www.MegaLab.it

[grazioni2000]

salve praticamente forse ho dei virus ho istallato avira antivirus mi funziona fa aggiornamenti pero' al momento che facciouna scansione verso il 70% praticamente il computer si blocca diventa lo schermo neroe lo devo far riavviare : l' ho tolto ho provato a fare la scansione online con karspesy7 la stessa cosa ma verso la meta del percorso si blocca. allora seguendo varie discussioni su questo forum ho fatto il combo fix.e questo e' il resoconto

ComboFix 09-04-04.01 - daniele 2009-04-10 15.54.59.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.510.388 [GMT 2:00]
Eseguito da: c:\documents and settings\daniele \Desktop\daniele.exe
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((( Files Creati Da 2009-03-10 al 2009-04-10 )))))))))))))))))))))))))))))))))))
.

2009-04-10 08:30 . 2009-04-10 08:30 22 --a------ c:\windows\system32\ati64hlp.stb
2009-04-10 08:15 . 2004-08-25 13:48 6,508,544 --a------ c:\windows\system32\atioglxx.dll
2009-04-10 08:15 . 2004-08-25 13:26 389,120 --a------ c:\windows\system32\ati2evxx.exe
2009-04-10 08:15 . 2004-08-25 14:40 294,912 --a------ c:\windows\system32\atiiiexx.dll
2009-04-10 08:15 . 2004-08-25 14:22 151,552 --a------ c:\windows\system32\ATIDEMGR.dll
2009-04-10 08:15 . 2004-08-25 13:27 126,976 --a------ c:\windows\system32\atipdlxx.dll
2009-04-10 08:15 . 2004-08-25 13:27 86,016 --a------ c:\windows\system32\ati2evxx.dll
2009-04-10 08:15 . 2004-08-25 13:26 81,920 --a------ c:\windows\system32\ATIDDC.DLL
2009-04-10 08:15 . 2004-08-25 13:27 65,536 --a------ c:\windows\system32\Ati2mdxx.exe
2009-04-10 08:15 . 2004-08-25 13:27 30,720 --a------ c:\windows\system32\ati2edxx.dll
2009-04-10 08:15 . 2001-11-09 11:01 24,064 --a------ c:\windows\system32\ativcoxx.dll
2009-04-10 08:15 . 2004-08-25 13:12 17,408 --a------ c:\windows\system32\atitvo32.dll
2009-04-10 08:02 . 2009-04-10 08:02 10 --a------ c:\windows\WININIT.INI
2009-04-09 21:28 . 2006-03-02 14:00 221,184 --a------ c:\windows\system32\wmpns.dll
2009-04-09 19:56 . 2009-04-09 19:58 <DIR> d-------- c:\programmi\Folder Lock
2009-04-09 19:56 . 2002-12-25 09:44 380,928 --a------ c:\windows\system32\vaultskn.ocx
2009-04-09 19:56 . 2005-04-11 16:40 73,728 --a------ c:\windows\system32\FLKill.exe
2009-04-09 19:56 . 2009-04-09 19:56 53,248 --a------ c:\windows\system32\suppdll.dll
2009-04-09 19:56 . 2009-04-09 19:56 35,363 --a------ c:\windows\system32\windrvNT.sys
2009-04-09 19:56 . 1999-04-23 22:22 20,992 --a------ c:\windows\system32\hhopen.ocx
2009-04-09 19:44 . 2009-04-09 19:44 <DIR> d-------- c:\programmi\CCleaner
2009-04-09 19:33 . 2009-04-09 19:33 <DIR> d-------- c:\windows\Sun
2009-04-09 16:11 . 2009-04-10 12:04 <DIR> d-------- c:\programmi\Metin2_Italiano
2009-04-09 15:52 . 2009-04-09 15:52 410,984 --a------ c:\windows\system32\deploytk.dll
2009-04-09 15:52 . 2009-04-09 15:52 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-04-09 15:51 . 2009-04-09 15:51 <DIR> d-------- c:\programmi\Java
2009-04-09 14:21 . 2009-02-13 11:31 55,640 --a------ c:\windows\system32\drivers\avgntflt.sys
2009-04-09 14:16 . 2009-04-10 08:16 <DIR> d--h----- c:\programmi\InstallShield Installation Information
2009-04-09 14:16 . 2009-04-09 14:16 <DIR> d-------- c:\programmi\File comuni\InstallShield
2009-04-09 14:16 . 2009-04-10 08:16 <DIR> d-------- c:\programmi\ATI Technologies
2009-04-09 14:16 . 2004-08-25 13:25 2,239,328 --a--c--- c:\windows\system32\dllcache\ati3duag.dll
2009-04-09 14:16 . 2004-08-25 13:25 2,239,328 --------- c:\windows\system32\ati3duag.dll
2009-04-09 14:16 . 2004-08-25 13:28 787,456 --a------ c:\windows\system32\drivers\ati2mtag.sys
2009-04-09 14:16 . 2004-08-25 13:28 787,456 --a--c--- c:\windows\system32\dllcache\ati2mtag.sys
2009-04-09 14:16 . 2004-08-25 13:15 476,928 --a--c--- c:\windows\system32\dllcache\ativvaxx.dll
2009-04-09 14:16 . 2004-08-25 13:15 476,928 --------- c:\windows\system32\ativvaxx.dll
2009-04-09 14:16 . 2004-08-25 13:10 237,568 --a--c--- c:\windows\system32\dllcache\ati2cqag.dll
2009-04-09 14:16 . 2004-08-25 13:10 237,568 --------- c:\windows\system32\ati2cqag.dll
2009-04-09 14:16 . 2004-08-25 13:29 209,408 --a--c--- c:\windows\system32\dllcache\ati2dvag.dll
2009-04-09 14:16 . 2004-08-25 13:29 209,408 --------- c:\windows\system32\ati2dvag.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-08 18:42 --------- d-----w c:\programmi\microsoft frontpage
2009-04-08 18:40 --------- d-----w c:\programmi\Servizi in linea
2009-02-09 14:56 1,846,272 ----a-w c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2006-03-02 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-04-09 148888]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]

[ste_95]

Hai tagliato il log.

[grazioni2000]

ComboFix 09-04-04.01 - daniele graziani 2009-04-10 15.54.59.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.510.388 [GMT 2:00]
Eseguito da: c:\documents and settings\daniele graziani\Desktop\daniele.exe
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((( Files Creati Da 2009-03-10 al 2009-04-10 )))))))))))))))))))))))))))))))))))
.

2009-04-10 08:30 . 2009-04-10 08:30 22 --a------ c:\windows\system32\ati64hlp.stb
2009-04-10 08:15 . 2004-08-25 13:48 6,508,544 --a------ c:\windows\system32\atioglxx.dll
2009-04-10 08:15 . 2004-08-25 13:26 389,120 --a------ c:\windows\system32\ati2evxx.exe
2009-04-10 08:15 . 2004-08-25 14:40 294,912 --a------ c:\windows\system32\atiiiexx.dll
2009-04-10 08:15 . 2004-08-25 14:22 151,552 --a------ c:\windows\system32\ATIDEMGR.dll
2009-04-10 08:15 . 2004-08-25 13:27 126,976 --a------ c:\windows\system32\atipdlxx.dll
2009-04-10 08:15 . 2004-08-25 13:27 86,016 --a------ c:\windows\system32\ati2evxx.dll
2009-04-10 08:15 . 2004-08-25 13:26 81,920 --a------ c:\windows\system32\ATIDDC.DLL
2009-04-10 08:15 . 2004-08-25 13:27 65,536 --a------ c:\windows\system32\Ati2mdxx.exe
2009-04-10 08:15 . 2004-08-25 13:27 30,720 --a------ c:\windows\system32\ati2edxx.dll
2009-04-10 08:15 . 2001-11-09 11:01 24,064 --a------ c:\windows\system32\ativcoxx.dll
2009-04-10 08:15 . 2004-08-25 13:12 17,408 --a------ c:\windows\system32\atitvo32.dll
2009-04-10 08:02 . 2009-04-10 08:02 10 --a------ c:\windows\WININIT.INI
2009-04-09 21:28 . 2006-03-02 14:00 221,184 --a------ c:\windows\system32\wmpns.dll
2009-04-09 19:56 . 2009-04-09 19:58 <DIR> d-------- c:\programmi\Folder Lock
2009-04-09 19:56 . 2002-12-25 09:44 380,928 --a------ c:\windows\system32\vaultskn.ocx
2009-04-09 19:56 . 2005-04-11 16:40 73,728 --a------ c:\windows\system32\FLKill.exe
2009-04-09 19:56 . 2009-04-09 19:56 53,248 --a------ c:\windows\system32\suppdll.dll
2009-04-09 19:56 . 2009-04-09 19:56 35,363 --a------ c:\windows\system32\windrvNT.sys
2009-04-09 19:56 . 1999-04-23 22:22 20,992 --a------ c:\windows\system32\hhopen.ocx
2009-04-09 19:44 . 2009-04-09 19:44 <DIR> d-------- c:\programmi\CCleaner
2009-04-09 19:33 . 2009-04-09 19:33 <DIR> d-------- c:\windows\Sun
2009-04-09 16:11 . 2009-04-10 12:04 <DIR> d-------- c:\programmi\Metin2_Italiano
2009-04-09 15:52 . 2009-04-09 15:52 410,984 --a------ c:\windows\system32\deploytk.dll
2009-04-09 15:52 . 2009-04-09 15:52 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-04-09 15:51 . 2009-04-09 15:51 <DIR> d-------- c:\programmi\Java
2009-04-09 14:21 . 2009-02-13 11:31 55,640 --a------ c:\windows\system32\drivers\avgntflt.sys
2009-04-09 14:16 . 2009-04-10 08:16 <DIR> d--h----- c:\programmi\InstallShield Installation Information
2009-04-09 14:16 . 2009-04-09 14:16 <DIR> d-------- c:\programmi\File comuni\InstallShield
2009-04-09 14:16 . 2009-04-10 08:16 <DIR> d-------- c:\programmi\ATI Technologies
2009-04-09 14:16 . 2004-08-25 13:25 2,239,328 --a--c--- c:\windows\system32\dllcache\ati3duag.dll
2009-04-09 14:16 . 2004-08-25 13:25 2,239,328 --------- c:\windows\system32\ati3duag.dll
2009-04-09 14:16 . 2004-08-25 13:28 787,456 --a------ c:\windows\system32\drivers\ati2mtag.sys
2009-04-09 14:16 . 2004-08-25 13:28 787,456 --a--c--- c:\windows\system32\dllcache\ati2mtag.sys
2009-04-09 14:16 . 2004-08-25 13:15 476,928 --a--c--- c:\windows\system32\dllcache\ativvaxx.dll
2009-04-09 14:16 . 2004-08-25 13:15 476,928 --------- c:\windows\system32\ativvaxx.dll
2009-04-09 14:16 . 2004-08-25 13:10 237,568 --a--c--- c:\windows\system32\dllcache\ati2cqag.dll
2009-04-09 14:16 . 2004-08-25 13:10 237,568 --------- c:\windows\system32\ati2cqag.dll
2009-04-09 14:16 . 2004-08-25 13:29 209,408 --a--c--- c:\windows\system32\dllcache\ati2dvag.dll
2009-04-09 14:16 . 2004-08-25 13:29 209,408 --------- c:\windows\system32\ati2dvag.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-08 18:42 --------- d-----w c:\programmi\microsoft frontpage
2009-04-08 18:40 --------- d-----w c:\programmi\Servizi in linea
2009-02-09 14:56 1,846,272 ----a-w c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2006-03-02 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-04-09 148888]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
WinZip Quick Pick.lnk - c:\programmi\WinZip\WZQKPICK.EXE [2009-04-09 118784]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Metin2_Italiano\\metin2.bin"=

.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-10 15:56:04
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti:

**************************************************************************
.
Ora fine scansione: 2009-04-10 15.57.00
ComboFix-quarantined-files.txt 2009-04-10 13:56:58

Pre-Run: 154.940.461.056 byte disponibili
Post-Run: 155,016,273,920 byte disponibili

WindowsXP-KB310994-SP2-Home-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

100 --- E O F --- 2009-04-09 17:57:54

[grazioni2000]

dopo aver esegiuto alcuni programmi di pulizia horeistallato avira antivirus ma non e'cambiato niente ,la scansione avira arriva ad un certo punto e poi va in crasch il pc e sonon costrettoad avviarlo di nuovo ho fatto una nuova scansione con combofixquesto e il log che posto adesso grazie

ComboFix 09-04-04.01 - daniele graziani 2009-04-10 23.15.00.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.39.1040.18.510.333 [GMT 2:00]
Eseguito da: c:\documents and settings\daniele graziani\Desktop\aws.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated)
.

((((((((((((((((((((((((( Files Creati Da 2009-03-10 al 2009-04-10 )))))))))))))))))))))))))))))))))))
.

2009-04-10 22:09 . 2009-04-10 22:09 <DIR> d-------- c:\programmi\Avira
2009-04-10 22:09 . 2009-04-10 22:09 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Avira
2009-04-10 21:12 . 2009-04-10 21:12 <DIR> d-------- c:\programmi\Windows Media Connect 2
2009-04-10 21:11 . 2009-04-10 21:11 <DIR> d-------- c:\windows\system32\LogFiles
2009-04-10 21:11 . 2009-04-10 21:11 <DIR> d-------- c:\windows\system32\drivers\UMDF
2009-04-10 21:11 . 2009-04-10 21:12 1,374 --a------ c:\windows\imsins.BAK
2009-04-10 20:54 . 2009-04-10 20:54 <DIR> dr-hs---- C:\Volume Information
2009-04-10 20:53 . 2009-04-10 20:53 <DIR> d-------- c:\windows\Instant Lock
2009-04-10 20:53 . 2009-04-10 20:57 <DIR> d-------- c:\programmi\Instant Lock
2009-04-10 20:47 . 2009-04-10 20:47 <DIR> d-------- c:\programmi\HD Tune
2009-04-10 20:36 . 2009-04-10 20:37 <DIR> d-------- c:\programmi\Folder Lock 6
2009-04-10 20:20 . 2009-04-10 20:23 <DIR> d-------- C:\FindyKill
2009-04-10 19:56 . 2009-04-10 19:56 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2009-04-10 19:56 . 2009-04-10 19:56 <DIR> d-------- c:\documents and settings\daniele graziani\Dati applicazioni\Malwarebytes
2009-04-10 19:56 . 2009-04-10 19:56 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-04-10 19:56 . 2009-04-06 15:32 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-10 19:56 . 2009-04-06 15:32 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-04-10 15:52 . 2009-04-10 15:57 <DIR> d-------- C:\daniele
2009-04-10 08:30 . 2009-04-10 08:30 22 --a------ c:\windows\system32\ati64hlp.stb
2009-04-10 08:15 . 2004-08-25 13:48 6,508,544 --a------ c:\windows\system32\atioglxx.dll
2009-04-10 08:15 . 2004-08-25 13:26 389,120 --a------ c:\windows\system32\ati2evxx.exe
2009-04-10 08:15 . 2004-08-25 14:40 294,912 --a------ c:\windows\system32\atiiiexx.dll
2009-04-10 08:15 . 2004-08-25 14:22 151,552 --a------ c:\windows\system32\ATIDEMGR.dll
2009-04-10 08:15 . 2004-08-25 13:27 126,976 --a------ c:\windows\system32\atipdlxx.dll
2009-04-10 08:15 . 2004-08-25 13:27 86,016 --a------ c:\windows\system32\ati2evxx.dll
2009-04-10 08:15 . 2004-08-25 13:26 81,920 --a------ c:\windows\system32\ATIDDC.DLL
2009-04-10 08:15 . 2004-08-25 13:27 65,536 --a------ c:\windows\system32\Ati2mdxx.exe
2009-04-10 08:15 . 2004-08-25 13:27 30,720 --a------ c:\windows\system32\ati2edxx.dll
2009-04-10 08:15 . 2001-11-09 11:01 24,064 --a------ c:\windows\system32\ativcoxx.dll
2009-04-10 08:15 . 2004-08-25 13:12 17,408 --a------ c:\windows\system32\atitvo32.dll
2009-04-10 08:02 . 2009-04-10 08:02 10 --a------ c:\windows\WININIT.INI
2009-04-09 21:28 . 2006-03-02 14:00 221,184 --a------ c:\windows\system32\wmpns.dll
2009-04-09 19:56 . 2009-04-10 20:49 <DIR> d-------- c:\programmi\Folder Lock
2009-04-09 19:56 . 2002-12-25 09:44 380,928 --a------ c:\windows\system32\vaultskn.ocx
2009-04-09 19:56 . 2005-04-11 16:40 73,728 --a------ c:\windows\system32\FLKill.exe
2009-04-09 19:56 . 2009-04-09 19:56 53,248 --a------ c:\windows\system32\suppdll.dll
2009-04-09 19:56 . 2009-04-09 19:56 35,363 --a------ c:\windows\system32\windrvNT.sys
2009-04-09 19:56 . 1999-04-23 22:22 20,992 --a------ c:\windows\system32\hhopen.ocx
2009-04-09 19:44 . 2009-04-09 19:44 <DIR> d-------- c:\programmi\CCleaner
2009-04-09 19:33 . 2009-04-09 19:33 <DIR> d-------- c:\windows\Sun
2009-04-09 16:11 . 2009-04-10 17:26 <DIR> d-------- c:\programmi\Metin2_Italiano
2009-04-09 15:52 . 2009-04-09 15:52 410,984 --a------ c:\windows\system32\deploytk.dll
2009-04-09 15:52 . 2009-04-09 15:52 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-04-09 15:51 . 2009-04-09 15:51 <DIR> d-------- c:\programmi\Java
2009-04-09 14:21 . 2009-02-13 11:31 55,640 --a------ c:\windows\system32\drivers\avgntflt.sys
2009-04-09 14:16 . 2009-04-10 08:16 <DIR> d--h----- c:\programmi\InstallShield Installation Information
2009-04-09 14:16 . 2009-04-09 14:16 <DIR> d-------- c:\programmi\File comuni\InstallShield
2009-04-09 14:16 . 2009-04-10 08:16 <DIR> d-------- c:\programmi\ATI Technologies
2009-04-09 14:16 . 2004-08-25 13:25 2,239,328 --a--c--- c:\windows\system32\dllcache\ati3duag.dll
2009-04-09 14:16 . 2004-08-25 13:25 2,239,328 --------- c:\windows\system32\ati3duag.dll
2009-04-09 14:16 . 2004-08-25 13:28 787,456 --a------ c:\windows\system32\drivers\ati2mtag.sys
2009-04-09 14:16 . 2004-08-25 13:28 787,456 --a--c--- c:\windows\system32\dllcache\ati2mtag.sys
2009-04-09 14:16 . 2004-08-25 13:15 476,928 --a--c--- c:\windows\system32\dllcache\ativvaxx.dll
2009-04-09 14:16 . 2004-08-25 13:15 476,928 --------- c:\windows\system32\ativvaxx.dll
2009-04-09 14:16 . 2004-08-25 13:10 237,568 --a--c--- c:\windows\system32\dllcache\ati2cqag.dll
2009-04-09 14:16 . 2004-08-25 13:10 237,568 --------- c:\windows\system32\ati2cqag.dll
2009-04-09 14:16 . 2004-08-25 13:29 209,408 --a--c--- c:\windows\system32\dllcache\ati2dvag.dll
2009-04-09 14:16 . 2004-08-25 13:29 209,408 --------- c:\windows\system32\ati2dvag.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-08 18:42 --------- d-----w c:\programmi\microsoft frontpage
2009-04-08 18:40 --------- d-----w c:\programmi\Servizi in linea
2009-02-09 14:56 1,846,272 ----a-w c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((( SnapShot_2009-04-10_21.43.49,38 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-10-18 18:03:58 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-17 23:09:22 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
- 2006-10-18 19:47:20 937,984 -c--a-w c:\windows\system32\dllcache\WMNetMgr.dll
+ 2008-06-18 03:03:08 938,496 -c--a-w c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-18 19:47:22 2,450,944 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 03:03:14 2,458,112 -c--a-w c:\windows\system32\dllcache\WMVCore.dll
+ 2009-02-13 09:17:49 45,416 ----a-w c:\windows\system32\drivers\avgntdd.sys
+ 2009-02-13 09:29:11 22,360 ----a-w c:\windows\system32\drivers\avgntmgr.sys
+ 2009-02-13 12:22:54 95,576 ----a-w c:\windows\system32\drivers\avipbb.sys
+ 2009-02-13 09:50:02 28,376 ----a-w c:\windows\system32\drivers\ssmdrv.sys
- 2006-10-18 18:03:58 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-17 23:09:22 100,864 ----a-w c:\windows\system32\logagent.exe
- 2006-09-25 15:58:48 14,640 ------w c:\windows\system32\spmsg.dll
+ 2007-07-27 07:41:40 16,760 ------w c:\windows\system32\spmsg.dll
- 2006-10-18 19:47:20 937,984 ----a-w c:\windows\system32\WMNetMgr.dll
+ 2008-06-18 03:03:08 938,496 ----a-w c:\windows\system32\WMNetmgr.dll
- 2006-10-18 19:47:22 2,450,944 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-18 03:03:14 2,458,112 ----a-w c:\windows\system32\WMVCore.dll
+ 2009-04-10 21:12:44 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_9c.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2006-03-02 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-04-09 148888]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
WinZip Quick Pick.lnk - c:\programmi\WinZip\WZQKPICK.EXE [2009-04-09 118784]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Metin2_Italiano\\metin2.bin"=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\programmi\Avira\AntiVir Desktop\sched.exe [2009-04-10 108289]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-10 23:16:15
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti:

**************************************************************************
.
Ora fine scansione: 2009-04-10 23.17.10
ComboFix-quarantined-files.txt 2009-04-10 21:17:08
ComboFix2.txt 2009-04-10 19:44:12
ComboFix3.txt 2009-04-10 13:57:01

Pre-Run: 154.389.168.128 byte disponibili
Post-Run: 154,415,845,376 byte disponibili

137 --- E O F --- 2009-04-10 19:53:43

[ste_95]

Il log di Combofix è pulito. Riesci a vedere su che file si blocca la scansione?

[grazioni2000]

sono riuscito a vedere su che file va in crashil pc durante la scansione avira antivirus c:\windows\softwaredistribution\download\...\hpfud50.dll grazie per l' aiuto .