Fatta scansone in modalità provvisoria con AVG free 9, spyware terminator, malwarebytes, spybot tutto ok, winPatrol 2009 residente come antispyware, ma con clamwin:


Scan Started Wed Nov 11 19:24:11 2009

---

C:\Boot\BCD: Permission denied

C:\pagefile.sys: Permission denied

C:\ProgramData\avg9\Log\115316e7-1cb0-4ca6-bdf6-fb4f1f7688c2: Permission denied

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0c82f9a968fb1ebb1570b5d25283d680_df4499a0-3467-450d-b54c-b86336504193: Permission denied

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\29cbe018cdccea68e4bc33e2487fa44a_df4499a0-3467-450d-b54c-b86336504193: Permission denied

C:\ProgramData\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\Master.vzdb: Permission denied

C:\Users\All Users\avg9\Log\115316e7-1cb0-4ca6-bdf6-fb4f1f7688c2: Permission denied

C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\0c82f9a968fb1ebb1570b5d25283d680_df4499a0-3467-450d-b54c-b86336504193: Permission denied

C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\29cbe018cdccea68e4bc33e2487fa44a_df4499a0-3467-450d-b54c-b86336504193: Permission denied

C:\Users\All Users\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\Master.vzdb: Permission denied

C:\Users\gcerri\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gcerri\ntuser.dat.LOG1: Permission denied

C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1: Permission denied

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\cspFA41.tmp: Permission denied

C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1: Permission denied

C:\Windows\System32\catroot2\127D0A1D-4EF2-11D1-8608-00C04FC295EE\catdb: Permission denied

C:\Windows\System32\catroot2\F750E6C3-38EE-11D1-85E5-00C04FC295EE\catdb: Permission denied

C:\Windows\System32\config\components: Permission denied

C:\Windows\System32\config\COMPONENTS.LOG1: Permission denied

C:\Windows\System32\config\default: Permission denied

C:\Windows\System32\config\DEFAULT.LOG1: Permission denied

C:\Windows\System32\config\RegBack\COMPONENTS: Permission denied

C:\Windows\System32\config\RegBack\DEFAULT: Permission denied

C:\Windows\System32\config\RegBack\SAM: Permission denied

C:\Windows\System32\config\RegBack\SECURITY: Permission denied

C:\Windows\System32\config\RegBack\SOFTWARE: Permission denied

C:\Windows\System32\config\RegBack\SYSTEM: Permission denied

C:\Windows\System32\config\sam: Permission denied

C:\Windows\System32\config\SAM.LOG1: Permission denied

C:\Windows\System32\config\security: Permission denied

C:\Windows\System32\config\SECURITY.LOG1: Permission denied

C:\Windows\System32\config\software: Permission denied

C:\Windows\System32\config\SOFTWARE.LOG1: Permission denied

C:\Windows\System32\config\system: Permission denied

C:\Windows\System32\config\SYSTEM.LOG1: Permission denied



C:\aa-GIANLUCA CERRI\programmi free\z-sicurezza - altri\vir.it 6.3.01.exe: W32.MTX FOUND

C:\Program Files\Microsoft Office\Office12\excelcnv.exe: W32.Virut.Gen.D-163 FOUND

C:\Users\Default\Desktop\desktop.ini: Worm.Autorun-2190 FOUND

C:\Windows\Installer\8efd98.msp: W32.Virut.Gen.D-163 FOUND

C:\Windows\SoftwareDistribution\Download\daa4e3a0ea4e94aba329bc28d3b354b1\xlconv.cab: W32.Virut.Gen.D-163 FOUND

C:\Windows\System32\config\systemprofile\Desktop\desktop.ini: Worm.Autorun-2190 FOUND

C:\Windows\winsxs\x86_microsoft-windows-ie-iexpress_31bf3856ad364e35_6.0.6001.18000_none_647bdce13eb1f1e0\wextract.exe: Trojan.Agent-128308 FOUND

----------- SCAN SUMMARY -----------

Known viruses: 648544

Engine version: 0.95.3

Scanned directories: 22430

Scanned files: 130539

Infected files: 7



Data scanned: 32474.25 MB

Data read: 26605.83 MB (ratio 1.22:1)

Time: 7863.006 sec (131 m 3 s)

---

Completed

---

Ha trovato 7 virus? se così fosse che faccio?? Perchè, eventualmente, gli altri non hanno trovato niente?
Grazie!!

Hai 2 anti-spyware in tempo reale installati: WinPatrol e Spyware Terminator.


Scheda da Aiutamici Spyware Terminator: http://software.aiutamici.com/software?s=y

Caro r16 ho fatto ciò che chiedevi:
Combifix:
ComboFix 09-11-13.06 - gcerri 13/11/2009 20.54.12.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.2938.1419 [GMT 1:00]
Eseguito da: c:\users\gcerri\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Spyware Terminator *disabled* (Outdated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1023251413-950700340-3101597953-500
c:\$recycle.bin\S-1-5-21-1279422908-3320126952-4030864718-1001
c:\$recycle.bin\S-1-5-21-1279422908-3320126952-4030864718-500
c:\$recycle.bin\S-1-5-21-3805823762-868299014-383164387-500
c:\users\gcerri\AppData\Roaming\Desktopicon

.
((((((((((((((((((((((((( Files Creati Da 2009-10-13 al 2009-11-13 )))))))))))))))))))))))))))))))))))
.

2009-11-13 20:18 . 2009-11-13 20:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-13 18:10 . 2009-11-10 16:07 4026136 ----a-w- c:\programdata\avg9\update\backup\avgui.exe
2009-11-13 18:10 . 2009-11-10 16:07 2016536 ----a-w- c:\programdata\avg9\update\backup\avgtray.exe
2009-11-13 18:10 . 2009-11-10 16:07 1257240 ----a-w- c:\programdata\avg9\update\backup\avgfrw.exe
2009-11-13 18:10 . 2009-10-17 20:34 600344 ----a-w- c:\programdata\avg9\update\backup\avgnsx.exe
2009-11-13 18:10 . 2009-11-10 16:06 3963672 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2009-11-13 18:10 . 2009-10-24 12:44 496920 ----a-w- c:\programdata\avg9\update\backup\avgchjwx.dll
2009-11-10 18:56 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-11-10 18:56 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-10 18:51 . 2009-11-10 18:51 -------- d-----w- c:\users\gcerri\AppData\Roaming\.clamwin
2009-11-10 18:51 . 2009-11-10 18:51 -------- d-----w- c:\programdata\.clamwin
2009-11-10 18:51 . 2009-11-10 18:51 -------- d-----w- c:\program files\ClamWin
2009-11-09 09:58 . 2009-11-09 09:58 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-09 09:55 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-11-09 09:55 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-11-09 09:55 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-11-09 09:55 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-11-09 09:55 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-11-09 09:55 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-11-09 09:55 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-11-09 09:55 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-11-09 09:55 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-11-09 09:55 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-11-09 09:55 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-11-09 09:55 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-11-09 09:54 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-11-09 09:54 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-11-09 09:54 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-11-06 16:31 . 2009-11-06 16:31 -------- d-----w- c:\users\gcerri\AppData\Roaming\WinPatrol
2009-11-06 16:31 . 2006-09-18 21:43 10 ----a-w- c:\users\gcerri\AppData\Roaming\WinPatrol\Config.sys
2009-11-06 16:31 . 2006-09-18 21:43 24 ----a-w- c:\users\gcerri\AppData\Roaming\WinPatrol\Autoexec.bat
2009-11-06 16:30 . 2009-11-06 16:30 -------- d-----w- c:\program files\BillP Studios
2009-11-03 16:44 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-11-03 16:44 . 2009-09-10 14:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-11-01 18:13 . 2009-11-01 18:13 4096 d-----w- c:\users\gcerri\AppData\Roaming\vlc
2009-11-01 16:29 . 2009-11-01 17:20 4096 d-----w- c:\program files\SICPCVQuality
2009-11-01 16:29 . 2009-11-01 16:29 249856 ------w- c:\windows\Setup1.exe
2009-11-01 16:28 . 2009-11-01 16:28 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-10-27 16:03 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-27 16:03 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-27 16:03 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-27 16:03 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-27 16:02 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-10-27 16:02 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-10-27 16:02 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-27 16:02 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-27 16:02 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-25 10:56 . 2009-11-13 18:15 4096 d-----w- c:\program files\SpywareBlaster
2009-10-24 13:24 . 2009-10-24 13:24 -------- d-----w- c:\windows\CheckSur
2009-10-24 13:06 . 2009-10-24 13:06 -------- d-----w- c:\users\gcerri\AppData\Roaming\DivX
2009-10-19 08:57 . 2009-10-19 08:57 4096 d-----w- c:\users\gcerri\AppData\Local\Sony Corporation
2009-10-17 20:35 . 2009-10-17 20:35 -------- d-----w- C:\$AVG
2009-10-17 20:34 . 2009-11-10 16:07 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-10-17 20:34 . 2009-10-17 20:34 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-10-17 20:34 . 2009-10-17 20:34 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-10-17 20:34 . 2009-10-17 20:34 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-10-17 20:34 . 2009-11-13 18:11 4096 d-----w- c:\windows\system32\drivers\Avg
2009-10-17 20:34 . 2009-10-17 20:34 4096 d-----w- c:\programdata\avg9
2009-10-17 18:44 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-17 18:44 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-17 18:44 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-17 18:13 . 2009-02-17 18:38 112128 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2009-10-17 18:13 . 2008-12-30 09:57 103040 ----a-w- c:\windows\system32\drivers\ewusbfake.sys
2009-10-17 18:13 . 2008-12-13 09:27 102784 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2009-10-17 18:13 . 2008-04-14 07:36 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2009-10-17 18:13 . 2007-08-09 02:06 23424 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-10-17 18:08 . 2009-10-17 18:14 28672 d-----w- c:\program files\3 Internet

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-13 19:44 . 2009-07-20 13:25 1 ----a-w- c:\users\gcerri\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-11-13 18:40 . 2009-07-20 13:28 522 ----a-w- c:\users\gcerri\AppData\Roaming\wklnhst.dat
2009-11-13 18:14 . 2009-07-22 12:00 4096 d-----w- c:\users\gcerri\AppData\Roaming\Spyware Terminator
2009-11-13 18:06 . 2008-01-21 06:30 662846 ----a-w- c:\windows\system32\perfh010.dat
2009-11-13 18:06 . 2008-01-21 06:30 120326 ----a-w- c:\windows\system32\perfc010.dat
2009-11-12 18:34 . 2008-05-13 14:59 12 ----a-w- c:\windows\bthservsdp.dat
2009-11-11 22:05 . 2009-07-22 11:59 8192 d-----w- c:\program files\Spybot - Search & Destroy
2009-11-11 22:03 . 2009-07-22 12:00 4096 d-----w- c:\programdata\Spyware Terminator
2009-11-11 18:24 . 2009-07-22 11:59 4096 d-----w- c:\programdata\Spybot - Search & Destroy
2009-11-10 19:01 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-11-10 16:33 . 2008-05-14 09:03 4096 d-----w- c:\program files\Java
2009-11-09 15:51 . 2009-07-22 12:00 4096 d-----w- c:\program files\Spyware Terminator
2009-11-09 09:57 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-09 09:57 . 2009-11-09 09:57 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-08 11:22 . 2009-07-19 09:37 4096 d-----w- c:\program files\HSDPA USB Modem
2009-11-03 16:41 . 2009-08-16 10:07 8192 d-----w- c:\program files\CDBurnerXP
2009-10-26 12:27 . 2009-09-28 11:23 12288 d-----w- c:\program files\ThreatFire
2009-10-24 13:06 . 2009-07-19 00:23 4096 d-----w- c:\users\gcerri\AppData\Roaming\Sony Corporation
2009-10-17 20:34 . 2009-07-21 20:20 -------- d-----w- c:\program files\AVG
2009-10-17 18:42 . 2009-07-26 10:19 4096 d-----w- c:\program files\IZArc
2009-10-16 15:11 . 2009-07-20 13:38 4096 d-----w- c:\programdata\HP Product Assistant
2009-10-11 03:17 . 2009-07-20 13:21 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-07 12:56 . 2009-07-23 21:35 4096 d-----w- c:\users\gcerri\AppData\Roaming\Nokia
2009-10-06 16:25 . 2009-10-06 16:25 -------- d-----w- c:\program files\Common Files\PCSuite
2009-10-06 16:25 . 2009-07-23 21:06 -------- d-----w- c:\program files\Common Files\Nokia
2009-10-06 16:25 . 2009-07-23 20:59 4096 d-----w- c:\program files\Nokia
2009-10-06 16:22 . 2009-07-23 21:05 -------- d-----w- c:\program files\DIFX
2009-10-06 16:21 . 2009-10-06 16:20 12288 d-----w- c:\program files\PC Connectivity Solution
2009-10-06 16:18 . 2009-10-06 16:18 95232 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2009-10-06 16:18 . 2009-10-06 16:18 61440 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-10-06 16:18 . 2009-10-06 16:18 10240 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2009-10-06 16:18 . 2009-10-06 16:18 8192 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
2009-10-06 16:18 . 2009-07-23 20:57 4096 d-----w- c:\programdata\Installations
2009-10-06 16:18 . 2009-10-06 16:19 33853800 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_ita.exe
2009-09-28 19:57 . 2009-10-04 17:42 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-09-25 02:10 . 2009-11-09 09:56 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-11-09 09:56 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-11-09 09:56 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-11-09 09:56 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-11-09 09:56 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-11-09 09:56 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-11-09 09:56 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-11-09 09:56 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-11-09 09:56 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:33 . 2009-11-09 09:56 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-09-25 01:33 . 2009-11-09 09:56 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-09-25 01:32 . 2009-11-09 09:56 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-11-09 09:56 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-11-09 09:56 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-11-09 09:56 161280 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-11-09 09:56 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-11-09 09:56 1030144 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-11-09 09:56 828928 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-11-09 09:56 481792 ----a-w- c:\windows\system32\dxgi.dll
2009-09-25 01:30 . 2009-11-09 09:56 190464 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:27 . 2009-11-09 09:56 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-09-25 01:27 . 2009-11-09 09:56 37888 ----a-w- c:\windows\system32\cdd.dll
2009-09-25 01:27 . 2009-11-09 09:56 793088 ----a-w- c:\windows\system32\FntCache.dll
2009-09-25 01:27 . 2009-11-09 09:56 1064448 ----a-w- c:\windows\system32\DWrite.dll
2009-09-24 22:54 . 2009-11-09 09:56 258048 ----a-w- c:\windows\system32\winspool.drv
2009-09-24 22:54 . 2009-11-09 09:56 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-09-24 22:54 . 2009-11-09 09:56 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2009-09-22 16:06 . 2009-08-22 16:46 74328 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-09-22 16:04 . 2009-08-22 16:46 179792 ----a-w- c:\windows\system32\guard32.dll
2009-09-22 16:04 . 2009-08-22 16:46 29520 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-09-22 16:04 . 2009-08-22 16:46 128888 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-09-16 06:03 . 2009-07-19 00:21 83664 ----a-w- c:\users\gcerri\AppData\Local\GDIPFONTCACHEV1.DAT
2009-09-15 22:47 . 2009-09-15 22:47 -------- d-----w- c:\program files\JRE
2009-09-15 22:47 . 2009-07-20 13:22 4096 d-----w- c:\program files\OpenOffice.org 3
2009-09-15 17:20 . 2009-07-25 08:27 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-15 17:19 . 2009-08-04 18:10 4045528 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-09-14 09:29 . 2009-10-17 19:50 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-09-10 12:54 . 2009-07-25 08:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-07-25 08:27 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-10 02:01 . 2009-11-09 09:56 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-09-10 02:00 . 2009-11-09 09:56 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-09-10 02:00 . 2009-11-09 09:56 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-09-04 11:41 . 2009-10-17 19:50 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 00:27 . 2009-09-10 14:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-10 14:36 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-27 05:22 . 2009-10-17 19:50 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 05:17 . 2009-10-17 19:50 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-08-27 05:17 . 2009-10-17 19:50 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-08-27 03:42 . 2009-10-17 19:50 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-22 16:42 . 2009-08-22 16:06 190017 ----a-w- c:\windows\system32\drivers\sfi.dat
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-18 10:58 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-05-29 262144]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-19 39408]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-07-22 3055616]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2009-09-30 387584]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-03 317280]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-11 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-11 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-11 145944]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-07-18 29744]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2009-07-18 36864]
"VMSwitch"="c:\program files\Sony\VAIO Mode Switch\VMSwitch.exe" [2008-05-26 534368]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-09-21 1799952]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-11-13 2020120]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2009-10-10 320832]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2009-11-03 86016]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-06-06 6111232]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-10-30 748072]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-05-12 21:45 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\windows\System32\guard32.dll c:\windows\System32\guard32.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):cd,85,af,b1,66,08,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1279422908-3320126952-4030864718-1000]
"EnableNotificationsRef"=dword:00000001

R0 shpf;Sony HDD Protection Filter Driver;c:\windows\System32\drivers\shpf.sys [14/05/2008 1.53.51 22560]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [17/10/2009 21.34.32 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\drivers\avgtdix.sys [17/10/2009 21.34.50 360584]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\System32\drivers\cmdguard.sys [22/08/2009 17.46.13 128888]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\System32\drivers\cmdhlp.sys [22/08/2009 17.46.13 29520]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\System32\drivers\sp_rsdrv2.sys [22/07/2009 13.00.53 142592]
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [10/09/2007 23.45.04 124832]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [17/10/2009 21.34.04 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [17/10/2009 21.34.02 285392]
R2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [19/07/2009 1.05.06 229376]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [17/04/2007 19.09.28 11032]
R2 RtkHDMIService;RtkHDMIService;c:\windows\RTKAUDIOSERVICE.EXE [14/05/2008 8.53.39 98304]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [22/07/2009 12.59.25 1153368]
R2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [19/07/2009 0.47.48 104960]
R2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [18/06/2008 12.44.42 411488]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\System32\drivers\ArcSoftKsUFilter.sys [19/07/2009 0.47.49 17408]
R3 NETw5v32;Driver scheda Intel(R) Wireless WiFi Link per Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [28/04/2008 5.29.26 3658752]
R3 SbieDrv;SbieDrv;c:\program files\Sandboxie\SbieDrv.sys [30/09/2009 10.15.52 116736]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [17/12/2007 2.57.23 9344]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [14/05/2008 8.55.19 28464]
S3 cmusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2051;c:\windows\System32\drivers\cmusbser.sys [19/07/2009 10.37.54 103552]
S3 FontCache;Servizio cache tipi di carattere Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21/01/2008 3.23.43 21504]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [19/07/2009 0.46.19 29744]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\System32\drivers\ewusbfake.sys [17/10/2009 19.13.08 103040]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [19/07/2009 1.02.25 104288]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [19/07/2009 1.02.25 353568]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [19/07/2009 1.02.25 63328]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [19/07/2009 0.58.11 333088]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [19/07/2009 0.58.29 87328]

--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - MBR
*NewlyCreated* - PROCEXP113
*Deregistered* - mbr
*Deregistered* - PROCEXP113

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenuto della cartella 'Scheduled Tasks'

2009-11-13 c:\windows\Tasks\User_Feed_Synchronization-{EBDA74A6-53C5-4456-8F7D-EE14FC5C7851}.job
- c:\windows\system32\msfeedssync.exe [2009-10-17 03:41]

2009-11-07 c:\windows\Tasks\WebReg HP Photosmart C4400 series.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2007-10-14 18:40]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.club-vaio.com
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Invia immagine alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Invia pagina alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Scarica con Download &Express - c:\program files\Download Express\Add_Url.htm
FF - ProfilePath - c:\users\gcerri\AppData\Roaming\Mozilla\Firefox\Profiles\uus0hy6j.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.libero.it/
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\users\gcerri\AppData\Roaming\Mozilla\Firefox\Profiles\uus0hy6j.default\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}\components\mpint.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-13 21:24
Windows 6.0.6002 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7e,3d,93,1c,89,80,b5,45,92,9c,f9,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7e,3d,93,1c,89,80,b5,45,92,9c,f9,\

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000059

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(924)
c:\windows\system32\guard32.dll

- - - - - - - > 'lsass.exe'(816)
c:\windows\system32\guard32.dll

- - - - - - - > 'Explorer.exe'(5864)
c:\windows\system32\btmmhook.dll
.
Ora fine scansione: 2009-11-13 21:26
ComboFix-quarantined-files.txt 2009-11-13 20:25

Pre-Run: 173.968.076.800 byte disponibili
Post-Run: 173.887.930.368 byte disponibili

- - End Of File - - 691506F40D89FACF24C684EA7147A7CF

Malwarebytes:
Malwarebytes' Anti-Malware 1.41
Versione del database: 3161
Windows 6.0.6002 Service Pack 2

13/11/2009 20.43.07
mbam-log-2009-11-13 (20-43-07).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 239742
Tempo trascorso: 59 minute(s), 21 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)

Facciamoci una risata: sono nella cacca perchè???

Problemini:
1) faccio backup su pendrive esterna
2) uso, per connettermi ad internet, internetkey di wind prodotta da alcatel

Cosa devo fare oltre a ciò che mi dirai per eliminare il virus da te evidenziato??
Chiederti grazie è superfluo....

Chiedo ospitalità a Gcerri


R16, anche nel mio notebook ClamWin mi ha individuato il Virut.Gen.D-163

C:\Program Files\Microsoft Office\Office12\EXCEL.EXE: W32.Virut.Gen.D-163 FOUND
C:\Program Files\Microsoft Office\Office12\excelcnv.exe: W32.Virut.Gen.D-163 FOUND
C:\Windows\Installer\7edaa.msp: W32.Virut.Gen.D-163 FOUND
C:\Windows\Installer\7edbe.msp: W32.Virut.Gen.D-163 FOUND
C:\Windows\SoftwareDistribution\Download\d16f45aa864340ccf36504588c6fae4b\excel.cab: W32.Virut.Gen.D-163 FOUND
C:\Windows\SoftwareDistribution\Download\daa4e3a0ea4e94aba329bc28d3b354b1\xlconv.cab: W32.Virut.Gen.D-163 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 649880
Engine version: 0.95.3
Scanned directories: 18441
Scanned files: 93123
Infected files: 6


*******************************************************************


Malwarebytes' Anti-Malware 1.41
Versione del database: 3168
Windows 6.0.6002 Service Pack 2

14/11/2009 13.09.59
mbam-log-2009-11-14 (13-09-59).txt

Tipo di scansione: Scansione completa (C:\|E:\|)
Elementi scansionati: 199409
Tempo trascorso: 39 minute(s), 20 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)



Però MBAM e Avira non hanno rilevato nulla, con MBAM ho fatto una scansione anche in Modalità provvisoria.


Ho letto anch'io che ClamWin ha il vizietto dei falsi positivi con i Virut, addiritura dopo il 1° rilevamento e messa in quarantena se si esegue una 2° scansione rilesa il virus nello stesso posto (precedente) e nella stessa sua quarantena. Roba da traveggole, non ci si può più fidare neanche di ClamWin



Ti posto un log?

r16 ho fatto ciò che hai consigliato, ma mi sembra che non sia stato rilevato alcun virus....

SCANSIONE IN MODALITà NORMALE
VirIT eXplorer Lite Log

[SCANSIONE DELLA MEMORIA]
OK

---

15/11/2009 - 10:02:39

[SCANSIONE DEL REGISTRO]
OK

[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK


Chiavi Registro infette: 0.
Files Infetti: 0.
Files Sospetti: 0.
Files Analizzati: 130500.
Files Totali: 130500.
Chiavi Registro rimosse: 0.
Virus Rimossi: 0.

SCANSIONE IN MODALITà PROVVISORIA
VirIT eXplorer Lite Log

[SCANSIONE DELLA MEMORIA]
OK

---

15/11/2009 - 10:02:39

[SCANSIONE DEL REGISTRO]
OK

[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK


Chiavi Registro infette: 0.
Files Infetti: 0.
Files Sospetti: 0.
Files Analizzati: 130500.
Files Totali: 130500.
Chiavi Registro rimosse: 0.
Virus Rimossi: 0.

[SCANSIONE DELLA MEMORIA]
OK

---

15/11/2009 - 11:11:07

[SCANSIONE DEL REGISTRO]
OK

[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK


[D:]
BOOT SECTOR: OK


[E:]
BOOT SECTOR: OK


[F:]


Chiavi Registro infette: 0.
Files Infetti: 0.
Files Sospetti: 0.
Files Analizzati: 130610.
Files Totali: 130610.
Chiavi Registro rimosse: 0.
Virus Rimossi: 0.

Quindi?? Che sia veramente un falso positivo dovuto ad errore di clamwin? Dimmi tu se devo fare altro.
P.S.: in questi giorni il computer ha funzionato bene senza problemi.

Grazie di tutto, in realtà, cercando per internet ho trovato altri forum, in inglese, che riportavano questo faslo positivo di clamwin??? Vedremo. Ancora grazie!!!!!!!