mi connetto ma non navigo, porta 80 bloccata?

[cascianini]

Grazie menatwork, sono stato via per lavoro e ti rispondo in ritardo. Ho fatto tutto quello che mi hai suggerito e qui di seguito copio i log (non riesco ad allegare i file txt!).

Grazie di tutto l'aiuto.

Webroot AntiZeroAccess 0.8 Log File
Execution time: 07/11/2011 - 12:54
Host operation System: Windows Xp X86 version 5.1.2600 Service Pack 3
12:54:38 - CheckSystem - Begin to check system...
12:54:38 - OpenRootDrive - Opening system root volume and physical drive....
12:54:38 - C Root Drive: Disk number: 0 Start sector: 0x0000003F Partition Size: 0x04A852C1 sectors.
12:54:38 - PrevX Main driver extracted in "C:\WINDOWS\system32\drivers\ZeroAccess.sys".
12:54:39 - InstallAndStartDriver - Main driver was installed and now is running.
12:54:39 - CheckSystem - Disk class driver state is OK.
12:54:40 - CheckFile - Unable to send FSCTL_GET_RETRIEVAL_POINTERS to file object. DeviceIoControl last error: 5
12:54:40 - CheckFile - Unable to send FSCTL_GET_RETRIEVAL_POINTERS to file object. DeviceIoControl last error: 5
12:54:40 - CheckFile - Unable to send FSCTL_GET_RETRIEVAL_POINTERS to file object. DeviceIoControl last error: 5
12:54:40 - CheckFile - Unable to send FSCTL_GET_RETRIEVAL_POINTERS to file object. DeviceIoControl last error: 5
12:54:40 - CheckFile - Unable to send FSCTL_GET_RETRIEVAL_POINTERS to file object. DeviceIoControl last error: 5
12:54:42 - StopAndRemoveDriver - AntiZeroAccess Driver is stopped and removed.
12:54:42 - StopAndRemoveDriver - File "ZeroAccess.sys" was deleted!
12:54:42 - Execution Ended!

ComboFix 11-11-07.02 - Dario 07/11/2011 12.00.59.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.510.220 [GMT 1:00]
Eseguito da: c:\documents and settings\Dario\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
.
((((((((((((((((((((((((( Files Creati Da 2011-10-07 al 2011-11-07 )))))))))))))))))))))))))))))))))))
.
.
2011-10-30 13:53 . 2010-05-07 11:37 150200 ----a-w- c:\programmi\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\compone nts\kavlinkfilter.dll
2011-10-30 13:53 . 2011-10-30 14:06 97961 ----a-w- c:\windows\system32\drivers\klick.dat
2011-10-30 13:53 . 2011-10-30 14:06 115369 ----a-w- c:\windows\system32\drivers\klin.dat
2011-10-30 13:50 . 2011-11-07 08:02 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2011-10-30 13:50 . 2011-10-30 13:50 -------- d-----w- c:\programmi\Kaspersky Lab
2011-10-30 11:04 . 2011-11-07 07:50 25048 ----a-w- c:\programmi\Mozilla Firefox\components\browserdirprovider.dll
2011-10-30 11:04 . 2011-11-07 07:50 140248 ----a-w- c:\programmi\Mozilla Firefox\components\brwsrcmp.dll
2011-10-30 11:04 . 2011-11-07 07:51 505816 ----a-w- c:\programmi\Mozilla Firefox\sqlite3.dll
2011-10-30 11:04 . 2011-11-07 07:50 66520 ----a-w- c:\programmi\Mozilla Firefox\plugins\npnul32.dll
2011-10-30 11:04 . 2011-11-07 07:50 1015256 ----a-w- c:\programmi\Mozilla Firefox\js3250.dll
2011-10-30 11:00 . 2011-10-30 11:00 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Comodo
2011-10-29 17:16 . 2011-10-30 07:02 27536 ----a-w- c:\windows\system32\drivers\sfi.dat
2011-10-29 16:58 . 2011-10-29 16:58 -------- d-----w- c:\documents and settings\Dario\Dati applicazioni\AVG2012
2011-10-29 16:51 . 2011-10-29 17:09 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Comodo Downloader
2011-10-29 16:35 . 2011-10-29 17:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AVG2012
2011-10-29 16:34 . 2011-10-29 16:34 -------- d-----w- c:\programmi\AVG
2011-10-20 17:57 . 2011-10-20 18:05 -------- d-----w- c:\documents and settings\Administrator
2011-10-17 17:34 . 2011-10-17 17:34 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2011-10-17 11:41 . 2011-10-17 11:41 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2011-10-30 12:02 . 2004-08-03 21:14 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-07-08 07:44 . 2011-07-14 06:10 142296 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\programmi\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-25 1629480]
"InCD"="c:\programmi\Nero\Nero 7\InCD\InCD.exe" [2007-06-25 1057064]
"HP Software Update"="c:\programmi\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
WinZip Quick Pick.lnk - c:\programmi\WinZip\WZQKPICK.EXE [2010-6-19 106560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2011-07-06 14:32 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Halto\\Halto.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
.
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14/09/2009 14.42.46 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02/11/2009 20.27.24 19472]
S1 kl2;Kl2;c:\windows\system32\drivers\kl2.sys [07/05/2010 0.19.06 132184]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\programmi\LogMeIn\x86\RaInfo.sys --> c:\programmi\LogMeIn\x86\RaInfo.sys [?]
S2 SPDFCreatorReadSpool;SolidPDFCreatorReadSpool;c:\p rogrammi\SolidDocuments\SolidPDFCreator\SPC\SolidP dfService.exe --> c:\programmi\SolidDocuments\SolidPDFCreator\SPC\So lidPdfService.exe [?]
S3 DSAPMem;DSAPMem;c:\programmi\IBM\DSA\pmemnt.sys [12/08/2008 22.12.26 11432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 16:34 451872 ----a-w- c:\programmi\File comuni\LightScribe\LSRunOnce.exe
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Dario\Dati applicazioni\Mozilla\Firefox\Profiles\82mvq8rk.def ault\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4ce1b71e&v=7.008.031.001&i=26&tp=ab&iy=&ychte=u s&lng=it&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programmi\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programmi\Java\jre6\lib\deploy\jqs\ff
.
.
************************************************** ************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-07 12:09
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
************************************************** ************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(1028)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(828)
c:\windows\system32\WININET.dll
c:\programmi\File comuni\Ahead\Lib\NeroSearchBar.dll
c:\programmi\File comuni\Ahead\Lib\MFC71U.DLL
c:\programmi\File comuni\Ahead\Lib\BCGCBPRO860un71.dll
.
Ora fine scansione: 2011-11-07 12:12:18
ComboFix-quarantined-files.txt 2011-11-07 11:12
ComboFix2.txt 2011-11-07 08:36
.
Pre-Run: 2.492.813.312 byte disponibili
Post-Run: 2.482.442.240 byte disponibili
.
- - End Of File - - 98F13624334E4E0B0F6BC16A0E404986