Hello peku006!
Thank you for helping me!
The scan with Malwarebytes' Anti-Malware found 4 infections but they were on 2 other pcs (even if I didn't select the rispective letter drive)
Here's the log:
Malwarebytes' Anti-Malware 1.34
Versione del database: 1753
Windows 5.0.2195 Service Pack 4
12/02/2009 16.15.29
mbam-log-2009-02-12 (16-15-29).txt
Tipo di scansione: Scansione completa (A:\|C:\|D:\|E:\|F:\|G:\|)
Elementi scansionati: 107278
Tempo trascorso: 1 hour(s), 14 minute(s), 14 second(s)
Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 1
File infetti: 3
Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)
Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)
Chiavi di registro infette:
(Nessun elemento malevolo rilevato)
Valori di registro infetti:
(Nessun elemento malevolo rilevato)
Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)
Cartelle infette:
H:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665 (Trojan.Conficker.H) -> Quarantined and deleted successfully.
File infetti:
H:\autorun.inf (Trojan.Conficker.H) -> Quarantined and deleted successfully.
H:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx (Trojan.Conficker.H) -> Quarantined and deleted successfully.
T:\autorun.inf (Trojan.Conficker.H) -> Delete on reboot.
Logfile of random's system information tool 1.05 (written by random/random)Run by Administrator at 2009-02-12 16:34:36
Microsoft Windows 2000 Professional Service Pack 4
System drive C: has 3 GB (32%) free of 10 GB
Total RAM: 511 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16.34.55, on 12/02/2009
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINNT\system32\bgsvcgen.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\Programmi\FLIR Systems\ThermaCAM QuickView 2\T3Srv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\drivers\KodakCCS.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\oodag.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINNT\system32\stisvc.exe
C:\Programmi\FLIR Systems\Device Drivers\T3Srv.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\Programmi\Analog Devices\SoundMAX\DrvLsnr.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\PROGRA~1\WIDCOMM\SOFTWA~1\BTSTAC~1.EXE
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Mozilla Thunderbird\thunderbird.exe
C:\WINNT\explorer.exe
C:\Documents and Settings\Administrator\Desktop\RSIT.exe
C:\Programmi\HijackThis\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - G:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (file missing)
O4 - HKLM\..\Run: [DrvLsnr] C:\Programmi\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AVP] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Programmi\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: BTTray.lnk = C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Statistiche sulla protezione del traffico Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O16 - DPF: {13149882-F480-4F6B-8C6A-0764F75B99ED} (CrazyTalk4 Control) -
http://plug-in.reallusion.com/CrazyTalk4.cabO16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) -
http://www.eset.eu/buxus/docs/OnlineScanner.cabO16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/IT-IT/a-U ... E_UNO1.cabO16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) -
http://www.nvidia.com/content/DriverDow ... rtScan.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b56907.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{46AA183D-08D8-4F06-99CC-5F02635E7636}: NameServer = 151.99.125.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E5E72B87-5298-4953-BD78-BAD92DCB4C6F}: NameServer = 151.99.125.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{46AA183D-08D8-4F06-99CC-5F02635E7636}: NameServer = 151.99.125.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{46AA183D-08D8-4F06-99CC-5F02635E7636}: NameServer = 151.99.125.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINNT\system32\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: FLIR Camera Monitor (CameraMonitor) - FLIR Systems - C:\Programmi\FLIR Systems\ThermaCAM QuickView 2\T3Srv.exe
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINNT\system32\drivers\KodakCCS.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINNT\system32\oodag.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Programmi\File comuni\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: FLIR Systems Camera Monitor (T3Srv) - FLIR Systems - C:\Programmi\FLIR Systems\Device Drivers\T3Srv.exe
--
End of file - 6706 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll [2008-07-17 62728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - @msdxmLC.dll,-1@1033,&Radio - C:\WINNT\system32\msdxm.ocx [2005-06-03 850192]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - G:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DrvLsnr"=C:\Programmi\Analog Devices\SoundMAX\DrvLsnr.exe [2003-05-08 69632]
"Synchronization Manager"=mobsync.exe /logon []
"AVP"=C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2009-02-10 201992]
"NvCplDaemon"=C:\WINNT\system32\NvCpl.dll [2003-07-28 4841472]
"nwiz"=nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WZCSVC"=3
"SCardSvr"=3
"SCardDrv"=3
"Adobe LM Service"=3
"BITS"=3
"wuauserv"=2
"Messenger"=2
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica
BTTray.lnk - C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~1\kasper~1\kasper~1\mzvkbd.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINNT\system32\klogon.dll [2008-04-25 206088]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FFFFFFFF
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.scr - open - "%windir%\system32\notepad.exe" "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2009-02-12 16:34:36 ----D---- C:\rsit
2009-02-10 16:39:03 ----D---- C:\Lop SD
2009-02-04 16:47:25 ----SHD---- C:\RECYCLER
2009-02-02 16:33:45 ----D---- C:\Programmi\EsetOnlineScanner
2009-02-02 16:21:01 ----D---- C:\_OTMoveIt
2009-02-02 14:12:42 ----D---- C:\Programmi\TVAnts
2009-01-29 15:41:43 ----D---- C:\Documents and Settings\Administrator\Dati applicazioni\WinRAR
2009-01-29 15:27:54 ----D---- C:\WINNT\ERUNT
2009-01-29 15:24:09 ----A---- C:\WINNT\ntbtlog.txt
2009-01-29 15:13:04 ----D---- C:\SDFix
2009-01-29 14:47:36 ----D---- C:\Rooter$
2009-01-29 09:16:22 ----A---- C:\WINNT\gmer.ini
2009-01-29 09:16:19 ----A---- C:\WINNT\gmer_uninstall.cmd
2009-01-29 09:16:19 ----A---- C:\WINNT\gmer.exe
2009-01-29 09:16:19 ----A---- C:\WINNT\gmer.dll
2009-01-28 14:23:24 ----RASHD---- C:\autorun.inf
2009-01-27 11:12:25 ----A---- C:\WINNT\system32\E_DCINST.DLL
2009-01-21 12:34:55 ----D---- C:\Documents and Settings\Administrator\Dati applicazioni\Thunderbird
2009-01-19 12:06:31 ----D---- C:\Programmi\Nsasoft
======List of files/folders modified in the last 1 months======
2009-02-12 16:34:37 ----D---- C:\Programmi\HijackThis
2009-02-12 16:28:16 ----AD---- C:\WINNT\system32
2009-02-12 16:27:00 ----AD---- C:\WINNT\Temp
2009-02-12 16:24:05 ----D---- C:\Programmi\Mozilla Thunderbird
2009-02-12 16:23:24 ----D---- C:\Programmi\Mozilla Firefox
2009-02-12 16:22:30 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab
2009-02-12 16:22:01 ----AD---- C:\WINNT\Debug
2009-02-12 16:20:29 ----D---- C:\WINNT\system32\NtmsData
2009-02-12 16:18:23 ----AD---- C:\WINNT\system32\drivers
2009-02-12 16:16:51 ----A---- C:\WINNT\SchedLgU.Txt
2009-02-12 14:55:27 ----D---- C:\Programmi\Malwarebytes' Anti-Malware
2009-02-12 14:14:35 ----A---- C:\WINNT\NeroDigital.ini
2009-02-12 09:08:42 ----AD---- C:\WINNT\security
2009-02-09 09:24:02 ----D---- C:\Programmi\Look@LAN
2009-02-03 17:02:21 ----HD---- C:\WINNT\system32\GroupPolicy
2009-02-02 16:59:33 ----SD---- C:\WINNT\Downloaded Program Files
2009-02-02 16:33:45 ----AD---- C:\Programmi
2009-01-29 15:40:28 ----HD---- C:\WINNT\inf
2009-01-29 15:40:28 ----AD---- C:\WINNT\Help
2009-01-29 15:40:22 ----RASHDC---- C:\WINNT\system32\dllcache
2009-01-29 15:38:03 ----AD---- C:\WINNT
2009-01-29 15:08:16 ----D---- C:\Programmi\MessengerPlus! 3
2009-01-29 11:23:24 ----D---- C:\Programmi\EvilLyrics
2009-01-27 11:17:58 ----D---- C:\Programmi\EPSON Print CD
2009-01-22 10:11:19 ----SHD---- C:\WINNT\Installer
2009-01-22 10:11:19 ----AHD---- C:\Config.Msi
2009-01-21 12:29:47 ----D---- C:\Programmi\CCleaner
2009-01-16 10:46:46 ----D---- C:\Programmi\Mplayerc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Cdr4_2K;Cdr4_2K; C:\WINNT\system32\drivers\Cdr4_2K.sys [2005-11-03 2432]
R1 Cdralw2k;Cdralw2k; C:\WINNT\system32\drivers\Cdralw2k.sys [2005-11-03 2560]
R1 DcCam;Kodak Camera Proxy; C:\WINNT\system32\DRIVERS\DcCam.sys [2005-06-16 37150]
R1 kbdhid;Driver di tastiera HID; C:\WINNT\System32\DRIVERS\kbdhid.sys [1999-12-22 13776]
R1 KLIF;Kaspersky Lab Driver; C:\WINNT\system32\DRIVERS\klif.sys [2009-02-10 215824]
R2 DCFS2K;Kodak DCFS2K Driver; C:\WINNT\system32\drivers\dcfs2k.sys [2005-03-31 38673]
R2 eugss;EUTRON SmartKey GSS2 Driver; \??\C:\WINNT\system32\Drivers\eugss2k.sys []
R2 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINNT\system32\Drivers\eusk2par.sys []
R2 HidUsb;Driver di classe HID Microsoft; C:\WINNT\System32\DRIVERS\hidusb.sys [1999-10-04 13904]
R3 aeaudio;aeaudio; C:\WINNT\system32\drivers\aeaudio.sys [2003-03-13 100224]
R3 btaudio;Periferica audio Bluetooth; C:\WINNT\system32\drivers\btaudio.sys [2005-09-16 428269]
R3 BTKRNL;Enumeratore bus Bluetooth; C:\WINNT\system32\drivers\btkrnl.sys [2005-09-16 853258]
R3 dtscsi;dtscsi; C:\WINNT\System32\Drivers\dtscsi.sys [2007-03-09 223128]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINNT\system32\DRIVERS\klim5.sys [2008-03-25 24592]
R3 nv;nv; C:\WINNT\system32\DRIVERS\nv4_mini.sys [2003-07-28 1341339]
R3 pfc;Padus ASPI Shell; C:\WINNT\system32\drivers\pfc.sys [2007-08-10 10368]
R3 rtl8139;Realtek RTL8139-based PCI Fast Ethernet Adapter NT Driver; C:\WINNT\System32\DRIVERS\RTL8139.SYS [1999-09-25 18704]
R3 smwdm;smwdm; C:\WINNT\system32\drivers\smwdm.sys [2003-05-27 578304]
R3 StillCam;Driver per fotocamera digitale seriale; C:\WINNT\System32\DRIVERS\serscan.sys [1999-12-22 6832]
R3 uhcd;Driver host controller Universal USB Microsoft; C:\WINNT\System32\DRIVERS\uhcd.sys [2003-06-19 32848]
R3 usbhub;Driver hub USB standard Microsoft; C:\WINNT\System32\DRIVERS\usbhub.sys [2003-06-19 40176]
S1 Exportit;Exportit; C:\WINNT\system32\DRIVERS\exportit.sys [2005-03-31 152081]
S2 Eutron-Emu;Eutron-Emu; C:\WINNT\System32\drivers\Eutron-Emu.sys [2006-08-19 9216]
S3 Bcim;Bandwidth Controller kernel component; C:\WINNT\system32\DRIVERS\bcim.sys []
S3 BT2KNDFL;Driver del server di accesso alla rete LAN Bluetooth - Filter; C:\WINNT\system32\DRIVERS\bt2kndfl.sys [2005-09-16 3879]
S3 BTDriver;Driver di comunicazioni virtuali Bluetooth; C:\WINNT\system32\DRIVERS\btport.sys [2005-09-16 30363]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINNT\system32\DRIVERS\btwdndis.sys [2005-09-16 148360]
S3 btwhid;btwhid; C:\WINNT\system32\DRIVERS\btwhid.sys [2004-01-20 43299]
S3 btwmodem;Modem Bluetooth; C:\WINNT\system32\DRIVERS\btwmodem.sys [2005-09-16 30221]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINNT\System32\Drivers\btwusb.sys [2005-09-16 64344]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINNT\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 DcFpoint;DcFpoint; C:\WINNT\system32\DRIVERS\DcFpoint.sys [2005-03-31 61564]
S3 DcLps;Legacy Polling Service; C:\WINNT\system32\DRIVERS\DcLps.sys [2005-03-31 8022]
S3 DcPTP;dcptp; C:\WINNT\system32\DRIVERS\DcPTP.sys [2005-03-31 70262]
S3 E100B;Intel(R) PRO Network Connection Driver; C:\WINNT\System32\DRIVERS\e100bnt5.sys [2007-03-14 154760]
S3 eusk3usb;SmartKey 3 USB; C:\WINNT\System32\Drivers\eusk3usb.sys []
S3 FLIRUSBRNDIS;FLIR Camera USB Network Device Driver; C:\WINNT\system32\DRIVERS\usb8023k.sys [2006-05-05 13824]
S3 gmer;gmer; C:\WINNT\System32\DRIVERS\gmer.sys [2009-01-29 85969]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINNT\system32\DRIVERS\ewusbmdm.sys [2006-12-04 88960]
S3 motccgp;Motorola USB Composite Device Driver; C:\WINNT\system32\DRIVERS\motccgp.sys [2007-06-20 17920]
S3 motccgpfl;MotCcgpFlService; C:\WINNT\system32\DRIVERS\motccgpfl.sys [2007-01-23 7680]
S3 MotDev;Motorola Inc. USB Device; C:\WINNT\system32\DRIVERS\motodrv.sys [2007-09-07 42112]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINNT\system32\DRIVERS\motmodem.sys [2007-06-20 23680]
S3 mouhid;Driver di mouse HID; C:\WINNT\System32\DRIVERS\mouhid.sys [2003-06-19 11632]
S3 MPE;BDA MPE Filter; C:\WINNT\system32\DRIVERS\MPE.sys [2004-07-09 15104]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINNT\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINNT\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINNT\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nv4;nv4; C:\WINNT\System32\DRIVERS\nv4.sys [1999-10-27 345040]
S3 skeyusb;SmartKey USB; C:\WINNT\System32\Drivers\skeyusb.sys [2006-03-10 43968]
S3 SLIP;BDA Slip De-Framer; C:\WINNT\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINNT\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 TSP;TSP; \??\C:\WINNT\system32\drivers\klif.sys []
S3 UALFDrv2;UALFDrv2; C:\WINNT\System32\DRIVERS\UALFDrv2.sys [2006-09-12 46309]
S3 usbaudio;Driver audio USB (WDM); C:\WINNT\system32\drivers\usbaudio.sys [1999-10-12 68912]
S3 usbprint;Classe stampanti USB Microsoft; C:\WINNT\System32\DRIVERS\usbprint.sys [2003-06-19 21872]
S3 usbscan;Driver scanner USB; C:\WINNT\System32\DRIVERS\usbscan.sys [2003-06-19 12592]
S3 USBSTOR;Driver archiviazione di massa USB; C:\WINNT\System32\DRIVERS\USBSTOR.SYS [2003-06-19 21552]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINNT\system32\DRIVERS\vmnetadapter.sys []
S3 Wdf01000;Wdf01000; C:\WINNT\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINNT\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 IntelIde;IntelIde; C:\WINNT\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AVP;Kaspersky Anti-Virus; C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2009-02-10 201992]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINNT\system32\bgsvcgen.exe [2005-04-30 86016]
R2 btwdins;Bluetooth Service; C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe [2005-09-16 266295]
R2 CameraMonitor;FLIR Camera Monitor; C:\Programmi\FLIR Systems\ThermaCAM QuickView 2\T3Srv.exe [2006-06-08 140896]
R2 HidServ;HID Input Service; C:\WINNT\system32\hidserv.exe [2003-06-19 19728]
R2 KodakCCS;Kodak Camera Connection Software; C:\WINNT\system32\drivers\KodakCCS.exe [2005-03-30 411920]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINNT\System32\svchost.exe [1999-12-23 7952]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINNT\system32\nvsvc32.exe [2003-07-28 77824]
R2 O&O Defrag;O&O Defrag; C:\WINNT\system32\oodag.exe [2008-09-04 1295616]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINNT\System32\svchost.exe [1999-12-23 7952]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 StiSvc;Still Image Service; C:\WINNT\system32\stisvc.exe [2003-06-19 62224]
R2 T3Srv;FLIR Systems Camera Monitor; C:\Programmi\FLIR Systems\Device Drivers\T3Srv.exe [2007-02-01 140896]
S3 aspnet_state;ASP.NET State Service; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-29 654848]
S3 hpqcxs08;hpqcxs08; C:\WINNT\system32\svchost.exe [1999-12-23 7952]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Programmi\File comuni\SolidWorks Shared\Service\SolidWorksLicensing.exe [2007-06-27 79360]
S3 WmdmPmSN;Servizio Numero di serie per dispositivi multimediali portatili; C:\WINNT\System32\svchost.exe [1999-12-23 7952]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-02-12 16:35:01
======Uninstall list======
-->C:\WINNT\$NtServicePackUninstall$\spuninst\spuninst.exe
-->msiexec /x{1C32666E-3F65-4A9A-BC4D-FE293015FE7B}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{2ECB009A-87BC-4E01-977E-65DA01E64D7D}\Setup.exe" -l0x10
32 Bit HP BiDi Channel Components Installer-->MsiExec.exe /I{9DE3F260-B88E-42CE-90E7-73C78C37D95E}
ACDSee Pro-->MsiExec.exe /I{F99F74B4-972B-4B06-B893-6B3B0DB0128B}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\WINNT\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINNT\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINNT\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 9 - Italiano-->MsiExec.exe /I{AC76BA86-7AD7-1040-7B44-A90000000001}
Adobe Shockwave Player-->C:\WINNT\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINNT\system32\Macromed\SHOCKW~1\Install.log
Aggiornamento cumulativo 1 per Windows 2000 SP4-->"C:\WINNT\$NtUpdateRollupPackUninstall$\spuninst\spuninst.exe"
Aggiornamento del sistema Windows Media Player (9 Series)-->C:\PROGRA~1\WINDOW~2\setup_wm.exe /Uninstall
Aggiornamento rapido di Windows Media Player [Per ulteriori informazioni vedere Q828026]-->C:\WINNT\$NtUninstallQ828026$\spuninst\spuninst.exe
AutoPlay Media Studio 6.0 Mega Content Pack-->"C:\WINNT\AutoPlay Media Studio 6.0 Mega Content Pack\uninstall.exe" "/U:C:\Programmi\AutoPlay Media Studio 6.0\Gallery\Uninstall\uninstall.xml"
AutoPlay Media Studio 6.0-->"C:\WINNT\AutoPlay Media Studio 6.0\uninstall.exe" "/U:C:\Programmi\AutoPlay Media Studio 6.0\Uninstall\uninstall.xml"
CCleaner (remove only)-->"C:\Programmi\CCleaner\uninst.exe"
CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
dBpoweramp Music Converter-->"C:\WINNT\system32\SpoonUninstall.exe" <uninstall>C:\WINNT\system32\SpoonUninstall-dBpoweramp Music Converter.dat
dBpoweramp Ogg Vorbis Codec-->"C:\WINNT\system32\SpoonUninstall.exe" <uninstall>C:\WINNT\system32\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat
eMule-->"G:\Programmi\eMule\Uninstall.exe"
EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x10 uninst
EPSON Print CD-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}\SETUP.EXE" -l0x10 -SYSTEM
ESET Online Scanner-->C:\WINNT\system32\OnlineScannerUninstaller.exe
EvilLyrics-->"C:\Programmi\EvilLyrics\uninst.exe"
FLIR FireWire Video Driver V2-->MsiExec.exe /X{49935EAC-4121-43E2-8FFA-E6F38F8FBE98}
FLIR USB Network Driver V2-->MsiExec.exe /X{F651FA4D-2AA0-440B-B0EB-2FB77CCC54D5}
FreePortScanner 2.7-->"C:\Programmi\Nsasoft\FreePortScanner\unins000.exe"
HijackThis 2.0.2-->"C:\Programmi\HijackThis\HijackThis.exe" /uninstall
Hotfix for MDAC 2.53 (KB911562)-->"C:\WINNT\$SQLUninstallMDAC25SP3-KB911562-x86-ITA$\spuninst\spuninst.exe"
Hotfix for MDAC 2.80 (KB927779)-->"C:\WINNT\$SQLUninstallMDAC28-KB927779-x86-ITA$\spuninst\spuninst.exe"
HP Extended Capabilities 5.3-->C:\Programmi\hp\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP LaserJet M1522 MFP Series 4.0-->C:\Programmi\HP\Digital Imaging\{C8A37F1F-E13B-48ae-93F8-4669264969F9}\setup\hpzscr01.exe -datfile hppscr08.dat -onestop -forcereboot
hp LaserJet-all-in-one-->C:\Programmi\hp\Digital Imaging\{1B4B2D13-BA87-4c7c-8B67-0EE7CE698415}\setup\hpzscr01.exe -datfile hpbscr01.dat
Intel(R) PRO Network Connections 12.1.12.0-->MsiExec.exe /i{777CA40C-0206-4EF6-A0FC-618BF06BF8D0} ARPREMOVE=1
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
Kaspersky Anti-Virus 6.0-->MsiExec.exe /I{75193929-9A52-4CA4-98DE-8C7296940920}
LaserAIO-->MsiExec.exe /I{DD23CAA4-8872-4B95-B263-EA46FD82CF19}
Look@LAN 2.50 Build 35-->C:\WINNT\iun6002.exe "C:\Programmi\Look@LAN\irunin.ini"
Malwarebytes' Anti-Malware-->"C:\Programmi\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB886903)-->"C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"
Microsoft .NET Framework 1.1 Italian Language Pack-->MsiExec.exe /X{F2D2B58B-B2FD-46D1-8319-DCE564079934}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 - Language Pack (italiano)-->C:\WINNT\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\install.exe
Microsoft .NET Framework 2.0-->C:\WINNT\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internet Explorer 6 SP1-->rundll32 C:\WINNT\system32\setupwbv.dll,IE6Maintenance C:\Programmi\Internet Explorer\IE Uninstall\W2KEXCP.EXE /u
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINNT\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office 2000 Professional-->MsiExec.exe /I{00010410-78E1-11D2-B60F-006097C998E7}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.6)-->C:\Programmi\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.19)-->C:\Programmi\Mozilla Thunderbird\uninstall\helper.exe
MSN Messenger 7.5-->MsiExec.exe /I{CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
Nero 8 Lite 8.3.6.0-->"C:\Programmi\Nero\unins000.exe"
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINNT\system32\nvinstnt.dll,NvUninstallNT4 nv4_disp.inf
O&O Defrag Professional Edition-->MsiExec.exe /I{E6CB18CD-04EF-4C6A-A5F3-5F49E7332895}
OrderReminder hp LaserJet 3015/3020/3030/3380-->C:\Programmi\Hewlett-Packard\OrderReminder\OrderReminder\Uninstall-hpLJ_3015-3020-3030-3380\installerhelper.exe C:\Programmi\Hewlett-Packard\OrderReminder\OrderReminder\Uninstall-hpLJ_3015-3020-3030-3380\installerhelper.properties -from-addremove
Pacchetto driver Windows - FLIR Systems (FLIRUSBRNDIS) Net (01/01/2005 1.0.0.1)-->rundll32.exe C:\PROGRA~1\DIFX\613CA917A2352ABE05BF59AA6EBFE49306A8B670\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINNT\system32\DRVSTORE\RNDIS_FLIR_4AD9BC6F64A01B215B94F2012A3D5477A6BB13DD\RNDIS_FLIR.inf
ScanToWeb-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLG
SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SISLabel-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{3C819ADC-4E02-11D6-9552-0008C73ADDFE}\setup.exe"
Skype 3.1-->"C:\Programmi\Skype\Phone\unins000.exe"
Skype Plugin Manager-->MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
Software Kodak EasyShare-->C:\Documents and Settings\All Users\Dati applicazioni\Kodak\EasyShareSetup\$SETUP_1e0010_1274da\Setup.exe /APR-REMOVE
Software per stampante EPSON-->C:\WINNT\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
SoundMAX-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
SPAC Automazione 2008 (C:\Programmi\SPAC Aut
Another infection found by Kaspersky:
Kaspersky try to disinfect it by a particular procedure that include a reboot of the pc.
But the infection still remain.