reinstallazione alice e scansione con combo fix
Inviato: mar mar 31, 2009 2:44 pmda roberto1956
Salve a tutti.
Ho dovuto reinstallare Alice adsl. Dopo l'operazione la connessione era particolarmente lenta.
Ho effettuato una scansione con Malwarebytes' Anti-Malware, con questo risultato:
Poiché persisteva la lentezza, ho scansionato con Combo fix, con questo risultato:
Cortesemente, mi potete dire se ci sono dei problemi?
Grazie
Ho dovuto reinstallare Alice adsl. Dopo l'operazione la connessione era particolarmente lenta.
Ho effettuato una scansione con Malwarebytes' Anti-Malware, con questo risultato:
Malwarebytes' Anti-Malware 1.35
Versione del database: 1910
Windows 5.1.2600 Service Pack 3
28/03/2009 12.57.50
mbam-log-2009-03-28 (12-57-50).txt
Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 143491
Tempo trascorso: 46 minute(s), 4 second(s)
Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 2
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 1
Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)
Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)
Chiavi di registro infette:
(Nessun elemento malevolo rilevato)
Valori di registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cnxtrapp (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)
Cartelle infette:
(Nessun elemento malevolo rilevato)
File infetti:
C:\Programmi\Pirelli\Access Gateway USB Network\CnxTrApp.dll (Trojan.Agent) -> Delete on reboot.
Versione del database: 1910
Windows 5.1.2600 Service Pack 3
28/03/2009 12.57.50
mbam-log-2009-03-28 (12-57-50).txt
Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 143491
Tempo trascorso: 46 minute(s), 4 second(s)
Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 2
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 1
Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)
Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)
Chiavi di registro infette:
(Nessun elemento malevolo rilevato)
Valori di registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cnxtrapp (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)
Cartelle infette:
(Nessun elemento malevolo rilevato)
File infetti:
C:\Programmi\Pirelli\Access Gateway USB Network\CnxTrApp.dll (Trojan.Agent) -> Delete on reboot.
Poiché persisteva la lentezza, ho scansionato con Combo fix, con questo risultato:
ComboFix 09-03-29.02 - Rober 2009-03-31 15.31.28.6 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.503.292 [GMT 2:00]
Eseguito da: c:\documents and settings\Rober\Desktop\VIRUS\ComboFix1.exe
AV: avast! antivirus 4.8.1335 [VPS 090330-0] *On-access scanning disabled* (Updated)
.
((((((((((((((((((((((((( Files Creati Da 2009-02-28 al 2009-03-31 )))))))))))))))))))))))))))))))))))
.
2009-03-23 19:19 . 2009-03-23 19:19 <DIR> d-------- c:\documents and settings\LocalService\Menu Avvio
2009-03-23 19:18 . 2009-03-23 19:18 <DIR> d-------- c:\programmi\Pirelli
2009-03-23 19:18 . 2009-03-23 19:18 <DIR> d-------- c:\programmi\Motive
2009-03-23 19:18 . 2004-04-20 16:24 52,864 --a------ c:\windows\system32\drivers\CnxTrUsb.sys
2009-03-23 19:18 . 2004-04-20 16:24 25,984 --a------ c:\windows\system32\drivers\CnxTrLan.sys
2009-03-19 16:07 . 2009-03-19 16:07 <DIR> d-------- c:\windows\tessdata
2009-03-19 16:07 . 2009-03-19 16:07 <DIR> d-------- c:\programmi\Softi Software
2009-03-19 16:07 . 2009-03-19 16:07 <DIR> d-------- c:\documents and settings\Rober\Dati applicazioni\Softi Software
2009-03-19 14:58 . 2009-03-19 14:58 <DIR> d-------- c:\programmi\Java
2009-03-19 14:58 . 2009-03-19 14:58 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-19 14:58 . 2009-03-19 14:58 0 --a------ c:\windows\system32\REN28.tmp
2009-03-19 14:58 . 2009-03-19 14:58 0 --a------ c:\windows\system32\REN27.tmp
2009-03-19 14:58 . 2009-03-19 14:58 0 --a------ c:\windows\system32\REN26.tmp
2009-03-19 13:34 . 2009-03-19 13:34 <DIR> d-------- C:\pdftxtconverter
2009-03-19 11:42 . 2009-03-19 11:42 <DIR> d-------- c:\programmi\SomePDF
2009-03-06 17:31 . 2009-03-06 17:31 <DIR> d-------- c:\programmi\Free PDF to Word Doc Converter
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-26 14:49 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-26 14:49 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-03-19 12:58 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-02-09 13:04 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 13:04 1,846,784 ------w c:\windows\system32\dllcache\win32k.sys
2009-01-16 19:15 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-20 21:30 63,488 ------w c:\windows\system32\dllcache\icardie.dll
2008-12-20 21:30 6,066,688 ------w c:\windows\system32\dllcache\ieframe.dll
2008-12-20 21:30 44,544 ----a-w c:\windows\system32\dllcache\iernonce.dll
2008-12-20 21:30 384,512 ----a-w c:\windows\system32\dllcache\iedkcs32.dll
2008-12-20 21:30 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
2008-12-20 21:30 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
2008-12-20 21:30 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
2008-12-20 21:30 230,400 ----a-w c:\windows\system32\dllcache\ieaksie.dll
2008-12-20 21:30 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll
2008-12-20 21:30 153,088 ----a-w c:\windows\system32\dllcache\ieakeng.dll
2008-12-20 21:30 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll
2008-12-20 21:30 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll
2008-12-19 08:12 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 08:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 04:25 634,024 ----a-w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 04:23 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
2008-12-11 09:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2008-12-05 05:55 144,896 ----a-w c:\windows\system32\schannel.dll
2008-12-05 05:55 144,896 ------w c:\windows\system32\dllcache\schannel.dll
2008-11-12 12:21 19,000 ----a-w c:\documents and settings\Rober\Dati applicazioni\GDIPFONTCACHEV1.DAT
2006-06-03 00:32 14 ----a-w c:\documents and settings\Rober\getfile.dat
2008-10-07 22:56 32,768 --sha-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012008100820081009\index.dat
.
((((((((((((((((((((((((((((( SnapShot_2009-03-30_ 2.15.13,10 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-03-31 12:26:16 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_63c.dat
+ 2009-03-31 12:26:26 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_86c.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-06 15:20 279944 --a------ c:\programmi\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\programmi\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\programmi\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2008-04-14 1695232]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-09 68856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" [2008-11-18 21633320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hcontrol"="c:\windows\ATK0100\Hcontrol.exe" [2004-05-27 86016]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-07-15 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-07-15 118784]
"ASUS Live Update"="c:\programmi\ASUS\ASUS Live Update\ALU.exe" [2003-09-19 172032]
"Power_Gear"="c:\programmi\ASUS\Power4 Gear\BatteryLife.exe" [2004-01-19 81920]
"SynTPLpr"="c:\programmi\Synaptics\SynTP\SynTPLpr.exe" [2004-08-05 102400]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2004-08-05 684032]
"PRONoMgr.exe"="c:\programmi\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [2004-02-05 86016]
"Adobe Photo Downloader"="c:\programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-07 57344]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"AliceRE_McciTrayApp"="c:\progra~1\ALICET~1\vendors\AliceRE\content\template\DRIVEN~1\syncer\MCCITR~1.EXE" [2006-11-21 936960]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-03-19 148888]
"Motive SmartBridge"="c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
"SoundMan"="SOUNDMAN.EXE" [2004-05-21 c:\windows\SOUNDMAN.EXE]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
ASUS ChkMail.lnk - c:\programmi\Asus\Asus ChkMail\ChkMail.exe [2005-12-28 32768]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2009-03-24 217088]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
2004-03-03 16:48 110592 c:\windows\system32\LgNotify.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Asus\\ASUS Live Update\\LiveUpdt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\VLC.EXE"=
"c:\\Programmi\\Windows Media Player\\wmplayer.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-16 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-11-16 20560]
R2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [2008-07-28 8192]
R3 ATKXPDisplayName;ATKXPDisplayName;c:\windows\system32\drivers\ATKACPI.sys [2005-12-28 5786]
.
Contenuto della cartella 'Scheduled Tasks'
2009-03-31 c:\windows\Tasks\User_Feed_Synchronization-{5BE42351-2C70-47D3-BDA5-0EF8D9FDFE0A}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 11:58]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.corriere.it/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyServer = mail.voltex.co.za:80
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-31 15:33:28
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(544)
c:\windows\system32\LgNotify.dll
.
Ora fine scansione: 2009-03-31 15.34.47
ComboFix-quarantined-files.txt 2009-03-31 13:34:46
ComboFix3.txt 2009-03-30 00:16:14
ComboFix2.txt 2009-03-30 07:09:12
Pre-Run: 41.106.997.248 byte disponibili
Post-Run: 41,341,779,968 byte disponibili
152 --- E O F --- 2009-03-17 12:48:15
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.503.292 [GMT 2:00]
Eseguito da: c:\documents and settings\Rober\Desktop\VIRUS\ComboFix1.exe
AV: avast! antivirus 4.8.1335 [VPS 090330-0] *On-access scanning disabled* (Updated)
.
((((((((((((((((((((((((( Files Creati Da 2009-02-28 al 2009-03-31 )))))))))))))))))))))))))))))))))))
.
2009-03-23 19:19 . 2009-03-23 19:19 <DIR> d-------- c:\documents and settings\LocalService\Menu Avvio
2009-03-23 19:18 . 2009-03-23 19:18 <DIR> d-------- c:\programmi\Pirelli
2009-03-23 19:18 . 2009-03-23 19:18 <DIR> d-------- c:\programmi\Motive
2009-03-23 19:18 . 2004-04-20 16:24 52,864 --a------ c:\windows\system32\drivers\CnxTrUsb.sys
2009-03-23 19:18 . 2004-04-20 16:24 25,984 --a------ c:\windows\system32\drivers\CnxTrLan.sys
2009-03-19 16:07 . 2009-03-19 16:07 <DIR> d-------- c:\windows\tessdata
2009-03-19 16:07 . 2009-03-19 16:07 <DIR> d-------- c:\programmi\Softi Software
2009-03-19 16:07 . 2009-03-19 16:07 <DIR> d-------- c:\documents and settings\Rober\Dati applicazioni\Softi Software
2009-03-19 14:58 . 2009-03-19 14:58 <DIR> d-------- c:\programmi\Java
2009-03-19 14:58 . 2009-03-19 14:58 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-19 14:58 . 2009-03-19 14:58 0 --a------ c:\windows\system32\REN28.tmp
2009-03-19 14:58 . 2009-03-19 14:58 0 --a------ c:\windows\system32\REN27.tmp
2009-03-19 14:58 . 2009-03-19 14:58 0 --a------ c:\windows\system32\REN26.tmp
2009-03-19 13:34 . 2009-03-19 13:34 <DIR> d-------- C:\pdftxtconverter
2009-03-19 11:42 . 2009-03-19 11:42 <DIR> d-------- c:\programmi\SomePDF
2009-03-06 17:31 . 2009-03-06 17:31 <DIR> d-------- c:\programmi\Free PDF to Word Doc Converter
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-26 14:49 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-26 14:49 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-03-19 12:58 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-02-09 13:04 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 13:04 1,846,784 ------w c:\windows\system32\dllcache\win32k.sys
2009-01-16 19:15 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-20 21:30 63,488 ------w c:\windows\system32\dllcache\icardie.dll
2008-12-20 21:30 6,066,688 ------w c:\windows\system32\dllcache\ieframe.dll
2008-12-20 21:30 44,544 ----a-w c:\windows\system32\dllcache\iernonce.dll
2008-12-20 21:30 384,512 ----a-w c:\windows\system32\dllcache\iedkcs32.dll
2008-12-20 21:30 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
2008-12-20 21:30 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
2008-12-20 21:30 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
2008-12-20 21:30 230,400 ----a-w c:\windows\system32\dllcache\ieaksie.dll
2008-12-20 21:30 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll
2008-12-20 21:30 153,088 ----a-w c:\windows\system32\dllcache\ieakeng.dll
2008-12-20 21:30 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll
2008-12-20 21:30 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll
2008-12-19 08:12 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 08:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 04:25 634,024 ----a-w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 04:23 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
2008-12-11 09:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2008-12-05 05:55 144,896 ----a-w c:\windows\system32\schannel.dll
2008-12-05 05:55 144,896 ------w c:\windows\system32\dllcache\schannel.dll
2008-11-12 12:21 19,000 ----a-w c:\documents and settings\Rober\Dati applicazioni\GDIPFONTCACHEV1.DAT
2006-06-03 00:32 14 ----a-w c:\documents and settings\Rober\getfile.dat
2008-10-07 22:56 32,768 --sha-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012008100820081009\index.dat
.
((((((((((((((((((((((((((((( SnapShot_2009-03-30_ 2.15.13,10 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-03-31 12:26:16 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_63c.dat
+ 2009-03-31 12:26:26 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_86c.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-06 15:20 279944 --a------ c:\programmi\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\programmi\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\programmi\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2008-04-14 1695232]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-09 68856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" [2008-11-18 21633320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hcontrol"="c:\windows\ATK0100\Hcontrol.exe" [2004-05-27 86016]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-07-15 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-07-15 118784]
"ASUS Live Update"="c:\programmi\ASUS\ASUS Live Update\ALU.exe" [2003-09-19 172032]
"Power_Gear"="c:\programmi\ASUS\Power4 Gear\BatteryLife.exe" [2004-01-19 81920]
"SynTPLpr"="c:\programmi\Synaptics\SynTP\SynTPLpr.exe" [2004-08-05 102400]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2004-08-05 684032]
"PRONoMgr.exe"="c:\programmi\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [2004-02-05 86016]
"Adobe Photo Downloader"="c:\programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-07 57344]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"AliceRE_McciTrayApp"="c:\progra~1\ALICET~1\vendors\AliceRE\content\template\DRIVEN~1\syncer\MCCITR~1.EXE" [2006-11-21 936960]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-03-19 148888]
"Motive SmartBridge"="c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
"SoundMan"="SOUNDMAN.EXE" [2004-05-21 c:\windows\SOUNDMAN.EXE]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
ASUS ChkMail.lnk - c:\programmi\Asus\Asus ChkMail\ChkMail.exe [2005-12-28 32768]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2009-03-24 217088]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
2004-03-03 16:48 110592 c:\windows\system32\LgNotify.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Asus\\ASUS Live Update\\LiveUpdt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\VLC.EXE"=
"c:\\Programmi\\Windows Media Player\\wmplayer.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-16 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-11-16 20560]
R2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [2008-07-28 8192]
R3 ATKXPDisplayName;ATKXPDisplayName;c:\windows\system32\drivers\ATKACPI.sys [2005-12-28 5786]
.
Contenuto della cartella 'Scheduled Tasks'
2009-03-31 c:\windows\Tasks\User_Feed_Synchronization-{5BE42351-2C70-47D3-BDA5-0EF8D9FDFE0A}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 11:58]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.corriere.it/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyServer = mail.voltex.co.za:80
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-31 15:33:28
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(544)
c:\windows\system32\LgNotify.dll
.
Ora fine scansione: 2009-03-31 15.34.47
ComboFix-quarantined-files.txt 2009-03-31 13:34:46
ComboFix3.txt 2009-03-30 00:16:14
ComboFix2.txt 2009-03-30 07:09:12
Pre-Run: 41.106.997.248 byte disponibili
Post-Run: 41,341,779,968 byte disponibili
152 --- E O F --- 2009-03-17 12:48:15
Cortesemente, mi potete dire se ci sono dei problemi?
Grazie
![[boh]](http://www.megalab.it/forum/images/smilies/dntknw.gif "Boh")
![[fischio]](http://www.megalab.it/forum/images/smilies/whistling.gif "Fischiettando")