Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » mi controllate il log per favore? Grazie!

mi controllate il log per favore? Grazie! Opzioni
Topic Precedente · Topic Sucessivo
mhelpc
Inviato: Wednesday, September 30, 2009 9:52:46 AM
Rank: Member

Iscritto dal : 1/24/2005
Posts: 28
Logfile of HijackThis v1.99.0
Scan saved at 9.34.00, on 30/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.lphant.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.lphant.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programmi\Search Settings\kb127\SearchSettings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programmi\Search Settings\kb127\SearchSettings.dll
O3 - Toolbar: Lphant MediaBar - {7FED05BE-14FB-4A41-B0D9-79ABBC36FEE4} - C:\Programmi\Lphant Applications\Lphant MediaBar\LphantMediaBar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Programmi\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Tasto di scelta rapida per l'avvio di AutoCAD LT.lnk = C:\Programmi\File comuni\Autodesk Shared\acstart17.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\programmi\bonjour\mdnsnsp.dll
O13 - Home Prefix: http://webwarper.net/clicklog.pl/AUTODL~~/~av/
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://www.studiosit.it/mapguideViewer/mgaxctrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1200053704343
O16 - DPF: {D147430C-86CD-4E6F-A807-93FBC496D201} (NCSLayeredView Class) - http://www.cartografiarl.regione.liguria.it/ecwplugins/ncs.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{73FB5690-5539-43CF-8926-005E7E9634B8}: NameServer = 151.99.125.1,151.99.125.2
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: DU Meter Service - Unknown - C:\Programmi\DU Meter\DUMeterSvc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Torna in alto
 
Sponsor
Inviato: Wednesday, September 30, 2009 9:52:46 AM

 
Torna in alto
 
shapiro
Inviato: Wednesday, September 30, 2009 11:02:54 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ciao

hai qualche ospite indesiderato nel pc

esegui queste scansioni attentamente


Scarica e installa
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Aggiornalo e fai una scansione completa del computer. Posta il rapporto ottenuto. Per ora non rimuovere nessuna eventuale minaccia rilevata



Scarica Lop S&D | http://eric.71.mespages.googlepages.com/LopSD.exe
con tutte le applicazioni chiuse e disconnesso
doppio click su LopSD
scegli la lingua E (invio)
1 (ricerca) invio

al termine dello scan riavvia LopSD
questa volta scegli l'opzione 2 (invio)

allega il report C:\LopR.txt insieme ad un nuovo log di hijackthis


Appena finito, scarica la nuova versione di hijackthis(quella che hai e' obsoleta) e posta il rapporto che rilascia

scarica hijackthis da qui

http://www.aiutamici.com/software?ID=11175
Torna in alto
 
mhelpc
Inviato: Wednesday, September 30, 2009 7:27:17 PM
Rank: Member

Iscritto dal : 1/24/2005
Posts: 28
Malwarebytes' Anti-Malware 1.41
Versione del database: 2876
Windows 5.1.2600 Service Pack 3

30/09/2009 13.26.52
mbam-log-2009-09-30 (13-26-46).txt

Tipo di scansione: Scansione completa (C:\|E:\|)
Elementi scansionati: 162530
Tempo trascorso: 28 minute(s), 24 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 2
Valori di registro infetti: 2
Elementi dato del registro infetti: 2
Cartelle infette: 0
File infetti: 1

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.Softomate) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{49e0e0f0-5c30-11d4-945d-000000000000} (Spyware-Logger.Unknown) -> No action taken.

Valori di registro infetti:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.Softomate) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.Softomate) -> No action taken.

Elementi dato del registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
C:\Documents and Settings\Administrator\Dati applicazioni\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> No action taken.
Torna in alto
 
shapiro
Inviato: Wednesday, September 30, 2009 7:52:53 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
riavvia malwarebytes ed elimina tutto

esegui anche la scansione con Lop S&D e posta il log che rilascia insieme ad un nuovo log di hjt (ultima versione)

http://www.aiutamici.com/software?ID=11175
Torna in alto
 
mhelpc
Inviato: Monday, October 05, 2009 8:53:11 AM
Rank: Member

Iscritto dal : 1/24/2005
Posts: 28

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 01/19/05 14:53:57 NR146 BIOS Rev: 1.13
USER : Administrator ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 0.0.0.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - FAT32 - Total:19 Go (Free:4 Go)
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total:17 Go (Free:11 Go)
F:\ (Network Disk) - NTFS - Total:200 Go (Free:166 Go)
U:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 05/10/2009| 8.47 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX

-
[ Hosts file ] .. Restored!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing folders in DATIAP~1

[19/07/2006|16.06] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\DEFAUL~1\DATIAP~1\705 943 552 byte disponibili

[16/06/2009|08.27] C:\DOCUME~1\ALLUSE~1\DATIAP~1\321F4
[19/07/2006|16.37] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe
[19/07/2006|17.35] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe Systems
[19/01/2008|09.11] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Ahead
[19/05/2008|08.36] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Apple
[20/07/2007|10.47] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Arovax
[19/07/2006|17.15] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Autodesk
[28/05/2009|11.44] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Avira
[19/07/2006|16.49] C:\DOCUME~1\ALLUSE~1\DATIAP~1\CyberLink
[19/07/2006|16.48] C:\DOCUME~1\ALLUSE~1\DATIAP~1\DVD Shrink
[24/10/2008|11.35] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Google
[10/03/2008|13.44] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Hagel Technologies
[18/03/2008|10.42] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Hewlett-Packard
[14/08/2008|10.47] C:\DOCUME~1\ALLUSE~1\DATIAP~1\IM
[14/08/2008|10.45] C:\DOCUME~1\ALLUSE~1\DATIAP~1\IncrediMail
[19/07/2006|17.21] C:\DOCUME~1\ALLUSE~1\DATIAP~1\InstallShield
[28/05/2009|10.54] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Kaspersky Lab Setup Files
[05/02/2008|16.36] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Lavasoft
[30/09/2009|12.54] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Malwarebytes
[19/07/2006|16.06] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft
[19/01/2008|09.09] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Nero
[19/07/2006|16.41] C:\DOCUME~1\ALLUSE~1\DATIAP~1\QuickTime
[20/06/2009|11.40] C:\DOCUME~1\ALLUSE~1\DATIAP~1\RoboForm
[19/07/2006|17.31] C:\DOCUME~1\ALLUSE~1\DATIAP~1\SBSI
[24/08/2006|16.06] C:\DOCUME~1\ALLUSE~1\DATIAP~1\SecTaskMan
[09/10/2006|12.55] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Spybot - Search & Destroy
[29/12/2006|11.02] C:\DOCUME~1\ALLUSE~1\DATIAP~1\TEMP
[12/04/2008|11.18] C:\DOCUME~1\ALLUSE~1\DATIAP~1\vsosdk
[07/01/2008|12.25] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Windows Genuine Advantage
[0|File] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte
[31|Directory] C:\DOCUME~1\ALLUSE~1\DATIAP~1\705 943 552 byte disponibili

[08/09/2006|08.32] C:\DOCUME~1\NETWOR~1\DATIAP~1\Adobe
[19/07/2006|16.06] C:\DOCUME~1\NETWOR~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte
[4|Directory] C:\DOCUME~1\NETWOR~1\DATIAP~1\705 943 552 byte disponibili

[19/07/2006|16.06] C:\DOCUME~1\LOCALS~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\LOCALS~1\DATIAP~1\705 943 552 byte disponibili

[19/07/2006|16.37] C:\DOCUME~1\ADMINI~1\DATIAP~1\Adobe
[24/08/2006|11.30] C:\DOCUME~1\ADMINI~1\DATIAP~1\AdobeUM
[19/01/2008|09.12] C:\DOCUME~1\ADMINI~1\DATIAP~1\Ahead
[19/07/2006|16.41] C:\DOCUME~1\ADMINI~1\DATIAP~1\Apple Computer
[19/07/2006|17.15] C:\DOCUME~1\ADMINI~1\DATIAP~1\Autodesk
[07/01/2008|13.30] C:\DOCUME~1\ADMINI~1\DATIAP~1\BSplayer
[07/01/2008|13.30] C:\DOCUME~1\ADMINI~1\DATIAP~1\BSplayer Pro
[05/08/2008|17.51] C:\DOCUME~1\ADMINI~1\DATIAP~1\Canneverbe_Limited
[08/01/2008|08.19] C:\DOCUME~1\ADMINI~1\DATIAP~1\CoreCodec
[19/07/2006|17.21] C:\DOCUME~1\ADMINI~1\DATIAP~1\Corel
[02/11/2006|11.40] C:\DOCUME~1\ADMINI~1\DATIAP~1\CyberLink
[15/09/2007|09.48] C:\DOCUME~1\ADMINI~1\DATIAP~1\DeepBurner
[06/08/2009|13.03] C:\DOCUME~1\ADMINI~1\DATIAP~1\Desktopicon
[14/04/2008|08.10] C:\DOCUME~1\ADMINI~1\DATIAP~1\DVD Flick
[28/02/2007|08.02] C:\DOCUME~1\ADMINI~1\DATIAP~1\Earth Resource Mapping
[14/08/2008|09.47] C:\DOCUME~1\ADMINI~1\DATIAP~1\FastStone
[22/05/2007|10.58] C:\DOCUME~1\ADMINI~1\DATIAP~1\Google
[27/03/2009|12.11] C:\DOCUME~1\ADMINI~1\DATIAP~1\gtk-2.0
[24/08/2006|16.06] C:\DOCUME~1\ADMINI~1\DATIAP~1\Help
[19/07/2006|16.22] C:\DOCUME~1\ADMINI~1\DATIAP~1\Identities
[12/08/2008|17.25] C:\DOCUME~1\ADMINI~1\DATIAP~1\InfraRecorder
[12/05/2009|14.47] C:\DOCUME~1\ADMINI~1\DATIAP~1\kantaris
[19/07/2006|16.37] C:\DOCUME~1\ADMINI~1\DATIAP~1\Lavasoft
[16/10/2008|14.56] C:\DOCUME~1\ADMINI~1\DATIAP~1\Lingoes
[19/07/2006|16.29] C:\DOCUME~1\ADMINI~1\DATIAP~1\Macromedia
[30/09/2009|12.54] C:\DOCUME~1\ADMINI~1\DATIAP~1\Malwarebytes
[19/07/2006|16.06] C:\DOCUME~1\ADMINI~1\DATIAP~1\Microsoft
[31/03/2009|14.54] C:\DOCUME~1\ADMINI~1\DATIAP~1\Mozilla
[28/08/2007|08.10] C:\DOCUME~1\ADMINI~1\DATIAP~1\MxBoost
[12/05/2009|14.47] C:\DOCUME~1\ADMINI~1\DATIAP~1\OpenCandy
[31/03/2009|12.01] C:\DOCUME~1\ADMINI~1\DATIAP~1\Opera
[19/07/2006|16.43] C:\DOCUME~1\ADMINI~1\DATIAP~1\Real
[22/11/2008|08.29] C:\DOCUME~1\ADMINI~1\DATIAP~1\Search Settings
[19/07/2006|16.35] C:\DOCUME~1\ADMINI~1\DATIAP~1\SolidDocuments
[12/05/2009|16.29] C:\DOCUME~1\ADMINI~1\DATIAP~1\Songbird2
[25/08/2006|07.53] C:\DOCUME~1\ADMINI~1\DATIAP~1\Sun
[20/05/2009|11.01] C:\DOCUME~1\ADMINI~1\DATIAP~1\TigerPlayer
[06/06/2007|13.33] C:\DOCUME~1\ADMINI~1\DATIAP~1\TrojanHunter
[16/01/2008|08.10] C:\DOCUME~1\ADMINI~1\DATIAP~1\U3
[12/06/2009|10.01] C:\DOCUME~1\ADMINI~1\DATIAP~1\uTorrent
[27/03/2009|11.20] C:\DOCUME~1\ADMINI~1\DATIAP~1\vlc
[12/04/2008|09.31] C:\DOCUME~1\ADMINI~1\DATIAP~1\Vso
[0|File] C:\DOCUME~1\ADMINI~1\DATIAP~1\byte
[44|Directory] C:\DOCUME~1\ADMINI~1\DATIAP~1\705 943 552 byte disponibili

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\iopxk.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\nfs.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\zilmytkj.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\wfjtu.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\fzfzfz.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\bjba.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ckzfrf.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\uusujqzq.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\mta.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\sqpmqs.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\moqzd.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ujfgeap.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\asplbe.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ionivj.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\evlx.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\oxngbbg.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\bbny.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\qshzkw.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\vci.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\fsssaebd.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\hkzw.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\uori.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\mvrvbrg.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\nkxonldy.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\nquswocz.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\vmdjdws.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\cowmc.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\nvuqmki.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\rxq.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\eswbooij.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\xtqr.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\qegedubr.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\wfk.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\cadh.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\bsx.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ggailt.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\rbu.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ujcqm.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ngcxhrn.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\hcdwazak.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\dltepmg.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\nxwxqo.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\xvhvovzm.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\zfzm.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\fhljiyn.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\kfall.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\jjdzendf.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\rdjdsrdw.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\yjzvg.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\morw.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\vrc.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\umy.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\kxeru.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ivmwjw.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\fpwck.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\myqs.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\cxhwn.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\hkuleyk.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\cmhjtofs.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\dwq.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\sszycxfq.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\pscbvz.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\xhlrlrna.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\xpuzt.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\jrb.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\qqdfk.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\vqjgtzxl.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\tbrhdr.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\tmcojoqa.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ejdkzhao.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\yamt.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\nhrwmjkl.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\pqbljbmi.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\tzmqoign.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\xtjoa.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\wgpoicrr.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\vrtnb.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\tzumj.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\yncmee.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\yiimld.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\pggttlw.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\vxzj.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\wqx.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\irxvn.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\bdnk.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\mlwgyzi.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\mcttnoee.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\tshx.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ozsyeofk.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\wtxl.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ckswewd.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ogrle.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\gckupqyj.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\amyhjmeu.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\syhct.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\kzzyayv.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\abviy.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\whbfwthe.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\jecsbnfw.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\olp.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ennc.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ddj.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\vrbjd.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\oelx.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\qefmr.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ulqprcfb.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\hgvr.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ytis.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\wtp.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\zwddk.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\riztrx.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\iqjdw.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\fxldqqxw.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\dbthzjcm.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\srxm.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\pcajv.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\btwze.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\mvrbiqp.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\spsf.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\rins.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ywjnzxn.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\uyiympx.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\lqmzre.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\qpkwag.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\nrxkuqqf.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\agaoziiv.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\fnxleq.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\xpcgyp.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ljzc.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\lovxs.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\cnu.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\qwkxjlmb.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\wqywyz.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\uosfcrz.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\cae.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\qmglr.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\zmqhicw.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\geadeiaa.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\lnln.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\mdnzy.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\gbcx.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ppdnsg.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\avapigj.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\stfo.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\cpsj.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\kyznpm.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\syakk.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\nlnji.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\avole.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\hwjcluto.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\qpvm.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\qhvkv.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\xszbaxa.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\weel.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\vvdni.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\bxmpgphm.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\vyump.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\pugee.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\dkqby.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\adasjy.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\lxg.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ouncky.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\lora.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\qgw.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ggctacl.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\gfckga.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ovuhq.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\ytjr.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\qszfavl.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\xvvwdv.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\puqkjo.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\afhjtkz.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\fhtg.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\jkk.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\iizvg.job
[05/10/2009 08.34][--ah-----] C:\WINDOWS\tasks\SA.DAT
[31/08/2001 13.00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Programmi

[08/05/2007|08.19] C:\Programmi\Acro Software
[19/07/2006|16.36] C:\Programmi\Adobe
[28/05/2009|11.04] C:\Programmi\Alwil Software
[28/10/2006|12.39] C:\Programmi\AnswerWorks 4.0
[19/05/2008|08.37] C:\Programmi\Apple Software Update
[06/06/2007|12.41] C:\Programmi\ATS2
[28/10/2006|12.37] C:\Programmi\AutoCAD LT 2007
[28/10/2006|12.35] C:\Programmi\Autodesk
[07/01/2008|08.22] C:\Programmi\AutoGK
[12/04/2008|09.46] C:\Programmi\Avi2Dvd
[28/05/2009|11.44] C:\Programmi\Avira
[05/09/2006|15.23] C:\Programmi\Axon Data
[19/05/2008|08.38] C:\Programmi\Bonjour
[22/08/2006|08.40] C:\Programmi\Broadcom
[11/03/2008|16.27] C:\Programmi\cablecom
[24/08/2006|16.20] C:\Programmi\CCleaner
[19/07/2006|16.15] C:\Programmi\ComPlus Applications
[19/07/2006|17.20] C:\Programmi\Corel
[19/07/2006|16.48] C:\Programmi\CyberLink
[14/04/2008|08.09] C:\Programmi\DVD Flick
[05/03/2009|10.16] C:\Programmi\Earth Resource Mapping
[16/06/2009|15.19] C:\Programmi\easyMule
[16/06/2009|15.09] C:\Programmi\eMule
[28/05/2009|08.26] C:\Programmi\Everstrike Software
[19/07/2006|16.07] C:\Programmi\File comuni
[13/05/2008|16.03] C:\Programmi\FLV Player
[23/10/2008|11.31] C:\Programmi\Free FLV Converter
[07/01/2008|08.23] C:\Programmi\Gabest
[22/11/2008|08.46] C:\Programmi\Ghostgum
[08/05/2007|08.19] C:\Programmi\GNUGS
[19/07/2006|16.45] C:\Programmi\Google
[01/10/2007|08.47] C:\Programmi\Guida pratica espropri
[15/07/2009|08.28] C:\Programmi\HidenLock
[24/08/2006|16.49] C:\Programmi\Il Sole 24 Ore
[19/07/2006|16.41] C:\Programmi\InstallShield Installation Information
[19/07/2006|16.15] C:\Programmi\Internet Explorer
[19/07/2006|16.39] C:\Programmi\Java
[12/05/2009|14.46] C:\Programmi\Kantaris
[27/03/2009|11.22] C:\Programmi\K-Lite Codec Pack
[19/07/2006|17.07] C:\Programmi\LHSP
[14/03/2009|10.40] C:\Programmi\Lingoes
[16/06/2009|08.26] C:\Programmi\Lphant Applications
[02/10/2009|12.32] C:\Programmi\Malwarebytes' Anti-Malware
[23/08/2006|12.04] C:\Programmi\Maxthon
[10/09/2009|12.30] C:\Programmi\MegaLink
[19/07/2006|16.14] C:\Programmi\Messenger
[19/07/2006|17.09] C:\Programmi\Microsoft Agent
[19/07/2006|16.18] C:\Programmi\microsoft frontpage
[19/07/2006|16.58] C:\Programmi\Microsoft Office
[19/07/2006|16.59] C:\Programmi\Microsoft Visual Studio
[19/07/2006|16.59] C:\Programmi\Microsoft Works
[19/07/2006|16.59] C:\Programmi\Microsoft.NET
[19/07/2006|16.16] C:\Programmi\Movie Maker
[20/05/2009|10.55] C:\Programmi\MpcStar
[19/07/2006|16.14] C:\Programmi\MSN Gaming Zone
[19/01/2008|09.09] C:\Programmi\Nero
[19/07/2006|16.39] C:\Programmi\netbeans-4.0
[19/07/2006|16.15] C:\Programmi\NetMeeting
[10/08/2009|10.00] C:\Programmi\NTFS Undelete
[19/07/2006|16.15] C:\Programmi\Outlook Express
[03/06/2008|08.14] C:\Programmi\QK SMTP Server 3
[10/08/2009|09.47] C:\Programmi\Recuva
[05/08/2008|17.42] C:\Programmi\Rocket Division Software
[23/10/2008|11.36] C:\Programmi\Search Settings
[19/07/2006|16.31] C:\Programmi\Security Task Manager
[19/07/2006|16.17] C:\Programmi\Servizi in linea
[19/07/2006|16.35] C:\Programmi\SolidDocuments
[08/10/2007|11.22] C:\Programmi\SpeedyiTunes
[09/10/2006|12.55] C:\Programmi\Spybot - Search & Destroy
[21/03/2008|09.55] C:\Programmi\Studio SIT
[19/07/2006|17.09] C:\Programmi\TextBridge Pro 9.0
[15/07/2009|08.46] C:\Programmi\topdownloads
[30/09/2009|13.33] C:\Programmi\Trend Micro
[19/07/2006|16.22] C:\Programmi\Uninstall Information
[12/04/2008|09.31] C:\Programmi\VSO
[15/07/2009|08.56] C:\Programmi\WGP
[08/01/2008|08.34] C:\Programmi\Windows Media Connect 2
[19/07/2006|16.14] C:\Programmi\Windows Media Player
[19/07/2006|16.14] C:\Programmi\Windows NT
[19/07/2006|16.17] C:\Programmi\WindowsUpdate
[19/07/2006|16.31] C:\Programmi\WinRAR
[19/07/2006|16.31] C:\Programmi\WinZip
[19/07/2006|16.18] C:\Programmi\xerox
[03/11/2006|09.04] C:\Programmi\Yahoo!
[0|File] C:\Programmi\byte
[86|Directory] C:\Programmi\705 927 168 byte disponibili

--------------------\\ Listing Folders in C:\Programmi\File comuni

[19/07/2006|16.37] C:\Programmi\File comuni\Adobe
[19/07/2006|17.35] C:\Programmi\File comuni\Adobe Systems Shared
[19/01/2008|09.09] C:\Programmi\File comuni\Ahead
[19/05/2008|08.37] C:\Programmi\File comuni\Apple
[28/10/2006|12.35] C:\Programmi\File comuni\Autodesk Shared
[11/09/2007|13.17] C:\Programmi\File comuni\AVSMedia
[19/07/2006|17.20] C:\Programmi\File comuni\Corel
[19/07/2006|16.59] C:\Programmi\File comuni\DESIGNER
[28/05/2009|08.26] C:\Programmi\File comuni\Everstrike Software
[19/07/2006|16.29] C:\Programmi\File comuni\InstallShield
[19/07/2006|16.39] C:\Programmi\File comuni\Java
[19/07/2006|16.07] C:\Programmi\File comuni\Microsoft Shared
[19/07/2006|16.16] C:\Programmi\File comuni\MSSoap
[19/07/2006|16.07] C:\Programmi\File comuni\ODBC
[19/07/2006|16.43] C:\Programmi\File comuni\Real
[19/07/2006|17.09] C:\Programmi\File comuni\ScanSoft Shared
[19/07/2006|16.16] C:\Programmi\File comuni\Services
[19/07/2006|16.07] C:\Programmi\File comuni\SpeechEngines
[12/05/2008|08.53] C:\Programmi\File comuni\SWF Studio
[19/07/2006|16.15] C:\Programmi\File comuni\System
[0|File] C:\Programmi\File comuni\byte
[22|Directory] C:\Programmi\File comuni\705 927 168 byte disponibili

--------------------\\ Process

( 33 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-05 08:49:38
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections


No other infections found !

[F:23][D:3]-> C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp
[F:29][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
[F:541][D:4]-> C:\DOCUME~1\ADMINI~1\IMPOST~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

1 - "C:\Lop SD\LopR_1.txt" - 05/10/2009| 8.44 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 05/10/2009| 8.50 - Option : [2]

--------------------\\ Scan completed at 8.50.05
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8.51.48, on 05/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programmi\Maxthon\Maxthon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programmi\Search Settings\kb127\SearchSettings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programmi\Search Settings\kb127\SearchSettings.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Tasto di scelta rapida per l'avvio di AutoCAD LT.lnk = C:\Programmi\File comuni\Autodesk Shared\acstart17.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O13 - Home Prefix: http://webwarper.net/clicklog.pl/AUTODL~~/~av/
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://www.studiosit.it/mapguideViewer/mgaxctrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1200053704343
O16 - DPF: {D147430C-86CD-4E6F-A807-93FBC496D201} (NCSLayeredView Class) - http://www.cartografiarl.regione.liguria.it/ecwplugins/ncs.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{73FB5690-5539-43CF-8926-005E7E9634B8}: NameServer = 151.99.125.1,151.99.125.2
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Unknown owner - C:\Programmi\DU Meter\DUMeterSvc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe

--
End of file - 6646 bytes

L'AVVIO DEL PC E IL CARICAMENTO DELLE ICONE DEL DESKTOP E' ORA LENTISSIMO!
COSA FACCIO?
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » mi controllate il log per favore? Grazie!


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.