Sorry! Pessimo allievo! ;( Sto rifacendo in modo completa!

E allora?
Pensavi di cavartela in 5 minuti?
Lascia finire la scansione.
Quando ha finito, rimuovi tutto quello che ha trovato.
Poi domani, fai le 2 scansioni con Norman, che ti ho indicato nei post precedenti.

Ecco i risultati!
Malwarebytes' Anti-Malware 1.42
Versione del database: 3296
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

04/12/2009 23.58.16
mbam-log-2009-12-04 (23-58-16).txt

Tipo di scansione: Scansione completa (C:\|E:\|H:\|)
Elementi scansionati: 218169
Tempo trascorso: 32 minute(s), 51 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 2

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
C:\Documents and Settings\Scooby\Dati applicazioni\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
C:\Programmi\Navilog1\gnc.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

Ok, tutto fatto! Ecco il il link del forum dove ho caricato "norman2":
Norman2.log
Grazie intanto e buona domenica
P.S. Già è tutto a posto? Posso ritornare ad utilizzare il pc normalmente? Quale antivirus metto? Tnx

ComboFix 09-12-05.06 - Scooby 06/12/2009 14.52.39.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.1471.942 [GMT 1:00]
Eseguito da: c:\documents and settings\Scooby\Desktop\ComboFix.exe

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Scooby\Dati applicazioni\Desktopicon
c:\documents and settings\Scooby\Impostazioni locali\Dati applicazioni\xisdue.dat
c:\documents and settings\Scooby\Impostazioni locali\Dati applicazioni\xisdue_nav.dat
c:\documents and settings\Scooby\Impostazioni locali\Dati applicazioni\xisdue_navps.dat
C:\Muestras
c:\muestras\WINUPGRO.EXE.Muestra EliBagle v13.27
c:\muestras\WINUPGRO.EXE.Muestra EliBagle v13.28
c:\windows\msvrc20.dll

.
((((((((((((((((((((((((( Files Creati Da 2009-11-06 al 2009-12-06 )))))))))))))))))))))))))))))))))))
.

2009-12-04 22:01 . 2009-12-04 22:01 -------- d-----w- c:\documents and settings\Scooby\Dati applicazioni\Malwarebytes
2009-12-04 22:00 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-04 22:00 . 2009-12-04 22:01 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-12-04 22:00 . 2009-12-04 22:00 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-12-04 22:00 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-04 21:22 . 2009-12-04 17:33 70144 -c--a-w- c:\windows\system32\dllcache\sysinfo.exe.REN
2009-12-04 21:22 . 2009-12-04 17:33 14848 -c--a-w- c:\windows\system32\dllcache\register.exe.REN
2009-12-04 21:04 . 2009-12-06 09:36 -------- d-----w- C:\FindyKill
2009-12-04 18:58 . 2009-12-04 18:58 65536 ----a-r- c:\documents and settings\Scooby\Dati applicazioni\Microsoft\Installer\{A6F4DE62-BA95-45B5-B27D-39E5ABB4E77D}\NewShortcut1_6D307F405A8B42488CCA5C8E4FA8753B.exe
2009-12-04 18:58 . 2009-12-04 18:58 10134 ----a-r- c:\documents and settings\Scooby\Dati applicazioni\Microsoft\Installer\{A6F4DE62-BA95-45B5-B27D-39E5ABB4E77D}\ARPPRODUCTICON.exe
2009-12-04 18:58 . 2009-12-04 18:58 -------- d-----w- c:\programmi\Hydra Networks
2009-12-04 17:10 . 2009-12-04 17:53 -------- d-----w- C:\help
2009-12-04 16:30 . 2009-12-04 16:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2009-12-02 21:37 . 2009-12-06 13:27 -------- d-----w- c:\programmi\Anti-Hijacker
2009-12-02 18:53 . 2009-12-02 18:53 -------- d-----w- c:\documents and settings\Scooby\Dati applicazioni\AVGTOOLBAR
2009-12-01 11:31 . 2009-12-01 11:31 -------- d-----w- c:\documents and settings\Scooby\Dati applicazioni\NeroDigital™
2009-11-30 08:00 . 2009-12-01 14:47 -------- d-----w- c:\programmi\mIRC6.21-Italiano-TuttoIRC
2009-11-30 07:59 . 2009-11-30 07:59 -------- d-----w- c:\programmi\File comuni\PCSuite
2009-11-30 07:58 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-11-30 07:58 . 2009-11-30 07:58 -------- d-----w- c:\programmi\PC Connectivity Solution
2009-11-30 07:57 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2009-11-30 07:57 . 2009-10-06 10:52 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2009-11-30 07:57 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-11-30 07:57 . 2009-10-06 10:52 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-11-30 07:57 . 2009-10-06 10:52 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2009-11-30 07:56 . 2009-11-30 07:55 34541248 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_ita.exe
2009-11-30 07:55 . 2009-11-30 07:55 95232 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2009-11-30 07:55 . 2009-11-30 07:55 8192 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2009-11-30 07:55 . 2009-11-30 07:55 61440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-11-30 07:55 . 2009-11-30 07:55 10240 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2009-11-23 14:06 . 2009-11-23 14:06 -------- d-----w- c:\documents and settings\Scooby\Impostazioni locali\Dati applicazioni\Help
2009-11-23 08:52 . 2009-11-23 09:27 -------- d-----w- c:\documents and settings\Scooby\Dati applicazioni\ZipGenius
2009-11-23 08:52 . 2009-11-23 08:52 -------- d-----w- c:\programmi\ZipGenius 6
2009-11-21 21:05 . 2009-11-21 21:06 -------- d-----w- c:\documents and settings\Scooby\Dati applicazioni\eMule
2009-11-17 12:21 . 2009-11-17 12:21 -------- d-----w- c:\documents and settings\Scooby\Dati applicazioni\IObit
2009-11-17 06:49 . 2009-11-17 12:21 -------- d-----w- c:\programmi\IObit
2009-11-09 14:04 . 2006-05-28 22:00 16384 ----a-r- c:\windows\system32\avmprmon.dll
2009-11-09 14:04 . 2009-11-09 14:04 -------- d-----w- c:\programmi\FRITZ!BoxPrint
2009-11-09 14:04 . 2009-11-09 14:04 -------- d-----w- c:\programmi\FRITZ!Box
2009-11-09 13:59 . 2009-11-09 13:59 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-06 13:31 . 2001-08-31 10:00 80490 ----a-w- c:\windows\system32\perfc010.dat
2009-12-06 13:31 . 2001-08-31 10:00 482036 ----a-w- c:\windows\system32\perfh010.dat
2009-12-04 21:51 . 2009-01-10 22:44 -------- d-----w- c:\programmi\PowerQuest
2009-12-04 21:49 . 2009-01-20 19:59 -------- d-----w- c:\programmi\Lavasoft
2009-12-04 21:49 . 2009-01-12 21:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft
2009-12-04 16:54 . 2009-12-04 16:54 6516179 ----a-w- c:\windows\java\Packages\YKBP3LZZ.ZIP
2009-12-04 16:54 . 2009-12-04 16:54 956166 ----a-w- c:\windows\java\Packages\XN3BNN33.ZIP
2009-12-04 16:54 . 2009-12-04 16:54 920319 ----a-w- c:\windows\java\Packages\WZNJDBJ1.ZIP
2009-12-04 16:54 . 2009-12-04 16:54 775285 ----a-w- c:\windows\java\Packages\X7X7FXV5.ZIP
2009-12-04 16:54 . 2009-12-04 16:54 1088024 ----a-w- c:\windows\java\Packages\DF9RVTRD.ZIP
2009-12-04 16:54 . 2009-12-04 16:54 901806 ----a-w- c:\windows\java\Packages\8PZTRXNX.ZIP
2009-12-04 16:54 . 2009-12-04 16:54 5078480 ----a-w- c:\windows\java\Packages\13D3VNXN.ZIP
2009-12-04 16:53 . 2009-09-10 21:44 -------- d-----w- c:\programmi\Xvid
2009-12-04 16:37 . 2009-12-04 16:37 81465 ----a-w- c:\windows\system32\drivers\klif.cab
2009-12-02 22:07 . 2009-01-10 23:29 -------- d-----w- c:\programmi\AVG
2009-12-02 21:37 . 2009-02-04 16:07 -------- d-----w- c:\programmi\Softonic_Italia_TC
2009-12-02 14:09 . 2009-01-10 22:53 93568 ----a-w- c:\documents and settings\Scooby\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-12-01 19:46 . 2009-01-10 22:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-12-01 19:43 . 2009-01-10 22:28 -------- d-----w- c:\programmi\Microsoft Works
2009-12-01 16:04 . 2009-01-15 19:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\CanonIJ
2009-12-01 16:04 . 2009-01-12 08:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\CanonIJPLM
2009-11-30 07:59 . 2009-01-12 17:22 -------- d-----w- c:\programmi\Nokia
2009-11-30 07:59 . 2009-09-17 06:07 -------- d-----w- c:\programmi\File comuni\Nokia
2009-11-30 07:55 . 2009-01-12 17:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Installations
2009-11-29 22:01 . 2009-03-05 15:02 -------- d-----w- c:\documents and settings\Scooby\Dati applicazioni\Apple Computer
2009-11-28 07:31 . 2009-01-10 23:21 -------- d-----w- c:\programmi\File comuni\Nero
2009-11-28 07:29 . 2009-01-10 23:21 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nero
2009-11-28 07:29 . 2009-01-10 23:21 -------- d-----w- c:\programmi\Nero
2009-11-24 15:55 . 2009-08-14 07:49 66 ----a-w- c:\documents and settings\Scooby\Dati applicazioni\isfree3_0.tmp
2009-11-24 12:58 . 2009-01-15 14:38 -------- d-----w- c:\documents and settings\Scooby\Dati applicazioni\Skype
2009-11-24 11:51 . 2009-01-15 14:40 -------- d-----w- c:\documents and settings\Scooby\Dati applicazioni\skypePM
2009-11-22 15:16 . 2009-02-17 08:09 -------- d-----w- c:\documents and settings\Scooby\Dati applicazioni\mIRC
2009-11-21 21:38 . 2009-01-15 16:19 -------- d-----w- c:\programmi\eMule
2009-11-19 07:25 . 2009-01-11 19:52 93568 ----a-w- c:\documents and settings\Pollon\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-11-15 16:28 . 2009-02-17 09:53 230432 ----a-w- C:\StiImg.dat
2009-11-05 20:11 . 2009-11-05 20:11 -------- d-----w- c:\documents and settings\Scooby\Dati applicazioni\InfraRecorder
2009-11-05 20:11 . 2009-11-05 20:11 -------- d-----w- c:\programmi\InfraRecorder
2009-11-05 20:03 . 2009-11-05 20:03 -------- d-----w- c:\documents and settings\Scooby\Dati applicazioni\FinalBurner Video DVD
2009-11-03 13:40 . 2009-02-16 14:55 -------- d-----w- c:\programmi\Messenger Plus! Live
2009-10-29 18:15 . 2009-10-29 18:15 -------- d-----w- c:\programmi\Reference Assemblies
2009-10-27 18:48 . 2009-10-27 18:47 -------- d-----w- c:\programmi\iTunes
2009-10-27 18:47 . 2009-10-27 18:47 -------- d-----w- c:\programmi\iPod
2009-10-27 18:47 . 2009-03-05 14:59 -------- d-----w- c:\programmi\File comuni\Apple
2009-10-27 18:41 . 2009-10-27 18:41 79144 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\iTunes 9.0.1.8\SetupAdmin.exe
2009-10-27 08:33 . 2009-10-27 08:33 -------- d-----w- c:\documents and settings\Scooby\Dati applicazioni\Messenger_for_Skype
2009-10-27 08:20 . 2009-10-27 08:12 -------- d-----w- c:\programmi\Microsoft
2009-10-27 08:20 . 2009-10-27 08:20 -------- d-----w- c:\programmi\Microsoft Office Outlook Connector
2009-10-27 08:20 . 2009-02-16 14:28 -------- d-----w- c:\programmi\Windows Live
2009-10-27 08:16 . 2009-10-27 08:16 -------- d-----w- c:\programmi\Microsoft Sync Framework
2009-10-27 08:15 . 2009-10-27 08:15 -------- d-----w- c:\programmi\Microsoft SQL Server Compact Edition
2009-10-09 05:49 . 2009-10-06 19:23 -------- d-----w- c:\programmi\EuteliaVOIP
2009-10-06 10:52 . 2009-01-12 17:22 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-09-17 06:16 . 2009-09-17 06:16 3351812 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\msxml6Exec.exe
2009-09-17 06:16 . 2009-09-17 06:16 36864 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\Sleep.exe
2009-09-17 06:16 . 2009-09-17 06:16 3181612 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\vcredistExec.exe
2009-09-17 06:15 . 2009-09-17 06:16 24510968 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\NokiaSoftwareUpdaterSetup_it (1).exe
2009-09-17 06:03 . 2009-09-17 06:03 95232 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2009-09-17 06:03 . 2009-09-17 06:03 8192 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
2009-09-17 06:03 . 2009-09-17 06:03 61440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-09-17 06:03 . 2009-09-17 06:03 10240 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2009-09-17 06:03 . 2009-09-17 06:04 33853800 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_ita.exe
2009-09-12 07:43 . 2009-09-12 07:43 66264 ---ha-w- c:\windows\system32\mlfcache.dat
2009-09-11 14:34 . 2004-08-19 13:39 133632 ----a-w- c:\windows\system32\msv1_0.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020" [X]
"PC Suite Tray"="c:\programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"H/PC Connection Agent"="c:\programmi\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"Google Update"="c:\documents and settings\Scooby\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" [2009-04-29 133104]
"Advanced SystemCare 3"="c:\programmi\IObit\Advanced SystemCare 3\AWC.exe" [2009-11-04 2334856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2005-03-08 53248]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"SSBkgdUpdate"="c:\programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2007-03-26 210472]
"S3Trayp"="S3trayp.exe" [2005-04-05 159744]
"RTHDCPL"="RTHDCPL.EXE" [2006-03-04 16006656]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2009-09-04 417792]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PDFHook"="c:\programmi\Nuance\PDF Professional 5\pdfpro5hook.exe" [2008-03-15 1626112]
"PDF5 Registry Controller"="c:\programmi\Nuance\PDF Professional 5\RegistryController.exe" [2008-02-02 58656]
"NeroFilterCheck"="c:\programmi\File comuni\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"NBKeyScan"="c:\programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 59392]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2009-09-21 305440]
"ISUSScheduler"="c:\programmi\File comuni\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"ISUSPM Startup"="c:\progra~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"GrooveMonitor"="c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"CanonSolutionMenu"="c:\programmi\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\programmi\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 110592]
"AppleSyncNotifier"="c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"AdobeCS4ServiceManager"="c:\programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\Pollon\Menu Avvio\Programmi\Esecuzione automatica\
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\programmi\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\documents and settings\Scooby\Menu Avvio\Programmi\Esecuzione automatica\
Anti-Hijacker.lnk - c:\programmi\Anti-Hijacker\AntiHijacker 1.21.EXE [2006-6-19 356352]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Trillian\\trillian.exe"=
"c:\\Programmi\\File comuni\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\java.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\programmi\Microsoft ActiveSync\rapimgr.exe"= c:\programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programmi\Microsoft ActiveSync\wcescomm.exe"= c:\programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programmi\Microsoft ActiveSync\WCESMgr.exe"= c:\programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programmi\\File comuni\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Programmi\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Programmi\\EuteliaVOIP\\EuteliaVOIP.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\mIRC6.21-Italiano-TuttoIRC\\mIRC.exe"=
"c:\\Documents and Settings\\All Users\\Dati applicazioni\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\Italian\\setup.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"4262:TCP"= 4262:TCP:127.0.0.1
"4672:UDP"= 4672:UDP:eMule : UDP Incoming
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R2 PDFProFiltSrv;PDFProFiltSrv;c:\programmi\Nuance\PDF Professional 5\PDFProFiltSrv.exe [02/02/2008 2.20.34 144672]
R3 S3G700;S3G700;c:\windows\system32\drivers\S3G700m.sys [10/01/2009 19.34.46 792576]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\programmi\Lavasoft\Ad-Aware\AAWService.exe" --> c:\programmi\Lavasoft\Ad-Aware\AAWService.exe [?]
S3 Asushwio;Asushwio;c:\windows\system32\drivers\ASUSHWIO.SYS [10/01/2009 19.32.33 5824]
S3 bepldr;BCL easyPDF SDK 5 Loader;c:\programmi\File comuni\BCL Technologies\easyPDF 5\bepldr.exe [21/02/2007 17.26.40 151552]
S3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.sys [24/02/2005 12.29.14 162176]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
qnlmem
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
IE: Append the content of the link to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Open with Nuance PDF Converter 5.0 - c:\programmi\Nuance\PDF Professional 5\cnvres_eng.dll /100
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

BHO-{27abbd31-a422-439b-a251-423a4e96c9f8} - c:\programmi\Softonic_Italia_TC\tbSof0.dll
Toolbar-{27abbd31-a422-439b-a251-423a4e96c9f8} - c:\programmi\Softonic_Italia_TC\tbSof0.dll
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
WebBrowser-{27ABBD31-A422-439B-A251-423A4E96C9F8} - c:\programmi\Softonic_Italia_TC\tbSof0.dll
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-nod32kui - c:\programmi\Eset\nod32kui.exe
AddRemove-Alice ti aiuta - c:\progra~1\ALICET~1\Uninstall.exe AliceRE
AddRemove-dBpowerAMP Music Converter - c:\windows\system32\SpoonUninstall.exe <uninstall>c:\windows\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
AddRemove-fring - c:\programmi\Microsoft ActiveSync\fring\Uninstall.exe fring
AddRemove-xisdue - c:\documents and settings\scooby\impostazioni locali\dati applicazioni\xisdue.exe
AddRemove-{5135959c-51f8-40a1-9cab-84e810386027} - c:\programmi\File comuni\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER=9K00-0003-8M80-6320-5043-1458-XAA5
AddRemove-{7145edff-81ab-463f-9ba7-a3069ebc321a} - c:\programmi\File comuni\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER=9M13-0083-2710-5622-98W3-TL0A-THW4-9A0T
AddRemove-{e42b94a3-d785-464f-81bf-e6e98eff6e2c} - c:\programmi\File comuni\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER=9M0C-01A2-K817-3LK8-9X6M-WK3U-L942-3WE1



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-06 15:00
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-1123561945-1425521274-725345543-1003\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync]
"Name"="ActiveSync"
"DisplayName"="Microsoft ActiveSync"
"Param1"="ActiveSync"
"Type"="wellknown"
"Order"=dword:00000001
"State"=dword:0000000b

[HKEY_USERS\S-1-5-21-1123561945-1425521274-725345543-1003\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings]
"Name"="IESettings"
"Type"="IESettings"
"Order"=dword:00000004
"State"=dword:0000000b

[HKEY_USERS\S-1-5-21-1123561945-1425521274-725345543-1003\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles]
"Name"="MediaFiles"
"Type"="MediaFiles"
"Order"=dword:00000003
"State"=dword:0000000b

[HKEY_USERS\S-1-5-21-1123561945-1425521274-725345543-1003\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW]
"Name"="NPW"
"Param1"="NPW"
"Type"="wellknown"
"Order"=dword:00000002
"State"=dword:0000000b

[HKEY_USERS\S-1-5-21-1123561945-1425521274-725345543-1003\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook]
"Name"="Outlook"
"DisplayName"="Microsoft Outlook"
"Param1"="Outlook"
"Type"="wellknown"
"Order"=dword:00000000
"State"=dword:00000020
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(684)
c:\programmi\File comuni\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Ora fine scansione: 2009-12-06 15:03
ComboFix-quarantined-files.txt 2009-12-06 14:02

Pre-Run: 8.651.665.408 byte disponibili
Post-Run: 9.151.643.648 byte disponibili

- - End Of File - - 767BA432ED5B7A38DA759B60B5B5FD6F

Apri un file di testo sul Desktop (start\esegui\digita: notepad.exe\ Ok
Ci incolli il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente con il nome CFScript.txt




e trascinalo sull'icona di ComboFix.
Attendi la fine dei lavori, senza toccare tastiera, mouse o altro.
Posta il log aggiornato di combofix

Dimmi che problemi riscontri con il pc.

Prima della conclusione del log, il pc si è riavviato da solo!
Adesso cosa devo fare? Quale antivirus metto?
E sempre...........GRAZIEEEEEEEEEEEEEEEEE

P.S. 1- Ogni volta che clicco su Start, si avvia l'istallazione di Nuance PDF Professional! Come elimino il problema?Tnx
2- Combofix non lo trovo tra le applicazioni istallate, con "istallazioni applicazioni". Cmq, l'ho spostato nel cestino!

Non sò nemmeno cosa sia.
Ti serve?
Per Combofix, con la funzione "Cerca" di Windows, digita nei 2 campi, Combofix e elimina tutto quello che trova.

Certo che come attenzione fai desiderare parecchio.......
Te l'ho scritto un paio di post sopra. (AVIRA)