Te lo allego. ComboFix mi elimina il file, ma dopo un pò mi ricompare...
ComboFix 10-01-16.02 - HP_Proprietario 01/16/2010 22:34:54.8.1 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.2.1252.39.1040.18.1535.1195 [GMT 1:00]
Eseguito da: c:\documents and settings\HP_Proprietario\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\csrcs.exe
.
((((((((((((((((((((((((( Files Creati Da 2009-12-16 al 2010-01-16 )))))))))))))))))))))))))))))))))))
.
2010-01-12 18:58 . 2005-10-21 01:47 12800 ------w- c:\windows\system32\drivers\usb8023x.sys
2010-01-12 18:58 . 2005-10-21 01:47 30592 ------w- c:\windows\system32\drivers\rndismpx.sys
2010-01-12 18:57 . 2010-01-12 18:57 -------- d-----w- c:\programmi\Microsoft ActiveSync
2010-01-12 13:46 . 2010-01-12 13:46 33340 ----a-w- c:\windows\system32\drivers\OldUsbkey.sys
2010-01-12 13:46 . 2010-01-12 13:46 7440 ----a-w- c:\windows\system32\ppmon.dll
2010-01-12 13:46 . 2010-01-12 13:46 131072 ----a-w- c:\windows\system32\NWKL2_32.DLL
2010-01-12 13:46 . 2010-01-12 13:46 12480 ----a-w- c:\windows\system32\KL2N.DLL
2010-01-12 13:46 . 2010-01-12 13:46 8968 ----a-w- c:\windows\system32\KL2DLL.DLL
2010-01-12 13:46 . 2010-01-12 13:46 -------- d-----w- c:\programmi\RST Instruments
2010-01-12 11:59 . 2010-01-12 11:59 0 ----a-w- C:\backupfile.dat
2010-01-12 11:59 . 2010-01-12 11:59 46368 ----a-w- C:\gradarra2.dat
2010-01-03 11:26 . 2010-01-03 11:26 -------- d-----w- C:\Software_Reflex
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 17:57 . 2007-10-10 11:48 -------- d-----w- c:\programmi\SIMAclivo
2010-01-12 13:46 . 2003-12-18 14:27 24136 ----a-w- c:\windows\system32\ppmon.exe
2010-01-12 13:46 . 2003-12-18 14:27 118784 ----a-w- c:\windows\system32\KL2DLL32.DLL
2010-01-06 15:24 . 2008-05-14 10:31 -------- d-----w- c:\programmi\REFLEX
2009-12-20 21:16 . 2007-10-24 17:04 -------- d-----w- c:\documents and settings\HP_Proprietario\Dati applicazioni\NRG
2009-12-20 12:08 . 2009-06-20 07:22 862040 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\threatwork.exe
2009-12-20 12:08 . 2009-06-20 07:22 206944 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\lavamessage.dll
2009-12-20 12:08 . 2009-06-20 07:22 390288 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\lavalicense.dll
2009-12-20 12:08 . 2009-12-12 19:00 537576 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\aawapi.dll
2009-12-20 12:08 . 2009-06-20 07:22 370744 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2009-12-20 12:08 . 2009-06-20 07:22 194104 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Savapibridge.dll
2009-12-20 12:07 . 2009-06-20 07:22 6296864 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Resources.dll
2009-12-20 12:07 . 2009-06-20 07:22 933120 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\CEAPI.dll
2009-12-20 12:07 . 2009-06-20 07:22 816272 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-12-20 12:07 . 2009-06-20 07:22 822904 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-12-20 12:07 . 2009-06-20 07:22 1643272 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-12-20 12:07 . 2009-06-20 07:22 788880 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-12-20 12:07 . 2009-06-20 07:22 1181328 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-12-15 18:05 . 2009-12-15 18:05 87552 --sha-w- C:\msrpc01.exe
2009-12-15 18:05 . 2009-12-15 18:05 12136 --sh--w- c:\windows\system32\drivers\krndrv32.sys
2009-12-15 18:04 . 2009-12-15 18:05 225280 --sh--r- c:\windows\system32\wmisqty.exe
2009-12-13 18:30 . 2009-12-13 18:30 -------- d-----w- c:\documents and settings\HP_Proprietario\Dati applicazioni\magpick
2009-12-13 18:30 . 2009-12-13 18:30 -------- d-----w- c:\programmi\MagPick
2009-12-13 18:24 . 2009-12-13 18:24 -------- d-----w- c:\programmi\MagMap2000
2009-12-12 19:00 . 2009-06-07 07:57 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-12-12 19:00 . 2009-06-07 07:46 15880 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\lsdelete.exe
2009-12-12 19:00 . 2009-06-07 07:46 163728 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\ShellExt.dll
2009-12-12 18:59 . 2009-06-07 07:46 327000 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\RPAPI.dll
2009-12-12 18:59 . 2009-06-07 07:45 87496 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2009-12-12 18:59 . 2009-11-29 10:31 641632 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2009-11-29 10:42 . 2009-11-29 10:42 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-29 10:31 . 2009-11-29 10:31 17632 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\WSCUpdate.dll
2009-11-29 10:31 . 2009-11-29 10:31 68640 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Drivers\64\lbd.sys
2009-11-29 10:31 . 2009-11-29 10:31 303976 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Drivers\64\AAWDriverTool.exe
2009-11-29 10:31 . 2009-06-20 07:22 640760 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\AAWWSC.exe
2009-10-25 10:38 . 2004-01-01 18:45 83682 ----a-w- c:\windows\system32\perfc010.dat
2009-10-25 10:38 . 2004-01-01 18:45 487448 ----a-w- c:\windows\system32\perfh010.dat
2007-01-22 14:34 . 2007-01-22 14:34 0 --sha-w- c:\windows\SMINST\HPCD.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-12-22_22.04.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-09-23 00:16 . 2005-09-23 00:16 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2005-09-23 00:16 . 2005-09-23 00:16 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2005-02-10 10:05 . 2005-02-10 10:05 36864 c:\windows\system32\smiehlp.dll
+ 2000-05-19 13:24 . 2000-05-19 13:24 49152 c:\windows\system32\POINT32.dll
+ 2004-02-26 23:00 . 2004-02-26 23:00 61493 c:\windows\system32\MFCN42D.DLL
+ 2004-01-03 17:36 . 2005-10-21 01:47 12800 c:\windows\system32\drivers\usb8023.sys
+ 2004-01-03 17:35 . 2005-10-21 01:47 30592 c:\windows\system32\drivers\rndismp.sys
+ 2004-01-03 17:36 . 2005-10-21 01:47 12800 c:\windows\system32\dllcache\usb8023.sys
+ 2004-01-03 17:35 . 2005-10-21 01:47 30592 c:\windows\system32\dllcache\rndismp.sys
+ 2004-01-01 11:00 . 2010-01-01 21:36 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat
- 2004-01-01 11:00 . 2009-12-20 12:08 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat
- 2004-01-01 11:00 . 2009-12-20 12:08 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat
+ 2004-01-01 11:00 . 2010-01-01 21:36 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat
+ 2006-01-20 11:34 . 2006-01-20 11:34 25088 c:\windows\system32\clxwin32.dll
+ 2006-01-20 11:34 . 2006-01-20 11:34 67072 c:\windows\system32\clnwin32.dll
+ 2006-11-13 13:38 . 2006-11-13 13:38 23336 c:\windows\system32\ceutil.dll
+ 2010-01-12 18:57 . 2010-01-12 18:57 22486 c:\windows\Installer\{99052DB7-9592-4522-A558-5417BBAD48EE}\WCESMgrIcon.exe
+ 2010-01-12 18:57 . 2010-01-12 18:57 22486 c:\windows\Installer\{99052DB7-9592-4522-A558-5417BBAD48EE}\ARPPRODUCTICON.exe
+ 2010-01-12 13:46 . 2010-01-12 13:46 45056 c:\windows\Installer\{2EF432D9-7DE7-49A8-80D3-55A20B49CC12}\Inclinalysis.exe_F02D55519C744E639ACF325A75788967.exe
+ 2010-01-12 18:58 . 2005-10-21 01:47 12800 c:\windows\Driver Cache\i386\usb8023x.sys
+ 2010-01-12 18:58 . 2005-10-21 01:47 30592 c:\windows\Driver Cache\i386\rndismpx.sys
+ 2006-11-13 12:30 . 2006-11-13 12:30 4608 c:\windows\system32\HookDLL.DLL
+ 2010-01-12 13:46 . 2010-01-12 13:46 8854 c:\windows\Installer\{2EF432D9-7DE7-49A8-80D3-55A20B49CC12}\UNINST_Uninstall_I_973004ED89BC4EA3A9993CB00C806CA0.exe
+ 2010-01-12 13:46 . 2010-01-12 13:46 8854 c:\windows\Installer\{2EF432D9-7DE7-49A8-80D3-55A20B49CC12}\RST_Instruments_we_BA43A54EFDF642A383EDB90D4E154A5E.exe
+ 2010-01-12 13:46 . 2010-01-12 13:46 8854 c:\windows\Installer\{2EF432D9-7DE7-49A8-80D3-55A20B49CC12}\license.rtf_80112B4EF5234FBCB2FA48592DEDC2D6.exe
+ 2010-01-12 13:46 . 2010-01-12 13:46 8854 c:\windows\Installer\{2EF432D9-7DE7-49A8-80D3-55A20B49CC12}\Inclinalysis_Manua_4454F3A841334374A66C693F76F780D4.exe
+ 2010-01-12 13:46 . 2010-01-12 13:46 8854 c:\windows\Installer\{2EF432D9-7DE7-49A8-80D3-55A20B49CC12}\Inclinalysis_Help._8B1446D4EC3D4ABB933678F4579AF2CF.exe
+ 2010-01-12 13:46 . 2010-01-12 13:46 4526 c:\windows\Installer\{2EF432D9-7DE7-49A8-80D3-55A20B49CC12}\ARPPRODUCTICON.exe
+ 2006-11-13 13:38 . 2006-11-13 13:38 138024 c:\windows\system32\rapi.dll
+ 2006-01-20 11:34 . 2006-01-20 11:34 245843 c:\windows\system32\nwshlxnt.dll
+ 2006-01-20 11:34 . 2006-01-20 11:34 839762 c:\windows\system32\novnpnt.dll
+ 2006-01-20 11:34 . 2006-01-20 11:34 275456 c:\windows\system32\netwin32.dll
+ 2006-01-20 11:34 . 2006-01-20 11:34 155136 c:\windows\system32\ncpwin32.dll
+ 2000-07-14 23:00 . 2000-07-14 23:00 434252 c:\windows\system32\MSVCRTD.DLL
+ 2000-07-14 23:00 . 2000-07-14 23:00 798773 c:\windows\system32\MFCO42D.DLL
+ 2000-07-14 23:00 . 2000-07-14 23:00 929844 c:\windows\system32\MFC42D.DLL
+ 2006-01-20 11:34 . 2006-01-20 11:34 116520 c:\windows\system32\MAPBASER.DLL
+ 2006-01-20 11:34 . 2006-01-20 11:34 233554 c:\windows\system32\mapbase.dll
+ 2006-01-20 11:34 . 2006-01-20 11:34 110080 c:\windows\system32\locwin32.dll
+ 2006-01-20 11:34 . 2006-01-20 11:34 158720 c:\windows\system32\calwin32.dll
+ 2005-03-05 17:28 . 2005-03-05 17:28 131072 c:\windows\system32\AcSignIcon.dll
+ 2010-01-12 18:57 . 2010-01-12 18:57 869376 c:\windows\Installer\11bdd14.msi
+ 2005-09-23 00:16 . 2005-09-23 00:16 1079808 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2005-09-23 00:16 . 2005-09-23 00:16 1093632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2010-01-12 13:46 . 2010-01-12 13:46 8124928 c:\windows\Installer\12e4c90.msi
+ 2010-01-12 13:44 . 2010-01-12 13:44 22700032 c:\windows\Downloaded Installations\{38FCF8D0-BA55-4FD9-9040-668E2CDAA65E}\Inclinalysis 2.29.msi
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-27 68856]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2004-08-19 1667584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\programmi\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HPHUPD06"="c:\programmi\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2004-05-07 286720]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"SiS Windows KeyHook"="c:\windows\system32\keyhook.exe" [2004-05-20 249856]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 88363]
"PS2"="c:\windows\system32\ps2.exe" [2002-10-16 81920]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-06-24 339968]
"AlcxMonitor"="ALCXMNTR.EXE" [2003-04-04 50176]
"AdslTaskBar"="stmctrl.dll" [2003-01-22 151552]
"D-Link AirPlus XtremeG"="c:\programmi\D-Link\AirPlus XtremeG\AirPlusCFG.exe" [2006-07-07 1323008]
"ANIWZCS2Service"="c:\programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2006-06-01 49152]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-25 1948440]
"Ad-Watch"="c:\programmi\Lavasoft\Ad-Aware\AAWTray.exe" [2009-12-20 788880]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.exe.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2005-11-27 110592]
HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-29 241664]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-25 07:24 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgnsx.exe"=
"c:\\WINDOWS\\system32\\wmisqty.exe"=
"c:\programmi\Microsoft ActiveSync\rapimgr.exe"= c:\programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programmi\Microsoft ActiveSync\wcescomm.exe"= c:\programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programmi\Microsoft ActiveSync\WCESMgr.exe"= c:\programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"14153:TCP"= 14153:TCP:NortonAV
"12926:TCP"= 12926:TCP:NortonAV
"16915:TCP"= 16915:TCP:NortonAV
"14660:TCP"= 14660:TCP:NortonAV
"17623:TCP"= 17623:TCP:NortonAV
"13414:TCP"= 13414:TCP:NortonAV
"13639:TCP"= 13639:TCP:NortonAV
"12311:TCP"= 12311:TCP:NortonAV
"14117:TCP"= 14117:TCP:NortonAV
"12194:TCP"= 12194:TCP:NortonAV
"1947:TCP"= 1947:TCP:HASP SRM
"1947:UDP"= 1947:UDP:HASP SRM
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [11/29/2009 11:43 AM 64288]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmi\Lavasoft\Ad-Aware\AAWService.exe [9/24/2009 12:17 PM 1181328]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/30/2009 8:42 AM 327688]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/30/2009 8:42 AM 108552]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
S2 P1C1394;Phase One 1394 Camera Driver;c:\windows\system32\drivers\p1c1394.sys [9/27/2009 4:13 PM 23552]
S3 A5AGU;D-Link USB Wireless Network Adapter Service;c:\windows\system32\drivers\A5AGU.sys [10/29/2007 7:57 PM 347648]
S3 FTD2XX;PET Hardware drivers;c:\windows\system32\drivers\FTD2XX.sys [8/25/2007 9:57 AM 34639]
S3 krndrv32;Kernel Device Driver;c:\windows\system32\drivers\krndrv32.sys [12/15/2009 7:05 PM 12136]
S3 Stmatm;ATM/ADSL miniport;c:\windows\system32\drivers\stmatm.sys [10/23/2005 10:23 PM 59338]
S3 TaurusUsb;ADSL Modem USB Service 1.09a;c:\windows\system32\drivers\torususb.sys [10/23/2005 10:23 PM 527980]
S3 Wibukey2;Wibukey2;c:\windows\system32\drivers\Wibukey2.sys [5/27/2006 3:04 PM 16384]
--- Altri Servizi/Drivers In Memoria ---
*NewlyCreated* - P1C1394
.
Contenuto della cartella 'Scheduled Tasks'
2010-01-16 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:07]
2010-01-16 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:07]
2010-01-16 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:07]
2010-01-16 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:07]
2010-01-16 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:07]
.
.
------- Scansione supplementare -------
.
uStart Page =
hxxp://www.google.it/uDefault_Search_URL =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopmStart Page =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopmSearch Bar =
hxxp://www.google.com/ieuSearchAssistant =
hxxp://www.google.com/ieuSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\HP_Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\298deat0.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.it/.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-01-16 22:45
Windows 5.1.2600 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_USERS\S-1-5-21-3483238777-1222112192-4008248173-1007\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync]
"Name"="ActiveSync"
"DisplayName"="Microsoft ActiveSync"
"Param1"="ActiveSync"
"Type"="wellknown"
"Order"=dword:00000000
"State"=dword:0000000b
[HKEY_USERS\S-1-5-21-3483238777-1222112192-4008248173-1007\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings]
"Name"="IESettings"
"Type"="IESettings"
"Order"=dword:00000003
"State"=dword:0000000b
[HKEY_USERS\S-1-5-21-3483238777-1222112192-4008248173-1007\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles]
"Name"="MediaFiles"
"Type"="MediaFiles"
"Order"=dword:00000002
"State"=dword:0000000b
[HKEY_USERS\S-1-5-21-3483238777-1222112192-4008248173-1007\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW]
"Name"="NPW"
"Param1"="NPW"
"Type"="wellknown"
"Order"=dword:00000001
"State"=dword:0000000b
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(224)
c:\windows\system32\Ati2evxx.dll
.
Ora fine scansione: 2010-01-16 22:51:39
ComboFix-quarantined-files.txt 2010-01-16 21:51
ComboFix2.txt 2010-01-10 15:36
ComboFix3.txt 2010-01-08 17:20
ComboFix4.txt 2010-01-02 22:13
ComboFix5.txt 2010-01-16 21:33
Pre-Run: 75,506,700,288 byte disponibili
Post-Run: 75,515,535,360 byte disponibili
- - End Of File - - 0290E0CFBA208BD5F23A18E91344AD1C