shapiro ha scritto:
C:\WINDOWS\system32\kxvo.exe
file non presente nei processi....fixato comunque
eseguito il resto...
ComboFix 10-06-02.03 - ******* 03/06/2010 10.34.52.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1022.397 [GMT 2:00]
Eseguito da: c:\documents and settings\********\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning enabled* (Outdated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall Plus *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
* Creato nuovo punto di ripristino
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycler\S-1-5-21-4511525262-6565581652-878957514-2352\winmap.exe
c:\windows\hg.exe
c:\windows\recover.reg
c:\windows\system32\Vb40032.dll
.
((((((((((((((((((((((((( Files Creati Da 2010-05-03 al 2010-06-03 )))))))))))))))))))))))))))))))))))
.
2010-06-03 07:14 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-06-03 07:14 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-05-31 10:19 . 2010-05-31 10:19 -------- d-----w- c:\programmi\McAfee
2010-05-31 10:19 . 2010-05-31 10:22 -------- d-----w- c:\windows\system32\mclsphlr
2010-05-31 10:19 . 2005-07-26 12:47 90112 ----a-w- c:\windows\system32\mcrtl32.dll
2010-05-31 10:19 . 2005-07-26 12:50 94208 ----a-w- c:\windows\system32\mclsp.dll
2010-05-31 10:19 . 2005-04-20 17:22 32768 ----a-w- c:\windows\system32\instlsp.exe
2010-05-31 10:19 . 2005-04-20 17:22 11264 ----a-w- c:\windows\system32\sporder.dll
2010-05-31 10:18 . 2005-08-16 14:18 80640 ----a-w- c:\windows\system32\drivers\MpFirewall.sys
2010-05-31 10:18 . 2005-08-16 14:13 9216 ----a-w- c:\windows\system32\MpfApi.dll
2010-05-31 10:18 . 2010-05-31 14:41 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McAfee.com Personal Firewall
2010-05-31 10:17 . 2005-08-10 09:22 114464 ----a-w- c:\windows\system32\drivers\naiavf5x.sys
2010-05-31 10:16 . 2005-05-25 13:53 288320 ----a-r- c:\windows\system32\mcgdmgr.dll
2010-05-31 10:16 . 2005-10-19 06:38 349760 ----a-r- c:\windows\system32\mcinsctl.dll
2010-05-31 09:47 . 2010-05-31 09:47 -------- d-----w- c:\programmi\Docfa4
2010-05-31 08:45 . 2010-05-31 08:45 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-05-31 08:45 . 2010-05-31 14:43 -------- d-----w- c:\documents and settings\******\Dati applicazioni\skypePM
2010-05-31 08:44 . 2010-06-03 08:42 -------- d-----w- c:\documents and settings\******\Dati applicazioni\Skype
2010-05-31 08:41 . 2010-05-31 08:41 -------- d-----w- c:\programmi\File comuni\Skype
2010-05-31 08:41 . 2010-05-31 08:43 -------- d-----r- c:\programmi\Skype
2010-05-31 08:41 . 2010-05-31 08:41 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2010-05-31 08:28 . 2010-05-31 08:28 -------- d-----w- c:\programmi\File comuni\Windows Live
2010-05-27 08:27 . 2008-04-14 02:13 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-05-27 08:27 . 2001-08-30 21:07 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-05-26 07:46 . 2010-05-26 07:46 -------- d-----w- c:\documents and settings\******\Dati applicazioni\ScanSoft
2010-05-24 07:41 . 2010-05-24 07:41 -------- d-----w- c:\documents and settings\*******\Impostazioni locali\Dati applicazioni\Scansoft
2010-05-24 07:24 . 2010-05-24 07:24 50 ----a-w- c:\windows\system32\bridf08b.dat
2010-05-24 07:24 . 2010-05-24 07:24 -------- dc----w- c:\windows\system32\DRVSTORE
2010-05-24 07:24 . 2006-07-07 10:40 73728 ------w- c:\windows\system32\BRCrypt.dll
2010-05-24 07:23 . 2008-01-25 10:48 102400 ------w- c:\windows\system32\BrMfNt.dll
2010-05-24 07:11 . 2010-05-24 07:11 -------- d-----w- c:\programmi\Reallusion
2010-05-24 07:10 . 2010-05-24 07:10 -------- d-----w- c:\documents and settings\********\Dati applicazioni\InstallShield
2010-05-24 07:10 . 2010-05-24 07:10 -------- d-----w- c:\programmi\Nuance
2010-05-24 07:09 . 2010-05-24 07:09 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Brother
2010-05-19 07:14 . 2010-05-19 07:19 29433 ------w- c:\windows\hpoins03.dat
2010-05-19 07:14 . 2004-01-05 09:47 38879 ------w- c:\windows\hpomdl03.dat
2010-05-14 09:23 . 2010-05-14 09:23 -------- d-----w- c:\documents and settings\*******\Impostazioni locali\Dati applicazioni\Adobe SVG Viewer
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-03 07:37 . 2010-06-03 07:37 503808 ----a-w- c:\documents and settings\******\Dati applicazioni\Sun\Java\Deployment\cache\6.0\46\f84c6ae-69691a31-n\msvcp71.dll
2010-06-03 07:37 . 2010-06-03 07:37 499712 ----a-w- c:\documents and settings\*******\Dati applicazioni\Sun\Java\Deployment\cache\6.0\46\f84c6ae-69691a31-n\jmc.dll
2010-06-03 07:37 . 2010-06-03 07:37 348160 ----a-w- c:\documents and settings\*******\Dati applicazioni\Sun\Java\Deployment\cache\6.0\46\f84c6ae-69691a31-n\msvcr71.dll
2010-05-31 10:19 . 2006-11-28 09:48 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McAfee
2010-05-31 10:19 . 2006-11-28 09:45 -------- d-----w- c:\programmi\McAfee.com
2010-05-31 10:19 . 2006-11-28 09:46 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McAfee.com
2010-05-31 08:50 . 2006-11-28 09:48 -------- d-----w- c:\programmi\Google
2010-05-24 08:45 . 2010-05-24 07:12 -------- d-----w- c:\documents and settings\******\Dati applicazioni\Reallusion
2010-05-24 07:23 . 2010-05-24 07:11 -------- d-----w- c:\programmi\Brother
2010-05-24 07:23 . 2007-12-10 08:14 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-05-24 07:21 . 2010-05-24 07:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\ScanSoft
2010-05-24 07:20 . 2010-05-24 07:20 -------- d-----w- c:\programmi\File comuni\ScanSoft Shared
2010-05-24 07:20 . 2010-05-24 07:20 -------- d-----w- c:\programmi\ScanSoft
2010-05-24 07:12 . 2010-05-24 07:12 20480 ----a-w- c:\documents and settings\*****\Dati applicazioni\Reallusion\BSandWBinstaller.exe
2010-05-24 07:10 . 2010-05-24 07:10 10134 ----a-r- c:\documents and settings\*****\Dati applicazioni\Microsoft\Installer\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}\ARPPRODUCTICON.exe
2010-04-27 10:15 . 2004-09-09 08:37 95212 ----a-w- c:\windows\system32\perfc010.dat
2010-04-27 10:15 . 2004-09-09 08:37 514028 ----a-w- c:\windows\system32\perfh010.dat
2010-03-26 08:33 . 2010-06-03 07:34 43008 ----a-w- c:\documents and settings\******\Dati applicazioni\Mozilla\Firefox\Profiles\2cv8euj1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-03-26 08:33 . 2010-06-03 07:34 339456 ----a-w- c:\documents and settings\******\Dati applicazioni\Mozilla\Firefox\Profiles\2cv8euj1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-03-26 08:33 . 2010-06-03 07:34 1496064 ----a-w- c:\documents and settings\*******\Dati applicazioni\Mozilla\Firefox\Profiles\2cv8euj1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-03-26 08:32 . 2010-06-03 07:34 346112 ----a-w- c:\documents and settings\*******\Dati applicazioni\Mozilla\Firefox\Profiles\2cv8euj1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2010-03-10 06:15 . 2004-09-09 08:37 420352 ----a-w- c:\windows\system32\vbscript.dll
2002-09-09 11:50 . 2002-09-09 11:50 90112 ----a-w- c:\programmi\File comuni\msjro.dll
2002-07-19 06:34 . 2002-07-19 06:34 61440 ----a-w- c:\programmi\File comuni\msado20.tlb
2000-07-14 22:00 . 2000-07-14 22:00 136192 ----a-w- c:\programmi\File comuni\MSDERUN.DLL
2009-12-03 10:28 . 2008-09-30 07:08 119808 ----a-w- c:\programmi\mozilla firefox\components\GoogleDesktopMozilla.dll
2006-10-11 08:04 . 2006-12-07 15:15 61036 ----a-w- c:\programmi\mozilla firefox\components\jar50.dll
2006-10-11 08:04 . 2006-12-07 15:15 48742 ----a-w- c:\programmi\mozilla firefox\components\jsd3250.dll
2006-10-11 08:05 . 2006-12-07 15:15 29313 ----a-w- c:\programmi\mozilla firefox\components\myspell.dll
2006-10-11 08:05 . 2006-12-07 15:15 41082 ----a-w- c:\programmi\mozilla firefox\components\spellchk.dll
2006-10-11 08:04 . 2006-12-07 15:15 166510 ----a-w- c:\programmi\mozilla firefox\components\xpinstal.dll
2010-02-10 09:40 . 2007-03-13 09:18 88 --sh--r- c:\windows\system32\05B261353F.sys
2009-11-11 13:07 . 2006-12-11 10:56 88 --sh--r- c:\windows\system32\75587052DF.sys
2010-02-10 09:40 . 2006-12-11 10:56 5486 --sha-w- c:\windows\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-26 68856]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" [2010-05-13 26192168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="stsystra.exe" [2006-08-15 282624]
"ATICCC"="c:\programmi\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"DMXLauncher"="c:\programmi\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ISUSPM Startup"="c:\progra~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\programmi\File comuni\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"Google Desktop Search"="c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-03 30192]
"HP Software Update"="c:\programmi\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 49152]
"DSLSTATEXE"="c:\program files\Libero\Adsl\dslstat.exe" [2004-11-29 299008]
"DSLAGENTEXE"="c:\program files\Libero\Adsl\dslagent.exe" [2004-11-29 16384]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"HP Component Manager"="c:\programmi\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"SSBkgdUpdate"="c:\programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\programmi\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-11 29984]
"IndexSearch"="c:\programmi\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-11 46368]
"PPort11reminder"="c:\programmi\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"BrMfcWnd"="c:\programmi\Brother\Brmfcmon\BrMfcWnd.exe" [2008-05-29 1085440]
"ControlCenter3"="c:\programmi\Brother\ControlCenter3\brctrcen.exe" [2007-12-21 86016]
"VSOCheckTask"="c:\progra~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 151552]
"OASClnt"="c:\programmi\McAfee.com\VSO\oasclnt.exe" [2005-08-11 53248]
"MCAgentExe"="c:\progra~1\mcafee.com\agent\mcagent.exe" [2005-07-01 303104]
"MCUpdateExe"="c:\progra~1\mcafee.com\agent\McUpdate.exe" [2005-07-08 212992]
"MPSExe"="c:\progra~1\mcafee.com\mps\mscifapp.exe" [2005-07-26 294912]
"MSKAGENTEXE"="c:\progra~1\McAfee\SPAMKI~1\MskAgent.exe" [2005-07-12 110592]
"MSKDetectorExe"="c:\progra~1\McAfee\SPAMKI~1\MSKDetct.exe" [2005-07-12 1117184]
"VirusScan Online"="c:\programmi\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 163840]
"MPFExe"="c:\progra~1\McAfee.com\PERSON~1\MpfTray.exe" [2005-09-27 999424]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
BlueSoleil.lnk - c:\programmi\IVT Corporation\BlueSoleil\gprs.exe [2007-12-27 43608]
BTTray.lnk - c:\programmi\WIDCOMM\Software Bluetooth\BTTray.exe [2004-10-1 565309]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Dell Network Assistant\\ezi_hnm2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Programmi\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10421:UDP"= 10421:UDP:SingleClick Discovery Protocol
"10426:UDP"= 10426:UDP:SingleClick ICC
R2 hnmwrlspkt;HomeNet Manager Wireless Protocol;c:\windows\system32\drivers\hnm_wrls_pkt.sys [14/07/2006 3.01.16 13824]
R2 Start BT in service;Start BT in service;c:\programmi\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [27/12/2007 15.39.20 51816]
R2 wsppkt;Wireless Security Protocol;c:\windows\system32\drivers\wsp_pkt.sys [14/07/2006 3.02.22 13696]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [10/02/2010 10.25.17 135664]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe [28/11/2006 11.48.57 30192]
.
Contenuto della cartella 'Scheduled Tasks'
2010-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-10 08:25]
2010-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-10 08:25]
2010-06-03 c:\windows\Tasks\Ricerca virus McAfee.com - Risorse del computer (******).job
- c:\programmi\mcafee.com\vso\mcmnhdlr.exe [2010-05-31 16:18]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.google.it/ig/dell?hl=it&client=dell-row&channel=it&ibd=4061128
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
IE: Invia a &Bluetooth - c:\programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: c:\windows\system32\mclsp.dll
TCP: {A5F0F5F6-962C-4750-B432-FA55660E5AB4} = 213.92.5.54,194.20.8.4
FF - ProfilePath - c:\documents and settings\******\Dati applicazioni\Mozilla\Firefox\Profiles\2cv8euj1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
www.google.itFF - component: c:\documents and settings\*****\Dati applicazioni\Mozilla\Firefox\Profiles\2cv8euj1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\programmi\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\programmi\Mozilla Firefox\components\xpinstal.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: dom.disable_open_during_load - false // Popupblocker control handled by McAfee Privacy Service
.
.
------- Associazioni dei file -------
.
.scr=AutoCADLTScriptFile
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-06-03 10:44
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'lsass.exe'(708)
c:\windows\system32\mclsp.dll
c:\windows\system32\SPORDER.dll
c:\windows\system32\mclsphlr\gdlsphlr.dll
c:\windows\system32\McRtl32.dll
- - - - - - - > 'explorer.exe'(2808)
c:\windows\system32\WININET.dll
c:\progra~1\McAfee\SPAMKI~1\mskoeplg.dll
c:\progra~1\mcafee.com\vso\McVSSkt.dll
c:\windows\system32\btneighborhood.dll
c:\windows\system32\wbtapi.dll
c:\windows\system32\btwpimif.dll
c:\windows\system32\btosif.dll
c:\windows\system32\btrez.dll
c:\windows\system32\CSH.dll
c:\windows\system32\webcheck.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programmi\IVT Corporation\BlueSoleil\BTNtService.exe
c:\programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\mcafee.com\agent\mcdetect.exe
c:\progra~1\mcafee.com\vso\mcshield.exe
c:\progra~1\mcafee.com\agent\mctskshd.exe
c:\programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\progra~1\McAfee.com\PERSON~1\MpfService.exe
c:\progra~1\McAfee\SPAMKI~1\MSKSrvr.exe
c:\programmi\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
c:\windows\system32\wscntfy.exe
c:\windows\stsystra.exe
c:\programmi\Brother\ControlCenter3\brccMCtl.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\programmi\Brother\Brmfcmon\BrMfcmon.exe
c:\progra~1\McAfee.com\PERSON~1\MpfAgent.exe
c:\programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe
c:\programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe
c:\programmi\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Ora fine scansione: 2010-06-03 10:50:55 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-06-03 08:50
Pre-Run: 217.838.784.512 byte disponibili
Post-Run: 222.385.414.144 byte disponibili
- - End Of File - - 3D1E608BEC3198564C9D70EA3F2D3876
ciao