successa cosa strana,ho eseguito combofix e mi è apparsa scritta sul desktop che la mia copia di windows non è originale,non mi era mai capitato..ecco il log
ComboFix 10-06-15.04 - Utente 16/06/2010 23.38.25.1.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.3327.2709 [GMT 2:00]
Eseguito da: c:\documents and settings\Utente\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((( Files Creati Da 2010-05-16 al 2010-06-16 )))))))))))))))))))))))))))))))))))
.
2010-06-13 14:55 . 2010-06-13 14:55 88760 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav11\11.0.0.232\libola.dll
2010-06-13 14:55 . 2010-06-13 14:55 387768 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav11\11.0.0.232\ksn_client.dll
2010-06-13 14:55 . 2010-06-13 14:55 191160 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav11\11.0.0.232\klwtbbho.dll
2010-06-13 14:55 . 2010-06-13 14:55 264888 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav11\11.0.0.232\esmgr.dll
2010-06-13 14:55 . 2010-06-13 14:55 88760 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav11\11.0.0.232\libola.dll
2010-06-13 14:55 . 2010-06-13 14:55 387768 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav11\11.0.0.232\ksn_client.dll
2010-06-13 14:55 . 2010-06-13 14:55 191160 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav11\11.0.0.232\klwtbbho.dll
2010-06-13 14:55 . 2010-06-13 14:55 264888 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav11\11.0.0.232\esmgr.dll
2010-06-13 14:54 . 2010-06-13 14:54 890192 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\bases\sw2\klavasyswatch.dll
2010-06-13 14:52 . 2010-06-13 14:52 275792 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\bases\av\kdb\i386\win\avengine.dll
2010-06-13 14:49 . 2010-06-13 14:49 97549 ----a-w- c:\windows\system32\drivers\klick.dat
2010-06-13 14:49 . 2010-06-13 14:49 113933 ----a-w- c:\windows\system32\drivers\klin.dat
2010-06-13 14:48 . 2010-06-13 14:48 -------- d-----w- c:\programmi\Kaspersky Lab
2010-06-13 14:46 . 2010-06-13 14:46 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2010-06-09 06:17 . 2010-05-06 10:32 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-03 18:20 . 2010-06-03 18:20 -------- d-----w- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\Apple Computer
2010-05-25 16:50 . 2010-05-25 16:50 503808 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-40c07a41-n\msvcp71.dll
2010-05-25 16:50 . 2010-05-25 16:50 499712 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-40c07a41-n\jmc.dll
2010-05-25 16:50 . 2010-05-25 16:50 348160 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-40c07a41-n\msvcr71.dll
2010-05-25 16:50 . 2010-05-25 16:50 61440 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-16a6a9a2-n\decora-sse.dll
2010-05-25 16:50 . 2010-05-25 16:50 12800 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-16a6a9a2-n\decora-d3d.dll
2010-05-25 14:34 . 2010-05-22 13:25 52224 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\nztbzc7i.default\extensions\{681322c2-653e-4791-9ba1-c10a20c3c793}\components\FFExternalAlert.dll
2010-05-25 14:34 . 2010-05-22 13:25 101376 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\nztbzc7i.default\extensions\{681322c2-653e-4791-9ba1-c10a20c3c793}\components\RadioWMPCore.dll
2010-05-24 09:26 . 2010-05-24 09:26 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\SUPERAntiSpyware.com
2010-05-24 09:26 . 2010-05-24 09:26 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2010-05-20 17:51 . 2010-05-20 17:51 247120 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Bases\uds.dll
2010-05-20 17:51 . 2010-05-20 17:51 132432 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Bases\dns_client.dll
2010-05-20 17:51 . 2010-05-20 17:51 272984 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Bases\sys_critical_obj.dll
2010-05-20 16:00 . 2010-05-20 16:00 68256 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files\Kaspersky Internet Security 2011 11.0.0.232\Italian\setup.exe
2010-05-20 06:02 . 2010-06-13 14:56 890192 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Bases\klavasyswatch.dll
2010-05-18 18:56 . 2010-05-18 18:56 -------- d-----w- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\Ahead
2010-05-18 11:44 . 2010-06-13 14:55 275792 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP11\Bases\avengine.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-16 21:46 . 2010-04-20 15:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2010-06-16 19:35 . 2010-04-21 17:49 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\Quadra
2010-06-16 08:45 . 2010-05-04 18:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2010-06-14 15:49 . 2010-04-22 15:49 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\vlc
2010-06-09 06:26 . 2004-08-30 20:00 79496 ----a-w- c:\windows\system32\perfc010.dat
2010-06-09 06:26 . 2004-08-30 20:00 479138 ----a-w- c:\windows\system32\perfh010.dat
2010-06-04 18:33 . 2010-04-20 12:29 -------- d-----w- c:\programmi\CCleaner
2010-05-29 17:42 . 2010-04-28 08:53 -------- d-----w- c:\programmi\Glary Utilities
2010-05-19 19:09 . 2010-04-22 15:53 -------- d-----w- c:\programmi\eMule AdunanzA
2010-05-16 09:19 . 2010-05-14 18:50 -------- d-----w- c:\programmi\DX-Ball
2010-05-14 17:53 . 2010-05-14 17:53 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\Auslogics
2010-05-14 17:53 . 2010-05-14 17:53 -------- d-----w- c:\programmi\Auslogics
2010-05-11 14:42 . 2010-05-11 14:42 -------- d-----w- c:\programmi\VS Revo Group
2010-05-11 14:25 . 2010-05-11 14:25 -------- d-----w- c:\programmi\File comuni\Java
2010-05-11 14:24 . 2010-05-11 14:18 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-11 14:24 . 2010-05-11 14:24 -------- d-----w- c:\programmi\Java
2010-05-11 14:18 . 2010-05-11 14:18 503808 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-45faed06-n\msvcp71.dll
2010-05-11 14:18 . 2010-05-11 14:18 499712 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-45faed06-n\jmc.dll
2010-05-11 14:18 . 2010-05-11 14:18 348160 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-45faed06-n\msvcr71.dll
2010-05-11 14:18 . 2010-05-11 14:18 61440 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-5d617d90-n\decora-sse.dll
2010-05-11 14:18 . 2010-05-11 14:18 12800 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-5d617d90-n\decora-d3d.dll
2010-05-09 15:31 . 2010-05-09 15:31 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\IObit
2010-05-09 15:31 . 2010-05-09 15:31 -------- d-----w- c:\programmi\IObit
2010-05-09 15:15 . 2010-05-09 15:15 -------- d-----w- c:\programmi\Google
2010-05-09 14:11 . 2010-05-09 14:11 82464 ----a-w- c:\windows\system32\drivers\snapman.sys
2010-05-09 14:11 . 2010-05-09 14:11 37888 ----a-w- c:\windows\system32\setupnt.dll
2010-05-09 14:11 . 2010-05-09 14:11 28928 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2010-05-09 14:11 . 2010-05-09 14:11 213888 ----a-w- c:\windows\system32\drivers\timntr.sys
2010-05-09 14:11 . 2010-05-09 14:11 126976 ----a-w- c:\windows\system32\snapapi.dll
2010-05-09 14:11 . 2010-05-09 14:11 -------- d-----w- c:\programmi\File comuni\Acronis
2010-05-09 14:11 . 2010-05-09 14:11 -------- d-----w- c:\programmi\Acronis
2010-05-07 10:37 . 2010-05-07 10:37 228024 ----a-w- c:\windows\system32\klogon.dll
2010-05-06 22:19 . 2010-05-06 22:19 132184 ----a-w- c:\windows\system32\drivers\kl2.sys
2010-05-06 22:19 . 2010-05-06 22:19 132184 ----a-w- c:\windows\system32\drivers\kl1.sys
2010-05-06 10:32 . 2004-08-30 20:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-05 15:07 . 2010-05-05 15:07 -------- d-----w- c:\programmi\MSXML 4.0
2010-05-04 18:37 . 2010-05-04 18:31 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2010-05-04 18:23 . 2010-05-04 18:08 123117 ----a-w- c:\windows\hpoins11.dat
2010-05-04 18:22 . 2010-05-04 18:22 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\HP
2010-05-04 18:22 . 2010-05-04 18:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\HP
2010-05-04 18:21 . 2010-05-04 18:20 -------- d-----w- c:\programmi\File comuni\HP
2010-05-04 18:21 . 2010-05-04 18:10 -------- d-----w- c:\programmi\HP
2010-05-04 18:17 . 2010-05-04 18:16 -------- d-----w- c:\programmi\Hewlett-Packard
2010-05-04 18:15 . 2010-05-04 18:15 -------- d-----w- c:\programmi\File comuni\Hewlett-Packard
2010-05-04 18:02 . 2010-05-04 17:59 -------- d-----w- c:\programmi\Ahead
2010-05-04 18:01 . 2010-05-04 18:01 -------- d-----w- c:\programmi\File comuni\Nero
2010-05-04 17:59 . 2010-05-04 17:59 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ahead
2010-05-04 17:59 . 2010-05-04 17:59 -------- d-----w- c:\programmi\File comuni\Ahead
2010-05-04 17:52 . 2010-05-03 19:25 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\uTorrent
2010-05-02 17:51 . 2010-05-02 17:51 -------- d-----w- c:\programmi\Unlocker
2010-05-02 08:06 . 2004-08-30 20:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-30 09:11 . 2010-04-21 16:36 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-04-29 13:39 . 2010-04-21 16:36 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2010-04-21 16:36 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-28 20:35 . 2010-04-28 20:34 -------- d-----w- c:\programmi\File comuni\Adobe
2010-04-28 08:55 . 2010-04-28 08:55 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\GlarySoft
2010-04-25 18:08 . 2010-04-25 15:25 -------- d-----w- c:\programmi\Jardinains 2!
2010-04-25 18:06 . 2010-04-25 18:05 -------- d-----w- c:\programmi\OpenAL
2010-04-25 18:05 . 2010-04-25 18:05 413696 ------w- c:\windows\system32\wrap_oal.dll
2010-04-25 18:05 . 2010-04-25 18:05 110592 ------w- c:\windows\system32\OpenAL32.dll
2010-04-25 16:49 . 2010-04-25 16:48 -------- d-----w- c:\programmi\Zylom Games
2010-04-25 16:48 . 2010-04-25 16:48 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Zylom
2010-04-23 13:56 . 2010-04-20 15:33 13688 ----a-w- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-04-23 13:55 . 2010-04-23 13:55 -------- d-----w- c:\programmi\Microsoft
2010-04-23 13:55 . 2010-04-23 13:54 -------- d-----w- c:\programmi\Windows Live
2010-04-23 13:55 . 2010-04-23 13:55 -------- d-----w- c:\programmi\Windows Live SkyDrive
2010-04-23 13:51 . 2010-04-23 13:51 -------- d-----w- c:\programmi\File comuni\Windows Live
2010-04-22 15:48 . 2010-04-22 15:48 -------- d-----w- c:\programmi\VideoLAN
2010-04-21 17:59 . 2010-04-21 17:58 -------- d-----w- c:\programmi\Disk Cleaner
2010-04-21 17:45 . 2010-04-21 17:45 -------- d-----w- c:\programmi\Quadra
2010-04-21 16:36 . 2010-04-21 16:36 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\Malwarebytes
2010-04-21 16:36 . 2010-04-21 16:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-04-21 15:40 . 2010-04-20 15:04 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-21 11:36 . 2010-04-21 11:36 -------- d-----w- c:\programmi\MSBuild
2010-04-21 11:36 . 2010-04-21 11:36 -------- d-----w- c:\programmi\Reference Assemblies
2010-04-21 11:31 . 2010-04-21 11:31 -------- d-----w- c:\programmi\MSXML 6.0
2010-04-21 11:05 . 2010-04-21 11:05 -------- d-----w- c:\programmi\Trend Micro
2010-04-21 10:25 . 2010-04-20 15:39 -------- d-----w- c:\programmi\VIA
2010-04-21 08:57 . 2010-04-21 08:57 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\InstallShield
2010-04-21 08:45 . 2010-04-20 09:58 -------- d-----w- c:\programmi\ATI
2010-04-20 18:33 . 2010-04-20 18:33 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\ATI
2010-04-20 18:33 . 2010-04-20 18:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\ATI
2010-04-20 18:31 . 2010-04-20 09:58 -------- d-----w- c:\programmi\ATI Technologies
2010-04-20 18:31 . 2010-04-20 18:31 0 ----a-w- c:\windows\ativpsrm.bin
2010-04-20 18:30 . 2010-04-20 18:30 10134 ----a-r- c:\documents and settings\Utente\Dati applicazioni\Microsoft\Installer\{F16DCA31-4DB4-F8F6-5ED1-6FAFB7228FFF}\ARPPRODUCTICON.exe
2010-04-20 18:14 . 2010-04-20 18:14 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-04-20 18:14 . 2010-04-20 18:14 -------- d-----w- c:\programmi\CPUID
2010-04-20 18:10 . 2010-04-20 18:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Driver Whiz
2010-04-20 17:51 . 2010-04-20 16:05 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-20 15:41 . 2010-04-20 15:41 -------- d-----w- c:\programmi\Realtek
2010-04-20 15:41 . 2010-04-20 15:37 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-04-20 15:41 . 2010-04-20 15:41 -------- d-----w- c:\programmi\ASUS
2010-04-20 15:41 . 2010-04-20 15:39 -------- d-----w- c:\programmi\File comuni\InstallShield
2010-04-20 15:37 . 2010-04-20 15:37 -------- d-----w- c:\programmi\AMD
2010-04-20 15:04 . 2010-04-20 15:04 -------- d-----w- c:\programmi\microsoft frontpage
2010-04-20 15:03 . 2010-04-20 15:03 -------- d-----w- c:\programmi\Servizi in linea
2010-04-20 15:01 . 2010-04-20 15:01 21840 ----a-w- c:\windows\system32\emptyregdb.dat
2010-04-20 12:34 . 2010-04-20 12:34 0 ----a-w- c:\windows\nsreg.dat
2010-04-20 12:30 . 2010-04-20 12:30 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\FastStone
2010-04-20 12:30 . 2010-04-20 12:30 -------- d-----w- c:\programmi\FastStone Image Viewer
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\programmi\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-08-28 33673216]
"Six Engine"="c:\programmi\ASUS\EPU-4 Engine\FourEngine.exe" [2009-08-20 5782528]
"StartCCC"="c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-02 98304]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"UnlockerAssistant"="c:\programmi\Unlocker\UnlockerAssistant.exe" [2010-03-09 15872]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"HP Software Update"="c:\programmi\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-02-18 248040]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-05-07 344736]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14/09/2009 14.42.46 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02/11/2009 20.27.24 19472]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [20/04/2010 17.39.53 1390976]
S1 kl2;Kl2;c:\windows\system32\drivers\kl2.sys [07/05/2010 0.19.06 132184]
.
Contenuto della cartella 'Scheduled Tasks'
2010-06-16 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary Utilities\initialize.exe [2010-04-28 08:01]
.
.
------- Scansione supplementare -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: Aggiungi ad Anti-Banner - c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
FF - ProfilePath - c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\nztbzc7i.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - component: c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\nztbzc7i.default\extensions\{681322c2-653e-4791-9ba1-c10a20c3c793}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\nztbzc7i.default\extensions\{681322c2-653e-4791-9ba1-c10a20c3c793}\components\RadioWMPCore.dll
FF - component: c:\programmi\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll
FF - component: c:\programmi\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: c:\documents and settings\All Users\Dati applicazioni\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\programmi\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programmi\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-06-16 23:45
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\programmi\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(1172)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
- - - - - - - > 'explorer.exe'(3092)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\WgaTray.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\programmi\Windows Live\Contacts\wlcomm.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programmi\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Ora fine scansione: 2010-06-16 23:47:40 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-06-16 21:47
Pre-Run: 66.110.042.112 byte disponibili
Post-Run: 66.089.238.528 byte disponibili
- - End Of File - - 0C571A5B9DF52406E3FC7A38414624F2
