Salve, posto di seguito Il LOG di HijackThis; di recente installando un software, ho "preso" l'Offerbox, mi sono documentato come toglierlo correttamente e l'ho fatto con relative certosine pulizie, il software non è più attivo ma mi continua a partire una fastidiosissima pagina pubblicitaria e mi accorgo tra l'altro che mi ritrovo la ventola di raffreddamento del notebook molto sollecitata, ringrazio anticipatamente chi decidesse di aiutarmi.





Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:00:01, on 22/03/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Users\PC-Peppe-2\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC-Peppe-2\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC-Peppe-2\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC-Peppe-2\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC-Peppe-2\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Public\Documents\PowerOffer\POService.exe
C:\Users\PC-Peppe-2\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC-Peppe-2\Desktop\Download\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&m=aspire_4820tg&r=27360111m206l04h3z155t56i1j73n
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iwbank.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&m=aspire_4820tg&r=27360111m206l04h3z155t56i1j73n
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&m=aspire_4820tg&r=27360111m206l04h3z155t56i1j73n
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe
O2 - BHO: PowerOffer - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\Public\Documents\PowerOffer\PowerOfferBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10932 bytes

Nessuno è in grado di aiutarmi??

ComboFix 11-03-22.01 - PC-Peppe-2 22/03/2011 19:57:24.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.3767.2310 [GMT 1:00]
Eseguito da: c:\users\PC-Peppe-2\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Creati Da 2011-02-22 al 2011-03-22 )))))))))))))))))))))))))))))))))))
.
.
2011-03-22 18:59 . 2011-03-22 18:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-22 07:28 . 2011-03-22 07:28 -------- d-----w- c:\program files (x86)\CCleaner
2011-03-21 17:39 . 2011-03-21 17:39 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-03-21 07:30 . 2011-03-21 07:30 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-03-20 07:59 . 2011-03-21 08:39 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-03-20 07:59 . 2011-03-21 08:39 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-03-19 10:27 . 2011-02-23 09:34 7947600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{18902495-2C5E-424C-B479-A59F34AB584C}\mpengine.dll
2011-03-18 20:08 . 2011-03-18 20:08 -------- d-----w- c:\program files (x86)\VS Revo Group
2011-03-18 15:13 . 2011-03-20 08:15 -------- dc----w- c:\windows\system32\DRVSTORE
2011-03-18 15:13 . 2011-03-18 15:13 49752 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-03-18 15:08 . 2011-03-18 15:08 -------- d-----w- c:\users\PC-Peppe-2\AppData\Local\Sunbelt Software
2011-03-18 15:07 . 2011-03-20 08:15 -------- d-----w- c:\programdata\Lavasoft
2011-03-09 18:41 . 2011-03-09 18:41 -------- d-----w- C:\MyWinLockerData
2011-03-06 16:29 . 2011-03-06 16:29 -------- d-----w- c:\users\PC-Peppe-2\AppData\Local\Acer Arcade Deluxe
2011-03-06 16:29 . 2011-03-10 16:01 -------- d-----w- c:\users\PC-Peppe-2\AppData\Roaming\HomeMedia
2011-03-06 14:15 . 2011-03-06 14:15 -------- d-----w- c:\users\PC-Peppe-2\AppData\Local\Microsoft Research
2011-03-06 14:13 . 2011-03-10 15:54 -------- d-----w- c:\program files (x86)\Microsoft Research
2011-02-28 21:06 . 2011-02-28 21:06 -------- d-----w- c:\program files (x86)\KC Softwares
2011-02-28 08:22 . 2011-02-28 08:22 -------- d-----w- c:\program files (x86)\Tacmi
2011-02-28 06:56 . 2011-02-28 08:12 -------- d-----w- c:\users\PC-Peppe-2\AppData\Roaming\gtk-2.0
2011-02-27 21:10 . 2011-02-27 21:10 -------- d-----w- c:\users\PC-Peppe-2\AppData\Roaming\passport_photo
2011-02-27 21:10 . 2011-02-27 21:17 -------- d-----w- c:\program files (x86)\PassportPhoto
2011-02-27 21:00 . 2011-02-27 21:00 -------- d-----w- c:\users\PC-Peppe-2\AppData\Roaming\KC Softwares
2011-02-27 17:55 . 2011-02-27 17:55 -------- d-----w- c:\users\PC-Peppe-2\AppData\Roaming\PlayFirst
2011-02-27 17:55 . 2011-02-27 17:55 -------- d-----w- c:\programdata\PlayFirst
2011-02-27 17:47 . 2011-02-27 18:13 -------- d-----w- c:\users\PC-Peppe-2\AppData\Local\Cyberlink
2011-02-27 17:47 . 2011-02-27 18:15 -------- d-----w- c:\users\PC-Peppe-2\AppData\Roaming\PowerCinema
2011-02-27 17:47 . 2011-02-27 17:47 -------- d-----w- c:\users\PC-Peppe-2\AppData\Roaming\CyberLink
2011-02-27 17:47 . 2011-02-27 17:47 -------- d-----w- c:\users\PC-Peppe-2\AppData\Local\PowerCinema
2011-02-26 17:43 . 2011-02-26 17:43 -------- d-----w- c:\program files\CPUID
2011-02-26 17:43 . 2010-07-09 12:19 21480 ----a-w- c:\windows\system32\drivers\cpuz134_x64.sys
2011-02-26 09:14 . 2011-02-26 09:14 -------- d-----w- c:\users\PC-Peppe-2\AppData\Roaming\PeerNetworking
2011-02-24 07:46 . 2011-02-24 07:46 -------- d-----w- c:\windows\system32\SPReview
2011-02-24 07:17 . 2010-11-20 04:34 3584 ----a-w- c:\windows\system32\drivers\it-IT\tsusbflt.sys.mui
2011-02-24 07:16 . 2010-11-20 04:44 2560 ----a-w- c:\windows\system32\drivers\it-IT\rdpwd.sys.mui
2011-02-24 07:09 . 2010-11-20 04:33 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2011-02-24 07:08 . 2010-11-20 03:21 335872 ----a-w- c:\windows\SysWow64\WinSATAPI.dll
2011-02-24 07:05 . 2011-02-24 07:05 -------- d-----w- c:\windows\system32\EventProviders
2011-02-23 18:26 . 2011-02-23 18:26 -------- d-----w- c:\users\PC-Peppe-2\AppData\Roaming\Avira
2011-02-23 18:23 . 2011-01-21 08:53 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-02-23 18:23 . 2011-01-21 08:53 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-02-23 18:22 . 2011-02-23 18:22 -------- d-----w- c:\programdata\Avira
2011-02-23 18:22 . 2011-02-23 18:22 -------- d-----w- c:\program files (x86)\Avira
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-24 07:39 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-02-24 07:39 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-02-13 14:27 . 2011-02-13 14:27 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-02-13 14:27 . 2011-02-13 14:27 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-02-13 14:27 . 2011-02-13 14:27 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-02-13 14:27 . 2011-02-13 14:27 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-02-13 14:27 . 2011-02-13 14:27 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-02-13 14:27 . 2011-02-13 14:27 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-02-13 14:27 . 2011-02-13 14:27 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-02-13 14:27 . 2011-02-13 14:27 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-02-13 14:27 . 2011-02-13 14:27 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-02-13 14:27 . 2011-02-13 14:27 2382336 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-02-13 14:27 . 2011-02-13 14:27 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-02-13 14:27 . 2011-02-13 14:27 1791488 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-02-13 14:27 . 2011-02-13 14:27 161280 ----a-w- c:\windows\SysWow64\msls31.dll
2011-02-13 14:27 . 2011-02-13 14:27 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-02-13 14:27 . 2011-02-13 14:27 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-02-13 14:27 . 2011-02-13 14:27 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-02-13 14:27 . 2011-02-13 14:27 1426432 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-02-13 14:27 . 2011-02-13 14:27 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-02-13 14:27 . 2011-02-13 14:27 1125376 ----a-w- c:\windows\SysWow64\wininet.dll
2011-02-13 14:27 . 2011-02-13 14:27 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-02-13 14:27 . 2011-02-13 14:27 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-02-13 14:27 . 2011-02-13 14:27 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-02-13 14:27 . 2011-02-13 14:27 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-02-13 14:27 . 2011-02-13 14:27 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-02-13 14:27 . 2011-02-13 14:27 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-02-13 14:27 . 2011-02-13 14:27 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-02-13 14:27 . 2011-02-13 14:27 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-02-13 14:27 . 2011-02-13 14:27 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-02-13 14:27 . 2011-02-13 14:27 448512 ----a-w- c:\windows\system32\html.iec
2011-02-13 14:27 . 2011-02-13 14:27 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-13 14:27 . 2011-02-13 14:27 2382336 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-13 14:27 . 2011-02-13 14:27 2272768 ----a-w- c:\windows\system32\jscript9.dll
2011-02-13 14:27 . 2011-02-13 14:27 222208 ----a-w- c:\windows\system32\msls31.dll
2011-02-13 14:27 . 2011-02-13 14:27 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-02-13 14:27 . 2011-02-13 14:27 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-02-13 14:27 . 2011-02-13 14:27 160256 ----a-w- c:\windows\system32\wextract.exe
2011-02-13 14:27 . 2011-02-13 14:27 1490944 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-13 14:27 . 2011-02-13 14:27 1387520 ----a-w- c:\windows\system32\wininet.dll
2011-02-13 14:27 . 2011-02-13 14:27 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-02-13 14:27 . 2011-02-13 14:27 12288 ----a-w- c:\windows\system32\mshta.exe
2011-02-13 14:27 . 2011-02-13 14:27 114176 ----a-w- c:\windows\system32\admparse.dll
2011-02-13 14:27 . 2011-02-13 14:27 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-02-02 20:40 . 2011-01-21 15:55 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-02-02 17:11 . 2011-01-20 11:57 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-26 14:43 . 2011-01-26 14:43 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-22 14:00 . 2009-11-05 11:54 259747 ----a-w- c:\program files\ShowDesktop.exe
2011-01-22 13:38 . 2011-01-22 13:38 47616 ----a-w- c:\windows\SysWow64\pdf995mon64.dll
2011-01-21 20:29 . 2011-01-21 20:29 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-01-21 20:29 . 2011-01-21 20:29 375616 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:55 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 03:20 442880 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-21 98304]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-01-21 281768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
.
R2 gupdate;Servizio di Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 135664]
R2 sppsvc;Protezione software;c:\windows\system32\sppsvc.exe [x]
R3 1394ohci;Controller host compatibile OHCI 1394;c:\windows\system32\drivers\1394ohci.sys [x]
R3 AcpiPmi;Driver misuratore alimentazione ACPI;c:\windows\system32\drivers\acpipmi.sys [x]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [x]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [x]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [x]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 AppID;Driver AppID;c:\windows\system32\drivers\appid.sys [x]
R3 AppIDSvc;Identità applicazione;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [x]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbda.sys [x]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys [x]
R3 BDESVC;Servizio di crittografia unità BitLocker;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [x]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [x]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [x]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [x]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [x]
R3 CertPropSvc;Propagazione certificati;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [x]
R3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
R3 defragsvc;Utilità di deframmentazione dischi;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbda.sys [x]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [x]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [x]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [x]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [x]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [x]
R3 iaStorV;Controller RAID Intel - Windows 7;c:\windows\system32\drivers\iaStorV.sys [x]
R3 IPBusEnum;Enumeratore bus IP PnP-X;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [x]
R3 iScsiPrt;Driver porta iSCSI;c:\windows\system32\drivers\msiscsi.sys [x]
R3 KtmRm;KtmRm per Distributed Transaction Coordinator;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
R3 lltdsvc;Mapper individuazione topologia livelli di collegamento;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [x]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [x]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [x]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [x]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [x]
R3 mpio;Driver bus Microsoft Multi-Path;c:\windows\system32\drivers\mpio.sys [x]
R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys [x]
R3 msdsm;Modulo specifico dispositivo Microsoft Multi-Path;c:\windows\system32\drivers\msdsm.sys [x]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [x]
R3 MSiSCSI;Servizio iniziatore iSCSI Microsoft;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [x]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [x]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [x]
R3 PerfHost;Host DLL contatore prestazioni;c:\windows\SysWow64\perfhost.exe [2009-07-14 20992]
R3 pla;Avvisi e registri di prestazioni;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PNRPAutoReg;Servizio di pubblicazione nome computer PNRP;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [x]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [x]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [x]
R3 scfilter;Driver di filtro della classe Plug and Play smart card;c:\windows\system32\DRIVERS\scfilter.sys [x]
R3 SCPolicySvc;Criterio rimozione smart card;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SDRSVC;Windows Backup;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SensrSvc;Luminosità adattiva;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SessionEnv;Configurazione Desktop remoto;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 sffp_mmc;Driver protocollo memorie SFF per MMC;c:\windows\system32\drivers\sffp_mmc.sys [x]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [x]
R3 Smb;Protocollo TCP/IP e TCP/IPv6 orientato ai messaggi (sessione SMB);c:\windows\system32\DRIVERS\smb.sys [x]
R3 sppuinotify;Servizio di notifica SPP;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [x]
R3 TabletInputService;Servizio di input Tablet PC;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 TBS;Servizi di base TPM;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 THREADORDER;Server di ordinamento thread;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 TrustedInstaller;Programma di installazione dei moduli di Windows;c:\windows\servicing\TrustedInstaller.exe [2010-11-20 194048]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 UI0Detect;Rilevamento servizi interattivi;c:\windows\system32\UI0Detect.exe [x]
R3 uliagpkx;Uli AGP Bus Filter;c:\windows\system32\drivers\uliagpkx.sys [x]
R3 usbcir;Ricevitore infrarossi eHome (USBCIR);c:\windows\system32\drivers\usbcir.sys [x]
R3 VaultSvc;Gestione credenziali;c:\windows\system32\lsass.exe [x]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [x]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [x]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wbengine;Servizio modulo di backup a livello di blocco;c:\windows\system32\wbengine.exe [x]
R3 WbioSrvc;Servizio di biometria Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wcncsvc;Windows Connect Now - Registro configurazioni;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WcsPlugInService;Sistema colori Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WdiSystemHost;Host sistema di diagnostica;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 Wecsvc;Raccolta eventi Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wercplsupport;Segnalazioni di problemi e soluzioni nel Pannello di controllo;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WerSvc;Servizio Segnalazione errori Windows;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 22096]
R3 WinRM;Gestione remota Windows (WS-Management);c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WPDBusEnum;Servizio enumeratore dispositivi mobili;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WwanSvc;Configurazione automatica WWAN;c:\windows\system32\svchost.exe [2009-07-14 27136]
R4 Mcx2Svc;Servizio Media Center Extender;c:\windows\system32\svchost.exe [2009-07-14 27136]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [x]
S0 CLFS;Registro comune (CLFS);c:\windows\System32\CLFS.sys [x]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [x]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [x]
S0 fvevol;Driver filtro Crittografia unità BitLocker;c:\windows\System32\DRIVERS\fvevol.sys [x]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [x]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [x]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [x]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [x]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [x]
S0 spldr;Security Processor Loader Driver; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 vdrvroot;Driver enumeratore unità virtuale Microsoft;c:\windows\system32\drivers\vdrvroot.sys [x]
S0 volmgr;Driver archiviazione volumi;c:\windows\system32\drivers\volmgr.sys [x]
S0 volmgrx;Gestore volumi dinamici;c:\windows\System32\drivers\volmgrx.sys [x]
S0 Wd;Microsoft Watchdog Timer Driver;c:\windows\system32\DRIVERS\wd.sys [x]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [x]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [x]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [x]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [x]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [x]
S1 tdx;Driver di supporto TDI legacy NetIO;c:\windows\system32\DRIVERS\tdx.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S1 Wanarpv6;Driver ARP IPv6 di accesso remoto;c:\windows\system32\DRIVERS\wanarp.sys [x]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AudioEndpointBuilder;Generatore endpoint audio di Windows;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 BFE;BFE (Base Filtering Engine);c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S2 DPS;Servizio Criteri di diagnostica;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-04-23 820768]
S2 FDResPub;Pubblicazione risorse per individuazione;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 FontCache;Servizio cache tipi di carattere Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 gpsvc;Client di Criteri di gruppo;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 IKEEXT;Moduli di impostazione chiavi IPSec IKE e Auth-IP;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 iphlpsvc;Helper IP;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [x]
S2 luafv;Virtualizzazione file controllo dell'account utente;c:\windows\system32\drivers\luafv.sys [x]
S2 MMCSS;Utilità di pianificazione classi multimediali;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 MpsSvc;Windows Firewall;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-04-17 305520]
S2 NlaSvc;Riconoscimento presenza in rete;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 nsi;Servizio Interfaccia archivio di rete;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
S2 PcaSvc;Servizio Risoluzione problemi compatibilità programmi;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [x]
S2 Power;Alimentazione;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 ProfSvc;Servizio profili utente;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 RpcEptMapper;Agente mapping endpoint RPC;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 SysMain;Ottimizzazione avvio;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S2 UxSms;Gestione sessione di Gestione finestre desktop;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 Wlansvc;Configurazione automatica WLAN;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 Appinfo;Informazioni applicazioni;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 bowser;Driver di supporto del browser;c:\windows\system32\DRIVERS\bowser.sys [x]
S3 CompositeBus;Driver enumeratore bus composito;c:\windows\system32\drivers\CompositeBus.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [x]
S3 fdPHost;Host provider di individuazione funzioni;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 HomeGroupListener;Listener Gruppo Home;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 HomeGroupProvider;Provider Gruppo Home;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 KeyIso;Isolamento chiavi CNG;c:\windows\system32\lsass.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 monitor;Servizio driver funzioni di classe monitor Microsoft;c:\windows\system32\DRIVERS\monitor.sys [x]
S3 mpsdrv;Driver di autorizzazione di Windows Firewall;c:\windows\system32\drivers\mpsdrv.sys [x]
S3 mrxsmb10;Mini-redirector SMB 1.x;c:\windows\system32\DRIVERS\mrxsmb10.sys [x]
S3 mrxsmb20;Mini-redirector SMB 2.0;c:\windows\system32\DRIVERS\mrxsmb20.sys [x]
S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [x]
S3 netprofm;Servizio Elenco reti;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [x]
S3 srv2;Driver server SMB 2.xxx;c:\windows\system32\DRIVERS\srv2.sys [x]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [x]
S3 tunnel;Driver scheda Microsoft Tunnel Miniport;c:\windows\system32\DRIVERS\tunnel.sys [x]
S3 umbus;Driver enumeratore UMBus;c:\windows\system32\drivers\umbus.sys [x]
S3 vwifibus;Driver bus WiFi virtuale;c:\windows\system32\DRIVERS\vwifibus.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 WdiServiceHost;Host servizio di diagnostica;c:\windows\System32\svchost.exe [2009-07-14 27136]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS QWAVE wcncsvc
DcomLaunch REG_MULTI_SZ Power PlugPlay DcomLaunch
wcssvc REG_MULTI_SZ WcsPlugInService
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
msiscsi
schedule
SessionEnv
winmgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
sppuinotify
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
.
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 12:14]
.
2011-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 12:14]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:58 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 04:27 509952 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-22 10775072]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-04-22 2040352]
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-04-23 496160]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
winmgmt
SessionEnv
browser
EapHost
schedule
hkmsvc
wercplsupport
ProfSvc
Themes
BDESVC
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
homegrouplistener
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
WdiServiceHost
sppuinotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetworkService
lanmanworkstation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.iwbank.it/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&m=aspire_4820tg&r=27360111m206l04h3z155t56i1j73n
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: {A9479022-A614-40EF-806B-095C99CD19FA} = 192.168.1.1
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2011-03-22 20:01:21
ComboFix-quarantined-files.txt 2011-03-22 19:01
ComboFix2.txt 2011-03-22 18:55
.
Pre-Run: 421.905.203.200 byte disponibili
Post-Run: 421.606.014.976 byte disponibili
.
- - End Of File - - B19A146B943B6198E451E574B33DB8CD

Le ho provate tutte, compreso istallare di nuovo offerbox e disistlallarlo con RevoUnistaller, per eliminare tutte le chiavi rimaste, ma niente quella diavolo di pagina pubblicitaria continua a partire, non so come, o meglio ci sarà da qualche parte un eseguibile che nessuno vede e che la fa partire, comunque grazie lo stesso, a male estremi formatterò.