ecco il log di combofix
ComboFix 09-05-31.06 - antonio 01/06/2009 19.53.49.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.510.257 [GMT 2:00]
Eseguito da: c:\documents and settings\antonio\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((( Files Creati Da 2009-05-01 al 2009-06-01 )))))))))))))))))))))))))))))))))))
.
2009-06-01 07:24 . 2002-10-29 06:20 40960 ----a-r- c:\windows\system32\drivers\fetnd5b.sys
2009-05-31 10:22 . 2008-04-14 02:13 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2009-05-31 10:22 . 2001-08-30 21:08 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-05-31 10:22 . 2008-04-14 02:13 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2009-05-31 10:22 . 2001-08-30 21:08 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2009-05-31 10:22 . 2001-08-30 21:08 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2009-05-31 10:22 . 2001-08-30 21:08 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2009-05-31 10:22 . 2001-08-17 18:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2009-05-31 10:22 . 2004-08-03 20:29 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2009-05-31 10:22 . 2004-08-03 20:29 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2009-05-31 10:22 . 2008-04-14 02:13 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2009-05-31 10:21 . 2008-04-13 18:36 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2009-05-31 10:21 . 2004-08-03 20:31 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2009-05-31 10:21 . 2001-08-30 18:46 35402 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2009-05-31 10:21 . 2001-08-17 19:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2009-05-31 10:21 . 2001-08-30 21:08 54272 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2009-05-31 10:21 . 2001-08-30 21:08 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2009-05-31 10:21 . 2001-08-17 19:28 701386 -c--a-w- c:\windows\system32\dllcache\wdhaalba.sys
2009-05-31 10:19 . 2001-08-17 18:14 249402 -c--a-w- c:\windows\system32\dllcache\vinwm.sys
2009-05-31 10:19 . 2001-08-17 19:49 24576 -c--a-w- c:\windows\system32\dllcache\viairda.sys
2009-05-31 10:19 . 2001-08-17 19:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2009-05-31 10:19 . 2001-08-17 19:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys
2009-05-31 10:19 . 2001-08-17 19:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys
2009-05-31 10:19 . 2001-08-17 19:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2009-05-31 10:19 . 2001-08-17 19:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys
2009-05-31 10:19 . 2001-08-17 19:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys
2009-05-31 10:19 . 2001-08-17 19:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys
2009-05-31 10:19 . 2001-08-17 19:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys
2009-05-31 10:19 . 2008-04-13 18:45 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2009-05-31 10:19 . 2008-04-13 18:45 17152 -c--a-w- c:\windows\system32\dllcache\usbohci.sys
2009-05-31 10:19 . 2004-08-19 13:28 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys
2009-05-31 10:18 . 2001-08-30 21:08 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll
2009-05-31 10:18 . 2001-08-30 21:08 28672 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll
2009-05-31 10:18 . 2001-08-30 21:08 27136 -c--a-w- c:\windows\system32\dllcache\umaxu22.dll
2009-05-31 10:18 . 2001-08-30 21:08 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll
2009-05-31 10:18 . 2001-08-30 21:08 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll
2009-05-31 10:18 . 2001-08-17 19:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys
2009-05-31 10:18 . 2001-08-30 21:08 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2009-05-31 10:18 . 2001-08-30 21:08 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2009-05-31 10:18 . 2001-08-30 21:08 212480 -c--a-w- c:\windows\system32\dllcache\um54scan.dll
2009-05-31 10:18 . 2001-08-30 21:08 216576 -c--a-w- c:\windows\system32\dllcache\um34scan.dll
2009-05-31 10:18 . 2001-08-17 19:52 36736 -c--a-w- c:\windows\system32\dllcache\ultra.sys
2009-05-31 10:18 . 2001-08-17 19:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2009-05-31 10:16 . 2001-08-17 18:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys
2009-05-31 10:16 . 2001-08-17 18:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys
2009-05-31 10:16 . 2001-08-17 18:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2009-05-31 10:16 . 2001-08-30 21:07 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll
2009-05-31 10:16 . 2008-04-13 18:40 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys
2009-05-31 10:16 . 2001-08-17 18:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2009-05-31 10:16 . 2001-08-17 18:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys
2009-05-31 10:16 . 2001-08-17 19:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2009-05-31 10:16 . 2001-08-17 19:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys
2009-05-31 10:16 . 2001-08-17 18:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys
2009-05-31 10:16 . 2001-08-30 21:07 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll
2009-05-31 10:14 . 2001-08-17 18:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2009-05-31 10:14 . 2001-08-30 21:08 99328 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2009-05-31 10:14 . 2001-08-30 21:08 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2009-05-31 10:14 . 2001-08-17 19:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2009-05-31 10:14 . 2001-08-30 21:08 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2009-05-31 10:14 . 2001-08-17 20:07 19072 -c--a-w- c:\windows\system32\dllcache\sparrow.sys
2009-05-31 10:14 . 2001-08-17 19:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2009-05-31 10:14 . 2001-08-17 18:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2009-05-31 10:14 . 2001-08-30 21:08 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2009-05-31 10:14 . 2001-08-17 18:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2009-05-31 10:14 . 2001-08-17 19:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2009-05-31 10:14 . 2008-04-13 18:40 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys
2009-05-31 10:14 . 2001-08-17 19:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2009-05-31 10:13 . 2001-08-17 18:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2009-05-31 10:13 . 2001-08-30 21:07 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll
2009-05-31 10:13 . 2001-08-17 18:12 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys
2009-05-31 10:13 . 2001-08-30 20:37 36937 -c--a-w- c:\windows\system32\dllcache\smcirda.sys
2009-05-31 10:13 . 2001-08-17 18:12 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys
2009-05-31 10:13 . 2001-08-17 19:57 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys
2009-05-31 10:13 . 2008-04-13 18:36 6912 -c--a-w- c:\windows\system32\dllcache\smbclass.sys
2009-05-31 10:13 . 2008-04-13 18:36 16000 -c--a-w- c:\windows\system32\dllcache\smbbatt.sys
2009-05-31 10:13 . 2001-08-30 21:08 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll
2009-05-31 10:13 . 2001-08-30 21:08 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll
2009-05-31 10:11 . 2001-08-30 20:30 161792 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2009-05-31 10:11 . 2001-07-21 20:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2009-05-31 10:11 . 2001-08-17 18:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2009-05-31 10:11 . 2001-08-30 21:07 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2009-05-31 10:11 . 2001-08-17 18:19 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys
2009-05-31 10:11 . 2001-08-30 20:28 6912 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2009-05-31 10:11 . 2001-08-30 20:28 18176 -c--a-w- c:\windows\system32\dllcache\sermouse.sys
2009-05-31 10:11 . 2001-08-17 19:53 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2009-05-31 10:11 . 2008-04-13 18:45 11520 -c--a-w- c:\windows\system32\dllcache\scsiscan.sys
2009-05-31 10:11 . 2001-08-17 19:52 11648 -c--a-w- c:\windows\system32\dllcache\scsiprnt.sys
2009-05-31 10:09 . 2001-08-30 21:07 182272 -c--a-w- c:\windows\system32\dllcache\s3mt3d.dll
2009-05-31 10:07 . 2001-08-17 19:51 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
2009-05-31 10:06 . 2001-08-30 21:07 5632 -c--a-w- c:\windows\system32\dllcache\ptpusb.dll
2009-05-31 10:05 . 2008-04-14 02:12 259328 -c--a-w- c:\windows\system32\dllcache\perm3dd.dll
2009-05-31 10:04 . 2001-08-30 21:08 39424 -c--a-w- c:\windows\system32\dllcache\ovcoms.exe
2009-05-31 10:03 . 2001-08-30 21:07 123776 -c--a-w- c:\windows\system32\dllcache\nv3.dll
2009-05-31 10:03 . 2001-08-17 18:49 51552 -c--a-w- c:\windows\system32\dllcache\ntgrip.sys
2009-05-31 10:03 . 2001-08-30 19:30 9472 -c--a-w- c:\windows\system32\dllcache\ntapm.sys
2009-05-31 10:03 . 2001-08-17 19:53 7552 -c--a-w- c:\windows\system32\dllcache\nsmmc.sys
2009-05-31 10:03 . 2008-04-13 18:54 28672 -c--a-w- c:\windows\system32\dllcache\nscirda.sys
2009-05-31 10:03 . 2001-08-17 18:20 87040 -c--a-w- c:\windows\system32\dllcache\nm6wdm.sys
2009-05-31 10:03 . 2001-08-17 18:20 126080 -c--a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2009-05-31 10:03 . 2001-08-17 18:12 32840 -c--a-w- c:\windows\system32\dllcache\ngrpci.sys
2009-05-31 10:03 . 2004-08-19 13:33 132695 -c--a-w- c:\windows\system32\dllcache\netwlan5.sys
2009-05-31 10:03 . 2001-08-30 19:20 66174 -c--a-w- c:\windows\system32\dllcache\netflx3.sys
2009-05-31 10:03 . 2001-08-17 18:50 39264 -c--a-w- c:\windows\system32\dllcache\neo20xx.sys
2009-05-31 10:01 . 2008-04-13 18:46 49024 -c--a-w- c:\windows\system32\dllcache\mstape.sys
2009-05-31 10:01 . 2001-08-17 19:48 12416 -c--a-w- c:\windows\system32\dllcache\msriffwv.sys
2009-05-31 10:01 . 2001-08-17 20:00 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
2009-05-31 10:01 . 2008-04-13 18:54 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
2009-05-31 10:01 . 2001-08-17 20:02 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2009-05-31 10:01 . 2001-08-17 19:48 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2009-05-31 10:01 . 2008-04-13 18:46 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys
2009-05-31 10:01 . 2001-08-17 19:52 17280 -c--a-w- c:\windows\system32\dllcache\mraid35x.sys
2009-05-31 10:00 . 2008-04-13 18:46 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2009-05-31 10:00 . 2001-08-30 18:41 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2009-05-31 10:00 . 2001-08-17 19:52 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys
2009-05-31 10:00 . 2001-08-30 18:34 320384 -c--a-w- c:\windows\system32\dllcache\mgaum.sys
2009-05-31 10:00 . 2001-08-30 21:07 235648 -c--a-w- c:\windows\system32\dllcache\mgaud.dll
2009-05-31 10:00 . 2008-04-13 18:41 26112 -c--a-w- c:\windows\system32\dllcache\memstpci.sys
2009-05-31 10:00 . 2001-08-30 21:07 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
2009-05-31 10:00 . 2001-08-17 19:58 8320 -c--a-w- c:\windows\system32\dllcache\memcard.sys
2009-05-31 10:00 . 2001-08-30 18:21 165034 -c--a-w- c:\windows\system32\dllcache\mdgndis5.sys
2009-05-31 10:00 . 2001-08-17 19:52 7424 -c--a-w- c:\windows\system32\dllcache\mammoth.sys
2009-05-31 09:20 . 2008-04-13 18:40 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2009-05-31 09:20 . 2001-08-30 18:03 26986 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
2009-05-31 09:20 . 2001-08-17 18:12 19016 -c--a-w- c:\windows\system32\dllcache\ktc111.sys
2009-05-31 09:20 . 2001-08-30 21:07 37376 -c--a-w- c:\windows\system32\dllcache\kousd.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-01 17:47 . 2009-04-19 05:19 -------- d-----w- c:\programmi\Mozilla Thunderbird
2009-06-01 17:43 . 2009-04-19 07:14 2608 ----a-w- c:\windows\system32\d3d9caps.dat
2009-06-01 17:34 . 2009-04-19 06:59 -------- d-----w- c:\documents and settings\antonio\Dati applicazioni\Skype
2009-05-31 18:09 . 2009-04-19 07:04 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Google Updater
2009-05-31 14:43 . 2009-05-31 14:44 1594880 ----a-w- c:\windows\Internet Logs\xDBF.tmp
2009-05-31 10:38 . 2009-04-22 05:30 5842976 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-05-31 08:44 . 2009-04-19 07:57 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-05-31 08:32 . 2009-04-22 05:30 66008 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-05-30 22:23 . 2009-05-31 08:26 1593344 ----a-w- c:\windows\Internet Logs\xDBE.tmp
2009-05-30 21:49 . 2006-03-02 12:00 81380 ----a-w- c:\windows\system32\perfc010.dat
2009-05-30 21:49 . 2006-03-02 12:00 483474 ----a-w- c:\windows\system32\perfh010.dat
2009-05-27 15:35 . 2009-05-27 15:43 1586688 ----a-w- c:\windows\Internet Logs\xDBD.tmp
2009-05-22 15:06 . 2009-04-19 07:04 -------- d-----w- c:\programmi\Google
2009-05-21 15:24 . 2009-05-21 15:25 1576448 ----a-w- c:\windows\Internet Logs\xDBC.tmp
2009-05-20 13:50 . 2009-04-19 21:09 43792 ----a-w- c:\documents and settings\antonio\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-05-12 18:00 . 2009-05-13 10:25 1560064 ----a-w- c:\windows\Internet Logs\xDBB.tmp
2009-05-09 15:32 . 2009-05-09 17:37 1556480 ----a-w- c:\windows\Internet Logs\xDBA.tmp
2009-05-03 18:49 . 2009-04-19 09:37 -------- d-----w- c:\programmi\File comuni\Adobe
2009-05-02 11:59 . 2009-05-02 12:00 3486720 ----a-w- c:\windows\Internet Logs\xDB8.tmp
2009-05-02 11:59 . 2009-05-02 12:00 1534976 ----a-w- c:\windows\Internet Logs\xDB9.tmp
2009-05-02 11:07 . 2009-04-18 17:10 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-02 11:07 . 2009-04-18 17:10 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-02 11:07 . 2009-04-18 17:10 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-05-02 11:07 . 2009-04-18 17:10 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-02 11:05 . 2009-05-02 11:05 1437464 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgupd.dll
2009-05-02 11:05 . 2009-05-02 11:05 755992 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avginet.dll
2009-04-30 07:25 . 2009-04-30 07:26 1527296 ----a-w- c:\windows\Internet Logs\xDB7.tmp
2009-04-29 04:59 . 2009-04-29 04:59 -------- d-----w- c:\programmi\Trend Micro
2009-04-28 12:27 . 2009-04-28 13:48 1512448 ----a-w- c:\windows\Internet Logs\xDB6.tmp
2009-04-27 17:25 . 2009-04-27 17:25 2496 ----a-w- c:\windows\system32\d3d8caps.dat
2009-04-27 14:38 . 2009-04-27 14:40 1501696 ----a-w- c:\windows\Internet Logs\xDB1A.tmp
2009-04-27 09:26 . 2009-04-27 09:26 -------- d-----w- c:\documents and settings\antonio\Dati applicazioni\Ahead
2009-04-27 09:21 . 2009-04-27 09:21 -------- d-----w- c:\programmi\File comuni\Ahead
2009-04-27 09:21 . 2009-04-27 09:21 -------- d-----w- c:\programmi\Nero
2009-04-27 05:49 . 2009-04-27 05:49 -------- d-----w- c:\programmi\File comuni\Adobe Systems Shared
2009-04-27 05:20 . 2009-04-27 05:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FLEXnet
2009-04-26 07:00 . 2009-04-26 07:00 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-04-26 07:00 . 2009-04-26 07:00 -------- d-----w- c:\programmi\Java
2009-04-26 06:59 . 2009-04-26 06:59 152576 ----a-w- c:\documents and settings\antonio\Dati applicazioni\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-26 05:29 . 2009-04-26 05:29 34816 ----a-w- c:\windows\system32\BGData.bin
2009-04-25 15:20 . 2009-04-26 05:28 2670592 ----a-w- c:\windows\Internet Logs\xDB4.tmp
2009-04-25 15:20 . 2009-04-26 05:28 1464320 ----a-w- c:\windows\Internet Logs\xDB5.tmp
2009-04-25 12:18 . 2009-04-25 13:47 1460736 ----a-w- c:\windows\Internet Logs\xDB3.tmp
2009-04-25 12:18 . 2009-04-25 13:47 2978816 ----a-w- c:\windows\Internet Logs\xDB2.tmp
2009-04-25 06:38 . 2009-04-25 06:38 -------- d-----w- c:\documents and settings\antonio\Dati applicazioni\AdobeUM
2009-04-25 06:35 . 2009-04-25 06:35 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Adobe Systems
2009-04-25 05:56 . 2009-04-25 05:56 -------- d-----w- c:\programmi\Diskeeper Corporation
2009-04-25 05:01 . 2009-04-25 05:01 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\WinZip
2009-04-24 18:13 . 2009-04-24 18:13 -------- d-----w- c:\documents and settings\antonio\Dati applicazioni\ACD Systems
2009-04-24 18:09 . 2009-04-24 18:09 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\ACD Systems
2009-04-24 18:09 . 2009-04-24 18:09 -------- d-----w- c:\programmi\File comuni\ACD Systems
2009-04-24 18:09 . 2009-04-24 18:09 -------- d-----w- c:\programmi\ACD Systems
2009-04-24 15:10 . 2009-04-24 15:08 -------- d-----w- c:\programmi\Macromedia
2009-04-24 15:10 . 2009-04-24 14:30 -------- d-----w- c:\programmi\File comuni\Macromedia
2009-04-24 15:10 . 2009-04-19 09:28 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-04-24 12:24 . 2009-04-24 13:59 1263616 ----a-w- c:\windows\Internet Logs\xDB1.tmp
2009-04-24 12:18 . 2009-04-24 12:18 -------- d-----w- c:\documents and settings\antonio\Dati applicazioni\GlobalSCAPE
2009-04-24 12:18 . 2009-04-24 12:18 -------- d-----w- c:\programmi\GlobalSCAPE
2009-04-24 07:43 . 2009-04-24 07:43 -------- d-----w- c:\programmi\Microsoft.NET
2009-04-24 06:49 . 2009-04-24 06:49 -------- d-----w- c:\programmi\Panda Security
2009-04-23 18:10 . 2009-04-23 18:10 -------- d-----w- c:\documents and settings\antonio\Dati applicazioni\vlc
2009-04-23 18:09 . 2009-04-23 18:09 -------- d-----w- c:\programmi\VideoLAN
2009-04-23 11:00 . 2009-04-23 11:00 -------- d-----w- c:\programmi\MySQL
2009-04-23 06:19 . 2009-04-23 06:19 -------- d-----w- c:\programmi\Apache Software Foundation
2009-04-22 11:46 . 2009-04-22 11:46 -------- d-----w- c:\programmi\IZArc
2009-04-22 10:11 . 2009-04-22 10:10 -------- d-----w- c:\programmi\Microsoft LifeCam
2009-04-22 05:28 . 2009-04-18 17:23 4212 ---h--w- c:\windows\system32\zllictbl.dat
2009-04-22 05:08 . 2009-04-22 05:08 -------- d-----w- c:\programmi\Zone Labs
2009-04-22 04:58 . 2009-04-22 04:58 -------- d-----w- c:\programmi\VIA
2009-04-22 04:57 . 2009-04-19 09:28 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-04-22 04:53 . 2009-04-22 04:53 -------- d-----w- c:\programmi\Fastrate USB 100
2009-04-22 04:52 . 2009-04-22 04:52 -------- d-----w- c:\programmi\Telecom Italia
2009-04-21 17:58 . 2009-04-21 08:04 137152 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2009-04-21 17:57 . 2009-04-21 17:57 -------- d-----w- c:\programmi\ADSL MODEM UTILITY
2009-04-21 11:04 . 2009-04-21 11:04 -------- d-----w- c:\programmi\CCleaner
2009-04-21 07:38 . 2009-04-21 07:38 -------- d-----w- c:\programmi\MSBuild
2009-04-21 07:33 . 2009-04-21 07:33 -------- d-----w- c:\programmi\Reference Assemblies
2009-04-20 17:56 . 2009-04-20 05:43 -------- d-----w- c:\programmi\eMule
2009-04-19 15:07 . 2009-04-19 15:07 -------- d-----w- c:\documents and settings\antonio\Dati applicazioni\EPSON
2009-04-19 15:07 . 2009-04-19 15:06 -------- d-----w- c:\documents and settings\antonio\Dati applicazioni\Smart Panel
2009-04-19 10:38 . 2009-04-18 16:55 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-19 09:44 . 2009-04-19 09:41 -------- d-----w- c:\programmi\Hewlett-Packard
2009-04-19 09:44 . 2009-04-19 09:44 82380 ----a-w- c:\windows\system32\drivers\AFS2K.SYS
2009-04-19 09:37 . 2009-04-19 09:37 -------- d-----w- c:\documents and settings\antonio\Dati applicazioni\InterTrust
2009-04-19 09:31 . 2009-04-19 09:31 -------- d-----w- c:\programmi\ArcSoft
2009-04-19 09:31 . 2009-04-19 09:28 -------- d-----w- c:\programmi\Smart Panel
2009-04-19 09:31 . 2009-04-19 09:31 -------- d-----w- c:\programmi\File comuni\Python
2009-04-19 09:30 . 2009-04-19 09:28 -------- d-----w- c:\programmi\EPSON
2009-04-19 09:09 . 2009-04-19 09:09 -------- d-----w- c:\programmi\VIA Technologies, Inc
2009-04-19 08:06 . 2009-04-19 08:06 -------- d-----w- c:\documents and settings\antonio\Dati applicazioni\Malwarebytes
2009-04-19 08:06 . 2009-04-19 08:06 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-04-19 08:06 . 2009-04-19 08:06 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-04-19 08:03 . 2009-04-19 07:57 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2009-04-19 06:59 . 2009-04-19 06:59 -------- d-----r- c:\programmi\Skype
2009-04-19 06:59 . 2009-04-19 06:59 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2009-04-19 05:19 . 2009-04-19 05:19 -------- d-----w- c:\documents and settings\antonio\Dati applicazioni\Thunderbird
2009-04-19 04:46 . 2009-04-19 04:46 0 ----a-w- c:\windows\nsreg.dat
2009-04-18 17:24 . 2009-04-18 17:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\MailFrontier
2009-04-18 17:10 . 2009-04-18 17:10 -------- d-----w- c:\programmi\AVG
2009-04-18 17:10 . 2009-04-18 17:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\avg8
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-02 1947928]
"Matrox Powerdesk"="c:\windows\system32\PDesk\PDesk.exe" [2003-08-11 667648]
"ZoneAlarm Client"="c:\programmi\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Monitor Apache Servers.lnk - c:\programmi\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2008-12-10 41042]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-02 11:07 11952 ----a-w- c:\windows\system32\avgrsstx.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave"= serwvdrv.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio veloce di Adobe Acrobat.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Acrobat.lnk
backup=c:\windows\pss\Avvio veloce di Adobe Acrobat.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^raid_tool.exe.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\raid_tool.exe.lnk
backup=c:\windows\pss\raid_tool.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^antonio^Menu Avvio^Programmi^Esecuzione automatica^Adobe Gamma.lnk]
path=c:\documents and settings\antonio\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"BITS"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgemc.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgnsx.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Programmi\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4662:TCP"= 4662:TCP:eMule_TCP
"4672:UDP"= 4672:UDP:eMule_UPD
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [24/04/2009 8.50.35 28544]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [22/04/2009 6.58.30 75904]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [18/04/2009 19.10.41 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [18/04/2009 19.10.47 108552]
R2 Apache2.2;Apache2.2;c:\programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe [10/12/2008 0.10.14 24636]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [18/04/2009 19.10.34 908568]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [18/04/2009 19.10.33 298776]
R3 Stmatm;ATM/ADSL miniport;c:\windows\system32\drivers\stmatm.sys [22/04/2009 6.53.23 59338]
R3 TaurusUsb;ADSL Modem USB Service 1.09a;c:\windows\system32\drivers\torususb.sys [22/04/2009 6.53.23 527980]
S2 gupdate1c9c0bd9625e4ac;Servizio di Google Update (gupdate1c9c0bd9625e4ac);c:\programmi\Google\Update\GoogleUpdate.exe [19/04/2009 9.06.31 133104]
S3 UtilNT;UtilNT;c:\windows\system32\drivers\UtilNt.sys [19/04/2009 10.37.56 5533]
.
Contenuto della cartella 'Scheduled Tasks'
2009-05-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2009-06-01 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-19 07:04]
2009-06-01 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-04-19 07:05]
2009-04-22 c:\windows\Tasks\Microsoft_Hardware_Launch_vVX3000_exe.job
- c:\windows\vVX3000.exe [2009-04-19 14:22]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
SafeBoot-procexp90.Sys
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: Aggiungi a PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti destinazione link in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: {EC0324A8-26D1-467F-BB05-32528C84956F} = 151.99.125.1,151.99.250.2
FF - ProfilePath - c:\documents and settings\antonio\Dati applicazioni\Mozilla\Firefox\Profiles\gku9z3e5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
www.google.itFF - component: c:\programmi\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\programmi\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\programmi\Google\Update\1.2.145.5\npGoogleOneClick8.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-06-01 19:57
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\programmi\MySQL\MySQL Server 5.0\my.ini\" MySQL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'explorer.exe'(3884)
c:\windows\system32\PDesk\PDKERNEL.DLL
c:\windows\system32\PDesk\PDTOOLS.DLL
c:\windows\system32\PDesk\PDRESITA.DLL
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Ora fine scansione: 2009-06-01 19.59.48
ComboFix-quarantined-files.txt 2009-06-01 17:59
Pre-Run: 29.088.890.880 byte disponibili
Post-Run: 29.089.525.760 byte disponibili
365 --- E O F --- 2009-05-13 18:07vv