> d-------- C:\Programmi\Telecom Italia
2008-09-03 16:21 . 2008-09-03 16:21 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\KC Softwares
2008-09-03 16:17 . 2008-09-03 16:17 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\GlarySoft
2008-09-03 16:15 . 2008-09-19 10:55 <DIR> d-------- C:\Programmi\Glary Utilities
2008-09-03 16:14 . 2008-09-03 16:14 <DIR> d-------- C:\Programmi\KC Softwares
2008-09-03 11:52 . 2008-09-03 11:52 268 --ah----- C:\sqmdata02.sqm
2008-09-03 11:52 . 2008-09-03 11:52 244 --ah----- C:\sqmnoopt02.sqm
2008-09-03 11:11 . 2008-09-03 17:28 <DIR> d-------- C:\Programmi\Mozilla Firefox(2)
2008-09-02 20:05 . 2008-09-02 20:05 268 --ah----- C:\sqmdata01.sqm
2008-09-02 20:05 . 2008-09-02 20:05 244 --ah----- C:\sqmnoopt01.sqm
2008-09-02 18:24 . 2008-09-02 18:24 244 --ah----- C:\sqmnoopt00.sqm
2008-09-02 18:24 . 2008-09-02 18:24 232 --ah----- C:\sqmdata00.sqm
2008-08-31 13:57 . 2008-09-03 17:31 <DIR> d-------- C:\Programmi\Telecom Italia(2)
2008-08-31 08:55 . 2008-08-31 08:55 <DIR> d-------- C:\Documents and Settings\alex\IBM
2008-08-30 18:52 . 2008-09-03 21:43 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\CorelHomeOffice
2008-08-28 13:06 . 2008-08-28 13:06 <DIR> d--h----- C:\WINDOWS\PIF
2008-08-28 12:12 . 2008-08-28 12:12 <DIR> d-------- C:\Programmi\XPC Tools
2008-08-28 11:07 . 2008-03-14 10:47 442,368 --a------ C:\WINDOWS\system32\nvunrm.exe
2008-08-28 11:07 . 2007-12-07 16:12 5,836 --a------ C:\WINDOWS\system32\nvnrm.nvu
2008-08-28 11:00 . 2008-08-28 11:00 <DIR> d-------- C:\Programmi\Browser MOUSE
2008-08-28 10:48 . 2007-09-02 20:56 1,686,016 --a------ C:\WINDOWS\system32\clinetsuitex6.ocx
2008-08-28 10:48 . 2004-03-09 16:45 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2008-08-28 10:43 . 2008-08-30 12:23 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\Thinstall
2008-08-28 10:19 . 2005-04-15 19:58 1,071,088 --a------ C:\WINDOWS\system32\MSCOMCTL.OCX
2008-08-28 10:19 . 2004-09-28 11:13 526,184 --a------ C:\WINDOWS\system32\XceedCry.dll
2008-08-28 10:19 . 2004-06-14 14:56 427,864 --a------ C:\WINDOWS\system32\XceedZip.dll
2008-08-28 10:19 . 2004-03-09 00:00 152,848 --a------ C:\WINDOWS\system32\Comdlg32.ocx
2008-08-28 10:19 . 2004-03-09 00:00 132,880 --a------ C:\WINDOWS\system32\Msinet.ocx
2008-08-28 10:14 . 2007-11-14 15:18 553 --a------ C:\WINDOWS\USetup.iss
2008-08-27 12:50 . 2008-08-27 13:16 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\DMCache
2008-08-23 23:32 . 2008-08-23 23:32 <DIR> d-------- C:\Documents and Settings\alex\Dati applicazioni\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2008-08-23 19:41 . 2008-06-11 14:48 18,772 --a------ C:\WINDOWS\system32\nvapps.nvb
2008-08-23 19:37 . 2008-08-23 19:37 <DIR> d-------- C:\Programmi\DAEMON Tools Lite
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-20 10:38 --------- d---a-w C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2008-09-20 10:28 --------- d-----w C:\Programmi\PeerGuardian2
2008-09-20 10:24 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-09-20 10:22 --------- d-----w C:\Programmi\Spybot - Search & Destroy
2008-09-19 21:33 --------- d-----w C:\Documents and Settings\alex\Dati applicazioni\OpenOffice.org2
2008-09-19 09:13 --------- d-----w C:\Programmi\TuneUp Utilities 2008
2008-09-19 08:25 2,368,103 ----a-w C:\WINDOWS\Internet Logs\tvDebug.Zip
2008-09-17 23:09 --------- d-----w C:\Documents and Settings\alex\Dati applicazioni\uTorrent
2008-09-17 20:04 --------- d-----w C:\Programmi\a-squared Free
2008-09-17 14:26 --------- d-----w C:\Programmi\Windows Media Connect 2
2008-09-17 12:48 --------- d-----w C:\Programmi\Google
2008-09-16 19:53 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-09-15 14:16 --------- d-----w C:\Documents and Settings\alex\Dati applicazioni\vlc
2008-09-10 16:45 --------- d-----w C:\Programmi\NOS
2008-09-10 16:45 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\NOS
2008-09-10 10:00 --------- d-----w C:\Programmi\File comuni\Adobe
2008-09-03 15:28 --------- d-----w C:\Programmi\Windows Live Safety Center
2008-09-03 13:53 --------- d-----w C:\Documents and Settings\alex\Dati applicazioni\SoftMaker
2008-08-28 08:13 319,488 ----a-w C:\WINDOWS\HideWin.exe
2008-08-23 17:56 --------- d-----w C:\Programmi\Realtek
2008-08-23 10:55 --------- d-----w C:\Programmi\Table Tennis Pro
2008-08-19 08:57 --------- d-----w C:\Programmi\Microsoft Silverlight
2008-08-18 15:05 --------- d-----w C:\Programmi\File comuni\DirectX
2008-08-16 19:43 --------- d-----w C:\Documents and Settings\alex\Dati applicazioni\LimeWire
2008-08-16 19:42 --------- d-----w C:\Programmi\LimeWire
2008-08-16 19:31 --------- d-----w C:\Programmi\KONAMI
2008-08-15 09:27 --------- d-----w C:\Programmi\Microsoft Works
2008-08-13 21:25 --------- d-----w C:\Documents and Settings\alex\Dati applicazioni\OfficeUpdate12
2008-08-13 20:47 --------- d-----w C:\Documents and Settings\alex\Dati applicazioni\Windows Desktop Search
2008-08-13 20:46 --------- d-----w C:\Programmi\Windows Desktop Search
2008-08-12 14:10 4,751,360 ----a-w C:\WINDOWS\system32\drivers\RtkHDAud.sys
2008-08-09 21:24 --------- d-----w C:\Programmi\Java
2008-08-06 13:51 1,200,128 ----a-w C:\WINDOWS\RtlUpd.exe
2008-07-31 13:05 16,806,912 ----a-w C:\WINDOWS\RTHDCPL.EXE
2008-07-29 13:42 528,384 ----a-w C:\WINDOWS\RtlExUpd.dll
2008-07-24 09:55 --------- d-----w C:\Programmi\File comuni\InstallShield
2008-07-23 21:19 --------- d-----w C:\Programmi\Reference Assemblies
2008-07-23 21:19 --------- d-----w C:\Programmi\MSBuild
2008-07-22 17:46 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Corel
2008-07-22 17:46 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Borland
2008-07-21 19:24 --------- d-----w C:\Programmi\COMODO
2008-07-21 10:52 524,288 ----a-w C:\WINDOWS\opuc.dll
2008-07-20 10:05 434 ----a-w C:\Documents and Settings\alex\Dati applicazioni\wklnhst.dat
2008-07-19 11:46 266 --sh--w C:\Programmi\desktop.ini
2008-07-19 11:46 11,079 ---ha-w C:\Programmi\folder.htt
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 18:38 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-09 07:05 75,248 ----a-w C:\WINDOWS\zllsputility.exe
2008-07-09 07:05 54,672 ----a-w C:\WINDOWS\system32\vsutil_loc0410.dll
2008-07-09 07:05 42,384 ----a-w C:\WINDOWS\zllsputility_loc0410.dll
2008-07-09 07:05 21,904 ----a-w C:\WINDOWS\system32\imsinstall_loc0410.dll
2008-07-09 07:05 17,808 ----a-w C:\WINDOWS\system32\imslsp_install_loc0410.dll
2008-07-07 20:27 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-04 09:38 355,584 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
2008-07-02 16:28 155,995 ----a-w C:\WINDOWS\java\Packages\HBDJTVBB.ZIP
2008-06-24 16:42 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-23 16:15 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:46 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"PeerGuardian"="C:\Programmi\PeerGuardian2\pg2.exe" [2007-01-30 1432064]
"MSMSGS"="C:\Programmi\Messenger\MSMSGS.EXE" [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-18 266497]
"ISUSPM Startup"="C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"ISUSScheduler"="C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-16 13529088]
"AzMixerSel"="C:\Programmi\Realtek\InstallShield\AzMixerSel.exe" [2005-06-12 53248]
"ISTray"="C:\Programmi\Spyware Doctor\pctsTray.exe" [2008-07-16 1166216]
"ZoneAlarm Client"="C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe" [2008-08-21 981904]
"SpywareTerminator"="C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2008-09-18 1783808]
"TrueImageMonitor.exe"="C:\Programmi\Acronis\TrueImageHome\TrueImageMonitor.exe" [2008-03-10 2617808]
"AcronisTimounterMonitor"="C:\Programmi\Acronis\TrueImageHome\TimounterMonitor.exe" [2008-03-10 909592]
"Acronis Scheduler2 Service"="C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe" [2008-03-10 140568]
"nwiz"="nwiz.exe" [2008-05-16 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-31 C:\WINDOWS\RTHDCPL.EXE]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
"Picasa Media Detector"="C:\Programmi\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
HP Digital Imaging Monitor.lnk - C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Alice ti aiuta.lnk]
backup=C:\WINDOWS\pss\Alice ti aiuta.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABIT uGuruIII]
--a------ 2007-09-05 14:20 421888 C:\Programmi\U-ABIT\abitEQ\abiteq.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMOFFICE4DMOUSE]
--a------ 2008-08-28 10:59 360448 C:\Programmi\Browser MOUSE\mouse32a.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 11:34 5724184 C:\Programmi\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
R0 pxark;pxark;C:\WINDOWS\system32\drivers\pxark.sys [2008-09-18 17408]
R0 tdrpman;Acronis Try&Decide and Restore Points filter;C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2008-09-19 368480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-09-18 141312]
R2 BCMNTIO;BCMNTIO;C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys [2004-03-05 3744]
R2 CSIScanner;CSIScanner;C:\Programmi\PrevxCSI\prevxcsi.exe [2008-09-18 636472]
R2 ioloFileInfoList;iolo FileInfoList Service;C:\Programmi\iolo\common\lib\ioloServiceManager.exe [2008-08-15 596328]
R2 ioloSystemService;iolo System Service;C:\Programmi\iolo\common\lib\ioloServiceManager.exe [2008-08-15 596328]
R2 MAPMEM;MAPMEM;C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys [2004-03-05 3904]
R2 TryAndDecideService;Acronis Try And Decide Service;C:\Programmi\File comuni\Acronis\Fomatik\TrueImageTryStartService.exe [2008-03-10 522448]
S2 gupdate1c8e90ad6c1d592;Google Update Service (gupdate1c8e90ad6c1d592);C:\Programmi\Google\Update\GoogleUpdate.exe [2008-08-29 133104]
S2 Utilità di pianificazione di LiveUpdate automatico;Utilità di pianificazione di LiveUpdate automatico;C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe [ ]
S2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ABIT-IO;ABIT-IO;C:\Programmi\U-ABIT\abitEQ\ABIT-IO.sys [2005-12-08 4608]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-07-04 355584]
.
Contenuto della cartella 'Scheduled Tasks'
.
- - - - ORFÇOS REMOVIDOS - - - -
Notify-dimsntfy - (no file)
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\alex\Dati applicazioni\Mozilla\Firefox\Profiles\38khhw55.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE -
www.yahoo.itFF -: plugin - C:\Programmi\Google\Google Updater\2.3.1334.1308\npCIDetect13.dll
FF -: plugin - C:\Programmi\Google\Update\1.2.131.11\npGoogleOneClick5.dll
FF -: plugin - C:\Programmi\Mozilla Firefox\plugins\np_gp.dll
FF -: plugin - C:\Programmi\Picasa2\npPicasa2.dll
FF -: plugin - C:\Programmi\Yahoo!\Common\npyaxmpb.dll
FF -: plugin - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-09-20 12:38:28
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Programmi\Windows Defender\MsMpEng.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\a-squared Free\a2service.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Programmi\Spyware Doctor\pctsAuxs.exe
C:\Programmi\Spyware Doctor\pctsSvc.exe
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\searchindexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\ComboFix\pv.cfexe
.
**************************************************************************
.
Ora fine scansione: 2008-09-20 12:40:09 - machine was rebooted [alex]
ComboFix-quarantined-files.txt 2008-09-20 10:40:06
Pre-Run: 462,389,919,744 byte disponibili
Post-Run: 462,302,158,848 byte disponibili
352 --- E O F --- 2008-09-18 10:00:54