Grazie della risposta shapiro

Ho fatto tutti i passi che mi hai detto di fare ma mi esce ancora il popup che il takmanager è stato disabilitato.

Ecco qua il log di avenger, pare che non abbia trovato i file che doveva cancellare:

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Error: file "c:\windows\system32\jmfa9.dll" not found!
Deletion of file "c:\windows\system32\jmfa9.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\windows\system32\ltnjumga.dll" not found!
Deletion of file "c:\windows\system32\ltnjumga.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\windows\system32\pkcjuqzi.dll" not found!
Deletion of file "c:\windows\system32\pkcjuqzi.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.

Ecco qua il log di combofix:

ComboFix 09-12-27.03 - Checco 28/12/2009 14.18.22.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1014.617 [GMT 1:00]
Eseguito da: c:\documents and settings\Checco\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programmi\Search Settings
c:\programmi\Search Settings\kb128\SeARchsettings.dll
c:\programmi\Search Settings\kb128\SearchSettingsRes409.dll
c:\programmi\Search Settings\SearchSettings.exe

La copia infetta di c:\windows\system32\drivers\iaStor.sys è stata trovata e disinfettata
ipristinata copia da - Kitty ate it :p
.
((((((((((((((((((((((((( Files Creati Da 2009-11-28 al 2009-12-28 )))))))))))))))))))))))))))))))))))
.

2009-12-28 13:07 . 2009-12-28 13:07 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\AVG9
2009-12-26 23:13 . 2009-12-26 23:28 -------- d-----w- c:\programmi\Yahoo!
2009-12-26 23:13 . 2009-12-26 23:13 -------- d-----w- c:\programmi\CCleaner
2009-12-26 23:09 . 2009-12-26 23:09 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\Uniblue
2009-12-26 19:03 . 2009-12-27 00:13 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\vlc
2009-12-26 19:01 . 2009-12-26 19:01 -------- d-----w- c:\programmi\VideoLAN
2009-12-26 18:04 . 2009-12-26 18:24 -------- d-----w- c:\documents and settings\Checco\Impostazioni locali\Dati applicazioni\WMTools Downloaded Files
2009-12-26 10:12 . 2009-12-26 10:12 54632 ---ha-w- c:\windows\system32\mlfcache.dat
2009-12-24 16:37 . 2009-12-24 16:37 34304 ----a-w- c:\windows\system32\tmuuztagt92.dll
2009-12-24 11:28 . 2009-12-24 11:28 -------- d-----w- c:\programmi\Trend Micro
2009-12-24 10:40 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-24 10:40 . 2009-12-24 10:40 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-12-24 10:40 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-22 11:09 . 2009-11-29 11:04 916248 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgcfgx.dll
2009-12-21 18:56 . 2009-12-21 18:56 34304 ----a-w- c:\windows\system32\evtybj.dll
2009-12-18 17:57 . 2009-12-18 17:57 294656 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avglngx.dll
2009-12-13 18:44 . 2009-12-13 18:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McAfee Security Scan
2009-12-13 11:12 . 2009-12-13 11:12 -------- d-----w- c:\documents and settings\Checco\Impostazioni locali\Dati applicazioni\Identities
2009-12-12 17:12 . 2009-12-12 17:12 -------- d-----w- c:\documents and settings\Checco\Impostazioni locali\Dati applicazioni\DOSBox
2009-12-12 09:50 . 2009-11-29 11:04 798488 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avginet.dll
2009-12-11 14:55 . 2009-12-11 14:55 152576 ----a-w- c:\documents and settings\Checco\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
2009-12-11 14:55 . 2009-12-11 14:55 79488 ----a-w- c:\documents and settings\Checco\Dati applicazioni\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-11 14:54 . 2009-11-11 13:50 311296 ----a-w- c:\windows\system32\TubeFinder.exe
2009-12-11 14:54 . 2009-06-19 17:51 119568 ----a-w- c:\windows\system32\VB6FR.DLL
2009-12-11 14:54 . 2009-06-19 17:51 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
2009-12-11 14:54 . 2009-06-19 17:51 9728 ----a-w- c:\windows\system32\PCCLPFR.DLL
2009-12-11 14:54 . 2009-12-11 14:59 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\FreeFLVConverter
2009-12-11 14:54 . 2009-06-19 17:51 32768 ----a-w- c:\windows\system32\CMDLGFR.DLL
2009-12-11 14:54 . 2009-06-19 17:51 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL
2009-12-08 21:38 . 2009-12-08 21:38 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\Grisoft
2009-12-08 21:38 . 2009-12-08 21:38 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Grisoft
2009-12-08 14:04 . 2009-12-08 14:04 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\Malwarebytes
2009-12-08 14:04 . 2009-12-08 14:04 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-12-08 11:04 . 2009-12-08 11:04 1961720 ----a-w- c:\documents and settings\Checco\Dati applicazioni\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-12-07 22:02 . 2009-12-07 22:02 -------- d--h--w- c:\windows\PIF
2009-12-06 19:02 . 2009-12-06 19:52 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Sports Interactive
2009-12-06 18:58 . 2009-12-06 18:58 -------- d-----w- c:\windows\Logs
2009-12-06 18:54 . 2009-12-06 18:58 -------- d--h--w- c:\programmi\Zero G Registry
2009-12-06 18:54 . 2009-12-06 18:54 -------- d--h--w- c:\documents and settings\Checco\InstallAnywhere
2009-12-06 18:47 . 2009-12-06 19:02 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\Sports Interactive
2009-12-06 17:42 . 2009-12-11 14:56 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\Search Settings
2009-12-06 17:40 . 2009-12-11 14:52 -------- d-----w- c:\programmi\Free Video Converter
2009-12-06 17:40 . 2009-12-06 17:41 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\FreeVideoConverter
2009-12-06 11:13 . 2009-12-06 11:13 -------- d-----w- C:\bf11773981e98004cb64a002408b034e
2009-12-05 20:12 . 2009-12-06 19:10 257344 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2009-12-05 20:11 . 2009-12-05 20:12 -------- d-----w- C:\030ba9a30b7b1aff9d0c9cb4
2009-12-05 19:48 . 2009-12-05 19:48 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\Yahoo!
2009-12-05 19:48 . 2009-12-05 19:48 -------- d-----w- c:\documents and settings\Checco\Impostazioni locali\Dati applicazioni\jZip
2009-12-05 19:48 . 2009-12-05 19:49 -------- d-----w- c:\programmi\jZip
2009-12-05 10:48 . 2003-06-23 01:44 1415680 ----a-w- c:\windows\system32\wmv9vcm.dll
2009-12-05 10:48 . 2001-05-16 15:54 309616 ----a-w- c:\windows\system32\wmv8dmod.dll
2009-12-05 10:40 . 2009-12-05 10:40 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\DivX
2009-12-05 10:33 . 2009-12-05 10:49 -------- d-----w- c:\programmi\DivX
2009-12-01 22:20 . 2009-12-06 11:14 -------- d-----w- c:\windows\system32\XPSViewer
2009-12-01 22:20 . 2009-12-01 22:20 -------- d-----w- c:\programmi\MSBuild
2009-12-01 22:19 . 2009-12-01 22:19 -------- d-----w- c:\programmi\Reference Assemblies
2009-12-01 22:19 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-12-01 22:18 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-12-01 22:18 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-12-01 22:18 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-12-01 22:18 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-12-01 22:18 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-12-01 22:18 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-12-01 22:18 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-12-01 22:18 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2009-12-01 22:18 . 2009-12-01 22:19 -------- d-----w- C:\2c0f3812d1285a26d148a849d6
2009-11-30 14:04 . 2008-04-14 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-11-30 12:39 . 2009-12-26 19:09 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\BitTorrent
2009-11-30 12:39 . 2009-11-30 12:39 -------- d-----w- c:\programmi\BitTorrent
2009-11-30 12:34 . 2009-11-30 12:34 -------- d-----w- c:\programmi\HotPotatoes6
2009-11-30 12:28 . 2009-12-06 17:33 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\Apple Computer
2009-11-30 12:24 . 2009-11-30 12:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple
2009-11-30 12:24 . 2009-12-26 10:15 -------- d-----w- c:\documents and settings\Checco\Impostazioni locali\Dati applicazioni\Apple Computer
2009-11-30 11:48 . 2009-11-30 11:48 -------- d-----w- c:\windows\Sun
2009-11-29 16:09 . 2009-11-29 22:56 -------- d-----w- c:\documents and settings\Checco\Impostazioni locali\Dati applicazioni\Adobe
2009-11-29 16:01 . 2009-11-29 16:01 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FLEXnet
2009-11-29 15:57 . 2009-11-29 15:57 -------- d-----w- c:\windows\oem
2009-11-29 15:30 . 2008-04-14 12:00 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-11-29 15:20 . 2009-12-23 09:42 1 ----a-w- c:\documents and settings\Checco\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-11-29 15:19 . 2009-11-29 15:19 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\OpenOffice.org
2009-11-29 15:18 . 2009-11-29 15:18 -------- d-----w- c:\programmi\JRE
2009-11-29 15:18 . 2009-11-29 15:18 -------- d-----w- c:\programmi\OpenOffice.org 3
2009-11-29 15:17 . 2009-11-29 15:17 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-29 15:17 . 2009-11-29 15:17 -------- d-----w- c:\programmi\Java
2009-11-29 14:56 . 2009-11-29 14:56 -------- d-----w- c:\programmi\Microsoft
2009-11-29 11:20 . 2009-12-12 09:51 3967256 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgcorex.dll
2009-11-29 11:20 . 2009-11-29 11:04 497944 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgchjwx.dll
2009-11-29 11:19 . 2009-11-29 11:19 844056 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgupd.exe
2009-11-29 11:19 . 2009-11-29 11:19 1658136 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgupd.dll
2009-11-29 11:13 . 2009-11-29 11:13 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\Template
2009-11-29 11:04 . 2009-11-29 11:04 -------- d-----w- C:\$AVG
2009-11-29 11:04 . 2009-11-29 11:04 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-29 11:04 . 2009-11-29 11:04 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-11-29 11:04 . 2009-11-29 11:04 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-29 11:04 . 2009-11-29 11:04 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-11-29 11:04 . 2009-12-28 10:07 -------- d-----w- c:\windows\system32\drivers\Avg
2009-11-29 11:04 . 2009-12-16 22:26 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\avg9
2009-11-29 11:04 . 2009-11-29 11:04 -------- d-----w- c:\programmi\AVG
2009-11-29 10:02 . 2009-11-29 10:02 -------- d-----w- c:\documents and settings\Checco\Dati applicazioni\Packard Bell
2009-11-29 09:46 . 2009-12-28 10:12 -------- d-----w- c:\documents and settings\Checco\Tracing
2009-11-29 08:59 . 2009-11-29 08:59 -------- d-----w- c:\documents and settings\Checco\Bluetooth Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-28 11:15 . 2009-04-04 05:51 -------- d-----w- c:\programmi\File comuni\Adobe
2009-12-27 12:23 . 2009-04-04 13:00 312344 ----a-w- c:\windows\system32\drivers\iaStor.sys
2009-12-12 20:20 . 2009-04-04 05:38 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-12-12 09:51 . 2009-12-12 09:51 4043032 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgui.exe
2009-12-12 09:51 . 2009-12-12 09:51 3776280 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\setup.exe
2009-12-12 09:51 . 2009-12-12 09:51 2352920 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg9\update\backup\avgresf.dll
2009-12-11 15:54 . 2009-04-04 12:55 85184 ----a-w- c:\windows\system32\perfc010.dat
2009-12-11 15:54 . 2009-04-04 12:55 491256 ----a-w- c:\windows\system32\perfh010.dat
2009-12-06 17:32 . 2009-11-29 15:55 65080 ----a-w- c:\documents and settings\Checco\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-12-06 13:12 . 2009-04-04 05:29 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-12-01 20:13 . 2009-04-04 04:14 76875 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-11-30 12:27 . 2009-11-30 12:27 -------- d-----w- c:\programmi\iTunes
2009-11-30 12:27 . 2009-11-30 12:27 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-30 12:27 . 2009-11-30 12:27 -------- d-----w- c:\programmi\iPod
2009-11-30 12:27 . 2009-11-30 12:24 -------- d-----w- c:\programmi\File comuni\Apple
2009-11-30 12:27 . 2009-11-30 12:26 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2009-11-30 12:26 . 2009-11-30 12:26 -------- d-----w- c:\programmi\Bonjour
2009-11-30 12:26 . 2009-11-30 12:26 -------- d-----w- c:\programmi\QuickTime
2009-11-30 12:25 . 2009-11-30 12:25 -------- d-----w- c:\programmi\Apple Software Update
2009-11-29 15:58 . 2009-04-04 05:41 -------- d-----w- c:\programmi\Packard Bell
2009-11-29 14:59 . 2009-04-04 05:59 -------- d-----w- c:\programmi\Windows Live
2009-11-29 11:31 . 2009-11-29 11:13 552 ----a-w- c:\documents and settings\Checco\Dati applicazioni\wklnhst.dat
2009-11-29 11:26 . 2009-04-04 05:43 -------- d-----w- c:\programmi\Microsoft Works
2009-11-29 11:26 . 2009-04-04 05:41 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-11-29 11:00 . 2009-04-04 06:05 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Norton
2009-11-29 10:50 . 2009-05-14 09:23 -------- d-----w- c:\programmi\Google
2009-11-14 00:49 . 2009-04-04 05:51 129784 ------w- c:\windows\system32\pxafs.dll
2009-11-14 00:49 . 2009-04-04 05:51 120056 ------w- c:\windows\system32\pxcpyi64.exe
2009-11-14 00:49 . 2009-04-04 05:51 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-11-12 16:07 . 2009-11-12 16:07 79144 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-29 07:42 . 2009-04-04 12:55 832512 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:42 . 2009-04-04 12:55 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-29 07:42 . 2009-04-04 12:55 17408 ----a-w- c:\windows\system32\corpol.dll
2009-10-21 05:38 . 2009-04-04 12:55 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2009-04-04 12:55 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2008-04-13 11:53 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:33 . 2009-04-04 12:55 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2009-04-04 12:55 150016 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2009-04-04 12:55 79872 ----a-w- c:\windows\system32\raschap.dll
2003-03-21 12:45 . 2009-11-30 12:34 250544 ----a-w- c:\programmi\File comuni\keyhelp.ocx
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\programmi\Packard Bell\SetupmyPC\SmpSys.exe" [2009-03-18 1160736]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-29 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2009-11-10 417792]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
BTTray.lnk - c:\programmi\WIDCOMM\Bluetooth Software\BTTray.exe [2007-11-1 576104]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegedit"= 0 (0x0)
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-11-29 11:04 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgemc.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgupd.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\BitTorrent\\bittorrent.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [29/11/2009 12.04.24 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [29/11/2009 12.04.33 360584]
R2 avg9emc;AVG Free E-mail Scanner;c:\programmi\AVG\AVG9\avgemc.exe [29/11/2009 12.04.18 906520]
R2 avg9wd;AVG Free WatchDog;c:\programmi\AVG\AVG9\avgwdsvc.exe [29/11/2009 12.04.18 285392]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [04/04/2009 13.56.26 38912]
R3 M3000Srv;WebCam Driver;c:\windows\system32\drivers\M3000KNT.sys [14/05/2009 10.19.39 145152]
S2 Norton Internet Security;Norton Internet Security;"c:\programmi\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\programmi\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\programmi\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [04/04/2009 6.39.03 1684736]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [04/04/2009 6.36.25 162816]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A30FFDDB-8DA6-468C-8A39-8A2FFEB335CC}]
2009-12-24 16:37 34304 ----a-w- c:\windows\system32\tmuuztagt92.dll
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.repubblica.it/
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0410&s=0&o=xph&d=1109&m=dots
uInternet Connection Wizard,ShellNext = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0410&s=0&o=xph&d=1109&m=dots
uInternet Settings,ProxyOverride = *.local
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Invia a Bluetooth - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Invia a periferica &Bluetooth... - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

BHO-{EA44E81B-C717-4FB6-B1F6-43820D2F17A9} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-28 14:27
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\programmi\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\programmi\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(3468)
c:\windows\system32\WININET.dll
c:\windows\system32\btmmhook.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\programmi\AVG\AVG9\avgchsvx.exe
c:\programmi\AVG\AVG9\avgrsx.exe
c:\programmi\AVG\AVG9\avgcsrvx.exe
c:\programmi\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programmi\Bonjour\mDNSResponder.exe
c:\programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\windows\system32\wdfmgr.exe
c:\programmi\AVG\AVG9\avgnsx.exe
c:\programmi\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Ora fine scansione: 2009-12-28 14:30:41 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-12-28 13:30

Pre-Run: 126.704.357.376 byte disponibili
Post-Run: 126.795.853.824 byte disponibili

- - End Of File - - 3289C0488C6375077CDBE93014898037