Sembra funzioni,ho riavviato e non ho più la cartella recycler, ti allego il log, ora provo sull'altro pc, ti ringrazio tanto.
scusa, è meglio che lasci per un po' disattivato il ripristino?
(di cestini ne avevo due, cestino e recycler i, ho provato a elininare dei file e finivano nel cestino)
ComboFix 08-05-29.1 - Utente 2008-05-30 23.59.31.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.406 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Utente\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\WINDOWS\hosts
.
((((((((((((((((((((((((( Files Creati Da 2008-04-28 al 2008-05-30 )))))))))))))))))))))))))))))))))))
.
2008-05-30 21:46 . 2008-05-30 21:46 <DIR> d-------- C:\_OTMoveIt
2008-05-26 23:55 . 2006-01-01 02:10 <DIR> d--h----- C:\Documents and Settings\Administrator\Risorse di stampa
2008-05-26 23:55 . 2006-01-01 02:10 <DIR> d--h----- C:\Documents and Settings\Administrator\Risorse di rete
2008-05-26 23:55 . 2006-01-01 02:10 <DIR> d-------- C:\Documents and Settings\Administrator\Preferiti
2008-05-26 23:55 . 2006-01-01 01:16 <DIR> d--h----- C:\Documents and Settings\Administrator\Modelli
2008-05-26 23:55 . 2006-01-01 02:10 <DIR> dr------- C:\Documents and Settings\Administrator\Menu Avvio
2008-05-26 23:55 . 2008-05-31 00:00 <DIR> d--h----- C:\Documents and Settings\Administrator\Impostazioni locali
2008-05-26 23:55 . 2006-01-01 02:10 <DIR> d-------- C:\Documents and Settings\Administrator\Documenti
2008-05-26 23:55 . 2008-05-15 19:47 <DIR> d-------- C:\Documents and Settings\Administrator\Dati applicazioni\Apple Computer
2008-05-26 23:55 . 2008-05-30 22:29 <DIR> dr-h----- C:\Documents and Settings\Administrator\Dati applicazioni
2008-05-26 23:55 . 2008-05-26 23:55 <DIR> d-------- C:\Documents and Settings\Administrator
2008-05-26 23:30 . 2008-05-26 23:30 <DIR> d-------- C:\Programmi\Trend Micro
2008-05-21 21:09 . 2008-05-21 21:09 <DIR> d-------- C:\Programmi\Windows Sidebar
2008-05-21 21:07 . 2008-05-24 11:29 <DIR> d-------- C:\Programmi\Norton Internet Security
2008-05-21 21:06 . 2008-05-24 11:22 <DIR> d-------- C:\Programmi\Symantec
2008-05-21 21:06 . 2008-05-24 11:22 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-05-21 21:06 . 2008-05-24 11:22 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2008-05-21 21:06 . 2008-05-24 11:22 10,740 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-05-21 21:06 . 2008-05-24 11:22 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-05-20 00:25 . 2008-05-20 00:25 <DIR> d-------- C:\Documents and Settings\Utente\Dati applicazioni\Yahoo!
2008-05-19 23:09 . 2008-05-30 23:58 <DIR> d-------- C:\Programmi\File comuni\Symantec Shared
2008-05-15 23:52 . 2008-05-23 22:43 16,636 --a------ C:\WINDOWS\system32\drivers\hosts
2008-05-15 23:31 . 2008-05-22 22:09 <DIR> d-------- C:\password
2008-05-15 22:50 . 2008-05-15 23:21 <DIR> d-------- C:\Documents and Settings\Utente\Dati applicazioni\Symantec
2008-05-15 19:03 . 2008-05-30 21:36 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Symantec
2008-05-15 00:51 . 2008-05-15 00:51 <DIR> d-------- C:\Programmi\CCleaner
2008-05-14 21:53 . 2008-05-21 20:58 <DIR> d-------- C:\Programmi\Yahoo!
2008-05-13 00:45 . 2008-05-30 22:40 <DIR> d-------- C:\VEXPLITE
2008-05-13 00:45 . 2008-03-17 19:23 39,808 --a------ C:\WINDOWS\system32\drivers\VIRAGTLT.SYS
2008-05-12 22:34 . 2008-05-12 22:34 1,224 --a------ C:\WINDOWS\system32\acdb.err
2008-04-11 00:36 . 2008-03-21 22:30 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2008-04-11 00:36 . 2008-03-21 22:30 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-04-11 00:36 . 2008-03-21 22:30 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-04-10 00:49 . 2008-03-20 10:06 1,845,248 --a------ C:\WINDOWS\system32\win32k.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-30 21:40 --------- d-----w C:\Documents and Settings\Utente\Dati applicazioni\Skype
2008-05-30 21:40 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-05-30 20:41 --------- d-----w C:\Programmi\eMule
2008-05-19 22:44 --------- d-----w C:\Programmi\Spybot - Search & Destroy
2008-05-15 21:46 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Avira
2008-05-14 18:02 --------- d-----w C:\Programmi\Google
2008-05-13 18:02 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-05-13 17:57 --------- d-----w C:\Programmi\IKEA HomePlanner
2008-05-13 17:55 --------- d-----w C:\Programmi\NETGEAR
2008-05-12 20:40 --------- d---a-w C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2008-04-26 14:32 --------- d-----w C:\Programmi\File comuni\Adobe
2008-04-10 22:36 --------- d-----w C:\Programmi\DivX
2008-03-31 21:25 831,488 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-03-31 21:25 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-03-31 21:25 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-03-31 21:25 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-03-31 21:25 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2008-03-31 21:25 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 183,072 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-21 20:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-03-21 20:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-03-21 20:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-03-21 20:30 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-03-21 20:30 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-03-21 20:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-03-21 20:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-03-21 20:28 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-03-21 20:28 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-03-21 20:28 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-03-21 20:28 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-03-21 20:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-03-21 20:28 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-02-20 06:50 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:33 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-16 09:01 662,016 ----a-w C:\WINDOWS\system32\wininet.dll
2007-11-24 18:58 32 ----a-r C:\Documents and Settings\All Users\hash.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
2007-08-24 21:51 316784 --a------ C:\Programmi\File comuni\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
2008-05-24 11:05 116088 --a------ C:\PROGRA~1\FILECO~1\SYMANT~1\IDS\IPSBHO.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= "C:\Programmi\File comuni\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll" [2007-08-24 21:51 316784]
[HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Programmi\File comuni\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-24 21:51 316784]
[HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]
"Skype"="C:\Programmi\Skype\Phone\Skype.exe" [2007-03-30 13:34 25263144]
"eMuleAutoStart"="C:\Programmi\eMule\emule.exe" [2007-05-13 16:57 5308416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-07-20 15:07 7110656]
"nwiz"="nwiz.exe" [2005-07-20 15:07 1519616 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 15:54 16248320 C:\WINDOWS\RTHDCPL.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-07-20 15:07 86016]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"Adobe Photo Downloader"="C:\Programmi\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-16 02:37 57344]
"TkBellExe"="C:\Programmi\File comuni\Real\Update_OB\realsched.exe" [2007-01-22 22:47 185896]
"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe" [2004-04-06 17:28 172032]
"HPHUPD06"="C:\Programmi\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-07-14 02:07 49152]
"HP Software Update"="C:\Programmi\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 13:38 49152]
"HP Component Manager"="C:\Programmi\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18 241664]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-07-14 01:58 659456]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-06-15 12:36 229376]
"QuickTime Task"="C:\Programmi\QuickTime\qttask.exe" [2008-02-01 00:13 385024]
"iTunesHelper"="C:\Programmi\iTunes\iTunesHelper.exe" [2008-02-04 15:18 267048]
"NWEReboot"="" []
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"ccApp"="C:\Programmi\File comuni\Symantec Shared\ccApp.exe" [2008-02-14 11:01 51048]
"osCheck"="C:\Programmi\Norton Internet Security\osCheck.exe" [2007-08-24 22:53 714608]
"VIRIT LITE MONITOR"="C:\VEXPLITE\MONLITE.EXE" [2008-05-30 21:49 245760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SymLnch"="C:\Documents and Settings\Utente\Dati applicazioni\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch\SymLnch.exe" [2007-08-26 18:04 687976]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
HP Digital Imaging Monitor.lnk - C:\Programmi\HP\digital imaging\bin\hpqtra08.exe [2004-05-28 22:31:38 241664]
Microsoft Office.lnk - C:\Programmi\Microsoft Office\Office\OSA9.EXE [1999-02-17 20:05:56 65588]
Tasto di scelta rapida per l'avvio di AutoCAD.lnk - C:\Programmi\File comuni\Autodesk Shared\acstart17.exe [2006-03-05 12:43:54 11000]
WG111v2 Smart Wizard Wireless Setting.lnk - C:\Programmi\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe [2007-01-21 13:14:02 745472]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\File comuni\\Symantec Shared\\NPC\\npcLUStb.exe"=
"C:\\Programmi\\eMule\\emule.exe"=
"C:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"C:\\Programmi\\iTunes\\iTunes.exe"=
"C:\\Programmi\\Skype\\Phone\\Skype.exe"=
R0 VIRAGTLT;VIRAGTLT;C:\WINDOWS\system32\drivers\VIRAGTLT.SYS [2008-03-17 19:23]
R1 BIOS;BIOS;C:\WINDOWS\system32\drivers\BIOS.sys [2005-03-16 08:23]
R2 EAPPkt;Realtek EAPPkt Protocol;C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2005-04-01 12:43]
R2 LiveUpdate Notice;LiveUpdate Notice;"C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe" /h ccCommon []
R2 viritsvclite;Virit eXplorer Lite;C:\VEXPLITE\viritsvc.exe [2008-05-30 21:49]
S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-03-06 21:32]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2006-03-16 12:39]
*Newly Created Service* - COMHOST
.
Contenuto della cartella 'Scheduled Tasks'
"2008-05-22 20:33:08 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programmi\Apple Software Update\SoftwareUpdate.exe
"2008-05-30 21:43:00 C:\WINDOWS\Tasks\HP Usg Daily.job"
- C:\Programmi\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\pexpress\hphped05.exe
"2008-05-26 19:47:41 C:\WINDOWS\Tasks\Norton Internet Security - Scansione completa sistema - Utente.job"
- C:\Programmi\Norton Internet Security\Norton AntiVirus\Navw32.exei/TASK:
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-05-31 00:01:07
Windows 5.1.2600 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
Ora fine scansione: 2008-05-31 0.01.47
ComboFix-quarantined-files.txt 2008-05-30 22:01:32
35 Directory 138,550,169,600 byte disponibili
38 Directory 138,727,301,120 byte disponibili
191 --- E O F --- 2008-05-21 20:30:50
