Ciao potete controllarmi i file log? il computer quando navigo in internet e provo ad aprire una finestra in più, crasha e si blocca per u paio di secondi il computer...veramente fastidioso aiutatemi a fare un pò di pulizia, credo di avere qualche virus....vi ringrazio anticipatamente...=)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19.43.13, on 25/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Programmi\NewSoft\Presto! PVR\Monitor.exe
C:\Programmi\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Creative\Shared Files\CamTray.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\Programmi\DAEMON Tools Lite\daemon.exe
C:\Programmi\Steam\Steam.exe
C:\Programmi\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Programmi\Spyware Doctor\pctsAuxs.exe
C:\Programmi\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\FlashGet\flashget.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.europowersearch.com/Search.html?SelectedSearchLang=IT
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Google Plus - {01677B4B-0610-4814-94A0-5F570DD7A88F} - C:\PROGRA~1\GooglePlusVideos\17.GooglePlusVideos.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Programmi\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Programmi\FlashGet\jccatch.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Super-Search - search like an expert - {B88F0A3B-663C-4342-A7CE-2D6F81032897} - C:\PROGRA~1\EasySearch\BHO\4.SuperSearch.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programmi\FlashGet\getflash.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programmi\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programmi\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] C:\Programmi\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Programmi\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [XboxStat] "c:\Programmi\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [ChangeFilterMerit] C:\Programmi\NewSoft\Presto! PVR\ChangeFilterMerit.exe
O4 - HKLM\..\Run: [Presto! PVR Monitor] C:\Programmi\NewSoft\Presto! PVR\Monitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Programmi\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Programmi\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programmi\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Programmi\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Utilità controllo supporti di Picture Motion Browser.lnk = C:\Programmi\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O8 - Extra context menu item: &Scarica con FlashGet - C:\Programmi\FlashGet\jc_link.htm
O8 - Extra context menu item: &Scarica tutto con FlashGet - C:\Programmi\FlashGet\jc_all.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programmi\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programmi\FlashGet\FlashGet.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/uno1/GAME_UNO1.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Programmi\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programmi\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programmi\Spyware Doctor\pctsSvc.exe

--
End of file - 10737 bytes

ciao trebor

esegui questa scansione

scarica Malwarebytes http://www.malwarebytes.org/mbam/program/mbam-setup.exe
1) lo installi
2) lo aggiorni
3) fai una scansione scegliendo la modalità completa
4) NON eliminare per ora le ventuali minacce che rileva
5) finita la scansione seleziona il tabellino log, apri il file di testo e postalo sul forum

Malwarebytes' Anti-Malware 1.41
Versione del database: 3231
Windows 5.1.2600 Service Pack 2

25/11/2009 20.34.11
mbam-log-2009-11-25 (20-34-06).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 177818
Tempo trascorso: 23 minute(s), 43 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 2

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
C:\System Volume Information\_restore{70FC3439-DEF1-40B0-92AD-4BE983187B89}\RP107\A0030039.exe (Backdoor.Netbus) -> No action taken.
C:\Documents and Settings\Robert\Dati applicazioni\Convivea\Bit_Che\scripts\special.exe (Trojan.Downloader) -> No action taken.

ComboFix 09-11-25.01 - Robert 25/11/2009 21.49.17.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.2046.1497 [GMT 1:00]
Eseguito da: c:\documents and settings\Robert\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00200000-EE94-0012-94EE-120094EE1200}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-2C24-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-3C24-9E7C08000A00}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\progra~1\EasySearch\BHO\4.SUpersearch.dll
c:\progra~1\GooglePlusVideos\17.Googleplusvideos.dll
c:\programmi\GooglePlusVideos
c:\programmi\GooglePlusVideos\17.GooglePlusVideos.dll
c:\programmi\GooglePlusVideos\DeploymentHelper.exe
c:\programmi\GooglePlusVideos\FFExt\chrome.manifest
c:\programmi\GooglePlusVideos\FFExt\chrome\content\googleplusvideos.xul
c:\programmi\GooglePlusVideos\FFExt\chrome\content\script-injector.js
c:\programmi\GooglePlusVideos\FFExt\install.rdf
c:\programmi\GooglePlusVideos\GooglePlusVideosLicense.txt
c:\programmi\GooglePlusVideos\GooglePlusVideosXPCOM.dll
c:\programmi\GooglePlusVideos\GVConfig.ini
c:\programmi\GooglePlusVideos\IGooglePlusVideosXPCOM.xpt
c:\programmi\GooglePlusVideos\MFC42U.DLL
c:\programmi\GooglePlusVideos\Uninstall.bat

.
((((((((((((((((((((((((( Files Creati Da 2009-10-25 al 2009-11-25 )))))))))))))))))))))))))))))))))))
.

2009-11-25 18:42 . 2009-11-25 18:42 -------- d-----w- c:\programmi\Trend Micro
2009-11-24 20:01 . 2009-11-24 20:01 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\Malwarebytes
2009-11-24 20:01 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-24 20:01 . 2009-11-24 20:01 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-11-24 20:01 . 2009-11-24 20:01 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-11-24 20:01 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-23 18:44 . 2009-11-23 18:44 -------- d-----w- c:\documents and settings\Robert\Impostazioni locali\Dati applicazioni\Threat Expert
2009-11-23 18:41 . 2009-10-08 10:31 149456 ----a-w- c:\windows\SGDetectionTool.dll
2009-11-23 18:41 . 2009-10-08 10:31 165840 ----a-w- c:\windows\PCTBDRes.dll
2009-11-23 18:41 . 2009-10-08 10:31 1636304 ----a-w- c:\windows\PCTBDCore.dll
2009-11-23 18:41 . 2009-10-08 10:31 767952 ----a-w- c:\windows\BDTSupport.dll
2009-11-23 18:41 . 2009-10-02 13:19 1152470 ----a-w- c:\windows\UDB.zip
2009-11-23 18:41 . 2008-11-26 11:08 131 ----a-w- c:\windows\IDB.zip
2009-11-23 18:39 . 2009-09-24 07:55 229304 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-11-23 18:39 . 2009-10-06 15:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-11-23 18:39 . 2009-09-23 15:10 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-11-23 18:39 . 2009-09-03 08:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-11-23 18:39 . 2009-11-23 18:41 -------- d-----w- c:\programmi\File comuni\PC Tools
2009-11-23 18:39 . 2009-11-25 20:49 -------- d-----w- c:\programmi\Spyware Doctor
2009-11-23 18:39 . 2009-11-23 18:39 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\PC Tools
2009-11-23 18:39 . 2009-11-23 18:39 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PC Tools
2009-11-23 18:39 . 2009-11-25 20:48 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-11-23 00:41 . 2009-11-24 23:33 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\vlc
2009-11-19 15:19 . 2009-11-19 15:19 -------- d-----w- c:\programmi\Electronic Arts
2009-11-18 17:22 . 2009-11-18 18:57 -------- d-----w- c:\windows\SxsCaPendDel
2009-11-18 16:59 . 2009-11-18 16:59 -------- d-----w- c:\documents and settings\Robert\Impostazioni locali\Dati applicazioni\Monte Cristo
2009-11-18 16:51 . 2009-11-18 16:51 -------- d-----w- c:\programmi\Monte Cristo
2009-11-17 19:14 . 2009-11-17 19:14 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\Convivea
2009-11-17 19:14 . 2009-04-10 17:40 118784 ----a-w- c:\documents and settings\Robert\Dati applicazioni\Convivea\Bit_Che\scripts\x.exe
2009-11-17 19:14 . 2008-03-28 09:07 20992 ----a-w- c:\documents and settings\Robert\Dati applicazioni\Convivea\Bit_Che\languages\compare.exe
2009-11-17 19:14 . 2008-03-28 09:02 60928 ----a-w- c:\documents and settings\Robert\Dati applicazioni\Convivea\Bit_Che\scripts\update.exe
2009-11-17 19:14 . 2003-08-19 04:06 80896 ----a-w- c:\documents and settings\Robert\Dati applicazioni\Convivea\Bit_Che\scripts\x.dll
2009-11-17 19:14 . 2009-11-17 19:14 -------- d-----w- c:\programmi\Bit Che
2009-11-13 14:44 . 2009-11-13 14:44 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\TeamViewer
2009-11-13 14:44 . 2009-11-13 14:44 -------- d-----w- c:\documents and settings\Robert\temp
2009-11-13 14:34 . 2009-11-13 14:49 -------- d-----w- C:\Documents
2009-11-13 13:09 . 2009-11-25 20:46 -------- d-----w- c:\programmi\Steam
2009-11-13 13:09 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-11-13 13:09 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-11-13 13:09 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-11-13 13:09 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-11-13 13:09 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-11-13 13:09 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-11-13 13:09 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-11-12 22:35 . 2009-11-19 23:40 -------- d-----w- C:\Downloads
2009-11-12 22:30 . 2009-11-25 20:42 -------- d-----w- c:\programmi\FlashGet
2009-11-09 21:48 . 2009-11-09 21:48 -------- d-----w- c:\programmi\EA Sports
2009-11-06 13:25 . 2009-11-06 13:25 -------- d-----w- c:\programmi\CAPCOM
2009-10-30 10:06 . 2009-10-30 10:06 -------- d-----w- c:\documents and settings\Robert\Impostazioni locali\Dati applicazioni\Risen
2009-10-30 10:05 . 2009-10-30 10:05 -------- d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2009-10-30 10:00 . 2009-10-30 10:00 -------- d-----w- c:\programmi\Deep Silver
2009-10-30 09:34 . 2009-10-30 09:34 73837 ----a-w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream\uninstall.exe
2009-10-30 09:34 . 2009-10-30 09:34 74688 ----a-w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream\NetscapePlugin1.0.2.9\RegisterVSNP.exe
2009-10-30 09:34 . 2009-10-30 09:34 62400 ----a-w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream\RegisterVSAX.exe
2009-10-30 09:34 . 2009-10-30 09:34 293312 ----a-w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream\VuzeATL1.0.2.0.dll
2009-10-30 09:34 . 2009-10-30 09:34 176608 ----a-w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream\UpdateLauncher.exe
2009-10-30 09:34 . 2009-10-30 09:34 170432 ----a-w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream\NetscapePlugin1.0.2.9\npVuzeStream.dll
2009-10-30 09:34 . 2009-10-30 09:34 174560 ----a-w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream\VuzeStream.exe
2009-10-30 09:34 . 2009-10-30 09:34 -------- d-----w- c:\programmi\Microsoft Silverlight
2009-10-30 09:34 . 2009-10-30 09:44 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream
2009-10-30 09:28 . 2009-10-30 09:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Azureus
2009-10-30 09:27 . 2009-11-12 13:41 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\Azureus
2009-10-30 09:27 . 2009-10-30 09:27 -------- d-----w- c:\programmi\Vuze
2009-10-29 23:35 . 2009-11-12 21:59 -------- d-----w- c:\programmi\JDownloader
2009-10-29 23:34 . 2009-10-29 23:34 -------- d-----w- c:\windows\Sun
2009-10-29 09:55 . 2009-10-29 09:55 -------- d-----w- c:\programmi\KONAMI
2009-10-29 09:55 . 2009-10-29 09:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\KONAMI

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-25 20:46 . 2001-08-31 12:00 79292 ----a-w- c:\windows\system32\perfc010.dat
2009-11-25 20:46 . 2001-08-31 12:00 478808 ----a-w- c:\windows\system32\perfh010.dat
2009-11-25 19:49 . 2009-09-25 13:55 50496 ----a-w- c:\documents and settings\Robert\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-11-25 11:19 . 2009-09-25 14:52 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NOS
2009-11-19 14:44 . 2009-09-29 22:48 138064 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-19 14:43 . 2009-09-29 22:48 189184 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-11-13 19:11 . 2009-10-19 00:25 859304 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2009-11-13 15:00 . 2009-09-29 22:33 -------- d-----w- c:\programmi\Activision
2009-10-30 10:05 . 2009-09-25 14:11 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2009-10-30 10:00 . 2009-09-25 13:43 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-10-28 14:02 . 2009-09-25 23:34 -------- d-----w- c:\programmi\File comuni\Adobe
2009-10-21 14:26 . 2009-10-21 14:26 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\FUEL
2009-10-21 14:22 . 2009-10-21 14:21 -------- d-----w- c:\programmi\Microsoft Games for Windows - LIVE
2009-10-21 14:18 . 2009-10-21 14:18 -------- d-----w- c:\programmi\Codemasters
2009-10-20 13:04 . 2009-10-20 12:53 -------- d-----w- c:\programmi\EasySearch
2009-10-20 12:43 . 2009-10-20 12:42 -------- d-----w- c:\programmi\Windows Live Safety Center
2009-10-20 10:43 . 2009-10-20 10:43 -------- d-----w- c:\programmi\Microsoft.NET
2009-10-19 18:12 . 2006-06-22 20:43 360320 ----a-w- c:\windows\system32\drivers\TCPIP.SYS
2009-10-19 18:12 . 2009-10-19 18:12 360320 ----a-w- c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
2009-10-18 23:20 . 2009-10-18 23:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DriverScanner
2009-10-18 23:19 . 2009-10-18 23:19 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-10-18 23:19 . 2009-10-18 22:53 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\Uniblue
2009-10-18 23:19 . 2009-10-18 22:53 -------- d-----w- c:\programmi\Uniblue
2009-10-18 23:13 . 2009-10-18 23:13 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
2009-10-15 09:48 . 2009-10-15 09:48 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\Ubisoft
2009-10-15 09:41 . 2009-10-15 09:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Tages
2009-10-15 09:36 . 2009-10-15 09:36 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-10-15 09:36 . 2009-10-15 09:36 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-10-15 09:31 . 2009-10-15 09:31 -------- d-----w- c:\programmi\Ubisoft
2009-10-14 16:22 . 2009-10-14 16:22 -------- d-----w- c:\programmi\Smart Projects
2009-10-08 16:01 . 2009-10-08 16:01 -------- d-----w- c:\programmi\File comuni\NewSoft
2009-10-08 16:01 . 2009-10-08 16:01 -------- d-----w- c:\programmi\NewSoft
2009-10-08 15:58 . 2009-10-08 15:58 -------- d-----w- c:\programmi\Dexxon
2009-10-08 15:49 . 2009-10-08 15:49 -------- d-----w- c:\programmi\MSBuild
2009-10-08 15:49 . 2009-10-08 15:49 -------- d-----w- c:\programmi\Reference Assemblies
2009-10-08 15:47 . 2009-10-08 15:47 -------- d-----w- c:\programmi\MSXML 6.0
2009-10-06 21:15 . 2009-10-06 21:15 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PC Drivers HeadQuarters
2009-10-01 12:25 . 2009-10-01 12:25 -------- d-----w- c:\programmi\VideoLAN
2009-09-30 18:40 . 2009-09-25 13:25 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-09-30 18:34 . 2009-09-30 18:34 -------- d-----w- c:\programmi\TVAnts
2009-09-30 12:52 . 2009-09-25 16:21 -------- d-----w- c:\programmi\Windows Media Connect 2
2009-09-30 12:44 . 2009-09-29 22:48 139152 ----a-w- c:\documents and settings\Robert\Dati applicazioni\PnkBstrK.sys
2009-09-30 12:44 . 2009-09-29 22:48 139152 ----a-w- c:\documents and settings\Robert\Dati applicazioni\PnkBstrK.sys
2009-09-30 12:44 . 2009-09-29 22:48 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-09-30 12:44 . 2009-09-30 12:44 794408 ----a-w- c:\windows\system32\pbsvc[1].exe
2009-09-30 12:21 . 2009-09-30 12:21 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01001.Wdf
2009-09-30 12:21 . 2009-09-30 12:21 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01001_Coinstaller_Critical.Wdf
2009-09-30 12:20 . 2009-09-30 12:20 -------- d-----w- c:\programmi\Microsoft Xbox 360 Accessories
2009-09-30 10:54 . 2009-09-30 10:54 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\Leadertech
2009-09-29 22:48 . 2009-09-29 22:48 682280 ----a-w- c:\windows\system32\pbsvc.exe
2009-09-28 11:40 . 2009-09-28 11:40 -------- d-----w- c:\programmi\eMule
2009-09-28 09:31 . 2009-10-18 23:13 2838456 -c--a-w- c:\documents and settings\All Users\Dati applicazioni\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\speedupmypc2009.exe
2009-09-26 14:32 . 2009-09-26 14:32 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-09-26 12:34 . 2009-09-26 12:34 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-09-25 16:39 . 2009-09-25 16:39 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-25 16:39 . 2009-09-25 16:39 152576 ----a-w- c:\documents and settings\Robert\Dati applicazioni\Sun\Java\jre1.6.0_16\lzma.dll
2009-09-25 15:16 . 2009-09-25 15:16 10134 ----a-r- c:\documents and settings\Robert\Dati applicazioni\Microsoft\Installer\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}\ARPPRODUCTICON.exe
2009-09-25 14:50 . 2009-09-25 14:50 1961720 ----a-w- c:\documents and settings\Robert\Dati applicazioni\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-09-25 13:43 . 2009-09-25 13:43 315392 ----a-w- c:\windows\HideWin.exe
2009-09-25 13:22 . 2009-09-25 13:22 21840 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-04 16:44 . 2009-10-15 09:36 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
.

------- Sigcheck -------

[-] 2009-10-19 . 3C966F647BAB332093CB0F92692B5CB8 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\TCPIP.SYS
[-] 2009-10-19 . 3C966F647BAB332093CB0F92692B5CB8 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\TCPIP.SYS
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\073a8e9684d59d4923c2eb2e44aa36af\tcpip.sys
[7] 2006-06-22 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
[7] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[7] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-25 39408]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Creative WebCam Tray"="c:\programmi\Creative\Shared Files\CamTray.exe" [2005-10-27 299008]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208]
"DAEMON Tools Lite"="c:\programmi\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"Steam"="c:\programmi\Steam\Steam.exe" [2009-11-13 1217808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Quick Search Box"="c:\programmi\Google\Quick Search Box\GoogleQuickSearchBox.exe " [X]
"XboxStat"="c:\programmi\Microsoft Xbox 360 Accessories\XboxStat.exe silentrun" [X]
"nwiz"="c:\programmi\NVIDIA Corporation\nView\nwiz.exe" [2009-08-12 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-09-25 149280]
"ChangeFilterMerit"="c:\programmi\NewSoft\Presto! PVR\ChangeFilterMerit.exe" [2007-06-08 51280]
"Presto! PVR Monitor"="c:\programmi\NewSoft\Presto! PVR\Monitor.exe" [2009-01-15 157520]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"ISTray"="c:\programmi\Spyware Doctor\pctsTray.exe" [2009-09-22 1243088]
"Malwarebytes Anti-Malware (reboot)"="c:\programmi\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-03-21 16126464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\Robert\Menu Avvio\Programmi\Esecuzione automatica\
Utilit… controllo supporti di Picture Motion Browser.lnk - c:\programmi\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-9-25 390432]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Programmi\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Programmi\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Programmi\\TVAnts\\Tvants.exe"=
"c:\\Programmi\\Ubisoft\\Related Designs\\ANNO 1404\\Anno4.exe"=
"c:\\Programmi\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Anno4Web.exe"=
"c:\\Programmi\\Codemasters\\FUEL\\FUEL.exe"=
"c:\\Documents and Settings\\Robert\\Desktop\\pes2010.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Programmi\\Vuze\\Azureus.exe"=
"c:\\Documents and Settings\\Robert\\Dati applicazioni\\VuzeStream\\VuzeStream.exe"=
"c:\\Programmi\\CAPCOM\\RESIDENT EVIL 5\\RE5DX9.EXE"=
"c:\\Programmi\\CAPCOM\\RESIDENT EVIL 5\\RE5DX10.EXE"=
"c:\\Programmi\\FlashGet\\flashget.exe"=
"c:\\Documents and Settings\\Robert\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [23/11/2009 19.39.29 207280]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\programmi\Spyware Doctor\BDT\BDTUpdateService.exe [23/11/2009 19.41.00 112592]
R2 sdAuxService;PC Tools Auxiliary Service;c:\programmi\Spyware Doctor\pctsAuxs.exe [23/11/2009 19.39.15 358600]
R3 V0260VID;Live! Cam Vista IM;c:\windows\system32\drivers\V0260Vid.sys [25/09/2009 16.49.00 178913]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26/09/2009 13.34.37 721904]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [25/09/2009 23.48.57 133104]

--- Altri Servizi/Drivers In Memoria ---

*Deregistered* - PCTSDInjDriver32
.
Contenuto della cartella 'Scheduled Tasks'

2009-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-09-25 22:48]

2009-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-09-25 22:48]

2009-11-25 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-09-27 20:18]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.europowersearch.com/Search.html?SelectedSearchLang=IT
uInternet Settings,ProxyOverride = local
IE: &Scarica con FlashGet - c:\programmi\FlashGet\jc_link.htm
IE: &Scarica tutto con FlashGet - c:\programmi\FlashGet\jc_all.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-NWEReboot - (no file)
AddRemove-NVIDIA Drivers - c:\windows\system32\nvuninst.exe UninstallGUI
AddRemove-Uniblue DriverScanner 2009 - c:\documents and settings\All Users\Dati applicazioni\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe REMOVE=TRUE MODIFY=FALSE
AddRemove-Uniblue SpeedUpMyPC 2009 - c:\documents and settings\All Users\Dati applicazioni\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\speedupmypc2009.exe REMOVE=TRUE MODIFY=FALSE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-25 21:52
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2009-11-25 21:53
ComboFix-quarantined-files.txt 2009-11-25 20:53

Pre-Run: 301.690.707.968 byte disponibili
Post-Run: 301.682.933.760 byte disponibili

- - End Of File - - CF0A04A061FF40A09D5658CDAB4944C8