Ed ecco il log di combofix.
Ora faccio girare di nuovo malewarebytes e vedo se trova qualcosa.ComboFix 09-03-14.01 - Vittorio 2009-03-15 18.58.24.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.1791.1198 [GMT 1:00]
Eseguito da: c:\documents and settings\Vittorio\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090314-0] *On-access scanning disabled* (Updated)
FW: ZoneAlarm Firewall *disabled*
* Creato nuovo punto di ripristino
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycler\S-9-8-81-100016989-100022582-100015663-2525.com
.
((((((((((((((((((((((((( Files Creati Da 2009-02-15 al 2009-03-15 )))))))))))))))))))))))))))))))))))
.
2009-03-15 17:27 . 2009-03-15 17:27 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2009-03-15 17:27 . 2009-03-15 17:27 <DIR> d-------- c:\documents and settings\Vittorio\Dati applicazioni\Malwarebytes
2009-03-15 17:27 . 2009-03-15 17:27 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-03-15 17:27 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-15 17:27 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-15 08:36 . 2009-03-15 08:36 <DIR> d-------- c:\programmi\Sophos
2009-03-15 08:26 . 2009-03-15 08:26 <DIR> d-------- c:\documents and settings\Vittorio\Dati applicazioni\Simply Super Software
2009-03-15 03:21 . 2009-03-15 03:23 <DIR> d-------- c:\programmi\Trojan Remover
2009-03-15 03:21 . 2009-03-15 03:21 <DIR> d-------- c:\documents and settings\Pablo\Dati applicazioni\Simply Super Software
2009-03-15 03:21 . 2009-03-15 03:21 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Simply Super Software
2009-03-15 03:21 . 2006-05-25 14:52 162,304 --a------ c:\windows\system32\ztvunrar36.dll
2009-03-15 03:21 . 2003-02-02 19:06 153,088 --a------ c:\windows\system32\UNRAR3.dll
2009-03-15 03:21 . 2005-08-26 00:50 77,312 --a------ c:\windows\system32\ztvunace26.dll
2009-03-15 03:21 . 2002-03-06 00:00 75,264 --a------ c:\windows\system32\unacev2.dll
2009-03-15 03:21 . 2006-06-19 12:01 69,632 --a------ c:\windows\system32\ztvcabinet.dll
2009-03-15 03:13 . 2009-03-15 03:22 344 --a------ C:\autorun.inf.vir
2009-03-14 13:33 . 2009-03-14 13:33 <DIR> d-------- c:\documents and settings\Pablo\Dati applicazioni\ChessBase
2009-03-13 23:23 . 2009-03-15 19:00 10,635,296 --ahs---- c:\windows\system32\drivers\fidbox.dat
2009-03-13 23:23 . 2009-03-15 17:22 124,724 --ahs---- c:\windows\system32\drivers\fidbox.idx
2009-03-13 23:20 . 2008-07-09 09:05 75,248 --a------ c:\windows\zllsputility.exe
2009-03-13 23:20 . 2008-07-09 09:05 54,672 --a------ c:\windows\system32\vsutil_loc0410.dll
2009-03-13 23:20 . 2008-07-09 09:05 42,384 --a------ c:\windows\zllsputility_loc0410.dll
2009-03-13 23:20 . 2008-07-09 09:05 21,904 --a------ c:\windows\system32\imsinstall_loc0410.dll
2009-03-13 23:20 . 2008-07-09 09:05 17,808 --a------ c:\windows\system32\imslsp_install_loc0410.dll
2009-03-13 23:19 . 2009-03-13 23:20 <DIR> d-------- c:\windows\system32\ZoneLabs
2009-03-13 23:19 . 2009-03-13 23:19 <DIR> d-------- c:\programmi\Zone Labs
2009-03-13 23:19 . 2008-07-09 09:05 1,086,952 --a------ c:\windows\system32\zpeng24.dll
2009-03-13 23:19 . 2009-03-15 17:23 358,382 --a------ c:\windows\system32\vsconfig.xml
2009-03-13 23:16 . 2009-03-15 03:15 <DIR> d-------- c:\programmi\Spyware Terminator
2009-03-13 23:16 . 2009-03-13 23:20 <DIR> d-------- c:\documents and settings\Vittorio\Dati applicazioni\Spyware Terminator
2009-03-13 23:16 . 2009-03-15 09:22 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator
2009-03-13 23:16 . 2009-03-13 23:16 142,592 --a------ c:\windows\system32\drivers\sp_rsdrv2.sys
2009-03-12 03:32 . 2009-03-12 03:32 <DIR> d-------- c:\programmi\MyFree Codec
2009-03-08 17:58 . 2009-03-08 17:59 <DIR> d-------- c:\programmi\Windows Live Safety Center
2009-03-08 10:29 . 2009-03-13 21:51 <DIR> d-------- c:\documents and settings\Ivano\Dati applicazioni\Orbit
2009-03-07 20:06 . 2009-03-14 09:28 <DIR> d-------- c:\documents and settings\Ivano\Dati applicazioni\Spyware Terminator
2009-03-07 17:58 . 2009-03-15 03:15 <DIR> d-------- c:\documents and settings\Pablo\Dati applicazioni\Spyware Terminator
2009-03-07 15:05 . 2009-03-10 17:30 <DIR> d-------- c:\documents and settings\Orietta\Dati applicazioni\Spyware Terminator
2009-03-07 14:08 . 2009-03-07 14:08 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\MailFrontier
2009-03-07 14:08 . 2004-04-27 04:40 11,264 --a------ c:\windows\system32\SpOrder.dll
2009-03-07 14:08 . 2009-03-13 23:21 4,212 ---h----- c:\windows\system32\zllictbl.dat
2009-03-07 14:07 . 2009-03-15 18:51 <DIR> d-------- c:\windows\Internet Logs
2009-03-07 14:07 . 2009-03-15 17:27 312 --a------ c:\windows\system32\BIN_STRSBW.SPT
2009-03-07 14:06 . 2009-03-07 14:06 <DIR> d-------- c:\programmi\Trend Micro
2009-03-07 14:05 . 2009-03-07 14:05 <DIR> d-------- c:\programmi\SpywareBlaster
2009-03-07 14:05 . 2009-03-15 14:09 <DIR> d-a------ c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-03-07 14:05 . 2005-08-25 19:18 118,784 --a------ c:\windows\system32\MSSTDFMT.DLL
2009-03-07 14:01 . 2009-03-07 14:01 <DIR> d-------- c:\programmi\Crawler
2009-03-07 03:36 . 2009-03-07 03:36 <DIR> d-------- c:\documents and settings\Pablo\Dati applicazioni\EstSoft
2009-03-05 07:41 . 2009-03-05 07:41 <DIR> d-------- c:\documents and settings\Vittorio\Dati applicazioni\Creative
2009-03-04 21:04 . 2009-03-04 21:04 <DIR> d-------- c:\documents and settings\Ivano\Dati applicazioni\.clamwin
2009-03-04 15:31 . 2009-03-04 15:31 <DIR> d-------- c:\documents and settings\Pablo\Dati applicazioni\.clamwin
2009-03-04 14:31 . 2009-03-04 14:31 <DIR> d-------- c:\documents and settings\Orietta\Dati applicazioni\.clamwin
2009-03-04 01:19 . 2009-03-04 01:19 <DIR> d-------- c:\programmi\ESTsoft
2009-03-04 01:19 . 2009-03-04 01:19 <DIR> d-------- c:\documents and settings\Vittorio\Dati applicazioni\ESTsoft
2009-03-04 00:57 . 2009-03-04 00:57 <DIR> d-------- c:\programmi\ClamWin
2009-03-04 00:57 . 2009-03-04 00:57 <DIR> d-------- c:\documents and settings\Vittorio\Dati applicazioni\.clamwin
2009-03-04 00:57 . 2009-03-04 00:57 <DIR> d-------- c:\documents and settings\All Users\.clamwin
2009-03-03 23:53 . 2009-03-03 23:53 <DIR> d-------- c:\documents and settings\Vittorio\Dati applicazioni\Auslogics
2009-03-02 15:32 . 2009-03-10 17:34 44,401 --a------ c:\windows\system32\~.tmp
2009-03-02 15:32 . 2009-03-10 17:34 127 --a------ c:\windows\system32\~.inf
2009-03-01 16:35 . 2009-03-01 16:35 <DIR> d-------- c:\documents and settings\Ivano\Dati applicazioni\Ahead
2009-03-01 16:27 . 2009-03-01 16:27 <DIR> d-------- c:\documents and settings\Ivano\Dati applicazioni\DivX
2009-03-01 16:20 . 2009-03-01 16:20 <DIR> d-------- c:\documents and settings\Ivano\Bluetooth Software
2009-03-01 13:58 . 2009-03-01 16:17 <DIR> d-------- c:\programmi\Orbitdownloader
2009-03-01 13:58 . 2009-03-01 13:59 <DIR> d-------- c:\documents and settings\Vittorio\Dati applicazioni\Orbit
2009-03-01 13:58 . 2009-03-01 13:58 <DIR> d-------- c:\documents and settings\Vittorio\Dati applicazioni\GrabPro
2009-03-01 13:55 . 2009-03-01 13:55 <DIR> d-------- c:\programmi\File comuni\xing shared
2009-03-01 13:55 . 2009-03-01 13:55 <DIR> d-------- c:\programmi\File comuni\Real
2009-03-01 13:55 . 2009-03-01 13:55 <DIR> d-------- C:\Program Files
2009-03-01 09:04 . 2009-03-13 08:57 <DIR> d-------- c:\programmi\Unlocker
2009-03-01 09:03 . 2009-03-01 09:03 <DIR> d-------- c:\documents and settings\Vittorio\Dati applicazioni\GlarySoft
2009-03-01 08:54 . 2009-03-01 08:54 <DIR> d-------- c:\programmi\Glary Utilities
2009-03-01 08:54 . 2009-03-01 08:54 <DIR> d-------- c:\programmi\CCleaner
2009-02-28 13:35 . 2009-03-12 00:15 <DIR> d-------- c:\programmi\TubeSucker
2009-02-28 10:49 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-02-28 10:49 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-02-28 10:49 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-02-28 07:13 . 2009-02-28 07:13 <DIR> d-------- c:\documents and settings\Orietta\Bluetooth Software
2009-02-27 21:37 . 2009-02-27 21:37 <DIR> d-------- c:\documents and settings\Pablo\Bluetooth Software
2009-02-27 19:07 . 2009-02-27 19:07 <DIR> d-------- c:\documents and settings\Vittorio\Bluetooth Software
2009-02-27 19:07 . 2008-04-13 19:13 21,504 --a------ c:\windows\system32\hidserv.dll
2009-02-27 19:07 . 2008-04-13 19:13 21,504 --a--c--- c:\windows\system32\dllcache\hidserv.dll
2009-02-27 19:06 . 2008-04-13 18:53 14,720 --a------ c:\windows\system32\drivers\kbdhid.sys
2009-02-27 19:06 . 2008-04-13 18:53 14,720 --a--c--- c:\windows\system32\dllcache\kbdhid.sys
2009-02-27 19:05 . 2009-02-27 19:05 <DIR> d-------- c:\programmi\WIDCOMM
2009-02-27 19:05 . 2007-08-14 02:38 862,922 --a------ c:\windows\system32\drivers\btkrnl.sys
2009-02-27 19:05 . 2007-08-14 02:38 329,901 --a------ c:\windows\system32\drivers\btaudio.sys
2009-02-27 19:05 . 2007-08-14 02:38 149,123 --a------ c:\windows\system32\drivers\btwdndis.sys
2009-02-27 19:05 . 2007-08-14 02:38 106,557 --a------ c:\windows\system32\btw_ci.dll
2009-02-27 19:05 . 2007-08-14 02:38 67,672 --a------ c:\windows\system32\drivers\btwusb.sys
2009-02-27 19:05 . 2007-08-14 02:38 47,875 --a------ c:\windows\system32\drivers\btwhid.sys
2009-02-27 19:05 . 2007-08-14 02:38 30,459 --a------ c:\windows\system32\drivers\btport.sys
2009-02-27 19:05 . 2007-08-14 02:38 30,285 --a------ c:\windows\system32\drivers\btwmodem.sys
2009-02-27 16:58 . 2009-02-27 17:11 <DIR> d-------- c:\documents and settings\Pablo\Dati applicazioni\GetRightToGo
2009-02-27 16:03 . 2009-03-15 14:14 <DIR> d-------- c:\documents and settings\Pablo\Tracing
2009-02-27 16:00 . 2009-02-27 16:00 <DIR> d-------- c:\programmi\Windows Live SkyDrive
2009-02-27 16:00 . 2009-02-27 16:00 <DIR> d-------- c:\programmi\Windows Live
2009-02-27 16:00 . 2009-02-27 16:00 <DIR> d-------- c:\programmi\Microsoft
2009-02-27 15:55 . 2009-02-27 15:55 <DIR> d-------- c:\programmi\File comuni\Windows Live
2009-02-27 01:19 . 2009-03-13 21:36 <DIR> d-------- C:\downloads
2009-02-27 01:19 . 2009-03-13 21:58 <DIR> d-------- c:\documents and settings\Pablo\Dati applicazioni\Orbit
2009-02-27 01:19 . 2009-03-01 14:19 <DIR> d-------- c:\documents and settings\Pablo\Dati applicazioni\GrabPro
2009-02-25 21:31 . 2009-03-07 17:12 16 --a------ c:\windows\popcinfo.dat
2009-02-25 17:46 . 2008-04-13 11:46 37,888 --a------ c:\windows\system32\drivers\bthmodem.sys
2009-02-25 17:46 . 2008-04-13 11:46 37,888 --a--c--- c:\windows\system32\dllcache\bthmodem.sys
2009-02-25 00:33 . 2009-02-25 00:33 <DIR> d-------- c:\documents and settings\Pablo\Dati applicazioni\Ahead
2009-02-24 17:49 . 2009-02-24 17:49 <DIR> d-------- c:\documents and settings\Pablo\Dati applicazioni\OpenOffice.org
2009-02-23 22:18 . 2008-04-13 19:14 152,576 --a------ c:\windows\system32\irftp.exe
2009-02-23 01:27 . 2009-03-15 15:48 <DIR> d-------- c:\programmi\eMule
2009-02-21 02:12 . 2009-02-21 02:12 <DIR> d-------- c:\documents and settings\Pablo\Dati applicazioni\Creative
2009-02-21 02:09 . 2006-10-05 23:17 53,248 --------- c:\windows\Ctregrun.exe
2009-02-21 02:09 . 2003-06-12 23:25 7,062 --a------ c:\windows\system32\audiopid.vxd
2009-02-21 02:08 . 2009-02-21 02:08 <DIR> d-------- c:\programmi\File comuni\Creative
2009-02-21 02:08 . 2009-02-21 02:08 <DIR> d--h----- c:\programmi\Creative Installation Information
2009-02-21 02:08 . 2009-02-21 02:12 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Creative
2009-02-21 02:08 . 1999-12-12 18:01 44,032 --------- c:\windows\system32\CTSVCCDA.EXE
2009-02-21 02:08 . 1999-11-17 18:00 25,088 --------- c:\windows\system32\CTSVCCTL.EXE
2009-02-21 02:07 . 2009-02-21 02:07 <DIR> d-------- c:\windows\system32\LogFiles
2009-02-21 02:07 . 2009-02-21 02:12 <DIR> d-------- c:\windows\system32\drivers\UMDF
2009-02-21 02:07 . 2009-02-21 02:09 <DIR> d-------- c:\programmi\Creative
2009-02-20 21:43 . 2009-03-12 10:40 65 --a------ c:\windows\FISHUI.INI
2009-02-20 21:03 . 2009-02-20 21:03 <DIR> d-------- c:\documents and settings\Orietta\Dati applicazioni\OpenOffice.org
2009-02-20 20:01 . 2009-02-20 20:01 <DIR> d-------- C:\My Video
2009-02-20 20:00 . 2009-02-20 20:00 <DIR> d-------- c:\programmi\Samsung
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-14 07:36 1,373,696 ----a-w c:\windows\Internet Logs\xDB1.tmp
2009-03-13 21:11 --------- d-----w c:\programmi\Java
2009-03-01 12:55 --------- d-----w c:\programmi\Google
2009-02-21 04:04 --------- d--h--w c:\programmi\InstallShield Installation Information
2009-02-20 15:24 --------- d-----w c:\documents and settings\Vittorio\Dati applicazioni\Ahead
2009-02-19 16:54 --------- d-----w c:\programmi\Alwil Software
2009-02-19 16:52 --------- d-----w c:\programmi\OpenOffice.org 3
2009-02-19 16:52 --------- d-----w c:\programmi\JRE
2009-02-19 16:52 --------- d-----w c:\programmi\File comuni\Java
2009-02-19 16:48 --------- d-----w c:\programmi\PDFCreator
2009-02-19 16:48 --------- d-----w c:\programmi\DivX
2009-02-19 16:47 --------- d-----w c:\programmi\File comuni\Adobe
2009-02-19 16:47 --------- d-----w c:\programmi\AusLogics Disk Defrag
2009-02-19 16:38 --------- d-----w c:\programmi\File comuni\LightScribe
2009-02-19 16:37 --------- d-----w c:\programmi\File comuni\Ahead
2009-02-19 16:37 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Ahead
2009-02-19 16:35 --------- d-----w c:\programmi\Nero
2009-02-19 16:35 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Nero
2009-02-19 16:01 --------- d-----w c:\documents and settings\Vittorio\Dati applicazioni\ATI
2009-02-19 16:01 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\ATI
2009-02-19 16:00 --------- d-----w c:\programmi\ATI Technologies
2009-02-19 15:56 --------- d-----w c:\programmi\File comuni\InstallShield
2009-02-19 15:51 --------- d-----w c:\programmi\microsoft frontpage
2009-02-19 15:50 --------- d-----w c:\programmi\Servizi in linea
2009-02-09 14:04 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-01-05 22:33 3,751,995 ----a-w c:\windows\system32\GPhotos.scr
2008-12-20 22:31 826,368 ----a-w c:\windows\system32\wininet.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2008-04-13 1695232]
"LightScribe Control Panel"="c:\programmi\File comuni\LightScribe\LightScribeControlPanel.exe" [2007-07-18 451872]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"UnlockerAssistant"="c:\programmi\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"ClamWin"="c:\programmi\ClamWin\bin\ClamTray.exe" [2008-11-09 86016]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-03-13 148888]
"SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe" [2009-03-13 2233856]
"ZoneAlarm Client"="c:\programmi\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"TrojanScanner"="c:\programmi\Trojan Remover\Trjscan.exe" [2009-03-15 1303432]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2007-04-04 c:\windows\SkyTel.exe]
"AdslTaskBar"="stmctrl.dll" [2003-01-22 c:\windows\system32\stmctrl.dll]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 c:\windows\system32\bthprops.cpl]
c:\documents and settings\Orietta\Menu Avvio\Programmi\Esecuzione automatica\
OpenOffice.org 3.0.lnk - c:\programmi\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000]
c:\documents and settings\Pablo\Menu Avvio\Programmi\Esecuzione automatica\
OpenOffice.org 3.0.lnk - c:\programmi\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000]
c:\documents and settings\Vittorio\Menu Avvio\Programmi\Esecuzione automatica\
OpenOffice.org 3.0.lnk - c:\programmi\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
BTTray.lnk - c:\programmi\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-13 561213]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"IncrediMail"=c:\programmi\IncrediMail\bin\IncMail.exe /c
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"MP10_EnsureFileVer"=c:\windows\inf\unregmp2.exe /EnsureFileVersions
"Alcmtr"=ALCMTR.EXE
"SMSTray"=c:\programmi\Samsung\EmoDio\SMSTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Programmi\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitdm.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitnet.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-02-19 114768]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2009-02-19 13696]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-03-13 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-02-19 20560]
R3 Stmatm;ATM/ADSL miniport;c:\windows\system32\drivers\stmatm.sys [2009-02-20 59338]
R3 TaurusUsb;ADSL Modem USB Service 1.09a;c:\windows\system32\drivers\torususb.sys [2009-02-20 527980]
S2 gupdate1c99a6cf39b029c;Servizio di Google Update (gupdate1c99a6cf39b029c);c:\programmi\Google\Update\GoogleUpdate.exe [2009-03-01 133104]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-02-23 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\programmi\File comuni\LightScribe\LSRunOnce.exe"
.
Contenuto della cartella 'Scheduled Tasks'
2009-03-15 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary Utilities\initialize.exe [2009-02-12 17:10]
2009-03-15 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-03-01 13:55]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://mystart.incredimail.com/italian
IE: &Download by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: Do&wnload selected by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/202
IE: Invia a periferica &Bluetooth... - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\programmi\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Vittorio\Dati applicazioni\Mozilla\Firefox\Profiles\52m0hmc0.default\
FF - component: c:\programmi\Crawler\Toolbar\firefox\components\xcomm.dll
FF - component: c:\programmi\Crawler\Toolbar\firefox\components\xshared.dll
FF - component: c:\programmi\Crawler\Toolbar\firefox\components\xsupport.dll
FF - component: c:\programmi\Crawler\Toolbar\firefox\components\xwsg.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - plugin: c:\programmi\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\programmi\Google\Update\1.2.141.5\npGoogleOneClick7.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-03-15 18:59:55
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(792)
c:\windows\system32\Ati2evxx.dll
.
Ora fine scansione: 2009-03-15 19.00.51
ComboFix-quarantined-files.txt 2009-03-15 18:00:49
Pre-Run: 437.806.440.448 byte disponibili
Post-Run: 437,809,188,864 byte disponibili
286 --- E O F --- 2009-03-11 16:21:09