ComboFix 10-12-15.06 - Mario Scalia 16/12/2010  11.12.46.2.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.39.1040.18.2046.1449 [GMT 1:00]
Eseguito da: c:\documents and settings\Mario Scalia\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\Mario Scalia\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
FILE ::
"c:\windows\CLEANUP.CMD"
.
(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\temp
c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}\lxbu\lxbucfg.dll
c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}\lxbu\lxbugf.dll
c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}\lxbu\lxbuins.dll
c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}\lxbu\lxbuinsb.dll
c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}\lxbu\lxbuinsr.dll
c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}\lxbu\lxbuinst.exe
c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}\lxbu\lxbujswr.dll
c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}\lxbu\lxbuutil.dll
c:\windows\CLEANUP.CMD
.
(((((((((((((((((((((((((   Files Creati Da 2010-11-16 al 2010-12-16  )))))))))))))))))))))))))))))))))))
.
2010-12-15 16:19 . 2010-12-15 16:19	89088	----a-w-	C:\mbr.exe
2010-12-15 09:57 . 2010-11-02 15:17	40960	-c----w-	c:\windows\system32\dllcache\ndproxy.sys
2010-12-15 09:56 . 2010-10-11 14:59	45568	-c----w-	c:\windows\system32\dllcache\wab.exe
2010-12-13 11:47 . 2010-12-13 12:03	16968	----a-w-	c:\windows\system32\drivers\hitmanpro35.sys
2010-12-13 11:42 . 2010-12-13 11:42	--------	d-----w-	c:\documents and settings\All Users\Dati applicazioni\Hitman Pro
2010-12-13 11:24 . 2010-12-13 11:24	--------	d-----w-	c:\windows\Sun
2010-12-12 10:59 . 2010-12-12 11:00	--------	dc-h--w-	c:\windows\ie8
2010-12-08 10:09 . 2010-11-29 16:42	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-08 10:09 . 2010-12-08 10:09	--------	d-----w-	c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-12-08 10:09 . 2010-12-09 16:22	--------	d-----w-	c:\programmi\Malwarebytes' Anti-Malware
2010-12-08 10:09 . 2010-11-29 16:42	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-12-07 15:59 . 2008-03-02 02:28	206608	----a-w-	c:\windows\system32\drivers\TMPassthru.sys
2010-12-07 15:59 . 2010-12-07 15:59	--------	d-----w-	c:\programmi\Trend Micro
2010-12-03 15:42 . 2010-12-03 15:43	--------	d-----w-	c:\windows\system32\autorun
2010-11-28 16:37 . 2010-12-02 09:41	--------	d---a-w-	c:\documents and settings\All Users\Dati applicazioni\TEMP
2010-11-28 16:30 . 2007-05-13 11:24	86683	----a-w-	c:\windows\system32\pthreadGC2.dll
2010-11-28 16:30 . 2010-11-28 16:30	--------	d-----w-	c:\programmi\AoA Audio Extractor
2010-11-28 16:29 . 2010-11-28 16:29	--------	d-----w-	c:\programmi\MP3Gain
2010-11-27 15:48 . 2010-11-27 15:48	--------	d-----w-	c:\documents and settings\All Users\Dati applicazioni\eConsole
2010-11-26 22:14 . 2009-08-06 18:23	274288	----a-w-	c:\windows\system32\mucltui.dll
2010-11-26 12:28 . 2010-11-26 12:28	--------	d-----w-	c:\programmi\Ashampoo
2010-11-26 12:21 . 2010-11-26 12:21	--------	d-----w-	c:\programmi\Paint.NET
2010-11-26 12:19 . 2010-11-26 12:19	--------	d-----w-	c:\programmi\FotoSketcher
2010-11-26 12:16 . 2010-11-26 12:16	--------	d-----w-	c:\programmi\FreeTime
2010-11-26 12:14 . 2010-11-26 12:14	--------	d-----w-	c:\programmi\Ambient Design
2010-11-25 22:50 . 2010-04-28 05:41	2070528	-c----w-	c:\windows\system32\dllcache\ntkrnlpa.exe
2010-11-25 22:50 . 2010-04-28 05:41	2028032	-c----w-	c:\windows\system32\dllcache\ntkrpamp.exe
2010-11-25 22:50 . 2010-02-24 13:11	455680	-c----w-	c:\windows\system32\dllcache\mrxsmb.sys
2010-11-25 17:56 . 2010-11-25 17:56	--------	d-----w-	c:\programmi\File comuni\DivX Shared
2010-11-25 17:55 . 2010-11-25 17:57	--------	d-----w-	c:\programmi\DivX
2010-11-25 17:54 . 2010-11-25 17:57	--------	d-----w-	c:\documents and settings\All Users\Dati applicazioni\DivX
2010-11-25 17:51 . 2010-11-25 17:51	--------	d-----w-	c:\programmi\VideoLAN
2010-11-25 17:50 . 2010-11-25 17:50	--------	d-----w-	c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2010-11-25 17:45 . 2010-11-25 17:45	--------	d-----w-	c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Google
2010-11-25 17:45 . 2010-12-14 12:03	--------	d-----w-	c:\programmi\Google
2010-11-25 17:16 . 2010-12-14 13:15	--------	d-----w-	c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2010-11-25 17:16 . 2010-11-28 12:33	--------	d-----w-	c:\programmi\Spybot - Search & Destroy
2010-11-25 17:11 . 2010-11-25 17:11	--------	d-----w-	c:\programmi\7-Zip
2010-11-25 16:29 . 2010-02-10 20:20	593920	------w-	c:\windows\system32\ati2sgag.exe
2010-11-25 15:30 . 2010-11-25 16:39	--------	d-----w-	c:\programmi\Microsoft Silverlight
2010-11-25 15:30 . 2010-11-25 15:30	--------	d-----w-	c:\programmi\Microsoft
2010-11-25 15:30 . 2010-11-25 15:30	--------	d-----w-	c:\programmi\Windows Live SkyDrive
2010-11-25 15:29 . 2010-11-25 15:30	--------	d-----w-	c:\programmi\Windows Live
2010-11-25 15:25 . 2010-11-25 15:25	--------	d-----w-	c:\programmi\File comuni\Windows Live
2010-11-25 15:18 . 2010-11-25 15:18	--------	d-----w-	c:\programmi\File comuni\Adobe
2010-11-25 14:29 . 2006-06-29 12:07	14048	------w-	c:\windows\system32\spmsg2.dll
2010-11-25 12:38 . 2010-11-25 12:38	0	----a-w-	c:\windows\ativpsrm.bin
2010-11-25 12:13 . 2010-11-26 11:08	--------	d-----w-	c:\programmi\ATI Technologies
2010-11-25 12:12 . 2010-02-10 20:20	212992	----a-w-	c:\programmi\File comuni\InstallShield\Engine\6\Intel 32\ILog.dll
2010-11-25 12:12 . 2010-11-25 12:12	--------	d-----w-	C:\ATI
2010-11-25 11:57 . 2010-11-25 11:57	--------	d-----w-	c:\programmi\SIW
2010-11-25 11:44 . 2010-11-25 12:45	--------	d-----w-	c:\documents and settings\All Users\Dati applicazioni\NVIDIA Corporation
2010-11-25 11:44 . 2010-11-25 12:47	--------	d-----w-	c:\programmi\NVIDIA Corporation
2010-11-25 11:29 . 2010-11-26 12:45	--------	d-----w-	c:\programmi\CCleaner
2010-11-25 11:13 . 2010-11-25 11:13	--------	d-----w-	c:\programmi\File comuni\Java
2010-11-25 11:12 . 2010-11-25 11:12	73728	----a-w-	c:\windows\system32\javacpl.cpl
2010-11-25 11:12 . 2010-11-25 11:12	472808	----a-w-	c:\windows\system32\deployJava1.dll
2010-11-25 11:12 . 2010-11-25 11:12	--------	d-----w-	c:\programmi\Java
2010-11-25 11:04 . 2010-11-25 16:37	--------	d-----w-	c:\programmi\Microsoft Works
2010-11-25 11:02 . 2008-04-14 02:13	26624	----a-w-	c:\documents and settings\LocalService\Dati applicazioni\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-11-25 10:41 . 2010-10-18 11:10	7680	-c----w-	c:\windows\system32\dllcache\iecompat.dll
2010-11-25 10:40 . 2010-11-06 00:21	12800	-c----w-	c:\windows\system32\dllcache\xpshims.dll
2010-11-25 10:40 . 2010-11-06 00:21	602112	-c----w-	c:\windows\system32\dllcache\msfeeds.dll
2010-11-25 10:40 . 2010-11-06 00:21	55296	-c----w-	c:\windows\system32\dllcache\msfeedsbs.dll
2010-11-25 10:40 . 2010-11-06 00:21	247808	-c----w-	c:\windows\system32\dllcache\ieproxy.dll
2010-11-25 10:40 . 2010-11-06 00:21	1991680	-c----w-	c:\windows\system32\dllcache\iertutil.dll
2010-11-25 10:40 . 2010-11-06 00:21	743424	-c----w-	c:\windows\system32\dllcache\iedvtool.dll
2010-11-25 10:40 . 2010-11-06 00:21	11080704	-c----w-	c:\windows\system32\dllcache\ieframe.dll
2010-11-25 10:32 . 2010-11-25 14:29	--------	d-----w-	c:\windows\system32\XPSViewer
2010-11-25 10:32 . 2010-11-25 10:32	--------	d-----w-	c:\programmi\MSBuild
2010-11-25 10:32 . 2010-11-25 10:32	--------	d-----w-	c:\programmi\Reference Assemblies
2010-11-25 10:31 . 2008-07-06 12:06	89088	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-11-25 10:31 . 2010-11-25 10:31	--------	d-----w-	C:\4d7de5352e7bd3f96994a1c9c20a
2010-11-25 10:31 . 2008-07-06 12:06	89088	-c----w-	c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-11-25 10:31 . 2008-07-06 12:06	575488	-c----w-	c:\windows\system32\dllcache\xpsshhdr.dll
2010-11-25 10:31 . 2008-07-06 12:06	575488	------w-	c:\windows\system32\xpsshhdr.dll
2010-11-25 10:31 . 2008-07-06 12:06	1676288	-c----w-	c:\windows\system32\dllcache\xpssvcs.dll
2010-11-25 10:31 . 2008-07-06 12:06	1676288	------w-	c:\windows\system32\xpssvcs.dll
2010-11-25 10:31 . 2008-07-06 12:06	117760	------w-	c:\windows\system32\prntvpt.dll
2010-11-25 10:31 . 2008-07-06 10:50	597504	-c----w-	c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-11-25 10:31 . 2008-07-06 10:50	597504	------w-	c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-11-25 10:27 . 2010-11-25 10:27	--------	d-----w-	c:\programmi\Windows Media Connect 2
2010-11-25 10:25 . 2010-11-25 10:26	--------	d-----w-	c:\windows\system32\drivers\UMDF
2010-11-25 10:25 . 2010-11-25 10:25	--------	d-----w-	c:\windows\system32\LogFiles
2010-11-25 10:24 . 2010-08-16 08:44	590848	-c----w-	c:\windows\system32\dllcache\rpcrt4.dll
2010-11-25 10:24 . 2010-09-18 06:53	953856	-c----w-	c:\windows\system32\dllcache\mfc40u.dll
2010-11-25 10:24 . 2010-09-18 06:53	974848	-c----w-	c:\windows\system32\dllcache\mfc42.dll
2010-11-25 10:23 . 2010-08-23 16:12	617472	-c----w-	c:\windows\system32\dllcache\comctl32.dll
2010-11-25 10:22 . 2010-06-18 13:36	3558912	-c----w-	c:\windows\system32\dllcache\moviemk.exe
2010-11-25 10:22 . 2010-08-26 13:39	357248	-c----w-	c:\windows\system32\dllcache\srv.sys
2010-11-25 09:54 . 2010-11-25 09:57	--------	d-----w-	c:\programmi\Abbyy FineReader 6.0 Sprint
2010-11-25 09:53 . 2010-11-25 09:53	--------	d-----w-	c:\programmi\Lexmark_6200 Series
2010-11-25 09:53 . 2004-11-22 12:30	12288	----a-w-	c:\windows\system32\LXPMONRC.DLL
2010-11-25 09:53 . 2004-11-22 12:27	32768	----a-w-	c:\windows\system32\LXPRMON.DLL
2010-11-25 09:53 . 2004-11-22 12:26	20480	----a-w-	c:\windows\system32\LXPMONUI.DLL
2010-11-25 09:53 . 2003-03-11 17:26	49152	----a-r-	c:\windows\system32\IM31IMG.DIL
2010-11-25 09:53 . 2003-03-11 17:26	98345	----a-r-	c:\windows\system32\IMHOST32.DLL
2010-11-25 09:53 . 2003-03-11 17:26	98304	----a-r-	c:\windows\system32\IM31XPNG.DEL
2010-11-25 09:53 . 2003-03-11 17:26	69632	----a-r-	c:\windows\system32\IM31XTIF.DEL
2010-11-25 09:53 . 2003-03-11 17:26	339968	----a-r-	c:\windows\system32\IMGMAN32.DLL
2010-11-25 09:53 . 2010-11-25 09:53	--------	d-----w-	c:\programmi\Lexmark Fax Solutions
2010-11-25 09:53 . 2010-11-25 09:53	--------	d-----w-	c:\documents and settings\All Users\Dati applicazioni\FaxCtr
2010-11-25 09:42 . 2010-12-15 16:28	--------	d-----w-	c:\programmi\Lx_cats
2010-11-25 09:39 . 2008-04-13 18:47	25856	-c--a-w-	c:\windows\system32\dllcache\usbprint.sys
2010-11-25 09:39 . 2008-04-13 18:47	25856	----a-w-	c:\windows\system32\drivers\usbprint.sys
2010-11-25 09:35 . 2010-11-25 09:35	--------	d-----w-	c:\programmi\Philips
2010-11-25 09:35 . 2005-02-26 15:25	91527	----a-w-	c:\windows\system32\drivers\usbVM31b.sys
2010-11-25 09:35 . 2004-12-18 08:58	245820	----a-w-	c:\windows\system32\VM31bPrp.Ax
2010-11-25 09:35 . 2004-06-09 14:37	40960	----a-w-	c:\windows\VM_STI.EXE
2010-11-25 09:35 . 2004-04-26 14:48	53248	----a-w-	c:\windows\amcap.exe
2010-11-25 09:35 . 2003-05-15 16:17	61440	----a-w-	c:\windows\system32\VM31bSTI.dll
2010-11-25 09:35 . 2002-08-22 15:34	147456	----a-w-	c:\windows\VMCap.exe
2010-11-25 09:35 . 2010-11-25 09:35	--------	d-----w-	c:\windows\Options
2010-11-25 09:01 . 2010-12-12 11:03	--------	d-----w-	c:\windows\system32\it-it
2010-11-25 09:01 . 2010-11-25 09:01	--------	d-----w-	c:\windows\system32\it
2010-11-25 09:01 . 2010-11-25 09:01	--------	d-----w-	c:\windows\system32\bits
2010-11-25 09:01 . 2010-11-25 09:01	--------	d-----w-	c:\windows\l2schemas
2010-11-25 08:54 . 2010-11-25 08:54	--------	d-----w-	c:\windows\EHome
2010-11-25 08:35 . 2010-11-25 08:59	--------	d-----w-	c:\windows\ServicePackFiles
2010-11-25 08:33 . 2010-11-29 14:27	60416	----a-w-	c:\windows\ALCFDRTM.VER
2010-11-25 08:33 . 2010-11-25 08:33	60416	----a-w-	c:\windows\ALCFDRTM.EXE
2010-11-25 08:33 . 2010-11-25 08:33	--------	d-----w-	c:\windows\system32\Lang
2010-11-25 08:32 . 2008-04-14 02:13	221184	----a-w-	c:\windows\system32\wmpns.dll
2010-11-25 08:30 . 2010-11-25 08:30	--------	d-----w-	c:\programmi\MSXML 4.0
2010-11-25 08:30 . 2008-06-14 17:32	272768	-c----w-	c:\windows\system32\dllcache\bthport.sys
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:12 . 2004-08-19 05:00	86016	----a-w-	c:\windows\system32\isign32.dll
2010-11-06 00:21 . 2006-01-09 17:59	916480	----a-w-	c:\windows\system32\wininet.dll
2010-11-06 00:21 . 2004-08-19 05:00	43520	------w-	c:\windows\system32\licmgr10.dll
2010-11-06 00:21 . 2004-08-19 05:00	1469440	------w-	c:\windows\system32\inetcpl.cpl
2010-11-03 12:26 . 2004-08-19 05:00	385024	----a-w-	c:\windows\system32\html.iec
2010-11-02 15:17 . 2004-08-19 05:00	40960	----a-w-	c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2004-08-19 05:00	290048	----a-w-	c:\windows\system32\atmfd.dll
2010-10-26 14:05 . 2005-10-06 03:08	1853312	----a-w-	c:\windows\system32\win32k.sys
2010-09-18 11:23 . 2004-08-19 05:00	974848	----a-w-	c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-19 05:00	974848	----a-w-	c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2004-08-19 05:00	954368	----a-w-	c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2004-08-19 05:00	953856	----a-w-	c:\windows\system32\mfc40u.dll
.
(((((((((((((((((((((((((((((   SnapShot@2010-12-15_16.45.19   )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-12-16 09:52 . 2010-12-16 09:52	16384              c:\windows\temp\Perflib_Perfdata_6b4.dat
+ 2010-12-15 19:49 . 2010-12-15 19:49	16384              c:\windows\temp\Perflib_Perfdata_600.dat
+ 2010-12-15 19:49 . 2010-12-15 19:49	16384              c:\windows\temp\Perflib_Perfdata_284.dat
- 2010-12-15 15:37 . 2010-12-15 15:37	16384              c:\windows\temp\Perflib_Perfdata_284.dat
- 2006-05-15 13:13 . 2010-11-29 12:36	84872              c:\windows\system32\perfc010.dat
+ 2006-05-15 13:13 . 2010-12-15 17:15	84872              c:\windows\system32\perfc010.dat
+ 2006-05-15 13:13 . 2010-12-15 17:15	71868              c:\windows\system32\perfc009.dat
- 2006-05-15 13:13 . 2010-11-29 12:36	71868              c:\windows\system32\perfc009.dat
+ 2006-05-15 13:13 . 2010-12-15 17:15	490660              c:\windows\system32\perfh010.dat
- 2006-05-15 13:13 . 2010-11-29 12:36	490660              c:\windows\system32\perfh010.dat
+ 2006-05-15 13:13 . 2010-12-15 17:15	442602              c:\windows\system32\perfh009.dat
- 2006-05-15 13:13 . 2010-11-29 12:36	442602              c:\windows\system32\perfh009.dat
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati. 
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\programmi\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"SoundMan"="SOUNDMAN.EXE" [2005-09-22 90112]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-19 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-19 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"Acer Empowering Technology Monitor"="c:\windows\system32\SysMonitor.exe" [2006-04-18 49152]
"LXBUCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll" [2004-11-02 69632]
"TMRUBottedTray"="c:\programmi\Trend Micro\RUBotted\TMRUBottedTray.exe" [2008-11-06 288088]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Acer WLAN 11g USB Dongle.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Acer WLAN 11g USB Dongle.lnk
backup=c:\windows\pss\Acer WLAN 11g USB Dongle.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^TrayMin300.exe.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\TrayMin300.exe.lnk
backup=c:\windows\pss\TrayMin300.exe.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 22:07	932288	----a-r-	c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 03:47	35760	----a-w-	c:\programmi\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AspireService]
2006-06-09 11:24	110592	----a-w-	c:\programmi\Acer\Acer eMode Management\AspireService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath]
2004-06-09 14:37	40960	----a-w-	c:\windows\VM_STI.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04	1164584	----a-w-	c:\programmi\DivX\DivX Update\DivXUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
2006-06-01 13:40	413696	----a-w-	c:\acer\Empowering Technology\eRecovery\eRAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
2004-09-17 17:24	61440	----a-w-	c:\programmi\Lexmark 6200 Series\ezprint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
2004-11-22 12:29	299008	----a-w-	c:\programmi\Lexmark Fax Solutions\fm3032.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxbumon.exe]
2005-01-18 14:37	196608	----a-w-	c:\programmi\Lexmark 6200 Series\lxbumon.exE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaSync]
2006-05-04 13:55	425984	----a-w-	c:\programmi\Acer\Acer eConsole\MediaSync.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
2005-05-11 16:15	45056	----a-w-	c:\programmi\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2006-03-29 20:50	143360	------w-	c:\program files\Acer TV-FM\PCMService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 18:24	32768	----a-w-	c:\programmi\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44	248552	----a-w-	c:\programmi\File comuni\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Acer TV-FM\\PowerCinema.exe"=
"c:\\Program Files\\Acer TV-FM\\PCMService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1108000.005\symds.sys [24/11/2010 19.55.52 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1108000.005\symefa.sys [24/11/2010 19.55.52 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20101123.003\BHDrvx86.sys [23/11/2010 3.20.07 691248]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1108000.005\cchpx86.sys [24/11/2010 19.55.52 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1108000.005\ironx86.sys [24/11/2010 19.55.52 116784]
R2 NIS;Norton Internet Security;c:\programmi\Norton Internet Security\Engine\17.8.0.5\ccsvchst.exe [24/11/2010 19.55.38 126392]
R2 RUBotted;Trend Micro RUBotted Service;c:\programmi\Trend Micro\RUBotted\TMRUBotted.exe [07/12/2010 16.59.32 582992]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programmi\File comuni\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [05/12/2010 17.06.44 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20101213.001\IDSXpx86.sys [15/12/2010 10.56.50 341944]
R3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\TMPassthru.sys [07/12/2010 16.59.32 206608]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [25/11/2010 18.45.44 136176]
S2 Utilità di pianificazione di LiveUpdate automatico;Utilità di pianificazione di LiveUpdate automatico;"c:\programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe" 

 c:\programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe 
![Confuso [?]](http://www.megalab.it/forum/images/smilies/confused.gif)
S3 TMPassthru;Trend Micro Passthru Ndis Service;c:\windows\system32\drivers\TMPassthru.sys [07/12/2010 16.59.32 206608]
.
Contenuto della cartella 'Scheduled Tasks'
2010-12-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-11-25 17:45]
2010-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-11-25 17:45]
.
.
------- Scansione supplementare -------
.
uStart Page = 
hxxp://www.google.it/IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, 
http://www.gmer.netRootkit scan 2010-12-16 11:16
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ... 
scansione entrate autostart nascoste ... 
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  LXBUCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? 
Scansione files nascosti ... 
Scansione completata con successo
Files nascosti: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\programmi\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe\" /s \"NIS\" /m \"c:\programmi\Norton Internet Security\Engine\17.8.0.5\diMaster.dll\" /prefetch:1"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(964)
c:\windows\system32\Ati2evxx.dll
.
Ora fine scansione: 2010-12-16  11:18:16
ComboFix-quarantined-files.txt  2010-12-16 10:18
ComboFix2.txt  2010-12-15 16:46
Pre-Run: 136.072.069.120 byte disponibili
Post-Run: 136.062.267.392 byte disponibili
- - End Of File - - 6DF09B95D3EBF9F15CA40BF8B1EE9C3A