Ciao a tutti....da un pò il pc fa fatica spegnersi,su internet vengo reindirizzato a siti pubblicitari e avast mi segnala ad ogni pagina l'apertura di un sito che si chiama virus etc..nel pc anche senza internet mi da problemi con i setup e a volte non mi fa scaricare i file da internet...ecco il log
ringrazio chi mi potrà aiutare....

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21.32.39, on 22/01/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17093)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Andre\Dati applicazioni\dwm.exe
C:\Documents and Settings\Andre\Dati applicazioni\Microsoft\conhost.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Samsung\Samsung EDS\EDSAgent.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmi\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Samsung\Easy Display Manager\dmhkcore.exe
C:\Programmi\HiYo\bin\HiYo.exe
C:\Programmi\SAMSUNG\MagicKBD\MagicKBD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\SAMSUNG\MagicKBD\PerformanceManager.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Programmi\Microsoft Application Virtualization Client\sftvsa.exe
C:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Microsoft Application Virtualization Client\sftlist.exe
C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Programmi\File comuni\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\Programmi\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:53455
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Messenger Plus Live Italy Toolbar - {08d495ab-a86c-47b0-82ef-da87bf92f730} - C:\Programmi\Messenger_Plus_Live_Italy\tbMess.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Messenger Plus Live Italy Toolbar - {08d495ab-a86c-47b0-82ef-da87bf92f730} - C:\Programmi\Messenger_Plus_Live_Italy\tbMess.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Programmi\SGPSA\SearchAssistant.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Programmi\SGPSA\BHO.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programmi\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Programmi\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: Messenger Plus Live Italy Toolbar - {08d495ab-a86c-47b0-82ef-da87bf92f730} - C:\Programmi\Messenger_Plus_Live_Italy\tbMess.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EDS] C:\Programmi\Samsung\Samsung EDS\EDSAgent.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DMHotKey] C:\Programmi\Samsung\Easy Display Manager\DMLoader.exe
O4 - HKLM\..\Run: [BatteryManager] C:\Programmi\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Programmi\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [MobileConnect] C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Hiyo] C:\Programmi\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [conhost] C:\Documents and Settings\Andre\Dati applicazioni\Microsoft\conhost.exe
O4 - HKLM\..\Run: [COM+ System Application] C:\DOCUME~1\Andre\IMPOST~1\Temp\csrss.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a Bluetooth - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/uno1/GAME_UNO1.cab
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD24846A-6CCD-4B49-9AE3-76B21FCD440A}: NameServer = 83.224.66.138 83.224.70.94
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Programmi\Samsung\Samsung Update Plus\SLUBackgroundService.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--
End of file - 11360 bytes

Non ci si deve meravigliare, se il pc è infettato fino alle orecchie, se si è senza antivirus.
Perchè avere un antivirus obsoleto, è come non averlo.

Elimina questa voce di HJT:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:53455
POI:
Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.aiutamici.com/software?id=80346
Prima di fare la scansione AGGIORNALO. (è molto importante)
Esegui una scansione completa del sistema.
Elimina gli eventuali file infetti trovati.
Posta il log.

Non direi.....
Mi manca totalmente il log di Malwarebytes.
O devo comperarmi un paio di occhiali?

Aggiungo che dopo la scansione con malware byte penso di aver risolto i problemi internet,però nel pc mi da dei problemi a installare ad esempio l'aggiornamento di avast o altri EXE dicendomi che non sono riconosciuti da Win 32...

LOG di cCombofix

ComboFix 11-01-22.03 - Andre 23/01/2011 13.52.53.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1014.430 [GMT 1:00]
Eseguito da: c:\documents and settings\Andre\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 110123-0] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Microsoft
c:\documents and settings\All Users\Microsoft\OfficeSoftwareProtectionPlatform\Cache\cache.dat
c:\documents and settings\All Users\Microsoft\OfficeSoftwareProtectionPlatform\tokens.dat
C:\mtwb.dat
c:\programmi\Fast Browser Search
c:\programmi\Fast Browser Search\IE\1.bat
c:\programmi\Fast Browser Search\IE\about.html
c:\programmi\Fast Browser Search\IE\affid.dat
c:\programmi\Fast Browser Search\IE\basis.xml
c:\programmi\Fast Browser Search\IE\basis_br.xml
c:\programmi\Fast Browser Search\IE\basis_de.xml
c:\programmi\Fast Browser Search\IE\basis_en.xml
c:\programmi\Fast Browser Search\IE\basis_es.xml
c:\programmi\Fast Browser Search\IE\basis_fr.xml
c:\programmi\Fast Browser Search\IE\basis_it.xml
c:\programmi\Fast Browser Search\IE\basis_nr.xml
c:\programmi\Fast Browser Search\IE\basis_pt.xml
c:\programmi\Fast Browser Search\IE\basis_ru.xml
c:\programmi\Fast Browser Search\IE\basis_tr.xml
c:\programmi\Fast Browser Search\IE\BHO.dll
c:\programmi\Fast Browser Search\IE\ClearRecycleBin.exe
c:\programmi\Fast Browser Search\IE\error.html
c:\programmi\Fast Browser Search\IE\FBSPlugin.dll
c:\programmi\Fast Browser Search\IE\fbsProtection.xml
c:\programmi\Fast Browser Search\IE\FbsSearchProvider.xml
c:\programmi\Fast Browser Search\IE\FbsSearchProviderIE8.exe
c:\programmi\Fast Browser Search\IE\FBStoolbar.dll
c:\programmi\Fast Browser Search\IE\fbstoolbar.jar
c:\programmi\Fast Browser Search\IE\fbstoolbar.manifest
c:\programmi\Fast Browser Search\IE\icons.bmp
c:\programmi\Fast Browser Search\IE\info.txt
c:\programmi\Fast Browser Search\IE\local.xml
c:\programmi\Fast Browser Search\IE\logobg.bmp
c:\programmi\Fast Browser Search\IE\search_es.bmp
c:\programmi\Fast Browser Search\IE\search_fr.bmp
c:\programmi\Fast Browser Search\IE\search_it.bmp
c:\programmi\Fast Browser Search\IE\search_pt.bmp
c:\programmi\Fast Browser Search\IE\search_ru.bmp
c:\programmi\Fast Browser Search\IE\SearchAssistant.dll
c:\programmi\Fast Browser Search\IE\SearchGuardPlus.ico
c:\programmi\Fast Browser Search\IE\SGPU.ico
c:\programmi\Fast Browser Search\IE\sgpUpdater.exe
c:\programmi\Fast Browser Search\IE\sgpUpdater.xml
c:\programmi\Fast Browser Search\IE\SGPUpdaterS.exe
c:\programmi\Fast Browser Search\IE\tbhelper.dll
c:\programmi\Fast Browser Search\IE\tbs_include_script_003175.js
c:\programmi\Fast Browser Search\IE\tbs_include_script_005064.js
c:\programmi\Fast Browser Search\IE\tbs_include_script_012817.js
c:\programmi\Fast Browser Search\IE\Toolbar Help.htm
c:\programmi\Fast Browser Search\IE\ToolBarBHO.dll
c:\programmi\Fast Browser Search\IE\uninstall.exe
c:\programmi\Fast Browser Search\IE\uninstalSGP.exe
c:\programmi\Fast Browser Search\IE\uninstalSGPU.exe
c:\programmi\Fast Browser Search\IE\version.txt
c:\programmi\Search Guard Plus
c:\programmi\Search Guard Plus\fbsProtection.xml
c:\programmi\Search Guard Plus\fbsSearchProvider.xml
c:\programmi\Search Guard Plus\FbsSearchProviderIE8.exe
c:\programmi\Search Guard Plus\SearchGuardPlus.ico
c:\programmi\Search Guard Plus\uninstalSGP.exe
c:\programmi\Search Guard PlusU
c:\programmi\Search Guard PlusU\SGPU.ico
c:\programmi\Search Guard PlusU\sgpUpdater.exe
c:\programmi\Search Guard PlusU\sgpUpdater.xml
c:\programmi\Search Guard PlusU\sgpUpdaters.exe
c:\programmi\Search Guard PlusU\uninstalSGPU.exe
c:\programmi\SGPSA
c:\programmi\SGPSA\BHO.dll
c:\programmi\SGPSA\SearchAssistant.dll

.
((((((((((((((((((((((((( Files Creati Da 2010-12-23 al 2011-01-23 )))))))))))))))))))))))))))))))))))
.

2011-01-22 20:39 . 2011-01-22 20:39 -------- d-----w- c:\documents and settings\Andre\Dati applicazioni\Malwarebytes
2011-01-22 20:39 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-22 20:39 . 2011-01-22 20:39 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2011-01-22 20:39 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-22 20:39 . 2011-01-22 20:39 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2011-01-21 13:28 . 2011-01-21 13:28 84897128 ----a-w- c:\programmi\File comuni\Windows Live\.cache\wlc9.tmp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:12 . 2009-02-12 15:05 86016 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:51 . 2009-02-12 22:48 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:28 . 2009-02-12 22:48 832512 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:28 . 2009-02-12 22:48 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:28 . 2009-02-12 22:48 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:28 . 2009-02-12 22:48 17408 ----a-w- c:\windows\system32\corpol.dll
2010-11-03 12:25 . 2009-02-12 22:48 389120 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2009-02-12 22:48 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2009-02-12 22:48 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 14:05 . 2009-02-12 22:48 1853312 ----a-w- c:\windows\system32\win32k.sys
2009-07-14 00:16 . 2009-07-14 00:16 1044480 ----a-w- c:\programmi\mozilla firefox\plugins\libdivx.dll
2009-07-14 00:16 . 2009-07-14 00:16 200704 ----a-w- c:\programmi\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{08d495ab-a86c-47b0-82ef-da87bf92f730}"= "c:\programmi\Messenger_Plus_Live_Italy\tbMess.dll" [2010-04-15 2515552]

[HKEY_CLASSES_ROOT\clsid\{08d495ab-a86c-47b0-82ef-da87bf92f730}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{08d495ab-a86c-47b0-82ef-da87bf92f730}]
2010-04-15 10:33 2515552 ----a-w- c:\programmi\Messenger_Plus_Live_Italy\tbMess.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{08d495ab-a86c-47b0-82ef-da87bf92f730}"= "c:\programmi\Messenger_Plus_Live_Italy\tbMess.dll" [2010-04-15 2515552]

[HKEY_CLASSES_ROOT\clsid\{08d495ab-a86c-47b0-82ef-da87bf92f730}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{08D495AB-A86C-47B0-82EF-DA87BF92F730}"= "c:\programmi\Messenger_Plus_Live_Italy\tbMess.dll" [2010-04-15 2515552]

[HKEY_CLASSES_ROOT\clsid\{08d495ab-a86c-47b0-82ef-da87bf92f730}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\programmi\Windows Live\Messenger\MsnMsgr.Exe" [2010-04-16 3872080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-01 149280]
"RTHDCPL"="RTHDCPL.EXE" [2008-08-26 16851456]
"EDS"="c:\programmi\Samsung\Samsung EDS\EDSAgent.exe" [2007-12-20 659456]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2008-08-28 1044480]
"DMHotKey"="c:\programmi\Samsung\Easy Display Manager\DMLoader.exe" [2006-12-27 466944]
"BatteryManager"="c:\programmi\Samsung\Samsung Battery Manager\BatteryManager.exe" [2008-10-20 2768896]
"MagicKeyboard"="c:\programmi\SAMSUNG\MagicKBD\PreMKBD.exe" [2006-05-14 151552]
"MobileConnect"="c:\programmi\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2008-11-04 2087424]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2009-05-26 413696]
"Hiyo"="c:\programmi\HiYo\bin\HiYo.exe" [2009-10-25 206192]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
BTTray.lnk - c:\programmi\WIDCOMM\Bluetooth Software\BTTray.exe [2008-9-17 580200]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [05/09/2009 19.52.26 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [05/09/2009 19.52.27 20560]
R2 cvhsvc;Client Virtualization Handler;c:\programmi\File comuni\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [28/02/2010 1.33.14 821664]
R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [12/02/2009 16.11.19 4300]
R2 sftlist;Application Virtualization Client;c:\programmi\Microsoft Application Virtualization Client\sftlist.exe [24/04/2010 0.10.44 483688]
R2 VMCService;Vodafone Mobile Connect Service;c:\programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [04/11/2008 4.39.18 14336]
R3 DNSeFilter;DNSeFilter;c:\windows\system32\drivers\SamsungEDS.SYS [14/01/2008 19.01.02 30208]
R3 hspabus;SAMSUNG HSPA USB Composite Device driver (WDM);c:\windows\system32\drivers\hspabus.sys [21/05/2009 12.47.50 91776]
R3 hspamdfl;SAMSUNG HSPA Modem Filter;c:\windows\system32\drivers\hspamdfl.sys [21/05/2009 12.47.53 14976]
R3 hspamdm;SAMSUNG HSPA Modem Drivers;c:\windows\system32\drivers\hspamdm.sys [21/05/2009 12.47.53 119808]
R3 hspaserd;SAMSUNG HSPA Modem Diagnostic Serial Port (WDM);c:\windows\system32\drivers\hspaserd.sys [21/05/2009 12.47.57 98560]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfsxp.sys [02/12/2009 21.23.46 554344]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplayxp.sys [02/12/2009 21.23.50 211432]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [02/12/2009 21.23.52 20584]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvolxp.sys [02/12/2009 21.23.52 18280]
R3 sftvsa;Application Virtualization Service Agent;c:\programmi\Microsoft Application Virtualization Client\sftvsa.exe [24/04/2010 0.10.54 209768]
R3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\drivers\VMC326.sys [12/02/2009 16.14.56 238464]
S2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32mpcoinst,serviceStartProc --> RUNDLL32.EXE ykx32mpcoinst,serviceStartProc [?]
S3 mos24ser;High-Speed USB MultiSerial Device Service;c:\windows\system32\drivers\mos24ser.sys [17/03/2010 17.39.47 570112]
S3 osppsvc;Office Software Protection Platform;c:\programmi\File comuni\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09/01/2010 20.37.50 4640000]
S3 SUEPD;SUE NDIS Protocol Driver;c:\windows\system32\drivers\SUE_PD.sys [01/08/2006 15.57.24 19840]
.
Contenuto della cartella 'Scheduled Tasks'

2010-12-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Scansione supplementare -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Invia a Bluetooth - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Invia a periferica &Bluetooth... - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
FF - ProfilePath - c:\documents and settings\Andre\Dati applicazioni\Mozilla\Firefox\Profiles\gwoo7hnq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
FF - prefs.js: browser.search.selectedEngine - Fast Browser Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it
FF - prefs.js: keyword.URL - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={A6477AFC-6DC5-9FCD-7A1B-BE9B28754CC2}&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 53455
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programmi\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programmi\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Noia 2.0 (eXtreme): {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} - %profile%\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Fast Browser Search (My Tattoons): {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB} - %profile%\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
FF - Ext: Noia 2.0 eXtreme OPT: noia2_option@kk.noia - %profile%\extensions\noia2_option@kk.noia
FF - Ext: Messenger Plus Live Italy Toolbar: {08d495ab-a86c-47b0-82ef-da87bf92f730} - %profile%\extensions\{08d495ab-a86c-47b0-82ef-da87bf92f730}
FF - user.js: yahoo.homepage.dontask - true
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-23 13:58
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2011-01-23 14:00:34
ComboFix-quarantined-files.txt 2011-01-23 13:00

Pre-Run: 59.739.430.912 byte disponibili
Post-Run: 59.745.320.960 byte disponibili

- - End Of File - - E4B34B22D4D73DA4A3DD7601A43C835A

Grazie r-16 per l'aiuto!!

ecco il log di Avira..




Avira AntiVir Personal
Data del file di report: domenica 23 gennaio 2011 16:15

Ricerca di 2413583 virus e programmi indesiderati.

Il programma funziona come versione completa e illimitata.
I servizi online sono disponibili.

Concesso in licenza a : Avira AntiVir Personal - FREE Antivirus
Numero di serie : 0000149996-ADJIE-0000001
Piattaforma : Windows XP
Versione di Windows : (Service Pack 3) [5.1.2600]
Modalità di avvio : Booting eseguito regolarmente
Nome utente : SYSTEM
Nome computer : NOME-FD7AA3C136

Informazioni sulla versione:
BUILD.DAT : 10.0.0.55 31823 Bytes 07/12/2010 15:16:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 06/12/2010 07:48:24
AVSCAN.DLL : 10.0.3.0 54120 Bytes 06/12/2010 07:48:48
LUKE.DLL : 10.0.3.2 104296 Bytes 06/12/2010 07:48:35
LUKERES.DLL : 10.0.0.0 13160 Bytes 16/02/2010 08:15:20
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 08:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 15:11:56
VBASE002.VDF : 7.11.0.1 2048 Bytes 14/12/2010 15:11:56
VBASE003.VDF : 7.11.0.2 2048 Bytes 14/12/2010 15:11:56
VBASE004.VDF : 7.11.0.3 2048 Bytes 14/12/2010 15:11:56
VBASE005.VDF : 7.11.0.4 2048 Bytes 14/12/2010 15:11:56
VBASE006.VDF : 7.11.0.5 2048 Bytes 14/12/2010 15:11:56
VBASE007.VDF : 7.11.0.6 2048 Bytes 14/12/2010 15:11:56
VBASE008.VDF : 7.11.0.7 2048 Bytes 14/12/2010 15:11:56
VBASE009.VDF : 7.11.0.8 2048 Bytes 14/12/2010 15:11:57
VBASE010.VDF : 7.11.0.9 2048 Bytes 14/12/2010 15:11:57
VBASE011.VDF : 7.11.0.10 2048 Bytes 14/12/2010 15:11:57
VBASE012.VDF : 7.11.0.11 2048 Bytes 14/12/2010 15:11:57
VBASE013.VDF : 7.11.0.52 128000 Bytes 16/12/2010 15:11:57
VBASE014.VDF : 7.11.0.91 226816 Bytes 20/12/2010 15:11:58
VBASE015.VDF : 7.11.0.122 136192 Bytes 21/12/2010 15:11:58
VBASE016.VDF : 7.11.0.156 122880 Bytes 24/12/2010 15:11:59
VBASE017.VDF : 7.11.0.185 146944 Bytes 27/12/2010 15:11:59
VBASE018.VDF : 7.11.0.228 132608 Bytes 30/12/2010 15:11:59
VBASE019.VDF : 7.11.1.5 148480 Bytes 03/01/2011 15:12:00
VBASE020.VDF : 7.11.1.37 156672 Bytes 07/01/2011 15:12:00
VBASE021.VDF : 7.11.1.65 140800 Bytes 10/01/2011 15:12:01
VBASE022.VDF : 7.11.1.87 225280 Bytes 11/01/2011 15:12:01
VBASE023.VDF : 7.11.1.124 125440 Bytes 14/01/2011 15:12:02
VBASE024.VDF : 7.11.1.155 132096 Bytes 17/01/2011 15:12:02
VBASE025.VDF : 7.11.1.189 451072 Bytes 20/01/2011 15:12:03
VBASE026.VDF : 7.11.1.190 2048 Bytes 20/01/2011 15:12:03
VBASE027.VDF : 7.11.1.191 2048 Bytes 20/01/2011 15:12:03
VBASE028.VDF : 7.11.1.192 2048 Bytes 20/01/2011 15:12:03
VBASE029.VDF : 7.11.1.193 2048 Bytes 20/01/2011 15:12:03
VBASE030.VDF : 7.11.1.194 2048 Bytes 20/01/2011 15:12:03
VBASE031.VDF : 7.11.1.216 59392 Bytes 21/01/2011 15:12:04
Motore : 8.2.4.150
AEVDF.DLL : 8.1.2.1 106868 Bytes 06/12/2010 07:48:21
AESCRIPT.DLL : 8.1.3.52 1282426 Bytes 23/01/2011 15:12:13
AESCN.DLL : 8.1.7.2 127349 Bytes 06/12/2010 07:48:19
AESBX.DLL : 8.1.3.2 254324 Bytes 06/12/2010 07:48:19
AERDL.DLL : 8.1.9.2 635252 Bytes 06/12/2010 07:48:19
AEPACK.DLL : 8.2.4.8 512374 Bytes 23/01/2011 15:12:12
AEOFFICE.DLL : 8.1.1.15 205178 Bytes 23/01/2011 15:12:11
AEHEUR.DLL : 8.1.2.68 3178870 Bytes 23/01/2011 15:12:10
AEHELP.DLL : 8.1.16.0 246136 Bytes 03/12/2010 16:43:36
AEGEN.DLL : 8.1.5.2 397683 Bytes 23/01/2011 15:12:05
AEEMU.DLL : 8.1.3.0 393589 Bytes 06/12/2010 07:48:10
AECORE.DLL : 8.1.19.2 196983 Bytes 23/01/2011 15:12:04
AEBB.DLL : 8.1.1.0 53618 Bytes 06/12/2010 07:48:09
AVWINLL.DLL : 10.0.0.0 19304 Bytes 06/12/2010 07:48:25
AVPREF.DLL : 10.0.0.0 44904 Bytes 06/12/2010 07:48:24
AVREP.DLL : 10.0.0.8 62209 Bytes 17/06/2010 13:28:11
AVREG.DLL : 10.0.3.2 53096 Bytes 06/12/2010 07:48:24
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 06/12/2010 07:48:24
AVARKT.DLL : 10.0.22.6 231784 Bytes 06/12/2010 07:48:21
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 06/12/2010 07:48:23
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 13:28:20
AVSMTP.DLL : 10.0.0.17 63848 Bytes 06/12/2010 07:48:25
NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 13:28:20
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 12/02/2010 12:11:56
RCTEXT.DLL : 10.0.58.0 98664 Bytes 06/12/2010 07:48:49

Impostazioni di configurazione per la scansione attuale:
Nome del job................................: Scansione completa del sistema
File di configurazione......................: C:\Programmi\Avira\AntiVir Desktop\sysscan.avp
Report......................................: basso
Azione primaria.............................: interattivo
Azione secondaria...........................: ignora
Scansione dei record master di avvio........: Attivo
Scansiona record di avvio...................: Attivo
Record di avvio.............................: C:, D:, Q:,
Scansione dei programmi attivi..............: Attivo
Processo esteso di scansione................: Attivo
Scansiona la registrazione..................: Attivo
Cerca Rootkits..............................: Attivo
Controllo di integrità dei file di sistema..: Non attivo
Modalità di scansione file..................: Tutti i file
Scansione degli archivi.....................: Attivo
Limita la profondità di ricorsione..........: 20
Archivio estensioni Smart...................: Attivo
Macro euristico.............................: Attivo
File euristico..............................: medio

Avvio della scansione: domenica 23 gennaio 2011 16:15

È stata avviata la scansione per accertare la presenza di oggetti nascosti.
c:\programmi\hiyo\bin\hiyo.exe
c:\programmi\hiyo\bin\hiyo.exe
[NOTA] Il processo non è visibile.

La scansione dei processi in esecuzione verrà avviata:
Scansione processo 'rsmsink.exe' - '29' modulo(i) scansionato(i)
Scansione processo 'msdtc.exe' - '40' modulo(i) scansionato(i)
Scansione processo 'dllhost.exe' - '59' modulo(i) scansionato(i)
Scansione processo 'dllhost.exe' - '45' modulo(i) scansionato(i)
Scansione processo 'vssvc.exe' - '48' modulo(i) scansionato(i)
Scansione processo 'avscan.exe' - '67' modulo(i) scansionato(i)
Scansione processo 'avgnt.exe' - '51' modulo(i) scansionato(i)
Scansione processo 'sched.exe' - '53' modulo(i) scansionato(i)
Scansione processo 'avshadow.exe' - '26' modulo(i) scansionato(i)
Scansione processo 'avguard.exe' - '54' modulo(i) scansionato(i)
Scansione processo 'SLUTrayNotifier.exe' - '25' modulo(i) scansionato(i)
Scansione processo 'alg.exe' - '33' modulo(i) scansionato(i)
Scansione processo 'igfxext.exe' - '21' modulo(i) scansionato(i)
Scansione processo 'wmiapsrv.exe' - '45' modulo(i) scansionato(i)
Scansione processo 'CVHSVC.EXE' - '61' modulo(i) scansionato(i)
Scansione processo 'wmiprvse.exe' - '47' modulo(i) scansionato(i)
Scansione processo 'VMCService.exe' - '60' modulo(i) scansionato(i)
Scansione processo 'MsnMsgr.Exe' - '129' modulo(i) scansionato(i)
Scansione processo 'sftlist.exe' - '59' modulo(i) scansionato(i)
Scansione processo 'RUNDLL32.EXE' - '35' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '41' modulo(i) scansionato(i)
Scansione processo 'sqlwriter.exe' - '28' modulo(i) scansionato(i)
Scansione processo 'sqlbrowser.exe' - '17' modulo(i) scansionato(i)
Scansione processo 'sftvsa.exe' - '20' modulo(i) scansionato(i)
Scansione processo 'BTSTAC~1.EXE' - '56' modulo(i) scansionato(i)
Scansione processo 'SeaPort.exe' - '44' modulo(i) scansionato(i)
Scansione processo 'BTTray.exe' - '50' modulo(i) scansionato(i)
Scansione processo 'PerformanceManager.exe' - '30' modulo(i) scansionato(i)
Scansione processo 'MagicKBD.exe' - '42' modulo(i) scansionato(i)
Scansione processo 'ctfmon.exe' - '25' modulo(i) scansionato(i)
Scansione processo 'jqs.exe' - '81' modulo(i) scansionato(i)
Scansione processo 'BcmSqlStartupSvc.exe' - '17' modulo(i) scansionato(i)
Scansione processo 'dmhkcore.exe' - '55' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '33' modulo(i) scansionato(i)
Scansione processo 'HiYo.exe' - '58' modulo(i) scansionato(i)
Scansione processo 'MobileConnect.exe' - '140' modulo(i) scansionato(i)
Scansione processo 'igfxsrvc.exe' - '23' modulo(i) scansionato(i)
Scansione processo 'BatteryManager.exe' - '26' modulo(i) scansionato(i)
Scansione processo 'SynTPEnh.exe' - '27' modulo(i) scansionato(i)
Scansione processo 'igfxpers.exe' - '23' modulo(i) scansionato(i)
Scansione processo 'hkcmd.exe' - '26' modulo(i) scansionato(i)
Scansione processo 'EDSAgent.exe' - '23' modulo(i) scansionato(i)
Scansione processo 'RTHDCPL.EXE' - '37' modulo(i) scansionato(i)
Scansione processo 'jusched.exe' - '20' modulo(i) scansionato(i)
Scansione processo 'Explorer.EXE' - '95' modulo(i) scansionato(i)
Scansione processo 'spoolsv.exe' - '59' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '37' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '32' modulo(i) scansionato(i)
Scansione processo 'btwdins.exe' - '22' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '167' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '38' modulo(i) scansionato(i)
Scansione processo 'svchost.exe' - '51' modulo(i) scansionato(i)
Scansione processo 'lsass.exe' - '58' modulo(i) scansionato(i)
Scansione processo 'services.exe' - '36' modulo(i) scansionato(i)
Scansione processo 'winlogon.exe' - '66' modulo(i) scansionato(i)
Scansione processo 'csrss.exe' - '12' modulo(i) scansionato(i)
Scansione processo 'smss.exe' - '2' modulo(i) scansionato(i)

Avvio della scansione dei record master di avvio:
Record master di avvio dell'Hard Disk 0
[INFO] Nessun virus è stato trovato!

Avvio della scansione dei record di avvio:
Record di avvio 'C:\'
[INFO] Nessun virus è stato trovato!
Record di avvio 'D:\'
[INFO] Nessun virus è stato trovato!
Record di avvio 'Q:\'
[INFO] Nessun virus è stato trovato!

Avvio della scansione dei file eseguibili (registro):
Il registro è stato scansionato ( 1672 file ).


Avvio della scansione del file selezionati:

Inizia con la scansione di 'C:\'
C:\Qoobox\Quarantine\C\Programmi\Fast Browser Search\IE\uninstall.exe.vir
[RILEVAMENTO] Si tratta del cavallo di Troia TR/Agent.178048
C:\System Volume Information\_restore{5BEDE7D2-B338-4B3E-A50C-88EAC6541728}\RP99\A0039799.exe
[RILEVAMENTO] Si tratta del cavallo di Troia TR/Dldr.Agent.riv
C:\System Volume Information\_restore{5BEDE7D2-B338-4B3E-A50C-88EAC6541728}\RP99\A0039804.exe
[RILEVAMENTO] Si tratta del cavallo di Troia TR/Trash.Gen
C:\System Volume Information\_restore{5BEDE7D2-B338-4B3E-A50C-88EAC6541728}\RP99\A0039805.exe
[RILEVAMENTO] Si tratta del cavallo di Troia TR/Trash.Gen
C:\System Volume Information\_restore{5BEDE7D2-B338-4B3E-A50C-88EAC6541728}\RP99\A0039808.exe
[RILEVAMENTO] Si tratta del cavallo di Troia TR/Trash.Gen
C:\System Volume Information\_restore{5BEDE7D2-B338-4B3E-A50C-88EAC6541728}\RP99\A0039809.exe
[RILEVAMENTO] Si tratta del cavallo di Troia TR/Trash.Gen
C:\System Volume Information\_restore{5BEDE7D2-B338-4B3E-A50C-88EAC6541728}\RP99\A0040813.exe
[RILEVAMENTO] Si tratta del cavallo di Troia TR/Agent.178048
Inizia con la scansione di 'D:\'
Inizia con la scansione di 'Q:\'
Il percorso Q:\ non può essere trovato!
Errore di sistema [5]: Accesso negato.

Avvio della disinfezione:
C:\System Volume Information\_restore{5BEDE7D2-B338-4B3E-A50C-88EAC6541728}\RP99\A0040813.exe
[RILEVAMENTO] Si tratta del cavallo di Troia TR/Agent.178048
[NOTA] Il file è stato spostato in quarantena con il nome '47c9c944.qua'!
C:\System Volume Information\_restore{5BEDE7D2-B338-4B3E-A50C-88EAC6541728}\RP99\A0039809.exe
[RILEVAMENTO] Si tratta del cavallo di Troia TR/Trash.Gen
[NOTA] Il file è stato spostato in quarantena con il nome '5f5ee6e3.qua'!
C:\System Volume Information\_restore{5BEDE7D2-B338-4B3E-A50C-88EAC6541728}\RP99\A0039808.exe
[RILEVAMENTO] Si tratta del cavallo di Troia TR/Trash.Gen
[NOTA] Il file è stato spostato in quarantena con il nome '0d01bc0c.qua'!
C:\System Volume Information\_restore{5BEDE7D2-B338-4B3E-A50C-88EAC6541728}\RP99\A0039805.exe
[RILEVAMENTO] Si tratta del cavallo di Troia TR/Trash.Gen
[NOTA] Il file è stato spostato in quarantena con il nome '6b36f3ce.qua'!
C:\System Volume Information\_restore{5BEDE7D2-B338-4B3E-A50C-88EAC6541728}\RP99\A0039804.exe
[RILEVAMENTO] Si tratta del cavallo di Troia TR/Trash.Gen
[NOTA] Il file è stato spostato in quarantena con il nome '2eb2def0.qua'!
C:\System Volume Information\_restore{5BEDE7D2-B338-4B3E-A50C-88EAC6541728}\RP99\A0039799.exe
[RILEVAMENTO] Si tratta del cavallo di Troia TR/Dldr.Agent.riv
[NOTA] Il file è stato spostato in quarantena con il nome '51a9ec91.qua'!
C:\Qoobox\Quarantine\C\Programmi\Fast Browser Search\IE\uninstall.exe.vir
[RILEVAMENTO] Si tratta del cavallo di Troia TR/Agent.178048
[NOTA] Il file è stato spostato in quarantena con il nome '1dd8c31d.qua'!


Fine della scansione: domenica 23 gennaio 2011 19:04
Tempo impiegato: 48:28 Minuto(i)

La scansione è stata completamente eseguita.

5246 Directory scansionate
202611 I file sono stati scansionati
7 Rilevati virus e/o programmi indesiderati
0 I file sono stati classificati come sospetti
0 I file sono stati eliminati
0 I virus o i programmi indesiderati sono stati riparati
7 File spostati in quarantena
0 File rinominati
0 Impossibile scansionare i file
202604 File non infetti
6908 Archivi scansionati
0 Avvisi
7 Note
346327 Oggetti scansionati durante la scansione dei rootkit
1 Sono stati rilevati oggetti nascosti