Ok,Combofix sono riuscito a farlo funzionare, mi potete controllare il log, perché ha rimosso qualche cosa:
ComboFix 09-11-16.05 - Ale2695 16/11/2009 18.16.47..2 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.2047.1492 [GMT 1:00]
Eseguito da: c:\documents and settings\Ale2695\Documenti\Download\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00000002-0002-0000-3C24-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-14EF-9D7C08000A00}
FW: PC Tools Firewall Plus *enabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\jestertb.dll
c:\windows\TEMP\logishrd\LVPrcInj02.dll
.
((((((((((((((((((((((((( Files Creati Da 2009-10-16 al 2009-11-16 )))))))))))))))))))))))))))))))))))
.
2009-11-15 18:03 . 2009-10-07 08:43 199192 ----a-w- c:\windows\system32\lvci12101110.dll
2009-11-15 18:02 . 2009-11-15 18:02 -------- d-----w- c:\programmi\Logitech
2009-11-15 17:59 . 2009-11-15 17:59 -------- d-----w- c:\programmi\File comuni\Logitech
2009-11-15 17:58 . 2009-11-15 17:58 -------- d-----w- c:\documents and settings\Ale2695\Impostazioni locali\Dati applicazioni\Downloaded Installations
2009-11-15 17:29 . 2009-11-15 17:29 -------- d-----w- c:\windows\ie8updates
2009-11-15 17:22 . 2009-08-29 07:56 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-11-15 17:22 . 2009-08-29 07:56 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-11-15 17:22 . 2009-08-29 07:56 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-11-15 17:22 . 2009-08-29 07:56 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-11-15 17:22 . 2009-08-29 07:56 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-11-15 17:22 . 2009-08-29 07:56 11069440 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-11-15 17:15 . 2009-11-15 17:15 -------- d-----w- c:\documents and settings\Ale2695\Dati applicazioni\temp
2009-11-15 14:35 . 2009-11-15 14:35 -------- d-sh--w- c:\documents and settings\Ale2695\IECompatCache
2009-11-15 14:34 . 2009-11-15 14:34 -------- d-sh--w- c:\documents and settings\Ale2695\PrivacIE
2009-11-15 14:30 . 2009-11-15 14:30 -------- d-sh--w- c:\documents and settings\Ale2695\IETldCache
2009-11-15 12:47 . 2009-11-15 12:48 -------- dc-h--w- c:\windows\ie8
2009-11-15 12:47 . 2009-11-15 12:48 -------- d-----w- c:\windows\system32\it-IT
2009-11-15 12:35 . 2009-11-15 12:35 -------- d-----w- c:\programmi\Microsoft CAPICOM 2.1.0.2
2009-11-15 11:47 . 2009-11-15 17:31 -------- d-----w- c:\documents and settings\Ale2695\Impostazioni locali\Dati applicazioni\ApplicationHistory
2009-11-15 11:47 . 2009-11-15 11:47 136 ----a-w- c:\documents and settings\Ale2695\Impostazioni locali\Dati applicazioni\fusioncache.dat
2009-11-15 11:47 . 2006-12-30 18:27 4569 -c--a-w- c:\windows\system32\dllcache\secupd.dat
2009-11-15 11:47 . 2006-12-30 18:27 4569 ------w- c:\windows\system32\secupd.dat
2009-11-15 11:46 . 2009-11-15 11:46 -------- d-----w- c:\programmi\MSXML 4.0
2009-11-15 11:40 . 2009-11-15 11:40 -------- d-----w- c:\documents and settings\Ale2695\Dati applicazioni\PCToolsFirewallPlus
2009-11-15 11:37 . 2009-10-06 15:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-11-15 11:37 . 2009-09-23 15:10 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-11-15 11:37 . 2009-10-30 10:11 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-11-15 11:36 . 2009-11-16 17:22 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-11-15 11:36 . 2009-11-15 11:37 -------- d-----w- c:\programmi\File comuni\PC Tools
2009-11-15 11:36 . 2009-10-30 10:09 70280 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.sys
2009-11-15 11:36 . 2009-10-16 15:09 55208 ----a-w- c:\windows\system32\drivers\pctNdis.sys
2009-11-15 11:36 . 2009-08-14 12:44 32552 ----a-w- c:\windows\system32\drivers\pctNdis-DNS.sys
2009-11-15 11:36 . 2009-10-16 15:55 115216 ----a-w- c:\windows\system32\drivers\pctplfw.sys
2009-11-15 11:36 . 2009-11-15 11:41 -------- d-----w- c:\programmi\PC Tools Firewall Plus
2009-11-15 11:24 . 2009-11-15 11:24 -------- d-----w- c:\documents and settings\Ale2695\Impostazioni locali\Dati applicazioni\Identities
2009-11-15 11:23 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-11-15 11:22 . 2009-11-15 11:22 -------- d-----w- c:\windows\Logs
2009-11-15 11:12 . 2009-11-15 11:12 -------- d-----w- c:\documents and settings\LocalService\Dati applicazioni\McAfee
2009-11-15 11:10 . 2009-11-15 11:10 -------- d-----w- c:\programmi\VS Revo Group
2009-11-15 11:08 . 2007-08-02 12:00 25600 ----a-w- c:\documents and settings\LocalService\Dati applicazioni\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-11-15 11:07 . 2009-11-15 11:07 -------- d-----w- c:\programmi\File comuni\McAfee
2009-11-15 11:07 . 2009-11-15 11:40 -------- d-----w- c:\programmi\McAfee
2009-11-15 11:07 . 2009-11-15 11:07 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McAfee
2009-11-15 10:03 . 2009-11-15 10:06 -------- d-----w- c:\documents and settings\Ale2695\Dati applicazioni\HpUpdate
2009-11-15 10:03 . 2009-11-15 10:03 -------- d-----w- c:\windows\Hewlett-Packard
2009-11-15 09:55 . 2009-11-15 09:58 -------- d-----w- c:\programmi\File comuni\HP
2009-11-15 09:52 . 2009-11-15 10:03 -------- d-----w- c:\programmi\Hewlett-Packard
2009-11-15 09:51 . 2009-11-15 09:51 -------- d-----w- c:\programmi\File comuni\Hewlett-Packard
2009-11-15 09:50 . 2009-11-15 09:51 -------- d-----w- c:\windows\system32\URTTemp
2009-11-15 09:49 . 2004-12-14 17:06 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2009-11-15 09:46 . 2009-11-15 10:04 -------- d-----w- c:\programmi\HP
2009-11-15 09:44 . 2009-11-15 09:44 -------- d-----w- c:\programmi\CCleaner
2009-11-15 09:44 . 2009-11-15 10:00 69099 ----a-w- c:\windows\hpoins05.dat
2009-11-15 09:44 . 2004-12-14 17:06 19696 ------w- c:\windows\hpomdl05.dat
2009-11-15 09:42 . 2009-10-07 08:47 266008 ----a-w- c:\windows\system32\drivers\lvrs.sys
2009-11-15 09:42 . 2009-10-07 08:24 34068 ----a-w- c:\windows\system32\Repository.reg
2009-11-15 09:42 . 2009-10-07 08:48 539160 ----a-w- c:\windows\system32\LVUI2RC.dll
2009-11-15 09:42 . 2009-10-07 08:48 539160 ----a-w- c:\windows\system32\LVUI2.dll
2009-11-15 09:42 . 2008-02-06 02:21 41752 ----a-r- c:\windows\system32\drivers\LVUSBSta.sys
2009-11-15 09:42 . 2008-02-06 02:18 195096 ----a-r- c:\windows\system32\lvci11701196.dll
2009-11-15 09:41 . 2009-10-07 08:43 416280 ----a-w- c:\windows\system32\lvcodec2.dll
2009-11-15 09:41 . 2009-10-07 08:49 6756632 ----a-w- c:\windows\system32\drivers\lvuvc.sys
2009-11-15 09:41 . 2009-10-07 08:49 23832 ----a-w- c:\windows\system32\drivers\lvuvcflt.sys
2009-11-14 17:04 . 2009-11-14 17:04 -------- d-----w- c:\programmi\Windows Media Connect 2
2009-11-14 17:03 . 2009-11-15 18:12 -------- d-----w- c:\windows\system32\LogFiles
2009-11-14 17:03 . 2009-11-14 17:03 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-11-14 17:03 . 2009-11-14 17:03 -------- d-----w- C:\2869b75e6c968bf2fa
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-16 17:21 . 2009-11-15 09:42 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-11-16 17:21 . 2009-11-15 09:41 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2009-11-15 18:04 . 2009-11-14 16:49 -------- d-----w- c:\programmi\File comuni\LogiShrd
2009-11-15 18:02 . 2009-11-14 16:49 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Logishrd
2009-11-15 14:35 . 2007-08-02 12:00 63180 ----a-w- c:\windows\system32\perfc010.dat
2009-11-15 14:35 . 2007-08-02 12:00 425432 ----a-w- c:\windows\system32\perfh010.dat
2009-11-15 12:49 . 2009-11-14 16:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-11-15 11:04 . 2009-11-14 16:21 -------- d-----w- c:\programmi\EA SPORTS
2009-11-15 09:40 . 2009-11-14 15:53 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NOS
2009-11-14 16:59 . 2009-11-14 15:58 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-11-14 16:59 . 2009-11-14 16:57 -------- d-----w- c:\programmi\CyberLink
2009-11-14 16:57 . 2009-11-14 15:33 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-11-14 16:56 . 2009-11-14 16:56 -------- d-----w- c:\programmi\File comuni\Adobe
2009-11-14 16:53 . 2009-11-14 15:31 68448 ----a-w- c:\documents and settings\Ale2695\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-11-14 16:52 . 2009-11-14 16:51 -------- d-----w- c:\programmi\Windows Live
2009-11-14 16:52 . 2009-11-14 16:52 -------- d-----w- c:\programmi\Microsoft SQL Server Compact Edition
2009-11-14 16:51 . 2009-11-14 16:51 -------- d-----w- c:\programmi\Microsoft
2009-11-14 16:51 . 2009-11-14 16:51 -------- d-----w- c:\programmi\Windows Live SkyDrive
2009-11-14 16:50 . 2009-11-14 16:50 -------- d-----w- c:\documents and settings\Ale2695\Dati applicazioni\Leadertech
2009-11-14 16:49 . 2009-11-14 16:49 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Logitech
2009-11-14 16:45 . 2009-11-14 16:45 -------- d-----w- c:\programmi\File comuni\Windows Live
2009-11-14 16:44 . 2009-11-14 16:15 -------- d-----w- c:\programmi\Microsoft Works
2009-11-14 16:15 . 2009-11-14 16:15 -------- d-----w- c:\programmi\MSBuild
2009-11-14 16:04 . 2009-11-14 16:04 0 ----a-w- c:\windows\nsreg.dat
2009-11-14 16:02 . 2009-11-14 16:02 -------- d-----w- c:\programmi\Avira
2009-11-14 16:02 . 2009-11-14 16:02 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2009-11-14 15:58 . 2009-11-14 15:58 -------- d-----w- c:\programmi\Realtek
2009-11-14 15:54 . 2009-11-14 15:54 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ahead
2009-11-14 15:54 . 2009-11-14 15:52 -------- d-----w- c:\programmi\File comuni\Ahead
2009-11-14 15:53 . 2009-11-14 15:53 1962544 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NOS\Adobe_Downloads\install_flash_player_ax.exe
2009-11-14 15:52 . 2009-11-14 15:52 -------- d-----w- c:\programmi\Nero
2009-11-14 15:52 . 2009-11-14 15:52 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nero
2009-11-14 15:46 . 2009-11-14 15:46 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-11-14 15:42 . 2007-08-02 12:00 506880 ----a-w- c:\windows\system32\winlogon.exe
2009-11-14 15:33 . 2009-11-14 15:33 315392 ----a-w- c:\windows\HideWin.exe
2009-11-14 15:33 . 2009-11-14 15:33 -------- d-----w- c:\programmi\DIFX
2009-11-14 15:32 . 2009-11-14 15:32 -------- d-----w- c:\documents and settings\Ale2695\Dati applicazioni\InstallShield
2009-11-14 15:26 . 2009-11-14 15:26 -------- d-----w- c:\programmi\microsoft frontpage
2009-11-14 15:25 . 2009-11-14 15:25 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-11-14 15:25 . 2009-11-14 15:25 -------- d-----w- c:\programmi\Servizi in linea
2009-11-14 15:23 . 2009-11-14 15:23 21840 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-14 12:40 . 2009-10-14 12:40 296280 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Logishrd\LQCVFX\Filters\VMSEF.dll
2009-10-14 12:37 . 2009-10-14 12:37 6781272 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Logishrd\LQCVFX\Filters\MMSEF.dll
2009-10-07 08:25 . 2009-11-15 18:03 266828 ----a-w- c:\windows\system32\drivers\LVAFT.cfg
2009-10-07 00:46 . 2009-10-07 00:46 25752 ----a-w- c:\windows\system32\drivers\LVPr2Mon.sys
2009-10-07 00:25 . 2009-10-07 00:25 85302 ----a-w- c:\windows\system32\drivers\LVFeL102.cfg
2009-10-07 00:25 . 2009-10-07 00:25 69592 ----a-w- c:\windows\system32\drivers\LVFaL100.cfg
2009-10-07 00:25 . 2009-10-07 00:25 227172 ----a-w- c:\windows\system32\drivers\LVFeL100.cfg
2009-10-07 00:25 . 2009-10-07 00:25 146680 ----a-w- c:\windows\system32\drivers\LVFeL101.cfg
2009-10-07 00:23 . 2009-10-07 00:23 13584 ----a-w- c:\windows\system32\drivers\iKeyLFT2.dll
2009-09-25 05:48 . 2009-09-25 05:48 81920 ------w- c:\windows\system32\ieencode.dll
2009-09-11 14:34 . 2007-08-02 12:00 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 20:45 . 2007-08-02 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:56 . 2007-08-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:14 . 2007-08-02 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
.
------- Sigcheck -------
[-] 2009-11-14 15:42 . BBB128D4D36D82A3588DE37966ACDAB0 . 506880 . . [5.1.2600.3160 built by: xpsp_sp2_qfe(pavang)] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . 9259170D29B5A256735FCB8B80280857 . 510464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\073a8e9684d59d4923c2eb2e44aa36af\winlogon.exe
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2004-08-19 1667584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-17 13529088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-17 86016]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"00PCTFW"="c:\programmi\PC Tools Firewall Plus\FirewallGUI.exe" [2009-10-28 2971608]
"LogitechQuickCamRibbon"="c:\programmi\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-05-17 1630208]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-07-05 16380416]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2007-08-02 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^Ale2695^Menu Avvio^Programmi^Esecuzione automatica^Logitech . Registrazione prodotti.lnk]
path=c:\documents and settings\Ale2695\Menu Avvio\Programmi\Esecuzione automatica\Logitech . Registrazione prodotti.lnk
backup=c:\windows\pss\Logitech . Registrazione prodotti.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Ale2695^Menu Avvio^Programmi^Esecuzione automatica^Ritaglio schermata e avvio di OneNote 2007.lnk]
path=c:\documents and settings\Ale2695\Menu Avvio\Programmi\Esecuzione automatica\Ritaglio schermata e avvio di OneNote 2007.lnk
backup=c:\windows\pss\Ritaglio schermata e avvio di OneNote 2007.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio rapido di HP Image Zone.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio rapido di HP Image Zone.lnk
backup=c:\windows\pss\Avvio rapido di HP Image Zone.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\CyberLink\\PowerDVD\\PowerDVD.exe"=
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [15/11/2009 12.37.04 233136]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [15/11/2009 12.07.22 92296]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [15/11/2009 12.37.05 87784]
R3 PCTFW-DNS;PCTools Firewall - DNS driver;c:\windows\system32\drivers\pctNdis-DNS.sys [15/11/2009 12.36.53 32552]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [15/11/2009 12.36.53 70280]
R3 pctNDIS;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [15/11/2009 12.36.53 55208]
R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [15/11/2009 12.36.50 115216]
--- Altri Servizi/Drivers In Memoria ---
*Deregistered* - mbr
.
Contenuto della cartella 'Scheduled Tasks'
2009-11-16 c:\windows\Tasks\User_Feed_Synchronization-{6320E425-A66C-4C3F-BAEB-FE58BEB9EC39}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page =
hxxp://it.yahoo.com/uInternet Connection Wizard,ShellNext =
hxxp://it.yahoo.com/IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Ale2695\Dati applicazioni\Mozilla\Firefox\Profiles\2rtjoo4z.default\
FF - prefs.js: browser.startup.homepage -
hxxp://it.yahoo.com/FF - component: c:\programmi\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: c:\programmi\Windows Live\Photo Gallery\NPWLPG.dll
---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-11-16 18:22
Windows 5.1.2600 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'explorer.exe'(3108)
c:\windows\system32\WININET.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\browselc.dll
c:\programmi\Microsoft Office\Office12\1040\GrooveIntlResource.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Avira\AntiVir Desktop\sched.exe
c:\programmi\Avira\AntiVir Desktop\avguard.exe
c:\programmi\Nero\Nero 7\InCD\InCDsrv.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\nvsvc32.exe
c:\programmi\PC Tools Firewall Plus\FWService.exe
c:\programmi\File comuni\Logishrd\LQCVFX\COCIManager.exe
c:\windows\system32\HPZipm12.exe
c:\programmi\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2009-11-16 18:27 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-11-16 17:27
Pre-Run: 140.240.715.776 byte disponibili
Post-Run: 140.483.682.304 byte disponibili
- - End Of File - - 244E86608078A660ACF4AC6A1D79BC7C
Inviato: lun nov 16, 2009 6:00 pm![[;)]](http://www.megalab.it/forum/images/smilies/wink.gif "Occhiolino")