Protezione da malware

[zinzo]

Da un paio di giorni , la protezione malware risulta essere disattivata ad ogni riavvio del computer e anche il windows defender risulta essere sempre disattivato

vedete qualcosa che non va?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18.01.51, on 26/06/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fiorentina.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Ecosia Plugin - {7E783154-F54B-4af6-8C01-0A3E744B5DC8} - C:\Program Files\Ecosia\ecosia.dll
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Ecosia Search - {C8F48FC8-3CA1-42B9-8609-F75D7C8B4493} - C:\Program Files\Ecosia\ecosia.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?IT (file missing)
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1F45C81-FF6D-426A-8D60-551511C684BF}: NameServer = 192.168.1.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\Windows\system32\dgdersvc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Convalida password di Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 10335 bytes

[menatwork]

Buonasera


effettua queste due scansioni, hai delle infezioni da togliere

scarica suk desktop

malwarebytes

combofix


installa malwarebytes
Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completa, fai clic su OK => Mostra i Risultati.
Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
Se ti chiede di riavviare, riavvia per completare il processo di pulizia.
Posta il rapporto .



disattiva il tuo antivirus

esegui combofix (non installare la recovery console)
Lascia lavorare il programma senza interferire
Allega il rapporto C:\ComboFix.txt nella tua risposta.

guida all'uso di combofix

esegui le scansioni col tasto destro e come amministratore

[JeanGrey]

Ciao zinzo, che intendi per protezione malware?
Stai usando due antivirus: AVG9 e Norton, questo provoca conflitti e rallentamenti.
Ti consiglio di lasciarne solo uno e disinstallare l'altro con l'apposito tool eseguito come amministratore.

AVG Remover

Norton Remover

[zinzo]

ComboFix 10-06-25.04 - zinzo 26/06/2010 19.29.04.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.2045.1190 [GMT 2:00]
Eseguito da: c:\users\zinzo\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-150000001400}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-160000001500}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-170000001600}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-180000001700}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-190000001800}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-1A0000001900}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-1B0000001A00}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-1C0000001B00}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-1D0000001C00}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-1E0000001D00}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-1F0000001E00}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-200000001F00}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-210000002000}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-220000002100}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-230000002200}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-240000002300}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-250000002400}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-260000002500}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-270000002600}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-280000002700}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-290000002800}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-2A0000002900}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-2B0000002A00}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-2C0000002B00}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-2D0000002C00}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-2E0000002D00}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-2F0000002E00}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-300000002F00}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-310000003000}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-620000006100}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-630000006200}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {00000003-0000-0000-B88D-640000006300}
AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-150000001400}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-160000001500}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-170000001600}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-180000001700}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-190000001800}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-1A0000001900}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-1B0000001A00}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-1C0000001B00}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-1D0000001C00}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-1E0000001D00}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-1F0000001E00}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-200000001F00}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-210000002000}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-220000002100}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-230000002200}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-240000002300}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-250000002400}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-260000002500}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-270000002600}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-280000002700}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-290000002800}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-2A0000002900}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-2B0000002A00}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-2C0000002B00}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-2D0000002C00}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-2E0000002D00}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-2F0000002E00}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-300000002F00}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-310000003000}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-620000006100}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-630000006200}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {00000003-0000-0000-B88D-640000006300}
SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))) )
.

c:\program files\pdfforge Toolbar\SearchSettings.dll
c:\windows\system32\muzapp.exe

[zinzo]

2010-06-26 17:39 . 2010-06-26 17:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-06-26 17:39 . 2010-06-26 17:40 -------- d-----w- c:\users\zinzo\AppData\Local\temp
2010-06-26 15:55 . 2010-06-26 15:55 -------- d-----w- c:\program files\Trend Micro
2010-06-26 14:01 . 2010-06-26 14:01 -------- d-----w- c:\users\zinzo\AppData\Roaming\Malwarebytes
2010-06-26 14:01 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-26 14:01 . 2010-06-26 14:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-26 14:01 . 2010-06-26 14:01 -------- d-----w- c:\programdata\Malwarebytes
2010-06-26 14:01 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-22 18:26 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-22 18:26 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-22 18:26 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-22 18:26 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-22 18:26 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-22 18:25 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-22 18:25 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-21 20:26 . 2010-06-21 20:27 -------- d-----w- c:\users\zinzo\AppData\Local\eSupport.com
2010-06-21 18:53 . 2009-08-24 19:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2010-06-20 16:24 . 2010-06-20 16:24 -------- d-----w- C:\swsetup
2010-06-20 12:34 . 2010-06-20 12:34 -------- d-----w- c:\users\zinzo\AppData\Local\Stardock
2010-06-20 12:34 . 2010-06-20 12:34 -------- d-----w- c:\program files\Stardock
2010-06-20 10:48 . 2010-01-27 11:05 5120 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\it-IT\MCS.Thunder.Update.resources.dll
2010-06-20 10:26 . 2010-06-20 10:32 126821429 ----a-w- c:\users\zinzo\AppData\Roaming\Easeware\DriverEasy \drivers\mahv2ppt.jzi\Kies_1.1.5.10014_21.exe
2010-06-20 10:03 . 2010-06-20 10:04 10592136 ----a-w- c:\users\zinzo\AppData\Roaming\Easeware\DriverEasy \drivers\23i3lkuw.22m\sp41804.exe
2010-06-20 09:52 . 2010-06-20 09:55 46836384 ----a-w- c:\users\zinzo\AppData\Roaming\Easeware\DriverEasy \drivers\yrkc3rmc.wvk\util_tvap_TC00215000G.exe
2010-06-20 09:49 . 2007-08-02 15:34 61440 ----a-w- c:\windows\VM305_STI.exe
2010-06-20 09:48 . 2010-06-20 09:48 -------- d-----w- c:\program files\Common Files\Look316
2010-06-20 09:48 . 2010-06-20 09:48 -------- d-----w- c:\users\zinzo\AppData\Roaming\InstallShield
2010-06-20 09:45 . 2010-06-20 09:45 -------- d-----w- c:\windows\tiinst
2010-06-20 09:44 . 2010-06-20 09:44 -------- d-----w- C:\Dell
2010-06-20 09:39 . 2010-06-20 09:39 -------- d-----w- c:\program files\ltmoh
2010-06-20 09:39 . 2009-07-21 14:24 58888 ------w- c:\windows\system32\agrsmdel.exe
2010-06-20 09:38 . 2010-06-20 09:38 -------- d-----w- c:\program files\LSI SoftModem
2010-06-20 09:36 . 2010-06-20 09:37 3470888 ----a-w- c:\users\zinzo\AppData\Roaming\Easeware\DriverEasy \drivers\p2gicro5.1yy\driver_modem_toshiba_TC00221 400D.exe
2010-06-20 09:15 . 2010-06-20 09:15 -------- d-----w- c:\windows\system32\RTCOM
2010-06-20 09:06 . 2010-06-20 09:17 -------- d--h--w- c:\program files\Temp
2010-06-20 08:48 . 2005-12-12 14:27 19072 ----a-w- c:\windows\system32\drivers\PS2.sys
2010-06-20 08:48 . 2010-06-20 08:48 -------- d-----w- C:\HP
2010-06-20 08:14 . 2010-06-20 08:14 -------- d-----w- c:\programdata\PC Suite
2010-06-20 08:14 . 2010-06-20 08:14 -------- d-----w- c:\users\zinzo\AppData\Roaming\PC Suite
2010-06-20 07:55 . 2010-06-20 07:55 -------- d-----w- c:\program files\DIFX
2010-06-20 07:55 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-06-20 07:53 . 2010-06-20 07:55 -------- dc----w- c:\windows\system32\DRVSTORE
2010-06-20 07:53 . 2009-12-22 02:31 36640 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
2010-06-20 07:53 . 2009-12-22 02:31 217088 ----a-w- c:\windows\system32\FsUsbExService.Exe
2010-06-20 07:53 . 2009-11-03 06:32 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll
2010-06-20 07:52 . 2010-06-20 10:39 -------- d-----w- c:\program files\PC Connectivity Solution
2010-06-20 07:52 . 2010-06-20 10:38 -------- d-----w- c:\users\zinzo\AppData\Roaming\Samsung
2010-06-20 07:52 . 2010-06-20 10:38 -------- d-----w- c:\programdata\Samsung
2010-06-20 07:52 . 2010-06-20 07:52 -------- d-----w- c:\program files\MarkAny
2010-06-20 07:52 . 2010-06-20 10:38 -------- d-----w- c:\program files\Samsung
2010-06-20 07:51 . 2010-06-20 10:38 -------- d-----w- c:\program files\Common Files\Samsung
2010-06-20 07:36 . 2010-06-20 07:37 -------- d-----w- c:\program files\AGEIA Technologies
2010-06-20 07:36 . 2010-06-20 07:36 -------- d-----w- c:\windows\system32\AGEIA
2010-06-20 07:36 . 2010-06-20 07:36 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-06-20 07:29 . 2010-06-20 07:29 -------- d-----w- C:\NVIDIA
2010-06-20 07:06 . 2010-03-02 14:04 53248 ----a-w- c:\windows\system32\CSVer.dll
2010-06-20 07:06 . 2010-06-20 07:06 -------- d-----w- c:\program files\Intel
2010-06-20 07:06 . 2010-06-20 07:06 -------- d-----w- C:\Intel
2010-06-20 06:42 . 2010-06-20 06:42 -------- d-----w- c:\users\zinzo\AppData\Roaming\WinBatch
2010-06-20 06:38 . 2010-06-20 06:38 -------- d-----w- c:\users\zinzo\AppData\Roaming\Easeware
2010-06-20 06:34 . 2010-06-20 06:34 -------- d-----w- c:\users\zinzo\AppData\Local\Innovative Solutions
2010-06-20 06:34 . 2010-06-20 06:34 -------- d-----w- c:\programdata\Innovative Solutions
2010-06-19 06:44 . 2010-06-20 20:50 -------- d-----w- c:\program files\Common Files\Acronis
2010-06-19 06:44 . 2010-06-19 06:44 -------- d-----w- c:\program files\Acronis
2010-06-18 21:43 . 2010-06-18 21:43 -------- d-----w- c:\users\zinzo\AppData\Roaming\KC Softwares
2010-06-17 19:47 . 2010-06-17 19:47 -------- d-----w- c:\program files\Application Updater
2010-06-17 19:47 . 2010-06-26 17:38 -------- d-----w- c:\program files\pdfforge Toolbar
2010-06-17 19:47 . 2001-10-28 15:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2010-06-17 19:47 . 2010-06-17 19:56 -------- d-----w- c:\program files\PDFCreator
2010-06-17 19:47 . 1998-08-05 06:45 122128 ----a-w- c:\windows\system32\VB6IT.DLL
2010-06-17 19:47 . 1998-08-05 06:45 150528 ----a-w- c:\windows\system32\MSCMCIT.DLL
2010-06-17 19:47 . 1998-08-05 06:45 63488 ----a-w- c:\windows\system32\MSCC2IT.DLL
2010-06-17 19:47 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2010-06-13 17:29 . 2010-06-13 17:29 -------- d-----w- c:\users\zinzo\AppData\Roaming\Auslogics
2010-06-13 17:29 . 2010-06-13 17:29 -------- d-----w- c:\program files\Auslogics
2010-06-11 12:58 . 2010-04-05 17:01 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-06-11 12:58 . 2010-05-26 14:47 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-06-11 12:58 . 2010-05-26 17:06 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-06-05 16:13 . 2008-08-02 09:58 44544 ----a-w- c:\windows\system32\msxml4a.dll
2010-06-05 16:13 . 2010-06-05 16:13 -------- d-----w- c:\program files\TeXnicCenter
2010-05-31 10:12 . 2010-05-31 10:15 -------- d-----w- c:\temp\Windows XP Professional with Service Pack 3 (x86) - CD (English)
2010-05-31 09:27 . 2010-05-31 09:30 -------- d-----w- c:\temp\Windows XP Professional with Service Pack 2 (Italian)

[zinzo]

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2010-06-26 17:09 . 2010-04-09 09:25 0 ----a-w- c:\users\zinzo\AppData\Local\prvlcl.dat
2010-06-25 18:35 . 2010-06-20 07:36 62332 ----a-w- c:\programdata\nvModes.dat
2010-06-25 05:59 . 2009-12-20 15:05 -------- d-----w- c:\users\zinzo\AppData\Roaming\uTorrent
2010-06-22 16:30 . 2006-11-06 01:52 662846 ----a-w- c:\windows\system32\perfh010.dat
2010-06-22 16:30 . 2006-11-06 01:52 120326 ----a-w- c:\windows\system32\perfc010.dat
2010-06-21 20:24 . 2010-01-02 18:17 -------- d-----w- c:\program files\RadarSync
2010-06-21 19:37 . 2010-03-19 20:48 -------- d-----w- c:\program files\CDBurnerXP
2010-06-21 18:53 . 2010-01-09 17:21 -------- d-----w- c:\program files\Ashampoo
2010-06-20 10:11 . 2006-12-15 16:05 -------- d-----w- c:\program files\TOSHIBA
2010-06-20 09:48 . 2006-12-16 06:43 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-20 09:14 . 2006-12-16 07:03 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-06-20 09:14 . 2010-06-20 09:14 -------- d-----w- c:\program files\Realtek
2010-06-20 07:41 . 2006-12-16 08:43 -------- d-----w- c:\programdata\NVIDIA
2010-06-20 07:20 . 2009-12-20 13:58 25159 ----a-w- c:\users\zinzo\AppData\Roaming\nvModes.dat
2010-06-17 20:19 . 2009-12-21 00:01 -------- d-----w- c:\program files\Messenger Plus! Live
2010-06-12 10:14 . 2010-02-06 23:24 -------- d-----w- c:\users\zinzo\AppData\Roaming\Skype
2010-06-12 10:09 . 2010-02-06 23:28 -------- d-----w- c:\users\zinzo\AppData\Roaming\skypePM
2010-06-11 14:52 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-11 13:23 . 2009-12-20 16:03 -------- d-----w- c:\programdata\Microsoft Help
2010-06-04 16:54 . 2009-12-22 10:19 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-02 13:50 . 2010-01-11 20:12 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-06-02 13:50 . 2010-01-11 20:12 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-05-26 09:14 . 2009-12-20 16:42 -------- d-----w- c:\program files\Microsoft
2010-05-21 12:14 . 2009-12-23 18:49 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-19 17:33 . 2009-12-20 15:16 -------- d-----w- c:\program files\uTorrent
2010-05-17 18:47 . 2010-05-15 21:18 -------- d-----w- c:\program files\Video Enhancer
2010-05-14 11:12 . 2010-05-14 11:12 1341952 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Widget.PhoneBook.dll
2010-05-12 00:14 . 2010-05-12 00:14 207672 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\lame.exe
2010-05-12 00:14 . 2010-05-12 00:14 103736 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\BinaryLoaderMgr.exe
2010-05-12 00:13 . 2010-05-12 00:13 271160 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\FusDataCollector.exe
2010-05-12 00:13 . 2010-05-12 00:13 3365176 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\KiesTrayAgent.exe
2010-05-12 00:13 . 2010-05-12 00:13 1765688 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\MelodyTransfer.exe
2010-05-12 00:13 . 2010-05-12 00:13 265016 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\MCS.Thunder.Update.exe
2010-05-12 00:13 . 2010-05-12 00:13 622904 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\MSC.Thunder.FirmwareUpdate.exe
2010-05-12 00:13 . 2010-05-12 00:13 383288 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\OsDependent\x86\KiesDeviceErrorRecv.exe
2010-05-12 00:13 . 2010-05-12 00:13 7860536 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Kies.exe
2010-05-12 00:13 . 2010-05-12 00:13 7860536 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\MSC.Thunder.MainStage.exe
2010-05-12 00:13 . 2010-05-12 00:13 4002816 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Widget.ContentsManager .dll
2010-05-12 00:13 . 2010-05-12 00:13 552448 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Widget.PodCast.dll
2010-05-12 00:13 . 2010-05-12 00:13 976384 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Widget.DLNA.dll
2010-05-12 00:12 . 2010-05-12 00:12 1689088 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Widget.MyDiary.dll
2010-05-12 00:12 . 2010-05-12 00:12 378880 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Widget.MessageViewer.d ll
2010-05-12 00:12 . 2010-05-12 00:12 95232 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Widget.EasyStart.dll
2010-05-12 00:12 . 2010-05-12 00:12 15872 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Widget.Test.dll
2010-05-12 00:12 . 2010-05-12 00:12 129024 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Widget.InternetConnect or.dll
2010-05-12 00:12 . 2010-05-12 00:12 1382400 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Widget.VideoEditor.dll
2010-05-12 00:12 . 2010-05-12 00:12 319488 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Widget.Onlineshop.dll
2010-05-12 00:12 . 2010-05-12 00:12 432640 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Widget.MusicPlayer.dll
2010-05-12 00:12 . 2010-05-12 00:12 553984 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Widget.VideoPlayer.dll
2010-05-12 00:12 . 2010-05-12 00:12 263168 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Widget.Memo.dll
2010-05-12 00:10 . 2010-05-12 00:10 116736 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Network.dll
2010-05-12 00:10 . 2010-05-12 00:10 116736 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\MSC.Thunder.Network.dll
2010-05-12 00:10 . 2010-05-12 00:10 9362944 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.UI.dll
2010-05-12 00:08 . 2010-05-12 00:08 53248 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\Interop.DevFileServiceLib.dll
2010-05-12 00:08 . 2010-05-12 00:08 53248 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Interop.DevFileServiceLib.dll
2010-05-12 00:08 . 2010-05-12 00:08 28672 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\Interop.DeviceSearchLib.dll
2010-05-12 00:08 . 2010-05-12 00:08 28672 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Interop.DeviceSearchLib.dll
2010-05-12 00:08 . 2010-05-12 00:08 199168 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DeviceSearch.dll
2010-05-12 00:08 . 2010-05-12 00:08 604160 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DevFileService.dll
2010-05-12 00:07 . 2010-05-12 00:07 578048 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\SyncService.dll
2010-05-12 00:07 . 2010-05-12 00:07 254464 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DeviceDataService.exe
2010-05-12 00:07 . 2010-05-12 00:07 1144320 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCAPARAGONOBEX.dll
2010-05-12 00:07 . 2010-05-12 00:07 981504 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCAPARAGONATOBEX.dll
2010-05-12 00:06 . 2010-05-12 00:06 535552 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCAPARAGONGM.dll
2010-05-12 00:06 . 2010-05-12 00:06 434176 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCASYM.dll
2010-05-12 00:06 . 2010-05-12 00:06 1008128 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCAKOREAMITSOBEX.dll
2010-05-12 00:06 . 2010-05-12 00:06 906240 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCAMITS2OBEX.dll
2010-05-12 00:06 . 2010-05-12 00:06 817152 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCAGMOBEX.dll
2010-05-12 00:05 . 2010-05-12 00:05 741376 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCADU.dll
2010-05-12 00:05 . 2010-05-12 00:05 577024 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCACHINAHSP.dll
2010-05-12 00:05 . 2010-05-12 00:05 526848 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCAGM.dll
2010-05-12 00:05 . 2010-05-12 00:05 333312 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCAHSP.dll
2010-05-12 00:05 . 2010-05-12 00:05 904192 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCAATOBEX.dll
2010-05-12 00:05 . 2010-05-12 00:05 999936 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCAOBEX.dll
2010-05-12 00:04 . 2010-05-12 00:04 632320 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCAWM.dll
2010-05-12 00:04 . 2010-05-12 00:04 434688 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCAATCDMA.dll
2010-05-12 00:04 . 2010-05-12 00:04 505856 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCAKOREAHSP.dll
2010-05-12 00:04 . 2010-05-12 00:04 897024 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCAMITSOBEX.dll
2010-05-12 00:04 . 2010-05-12 00:04 595968 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DeviceManager.exe
2010-05-12 00:04 . 2010-05-12 00:04 640512 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DCASW.dll
2010-05-12 00:03 . 2010-05-12 00:03 58368 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DeviceCommunication.dl l
2010-05-12 00:03 . 2010-05-12 00:03 18944 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\HSPConnection.exe
2010-05-12 00:03 . 2010-05-12 00:03 136704 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\ConnectionManager.exe
2010-05-12 00:03 . 2010-05-12 00:03 67584 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DeviceErrorRecovery.dl l
2010-05-12 00:03 . 2010-05-12 00:03 33280 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\FUSBCommander.exe
2010-05-12 00:03 . 2010-05-12 00:03 152064 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\THNRProghelp.dll

[menatwork]

zinzo devi postare il rapporto completo, semmai caricalo qui

[zinzo]

2010-05-12 00:03 . 2010-05-12 00:03 278528 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\MObexDll.dll
2010-05-12 00:03 . 2010-05-12 00:03 15872 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\IPCLib.dll
2010-05-12 00:03 . 2010-05-12 00:03 56320 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DeviceServiceModelDB.d ll
2010-05-12 00:03 . 2010-05-12 00:03 47616 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DeviceServiceCore.dll
2010-05-12 00:03 . 2010-05-12 00:03 182272 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DeviceServiceCBT.dll
2010-05-12 00:03 . 2010-05-12 00:03 97792 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Program Files\Common Files\Samsung\DeviceService\DeviceServiceHSPAgent. dll
2010-05-11 05:00 . 2010-05-11 05:00 4548568 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\MyFreeCodecPack.exe
2010-05-10 08:03 . 2010-05-10 08:03 93696 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\DCInterface.dll
2010-05-10 08:03 . 2010-05-10 08:03 510976 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\DataConversion.dll
2010-05-10 08:03 . 2010-05-10 08:03 330752 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\DataParser.dll
2010-05-10 08:03 . 2010-05-10 08:03 154624 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\MDGDBProxy.dll
2010-05-10 08:03 . 2010-05-10 08:03 108032 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\DataType.dll
2010-05-07 14:47 . 2010-05-07 14:47 7168 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\bg-BG\MCS.Thunder.Update.resources.dll
2010-05-07 10:49 . 2010-05-07 10:49 47104 ----a-w- c:\users\zinzo\AppData\Roaming\Samsung\Kies\Update Temp\Sub\Widget\MSC.Thunder.Update.Util.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2010-01-08 01:17 700416 ----a-w- c:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll" [2010-01-08 700416]

[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2006-11-13 413696]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2005-09-03 94208]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2006-12-14 411768]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2006-12-14 493688]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2006-12-11 530552]
"NDSTray.exe"="NDSTray.exe" [BU]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2006-12-15 577536]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.e xe" [2001-07-09 155648]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-02 2065248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-18 1451304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2006-12-16 77824]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-10-24 107112]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2006-10-26 22696]
"SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2010-01-07 974848]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2009-01-30 92704]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-30 9210400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dl l

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDog305]
2007-08-02 15:34 61440 ----a-w- c:\windows\VM305_STI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng]
2009-07-22 11:40 83336 ----a-w- c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):5a,62,d2,d0,3f,86,ca,01

R3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMN DISV.SYS [2009-08-03 38448]
R3 ZSMC0305;A4 TECH PC Camera V;c:\windows\system32\Drivers\usbVM305.sys [x]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-03-13 216200]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-06-02 242896]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsd efs\20091217.003\IDSvix86.sys [2009-11-20 286768]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-01-07 380928]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-13 308064]
S2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2009-12-22 95568]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\ FsUsbExService.Exe [2009-12-22 217088]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgde rdrv.sys [2009-12-22 18136]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbE xDisk.SYS [2009-12-22 36640]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-19 7168]
S3 NETw5v32;Driver scheda Intel(R) Wireless WiFi Link per Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2010-01-13 6628352]

[zinzo]

--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenuto della cartella 'Scheduled Tasks'

2010-06-25 c:\windows\Tasks\Norton Internet Security - Scansione completa sistema - zinzo.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2006-11-07 17:48]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.fiorentina.it/
uInternet Settings,ProxyOverride = local
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?IT
TCP: {C1F45C81-FF6D-426A-8D60-551511C684BF} = 192.168.1.1
FF - ProfilePath - c:\users\zinzo\AppData\Roaming\Mozilla\Firefox\Pro files\ec1ih4su.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2420539&SearchSource=3&q={s earchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.fiorentina.it
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: c:\program files\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll
FF - component: c:\program files\pdfforge Toolbar\SSFF\components\SearchSettingsFF.dll
FF - component: c:\users\zinzo\AppData\Roaming\Mozilla\Firefox\Pro files\ec1ih4su.default\extensions\{de7f8f69-d11f-4b97-9a00-b0e42dfdcc93}\components\FFExternalAlert.dll
FF - component: c:\users\zinzo\AppData\Roaming\Mozilla\Firefox\Pro files\ec1ih4su.default\extensions\{de7f8f69-d11f-4b97-9a00-b0e42dfdcc93}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 10);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_every where__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_bro ken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKCU-Run-KiesTrayAgent - (no file)
HKLM-Run-NWEReboot - (no file)
AddRemove-TOSHIBA Software Modem - c:\windows\agrsmdel
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall .exe



************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-26 19:40
Windows 6.0.6002 Service Pack 2 NTFS

scansione processi nascosti ...

[0] 0x73002000

scansione entrate autostart nascoste ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i????? zz????????? ???X?????????

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

************************************************** ************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Ora fine scansione: 2010-06-26 19:45:29
ComboFix-quarantined-files.txt 2010-06-26 17:45

Pre-Run: 98.522.009.600 byte disponibili
Post-Run: 98.457.993.216 byte disponibili

- - End Of File - - 9751A762F09752BC7272407480BB6C25

[menatwork]

zinzo cortesemente puoi caricare il rapporto? ci sono delle cose poco chiare, forse lo hai copiato male

copia il rapporto complrto in un file di testo e caricalo qui

non incollarlo