can you help me?
combofix log :
ComboFix 09-06-14.02 - Luca 15/06/2009 10:41.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.511.190 [GMT 2:00]
Eseguito da: c:\documents and settings\Luca\desktop\abc.exe
Opzioni usate :: /killall
AV: Sistema Antivirus NOD32 2.51 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: ZoneAlarm Security Suite Antivirus *On-access scanning disabled* (Outdated) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
* Creato nuovo punto di ripristino
* Resident AV is active
.
((((((((((((((((((((((((( Files Creati Da 2009-05-15 al 2009-06-15 )))))))))))))))))))))))))))))))))))
.
2009-06-14 20:28 . 2009-06-14 20:30 -------- d-----w- c:\documents and settings\Luca\Dati applicazioni\VSO
2009-06-14 20:26 . 2009-06-14 20:26 -------- d-----w- c:\programmi\VSO
2009-06-13 16:48 . 2006-08-01 13:02 49152 ----a-w- c:\windows\system32\ChCfg.exe
2009-06-13 16:46 . 2009-06-13 16:46 -------- d-----w- c:\programmi\Realtek AC97
2009-06-13 16:46 . 2006-12-08 13:20 10528768 ----a-w- c:\windows\system32\RTLCPL.exe
2009-06-13 16:46 . 2006-10-18 00:53 147456 ----a-w- c:\windows\system32\RtlCPAPI.dll
2009-06-13 16:46 . 2006-07-31 09:27 217088 ----a-w- c:\windows\Alcrmv.exe
2009-06-13 16:46 . 2006-07-31 09:19 315392 ----a-w- c:\windows\alcupd.exe
2009-06-12 16:44 . 2009-06-12 16:47 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2009-06-11 10:08 . 2009-06-11 10:08 -------- d-----w- c:\programmi\AMR to MP3 Converter
2009-06-11 10:02 . 2009-06-11 10:07 -------- d-----w- c:\programmi\AMR_MP3
2009-06-09 18:06 . 2009-06-09 18:06 494600 ---ha-w- c:\windows\system32\mlfcache.dat
2009-06-04 11:38 . 2009-06-12 17:02 -------- d-----w- c:\programmi\Spyware Terminator
2009-06-03 16:18 . 2009-06-03 16:18 -------- d-----w- c:\programmi\iPod
2009-06-03 16:10 . 2009-06-03 16:12 -------- d-----w- c:\programmi\QuickTime
2009-06-03 15:59 . 2009-06-03 15:59 75048 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-05-24 17:38 . 2009-06-10 11:51 -------- d---a-w- c:\programmi\amplcml
2009-05-24 17:31 . 2009-05-24 17:40 -------- d-----w- c:\programmi\AMPLWIN
2009-05-24 17:31 . 2009-05-24 17:31 286720 ------w- c:\windows\Setup1.exe
2009-05-24 17:31 . 2009-05-24 17:31 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-05-20 15:56 . 2009-05-20 15:56 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-05-17 21:00 . 2009-05-17 21:00 -------- d-----w- c:\programmi\Sophos
2009-05-17 18:07 . 2009-05-17 18:07 -------- d-----w- c:\windows\BDOSCAN8
2009-05-17 18:00 . 2009-05-17 18:03 -------- d-----w- c:\documents and settings\Luca\Pavark
2009-05-17 17:25 . 2009-05-17 17:30 -------- d-----w- c:\documents and settings\Luca\.housecall6.6
2009-05-17 17:11 . 2009-05-17 17:13 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\avg8
2009-05-17 17:11 . 2009-05-17 17:11 -------- d-----w- c:\programmi\AVG
2009-05-17 17:02 . 2009-05-17 17:02 796 ----a-w- c:\documents and settings\All Users\Dati applicazioni\PrevxCSI\remcsi.bat
2009-05-17 16:18 . 2009-05-17 16:18 27656 ----a-w- c:\windows\system32\drivers\pxsec.sys
2009-05-17 16:18 . 2009-05-17 16:18 22024 ----a-w- c:\windows\system32\drivers\pxscan.sys
2009-05-17 16:18 . 2009-05-17 16:18 795704 ----a-w- c:\documents and settings\All Users\Dati applicazioni\PrevxCSI\~PrevxCSIUpdate.exe
2009-05-17 16:15 . 2009-05-17 16:15 -------- d-----w- c:\programmi\PrevxCSI
2009-05-17 16:15 . 2009-05-17 17:03 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PrevxCSI
2009-05-17 10:04 . 2009-05-17 10:04 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-05-17 10:00 . 2009-05-17 10:00 -------- d-----w- c:\programmi\MSSOAP
2009-05-17 09:59 . 2009-05-17 09:59 -------- d-----w- c:\programmi\Webroot
2009-05-16 16:50 . 2009-05-16 18:36 -------- d-----w- c:\programmi\Holdem Indicator
2009-05-16 16:46 . 2009-05-16 16:54 -------- d-----w- c:\programmi\Holdem Spy
2009-05-16 15:25 . 2009-06-04 12:53 -------- d-----w- c:\programmi\Tournament Indicator
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-15 08:53 . 2009-03-28 16:46 40407072 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-15 08:48 . 2009-03-28 16:46 478676 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-15 08:10 . 2007-11-20 19:29 -------- d-----w- c:\programmi\Mozilla Thunderbird
2009-06-13 16:46 . 2007-11-20 18:46 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-06-13 16:28 . 2009-02-15 12:37 -------- d-----w- c:\programmi\PokerStars.IT
2009-06-12 17:00 . 2008-10-18 11:13 -------- d-----w- c:\programmi\AW-SYS Demo
2009-06-12 16:47 . 2007-11-20 18:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-06-03 21:10 . 2009-06-04 09:52 2748928 ----a-w- c:\windows\Internet Logs\xDBE.tmp
2009-06-03 16:18 . 2008-01-19 17:31 -------- d-----w- c:\programmi\iTunes
2009-06-03 16:18 . 2007-11-20 20:32 -------- d-----w- c:\programmi\File comuni\Apple
2009-05-18 15:46 . 2009-05-18 15:47 1634816 ----a-w- c:\windows\Internet Logs\xDBD.tmp
2009-05-18 15:46 . 2009-05-18 15:47 24064 ----a-w- c:\windows\Internet Logs\xDBC.tmp
2009-05-17 22:39 . 2009-05-18 11:26 1452544 ----a-w- c:\windows\Internet Logs\xDBB.tmp
2009-05-16 19:18 . 2009-05-16 19:56 3026432 ----a-w- c:\windows\Internet Logs\xDB9.tmp
2009-05-16 19:18 . 2009-05-16 19:56 1590272 ----a-w- c:\windows\Internet Logs\xDBA.tmp
2009-05-16 18:23 . 2007-12-01 15:26 -------- d-----w- c:\documents and settings\Luca\Dati applicazioni\Azureus
2009-05-14 18:02 . 2007-11-20 19:01 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-05-14 08:25 . 2009-05-14 08:25 -------- d-----w- c:\documents and settings\Luca\Dati applicazioni\Windows Search
2009-05-14 08:22 . 2009-05-14 08:18 -------- d-----w- c:\documents and settings\Luca\Dati applicazioni\Windows Desktop Search
2009-05-14 08:22 . 2009-05-14 08:16 -------- d-----w- c:\programmi\Windows Desktop Search
2009-05-14 08:16 . 2001-08-31 11:00 91384 ----a-w- c:\windows\system32\perfc010.dat
2009-05-14 08:16 . 2001-08-31 11:00 510642 ----a-w- c:\windows\system32\perfh010.dat
2009-05-08 12:27 . 2009-05-08 12:27 -------- d-----w- c:\programmi\Microsoft Silverlight
2009-05-07 20:47 . 2009-05-07 20:47 -------- d-----w- c:\documents and settings\Luca\Dati applicazioni\4h soft
2009-05-06 18:57 . 2009-05-06 18:57 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\4h soft
2009-05-06 18:53 . 2009-05-06 18:50 -------- d-----w- c:\programmi\Poker Pal Pro Edition
2009-05-06 18:11 . 2008-12-08 21:46 802464 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-05-06 16:43 . 2009-05-06 16:43 -------- d-----w- c:\programmi\CID Engineering
2009-05-06 16:10 . 2009-01-21 16:36 -------- d-----w- c:\documents and settings\Luca\Dati applicazioni\Skype
2009-05-03 13:28 . 2009-05-03 16:57 2934272 ----a-w- c:\windows\Internet Logs\xDB8.tmp
2009-04-27 18:17 . 2007-12-01 15:17 -------- d-----w- c:\programmi\Azureus
2009-04-25 10:30 . 2008-06-04 11:30 -------- d-----w- c:\programmi\Messenger Plus! Live
2009-04-21 17:26 . 2009-03-28 16:28 4212 ---h--w- c:\windows\system32\zllictbl.dat
2009-04-12 12:10 . 2009-04-12 14:19 90112 ----a-w- c:\windows\Internet Logs\xDB7.tmp
2009-04-10 12:11 . 2009-04-11 10:03 173568 ----a-w- c:\windows\Internet Logs\xDB6.tmp
2009-04-07 20:32 . 2009-04-08 09:41 1776128 ----a-w- c:\windows\Internet Logs\xDB5.tmp
2009-04-04 09:53 . 2009-04-04 11:14 138240 ----a-w- c:\windows\Internet Logs\xDB4.tmp
2009-04-01 12:31 . 2009-04-01 19:58 67584 ----a-w- c:\windows\Internet Logs\xDB3.tmp
2009-03-30 21:42 . 2009-03-31 07:33 53248 ----a-w- c:\windows\Internet Logs\xDB2.tmp
2009-03-29 20:57 . 2009-03-30 06:37 351744 ----a-w- c:\windows\Internet Logs\xDB1.tmp
2009-03-19 14:32 . 2009-03-19 14:32 23400 ----a-w- c:\documents and settings\All Users\Dati applicazioni\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-19 14:32 . 2008-01-29 10:01 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2008-04-23 08:59 . 2008-04-23 08:59 2766 ----a-w- c:\programmi\krnkcptp.txt
.
((((((((((((((((((((((((((((( SnapShot@2009-06-12_16.02.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-15 08:50 . 2009-06-15 08:50 16384 c:\windows\temp\Perflib_Perfdata_6b0.dat
+ 2009-06-13 16:47 . 2002-10-28 06:38 47104 c:\windows\system32\ReinstallBackups\0003\DriverFiles\SOUNDMAN.EXE
+ 2009-06-13 16:47 . 2008-04-13 17:14 23552 c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\wdmaud.drv
+ 2009-06-13 16:47 . 2008-04-13 09:45 49408 c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\stream.sys
+ 2009-06-13 16:47 . 2008-04-13 09:45 60160 c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\drmk.sys
- 2009-05-26 16:45 . 2009-05-26 16:45 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-05-26 16:45 . 2009-06-13 12:24 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2005-11-05 01:55 . 2008-04-13 09:45 49408 c:\windows\system32\dllcache\stream.sys
+ 2007-11-20 18:48 . 2008-04-13 09:45 60160 c:\windows\system32\dllcache\drmk.sys
+ 2009-06-13 16:47 . 2008-04-13 17:13 4096 c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\ksuser.dll
+ 2007-11-20 18:48 . 2008-04-13 17:13 4096 c:\windows\system32\dllcache\ksuser.dll
+ 2009-06-13 16:47 . 2008-04-13 10:19 146048 c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\portcls.sys
+ 2009-06-13 16:47 . 2008-04-13 10:16 141056 c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\ks.sys
+ 2009-06-13 16:47 . 2002-10-28 06:38 947884 c:\windows\system32\ReinstallBackups\0003\DriverFiles\ALCXWDM.SYS
+ 2007-11-20 18:48 . 2008-04-13 10:19 146048 c:\windows\system32\dllcache\portcls.sys
+ 2004-08-03 23:15 . 2008-04-13 10:16 141056 c:\windows\system32\dllcache\ks.sys
+ 2009-06-15 08:35 . 2009-06-15 08:34 398336 c:\windows\system32\CF4770.exe
+ 2007-11-20 20:47 . 2007-04-16 13:28 577536 c:\windows\soundman.exe
+ 2007-11-20 20:47 . 2008-09-24 08:40 4122368 c:\windows\system32\drivers\alcxwdm.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"nod32kui"="c:\programmi\Eset\nod32kui.exe" [2008-04-24 921600]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-04-14 536576]
"ZoneAlarm Client"="c:\programmi\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2009-05-26 413696]
"AppleSyncNotifier"="c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-13 177472]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2009-05-30 292136]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-10-22 1622016]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-03-08 128512]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Windows Search.lnk - c:\programmi\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
[BU]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^Luca^Menu Avvio^Programmi^Esecuzione automatica^Adobe Gamma.lnk]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\eMule\\emule.exe"=
"c:\\Programmi\\Azureus\\Azureus.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Programmi\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Programmi\\B2BPOKER\\Pokerdassi\\jre\\bin\\javaw.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [17/05/2009 18:18 22024]
R0 pxsec;pxsec;c:\windows\system32\drivers\pxsec.sys [17/05/2009 18:18 27656]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\20A.tmp --> c:\windows\system32\20A.tmp [?]
.
Contenuto della cartella 'Scheduled Tasks'
2009-06-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-04-11 11:34]
2009-06-28 c:\windows\Tasks\User_Feed_Synchronization-{3E8B6A21-0FB4-4BFE-969D-705008ADB693}.job
- c:\windows\system32\msfeedssync.exe [2007-01-03 02:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://news.google.it/nwshp?hl=it&tab=wn
uInternet Settings,ProxyOverride = *.local
IE: Aggiungi a PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti destinazione link in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{4C826F10-D34B-4ba8-B609-1FB8C6482A05}
IE: {{C4046502-6524-4d87-896C-878F57D1FF07} - c:\programmi\PokerStars.IT\PokerStarsUpdate.exe
LSP: c:\windows\system32\imon.dll
DPF: {20DA7177-A7B6-48E6-9270-FDBC67B49175} - hxxps://fieldsrv.skytv.it/ecommunications_ita/20420/applets/SiebelAx_Configurator.cab
DPF: {4FE7BF79-03CD-4CE2-9451-3788C468BC92} - hxxps://fieldsrv.skytv.it/ecommunications_ita/20420/applets/SiebelAx_Marketing_Allocation.cab
DPF: {76B341CF-A03A-4D10-88E1-71DBBB5075D5} - hxxps://fieldsrv.skytv.it/ecommunications_ita/20420/applets/SiebelAx_Prodselection.cab
DPF: {83AA6A38-E444-4E0B-9BA7-53A5DE6B7972} - hxxps://fieldsrv.skytv.it/ecommunications_ita/20420/applets/SiebelAx_Marketing_Calendar.cab
DPF: {8C244272-1DC1-4CE7-9C6C-FABCA09EB543} - hxxps://fieldsrv.skytv.it/ecommunications_ita/20420/applets/SiebelAx_Desktop_Integration.cab
DPF: {AEC5658A-AC73-40F8-8910-3003105A6710} - hxxps://fieldsrv.skytv.it/ecommunications_ita/20420/applets/SiebelAx_iHelp.cab
DPF: {C684E71E-3EEE-4A9B-A3B5-60C41F8E3CC1} - hxxps://fieldsrv.skytv.it/ecommunications_ita/20420/applets/SiebelAx_Catalog_Navigator.cab
DPF: {CD9C0F1B-D8F9-4229-B76C-5EF6B14372E4} - hxxps://fieldsrv.skytv.it/ecommunications_ita/20420/applets/SiebelAx_HI_Client.cab
FF - ProfilePath -
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-15 10:52
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\20A.tmp"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'lsass.exe'(792)
c:\windows\system32\imon.dll
c:\programmi\Eset\pr_imon.dll
- - - - - - - > 'explorer.exe'(3416)
c:\programmi\Windows Desktop Search\deskbar.dll
c:\programmi\Windows Desktop Search\it-it\dbres.dll.mui
c:\programmi\Windows Desktop Search\dbres.dll
c:\programmi\Windows Desktop Search\wordwheel.dll
c:\programmi\Windows Desktop Search\it-it\msnlExtRes.dll.mui
c:\programmi\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\programmi\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\programmi\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\programmi\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ita.nlr
c:\programmi\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\ZoneLabs\vsmon.exe
c:\programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programmi\Bonjour\mDNSResponder.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Nero\Nero8\Nero BackItUp\NBService.exe
c:\programmi\ESET\nod32krn.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\windows\system32\CF4770.exe
c:\windows\system32\searchindexer.exe
c:\programmi\iPod\bin\iPodService.exe
.
**************************************************************************
.
Ora fine scansione: 2009-06-15 11:06 - Il pc č stato riavviato
ComboFix-quarantined-files.txt 2009-06-15 09:06
ComboFix2.txt 2009-06-12 16:16
ComboFix3.txt 2009-01-20 20:16
Pre-Run: 28,767,399,936 byte disponibili
Post-Run: 28,803,891,200 byte disponibili
WindowsXP-KB310994-SP2-Pro-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
281 --- E O F --- 2009-05-14 18:02
Sign In
Create Account
