Scansione online con Kaspersky

[Dwarf]

Ho fatto una scansione online sul sito di Kaspersky, questo è quello che mi ha trovato

codice:

Scan Statistics
Total number of scanned objects 	144141
Number of viruses found 	4
Number of infected objects 	6 / 0
Number of suspicious objects 	6
Duration of the scan process 	01:51:59

Infected Object Name 	Virus Name 	Last Action
C:\Documents and Settings\Admin\Cookies\index.dat 	Object is locked 	skipped
C:\Documents and Settings\Admin\Dati applicazioni\Symantec\PendingAlertsQueue.log 	Object is locked 	skipped
C:\Documents and Settings\Admin\Impostazioni locali\Cronologia\History.IE5\index.dat 	Object is locked 	skipped
C:\Documents and Settings\Admin\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat 	Object is locked 	skipped
C:\Documents and Settings\Admin\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG 	Object is locked 	skipped
C:\Documents and Settings\Admin\Impostazioni locali\Temp\Perflib_Perfdata_c20.dat 	Object is locked 	skipped
C:\Documents and Settings\Admin\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat 	Object is locked 	skipped
C:\Documents and Settings\Admin\NTUSER.DAT 	Object is locked 	skipped
C:\Documents and Settings\Admin\ntuser.dat.LOG 	Object is locked 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Common Client\Confid.log 	Object is locked 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Common Client\Content.log 	Object is locked 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Common Client\Privacy.log 	Object is locked 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Common Client\Restrict.log 	Object is locked 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Common Client\settings.dat 	Object is locked 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Common Client\WebHist.log 	Object is locked 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\HPPAppActivity.log 	Object is locked 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\HPPHomePageActivity.log 	Object is locked 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\2CD92A7B.tif 	Suspicious: Exploit.Win32.IMG-WMF 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\331A232B.par/bpkr.exe 	Infected: Trojan-Spy.Win32.Perfloger.a 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\331A232B.par 	RAR: infected - 1 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\331A232B.par 	CryptFF: infected - 1 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\35410818.tif 	Suspicious: Exploit.Win32.IMG-WMF 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\415E1351.tif 	Suspicious: Exploit.Win32.IMG-WMF 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\49611280.tif 	Suspicious: Exploit.Win32.IMG-WMF 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\50482B05.exe 	Infected: Backdoor.Win32.Messo.10 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\505C26EF.exe 	Infected: Backdoor.Win32.Messo.10 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\547852F6.tif 	Suspicious: Exploit.Win32.IMG-WMF 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\61284340.tif 	Suspicious: Exploit.Win32.IMG-WMF 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\6E437DD1.tmp 	Infected: Trojan-Downloader.Win32.Bagle.at 	skipped
C:\Documents and Settings\LocalService\Cookies\index.dat 	Object is locked 	skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat 	Object is locked 	skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat 	Object is locked 	skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG 	Object is locked 	skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat 	Object is locked 	skipped
C:\Documents and Settings\LocalService\NTUSER.DAT 	Object is locked 	skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG 	Object is locked 	skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat 	Object is locked 	skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG 	Object is locked 	skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT 	Object is locked 	skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\AntiSpam\Log\Spam.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcrst.dll 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SNDALRT.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SNDCON.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SNDDBG.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SNDFW.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SNDIDS.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SNDSYS.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBConfig.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBDebug.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBDetect.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBNotify.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBRefr.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSetCfg.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSetDev.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSetLoc.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSetUsr.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSMNot.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSMReg.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBSMRSt.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBStHash.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBStMSI.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\BBValid.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\SPPolicy.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\SPStart.log 	Object is locked 	skipped
C:\Programmi\File comuni\Symantec Shared\SPBBC\LOGS\SPStop.log 	Object is locked 	skipped
C:\Programmi\MySQL\MySQL Server 4.1\data\ibdata1 	Object is locked 	skipped
C:\Programmi\MySQL\MySQL Server 4.1\data\ib_logfile0 	Object is locked 	skipped
C:\Programmi\MySQL\MySQL Server 4.1\data\ib_logfile1 	Object is locked 	skipped
C:\Programmi\MySQL\MySQL Server 4.1\data\jh5dm787cct13gu.err 	Object is locked 	skipped
C:\Programmi\Norton Internet Security\Norton AntiVirus\AVApp.log 	Object is locked 	skipped
C:\Programmi\Norton Internet Security\Norton AntiVirus\AVError.log 	Object is locked 	skipped
C:\Programmi\Norton Internet Security\Norton AntiVirus\AVVirus.log 	Object is locked 	skipped
C:\Programmi\Norton Internet Security\Norton AntiVirus\Savrt\0188NAV~.TMP 	Object is locked 	skipped
C:\Programmi\Norton Internet Security\Norton AntiVirus\Savrt\0763NAV~.TMP 	Object is locked 	skipped
C:\System Volume Information\MountPointManagerRemoteDatabase 	Object is locked 	skipped
C:\System Volume Information\_restore{67B18959-A2DE-41B3-AB5D-FBD05F016A21}\RP67\change.log 	Object is locked 	skipped
C:\WINDOWS\Debug\PASSWD.LOG 	Object is locked 	skipped
C:\WINDOWS\SchedLgU.Txt 	Object is locked 	skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log 	Object is locked 	skipped
C:\WINDOWS\Sti_Trace.log 	Object is locked 	skipped
C:\WINDOWS\system32\CatRoot2\edb.log 	Object is locked 	skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb 	Object is locked 	skipped
C:\WINDOWS\system32\config\AppEvent.Evt 	Object is locked 	skipped
C:\WINDOWS\system32\config\default 	Object is locked 	skipped
C:\WINDOWS\system32\config\default.LOG 	Object is locked 	skipped
C:\WINDOWS\system32\config\SAM 	Object is locked 	skipped
C:\WINDOWS\system32\config\SAM.LOG 	Object is locked 	skipped
C:\WINDOWS\system32\config\SecEvent.Evt 	Object is locked 	skipped
C:\WINDOWS\system32\config\SECURITY 	Object is locked 	skipped
C:\WINDOWS\system32\config\SECURITY.LOG 	Object is locked 	skipped
C:\WINDOWS\system32\config\software 	Object is locked 	skipped
C:\WINDOWS\system32\config\software.LOG 	Object is locked 	skipped
C:\WINDOWS\system32\config\SysEvent.Evt 	Object is locked 	skipped
C:\WINDOWS\system32\config\system 	Object is locked 	skipped
C:\WINDOWS\system32\config\system.LOG 	Object is locked 	skipped
C:\WINDOWS\system32\h323log.txt 	Object is locked 	skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR 	Object is locked 	skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP 	Object is locked 	skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER 	Object is locked 	skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP 	Object is locked 	skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP 	Object is locked 	skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA 	Object is locked 	skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP 	Object is locked 	skipped
C:\WINDOWS\Temp\ib86 	Object is locked 	skipped
C:\WINDOWS\Temp\ib87 	Object is locked 	skipped
C:\WINDOWS\Temp\ib88 	Object is locked 	skipped
C:\WINDOWS\wiadebug.log 	Object is locked 	skipped
C:\WINDOWS\wiaservc.log 	Object is locked 	skipped
C:\WINDOWS\WindowsUpdate.log 	Object is locked 	skipped
Scan process completed.

Che devo fare ?

[Dwarf]

Il log di HijackThis, possibile che Norton e ewido non trovino nulla ?

Logfile of HijackThis v1.99.1
Scan saved at 14.07.56, on 23/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Symantec Shared\ccProxy.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\ewido anti-spyware 4.0\guard.exe
C:\Programmi\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Programmi\RVS\WCOM\SYSTEM\RVSINST.EXE
C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Ahead\InCD\InCD.exe
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmi\ewido anti-spyware 4.0\ewido.exe
C:\Programmi\RamBooster 2.0\Rambooster.exe
C:\Programmi\Apache Group\Apache2\bin\ApacheMonitor.exe
C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Apache Group\Apache2\bin\Apache.exe
C:\Programmi\Apache Group\Apache2\bin\Apache.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O1 - Hosts: 193.203.227.100 www.betandwin.com
O1 - Hosts: 216.152.164.80 www.pinnaclesports.com
O1 - Hosts: 202.151.34.159 www.megasportcasino.com
O1 - Hosts: 213.33.111.50 www.jokerbets.com
O1 - Hosts: 217.20.33.8 www.casinopokerlasvegas.com
O1 - Hosts: 62.7.228.141 www.eurobet.com
O1 - Hosts: 213.212.82.185 www.globet.com
O1 - Hosts: 203.115.210.212 www.007bets.com
O1 - Hosts: 209.200.128.40 www.007sportsbetting.com
O1 - Hosts: 209.200.128.25 www.07sports.com
O1 - Hosts: 65.36.221.8 www.1001casino.com
O1 - Hosts: 66.199.173.138 www.100kcasino.com
O1 - Hosts: 207.228.229.110 www.101-casino.com
O1 - Hosts: 217.205.136.249 www.10bet.com
O1 - Hosts: 216.73.126.55 www.10handpokercasino.com
O1 - Hosts: 209.200.134.78 www.1luckygambler.com
O1 - Hosts: 64.202.189.170 www.1on1footballsportsbetting.com
O1 - Hosts: 64.158.29.134 www.1sportbook.com
O1 - Hosts: 205.234.139.66 www.1st-free-casino-online.com
O1 - Hosts: 64.70.249.150 www.1stlines.com
O1 - Hosts: 213.171.193.23 www.1stonlineinternetcasino.com
O1 - Hosts: 64.235.235.4 www.24caratcasino.com
O1 - Hosts: 213.48.117.162 www.24dogs.com
O1 - Hosts: 217.212.244.253 www.24hbet.com
O1 - Hosts: 217.212.244.229 www.24hpoker.com
O1 - Hosts: 209.200.153.133 www.2betdsi.com
O1 - Hosts: 64.40.109.33 www.4platinumsportsbook.com
O1 - Hosts: 83.138.185.248 www.4sportsbetting.com
O1 - Hosts: 200.122.137.50 www.4sportspicks.com
O1 - Hosts: 205.134.188.244 www.52bet.com
O1 - Hosts: 209.200.134.24 www.5dimes.com
O1 - Hosts: 207.228.229.110 www.7-11-casino.com
O1 - Hosts: 205.234.137.214 www.7onlinecasino.com
O1 - Hosts: 209.200.134.16 www.7palms.com
O1 - Hosts: 213.219.54.201 www.888.com
O1 - Hosts: 62.73.185.77 www.888casino.com
O1 - Hosts: 69.57.144.67 www.888casinoonnet.com
O1 - Hosts: 217.160.150.102 www.888-free-casino-games.com
O1 - Hosts: 217.160.150.102 www.888-online-casino.com
O1 - Hosts: 82.165.163.231 www.88sportsbetting.com
O1 - Hosts: 67.131.69.149 www.abcislands.com
O1 - Hosts: 205.134.188.244 www.acescasino.net
O1 - Hosts: 217.33.121.206 www.acropoliscasinos.com
O1 - Hosts: 80.120.174.220 www.admiralbet.com
O1 - Hosts: 207.139.91.25 www.advantagesportsbetting.com
O1 - Hosts: 217.15.106.34 www.aldocoppolacasino.com
O1 - Hosts: 209.200.128.25 www.allbetsrus.com
O1 - Hosts: 69.90.108.200 www.allprosportsbook.com
O1 - Hosts: 209.51.142.30 www.allsportscasino.com
O1 - Hosts: 64.69.65.202 www.AllSportsMarket.com
O1 - Hosts: 205.134.188.244 www.allstarsportsbook.com
O1 - Hosts: 195.151.143.10 www.allytab.com
O1 - Hosts: 209.200.153.152 www.americancasinoonline.com
O1 - Hosts: 64.37.97.67 www.americas-onlinecasino.com
O1 - Hosts: 65.36.221.8 www.anguilla-casino.com
O1 - Hosts: 69.90.47.118 www.anytimewager.com
O1 - Hosts: 66.235.220.191 www.apexsportsbook.com
O1 - Hosts: 212.56.159.148 www.astrabet.com
O1 - Hosts: 204.174.223.205 www.athomesportsbook.com
O1 - Hosts: 213.146.146.67 www.attheraces.co.uk
O1 - Hosts: 195.173.72.67 www.attheraces.com
O1 - Hosts: 209.200.134.78 www.aztecgaming.com
O1 - Hosts: 66.199.173.138 www.baccaratcasino.com
O1 - Hosts: 217.160.95.49 www.backandlay.com
O1 - Hosts: 64.94.93.43 www.bcbets.com
O1 - Hosts: 205.134.188.244 www.belmontcasino.com
O1 - Hosts: 205.134.188.246 www.bestecasino.com
O1 - Hosts: 200.46.238.145 www.bestlinesports.com
O1 - Hosts: 65.36.221.8 www.best-online-casinos.1001casino.com
O1 - Hosts: 217.212.244.241 www.bestpoker.com
O1 - Hosts: 68.142.79.138 www.bet19.com
O1 - Hosts: 217.168.162.99 www.bet24.com
O1 - Hosts: 62.44.67.142 www.bet247.co.uk
O1 - Hosts: 83.245.54.203 www.Bet365.com
O1 - Hosts: 62.169.147.100 www.betabet.com
O1 - Hosts: 130.228.4.60 www.betandgame.com
O1 - Hosts: 80.243.162.175 www.bet-at-home.com
O1 - Hosts: 69.90.176.14 www.betaustralia.com
O1 - Hosts: 209.200.128.40 www.betbet.com
O1 - Hosts: 216.194.173.58 www.betbuckeyesports.com
O1 - Hosts: 212.100.245.26 www.betbug.com
O1 - Hosts: 212.100.224.208 www.betbutler.com
O1 - Hosts: 217.168.161.19 www.betchance.com
O1 - Hosts: 212.56.134.12 www.betclass.co.uk
O1 - Hosts: 212.56.134.12 www.betclass.net
O1 - Hosts: 212.56.134.12 www.betclassltd.com
O1 - Hosts: 216.194.167.101 www.betcom.com
O1 - Hosts: 209.200.153.132 www.betcris.com
O1 - Hosts: www.betcris.gameaccount.com www.betcris.gameaccount.com
O1 - Hosts: 196.40.69.101 www.Betcsl.com
O1 - Hosts: 200.26.201.36 www.betcurnet.com
O1 - Hosts: 62.25.109.146 www.betdaq.com
O1 - Hosts: 206.246.91.7 www.betdirect.co.uk
O1 - Hosts: 62.44.67.141 www.betdirect.net
O1 - Hosts: 209.200.153.130 www.betdon.com
O1 - Hosts: 64.40.98.90 www.betempire.com
O1 - Hosts: 68.142.79.142 www.beteuro.com
O1 - Hosts: 212.62.21.228 www.betfair.com
O1 - Hosts: 194.73.98.195 www.betfred.com
O1 - Hosts: 68.142.79.133 www.betgameday.com
O1 - Hosts: 64.94.93.39 www.betgrande.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Programmi\File comuni\Symantec Shared\Security Center\UsrPrmpt.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programmi\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [!ewido] "C:\Programmi\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [RamBooster] C:\Programmi\RamBooster 2.0\Rambooster.exe
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Programmi\Apache Group\Apache2\bin\ApacheMonitor.exe
O8 - Extra context menu item: Salva oggetto con Star Downloader - C:\Programmi\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programmi\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} -

[Dwarf]

C:\Programmi\WinHTTrack\WinHTTrackIEBar.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1147092548890
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Apache2 - Unknown owner - C:\Programmi\Apache Group\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmi\Norton Internet Security\comHost.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Programmi\Ahead\InCD\InCDsrv.exe
O23 - Service: MySQL - Unknown owner - C:\Programmi\MySQL\MySQL.exe (file missing)
O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: RVS Installer (RVSINST) - RVS Datentechnik GmbH, München - C:\Programmi\RVS\WCOM\SYSTEM\RVSINST.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe

[BilloKenobi]

x quanto riguarda l'hijack, fai fuori tutti gli O1

[Angler84]

Da quanto sembra ha trovato oggetti sospetti nella cartella di quarantena di Norton.

codice:

C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\2CD92A7B.tif 	Suspicious: Exploit.Win32.IMG-WMF 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\331A232B.par/bpkr.exe 	Infected: Trojan-Spy.Win32.Perfloger.a 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\331A232B.par 	RAR: infected - 1 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\331A232B.par 	CryptFF: infected - 1 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\35410818.tif 	Suspicious: Exploit.Win32.IMG-WMF 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\415E1351.tif 	Suspicious: Exploit.Win32.IMG-WMF 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\49611280.tif 	Suspicious: Exploit.Win32.IMG-WMF 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\50482B05.exe 	Infected: Backdoor.Win32.Messo.10 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\505C26EF.exe 	Infected: Backdoor.Win32.Messo.10 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\547852F6.tif 	Suspicious: Exploit.Win32.IMG-WMF 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\61284340.tif 	Suspicious: Exploit.Win32.IMG-WMF 	skipped
C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine\6E437DD1.tmp 	Infected: Trojan-Downloader.Win32.Bagle.at 	skipped

Svuotando la quarantena e rifacendo la scansione dovrebbe dirti che non c'è nulla.

Niente di preoccupante, tutti i restanti avvisi sono dovuti al fatto che non è riuscito a leggere quei files.

[Dwarf]

Originariamente inviato da Angler84
Da quanto sembra ha trovato oggetti sospetti nella cartella di quarantena di Norton.

Svuotando la quarantena e rifacendo la scansione dovrebbe dirti che non c'è nulla.

Niente di preoccupante, tutti i restanti avvisi sono dovuti al fatto che non è riuscito a leggere quei files.

Infatti