Olimpo Informatico

clagmail · Mortale pio Registrato: 28/05/08 23:31 Messaggi: 28

Ciao a tutti,
quando mi connetto si aprono in continuazione pagine pubblicitarie di internet explorer fino a rallentarmi il computer...
Premetto che su questo pc era installato MSN con le pubblicità (poi da me disinstallato senza ottenere risultati).
Ho già provato diversi antispyware e antivirus anche online ma niente... siete la mia ultima speranza!
Grazie in anticipo

bdoriano

Pulisci i files temporanei con ATF-Cleaner e/o CCleaner
Fai una scansione con Norman Malware Cleaner.
Riavvia il computer in modalità normale
Segui le istruzioni di questo topic per eseguire combofix.
Riferisci con un nuovo messaggio in questa discussione dell'esito: se ci sono stati problemi particolari, ecc. ecc. E riporta:
- Carica il log di Norman Malware Cleaner su WikiSend e posta il Forum Link che ti viene assegnato
- Il log di Combofix generalmente non è molto lungo, quindi postalo direttamente nel messaggio

clagmail · Mortale pio Registrato: 28/05/08 23:31 Messaggi: 28

Scusa il ritardo...
questo è il link:
NFix_2008-06-12_20-07-08.log
e questo è il combofix:
ComboFix 08-06-10.5 - Claudio 2008-06-12 21.37.23.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.39.1040.18.62 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Claudio\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Creati Da 2008-05-12 al 2008-06-12 )))))))))))))))))))))))))))))))))))
.

2008-06-12 19:32 . 2007-11-07 20:01 <DIR> d--h----- C:\Documents and Settings\Administrator\Risorse di stampa
2008-06-12 19:32 . 2007-11-07 20:01 <DIR> d--h----- C:\Documents and Settings\Administrator\Risorse di rete
2008-06-12 19:32 . 2007-11-07 20:01 <DIR> d-------- C:\Documents and Settings\Administrator\Preferiti
2008-06-12 19:32 . 2007-11-07 20:23 <DIR> d--h----- C:\Documents and Settings\Administrator\Modelli
2008-06-12 19:32 . 2007-11-07 20:01 <DIR> dr------- C:\Documents and Settings\Administrator\Menu Avvio
2008-06-12 19:32 . 2008-06-12 21:40 <DIR> d--h----- C:\Documents and Settings\Administrator\Impostazioni locali
2008-06-12 19:32 . 2007-11-07 20:01 <DIR> d-------- C:\Documents and Settings\Administrator\Documenti
2008-06-12 19:32 . 2007-11-07 20:01 <DIR> dr-h----- C:\Documents and Settings\Administrator\Dati applicazioni
2008-06-12 19:32 . 2008-06-12 19:32 <DIR> d-------- C:\Documents and Settings\Administrator
2008-06-11 09:56 . 2008-04-14 17:51 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-10 18:41 . 2008-06-10 18:42 <DIR> d-------- C:\Programmi\DivX
2008-05-31 01:22 . 2008-05-31 01:22 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2008-05-30 11:44 . 2008-05-30 11:44 <DIR> d-------- C:\Programmi\Spybot - Search & Destroy
2008-05-30 11:44 . 2008-05-30 12:30 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-05-30 10:31 . 2008-05-30 10:31 <DIR> d-------- C:\Programmi\Trend Micro
2008-05-26 18:51 . 2008-05-26 22:19 102 --a------ C:\Vcalc.ini
2008-05-26 18:42 . 2008-05-26 18:42 <DIR> d-------- C:\Programmi\ClockEach
2008-05-26 17:03 . 2008-06-12 21:33 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-26 17:03 . 2008-05-26 17:03 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-23 00:22 . 2008-05-23 00:22 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-23 00:22 . 2008-05-23 00:22 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-05-23 00:22 . 2008-05-23 00:22 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
2008-05-23 00:20 . 2008-05-23 00:20 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-05-23 00:20 . 2008-05-23 00:20 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-05-23 00:19 . 2008-05-23 00:19 352,401 --a------ C:\WINDOWS\system32\DivXMedia.ax
2008-05-23 00:19 . 2008-05-23 00:19 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2008-05-23 00:19 . 2008-05-23 00:19 161,096 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-05-23 00:19 . 2008-05-23 00:19 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
2008-05-23 00:19 . 2008-05-23 00:19 416 --a------ C:\WINDOWS\system32\dtu100.dll.manifest
2008-05-23 00:19 . 2008-05-23 00:19 416 --a------ C:\WINDOWS\system32\dpl100.dll.manifest
2008-05-23 00:18 . 2008-05-23 00:18 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-21 23:17 . 2008-05-21 23:19 <DIR> d-------- C:\Programmi\McDonaldsDragons
2008-05-19 10:16 . 2008-05-19 10:18 <DIR> d-------- C:\Programmi\McDonaldsFairies

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-11 11:55 --------- d-----w C:\Programmi\eMule
2008-06-10 21:27 --------- d-----w C:\Programmi\Java
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-05-29 22:02 --------- d-----w C:\Documents and Settings\Claudio\Dati applicazioni\ClockEach
2008-05-27 21:50 --------- d-----w C:\Documents and Settings\Claudio\Dati applicazioni\Skype
2008-05-26 16:43 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\grey ante kind mess
2008-05-26 16:11 --------- d-----w C:\Programmi\Nokia
2008-05-22 22:22 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-05-22 22:22 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-05-22 22:22 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
2008-05-22 22:22 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-05-22 22:22 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-05-22 22:22 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-05-15 09:00 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Microsoft Help
2008-05-08 18:22 --------- d-----w C:\Programmi\Microsoft Encarta
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:14 1,292,800 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-05 12:45 --------- d-----w C:\Documents and Settings\Claudio\Dati applicazioni\Nokia
2008-05-05 12:21 --------- d-----w C:\Documents and Settings\Claudio\Dati applicazioni\PC Suite
2008-05-05 12:20 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\PC Suite
2008-05-05 12:19 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-05-05 12:19 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-05-05 12:07 --------- d-----w C:\Programmi\PC Connectivity Solution
2008-05-05 12:07 --------- d-----w C:\Programmi\DIFX
2008-05-05 11:22 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Installations
2008-05-02 19:59 --------- d-----w C:\Programmi\Windows Live Toolbar
2008-05-02 19:59 --------- d-----w C:\Programmi\Windows Live
2008-04-23 07:24 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Downloaded Installations
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-22 20:22 --------- d-----w C:\Programmi\Zylom Games
2008-04-22 19:57 --------- d-----w C:\Programmi\Yahoo!
2008-04-22 13:50 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\GamesBar
2008-04-20 21:00 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Office Genuine Advantage
2008-04-15 13:09 --------- d-----w C:\Programmi\iTunes
2008-04-15 13:08 --------- d-----w C:\Programmi\iPod
2008-04-15 13:05 --------- d-----w C:\Programmi\QuickTime
2008-04-14 15:51 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-08 10:16 693,792 ----a-w C:\WINDOWS\system32\OGACheckControl.dll
2008-04-08 10:16 560,672 ----a-w C:\WINDOWS\system32\OGAAddin.dll
2008-04-08 10:16 504,864 ----a-w C:\WINDOWS\system32\OGAVerify.exe
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 183,072 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-20 08:06 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
.

((((((((((((((((((((((((((((( snapshot@2008-05-30_10.39.29,12 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-30 08:21:22 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-12 19:31:52 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-14 15:51:57 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-03-01 12:58:24 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 12:58:25 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 12:58:25 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 12:58:25 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 12:58:25 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:57:16 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 12:58:25 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 12:58:26 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 12:58:26 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 12:58:26 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 12:58:28 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 12:58:28 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 12:58:28 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:57:30 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 12:58:29 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 12:58:30 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 12:58:30 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 16:28:32 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 12:58:32 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 12:58:32 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 12:58:32 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 12:58:32 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 12:58:32 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:48:14 215,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 12:58:32 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 12:58:32 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 12:58:33 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 12:58:33 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
- 2008-03-01 12:58:24 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-04-23 04:16:29 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-03-01 12:58:24 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-04-23 04:16:29 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
- 2008-03-01 12:58:25 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-23 04:16:29 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-03-01 12:58:25 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-23 04:16:29 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-03-01 12:58:25 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-23 04:16:29 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-03-01 12:58:25 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-04-23 04:16:29 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-02-29 08:57:16 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-04-22 07:42:21 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2008-03-01 12:58:25 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-04-23 04:16:29 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-03-01 12:58:26 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-04-23 04:16:29 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2008-03-01 12:58:26 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-04-23 04:16:29 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-03-01 12:58:26 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-04-23 04:16:29 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-03-01 12:58:28 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-04-23 04:16:30 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-03-01 12:58:28 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-04-23 04:16:30 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-03-01 12:58:28 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-04-23 04:16:30 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2008-02-29 08:57:30 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-04-22 07:42:39 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2008-03-01 12:58:29 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-23 04:16:30 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2008-03-01 12:58:30 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-04-23 04:16:30 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-03-01 12:58:30 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-04-23 04:16:30 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-03-01 16:28:32 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-04-23 20:16:32 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-03-01 12:58:32 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-23 04:16:31 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-03-01 12:58:32 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-23 04:16:31 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-03-01 12:58:32 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-23 04:16:31 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
- 2008-03-01 12:58:32 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-04-23 04:16:31 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-03-01 12:58:32 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-23 04:16:31 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-29 22:42:50 1,292,800 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:14:42 1,292,800 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2008-03-01 12:58:32 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-04-23 04:16:31 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2008-03-01 12:58:32 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-23 04:16:31 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-03-01 12:58:33 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-04-23 04:16:31 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-03-01 12:58:33 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-23 04:16:31 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-03-01 12:58:25 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-23 04:16:29 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-03-01 12:58:25 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-23 04:16:29 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-03-01 12:58:25 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-23 04:16:29 133,120 ------w C:\WINDOWS\system32\extmgr.dll
- 2008-03-01 12:58:25 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-04-23 04:16:29 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-02-29 08:57:16 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-04-22 07:42:21 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2008-03-01 12:58:25 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
+ 2008-04-23 04:16:29 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2008-03-01 12:58:26 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
+ 2008-04-23 04:16:29 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2008-04-20 05:07:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
- 2008-03-01 12:58:26 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-04-23 04:16:29 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-03-01 12:58:26 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-04-23 04:16:29 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2008-03-01 12:58:28 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-04-23 04:16:30 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-03-01 12:58:28 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2008-04-23 04:16:30 44,544 ------w C:\WINDOWS\system32\iernonce.dll
- 2008-03-01 12:58:28 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-04-23 04:16:30 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2008-02-21 23:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-03-24 23:28:39 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2008-02-21 23:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-03-24 23:28:43 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2008-02-22 00:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-03-25 00:37:01 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2008-03-01 12:58:29 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-23 04:16:30 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
- 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
- 2008-03-01 12:58:30 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-04-23 04:16:30 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-03-01 12:58:30 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-04-23 04:16:30 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-03-01 16:28:32 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-23 20:16:32 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-03-01 12:58:32 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-23 04:16:31 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2008-03-01 12:58:32 193,024 ------w C:\WINDOWS\system32\msrating.dll
+ 2008-04-23 04:16:31 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2008-03-01 12:58:32 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2008-04-23 04:16:31 671,232 ------w C:\WINDOWS\system32\mstime.dll
- 2008-03-01 12:58:32 102,912 ------w C:\WINDOWS\system32\occache.dll
+ 2008-04-23 04:16:31 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2008-03-01 12:58:32 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-23 04:16:31 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-05-22 22:22:14 551,672 ------w C:\WINDOWS\system32\px.dll
+ 2008-05-22 22:22:14 66,296 ------w C:\WINDOWS\system32\pxcpya64.exe
+ 2008-05-22 22:22:16 518,904 ------w C:\WINDOWS\system32\pxdrv.dll
+ 2008-05-22 22:22:16 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
+ 2008-05-22 22:22:14 64,760 ------w C:\WINDOWS\system32\pxinsa64.exe
+ 2008-05-22 22:22:16 187,128 ------w C:\WINDOWS\system32\pxmas.dll
+ 2008-05-22 22:22:16 1,628,920 ------w C:\WINDOWS\system32\pxsfs.dll
+ 2008-05-22 22:22:16 379,640 ------w C:\WINDOWS\system32\pxwave.dll
- 2006-10-08 19:51:14 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:19:29 18,808 ------w C:\WINDOWS\system32\spmsg.dll
- 2008-03-01 12:58:32 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-04-23 04:16:31 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-03-01 12:58:32 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-23 04:16:31 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-05-22 22:22:14 88,824 ------w C:\WINDOWS\system32\vxblock.dll
- 2008-03-01 12:58:33 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-04-23 04:16:31 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-06-12 19:32:08 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_598.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:39 15360]
"swg"="C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-19 16:44 68856]
"Emule Installer"="C:\Programmi\Emule Installer\EmuleInstaller.exe" [ ]
"Book Mp3"="C:\DOCUME~1\Claudio\DATIAP~1\CLOCKE~1\For Fast Hope.exe" [2008-05-26 18:41 471552]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 17:14 147456]
"E06IXLRD_334761"="C:\Programmi\Microsoft Encarta\Microsoft Encarta Enciclopedia DVD - 2006\EDICT.exe" [2005-06-04 18:06 301776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Motive SmartBridge"="C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 16:41 438359]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792]
"EPSON Stylus CX3600 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.exe" [2004-03-04 05:00 98304]
"C-Media Mixer"="Mixer.exe" [2002-10-15 19:00 1818624 C:\WINDOWS\mixer.exe]
"EPSON Stylus CX3600 Series (Copia 1)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.exe" [2004-03-04 05:00 98304]
"NeroFilterCheck"="C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"curb store ref copy"="C:\Documents and Settings\All Users\Dati applicazioni\CITY 64 CURB STORE\tons style.exe" [ ]
"QuickTime Task"="C:\Programmi\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Programmi\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"Kind Mess Surf Settings"="C:\Documents and Settings\All Users\Dati applicazioni\grey ante kind mess\wait delete.exe" [2008-06-12 21:34 2229760]
"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:39 15360]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Alice ti aiuta.lnk - C:\Programmi\Alice ti aiuta\bin\matcli.exe [2007-11-07 20:58:25 217088]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programmi\\eMule\\emule.exe"=
"C:\\Programmi\\uTorrent\\uTorrent.exe"=
"C:\\Programmi\\iTunes\\iTunes.exe"=
"C:\\Programmi\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
S3 ovt530;Webcam Classic;C:\WINDOWS\system32\Drivers\ov530vid.sys [2005-03-15 18:04]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5cfd9a49-bab7-11dc-8e26-001ca26855fc}]
\Shell\AutoRun\command - D:\Autorun.exe /run
\Shell\Shell00\Command - D:\Autorun.exe /run
\Shell\Shell01\Command - D:\Autorun.exe /action
\Shell\Shell02\Command - D:\Autorun.exe /uninstall

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9078772-d8a8-11dc-8e52-001349245245}]
\Shell\1\Command - autorun.pif
\Shell\2\Command - autorun.pif
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.pif

.
Contenuto della cartella 'Scheduled Tasks'
"2008-06-12 18:00:00 C:\WINDOWS\Tasks\AE5576DE918AE7C6.job"
- c:\docume~1\claudio\datiap~1\clocke~1\Nurb Dupe Exit.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-12 21:40:30
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2008-06-12 21.44.30
ComboFix-quarantined-files.txt 2008-06-12 19:44:25
ComboFix2.txt 2008-05-30 08:39:48

7 Directory 25,273,323,520 byte disponibili
11 Directory 25,267,671,040 byte disponibili

345 --- E O F --- 2008-06-11 13:10:01

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22.12.03, on 12/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.corriere.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Encarta Web Companion Oggetto helper - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Programmi\File comuni\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Programmi\File comuni\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O5 "LPT1:" /M "Stylus CX3600"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series (Copia 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P36 "EPSON Stylus CX3600 Series (Copia 1)" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [curb store ref copy] C:\Documents and Settings\All Users\Dati applicazioni\CITY 64 CURB STORE\tons style.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Kind Mess Surf Settings] C:\Documents and Settings\All Users\Dati applicazioni\grey ante kind mess\wait delete.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Emule Installer] "C:\Programmi\Emule Installer\EmuleInstaller.exe" hmw
O4 - HKCU\..\Run: [Book Mp3] C:\DOCUME~1\Claudio\DATIAP~1\CLOCKE~1\For Fast Hope.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [E06IXLRD_334761] "C:\Programmi\Microsoft Encarta\Microsoft Encarta Enciclopedia DVD - 2006\EDICT.EXE" -m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1194473091788
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://giugiu0016.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9258 bytes

grazie in anticipo ti mando anche il log di HT

clagmail · Mortale pio Registrato: 28/05/08 23:31 Messaggi: 28

ho fatto un po di casino col copy & past...
ho incollato i due log Combofix e HijackThis quasi attaccati... ma sicuramente tu mi hai capito
Laughing

bdoriano

Crea un file di testo con le seguenti istruzioni:

clagmail · Mortale pio Registrato: 28/05/08 23:31 Messaggi: 28

Anche questo problema, con il tuo aiuto passo-passo, è stato risolto più semplicemente di quello che speravo (già mi vedevo a salvare tutto e riformattare l'HD)....
Grazie 1000

P.S. come si prende sta monnezza (CiD)? Che posso fare per evitare che succeda di nuovo? Ho mia figlia che gioca ogni tanto coi giochini online e ho dato la colpa a lei Rolling Eyes

può essere questo?