Grazie per la risposta.
Ho fatto tutto come mi hai detto ecco i log :
-->Malwarebytes
Malwarebytes' Anti-Malware 1.44
Versione del database: 3818
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11
03/03/2010 20.21.14
mbam-log-2010-03-03 (20-21-14).txt
Tipo di scansione: Scansione completa (C:\|I:\|)
Elementi scansionati: 253195
Tempo trascorso: 50 minute(s), 50 second(s)
Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 1
Valori di registro infetti: 0
Elementi dato del registro infetti: 1
Cartelle infette: 0
File infetti: 6
Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)
Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)
Chiavi di registro infette:
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
Valori di registro infetti:
(Nessun elemento malevolo rilevato)
Elementi dato del registro infetti:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Cartelle infette:
(Nessun elemento malevolo rilevato)
File infetti:
C:\Documents and Settings\Pier\Menu Avvio\Programmi\Esecuzione automatica\winesm32.exe (Worm.KoobFace) -> Delete on reboot.
C:\WINDOWS\$NtServicePackUninstall$\asyncmac.sys (Trojan.MultipleAV) -> Quarantined and deleted successfully.
I:\Fabry\x formattare\Autenticare Xp\keyfinder.exe (Application.FindKey) -> Quarantined and deleted successfully.
I:\Fabry\x formattare\Autenticare Xp\Windows XP Keygen.exe (Malware.Tool) -> Quarantined and deleted successfully.
I:\Recycled\ctfmon.exe (Trojan.VB) -> Quarantined and deleted successfully.
C:\Documents and Settings\Pier\Dati applicazioni\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
--> ComboFix
ComboFix 10-03-02.08 - Pier 03/03/2010 20.31.34.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.3070.2488 [GMT 1:00]
Eseguito da: c:\documents and settings\Pier\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100303-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programmi\temp
.
((((((((((((((((((((((((( Files Creati Da 2010-02-03 al 2010-03-03 )))))))))))))))))))))))))))))))))))
.
2010-03-03 12:47 . 2010-03-03 12:47 -------- d-----w- c:\documents and settings\Pier\Dati applicazioni\Malwarebytes
2010-03-03 12:47 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-03 12:47 . 2010-03-03 12:47 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-03-03 12:47 . 2010-03-03 12:47 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-03-03 12:47 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-03 11:48 . 2010-03-03 11:50 -------- d-----w- c:\documents and settings\Pier\Dati applicazioni\QuickScan
2010-03-03 11:48 . 2010-02-26 22:40 634616 ----a-w- c:\documents and settings\Pier\Dati applicazioni\Mozilla\Firefox\Profiles\pec1vzqy.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
2010-03-03 11:48 . 2010-02-26 22:40 799440 ----a-w- c:\documents and settings\Pier\Dati applicazioni\Mozilla\Firefox\Profiles\pec1vzqy.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
2010-03-03 01:29 . 2010-02-22 05:18 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-03-03 01:29 . 2010-02-22 05:18 2646632 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-03-03 01:29 . 2010-02-22 05:18 2030184 ----a-w- c:\windows\system32\nvcuvid.dll
2010-03-03 01:29 . 2010-02-22 05:18 14757888 ----a-w- c:\windows\system32\nvoglnt.dll
2010-03-03 01:29 . 2010-02-22 05:18 4075520 ----a-w- c:\windows\system32\nvcuda.dll
2010-03-03 01:29 . 2010-02-22 05:18 2183470 ----a-w- c:\windows\system32\nvdata.bin
2010-03-03 01:29 . 2010-02-22 05:18 215656 ----a-w- c:\windows\system32\nvcodins.dll
2010-03-03 01:29 . 2010-02-22 05:18 215656 ----a-w- c:\windows\system32\nvcod.dll
2010-03-03 01:29 . 2010-02-22 05:18 11647592 ----a-w- c:\windows\system32\nvcompiler.dll
2010-03-03 01:29 . 2010-02-22 05:18 1097728 ----a-w- c:\windows\system32\nvapi.dll
2010-02-21 22:34 . 2010-02-21 22:34 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-02-21 22:34 . 2010-02-21 22:34 335872 ----a-w- c:\windows\system32\nvrshe.dll
2010-02-21 22:34 . 2010-02-21 22:34 335872 ----a-w- c:\windows\system32\nvrsar.dll
2010-02-21 22:34 . 2010-02-21 22:34 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2010-02-21 22:34 . 2010-02-21 22:34 282624 ----a-w- c:\windows\system32\nvrses.dll
2010-02-21 22:34 . 2010-02-21 22:34 282624 ----a-w- c:\windows\system32\nvrsel.dll
2010-02-21 22:34 . 2010-02-21 22:34 278528 ----a-w- c:\windows\system32\nvrsde.dll
2010-02-21 22:34 . 2010-02-21 22:34 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2010-02-21 22:34 . 2010-02-21 22:34 253952 ----a-w- c:\windows\system32\nvrsda.dll
2010-02-21 22:34 . 2010-02-21 22:34 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2010-02-21 22:34 . 2010-02-21 22:34 249856 ----a-w- c:\windows\system32\nvrseng.dll
2010-02-21 22:34 . 2010-02-21 22:34 249856 ----a-w- c:\windows\system32\nvrscs.dll
2010-02-21 01:42 . 2005-12-21 03:39 204288 ----a-r- c:\windows\system32\fdco1.dll
2010-02-21 01:42 . 2005-12-21 03:40 34048 ----a-r- c:\windows\system32\drivers\NVENETFD.sys
2010-02-21 01:42 . 2010-02-21 01:42 -------- d-----w- c:\windows\NV26043840.TMP
2010-02-21 01:42 . 2005-12-21 03:40 101632 ----a-r- c:\windows\system32\drivers\nvtcp.sys
2010-02-21 01:42 . 2005-12-21 03:40 222592 ----a-r- c:\windows\system32\drivers\nvsnpu.sys
2010-02-21 01:42 . 2005-12-21 03:39 9728 ----a-r- c:\windows\system32\bdco1.dll
2010-02-21 01:42 . 2005-12-20 16:23 35840 ----a-r- c:\windows\system32\nvconrm.dll
2010-02-21 01:42 . 2005-12-20 16:23 176128 ----a-w- c:\windows\system32\nvunrm.exe
2010-02-21 01:42 . 2005-12-21 03:40 13056 ----a-r- c:\windows\system32\drivers\nvnetbus.sys
2010-02-21 01:42 . 2005-12-21 03:40 304128 ----a-r- c:\windows\system32\drivers\nvnrm.sys
2010-02-20 02:17 . 2010-02-04 09:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-02-20 02:17 . 2010-02-04 09:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-02-20 02:17 . 2010-02-04 09:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-02-20 02:17 . 2010-02-04 09:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-02-13 13:44 . 2010-02-13 13:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Codemasters
2010-02-13 00:40 . 2009-07-13 18:04 839680 ----a-w- c:\windows\system32\mkl_vml_p4.dll
2010-02-13 00:40 . 2009-07-13 18:04 532480 ----a-w- c:\windows\system32\mkl_vml_p3.dll
2010-02-13 00:40 . 2009-07-13 18:04 512000 ----a-w- c:\windows\system32\mkl_vml_def.dll
2010-02-13 00:40 . 2009-07-13 18:04 3485696 ----a-w- c:\windows\system32\mkl_p4.dll
2010-02-13 00:40 . 2009-07-13 18:04 2793472 ----a-w- c:\windows\system32\mkl_p3.dll
2010-02-13 00:40 . 2009-07-13 18:04 2441216 ----a-w- c:\windows\system32\mkl_def.dll
2010-02-13 00:40 . 2009-07-13 18:04 2174976 ----a-w- c:\windows\system32\mkl_lapack32.dll
2010-02-13 00:40 . 2009-07-13 18:04 2125824 ----a-w- c:\windows\system32\mkl_lapack64.dll
2010-02-13 00:40 . 2009-07-13 18:04 184320 ----a-w- c:\windows\system32\libguide40.dll
2010-02-13 00:40 . 2010-02-13 00:40 -------- d-----w- c:\programmi\BRS
2010-02-13 00:40 . 2009-10-16 10:19 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll
2010-02-13 00:38 . 2010-02-13 00:38 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-02-13 00:38 . 2010-02-13 00:38 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-02-13 00:38 . 2010-02-13 00:38 -------- d-----w- c:\programmi\OpenAL
2010-02-13 00:38 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-02-13 00:38 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2010-02-13 00:38 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2010-02-13 00:38 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-02-13 00:38 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-02-13 00:38 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2010-02-13 00:38 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-02-11 20:45 . 2010-02-11 20:45 -------- d-----w- c:\programmi\File comuni\ArcSoft
2010-02-11 20:43 . 2009-01-28 10:52 142337 ----a-w- c:\windows\system32\Wait.exe
2010-02-11 20:43 . 2010-02-12 00:36 -------- d-----w- c:\programmi\WinTV
2010-02-11 20:43 . 2010-02-11 20:43 -------- d-----w- C:\My Videos
2010-02-11 20:43 . 2009-08-05 09:09 106552 ----a-w- c:\windows\system32\hcwi2c32.dll
2010-02-11 20:43 . 2009-02-10 23:00 307256 ----a-w- c:\windows\system32\hcwpnp32.dll
2010-02-11 20:43 . 2004-06-08 05:03 36921 ----a-w- c:\windows\system32\hcwutl32.dll
2010-02-11 20:41 . 2008-04-13 10:46 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2010-02-11 20:41 . 2008-04-13 10:46 15232 ----a-w- c:\windows\system32\drivers\MPE.sys
2010-02-11 20:40 . 2009-06-29 15:04 49152 ----a-r- c:\windows\system32\drivers\hcw17bda.sys
2010-02-11 20:40 . 2009-03-16 18:15 270336 ----a-r- c:\windows\system32\drivers\HcwSmsCt.dll
2010-02-11 20:40 . 2008-04-13 18:13 54784 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-02-11 20:40 . 2008-04-13 18:13 54784 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-02-11 20:40 . 2008-04-13 18:13 363520 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll
2010-02-11 20:40 . 2008-04-13 18:13 363520 ----a-w- c:\windows\system32\PsisDecd.dll
2010-02-11 20:40 . 2008-04-13 10:46 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys
2010-02-11 20:40 . 2008-04-13 10:46 11776 ----a-w- c:\windows\system32\drivers\BdaSup.sys
2010-02-07 11:56 . 2010-02-07 11:56 -------- d-----w- c:\documents and settings\Pier\Dati applicazioni\DivX
2010-02-04 00:06 . 2009-11-14 00:49 129784 ------w- c:\windows\system32\pxafs.dll
2010-02-04 00:06 . 2009-11-14 00:49 120056 ------w- c:\windows\system32\pxcpyi64.exe
2010-02-04 00:06 . 2009-11-14 00:49 118520 ------w- c:\windows\system32\pxinsi64.exe
2010-02-04 00:04 . 2010-02-04 00:06 -------- d-----w- c:\programmi\File comuni\DivX Shared
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-03 14:57 . 2007-12-20 23:32 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Google Updater
2010-03-03 01:40 . 2009-11-08 11:50 -------- d-----w- c:\programmi\NVIDIA Corporation
2010-03-03 01:40 . 2009-11-08 11:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NVIDIA Corporation
2010-03-03 01:31 . 2007-12-21 17:27 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2010-03-03 01:31 . 2007-12-21 17:28 -------- d-----w- c:\programmi\AGEIA Technologies
2010-02-26 11:01 . 2010-02-26 11:01 8 ----a-w- c:\windows\system32\config\systemprofile\Dati applicazioni\rbuwzv.dat
2010-02-25 11:28 . 2009-09-21 06:44 353816 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2010-02-22 05:18 . 2009-12-06 16:28 10231936 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-02-22 05:18 . 2009-12-06 16:28 6431872 ----a-w- c:\windows\system32\nv4_disp.dll
2010-02-21 19:10 . 2010-01-31 16:42 -------- d-----w- c:\programmi\Unlocker
2010-02-21 10:57 . 2008-07-25 10:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Bluetooth
2010-02-21 10:54 . 2007-12-19 22:30 -------- d-----w- c:\programmi\AdunanzA
2010-02-21 10:54 . 2009-08-07 13:46 -------- d-----w- c:\documents and settings\Pier\Dati applicazioni\uTorrent
2010-02-21 01:57 . 2010-01-22 23:33 -------- d-----w- c:\programmi\SAW
2010-02-21 01:24 . 2009-05-06 10:55 -------- d-----w- c:\documents and settings\Pier\Dati applicazioni\DNA
2010-02-21 01:15 . 2009-05-06 10:55 -------- d-----w- c:\programmi\DNA
2010-02-13 00:20 . 2009-11-20 15:49 -------- d-----w- c:\programmi\Codemasters
2010-02-13 00:20 . 2007-12-20 18:52 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-02-07 11:29 . 2009-05-03 14:07 -------- d-----w- c:\programmi\CAPCOM
2010-02-05 20:03 . 2007-12-20 23:32 -------- d-----w- c:\programmi\Google
2010-02-04 00:06 . 2007-12-28 11:13 -------- d-----w- c:\programmi\DivX
2010-01-31 14:56 . 2010-01-31 14:56 -------- d-----w- c:\programmi\Microsoft Silverlight
2010-01-29 02:29 . 2010-01-29 02:29 -------- d-----w- c:\programmi\EA Sports
2010-01-29 00:13 . 2007-12-20 12:36 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-29 00:13 . 2008-10-28 16:06 -------- d-----w- c:\programmi\DVD Decrypter
2010-01-24 18:39 . 2009-11-27 11:31 -------- d-----w- c:\programmi\Call Of Duty Modern Warfare 2
2010-01-23 13:02 . 2009-04-30 08:06 -------- d-----w- c:\programmi\Activision
2010-01-15 13:14 . 2010-01-15 13:14 376832 ----a-w- c:\windows\system32\AegisI5Installer.exe
2010-01-15 13:14 . 2010-01-15 13:14 -------- d-----w- c:\programmi\NETGEAR
2010-01-13 16:12 . 2010-01-13 15:12 -------- d-----w- c:\programmi\Windows Media Connect 2
2010-01-13 16:05 . 2010-01-13 16:05 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Office Genuine Advantage
2010-01-11 15:55 . 2001-08-31 12:00 84020 ----a-w- c:\windows\system32\perfc010.dat
2010-01-11 15:55 . 2001-08-31 12:00 488582 ----a-w- c:\windows\system32\perfh010.dat
2010-01-07 01:08 . 2010-01-07 01:07 -------- d-----w- c:\programmi\eMule
2010-01-03 02:42 . 2008-01-14 19:07 -------- d-----w- c:\programmi\Java
2010-01-03 02:41 . 2010-01-03 02:41 152576 ----a-w- c:\documents and settings\Pier\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-03 02:40 . 2010-01-03 02:40 79488 ----a-w- c:\documents and settings\Pier\Dati applicazioni\Sun\Java\jre1.6.0_17\gtapi.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\programmi\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-20 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"RemoteControl"="c:\programmi\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"EPSON Stylus Photo RX420 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE" [2004-04-09 98304]
"EPSON Stylus Photo RX420 Series (Copia 1)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE" [2004-04-09 98304]
"DAEMON Tools"="c:\programmi\DAEMON Tools\daemon.exe" [2005-11-08 128920]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"type32"="c:\programmi\Microsoft IntelliType Pro\type32.exe" [2003-05-15 114688]
"IntelliPoint"="c:\programmi\Microsoft IntelliPoint\point32.exe" [2003-05-15 163840]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2008-03-28 413696]
"C-Media Mixer"="Mixer.exe" [2002-10-15 1818624]
"Google Quick Search Box"="c:\programmi\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-08-27 122368]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-02-21 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-21 13670504]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
AutoStart IR.lnk - c:\programmi\WinTV\Ir.exe [2010-2-11 117344]
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
NETGEAR WG111v3 Smart Wizard.lnk - c:\programmi\NETGEAR\WG111v3\WG111v3.exe [2008-7-1 2326528]
WinTV Recording Status..lnk - c:\programmi\WinTV\WinTV7\WinTVTray.exe [2010-2-11 98304]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Electronic Arts\\Medal of Honor Airborne\\UnrealEngine3\\Binaries\\MOHA.exe"=
"c:\\Programmi\\EA GAMES\\Battlefield 2\\bf2_w32ded.exe"=
"c:\\Programmi\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Programmi\\HLSW\\hlsw.exe"=
"c:\\Programmi\\GameSpy\\Comrade\\Comrade.exe"=
"c:\\Programmi\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\Programmi\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Programmi\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Programmi\\DNA\\btdna.exe"=
"c:\\Programmi\\Activision\\X-Men Le Origini - Wolverine(TM)\\Binaries\\Wolverine.exe"=
"c:\\Programmi\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\CAPCOM\\RESIDENT EVIL 5\\RE5DX9.EXE"=
"c:\\Programmi\\CAPCOM\\RESIDENT EVIL 5\\RE5DX10.EXE"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\Codemasters\\DiRT2\\dirt2_game.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [21/08/2008 10.46.29 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [21/08/2008 10.46.29 20560]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [09/10/2007 13.13.00 38144]
R2 HauppaugeTVServer;HauppaugeTVServer;c:\progra~1\WinTV\TVServer\HAUPPA~1.EXE [11/02/2010 22.26.53 434176]
R3 hcw17bda;Hauppauge SMS1000-based;c:\windows\system32\drivers\hcw17bda.sys [11/02/2010 21.40.57 49152]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/12/2007 13.36.26 721904]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [29/12/2009 21.53.55 135664]
S3 GPU-Z;GPU-Z;\??\c:\docume~1\Pier\IMPOST~1\Temp\GPU-Z.sys --> c:\docume~1\Pier\IMPOST~1\Temp\GPU-Z.sys [?]
S3 PEEK5;PEEK5 Protocol Driver;c:\docume~1\Pier\DOCUME~1\AIRCRA~1.3-W\AIRCRA~1.3-W\bin\PEEK5.SYS [24/05/2009 16.29.06 13184]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\DRIVERS\rt2870.sys --> c:\windows\system32\DRIVERS\rt2870.sys [?]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [28/12/2007 15.02.12 287232]
.
Contenuto della cartella 'Scheduled Tasks'
2010-02-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-03-03 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-20 00:32]
2010-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-12-29 20:53]
2010-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-12-29 20:53]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://facebook.com/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxIE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Pier\Dati applicazioni\Mozilla\Firefox\Profiles\pec1vzqy.default\
FF - prefs.js: browser.search.selectedEngine - Fast Browser Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - plugin: c:\programmi\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\programmi\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programmi\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\programmi\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\programmi\Picasa2\npPicasa2.dll
FF - plugin: c:\programmi\Picasa2\npPicasa3.dll
FF - plugin: c:\programmi\Windows Live\Photo Gallery\NPWLPG.dll
---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
HKLM-Run-nwiz - nwiz.exe
AddRemove-Hauppauge WinTV Infrared Remote - c:\progra~1\WinTV\UNir32.EXE
AddRemove-IL Download Manager - c:\programmi\Image-Line\Downloader\uninstall.exe
AddRemove-Nokia Multimedia Factory{4CFB3821-1582-4F3B-BF8D-30986923B36B} - c:\documents and settings\All Users\Dati applicazioni\Installations\{4CFB3821-1582-4f3b-BF8D-30986923B36B}\Nokia_Multimedia_Factory_2_0.exe
**************************************************************************
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti:
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_USERS\S-1-5-21-1844237615-261903793-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:60,53,83,53,3d,24,20,72,9d,04,67,9c,e4,2f,b7,02,4e,2d,90,2a,97,37,7c,
f6,0c,5f,f7,fb,77,bb,0f,44,af,26,13,e7,a1,7b,78,8f,54,fd,f8,2b,be,57,da,8c,\
"??"=hex:a3,f2,a2,ea,75,5c,02,2a,d4,25,3a,12,b3,02,74,2e
[HKEY_USERS\S-1-5-21-1844237615-261903793-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:d6,14,e0,d5,8b,3c,69,60,b1,77,f9,11,b9,d4,3f,0c,42,a0,a3,bd,f8,
c6,56,2b,87,2e,83,d1,bf,d1,10,ab,69,4e,00,48,95,5b,0d,14,d6,bd,d7,fc,f2,5e,\
"rkeysecu"=hex:57,2a,ab,aa,d7,c0,e7,39,9d,56,b1,78,48,5b,ca,f5
.
Ora fine scansione: 2010-03-03 20:37:16
ComboFix-quarantined-files.txt 2010-03-03 19:37
ComboFix2.txt 2008-12-02 13:55
Pre-Run: 30.183.346.176 byte disponibili
Post-Run: 30.192.107.520 byte disponibili
Current=4 Default=4 Failed=3 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 20B45975DC10E3791EFBFC947B3CE1BE
p.s. per adesso il problema di firefox sembra risolto...grazie!!
