Log di combofix aiuto ho un virussssss, aiutatemi

[gprox]

Ciao ha tutti ho l'errore win32, per esperienza pensavo di avere un virus bagle, ma il solito programmino che uso per toglierlo "elibagla" ma sta volta non ha rilevato niente, dato che l'antivirus non funge ho installato malware bytes ha trovato su una 80 di bagle li ho rimossi ma non è cambiato niente, tengo lo stesso errore, sono riuscito a fare un log con combofix però non l'ho mai usato vi chiedo aiuto e vi posto il log.

Ps. hijackthis non mi parte da errore.

ComboFix 09-11-22.08 - Gianni 30/10/2009 18.17.30.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.2047.1374 [GMT 1:00]
Eseguito da: c:\documents and settings\Gianni\Desktop\ComboFix.exe
AV: Sophos Anti-Virus *On-access scanning disabled* (Updated) {3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))) )
.

C:\InfoSat.txt

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SK9OU0S


((((((((((((((((((((((((( Files Creati Da 2009-09-28 al 2009-10-30 )))))))))))))))))))))))))))))))))))
.

2009-11-22 16:21 . 2009-11-22 16:21 -------- d-----w- C:\OpenCV2.0
2009-11-22 15:49 . 2009-11-22 15:49 -------- d-----w- c:\documents and settings\Gianni\Impostazioni locali\Dati applicazioni\Sophos
2009-11-22 14:31 . 2009-11-22 14:34 -------- d--h--r- c:\documents and settings\Administrator\Dati applicazioni
2009-11-22 12:23 . 2009-11-22 12:23 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\Panda Security
2009-11-22 12:21 . 2009-11-22 12:21 -------- d-----w- c:\programmi\Panda Security
2009-11-22 12:15 . 2009-11-22 12:15 -------- d-----w- c:\programmi\MVM 2005 - Imperivm - Le Grandi Battaglie di Roma
2009-11-22 11:32 . 2009-11-22 11:34 -------- d-----w- c:\programmi\CrossLoop
2009-11-22 10:47 . 2009-10-30 17:08 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AVG Security Toolbar
2009-11-21 20:59 . 2009-11-22 11:38 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-11-21 19:35 . 2009-11-21 19:35 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\Malwarebytes
2009-11-21 19:31 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-21 19:31 . 2009-11-21 19:35 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-11-21 19:31 . 2009-11-21 19:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-11-21 19:31 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-21 13:40 . 2009-11-21 17:10 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\Skype
2009-11-21 13:40 . 2009-11-21 13:40 -------- d-----r- c:\programmi\Skype
2009-11-21 13:40 . 2009-11-21 13:40 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2009-11-20 18:14 . 2006-10-26 18:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-11-20 18:10 . 2009-11-20 18:10 -------- d-----w- c:\programmi\Microsoft Works
2009-11-20 18:07 . 2009-11-20 18:07 -------- d-----w- c:\programmi\Microsoft.NET
2009-11-20 18:00 . 2009-11-20 18:00 -------- d-----w- c:\programmi\Microsoft Visual Studio 8
2009-11-20 17:58 . 2009-11-20 17:58 -------- d-----w- c:\documents and settings\Gianni\Impostazioni locali\Dati applicazioni\Microsoft Help
2009-11-20 17:58 . 2009-11-20 18:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-11-20 17:04 . 2009-11-20 17:04 -------- d-----w- c:\programmi\Common Files
2009-11-20 16:43 . 2009-11-20 16:46 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\Dev-Cpp
2009-11-20 16:43 . 2009-11-20 16:43 -------- d-----w- C:\Dev-Cpp
2009-11-20 14:10 . 2009-11-20 14:28 -------- d-----w- c:\programmi\VB RezQ1
2009-11-20 14:02 . 2009-11-20 14:02 -------- d-----w- c:\programmi\VB RezQ
2009-11-19 18:58 . 2000-10-01 23:00 119568 ----a-w- c:\windows\system32\VB6FR.DLL
2009-11-19 18:58 . 1998-07-12 23:00 59904 ----a-w- c:\windows\system32\MSCC2FR.DLL
2009-11-19 18:58 . 1998-07-12 23:00 40960 ----a-w- c:\windows\system32\FLXGDFR.DLL
2009-11-19 18:58 . 1998-07-12 23:00 34304 ----a-w- c:\windows\system32\RCHTXFR.DLL
2009-11-19 18:58 . 1998-07-12 23:00 32768 ----a-w- c:\windows\system32\CMDLGFR.DLL
2009-11-19 18:58 . 1998-07-12 23:00 21504 ----a-w- c:\windows\system32\TABCTFR.DLL
2009-11-19 18:58 . 1998-07-12 23:00 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL
2009-11-19 18:58 . 2009-11-19 18:58 -------- d-----w- c:\programmi\VBReFormer
2009-11-19 09:39 . 2009-11-22 12:14 -------- d--h--w- c:\programmi\FX Uninstall Information
2009-11-18 10:46 . 2009-11-20 17:00 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\vlc
2009-11-18 10:44 . 2009-11-18 10:44 -------- d-----w- c:\programmi\VideoLAN
2009-11-18 09:48 . 2009-11-18 09:48 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\Liquid Technologies Ltd
2009-11-18 09:48 . 2009-11-18 09:48 -------- d-----w- c:\documents and settings\Gianni\Impostazioni locali\Dati applicazioni\Liquid_Technologies_Ltd
2009-11-18 09:44 . 2009-11-18 09:48 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\LiquidTechnologies
2009-11-18 09:44 . 2009-11-18 09:44 -------- d-----w- c:\programmi\Liquid Technologies
2009-11-13 20:12 . 2009-11-13 20:12 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\Autodesk
2009-11-13 20:06 . 2009-11-13 20:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FLEXnet
2009-11-13 20:06 . 2009-11-13 20:06 -------- d-----w- c:\documents and settings\Gianni\Impostazioni locali\Dati applicazioni\Autodesk
2009-11-13 19:47 . 2009-11-13 19:47 -------- d-----w- c:\programmi\File comuni\Macrovision Shared
2009-11-13 19:47 . 2009-11-13 19:47 -------- d-----w- c:\programmi\File comuni\Autodesk Shared
2009-11-13 19:46 . 2009-11-13 19:46 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Autodesk
2009-11-13 19:45 . 2009-11-13 19:48 -------- d-----w- c:\programmi\Autodesk
2009-11-13 19:45 . 2008-07-31 09:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2009-11-13 19:45 . 2008-07-31 09:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2009-11-13 19:45 . 2008-07-31 09:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2009-11-13 19:45 . 2008-07-12 07:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2009-11-13 19:45 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2009-11-13 19:45 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-11-13 19:44 . 2009-11-13 19:45 -------- d-----w- c:\windows\Logs
2009-11-13 19:44 . 2009-11-19 18:49 226888 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2009-11-13 19:43 . 2009-11-13 19:43 -------- d-----w- c:\windows\system32\XPSViewer
2009-11-13 19:43 . 2009-11-13 19:43 -------- d-----w- c:\programmi\MSBuild
2009-11-13 19:43 . 2009-11-13 19:43 -------- d-----w- c:\programmi\Reference Assemblies
2009-11-13 19:43 . 2008-07-06 12:06 575488 ----a-w- c:\windows\system32\xpsshhdr.dll
2009-11-13 19:43 . 2008-07-06 12:06 1676288 ----a-w- c:\windows\system32\xpssvcs.dll
2009-11-13 19:43 . 2008-07-06 12:06 117760 ----a-w- c:\windows\system32\prntvpt.dll
2009-11-13 19:40 . 2009-11-13 19:40 -------- d-----w- c:\programmi\MSXML 6.0
2009-11-11 22:12 . 2009-11-11 22:12 -------- d-----w- c:\documents and settings\Gianni\Impostazioni locali\Dati applicazioni\Microsoft Game Studios
2009-11-11 21:35 . 2009-11-11 21:35 -------- d-----w- c:\programmi\Microsoft Games
2009-11-11 21:27 . 2009-11-11 21:27 -------- d-----w- c:\programmi\MSXML 4.0
2009-11-11 21:27 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2009-11-11 20:58 . 2009-11-11 20:58 -------- d-----w- c:\programmi\DAEMON Tools Toolbar
2009-11-11 20:58 . 2009-11-11 20:58 -------- d-----w- c:\programmi\DAEMON Tools Lite
2009-11-11 20:58 . 2009-11-11 20:58 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DAEMON Tools Lite
2009-11-11 20:55 . 2009-11-11 20:56 -------- d-----w- c:\programmi\DAEMON Tools Pro
2009-11-11 20:55 . 2009-11-11 20:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DAEMON Tools Pro
2009-11-11 20:49 . 2009-11-11 20:58 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-11 20:34 . 2009-11-11 20:34 -------- d-----w- C:\Mie pagine Web
2009-11-11 20:15 . 2009-11-19 16:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2009-11-11 20:09 . 2009-11-11 20:09 -------- d-----w- c:\programmi\Messenger Plus! Live
2009-11-11 11:55 . 2009-11-11 11:55 -------- d-----w- c:\programmi\ASUS
2009-11-11 11:55 . 2004-08-03 21:58 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2009-11-11 11:55 . 2004-08-03 22:10 19328 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2009-11-11 11:55 . 2004-08-03 22:10 85376 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2009-11-11 11:55 . 2004-08-03 22:10 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2009-11-11 11:55 . 2005-08-04 10:32 77824 ----a-r- c:\windows\system32\TvRate.dll
2009-11-11 11:55 . 2005-07-11 11:33 49152 ----a-r- c:\windows\system32\Macrovision.dll
2009-11-11 11:55 . 2003-02-27 02:07 3072 ----a-r- c:\windows\system32\34CoInstaller.dll
2009-11-11 11:55 . 2007-01-25 18:42 2831232 ----a-r- c:\windows\system32\drivers\3xHybrid.sys
2009-11-11 11:55 . 2004-08-19 14:39 54784 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-11-11 11:31 . 2009-11-21 20:43 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\uTorrent
2009-11-11 11:26 . 2009-11-11 11:26 -------- d-----w- c:\documents and settings\Gianni\Impostazioni locali\Dati applicazioni\Ahead
2009-11-11 11:18 . 2009-11-11 11:18 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\Media Player Classic
2009-11-11 11:10 . 2004-08-19 13:39 25600 ----a-w- c:\documents and settings\LocalService\Dati applicazioni\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-11-11 11:09 . 2009-11-11 11:09 -------- d-----w- c:\programmi\Windows Media Connect 2
2009-11-11 11:07 . 2009-11-11 11:08 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-11-11 11:07 . 2009-11-11 11:07 -------- d-----w- c:\windows\system32\LogFiles
2009-11-11 10:58 . 2009-11-11 10:58 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\Ahead
2009-11-11 10:57 . 2009-11-11 10:57 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ahead
2009-11-11 10:57 . 2009-11-11 11:04 -------- d-----w- c:\documents and settings\Gianni\Impostazioni locali\Dati applicazioni\Adobe
2009-11-11 10:55 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-11-11 10:55 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-11-11 10:55 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-11-11 10:55 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-11-11 10:55 . 2009-11-09 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-11-11 10:55 . 2009-11-11 10:56 -------- d-----w- c:\programmi\K-Lite Codec Pack
2009-11-11 10:55 . 2009-11-11 10:55 -------- d-----w- c:\programmi\Nero
2009-11-11 10:55 . 2009-11-11 10:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nero

[gprox]

. 2009-11-11 10:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nero
2009-11-11 10:55 . 2009-11-11 10:56 -------- d-----w- c:\programmi\File comuni\Ahead
2009-11-11 10:43 . 2009-11-11 10:43 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Adobe Systems
2009-11-11 10:43 . 2009-11-11 10:43 -------- d-----w- c:\programmi\File comuni\Adobe Systems Shared
2009-11-11 10:42 . 2009-11-11 11:02 -------- d-----w- c:\programmi\File comuni\Adobe
2009-11-11 10:19 . 2009-11-11 10:19 -------- d-----w- c:\programmi\Google
2009-11-11 10:19 . 2009-11-11 10:19 -------- d--h--w- c:\windows\msdownld.tmp
2009-11-10 13:56 . 2009-11-10 14:41 -------- d-----w- c:\documents and settings\Gianni\Impostazioni locali\Dati applicazioni\Google
2009-11-10 13:49 . 2009-11-22 10:59 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2009-11-10 13:49 . 2009-11-22 10:59 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-11-10 13:42 . 2009-10-09 19:32 52224 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Mozilla\Firefox\Profiles\ytv88kvh.def ault\extensions\{27615225-7032-450f-a317-1722cb6ce5ab}\components\FFExternalAlert.dll
2009-11-10 13:42 . 2009-10-09 19:32 114688 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Mozilla\Firefox\Profiles\ytv88kvh.def ault\extensions\{27615225-7032-450f-a317-1722cb6ce5ab}\components\npmozax.dll
2009-11-10 13:42 . 2009-08-13 14:40 43008 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Mozilla\Firefox\Profiles\ytv88kvh.def ault\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-11-10 13:42 . 2009-08-13 14:39 340480 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Mozilla\Firefox\Profiles\ytv88kvh.def ault\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-11-10 13:42 . 2009-08-13 14:39 346112 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Mozilla\Firefox\Profiles\ytv88kvh.def ault\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-11-10 13:35 . 2009-11-10 13:35 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-11-10 06:58 . 2009-11-11 11:48 -------- d-----w- c:\programmi\X360 Video Capture ActiveX Control
2009-11-09 22:46 . 2009-11-21 13:49 -------- d-----w- c:\programmi\eMule
2009-11-09 21:37 . 2009-11-09 21:37 0 ----a-w- c:\windows\nsreg.dat
2009-11-09 21:37 . 2009-11-09 21:37 -------- d-----w- c:\documents and settings\Gianni\Impostazioni locali\Dati applicazioni\Mozilla

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2009-11-22 17:30 . 2009-11-09 20:52 71224 ----a-w- c:\documents and settings\Gianni\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-11-22 15:46 . 2009-11-22 15:45 -------- d-----w- c:\programmi\Sophos
2009-11-22 15:45 . 2009-11-22 15:45 -------- d-----w- c:\programmi\File comuni\Cisco Systems
2009-11-22 15:45 . 2009-11-22 15:45 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Sophos
2009-11-22 15:30 . 2009-11-22 15:30 -------- d-----w- c:\programmi\CCleaner
2009-11-22 14:34 . 2009-11-22 14:34 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Malwarebytes
2009-11-20 17:04 . 2009-11-20 17:04 140088 ----a-w- c:\windows\Help\hhcolreg.dat
2009-11-16 09:34 . 2009-11-09 20:15 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-11-11 21:27 . 2009-11-09 20:21 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-11-11 12:29 . 2009-11-11 12:29 359040 ----a-w- c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
2009-11-10 14:59 . 2009-11-10 13:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft
2009-11-10 14:51 . 2009-11-10 14:51 -------- d-----w- c:\programmi\Trend Micro
2009-11-10 14:00 . 2009-11-10 14:00 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-10 13:56 . 2009-11-10 13:56 -------- d-----w- c:\programmi\AVG
2009-11-09 21:04 . 2009-11-09 21:04 -------- d-----w- c:\programmi\Realtek
2009-11-09 21:04 . 2009-11-09 21:04 315392 ----a-w- c:\windows\HideWin.exe
2009-11-09 20:59 . 2009-11-09 20:59 -------- d-----w- c:\programmi\NVIDIA Corporation
2009-11-09 20:59 . 2009-11-09 20:20 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-11-09 20:58 . 2009-11-09 20:58 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\InstallShield
2009-11-09 20:52 . 2009-11-09 20:52 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\ATI
2009-11-09 20:52 . 2009-11-09 20:52 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\ATI
2009-11-09 20:51 . 2009-11-09 20:51 0 ----a-w- c:\windows\ativpsrm.bin
2009-11-09 20:49 . 2009-11-09 20:42 -------- d-----w- c:\programmi\ATI Technologies
2009-11-09 20:47 . 2009-11-09 20:47 9158 ----a-r- c:\documents and settings\Gianni\Dati applicazioni\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
2009-11-09 20:47 . 2009-11-09 20:47 -------- d-----w- c:\programmi\File comuni\ATI Technologies
2009-11-09 20:38 . 2009-11-09 20:38 -------- d-----w- c:\programmi\CyberLink
2009-11-09 20:27 . 2009-11-09 20:27 -------- d-----w- c:\programmi\Pubblicazione guidata
2009-11-09 20:21 . 2009-11-09 20:21 -------- d-----w- c:\programmi\NETGEAR
2009-11-09 20:16 . 2009-11-09 20:16 -------- d-----w- c:\programmi\microsoft frontpage
2009-11-09 20:14 . 2009-11-09 20:14 -------- d-----w- c:\programmi\Servizi in linea
2009-10-30 17:14 . 2009-10-30 17:11 -------- d-----w- c:\programmi\EsetOnlineScanner
2009-10-30 11:10 . 2009-10-30 11:10 1183176 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Mozilla\Firefox\Profiles\ytv88kvh.def ault\extensions\DTToolbar@toolbarnet.com\component s\DTToolbarFF.dll
2009-10-29 20:46 . 2001-08-31 11:00 79292 ----a-w- c:\windows\system32\perfc010.dat
2009-10-29 20:46 . 2001-08-31 11:00 478808 ----a-w- c:\windows\system32\perfh010.dat
2009-10-29 20:46 . 2009-11-09 20:12 23008 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-16 11:12 . 2009-10-30 17:08 1119488 ----a-w- c:\documents and settings\All Users\Dati applicazioni\AVG Security Toolbar\IEToolbar.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-10-16 11:12 1119488 ----a-w- c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\G oogleToolbarNotifier.exe" [2009-11-11 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Malwarebytes Anti-Malware (reboot)"="c:\programmi\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-02-19 16858112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
AutoUpdate Monitor.lnk - c:\programmi\Sophos\AutoUpdate\ALMon.exe [2007-6-21 245760]
NETGEAR WG111v2 Smart Wizard.lnk - c:\programmi\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe [2009-11-9 483328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\SAVService]
@="service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[gprox]

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe"=
"c:\\WINDOWS\\system32\\netsh.exe"=
"c:\\Documents and Settings\\Gianni\\Desktop\\utorrent-1.6.exe"=
"c:\\Programmi\\Autodesk\\Backburner\\monitor.exe" =
"c:\\Programmi\\Autodesk\\Backburner\\manager.exe" =
"c:\\Programmi\\Autodesk\\Backburner\\server.e xe"=
"c:\\Programmi\\Autodesk\\3ds Max 2010\\3dsmax.exe"=
"c:\\Programmi\\Autodesk\\3ds Max 2010\\mentalray\\satellite\\raysat_3dsmax2010_32se rver.exe"=
"c:\\Programmi\\Autodesk\\3ds Max 2010\\mentalray\\satellite\\raysat_3dsmax2010_32.e xe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"4662:TCP"= 4662:TCP:4662
"4672:UDP"= 4672:UDP:4672
"5061:TCP"= 5061:TCP:5061
"5061:UDP"= 5061:UDP:50611

R1 SAVOnAccessControl;SAVOnAccessControl;c:\windows\s ystem32\drivers\savonaccesscontrol.sys [22/11/2009 16.45.08 104704]
R1 SAVOnAccessFilter;SAVOnAccessFilter;c:\windows\sys tem32\drivers\savonaccessfilter.sys [22/11/2009 16.45.08 35584]
R2 SAVAdminService;Crea report sullo stato di Sophos Anti-Virus;c:\programmi\Sophos\Sophos Anti-Virus\SAVAdminService.exe [09/12/2008 16.46.23 69632]
R2 SAVService;Sophos Anti-Virus;c:\programmi\Sophos\Sophos Anti-Virus\SavService.exe [09/12/2008 16.44.25 98304]
R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [11/11/2009 12.55.09 2831232]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11/11/2009 21.49.52 691696]
S2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\programmi\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32serve r.exe [12/03/2009 17.36.24 86016]
S3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\ ikllpu.sys --> c:\windows\system32\drivers\ikllpu.sys [?]
S3 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [09/11/2009 21.21.27 66048]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [09/11/2009 21.21.29 167808]
S4 SophosBootDriver;SophosBootDriver;c:\windows\syste m32\drivers\SophosBootDriver.sys [22/11/2009 16.45.09 14976]
.
Contenuto della cartella 'Scheduled Tasks'
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Gianni\Dati applicazioni\Mozilla\Firefox\Profiles\ytv88kvh.def ault\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2243838&SearchSource=3&q={s earchTerms}
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - component: c:\documents and settings\Gianni\Dati applicazioni\Mozilla\Firefox\Profiles\ytv88kvh.def ault\extensions\{27615225-7032-450f-a317-1722cb6ce5ab}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Gianni\Dati applicazioni\Mozilla\Firefox\Profiles\ytv88kvh.def ault\extensions\DTToolbar@toolbarnet.com\component s\DTToolbarFF.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npOGAPlugin.dll
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-30 18:25
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

************************************************** ************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(528)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2420)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
c:\programmi\Sophos\AutoUpdate\ALsvc.exe
c:\programmi\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\programmi\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\windows\system32\wscntfy.exe
.
************************************************** ************************
.
Ora fine scansione: 2009-10-30 18:29 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-10-30 17:29

Pre-Run: 205.498.826.752 byte disponibili
Post-Run: 205.365.080.064 byte disponibili

Current=2 Default=2 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 1FAE2E4D4A20A2E1C8BF5E93EDDE0003

Il sito mi diceva che era troppo lungo ho diviso il log, vi prego aiutatemi grazie

[comas17]

Perchè non aprire la discussione nella sezione "Sicurezza informatica e virus" ?
Sposto