Ho cercato in giro ed ho provato a fare un po di scansioni.
Vi allego il log di FindyKill e di Gmer.
############################## [ FindyKill V4.720 ]
# User : Annamaria (Administrators) # CASA
# Update on 19/03/09 by Chiquitine29
# Start at: 14.30.36 | 21/03/2009
# mobile AMD Athlon(tm) XP 1600+
# Microsoft Windows XP Home Edition (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Disabled
# A:\ # Disco floppy, 3,5 pollici
# C:\ # Disco rigido locale # 11,17 Go (2,87 Go free) # FAT32
# D:\ # Disco rigido locale # 7,42 Go (3,56 Go free) # FAT32
# E:\ # Disco CD-ROM
############################## [ Active Processes ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Trend Micro\PC-cillin 2000\Tmntsrv.exe
C:\WINDOWS\Hcontrol.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\khooker.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Trend Micro\PC-cillin 2000\Pop3trap.exe
C:\Programmi\Trend Micro\PC-cillin 2000\WebTrapNT.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe
C:\Programmi\3Com\3Com Wireless USB Utility\Wlan.exe
C:\Programmi\Trend Micro\PC-cillin 2000\PNTIOMON.exe
C:\Programmi\Asus\Asus Hotkey\Hotkey.exe
C:\Programmi\Asus\Asus ChkMail\ChkMail.exe
C:\Programmi\Trend Micro\PC-cillin 2000\pccntupd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\ATKOSD.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
################## [ Infected Files / Folders C:\ ]
################## [ C:\WINDOWS ]
################## [ C:\WINDOWS\system32 ]
################## [ C:\WINDOWS\system32\drivers ]
################## [ C:\.. Application Data ... ]
################## [ Registry / Infected keys ]
################## [ Searching in removable drives ]
# Presence of files :
################## [ Registry / Mountpoint2 ]
# -> Not found !
################## [ ! End of report # FindyKill V4.720 ! ]
# User : Annamaria (Administrators) # CASA
# Update on 19/03/09 by Chiquitine29
# Start at: 14.30.36 | 21/03/2009
# mobile AMD Athlon(tm) XP 1600+
# Microsoft Windows XP Home Edition (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Disabled
# A:\ # Disco floppy, 3,5 pollici
# C:\ # Disco rigido locale # 11,17 Go (2,87 Go free) # FAT32
# D:\ # Disco rigido locale # 7,42 Go (3,56 Go free) # FAT32
# E:\ # Disco CD-ROM
############################## [ Active Processes ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Trend Micro\PC-cillin 2000\Tmntsrv.exe
C:\WINDOWS\Hcontrol.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\khooker.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Trend Micro\PC-cillin 2000\Pop3trap.exe
C:\Programmi\Trend Micro\PC-cillin 2000\WebTrapNT.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe
C:\Programmi\3Com\3Com Wireless USB Utility\Wlan.exe
C:\Programmi\Trend Micro\PC-cillin 2000\PNTIOMON.exe
C:\Programmi\Asus\Asus Hotkey\Hotkey.exe
C:\Programmi\Asus\Asus ChkMail\ChkMail.exe
C:\Programmi\Trend Micro\PC-cillin 2000\pccntupd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\ATKOSD.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
################## [ Infected Files / Folders C:\ ]
################## [ C:\WINDOWS ]
################## [ C:\WINDOWS\system32 ]
################## [ C:\WINDOWS\system32\drivers ]
################## [ C:\.. Application Data ... ]
################## [ Registry / Infected keys ]
################## [ Searching in removable drives ]
# Presence of files :
################## [ Registry / Mountpoint2 ]
# -> Not found !
################## [ ! End of report # FindyKill V4.720 ! ]
GMER 1.0.15.14944 - http://www.gmer.net
Rootkit scan 2009-03-21 14:29:21
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.15 ----
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF760987E]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF7609C10]
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat tmpreflt.sys (Trend pre-filter for XP/TrendMicro)
---- EOF - GMER 1.0.15 ----
Rootkit scan 2009-03-21 14:29:21
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.15 ----
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF760987E]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF7609C10]
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat tmpreflt.sys (Trend pre-filter for XP/TrendMicro)
---- EOF - GMER 1.0.15 ----
Aiutatemi!!!