scusate se la mia richiesta ha creato tnto scompiglio in questo forum ma potreste aiutari ancora un pò pls??
riposto il log di combofix in buona fede
ComboFix 10-08-11.04 - Qure750 12/08/2010 0.48.26.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.3071.2519 [GMT 2:00]
Eseguito da: c:\documents and settings\Qure750\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ActiveArmor Firewall *disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\settings.reg
c:\windows\system32\Data
D:\Autorun.inf
.
((((((((((((((((((((((((( Files Creati Da 2010-07-11 al 2010-08-11 )))))))))))))))))))))))))))))))))))
.
2010-08-11 19:32 . 2010-08-11 19:39 -------- d-----w- c:\programmi\PeerGuardian2
2010-08-11 19:23 . 2010-08-11 19:23 -------- d-----w- c:\documents and settings\Qure750\Dati applicazioni\Malwarebytes
2010-08-11 19:23 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-11 19:23 . 2010-08-11 19:23 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-08-11 19:23 . 2010-08-11 19:23 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-08-11 19:23 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-11 11:33 . 2010-08-11 11:33 388096 ----a-r- c:\documents and settings\Qure750\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-08-11 11:33 . 2010-08-11 11:33 -------- d-----w- c:\programmi\Trend Micro
2010-08-11 10:49 . 2010-08-11 10:49 77312 ----a-w- C:\mbr.exe
2010-08-11 10:18 . 2010-08-11 10:18 -------- d-----w- c:\documents and settings\Qure750\Dati applicazioni\VSRevoGroup
2010-08-10 18:18 . 2010-08-10 18:18 -------- d-----w- c:\documents and settings\Qure750\Dati applicazioni\java
2010-08-10 18:18 . 2010-02-25 18:38 45056 --sha-r- c:\documents and settings\Qure750\Dati applicazioni\java\autorun.exe
2010-08-10 08:56 . 2010-08-10 08:56 1 ----a-w- c:\documents and settings\Qure750\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-08-10 08:56 . 2010-08-10 08:56 -------- d-----w- c:\documents and settings\Qure750\Dati applicazioni\OpenOffice.org
2010-08-10 08:42 . 2010-08-10 08:42 -------- d-----w- c:\programmi\JRE
2010-08-10 08:41 . 2010-08-10 08:42 -------- d-----w- c:\programmi\OpenOffice.org 3
2010-08-10 08:39 . 2010-08-10 08:39 -------- d-----w- c:\documents and settings\Qure750\Impostazioni locali\Dati applicazioni\AutoShutdown
2010-08-10 08:39 . 2010-08-10 08:39 -------- d-----w- c:\programmi\Auto Shutdown
2010-08-09 23:29 . 2010-08-10 18:03 -------- d-----w- C:\Temp
2010-08-09 21:41 . 2010-08-09 21:41 -------- d-----w- c:\documents and settings\Qure750\Dati applicazioni\vlc
2010-08-07 20:37 . 2010-08-07 20:37 61440 ----a-w- c:\documents and settings\Qure750\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-607a8bb8-n\decora-sse.dll
2010-08-07 20:37 . 2010-08-07 20:37 503808 ----a-w- c:\documents and settings\Qure750\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-5df5bb20-n\msvcp71.dll
2010-08-07 20:37 . 2010-08-07 20:37 499712 ----a-w- c:\documents and settings\Qure750\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-5df5bb20-n\jmc.dll
2010-08-07 20:37 . 2010-08-07 20:37 348160 ----a-w- c:\documents and settings\Qure750\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-5df5bb20-n\msvcr71.dll
2010-08-07 20:37 . 2010-08-07 20:37 12800 ----a-w- c:\documents and settings\Qure750\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-607a8bb8-n\decora-d3d.dll
2010-08-07 18:32 . 2010-08-07 23:25 -------- d-----w- c:\documents and settings\Qure750\Dati applicazioni\uTorrent
2010-08-04 19:58 . 2010-08-04 19:58 -------- d-----w- c:\windows\Sun
2010-08-03 13:24 . 2010-08-03 13:24 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2010-08-03 13:24 . 2010-08-03 13:24 17212 ----a-w- c:\windows\system32\SIntf32.dll
2010-08-03 13:24 . 2010-08-03 13:24 12067 ----a-w- c:\windows\system32\SIntf16.dll
2010-08-03 13:17 . 2010-08-03 13:24 33089 ----a-w- c:\windows\DIIUnin.dat
2010-08-03 13:17 . 2010-08-03 13:17 2829 ----a-w- c:\windows\DIIUnin.pif
2010-08-03 13:17 . 2010-08-03 13:17 102400 ----a-w- c:\windows\DIIUnin.exe
2010-08-03 13:11 . 2010-08-04 12:41 -------- d-----w- c:\programmi\Diablo II
2010-08-01 11:20 . 2010-08-01 11:20 -------- d-----w- c:\programmi\File comuni\Java
2010-07-31 20:05 . 2010-07-31 20:05 -------- d-----w- c:\documents and settings\Qure750\Impostazioni locali\Dati applicazioni\Identities
2010-07-27 20:44 . 2001-08-30 21:07 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-07-27 20:44 . 2008-04-13 17:13 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-07-27 20:44 . 2008-04-13 09:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-07-27 20:44 . 2008-04-13 09:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-07-26 21:38 . 2010-07-26 21:38 -------- d-----w- C:\Program Files
2010-07-25 18:56 . 2010-07-26 14:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2010-07-25 18:56 . 2010-07-25 18:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\MessengerDiscovery 2
2010-07-25 18:56 . 2010-07-25 18:56 -------- d-----w- c:\programmi\Meegos Creator
2010-07-25 18:56 . 2010-07-25 18:56 2167292 ----a-w- c:\documents and settings\Qure750\Dati applicazioni\MessengerDiscovery 2\3781044454\Update.exe
2010-07-25 18:55 . 2010-08-06 15:29 -------- d-----w- c:\documents and settings\Qure750\Dati applicazioni\MessengerDiscovery 2
2010-07-25 18:55 . 2010-07-25 18:56 -------- d-----w- c:\programmi\MessengerDiscovery 2
2010-07-25 18:55 . 2010-07-25 21:21 -------- d-----w- c:\programmi\Messenger Plus! Live
2010-07-25 16:29 . 2010-07-25 16:29 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\ATI
2010-07-25 16:29 . 2010-07-25 16:29 0 ----a-w- c:\windows\ativpsrm.bin
2010-07-25 16:21 . 2010-07-25 16:21 -------- d-----w- C:\ATI
2010-07-25 01:23 . 2010-08-06 15:00 -------- d-----w- c:\programmi\alaplaya
2010-07-25 00:43 . 2010-08-11 22:46 -------- d-----w- c:\programmi\File comuni\Akamai
2010-07-25 00:43 . 2010-07-25 01:23 -------- d-----w- c:\programmi\S4league
2010-07-22 17:22 . 2010-07-22 17:22 409600 ----a-w- c:\windows\system32\wrap_oal.dll
2010-07-22 11:35 . 2010-08-09 21:12 -------- d-----w- c:\programmi\TFLotto
2010-07-21 19:34 . 2010-07-21 19:34 -------- d-----w- c:\documents and settings\Qure750\Dati applicazioni\Creative
2010-07-21 19:29 . 2008-04-13 17:13 26624 ----a-w- c:\documents and settings\LocalService\Dati applicazioni\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-07-21 17:00 . 2008-04-13 09:45 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2010-07-21 16:45 . 2010-07-21 16:45 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SlySoft
2010-07-21 16:44 . 2010-07-21 16:44 -------- d-----w- c:\programmi\Elaborate Bytes
2010-07-21 16:43 . 2010-07-21 16:43 -------- d-----w- c:\programmi\SlySoft
2010-07-21 16:32 . 2010-07-21 16:32 -------- d-----w- c:\programmi\Windows Media Connect 2
2010-07-21 16:31 . 2010-08-04 13:49 -------- d-----w- c:\windows\system32\LogFiles
2010-07-21 16:31 . 2010-07-21 16:32 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-07-21 16:13 . 2010-07-21 16:13 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-07-21 16:13 . 2010-07-21 16:13 -------- d-----w- c:\programmi\VS Revo Group
2010-07-21 15:53 . 2010-07-21 15:53 -------- d-----w- c:\programmi\VideoLAN
2010-07-21 15:48 . 2010-07-21 15:48 -------- d-----w- c:\programmi\eMule
2010-07-21 14:10 . 2008-04-13 17:13 54784 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-07-21 14:10 . 2008-04-13 17:13 54784 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-07-21 13:21 . 2008-04-13 17:13 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-07-20 23:04 . 2007-09-28 14:32 344064 ----a-w- c:\windows\vsnp2std.exe
2010-07-20 23:04 . 2007-07-20 13:38 81920 ----a-w- c:\windows\amcap.exe
2010-07-20 23:04 . 2007-07-11 14:09 20480 ----a-w- c:\windows\FixCamera.exe
2010-07-20 23:04 . 2007-05-12 09:19 270336 ----a-w- c:\windows\tsnp2std.exe
2010-07-20 23:04 . 2007-01-25 16:48 25472 ----a-w- c:\windows\system32\drivers\sncamd.sys
2010-07-20 23:04 . 2007-09-05 11:48 12212864 ----a-w- c:\windows\system32\drivers\snp2sxp.sys
2010-07-20 23:04 . 2010-07-20 23:04 -------- d-----w- c:\programmi\File comuni\snp2std
2010-07-20 23:04 . 2007-09-05 13:50 73728 ----a-w- c:\windows\system32\vsnp2std.dll
2010-07-20 23:04 . 2007-02-05 13:25 151552 ----a-w- c:\windows\system32\rsnp2std.dll
2010-07-20 23:04 . 2006-11-16 13:57 77824 ----a-w- c:\windows\system32\csnp2std.dll
2010-07-20 23:04 . 2010-07-20 23:04 -------- d-----w- c:\documents and settings\Qure750\Dati applicazioni\InstallShield
2010-07-20 23:02 . 2010-07-20 23:02 -------- d-----w- c:\programmi\KEMailKb
2010-07-20 22:59 . 2001-08-31 16:00 5632 -c--a-w- c:\windows\system32\dllcache\kbdvntc.dll
2010-07-20 22:41 . 2010-08-06 12:18 -------- d-----w- c:\documents and settings\Qure750\Dati applicazioni\skypePM
2010-07-20 22:41 . 2010-07-20 22:41 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-07-20 22:34 . 2010-07-20 22:34 -------- d-sh--w- c:\documents and settings\Qure750\IECompatCache
2010-07-20 22:33 . 2010-07-20 22:33 -------- d-sh--w- c:\documents and settings\Qure750\PrivacIE
2010-07-20 22:31 . 2010-08-06 12:19 -------- d-----w- c:\documents and settings\Qure750\Dati applicazioni\Skype
2010-07-20 22:29 . 2010-07-20 22:29 -------- d-----w- c:\programmi\File comuni\Skype
2010-07-20 22:28 . 2010-07-20 22:29 -------- d-----r- c:\programmi\Skype
2010-07-20 22:28 . 2010-07-20 22:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2010-07-20 22:24 . 2010-07-21 20:00 -------- d-----w- c:\documents and settings\Qure750\Dati applicazioni\Apple Computer
2010-07-20 21:37 . 2010-07-20 21:37 503808 ----a-w- c:\documents and settings\Qure750\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-63832d40-n\msvcp71.dll
2010-07-20 21:37 . 2010-07-20 21:37 499712 ----a-w- c:\documents and settings\Qure750\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-63832d40-n\jmc.dll
2010-07-20 21:37 . 2010-07-20 21:37 348160 ----a-w- c:\documents and settings\Qure750\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-63832d40-n\msvcr71.dll
2010-07-20 21:37 . 2010-07-20 21:37 61440 ----a-w- c:\documents and settings\Qure750\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-747b6bb3-n\decora-sse.dll
2010-07-20 21:37 . 2010-07-20 21:37 12800 ----a-w- c:\documents and settings\Qure750\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-747b6bb3-n\decora-d3d.dll
2010-07-20 21:37 . 2010-07-17 03:00 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-20 21:36 . 2010-07-20 21:38 -------- d-----w- c:\programmi\DAEMON Tools Lite
2010-07-20 21:32 . 2010-07-20 21:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DAEMON Tools Lite
2010-07-20 21:32 . 2010-07-20 21:32 -------- d-----w- c:\programmi\DAEMON Tools Toolbar
2010-07-20 21:30 . 2010-07-20 21:30 -------- d-sh--w- c:\documents and settings\Qure750\IETldCache
2010-07-20 21:27 . 2010-08-11 18:43 -------- d-----w- c:\documents and settings\Qure750\Tracing
2010-07-20 21:25 . 2010-07-20 21:25 -------- d-----w- c:\programmi\Microsoft
2010-07-20 21:25 . 2010-07-20 21:25 -------- d-----w- c:\programmi\Windows Live SkyDrive
2010-07-20 21:25 . 2010-07-20 21:25 -------- d-----w- c:\programmi\Windows Live
2010-07-20 21:24 . 2010-08-11 12:21 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2010-07-20 21:24 . 2010-07-20 21:26 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2010-07-20 21:22 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-07-20 21:22 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-07-20 21:22 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-07-20 21:22 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-07-20 21:22 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-07-20 21:22 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-07-20 21:22 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-07-20 21:22 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-07-20 21:22 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-07-20 21:22 . 2010-07-20 21:22 -------- d-----w- c:\programmi\Alwil Software
2010-07-20 21:22 . 2010-07-20 21:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Alwil Software
2010-07-20 21:20 . 2010-07-20 21:36 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-07-20 21:20 . 2010-07-20 21:33 -------- d-----w- c:\documents and settings\Qure750\Dati applicazioni\DAEMON Tools Lite
2010-07-20 21:19 . 2010-07-31 12:26 -------- d-----w- c:\programmi\CCleaner
2010-07-20 21:19 . 2008-10-30 21:15 227840 ----a-w- c:\windows\system32\bzFlRdr.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-10 08:56 . 2010-07-20 19:19 41152 ----a-w- c:\documents and settings\Qure750\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-08-08 01:59 . 2001-08-31 16:00 69790 ----a-w- c:\windows\system32\perfc010.dat
2010-08-08 01:59 . 2001-08-31 16:00 437644 ----a-w- c:\windows\system32\perfh010.dat
2010-07-25 16:25 . 2010-07-20 19:12 -------- d-----w- c:\programmi\ATI Technologies
2010-07-25 01:27 . 2010-07-20 18:56 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-07-25 01:23 . 2010-07-20 18:55 -------- d-----w- c:\programmi\File comuni\InstallShield
2010-07-22 17:23 . 2010-07-20 19:22 -------- d-----w- c:\programmi\Creative
2010-07-22 17:22 . 2003-03-28 03:24 114688 ----a-w- c:\windows\system32\OpenAL32.dll
2010-07-20 22:24 . 2010-07-20 22:23 -------- d-----w- c:\programmi\iTunes
2010-07-20 22:24 . 2010-07-20 22:23 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-07-20 22:23 . 2010-07-20 22:23 -------- d-----w- c:\programmi\iPod
2010-07-20 22:23 . 2010-07-20 22:22 -------- d-----w- c:\programmi\File comuni\Apple
2010-07-20 22:23 . 2010-07-20 22:23 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2010-07-20 22:23 . 2010-07-20 22:23 -------- d-----w- c:\programmi\QuickTime
2010-07-20 22:22 . 2010-07-20 22:22 -------- d-----w- c:\programmi\Apple Software Update
2010-07-20 22:22 . 2010-07-20 22:22 -------- d-----w- c:\programmi\Bonjour
2010-07-20 22:22 . 2010-07-20 22:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple
2010-07-20 19:19 . 2010-07-20 19:19 -------- d-----w- c:\documents and settings\Qure750\Dati applicazioni\ATI
2010-07-20 19:15 . 2010-07-20 19:15 9158 ----a-r- c:\documents and settings\Qure750\Dati applicazioni\Microsoft\Installer\{5399ACAF-7B15-43D5-9233-4E797B184FD2}\ARPPRODUCTICON.exe
2010-07-20 19:15 . 2010-07-20 19:15 -------- d-----w- c:\programmi\File comuni\ATI Technologies
2010-07-20 19:01 . 2010-07-20 19:01 -------- d-----w- c:\programmi\DIFX
2010-07-20 18:56 . 2010-07-20 18:56 -------- d-----w- c:\programmi\NVIDIA Corporation
2010-07-20 18:50 . 2010-07-20 18:34 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-07-20 18:35 . 2010-07-20 18:35 -------- d-----w- c:\programmi\microsoft frontpage
2010-07-20 18:33 . 2010-07-20 18:33 -------- d-----w- c:\programmi\Servizi in linea
2010-07-20 18:32 . 2010-07-20 18:32 21840 ----a-w- c:\windows\system32\emptyregdb.dat
2010-07-16 06:19 . 2010-07-16 06:19 73000 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\iTunes 9.2.1.4\SetupAdmin.exe
2010-06-09 20:41 . 2010-06-09 20:41 106432 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-05-18 14:35 . 2010-05-18 14:35 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\programmi\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Creative Detector"="c:\programmi\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"P17Helper"="P17.dll" [2005-05-03 64512]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2010-03-18 421888]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2010-07-16 141608]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-13 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-13 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168]
"KEMailKb"="c:\progra~1\KEMailKb\KEMailKb.EXE" [2006-05-15 401667]
"FixCamera"="c:\windows\FixCamera.exe" [2007-07-11 20480]
"tsnp2std"="c:\windows\tsnp2std.exe" [2007-05-12 270336]
"snp2std"="c:\windows\vsnp2std.exe" [2007-09-28 344064]
"StartCCC"="c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-05-14 248552]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
c:\documents and settings\Qure750\Menu Avvio\Programmi\Esecuzione automatica\
OpenOffice.org 3.2.lnk - c:\programmi\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Programmi\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\alaplaya\\LOCO\\System\\LOCO.exe"=
"d:\\Programmi\\uTorrent\\uTorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20/07/2010 23.22.37 165456]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [19/08/2004 15.39.46 14336]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20/07/2010 23.22.37 17744]
S3 XDva352;XDva352;\??\c:\windows\system32\XDva352.sys --> c:\windows\system32\XDva352.sys [?]
S3 XDva358;XDva358;\??\c:\windows\system32\XDva358.sys --> c:\windows\system32\XDva358.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/07/2010 23.20.21 691696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenuto della cartella 'Scheduled Tasks'
2010-07-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.virgilio.it/
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\documents and settings\Qure750\Dati applicazioni\Mozilla\Firefox\Profiles\hu1jfj59.default\
FF - prefs.js: browser.startup.homepage -
www.google.itFF - prefs.js: keyword.URL - hxxp://www.bing.com/?mkt=it-IT&FORM=MICI05&q=
FF - component: c:\documents and settings\Qure750\Dati applicazioni\Mozilla\Firefox\Profiles\hu1jfj59.default\extensions\{08d495ab-a86c-47b0-82ef-da87bf92f730}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Qure750\Dati applicazioni\Mozilla\Firefox\Profiles\hu1jfj59.default\extensions\{08d495ab-a86c-47b0-82ef-da87bf92f730}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Qure750\Dati applicazioni\Mozilla\Firefox\Profiles\hu1jfj59.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc_fireftp.dll
FF - component: c:\programmi\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\programmi\Java\jre6\bin\new_plugin\npdeployJava1.dll
---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti:
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="C:/Programmi/File comuni/Akamai/rswin_3725.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="C:/Programmi/File comuni/Akamai/rswin_3725.dll"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(748)
c:\windows\system32\Ati2evxx.dll
.
Ora fine scansione: 2010-08-12 00:53:10
ComboFix-quarantined-files.txt 2010-08-11 22:53
Pre-Run: 63.346.098.176 byte disponibili
Post-Run: 63.538.282.496 byte disponibili
- - End Of File - - 9724C628E46912216D0F031750E59985
