ecco qui' le altre scansioni che mi hai chiesto
[06/16/2008, 20:56:57] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\claudio\Desktop\VirtumundoBeGone.exe" )
[06/16/2008, 20:57:10] - Detected System Information:
[06/16/2008, 20:57:10] - Windows Version: 5.1.2600, Service Pack 3
[06/16/2008, 20:57:10] - Current Username: claudio (Admin)
[06/16/2008, 20:57:10] - Windows is in SAFE mode with Networking.
[06/16/2008, 20:57:10] - Searching for Browser Helper Objects:
[06/16/2008, 20:57:10] - BHO 1: {1E8A6170-7264-4D0F-BEAE-D42A53123C75} ()
[06/16/2008, 20:57:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[06/16/2008, 20:57:10] - Checking for HKLM\...\Winlogon\Notify\NppBho
[06/16/2008, 20:57:10] - Key not found: HKLM\...\Winlogon\Notify\NppBho, continuing.
[06/16/2008, 20:57:10] - BHO 2: {b5bfb30e-4e4e-46a1-8843-79e65d235439} ()
[06/16/2008, 20:57:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[06/16/2008, 20:57:10] - Checking for HKLM\...\Winlogon\Notify\ajxqmrhp
[06/16/2008, 20:57:10] - Key not found: HKLM\...\Winlogon\Notify\ajxqmrhp, continuing.
[06/16/2008, 20:57:10] - BHO 3: {BD3C6F7C-6C8D-48F6-AC52-5E4071AEB257} ()
[06/16/2008, 20:57:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[06/16/2008, 20:57:10] - No filename found. Continuing.
[06/16/2008, 20:57:10] - BHO 4: {CDC24DC3-9F9B-4E60-8693-20D55486DACD} ()
[06/16/2008, 20:57:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[06/16/2008, 20:57:10] - Checking for HKLM\...\Winlogon\Notify\ddcCRKcC
[06/16/2008, 20:57:10] - Key not found: HKLM\...\Winlogon\Notify\ddcCRKcC, continuing.
[06/16/2008, 20:57:10] - Finished Searching Browser Helper Objects
[06/16/2008, 20:57:10] - Finishing up...
[06/16/2008, 20:57:10] - Nothing found! Exiting...
[06/16/2008, 22:36:18] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\claudio\Desktop\VirtumundoBeGone.exe" )
[06/16/2008, 22:36:20] - Detected System Information:
[06/16/2008, 22:36:20] - Windows Version: 5.1.2600, Service Pack 3
[06/16/2008, 22:36:20] - Current Username: claudio (Admin)
[06/16/2008, 22:36:20] - Windows is in SAFE mode with Networking.
[06/16/2008, 22:36:20] - Searching for Browser Helper Objects:
[06/16/2008, 22:36:20] - BHO 1: {1E8A6170-7264-4D0F-BEAE-D42A53123C75} ()
[06/16/2008, 22:36:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[06/16/2008, 22:36:20] - Checking for HKLM\...\Winlogon\Notify\NppBho
[06/16/2008, 22:36:20] - Key not found: HKLM\...\Winlogon\Notify\NppBho, continuing.
[06/16/2008, 22:36:20] - Finished Searching Browser Helper Objects
[06/16/2008, 22:36:20] - Finishing up...
[06/16/2008, 22:36:20] - Nothing found! Exiting...
VirIT eXplorer Lite Log--------------------------------------------------------
16/06/2008 - 22:42:58
[SCANSIONE DEL REGISTRO]
OK
[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK
Chiavi Registro infette: 0.
Files Infetti: 0.
Files Sospetti: 0.
Files Analizzati: 56063.
Files Totali: 56063.
Chiavi Registro rimosse: 0.
Virus Rimossi: 0.
ComboFix 08-06-15.4 - claudio 2008-06-17 0.24.38.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.152 [GMT 2:00]
Eseguito da: C:\Documents and Settings\claudio\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((( Files Creati Da 2008-05-16 al 2008-06-16 )))))))))))))))))))))))))))))))))))
.
2008-06-16 22:40 . 2008-03-17 19:23 39,808 --a------ C:\WINDOWS\system32\drivers\VIRAGTLT.SYS
2008-06-16 22:24 . 2008-06-17 00:22 <DIR> d-------- C:\VEXPLITE
2008-06-16 18:44 . 2008-04-13 11:54 22,016 --a------ C:\WINDOWS\system32\drivers\MSIRCOMM.sys
2008-06-16 18:44 . 2008-04-13 11:54 22,016 --a--c--- C:\WINDOWS\system32\dllcache\msircomm.sys
2008-06-15 07:42 . 2008-06-15 07:42 <DIR> d-------- C:\Programmi\Trend Micro
2008-06-14 00:06 . 2008-06-14 00:06 <DIR> d-------- C:\VundoFix Backups
2008-06-12 16:17 . 2008-06-16 11:54 <DIR> d-------- C:\pwrcmdr
2008-06-12 11:30 . 2008-06-12 11:30 90,624 --a------ C:\WINDOWS\system32\lmkwxtca.dll
2008-06-12 09:15 . 2008-06-12 09:15 <DIR> d-------- C:\WINDOWS\system32\it
2008-06-12 09:11 . 2008-06-12 09:16 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-06-12 09:10 . 2008-04-13 19:14 294,912 -----c--- C:\WINDOWS\system32\dllcache\dlimport.exe
2008-06-12 09:05 . 2006-12-28 12:01 19,569 --a------ C:\WINDOWS\
002719_.tmp
2008-06-12 08:51 . 2008-06-12 08:55 <DIR> d-------- C:\f40e8c9fdfa74a2b65e3a5b22f
2008-06-12 00:53 . 2008-06-12 09:15 <DIR> d-------- C:\WINDOWS\system32\it-it
2008-06-11 23:53 . 2008-06-12 00:01 <DIR> d-------- C:\Programmi\Lavasoft
2008-06-11 23:53 . 2008-06-11 23:54 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft
2008-06-11 22:31 . 2008-06-11 22:31 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\TomTom
2008-06-11 22:30 . 2008-06-11 22:30 <DIR> d-------- C:\Programmi\TomTom HOME 2
2008-06-11 22:23 . 2008-06-11 22:23 <DIR> d-------- C:\Programmi\TomTom DesktopSuite
2008-06-11 22:06 . 2008-06-11 22:29 <DIR> d-------- C:\Programmi\TomTom HOME
2008-06-11 21:58 . 2008-06-11 21:58 <DIR> d--hs---- C:\Documents and Settings\claudio\UserData
2008-06-11 21:18 . 2008-06-11 21:18 <DIR> d-------- C:\Programmi\Novatel Wireless
2008-06-11 21:17 . 2008-06-11 23:51 <DIR> d-------- C:\Programmi\File comuni\Wise Installation Wizard
2008-06-11 21:13 . 2008-06-11 21:13 <DIR> d-------- C:\Programmi\mobile PhoneTools
2008-06-11 21:13 . 2008-06-11 21:13 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\BVRP Software
2008-06-11 20:53 . 2003-07-10 22:29 36,864 -ra------ C:\WINDOWS\system32\NwtCoInstaller.dll
2008-06-11 18:57 . 2008-06-11 18:57 29 --a------ C:\WINDOWS\DEBUGSM.INI
2008-06-11 17:51 . 2008-06-11 17:52 <DIR> d-------- C:\Programmi\CCleaner
2008-06-11 17:48 . 2008-06-11 18:54 <DIR> d-------- C:\Programmi\CDex_150
2008-06-11 17:47 . 2008-06-11 17:47 <DIR> d-------- C:\Programmi\VideoLAN
2008-06-11 17:45 . 2008-06-11 17:45 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Elaborate Bytes
2008-06-11 17:40 . 2008-06-11 17:40 <DIR> d-------- C:\Programmi\Elaborate Bytes
2008-06-11 17:01 . 2004-09-28 13:08 458,112 --a------ C:\WINDOWS\system32\drivers\MarvinUsb.sys
2008-06-11 16:58 . 2008-06-11 16:58 <DIR> d-------- C:\Programmi\Pinnacle Systems
2008-06-11 16:52 . 2008-06-11 16:52 <DIR> d-------- C:\Programmi\DVD Shrink
2008-06-11 16:52 . 2008-06-11 16:52 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\DVD Shrink
2008-06-11 16:07 . 2008-06-11 16:07 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\SlySoft
2008-06-11 16:03 . 2008-06-11 16:42 <DIR> d-------- C:\Programmi\SlySoft
2008-06-11 16:03 . 2008-06-11 17:46 48 ---hs---- C:\WINDOWS\SF6ECA0DF.tmp
2008-06-11 03:49 . 2008-06-11 03:49 <DIR> d-------- C:\Programmi\MSXML 4.0
2008-06-11 03:43 . 2008-06-12 08:59 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-06-11 03:41 . 2008-04-13 18:49 273,664 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 03:25 . 2008-03-06 21:32 23,904 --a------ C:\WINDOWS\system32\drivers\COH_Mon.sys
2008-06-11 03:25 . 2008-03-06 21:32 10,537 --a------ C:\WINDOWS\system32\drivers\COH_Mon.cat
2008-06-11 03:25 . 2008-03-06 21:32 706 --a------ C:\WINDOWS\system32\drivers\COH_Mon.inf
2008-06-11 03:13 . 2008-06-11 03:15 10,671 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-06-11 03:13 . 2008-06-11 03:15 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-06-11 02:58 . 2008-06-11 02:58 <DIR> d-------- C:\Programmi\D-Link
2008-06-11 02:44 . 2008-06-11 03:27 <DIR> d-------- C:\Programmi\Norton Internet Security
2008-06-11 02:42 . 2008-06-11 03:15 <DIR> d-------- C:\Programmi\Symantec
2008-06-11 02:42 . 2008-06-16 22:28 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Symantec
2008-06-11 02:42 . 2008-06-11 03:15 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-06-11 02:42 . 2008-06-11 03:15 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2008-06-11 02:41 . 2008-06-17 00:27 <DIR> d-------- C:\Programmi\File comuni\Symantec Shared
2008-06-11 02:35 . 2008-06-11 02:35 <DIR> d-------- C:\WINDOWS\system32\Quicktime
2008-06-11 02:35 . 2008-06-11 02:35 <DIR> d-------- C:\Programmi\SmartSound Software
2008-06-11 02:35 . 2008-06-11 02:35 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\SmartSound Software Inc
2008-06-11 02:33 . 2005-01-28 15:36 171,008 --a------ C:\WINDOWS\system32\drivers\MarvinBus.sys
2008-06-11 02:28 . 2008-06-11 02:28 <DIR> d-------- C:\Programmi\Real
2008-06-11 02:28 . 2008-06-11 02:28 <DIR> d-------- C:\Programmi\File comuni\xing shared
2008-06-11 02:28 . 2008-06-11 02:28 <DIR> d-------- C:\Programmi\File comuni\Real
2008-06-11 02:28 . 2008-06-11 02:28 <DIR> d-------- C:\Programmi\aod
2008-06-11 02:20 . 2003-03-15 23:15 90,112 --a------ C:\WINDOWS\unvise32.exe
2008-06-11 02:18 . 2003-03-18 22:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2008-06-11 02:17 . 2008-06-11 02:32 <DIR> d-------- C:\Programmi\Pinnacle
2008-06-11 02:17 . 2008-06-11 14:02 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Pinnacle
2008-06-11 02:17 . 2002-03-19 10:29 14,165 --------- C:\WINDOWS\system32\drivers\Pclepci.sys
2008-06-11 02:14 . 1998-12-22 01:49 66,594 --a--c--- C:\WINDOWS\system32\dllcache\c_862.nls
2008-06-11 02:14 . 1998-12-22 01:49 66,594 --a------ C:\WINDOWS\system32\c_862.nls
2008-06-11 02:14 . 1998-12-22 01:49 66,082 --a--c--- C:\WINDOWS\system32\dllcache\c_708.nls
2008-06-11 02:14 . 1998-12-22 01:49 66,082 --a--c--- C:\WINDOWS\system32\dllcache\c_28596.nls
2008-06-11 02:14 . 1998-12-22 01:49 66,082 --a------ C:\WINDOWS\system32\c_708.nls
2008-06-11 02:14 . 1998-12-22 01:49 66,082 --a------ C:\WINDOWS\system32\c_28596.nls
2008-06-11 02:14 . 1998-10-07 09:21 29,184 --a------ C:\WINDOWS\system32\Popup.ocx
2008-06-11 02:13 . 2008-06-11 02:13 <DIR> d-------- C:\Programmi\LHSP
2008-06-11 02:11 . 2008-06-11 02:11 <DIR> d-------- C:\My Documents
2008-06-11 02:11 . 1996-07-01 00:00 77,312 --a------ C:\WINDOWS\system32\TWAIN_32.DLL
2008-06-11 02:11 . 2008-06-11 02:11 1,276 --a------ C:\WINDOWS\photoimpression.ini
2008-06-11 02:10 . 2008-06-11 02:10 <DIR> d-------- C:\Programmi\ArcSoft
2008-06-11 02:08 . 2008-06-11 16:55 <DIR> d-------- C:\Programmi\EPSON
2008-06-11 02:05 . 2003-02-27 16:16 135,168 --a------ C:\WINDOWS\system32\l3codecx.acm
2008-06-11 02:02 . 2008-06-11 02:02 <DIR> d-------- C:\Programmi\Roxio
2008-06-11 02:01 . 2008-06-11 02:04 <DIR> d-------- C:\Programmi\File comuni\Roxio Shared
2008-06-11 00:56 . 2008-06-11 00:56 <DIR> d-------- C:\WINDOWS\Options
2008-06-11 00:56 . 2001-09-26 19:34 799,816 -ra------ C:\WINDOWS\system32\drivers\LTSM.sys
2008-06-11 00:56 . 2001-09-26 19:34 799,816 --a--c--- C:\WINDOWS\system32\dllcache\ltsm.sys
2008-06-11 00:56 . 2001-10-01 19:28 121,905 --a------ C:\WINDOWS\system32\csellang.ini
2008-06-11 00:56 . 2002-03-26 14:47 102,400 --a------ C:\WINDOWS\system32\cselect.exe
2008-06-11 00:56 . 2001-05-08 21:38 77,824 --a------ C:\WINDOWS\system32\tosmreg.exe
2008-06-11 00:56 . 2002-03-19 17:23 57,344 --------- C:\WINDOWS\ltremove.exe
2008-06-11 00:56 . 2000-12-13 05:25 45,056 --a------ C:\WINDOWS\system32\csellang.dll
2008-06-11 00:56 . 2001-05-24 18:17 8,899 --a------ C:\WINDOWS\system32\tosmreg.ini
2008-06-11 00:56 . 2000-12-13 03:13 6,793 --a------ C:\WINDOWS\system32\cseltbl.ini
2008-06-11 00:54 . 2002-08-09 11:50 155,648 --a------ C:\WINDOWS\system32\TMEPROP.CPL
2008-06-11 00:54 . 2001-07-03 11:06 49,152 --a------ C:\WINDOWS\TMEVALDD.DLL
2008-06-11 00:54 . 2002-08-09 11:48 9,614 --a------ C:\WINDOWS\system32\TMESRV.HLP
2008-06-11 00:52 . 2002-04-24 12:06 94,208 --a------ C:\WINDOWS\system32\TDispVol.exe
2008-06-11 00:52 . 2002-02-28 15:40 45,056 --a------ C:\WINDOWS\system32\TDispVol.dll
2008-06-11 00:52 . 2002-07-31 15:40 40,960 --a------ C:\WINDOWS\system32\TCtrlCommon.dll
2008-06-11 00:46 . 2002-07-24 16:42 249,856 --a------ C:\WINDOWS\system32\yacxgc.cpl
2008-06-11 00:45 . 2008-06-11 00:45 0 --a------ C:\WINDOWS\PROTOCOL.INI
2008-06-11 00:44 . 2008-06-11 00:44 <DIR> d-------- C:\Documents and Settings\claudio\WINDOWS
2008-06-11 00:44 . 2000-01-07 16:36 478,720 --a------ C:\WINDOWS\system32\ssToshiba.scr
2008-06-11 00:44 . 1998-10-01 15:22 299,520 --a------ C:\WINDOWS\uninst.exe
2008-06-11 00:43 . 2008-06-11 01:17 <DIR> d-------- C:\Programmi\TOSHIBA
2008-06-11 00:41 . 2008-06-11 00:41 <DIR> d-------- C:\Programmi\Intel
2008-06-11 00:37 . 2002-08-20 10:29 40,960 -ra------ C:\WINDOWS\system32\ezSP_Px.exe
2008-06-11 00:37 . 2002-04-18 02:02 16,288 --------- C:\WINDOWS\system32\drivers\pxhelp20.sys
2008-06-11 00:36 . 2008-06-12 01:00 <DIR> d--h----- C:\Programmi\InstallShield Installation Information
2008-06-11 00:36 . 2008-06-11 00:36 <DIR> d-------- C:\Programmi\Drag'n Drop CD
2008-06-11 00:36 . 2002-08-19 12:35 713 --a------ C:\WINDOWS\system32\Px.ini
2008-06-11 00:33 . 2008-06-11 02:35 <DIR> d-------- C:\Programmi\File comuni\InstallShield
2008-06-11 00:30 . 2008-06-11 00:30 <DIR> d-------- C:\Programmi\Synaptics
2008-06-11 00:30 . 2002-08-16 16:15 262,160 -ra------ C:\WINDOWS\system32\drivers\SynTP.sys
2008-06-11 00:30 . 2002-08-16 16:17 110,592 -ra------ C:\WINDOWS\system32\SynTPAPI.dll
2008-06-11 00:30 . 2002-08-16 10:47 77,824 -ra------ C:\WINDOWS\system32\SynTPCoI.dll
2008-06-11 00:30 . 2002-08-16 16:18 65,536 -ra------ C:\WINDOWS\system32\SynTPFcs.dll
2008-06-11 00:27 . 2008-06-11 00:27 <DIR> d-------- C:\Program Files
2008-06-11 00:27 . 1998-11-13 13:07 307,712 --a------ C:\WINDOWS\IsUn0410.exe
2008-06-11 00:01 . 2008-06-11 00:01 <DIR> d-------- C:\Programmi\Nero
2008-06-11 00:01 . 2008-06-11 00:02 <DIR> d-------- C:\Programmi\File comuni\Nero
2008-06-11 00:01 . 2008-06-11 00:01 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Nero
2008-05-16 11:58 . 2008-05-16 11:58 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-12 21:57 --------- d-----w C:\Programmi\File comuni\Adobe
2008-06-10 23:58 --------- d-----w C:\Programmi\CyberLink
2008-06-10 23:58 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\CyberLink
2008-06-10 23:51 --------- d-----w C:\Programmi\Microsoft.NET
2008-06-10 23:51 --------- d-----w C:\Programmi\Microsoft Works
2008-06-10 23:35 --------- d-----w C:\Programmi\Microsoft Encarta
2008-06-10 23:32 --------- d-----w C:\Programmi\Microsoft AutoRoute
2008-06-10 23:27 --------- d-----w C:\Programmi\Microsoft Works Suite 2003
2008-06-10 23:03 --------- d-----w C:\Programmi\YAMAHA
2008-06-10 21:39 --------- d-----w C:\Programmi\microsoft frontpage
2008-06-10 21:37 --------- d-----w C:\Programmi\Servizi in linea
2008-05-09 17:56 99,264 ----a-w C:\WINDOWS\system32\drivers\AnyDVD.sys
2008-04-29 09:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-29 09:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-29 09:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
2008-04-13 17:27 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-13 17:16 331,776 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-13 17:13 99,840 ----a-w C:\WINDOWS\system32\loadperf.dll
2008-04-13 17:12 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
2008-04-13 17:11 539,648 ----a-w C:\WINDOWS\system32\comuid.dll
2008-04-13 17:11 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
2008-04-13 17:11 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
2008-04-13 16:55 2,192,768 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-13 16:55 2,069,632 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-13 16:54 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-13 16:53 92,672 ----a-w C:\WINDOWS\system32\msxml6r.dll
2008-04-13 16:52 80,896 ----a-w C:\WINDOWS\system32\msshavmsg.dll
2008-04-13 16:52 2,973,696 ----a-w C:\WINDOWS\system32\wmploc.dll
2008-04-13 16:51 566,272 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-13 16:51 51,200 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-13 16:51 186,880 ----a-w C:\WINDOWS\system32\wmerror.dll
2008-04-13 16:50 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-13 16:49 68,608 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-13 16:49 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-13 16:48 8,704 ----a-w C:\WINDOWS\system32\asferror.dll
2008-04-13 09:45 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-13 09:43 9,728 ----a-w C:\WINDOWS\system32\comsdupd.exe
2008-04-13 09:43 12,800 ----a-w C:\WINDOWS\system32\spiisupd.exe
2008-04-13 09:40 449,024 ----a-w C:\WINDOWS\system32\xpob2res.dll
2008-04-13 09:37 2,962,432 ----a-w C:\WINDOWS\system32\xpsp2res.dll
2008-04-13 09:35 195,072 ----a-w C:\WINDOWS\system32\xpsp1res.dll
2008-04-13 09:31 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
2008-04-13 09:30 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
2008-04-13 08:37 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
2008-04-13 08:37 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll
2008-04-13 08:26 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
2008-04-13 08:26 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
2008-04-13 08:21 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
2008-04-13 07:48 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
2008-04-13 07:45 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
2008-04-13 07:23 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
2008-04-13 06:39 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
2008-03-25 08:20 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 183,072 ----a-w C:\WINDOWS\system32\msjint40.dll
.
(((((((((((((((((((((((((((((
snapshot@2008-06-16_21.15.42.77 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-16 19:11:36 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-16 22:21:38 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-06-16 19:04:44 40,326 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-06-16 22:26:46 40,326 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-06-16 19:04:44 48,012 ----a-w C:\WINDOWS\system32\perfc010.dat
+ 2008-06-16 22:26:46 48,012 ----a-w C:\WINDOWS\system32\perfc010.dat
- 2008-06-16 19:04:44 311,938 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-06-16 22:26:46 311,938 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-06-16 19:04:44 345,620 ----a-w C:\WINDOWS\system32\perfh010.dat
+ 2008-06-16 22:26:46 345,620 ----a-w C:\WINDOWS\system32\perfh010.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe" [2007-09-20 15:35 202024]
"AnyDVD"="C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe" [2008-05-13 20:41 89024]
"TomTomHOME.exe"="C:\Programmi\TomTom HOME 2\HOMERunner.exe" [2008-05-06 10:42 202088]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"NBKeyScan"="C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328]
"cPadFstR"="C:\Program Files\Synaptics\SynTP\CPad\cPadFstR.Exe" [2002-08-25 08:39 20480]
"SynTPLpr"="C:\Programmi\Synaptics\SynTP\SynTPLpr.exe" [2002-08-16 10:43 126976]
"SynTPEnh"="C:\Programmi\Synaptics\SynTP\SynTPEnh.exe" [2002-08-16 16:18 557056]
"NvCplDaemon"="NvQTwk" []
"nwiz"="nwiz.exe" [2002-07-24 23:18 438272 C:\WINDOWS\system32\nwiz.exe]
"ezShieldProtector for Px"="C:\WINDOWS\system32\ezSP_Px.exe" [2002-08-20 10:29 40960]
"00THotkey"="C:\WINDOWS\system32\
00THotkey.exe" [2002-05-13 09:12 245760]
"000StTHK"="000StTHK.exe" [2001-06-23 20:28 24576 C:\WINDOWS\system32\
000StTHK.exe]
"TFncKy"="TFncKy.exe" []
"TcmTray"="" []
"TDispVol"="TDispVol.exe" [2002-04-24 12:06 94208 C:\WINDOWS\system32\TDispVol.exe]
"TMESBS.EXE"="C:\Programmi\TOSHIBA\TME3\TMESBS32.exe" [2002-08-09 11:51 57344]
"Tpwrtray"="TPWRTRAY.EXE" [2002-07-31 17:00 188416 C:\WINDOWS\system32\TPWRTRAY.EXE]
"TosHKCW.exe"="C:\Programmi\TOSHIBA\Wireless Hotkey\TosHKCW.exe" [2002-01-22 18:20 49152]
"SxgTkBar"="SxgTkBar.exe" [2001-07-11 09:29 53248 C:\WINDOWS\system32\Sxgtkbar.exe]
"cPadAlarm"="C:\Programmi\Synaptics\SynTP\cPad\AlarmWatcher.exe" [2002-07-22 14:55 143360]
"TouchED"="C:\Programmi\TOSHIBA\TouchED\TouchED.Exe" [2002-08-01 16:26 122880]
"RoxioEngineUtility"="C:\Programmi\File comuni\Roxio Shared\System\EngUtil.exe" [2003-02-27 05:31 69632]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2004-03-10 16:26 406016]
"TkBellExe"="C:\Programmi\File comuni\Real\Update_OB\realsched.exe" [2008-06-11 02:28 151597]
"ccApp"="C:\Programmi\File comuni\Symantec Shared\ccApp.exe" [2006-09-03 02:04 84640]
"osCheck"="C:\Programmi\Norton Internet Security\osCheck.exe" [2006-09-05 20:22 26248]
"Symantec PIF AlertEng"="C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048]
"CloneCDTray"="C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe" [2004-12-27 21:14 57344]
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"VIRIT LITE MONITOR"="C:\VEXPLITE\MONLITE.EXE" [2008-05-23 16:22 245760]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 19:14 15360]
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.lnk - C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2008-06-11 01:42:44 113664]
Wireless Connection Manager.lnk - C:\Programmi\D-Link\D-Link RangeBooster N 650 DWA-645\wirelesscm.exe [2008-06-11 02:58:21 12693504]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= vdrcodec.dll
"VIDC.MJPG"= Pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Drag'n Drop CD]
--------- 2002-09-20 23:05 802816 C:\Programmi\Drag'n Drop CD\BinFiles\DragDrop.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioAudioCentral]
--a------ 2003-02-26 16:50 253952 C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
--a------ 2003-02-27 04:36 757760 C:\Programmi\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Programmi\\File comuni\\Nero\\Nero Web\\SetupX.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R0 tosrfec;Bluetooth ACPI from Toshiba;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2001-07-13 03:26]
R0 TVALDX;Toshiba ACPI-Based Value Added Logical Device Extension Driver;C:\WINDOWS\system32\DRIVERS\TVALDX.SYS [2001-08-17 14:27]
R0 VIRAGTLT;VIRAGTLT;C:\WINDOWS\system32\drivers\VIRAGTLT.SYS [2008-03-17 19:23]
R2 Tmesbs;Tmesbs32;C:\Programmi\TOSHIBA\TME3\Tmesbs32.exe [2002-08-09 11:51]
R2 Utilità di pianificazione di LiveUpdate automatico;Utilità di pianificazione di LiveUpdate automatico;"C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2006-09-08 16:52]
R2 viritsvclite;Virit eXplorer Lite;C:\VEXPLITE\viritsvc.exe [2007-10-10 12:12]
R3 SOFTXG;YAMAHA XG WDM SoftSynthesizer;C:\WINDOWS\system32\drivers\sxgxgwdm.sys [2001-10-05 09:40]
R3 WSIMD;wsimd Service;C:\WINDOWS\system32\DRIVERS\wsimd.sys [2006-07-20 07:00]
S2 SerialNW;NW Serial port driver;C:\WINDOWS\system32\DRIVERS\serialnw.sys [2003-08-29 08:03]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cf444bf9-37e6-11dd-bc75-00179a428f60}]
\Shell\AutoRun\command - G:\InstallTomTomHOME.exe
*Newly Created Service* - CATCHME
*Newly Created Service* - COMHOST
*Newly Created Service* - VIRAGTLT
.
Contenuto della cartella 'Scheduled Tasks'
"2008-06-11 00:54:59 C:\WINDOWS\Tasks\Norton Internet Security - Scansione completa sistema - claudio.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exei/TASK:
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-06-17 00:27:32
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\TDispVol.dll
.
Ora fine scansione: 2008-06-17 0.30.57
ComboFix-quarantined-files.txt 2008-06-16 22:30:44
ComboFix2.txt 2008-06-16 19:16:16
13 Directory 96,480,563,200 byte disponibili
17 Directory 96,468,819,968 byte disponibili
308 --- E O F --- 2008-06-11 02:02:49
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0.32.14, on 17/06/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
C:\Programmi\File comuni\Symantec Shared\AppCore\AppSvc32.exe
C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\D-Link\D-Link RangeBooster N 650 DWA-645\acs.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\TOSHIBA\TME3\Tmesbs32.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\VEXPLITE\viritsvc.exe
C:\Program Files\Synaptics\SynTP\CPad\cPadFstR.Exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\00THotkey.exe
C:\Programmi\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Programmi\TOSHIBA\TME3\TMESBS32.EXE
C:\WINDOWS\system32\TPWRTRAY.EXE
C:\Programmi\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\system32\SxgTkBar.exe
C:\Programmi\Synaptics\SynTP\cPad\AlarmWatcher.exe
C:\Programmi\TOSHIBA\TouchED\TouchED.Exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe
C:\VEXPLITE\MONLITE.EXE
C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe
C:\Programmi\TomTom HOME 2\HOMERunner.exe
C:\Programmi\SlySoft\AnyDVD\AnyDVDtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
C:\Programmi\D-Link\D-Link RangeBooster N 650 DWA-645\wirelesscm.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Programmi\Symantec\LiveUpdate\AUPDATE.EXE
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.google.it/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programmi\File comuni\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [cPadFstR] C:\Program Files\Synaptics\SynTP\CPad\cPadFstR.Exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 03
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [TMESBS.EXE] C:\Programmi\TOSHIBA\TME3\TMESBS32.EXE /Client
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Programmi\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [SxgTkBar] SxgTkBar.exe
O4 - HKLM\..\Run: [cPadAlarm] C:\Programmi\Synaptics\SynTP\cPad\AlarmWatcher.exe
O4 - HKLM\..\Run: [TouchED] C:\Programmi\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Programmi\File comuni\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programmi\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AnyDVD] "C:\Programmi\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Programmi\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Wireless Connection Manager.lnk = C:\Programmi\D-Link\D-Link RangeBooster N 650 DWA-645\wirelesscm.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\Programmi\D-Link\D-Link RangeBooster N 650 DWA-645\acs.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Convalida password di Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Tmesbs32 (Tmesbs) - TOSHIBA Corporation - C:\Programmi\TOSHIBA\TME3\Tmesbs32.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas
www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
--
End of file - 9252 bytes
al momento che ti sto postando le pagine web pirata non si aprono piu', speriamo bene
ciao