questo è il file combofix, volevo dirti che il post di ieri si riferisce veramente ad un problema di un mio collega, ma vedo che anch'io non sono messo molto bene. premetto che non sono molto esperto grazie per l'aiuto








ComboFix 08-12-23.01 - bruno 2008-12-23 22.42.43.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.383.128 [GMT 1:00]
Eseguito da: c:\documents and settings\bruno\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\bruno\Dati applicazioni\inst.exe

.
((((((((((((((((((((((((( Files Creati Da 2008-11-23 al 2008-12-23 )))))))))))))))))))))))))))))))))))
.

2008-12-23 16:12 . 2008-12-23 16:12 <DIR> d-------- c:\documents and settings\MATTIA\Dati applicazioni\PCToolsFirewallPlus
2008-12-23 16:11 . 2008-12-23 16:11 <DIR> d-------- c:\documents and settings\MATTIA\Dati applicazioni\Spyware Terminator
2008-12-23 00:02 . 2008-12-23 00:02 <DIR> d-------- c:\documents and settings\bruno\Dati applicazioni\PCToolsFirewallPlus
2008-12-22 23:58 . 2008-12-23 22:38 <DIR> d-a------ c:\documents and settings\All Users\Dati applicazioni\TEMP
2008-12-22 23:58 . 2008-12-11 08:38 159,600 --a------ c:\windows\system32\drivers\pctgntdi.sys
2008-12-22 23:58 . 2008-12-11 12:32 132,976 --a------ c:\windows\system32\drivers\PCTCore.sys
2008-12-22 23:58 . 2008-12-11 12:32 73,840 --a------ c:\windows\system32\drivers\PCTAppEvent.sys
2008-12-22 23:57 . 2008-12-22 23:58 <DIR> d-------- c:\programmi\File comuni\PC Tools
2008-12-22 23:57 . 2008-09-22 12:29 97,408 --a------ c:\windows\system32\drivers\pctfw.sys
2008-12-22 23:56 . 2008-12-23 00:06 <DIR> d-------- c:\programmi\PC Tools Firewall Plus
2008-12-22 23:56 . 2008-12-11 17:01 95,640 --a------ c:\windows\system32\drivers\pctplfw.sys
2008-12-22 22:16 . 2008-12-23 20:21 <DIR> d-------- c:\documents and settings\bruno\Dati applicazioni\Spyware Terminator
2008-12-22 22:16 . 2008-12-22 22:16 142,592 --a------ c:\windows\system32\drivers\sp_rsdrv2.sys
2008-12-22 22:15 . 2008-12-23 20:21 <DIR> d-------- c:\programmi\Spyware Terminator
2008-12-22 22:15 . 2008-12-23 16:32 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator
2008-12-22 19:20 . 2008-04-13 11:45 26,112 --a------ c:\windows\system32\drivers\usbser.sys
2008-12-22 19:20 . 2008-04-13 11:45 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys
2008-12-22 19:20 . 2008-12-22 19:20 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-12-22 19:19 . 2008-12-22 19:19 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-12-22 16:32 . 2008-12-22 16:32 <DIR> d-------- c:\programmi\MSXML 4.0
2008-12-21 14:53 . 2008-12-21 14:53 <DIR> d-------- c:\documents and settings\bruno\Dati applicazioni\PC Suite
2008-12-21 14:53 . 2008-12-21 14:53 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\PC Suite
2008-12-21 14:42 . 2008-12-21 14:53 <DIR> d-------- c:\documents and settings\bruno\Dati applicazioni\Nokia
2008-12-21 14:40 . 2008-12-21 14:40 <DIR> d-------- c:\programmi\MSXML 6.0
2008-12-21 14:40 . 2008-12-21 14:40 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Installations
2008-12-21 14:38 . 2008-12-21 14:38 <DIR> d-------- c:\programmi\File comuni\muvee Technologies
2008-12-21 14:37 . 2008-12-21 14:39 <DIR> d-------- c:\windows\Globalization
2008-12-21 14:36 . 2008-12-21 14:36 <DIR> d-------- c:\programmi\File comuni\Nokia
2008-12-21 14:34 . 2008-12-21 14:34 <DIR> d-------- c:\programmi\DIFX
2008-12-21 14:34 . 2007-09-17 15:53 21,632 --a------ c:\windows\system32\drivers\pccsmcfd.sys
2008-12-21 14:33 . 2008-12-21 14:41 <DIR> d-------- c:\programmi\Nokia
2008-12-21 14:33 . 2008-05-07 07:39 1,419,232 --a------ c:\windows\system32\wdfcoinstaller01005.dll
2008-12-21 14:33 . 2008-05-07 07:38 659,968 --a------ c:\windows\system32\nmwcdcocls.dll
2008-12-21 14:33 . 2008-05-07 07:38 90,624 --a------ c:\windows\system32\nmwcdcls.dll
2008-12-21 14:33 . 2008-05-07 07:38 20,864 --a------ c:\windows\system32\drivers\ccdcmbo.sys
2008-12-21 14:33 . 2008-05-07 07:38 17,536 --a------ c:\windows\system32\drivers\ccdcmb.sys
2008-12-21 14:33 . 2008-05-07 07:38 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys
2008-12-21 14:33 . 2008-06-06 09:24 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys
2008-12-21 14:30 . 2008-12-21 14:33 1,393 --a------ c:\windows\imsins.BAK
2008-12-21 14:24 . 2008-12-21 14:29 <DIR> d-------- c:\windows\system32\XPSViewer
2008-12-21 14:24 . 2008-12-21 14:24 <DIR> d-------- c:\programmi\Reference Assemblies
2008-12-21 14:24 . 2008-12-21 14:24 <DIR> d-------- c:\programmi\MSBuild
2008-12-21 14:23 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2008-12-19 10:18 . 2008-12-23 01:17 <DIR> d-------- c:\programmi\PeerGuardian2
2008-12-18 20:54 . 2008-12-18 20:54 <DIR> d-------- c:\programmi\Alcohol Soft
2008-12-18 20:54 . 2008-12-18 20:54 223,128 --a------ c:\windows\system32\drivers\vaxscsi.sys
2008-12-18 16:44 . 2008-12-18 16:44 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2008-12-18 15:43 . 2008-12-18 15:43 <DIR> d-------- c:\documents and settings\bruno\Dati applicazioni\CoSoSys
2008-12-18 13:37 . 2008-12-18 13:37 4,317 --a------ C:\MAD2.MDS
2008-12-18 13:30 . 2008-12-18 13:37 2,924,707,840 --a------ C:\MAD2.ISO
2008-12-17 09:44 . 2008-12-17 09:44 <DIR> d-------- c:\programmi\IObit
2008-12-14 18:53 . 2008-12-14 18:53 <DIR> d-------- c:\documents and settings\MATTIA\Dati applicazioni\Apple Computer
2008-12-14 18:53 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll
2008-12-14 18:53 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys
2008-12-14 18:52 . 2008-12-14 18:52 <DIR> d-------- c:\programmi\iTunes
2008-12-14 18:52 . 2008-12-14 18:52 <DIR> d-------- c:\programmi\iPod
2008-12-14 18:52 . 2008-12-14 18:52 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-14 18:51 . 2008-12-14 18:51 <DIR> d-------- c:\programmi\QuickTime
2008-12-14 18:51 . 2008-12-14 18:51 <DIR> d-------- c:\programmi\Bonjour
2008-12-14 18:51 . 2008-12-14 18:52 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2008-12-14 18:50 . 2008-12-14 18:52 <DIR> d-------- c:\programmi\File comuni\Apple
2008-12-14 18:50 . 2008-12-14 18:50 <DIR> d-------- c:\programmi\Apple Software Update
2008-12-14 18:50 . 2008-12-14 18:50 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Apple
2008-12-14 18:50 . 2008-11-07 14:23 32,000 --a------ c:\windows\system32\drivers\usbaapl.sys
2008-12-12 16:06 . 2008-12-12 16:06 <DIR> d-------- C:\CloneDVDTemp
2008-11-27 19:14 . 2008-11-29 17:31 <DIR> d-------- c:\programmi\BitTorrent Fastest Tool
2008-11-25 19:22 . 2008-11-25 19:22 <DIR> d-------- c:\documents and settings\MATTIA\Dati applicazioni\Media Player Classic
2008-11-23 16:13 . 2008-11-23 16:13 <DIR> d-------- c:\windows\Sun

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-23 15:09 --------- d-----w c:\documents and settings\bruno\Dati applicazioni\DVD Flick
2008-12-23 11:25 --------- d-----w c:\documents and settings\bruno\Dati applicazioni\uTorrent
2008-12-23 11:17 --------- d-----w c:\documents and settings\bruno\Dati applicazioni\LimeWire
2008-12-19 21:23 --------- d-----w c:\documents and settings\bruno\Dati applicazioni\AVGTOOLBAR
2008-12-18 20:42 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-12-15 21:07 --------- d-----w c:\documents and settings\MATTIA\Dati applicazioni\LimeWire
2008-12-15 19:34 --------- d-----w c:\documents and settings\MATTIA\Dati applicazioni\uTorrent
2008-12-05 15:25 --------- d-----w c:\programmi\Java
2008-12-01 20:07 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\avg8
2008-11-26 14:50 --------- d-----w c:\documents and settings\MATTIA\Dati applicazioni\DVD Flick
2008-11-24 19:56 --------- d-----w c:\programmi\LimeWire
2008-11-23 13:41 --------- d-----w c:\programmi\eCover
2008-11-22 18:12 --------- d-----w c:\documents and settings\bruno\Dati applicazioni\Media Player Classic
2008-11-22 17:48 --------- d-----w c:\programmi\K-Lite Codec Pack
2008-11-21 14:18 --------- d-----w c:\programmi\Windows Media Connect 2
2008-11-16 20:34 --------- d-----w c:\documents and settings\MATTIA\Dati applicazioni\AVGTOOLBAR
2008-11-16 19:27 --------- d-----w c:\documents and settings\MATTIA\Dati applicazioni\vlc
2008-11-16 18:11 --------- d-----w c:\documents and settings\bruno\Dati applicazioni\vlc
2008-11-16 17:06 --------- d-----w c:\programmi\DVD Flick
2008-11-14 16:59 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\GRETECH
2008-11-14 16:58 --------- d-----w c:\programmi\GRETECH
2008-11-14 16:58 --------- d-----w c:\documents and settings\bruno\Dati applicazioni\GRETECH
2008-11-12 20:12 --------- d-----w c:\documents and settings\bruno\Dati applicazioni\dvdcss
2008-11-10 19:34 --------- d-----w c:\programmi\uTorrent
2008-11-10 04:43 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-11-08 12:30 --------- d-----w c:\programmi\CDBurnerXP
2008-11-08 12:30 --------- d-----w c:\documents and settings\bruno\Dati applicazioni\Canneverbe_Limited
2008-11-08 10:45 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2008-11-07 14:26 --------- d-----w c:\programmi\Messenger Plus! Live
2008-11-07 09:01 --------- d--h--w c:\programmi\InstallShield Installation Information
2008-11-07 09:01 --------- d-----w c:\programmi\EPSON
2008-11-07 08:48 --------- d-----w c:\programmi\Spybot - Search & Destroy
2008-11-06 19:56 --------- d-----w c:\programmi\Windows Live
2008-11-06 17:01 47,360 ----a-w c:\documents and settings\bruno\Dati applicazioni\pcouffin.sys
2008-11-06 17:01 --------- d-----w c:\documents and settings\bruno\Dati applicazioni\Vso
2008-11-06 16:57 47,360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2008-11-04 21:03 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Bluetooth
2008-11-04 20:54 --------- d-----w c:\programmi\IVT Corporation
2008-11-04 20:10 --------- d-----w c:\programmi\Microsoft SQL Server Compact Edition
2008-11-04 20:08 --------- d-----w c:\programmi\Windows Live Toolbar
2008-11-04 20:08 --------- d-----w c:\programmi\Windows Live Favorites
2008-11-04 19:47 --------- dcsh--w c:\programmi\File comuni\WindowsLiveInstaller
2008-11-04 19:38 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\WLInstaller
2008-11-03 19:33 --------- d-----w c:\documents and settings\MATTIA\Dati applicazioni\MSN6
2008-10-31 14:40 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Elaborate Bytes
2008-10-31 14:39 --------- d-----w c:\programmi\Elaborate Bytes
2008-10-31 13:24 --------- d-----w c:\programmi\Microsoft.NET
2008-10-31 12:42 --------- d-----w c:\documents and settings\bruno\Dati applicazioni\AdobeUM
2008-10-31 12:40 --------- d-----w c:\programmi\VideoLAN
2008-10-31 12:38 --------- d-----w c:\programmi\File comuni\Adobe
2008-10-31 12:36 --------- d-----w c:\programmi\Motive
2008-10-31 12:36 --------- d-----w c:\programmi\Alice ti aiuta
2008-10-31 12:25 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Motive(2)
2008-10-31 12:12 --------- d-----w c:\programmi\Telecom Italia
2008-10-31 11:41 --------- d-----w c:\documents and settings\bruno\Dati applicazioni\Motive
2008-10-31 11:35 --------- d-----w c:\documents and settings\bruno\Dati applicazioni\OpenOffice.org
2008-10-31 11:32 --------- d-----w c:\programmi\File comuni\Java
2008-10-30 17:45 --------- d-----w c:\programmi\CCleaner
2008-10-30 17:04 155,995 ----a-w c:\windows\java\Packages\EG624XFL.ZIP
2008-10-30 17:04 --------- d-----w c:\programmi\Common Files
2008-10-30 17:04 --------- d-----w c:\programmi\Aethra
2008-10-30 16:52 97,928 ----a-w c:\windows\system32\drivers\avgldx86.sys
2008-10-30 16:52 76,040 ----a-w c:\windows\system32\drivers\avgtdix.sys
2008-10-30 16:52 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2008-10-30 16:52 --------- d-----w c:\programmi\AVG
2008-10-30 15:27 --------- d-----w c:\programmi\VIA Technologies, Inc
2008-10-30 15:26 --------- d-----w c:\programmi\ATI Technologies
2008-10-30 15:25 --------- d-----w c:\programmi\Realtek Sound Manager
2008-10-30 15:25 --------- d-----w c:\programmi\AvRack
2008-10-30 15:24 --------- d-----w c:\programmi\File comuni\InstallShield
2008-10-30 15:16 --------- d-----w c:\programmi\microsoft frontpage
2008-10-30 15:15 --------- d-----w c:\programmi\Servizi in linea
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-16 20:04 826,368 ----a-w c:\windows\system32\wininet.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-03 10:02 247,326 ----a-w c:\windows\system32\strmdll.dll
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"MsnMsgr"="c:\programmi\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\programmi\File comuni\Nokia\MPlatform\NokiaMServer" [X]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336]
"CnxTrApp"="c:\programmi\Aethra\ADSL EB1070 USB\CnxTrApp.dll" [2004-04-20 247296]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"SpywareTerminator"="c:\programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2008-12-22 2267136]
"00PCTFW"="c:\programmi\PC Tools Firewall Plus\FirewallGUI.exe" [2008-12-11 2652056]
"SoundMan"="SOUNDMAN.EXE" [2003-05-14 c:\windows\SOUNDMAN.EXE]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 c:\windows\system32\Ati2mdxx.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 c:\windows\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
BlueSoleil.lnk - c:\programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe [2005-09-20 1200128]
Nokia Ovi Suite.lnk - c:\programmi\Nokia\Ovi\Suite\RunLauncher.exe [2008-07-25 951600]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgemc.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\uTorrent\\utorrent.exe"=
"c:\\Programmi\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programmi\\LimeWire\\LimeWire.exe"=
"c:\\Documents and Settings\\bruno\\Desktop\\eMule0.47c\\emule.exe"=
"c:\\Documents and Settings\\MATTIA\\Desktop\\eMule0.47c\\emule.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"=
"c:\\Programmi\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-10-30 97928]
R1 pctgntdi;pctgntdi;\??\c:\windows\system32\drivers\pctgntdi.sys [2008-12-22 159600]
R1 sp_rsdrv2;Spyware Terminator Driver 2;\??\c:\windows\system32\drivers\sp_rsdrv2.sys [2008-12-22 142592]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-10-30 875288]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-10-30 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-10-30 76040]
R2 PCTAppEvent;PCTAppEvent Driver;\??\c:\windows\system32\drivers\PCTAppEvent.sys [2008-12-22 73840]
S2 TwonkyMedia;TwonkyMedia;c:\programmi\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 []
S3 pctplfw;pctplfw;\??\c:\windows\system32\drivers\pctplfw.sys [2008-12-22 95640]

*Newly Created Service* - PROCEXP90
.
Contenuto della cartella 'Scheduled Tasks'

2008-12-23 c:\windows\Tasks\Verifica aggiornamenti per Windows Live Toolbar.job
- c:\programmi\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
.
------- Supplementare di scansione -------
.
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = 127.0.0.1
IE: &Windows Live Search - c:\programmi\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FF - ProfilePath - c:\documents and settings\bruno\Dati applicazioni\Mozilla\Firefox\Profiles\gpqae988.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\programmi\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\programmi\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-23 22:44:12
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'winlogon.exe'(1140)
c:\windows\system32\avgrsstx.dll

- - - - - - - > 'lsass.exe'(1204)
c:\windows\system32\avgrsstx.dll
.
Ora fine scansione: 2008-12-23 22.45.26
ComboFix-quarantined-files.txt 2008-12-23 21:45:19

Pre-Run: 182.805.299.200 byte disponibili
Post-Run: 182,897,217,536 byte disponibili

WindowsXP-KB310994-SP2-Home-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

274 --- E O F --- 2008-12-22 15:33:18

ecco il log di malawarebites aiutooooooooooooo ps avg continua a fare delle scansioni e non riesco a fermarlo


Malwarebytes' Anti-Malware 1.31
Versione del database: 1538
Windows 5.1.2600 Service Pack 3

23/12/2008 23.29.34
mbam-log-2008-12-23 (23-29-13).txt

Tipo di scansione: Scansione rapida
Elementi scansionati: 53413
Tempo trascorso: 6 minute(s), 59 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 1
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 1

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cnxtrapp (Trojan.Agent) -> No action taken.

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
C:\Programmi\Aethra\ADSL EB1070 USB\CnxTrApp.dll (Trojan.Agent) -> No action taken.

aetra non lo conosco, nel cd d'istallazione di alice c'è "aethraeb1070usb" e "aethraeb1070eth" mentre ADSL EB1070 USB è la sigla del mio modem

Ciao brunobrunino.
Non aprire altri topic per lo stesso problema, altrimenti perdo il filo.......
I file che Malwarebytes ha trovato, sono collegati alla connessione adsl .
Se vuoi, si potrebbe anche eliminarle, ma se noti delle anomalie, devi disistallare l'ADSL, fare una pulizia con CCleaner e reistallarla.
Poi rifare la scansione con Malwarebytes, per vedere se rileva ancora quelle voci.
Se non dovesse rilevarle,allora quelli sono troyan, se li rileva nuovamente, sono allora dei falsi positivi.
Forse, la lentezza del pc dipende da L'ADSL.
Come nel post precedente, ti consiglio di disistallare completamente SpyBot, compreso il Tea Timer,(lo trovi in Installazione Applicazioni) fare la solita pulizia con CCleaner,e riavviare il pc.
Poi lo reistalli, facendo BENE ATTENZIONE, a NON ATTIVARE il Tea Timer.
SpyBot, lo reistalli da qui:
http://www.aiutamici.com/software?ID=10831
Leggi BENE TUTTA la guida, troverai anche come fare per NON attivarlo. (il Tea Timer, crea più problemi che benefici)
Altra cosa: PeerGuardian2 lo devi attivare solo quando usi E-Mule, o uTorrent.
Poi ho visto che hai installato di recente (23\12\2008) PCToolsFirewallPlus.
E' normale un certo rallentamento quando si installa un Firewall.
Facendo 2 conti, tu quando ti colleghi a un sito:
Lo controlla PCToolsFirewallPlus, lo controlla il Tea Timer, lo controlla AVG, lo controlla PeerGuardian2.
Troppi, tutti questi controlli, rallentano le visualizzazioni delle pagine, oltre ad appesantire il S.O.
Tanti auguri anche a te e ai tuoi cari.