Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

controllo log Opzioni
a10n11
Inviato: Sunday, August 14, 2011 7:41:15 PM

Rank: AiutAmico

Iscritto dal : 5/29/2003
Posts: 1,694
salve
mi date per favore una occhiata al log di hijack?
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20.55.06, on 13/08/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\AVG\AVG9\avgchsvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\AVG\AVG9\avgrsx.exe
C:\Programmi\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmi\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\Programmi\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Programmi\Samsung\Easy Display Manager\dmhkcore.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Programmi\SAMSUNG\MagicKBD\PerformanceManager.exe
C:\Programmi\Ask.com\Updater\Updater.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\uTorrent\uTorrent.exe
C:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE
C:\Programmi\AVG\AVG9\avgwdsvc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\AVG\AVG9\avgemc.exe
C:\Programmi\AVG\AVG9\avgnsx.exe
C:\Programmi\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\igfxext.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Programmi\ShoppingReport\Bin\2.6.63\ShoppingReport.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmi\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmi\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DMHotKey] C:\Programmi\Samsung\Easy Display Manager\DMLoader.exe
O4 - HKLM\..\Run: [BatteryManager] C:\Programmi\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Programmi\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [SUPBackground] C:\Programmi\Samsung\Samsung Update Plus\SUPBackground.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Programmi\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Programmi\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Programmi\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Programmi\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BatteryLifeExtender] C:\Programmi\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe /2
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Programmi\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Programmi\PokerStars.IT\PokerStarsUpdate.exe
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Programmi\ShoppingReport\Bin\2.6.63\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Programmi\ShoppingReport\Bin\2.6.63\ShoppingReport.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{445F96CF-F09C-4DC7-B952-3780DA90E0CC}: NameServer = 93.188.162.138,93.188.160.18
O17 - HKLM\System\CCS\Services\Tcpip\..\{488F820F-2AB6-47A1-AFD8-AB658A3A8FEF}: NameServer = 93.188.162.138,93.188.160.18
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.162.138,93.188.160.18
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.162.138,93.188.160.18
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.138,93.188.160.18
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Programmi\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Programmi\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG9\avgwdsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe

--
End of file - 10807 bytes

saluti
Giap

Sponsor
Inviato: Sunday, August 14, 2011 7:41:15 PM

 
shapiro
Inviato: Sunday, August 14, 2011 7:53:07 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
se non hai nessun riferimento a collegamenti con l'Ucraina

Lancia HiJackThis
Clicca Do a scan only
Metti la spunta a fianco delle righe che ti segnalo qui sotto
Clicca su Fix Checked le altre le fixiamo alla fine

Code:
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.162.138,93.188.160.18

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.162.138,93.188.160.18

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.138,93.188.160.18



vai sulk sito di virus total e analizza l'eseguibile del programma ShoppingReport

C:\Programmi\ShoppingReport\Bin\2.6.63\ShoppingReport.dll


Scarica e installa malwarebytes.
http://www.malwarebytes.org/
Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completa, fai clic su OK => Mostra i Risultati.
Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
Se ti chiede di riavviare, riavvia per completare il processo di pulizia.
Posta il rapporto .



a10n11
Inviato: Monday, August 15, 2011 12:13:54 AM

Rank: AiutAmico

Iscritto dal : 5/29/2003
Posts: 1,694
grazie shapiro per la pronta risposta.
purtroppo non riesco ad accedere alla pagina di malwarebytes.Come non riesco ad accedere agli aggiornamenti di spyboot.
nel frattempo fixate le voci indicate di hjiack
saluti
Giap


shapiro
Inviato: Monday, August 15, 2011 12:32:11 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164


prova se riesci a scaricarlo da qui

a10n11
Inviato: Monday, August 15, 2011 12:37:39 AM

Rank: AiutAmico

Iscritto dal : 5/29/2003
Posts: 1,694
salve
scaricato ed installato, ma non mi consente l'aggiornamento
"PROGRAM ERROR UPDATING(110004,0,no address found)



shapiro
Inviato: Monday, August 15, 2011 12:40:19 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164


prova a fare la scansione lo stesso qualcosa verra' fuori

solo una domanda: ti connetti al sito Microsoft?
a10n11
Inviato: Monday, August 15, 2011 1:17:04 AM

Rank: AiutAmico

Iscritto dal : 5/29/2003
Posts: 1,694
salve
questo il log:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Versione database: 7035

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

15/08/2011 1.12.33
mbam-log-2011-08-15 (01-12-33).txt

Tipo di scansione: Scansione completa (C:\|D:\|)
Elementi esaminati: 191490
Tempo impiegato: 28 minuti, 36 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 37
Valori di registro infetti: 6
Voci infette nei dati di registro: 2
Cartelle infette: 11
File infetti: 10

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
HKEY_CLASSES_ROOT\CLSID\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport.RprtCtrl.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport.RprtCtrl (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport.HbAx.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport.HbAx (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A16AD1E9-F69A-45AF-9462-B1C286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport.IEButtonA.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport.IEButtonA (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport.HbInfoBand.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport.HbInfoBand (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{C9CCBB35-D123-4A31-AFFC-9B2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport.IEButton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport.IEButton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.

Valori di registro infetti:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Value: {C5428486-50A0-4A02-9D20-520B59A9F9B2} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Value: {C5428486-50A0-4A02-9D20-520B59A9F9B3} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4a02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Value: {C5428486-50A0-4a02-9D20-520B59A9F9B3} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4a02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Value: {C5428486-50A0-4a02-9D20-520B59A9F9B2} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> Quarantined and deleted successfully.

Voci infette nei dati di registro:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{445F96CF-F09C-4DC7-B952-3780DA90E0CC}\NameServer (Trojan.DNSChanger) -> Bad: (93.188.162.138,93.188.160.18) Good: () -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{488F820F-2AB6-47A1-AFD8-AB658A3A8FEF}\NameServer (Trojan.DNSChanger) -> Bad: (93.188.162.138,93.188.160.18) Good: () -> Quarantined and deleted successfully.

Cartelle infette:
c:\documents and settings\BONI\dati applicazioni\shoppingreport (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\BONI\dati applicazioni\shoppingreport\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\BONI\dati applicazioni\shoppingreport\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\BONI\dati applicazioni\shoppingreport\cs\documents and settings (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\BONI\dati applicazioni\shoppingreport\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\BONI\dati applicazioni\shoppingreport\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\BONI\dati applicazioni\shoppingreport\cs\res2 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\BONI\dati applicazioni\shoppingreport\dati applicazioni (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\programmi\shoppingreport (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\programmi\shoppingreport\Bin (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\programmi\shoppingreport\Bin\2.6.63 (Adware.ShopperReports) -> Quarantined and deleted successfully.

File infetti:
c:\programmi\shoppingreport\Bin\2.6.63\shoppingreport.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{ad87c172-8951-49a3-b328-a019f079b03d}\RP401\A0072858.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\BONI\dati applicazioni\shoppingreport\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\BONI\dati applicazioni\shoppingreport\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\BONI\dati applicazioni\shoppingreport\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\BONI\dati applicazioni\shoppingreport\cs\dwld\whitelist.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\BONI\dati applicazioni\shoppingreport\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\BONI\dati applicazioni\shoppingreport\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\BONI\dati applicazioni\shoppingreport\cs\res2\whitelist.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\programmi\shoppingreport\Uninst.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.


a10n11
Inviato: Monday, August 15, 2011 1:43:26 AM

Rank: AiutAmico

Iscritto dal : 5/29/2003
Posts: 1,694
salve
ponendo in quarantena queste due voci
Voci infette nei dati di registro:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{445F96CF-F09C-4DC7-B952-3780DA90E0CC}\NameServer (Trojan.DNSChanger) -> Bad: (93.188.162.138,93.188.160.18) Good: () -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{488F820F-2AB6-47A1-AFD8-AB658A3A8FEF}\NameServer (Trojan.DNSChanger) -> Bad: (93.188.162.138,93.188.160.18) Good: () -> Quarantined and deleted successfully.

non è più possibile navigare in internet. Riattivandole si rinaviga.

Vista l'ora buona notte.
saluti e grazie Giap


shapiro
Inviato: Monday, August 15, 2011 2:10:04 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
Commenta:
ponendo in quarantena queste due voci
Voci infette nei dati di registro:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{445F96CF-F09C-4DC7-B952-3780DA90E0CC}\NameServer (Trojan.DNSChanger) -> Bad: (93.188.162.138,93.188.160.18) Good: () -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{488F820F-2AB6-47A1-AFD8-AB658A3A8FEF}\NameServer (Trojan.DNSChanger) -> Bad: (93.188.162.138,93.188.160.18) Good: () -> Quarantined and deleted successfully.
non è più possibile navigare in internet. Riattivandole si rinaviga.


e' il DNSChanger che crea questo problema

ri-mettile in quarantena poi per la connessione prova cosi'

Code:
clicca su start - pannello di controllo - connessioni di rete
clicca con il tasto destro del mouse sulla tua connessione - seleziona proprietà >>> scegli ''rete'' - doppio click su "Protocollo Internet(TCP/IP)" - seleziona "ottieni indirizzo server DNS automaticamente" - dai l'ok -


riavvia il pc e vedi se ora riesci a connetterti





a10n11
Inviato: Monday, August 15, 2011 9:30:43 AM

Rank: AiutAmico

Iscritto dal : 5/29/2003
Posts: 1,694
salve
con un pronto soccorso aperto 24 ore su 24 ore come questo non avevo dubbi sulla soluzione del problema.
Problema rientrato!
grazie Shapiro
saluti
Giap


shapiro
Inviato: Monday, August 15, 2011 9:36:29 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164


aspetta non abbiamo finito con le infezioni che hai avuto meglio un controllo in piu'

esegui queste pulizie

Installa Ccleaner

ccleaner

durante l’installazione deseleziona l’opzione per la barra di Yahoo, lo apri, vai in Opzioni>Avanzate, togli la spunta a “Cancella file temp diwindows solo se più vecchi di 48 ore”, poi avvialo, seleziona "Analizza" ed alla fine dell'analisi premi "Avvia pulizia''


clicca su Registro, nella pagina successiva clicca Trova problemi, poi al termine dello scan clicca su Ripara selezionati , risposndi di sì alla richiesta di salvare il backup (salvalo in una cartella a piacimento) poi ripara tutti gli elementi trovati.

scarica atf cleaner

non ha bisogno di installazione

Avvia ATF Cleaner.exe con un doppio click
- clicca sul menu main
- seleziona la casella Select All
- clicca sul pulsante Empty selected
- aspetta l'avviso Done Cleaning.
(se non vuoi eliminare le password togli la spunta)
(se usi opera o firefox,spunta anche le loro sezioni)



disattiva momentaneamente l'antivirus


scarica combofix sul desktop

alla richiesta se vuoi installare la recovery console clicca su NO

esegui ComboFix.exe

segui le instruzioni

finita la scansione portati in C:\ e copia/incolla, nella tua prossima risposta, il contenuto del file di testo Combofix.txt

come usare correttamente combofix





a10n11
Inviato: Monday, August 15, 2011 11:33:03 AM

Rank: AiutAmico

Iscritto dal : 5/29/2003
Posts: 1,694
salve
ecco il risultato
ComboFix 11-08-15.07 - BONI 15/08/2011 11.21.42.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1014.293 [GMT 2:00]
Eseguito da: c:\documents and settings\BONI\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\BONI\Dati applicazioni\.#
c:\documents and settings\BONI\Dati applicazioni\.#\MBX@BBC@383FD0.###
c:\documents and settings\BONI\Dati applicazioni\.#\MBX@BBC@384000.###
.
.
((((((((((((((((((((((((( Files Creati Da 2011-07-15 al 2011-08-15 )))))))))))))))))))))))))))))))))))
.
.
2011-08-15 09:00 . 2011-08-15 09:00 -------- d-----w- c:\documents and settings\BONI\Impostazioni locali\Dati applicazioni\WMTools Downloaded Files
2011-08-15 08:30 . 2011-08-15 08:31 -------- d-----w- c:\programmi\File comuni\DVDVideoSoft
2011-08-15 08:30 . 2011-08-15 08:30 -------- d-----w- c:\programmi\DVDVideoSoft
2011-08-15 07:28 . 2011-08-15 07:28 -------- d-----w- c:\windows\LastGood
2011-08-14 22:34 . 2011-08-14 22:34 -------- d-----w- c:\documents and settings\BONI\Dati applicazioni\Malwarebytes
2011-08-14 22:34 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-14 22:34 . 2011-08-14 22:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2011-08-14 22:34 . 2011-08-14 22:34 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2011-08-14 22:34 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-14 17:13 . 2011-08-14 17:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2011-08-13 21:05 . 2011-08-13 21:05 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2011-08-13 21:00 . 2011-08-13 21:05 -------- d-----w- c:\documents and settings\BONI\Impostazioni locali\Dati applicazioni\Temp
2011-08-13 21:00 . 2011-08-13 21:00 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Google
2011-08-13 20:59 . 2011-08-15 09:23 -------- d-----w- c:\documents and settings\BONI\Dati applicazioni\Skype
2011-08-13 20:59 . 2011-08-13 21:00 -------- d-----r- c:\programmi\Skype
2011-08-13 20:59 . 2011-08-13 20:59 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2011-08-13 16:49 . 2011-08-15 08:07 -------- d-----w- c:\programmi\CCleaner
2011-08-13 16:45 . 2011-08-13 16:45 388096 ----a-r- c:\documents and settings\BONI\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-13 16:45 . 2011-08-13 16:45 -------- d-----w- c:\programmi\Trend Micro
2011-08-07 11:41 . 2011-08-07 11:41 -------- d-----w- c:\documents and settings\BONI\Impostazioni locali\Dati applicazioni\PCHealth
2011-07-20 18:29 . 2011-07-20 18:29 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-23 22:31 . 2011-05-06 00:49 142296 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2011-03-18 06:11 2471240 ----a-w- c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 11:29 1490312 ----a-w- c:\programmi\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll" [2011-03-18 2471240]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll" [2011-03-18 2471240]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BatteryLifeExtender"="c:\programmi\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe" [2009-03-13 550912]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"uTorrent"="c:\programmi\uTorrent\uTorrent.exe" [2011-03-31 399736]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" [2011-07-29 17361032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-21 17881600]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-18 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-18 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-18 137752]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2008-08-28 1044480]
"DMHotKey"="c:\programmi\Samsung\Easy Display Manager\DMLoader.exe" [2006-12-27 466944]
"BatteryManager"="c:\programmi\Samsung\Samsung Battery Manager\BatteryManager.exe" [2009-06-01 3153408]
"MagicKeyboard"="c:\programmi\SAMSUNG\MagicKBD\PreMKBD.exe" [2006-05-14 151552]
"SUPBackground"="c:\programmi\Samsung\Samsung Update Plus\SUPBackground.exe" [2010-04-20 300912]
"UCam_Menu"="c:\programmi\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2011-03-15 2071904]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Microsoft Default Manager"="c:\programmi\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"ApnUpdater"="c:\programmi\Ask.com\Updater\Updater.exe" [2011-05-17 395144]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\BONI\Menu Avvio\Programmi\Esecuzione automatica\
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\programmi\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-16 09:46 12536 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\AVG\\AVG9\\avgemc.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgupd.exe"=
"c:\\Programmi\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
.
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [02/01/2010 20.35.17 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [02/01/2010 20.34.58 243152]
R2 avg9emc;AVG Free E-mail Scanner;c:\programmi\AVG\AVG9\avgemc.exe [16/07/2010 11.45.43 921952]
R2 avg9wd;AVG Free WatchDog;c:\programmi\AVG\AVG9\avgwdsvc.exe [16/07/2010 11.46.55 308136]
R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [30/07/2009 10.57.50 4300]
R3 CryptOSD;Phoenix CryptOSD Device Driver;c:\windows\system32\drivers\CryptOSD.sys [01/05/2009 15.41.06 384896]
R3 VMC33F;Vimicro Camera Service VMC33F;c:\windows\system32\drivers\VMC33F.sys [30/07/2009 11.01.40 237952]
R3 xcpip;Driver protocollo TCP/IP;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]
R3 xpsec;Driver IPSEC;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [30/07/2009 10.59.23 1684736]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\programmi\AVG\AVG9\Toolbar\ToolbarBroker.exe [26/10/2010 13.58.18 947528]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [15/08/2011 0.34.38 41272]
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-07-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-08-15 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\programmi\Ask.com\UpdateTask.exe [2011-05-17 11:29]
.
2011-08-15 c:\windows\Tasks\User_Feed_Synchronization-{73C455EB-4DAB-4173-99FA-6351414946CD}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{C4046502-6524-4d87-896C-878F57D1FF07} - c:\programmi\PokerStars.IT\PokerStarsUpdate.exe
TCP: DhcpNameServer = 192.168.1.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll
FF - ProfilePath - c:\documents and settings\BONI\Dati applicazioni\Mozilla\Firefox\Profiles\c3lhcrix.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=LMIMBU&PC=LMI_MB&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://it.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4b3f91df&v=6.103.018.001&i=23&tp=ab&iy=&ychte=us&lng=it&q=
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
HKU-Default-Run-cleansweep.exe - c:\cleansweep.exe\cleansweep.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-15 11:27
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
Ora fine scansione: 2011-08-15 11:29:41
ComboFix-quarantined-files.txt 2011-08-15 09:29
.
Pre-Run: 9.347.944.448 byte disponibili
Post-Run: 9.337.352.192 byte disponibili
.
- - End Of File - - 0BF6C99813C1DE94C36142235ACC2D34


saluti
giap


shapiro
Inviato: Monday, August 15, 2011 12:24:34 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
visualizza file e cartelle nascosti

vai qui e controlla questi file, probabilmente sono infezioni ma voglio vedere cosa ne pensano i 40 antivirus

c:\windows\system32\drivers\xcpip.sys

c:\windows\system32\drivers\xpsec.sys

salva la pagina e posta il risultato qui nel forum

sai che devi aggiornare avg....vero?
a10n11
Inviato: Monday, August 15, 2011 1:04:59 PM

Rank: AiutAmico

Iscritto dal : 5/29/2003
Posts: 1,694
shapiro ha scritto:
visualizza file e cartelle nascosti

vai qui e controlla questi file, probabilmente sono infezioni ma voglio vedere cosa ne pensano i 40 antivirus

c:\windows\system32\drivers\xcpip.sys

c:\windows\system32\drivers\xpsec.sys

salva la pagina e posta il risultato qui nel forum

sai che devi aggiornare avg....vero?


salve
dei due file indicati non esite traccia nel pc (file nascosti compresi)

L'aggiornamento delle definizioni di Avg è alla data di oggi, se intendi aggiornarlo alle versioni successive
ci stavo giusto pensando
saluti
Giap

shapiro
Inviato: Monday, August 15, 2011 5:49:59 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
io parlavo di questa versione fresca fresca da aiutamici

sei consapevole che eseguendo questo script verra' eliminata la versione 9 di avg con tutti i suoi componenti, se invece vuoi tenerla, NON ESEGUIRLO



Apri il Blocco Note copia e incolla questa righe, mi raccomando solo quello inserito nello spazio bianco, non copiare CODE


Code:
File::

c:\programmi\Ask.com\GenericAskToolbar.dll
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll
c:\programmi\AVG\AVG9\Toolbar\ToolbarBroker.exe


Folder::

c:\programmi\Ask.com
c:\programmi\AVG\AVG9


Registry::

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"=-
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"=-
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-


Driver::

AVG Security Toolbar Service



Salva il file sul Desktop come CFScript.txt

Trascina il file appena creato ovvero CFScript.txt sull'icona di ComboFix

al termine il PC si dovrebbe ravviare, eventualmente riavvia tu manualmente, allega il log che trovi in C:\ComboFix.txt










a10n11
Inviato: Monday, August 15, 2011 7:08:41 PM

Rank: AiutAmico

Iscritto dal : 5/29/2003
Posts: 1,694
salve
ecco il log. (rileva i due files che non sono riuscito a scovare)

ComboFix 11-08-15.07 - BONI 15/08/2011 18.45.46.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1014.446 [GMT 2:00]
Eseguito da: c:\documents and settings\BONI\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\BONI\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
FILE ::
"c:\programmi\Ask.com\GenericAskToolbar.dll"
"c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll"
"c:\programmi\AVG\AVG9\Toolbar\ToolbarBroker.exe"
"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programmi\Ask.com
c:\programmi\Ask.com\assets\oobe\b.png
c:\programmi\Ask.com\assets\oobe\bl.png
c:\programmi\Ask.com\assets\oobe\br.png
c:\programmi\Ask.com\assets\oobe\l.png
c:\programmi\Ask.com\assets\oobe\pointer.png
c:\programmi\Ask.com\assets\oobe\r.png
c:\programmi\Ask.com\assets\oobe\t.png
c:\programmi\Ask.com\assets\oobe\tl.png
c:\programmi\Ask.com\assets\oobe\tr.png
c:\programmi\Ask.com\cobrand.ico
c:\programmi\Ask.com\config.xml
c:\programmi\Ask.com\favicon.ico
c:\programmi\Ask.com\fv_48.ico
c:\programmi\Ask.com\GenericAskToolbar.dll
c:\programmi\Ask.com\mupcfg.xml
c:\programmi\Ask.com\precache.exe
c:\programmi\Ask.com\SaUpdate.exe
c:\programmi\Ask.com\Updater\config.xml
c:\programmi\Ask.com\Updater\Updater.exe
c:\programmi\Ask.com\UpdateTask.exe
c:\programmi\AVG\AVG9
c:\programmi\AVG\AVG9\3rd_party\licenses\ace.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\arabica.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\boost.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\bsdiff.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\bzip.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\carp.html
c:\programmi\AVG\AVG9\3rd_party\licenses\cryptopp.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\curl.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\dazukofs.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\expat.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\imagemagick.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\infozip.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\lua.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\md4_md5_license.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\milter.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\minizip.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\openssl_license.html
c:\programmi\AVG\AVG9\3rd_party\licenses\sasl.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\tinyxml.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\unrar.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\untar.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\xalan_xerces.txt
c:\programmi\AVG\AVG9\3rd_party\licenses\zlib.txt
c:\programmi\AVG\AVG9\3rd_party\readme.txt
c:\programmi\AVG\AVG9\avg.snu
c:\programmi\AVG\AVG9\avg9it.lng
c:\programmi\AVG\AVG9\avg9us.lng
c:\programmi\AVG\AVG9\avgabout.dll
c:\programmi\AVG\AVG9\avgamnot.dll
c:\programmi\AVG\AVG9\avgapix.dll
c:\programmi\AVG\AVG9\avgatend.stp
c:\programmi\AVG\AVG9\avgatupd.stp
c:\programmi\AVG\AVG9\avgbat.bav
c:\programmi\AVG\AVG9\avgcclix.dll
c:\programmi\AVG\AVG9\avgcertx.dll
c:\programmi\AVG\AVG9\avgcfgex.exe
c:\programmi\AVG\AVG9\avgcfgx.dll
c:\programmi\AVG\AVG9\avgchclx.dll
c:\programmi\AVG\AVG9\avgchjwx.dll
c:\programmi\AVG\AVG9\avgchsvx.exe
c:\programmi\AVG\AVG9\avgclitx.dll
c:\programmi\AVG\AVG9\avgcmgr.exe
c:\programmi\AVG\AVG9\avgcorex.dll
c:\programmi\AVG\AVG9\avgcrlpx.dll
c:\programmi\AVG\AVG9\avgcslx.dll
c:\programmi\AVG\AVG9\avgcsrvx.exe
c:\programmi\AVG\AVG9\avgdumpx.exe
c:\programmi\AVG\AVG9\avgemc.exe
c:\programmi\AVG\AVG9\avgf9it.chm
c:\programmi\AVG\AVG9\avgf9us.chm
c:\programmi\AVG\AVG9\avgfree_it.mht
c:\programmi\AVG\AVG9\avgfree_us.mht
c:\programmi\AVG\AVG9\avgfrw.exe
c:\programmi\AVG\AVG9\avginet.dll
c:\programmi\AVG\AVG9\avgiproxy.exe
c:\programmi\AVG\AVG9\avglngx.dll
c:\programmi\AVG\AVG9\avglogx.dll
c:\programmi\AVG\AVG9\avglvex.dll
c:\programmi\AVG\AVG9\avgmail.dll
c:\programmi\AVG\AVG9\avgmtrapx.dll
c:\programmi\AVG\AVG9\avgmvflx.dll
c:\programmi\AVG\AVG9\avgmwdef_it.mht
c:\programmi\AVG\AVG9\avgmwdef_us.mht
c:\programmi\AVG\AVG9\avgnsx.exe
c:\programmi\AVG\AVG9\avgpp.dll
c:\programmi\AVG\AVG9\avgresf.dll
c:\programmi\AVG\AVG9\avgrsx.exe
c:\programmi\AVG\AVG9\avgsbfree_it.mht
c:\programmi\AVG\AVG9\avgsbfree_us.mht
c:\programmi\AVG\AVG9\avgscanx.dll
c:\programmi\AVG\AVG9\avgscanx.exe
c:\programmi\AVG\AVG9\avgsched.dll
c:\programmi\AVG\AVG9\avgse.dll
c:\programmi\AVG\AVG9\avgsrmax.exe
c:\programmi\AVG\AVG9\avgsrmx.dll
c:\programmi\AVG\AVG9\avgssie.dll
c:\programmi\AVG\AVG9\avgtbapi.dll
c:\programmi\AVG\AVG9\AVGToolbarInstall.exe
c:\programmi\AVG\AVG9\avgtray.exe
c:\programmi\AVG\AVG9\avgtrial_it.mht
c:\programmi\AVG\AVG9\avgtrial_us.mht
c:\programmi\AVG\AVG9\avgui.exe
c:\programmi\AVG\AVG9\avguiadv.dll
c:\programmi\AVG\AVG9\avguires.dll
c:\programmi\AVG\AVG9\avgupd.dll
c:\programmi\AVG\AVG9\avgupd.exe
c:\programmi\AVG\AVG9\avgvvx.dll
c:\programmi\AVG\AVG9\avgwd.dll
c:\programmi\AVG\AVG9\avgwdsvc.exe
c:\programmi\AVG\AVG9\avgwdwsc.dll
c:\programmi\AVG\AVG9\avgxpl.dll
c:\programmi\AVG\AVG9\cf.dat
c:\programmi\AVG\AVG9\Chjw\4e2a720e2a71548\avgcchfi.dat
c:\programmi\AVG\AVG9\Chjw\4e2a720e2a71548\avgcchmi.dat
c:\programmi\AVG\AVG9\contacts_it.html
c:\programmi\AVG\AVG9\contacts_us.html
c:\programmi\AVG\AVG9\dbghelp.dll
c:\programmi\AVG\AVG9\dfncfg.dat
c:\programmi\AVG\AVG9\fixcfg.exe
c:\programmi\AVG\AVG9\Icons\alert_mask.png
c:\programmi\AVG\AVG9\Icons\background_middle_gray.gif
c:\programmi\AVG\AVG9\Icons\background_middle_green.gif
c:\programmi\AVG\AVG9\Icons\background_middle_orange.gif
c:\programmi\AVG\AVG9\Icons\background_middle_red.gif
c:\programmi\AVG\AVG9\Icons\background_middle_yellow.gif
c:\programmi\AVG\AVG9\Icons\background_top_gray.gif
c:\programmi\AVG\AVG9\Icons\background_top_green.gif
c:\programmi\AVG\AVG9\Icons\background_top_orange.gif
c:\programmi\AVG\AVG9\Icons\background_top_red.gif
c:\programmi\AVG\AVG9\Icons\background_top_yellow.gif
c:\programmi\AVG\AVG9\Icons\block-doc.gif
c:\programmi\AVG\AVG9\Icons\blocked.gif
c:\programmi\AVG\AVG9\Icons\blocked12.png
c:\programmi\AVG\AVG9\Icons\border_bottom_gray.gif
c:\programmi\AVG\AVG9\Icons\border_bottom_green.gif
c:\programmi\AVG\AVG9\Icons\border_bottom_orange.gif
c:\programmi\AVG\AVG9\Icons\border_bottom_red.gif
c:\programmi\AVG\AVG9\Icons\border_bottom_yellow.gif
c:\programmi\AVG\AVG9\Icons\border_top_gray.gif
c:\programmi\AVG\AVG9\Icons\border_top_green.gif
c:\programmi\AVG\AVG9\Icons\border_top_orange.gif
c:\programmi\AVG\AVG9\Icons\border_top_red.gif
c:\programmi\AVG\AVG9\Icons\border_top_yellow.gif
c:\programmi\AVG\AVG9\Icons\box_bottom_red.gif
c:\programmi\AVG\AVG9\Icons\box_top_red.gif
c:\programmi\AVG\AVG9\Icons\caution.gif
c:\programmi\AVG\AVG9\Icons\caution12.png
c:\programmi\AVG\AVG9\Icons\click_here_gray.gif
c:\programmi\AVG\AVG9\Icons\click_here_green.gif
c:\programmi\AVG\AVG9\Icons\click_here_orange.gif
c:\programmi\AVG\AVG9\Icons\click_here_red.gif
c:\programmi\AVG\AVG9\Icons\click_here_yellow.gif
c:\programmi\AVG\AVG9\Icons\clock.gif
c:\programmi\AVG\AVG9\Icons\clock12.png
c:\programmi\AVG\AVG9\Icons\close.gif
c:\programmi\AVG\AVG9\Icons\icons_blocked.gif
c:\programmi\AVG\AVG9\Icons\icons_caution.gif
c:\programmi\AVG\AVG9\Icons\icons_close.gif
c:\programmi\AVG\AVG9\Icons\icons_safe.gif
c:\programmi\AVG\AVG9\Icons\icons_unknown.gif
c:\programmi\AVG\AVG9\Icons\icons_warning.gif
c:\programmi\AVG\AVG9\Icons\LS_Logo_Results.gif
c:\programmi\AVG\AVG9\Icons\safe.gif
c:\programmi\AVG\AVG9\Icons\safe12.png
c:\programmi\AVG\AVG9\Icons\unknown.gif
c:\programmi\AVG\AVG9\Icons\vrsn-secured-lsfo.gif
c:\programmi\AVG\AVG9\Icons\warning.gif
c:\programmi\AVG\AVG9\Icons\warning12.png
c:\programmi\AVG\AVG9\libsasl.dll
c:\programmi\AVG\AVG9\license_it.htm
c:\programmi\AVG\AVG9\license_us.htm
c:\programmi\AVG\AVG9\Notification\SPChecker1.exe
c:\programmi\AVG\AVG9\Notification\tbfake.txt
c:\programmi\AVG\AVG9\ph.dat
c:\programmi\AVG\AVG9\saslcrammd5.dll
c:\programmi\AVG\AVG9\sasldigestmd5.dll
c:\programmi\AVG\AVG9\sasllogin.dll
c:\programmi\AVG\AVG9\saslplain.dll
c:\programmi\AVG\AVG9\sb.dat
c:\programmi\AVG\AVG9\sb.dat.xcd
c:\programmi\AVG\AVG9\sb2.dat
c:\programmi\AVG\AVG9\sc.dat
c:\programmi\AVG\AVG9\sc.dat.xcd
c:\programmi\AVG\AVG9\setup.dat
c:\programmi\AVG\AVG9\setup.exe
c:\programmi\AVG\AVG9\setupit.lns
c:\programmi\AVG\AVG9\setupus.lns
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\39_sp.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\40_sp.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\48_sp.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_23\chrome\content\config.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_23\chrome\content\html\tabswelcome.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_23\chrome\content\html\tabswelcome_ie7header.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_23\chrome\content\Languages\en.ini
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_23\chrome\skin\searchProvider.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_23\sp.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_39\chrome\content\config.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_39\chrome\content\html\tabswelcome.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_39\chrome\content\html\tabswelcome_ie7header.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_39\chrome\content\Languages\en.ini
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_39\chrome\skin\searchProvider.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_39\chrome\skin\spGeneralSearch.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_39\sp.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_40\chrome\content\config.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_40\chrome\content\html\tabswelcome.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_40\chrome\content\html\tabswelcome_ie7header.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_40\chrome\content\Languages\en.ini
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_40\chrome\skin\searchProvider.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_40\chrome\skin\spYandex.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_40\sp.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_48\chrome\content\config.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_48\chrome\content\html\tabswelcome.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_48\chrome\content\html\tabswelcome_ie7header.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_48\chrome\content\Languages\en.ini
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_48\chrome\skin\searchProvider.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_48\chrome\skin\spBaidu.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\ch_48\sp.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\channels.dat
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome.manifest
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\after_install.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\after_uninstall.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\autocomplete-popup.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\avg\avgtbapi.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\avg\customwrapper.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\avg\partFiles.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\avg\statusindicator.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\config.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\contexthtml.xul
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\custom.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\ex\marquee.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\about.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_AB.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_ABSearch.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_arrow.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_bottom_shadow.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_confirm.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_confirmAVGSafe.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_confirmTbr.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_general.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_IDV.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_IDV1.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_IDV2.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_logo.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_protection.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_search.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBox.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBoxBaidu.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBoxBlank.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_SPupdate.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_SPupdateSearchBox.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_style.css
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_top_shadow.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\deletehistory_processing.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBAccess.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBCalc.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBExcel.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBExplorer.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBMediaPlayer.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBNotepad.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBOutlook.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBOutlookExpress.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBPaint.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBPowerPoint.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBWord.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!backgroundGrey.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!backgroundRed.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!bullet.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!close.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!icoiDNES.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!icoRead.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!icoRSS.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!icoSimple.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!icoUnread.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!logo.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!settings.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!tabHilighted.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_advanced.css
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_advanced.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_config.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_simple.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_askdialog.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_background.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_checkboxdialog.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_closedialog.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_icohelp.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_icoQuest.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_icoRisk.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_icoSafe.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_icoUnkn.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_loading.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_logo.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_main.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_menu1.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_menu2.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_menu3.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_menu4.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_style.css
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome_button.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome_button_hilight.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome_buttonHilight.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome_ie7header.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome_poweredByBlank.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome_poweredByYahoo.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tbapi.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\toolbarprotector_window.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\updater_error.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\updater_ok.gif
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\html\updater_processing.htm
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\htmlwindow.xul
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\imageButton.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\en.ini
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\languages.cfg
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\bubbles.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\cache.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\chevron.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\cookie.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\directory.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\dns.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\dom.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\dragdrop.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\file.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\include.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\include_lite.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\loader.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\log.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\mutex.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\newtab.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\pass.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\prefs.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\privacy.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\refreshControl.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\registry.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\resources.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\searches.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\searchplugin.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\searchProvs.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\settings.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\splitter.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\stats.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\tabs.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\translation.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\update.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\updatecontrol.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\updateext.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\updater.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\updates.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\usefulbuttons.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\utils.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\visibility.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\wrapper.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\xml.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\xmlconfig.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\xmlitems.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libsex\mail.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libsex\mime.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libsex\pop3.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libsex\rss.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libsex\ticker.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libsex\xmlitemsex.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\overlay.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\overlay.xul
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\searchProviders.xml
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\icons\default\htmlwindow.ico
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\chevron.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\contexthtml.css
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\dragdrop.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\gripper.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoAbout.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoAVGInfo.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoGoButtonBG.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoHomepage.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoIdentityGuard.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoNoProtection.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoOptions.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoProtection.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoProtectionLimited.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoRSS.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoRSSBlue.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoRSSGray.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoRSSGreen.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoTrash.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBAccess.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBCalc.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBExcel.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBExplorer.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBMediaPlayer.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBNotepad.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBOutlook.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBOutlookExpress.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBPaint.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBPowerPoint.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBWord.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUpdate.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\logo.ico
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\logo.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\overlay.css
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\rssreader_!icoRead.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\rssreader_!icoUnread.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\Search_provider_drop.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\searchProvider.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\settings_icon.ico
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\slider.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\spImages.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\spLocal.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\spShopping.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\spVideo.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\spWiki.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\spYahoo.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\spYahooBG.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\spYahooBG_small.png
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\skin\toolbarprotector_icon.ico
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\components\autocomplete.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\components\avgapi.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\components\IGeared_tavgp_xputils.xpt
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\components\notifications.js
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\components\xpavgdatabaseversion.xpt
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\components\xpavgprogramversion.xpt
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\components\xpavgsearchratingsconfig.xpt
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\components\xpavgtbapi.dll
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\components\xpavgtbapi.xpt
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\crc.dat
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\install.rdf
c:\programmi\AVG\AVG9\Toolbar.old\Firefox\sp.xml
c:\programmi\AVG\AVG9\Toolbar.old\IE8Lib.dll
c:\programmi\AVG\AVG9\Toolbar.old\IEToolbar.dll
c:\programmi\AVG\AVG9\Toolbar.old\ToolbarBroker.exe
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\23_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\26_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\27_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\29_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\38_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\39_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\40_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\41_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\42_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\43_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\44_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\45_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\46_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\48_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\49_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\50_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\56_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\57_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\58_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\59_sp.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\channels.dat
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome.manifest
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\26_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\27_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\29_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\38_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\39_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\40_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\41_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\42_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\43_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\44_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\45_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\46_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\48_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\49_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\50_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\56_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\57_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\58_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\59_config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\autocomplete-popup.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\config.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\contexthtml.xul
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\custom.js
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\26_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\27_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\29_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\38_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\41_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\42_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\43_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\44_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\45_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\46_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\49_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\50_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\56_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\58_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\59_tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\about.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_arr.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_body.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_main-heading.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_rule-overlay.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_rule.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_tab.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_AB.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_ABSearch.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_arrow.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_bottom_shadow.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirm.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmAVGSafe.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmEmail.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmFacebook.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmIco_fb.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmIco_notifier.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmIco_weather.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmTbr.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmWeather.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_egs.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_general.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_logo.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_protection.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_search.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBox.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBoxBaidu.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBoxBlank.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_SPupdate.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_SPupdateSearchBox.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_style.css
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_top_shadow.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_update.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\deletehistory_processing.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_config.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifier.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierBackground.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierBullet.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierClose.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierDown.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierDownActive.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierDownDisabled.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierIco.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierNext.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierNextActive.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierNextDisabled.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierPrevious.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierPreviousActive.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierPreviousDisabled.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierScrollbar.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierSettings.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierUp.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierUpActive.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierUpDisabled.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_config.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_error.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\facebook_logo.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_notifier.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_notifierIco.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_status.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\facebook_style.css
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\facebook_textbox.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_user.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBAccess.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBCalc.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBExcel.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBExplorer.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBMediaPlayer.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBNotepad.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBOutlook.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBOutlookExpress.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBPaint.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBPowerPoint.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBSkype.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBWord.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!backgroundGrey.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!backgroundRed.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!bullet.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!close.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoiDNES.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoRead.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoRSS.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoSimple.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoUnread.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!logo.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!settings.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!tabHilighted.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_advanced.css
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_advanced.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_bullet-1.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_config.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_simple.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_askdialog.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_background.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_checkboxdialog.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_closedialog.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_closedialog.htm.old
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_closedialog_bg1.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_closedialog_bg2.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icohelp.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icohelp.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icoQuest.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icoRisk.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icoSafe.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icoUnkn.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_loading.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_logo.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_main.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_menu1.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_menu2.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_menu3.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_menu4.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_style.css
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_gray.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_green.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_orange.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_red.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_yellow.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_gray.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_green.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_orange.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_red.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_yellow.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_gray.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_green.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_orange.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_red.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_yellow.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_blocked.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_gray.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_green.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_orange.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_red.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_yellow.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_gray.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_green.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_orange.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_red.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_yellow.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_caution.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_dangerous.html
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_blocked.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_caution.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_close.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_safe.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_unknown.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_warning.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_LS_Logo_Results.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_questionable.html
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_risky.html
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_safe.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_safe.html
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_unknown.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_unknown.html
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_waiting.html
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_warning.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_button.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_button_hilight.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_buttonHilight.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_ie7footer.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_ie7header.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_poweredByBlank.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_poweredByYahoo.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\tbapi.js
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\toolbarprotector_window.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\updater_error.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\updater_ok.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\updater_processing.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\weather_bg.gif
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\weather_error.htm
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\weather_img.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\html\weather_x.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\htmlwindow.xul
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\imageButton.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\26_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\38_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\39_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\40_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\41_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\42_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\43_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\44_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\45_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\46_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\48_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\49_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\50_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\56_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\57_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\58_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\59_en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\en.ini
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\Languages\languages.cfg
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\libs\include.js
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\libs\include_lite.js
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\marquee.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\overlay.js
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\overlay.xul
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\content\searchProviders.xml
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\icons\default\htmlwindow.ico
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\38_searchProvider.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\38_spBaidu.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\39_spGeneralSearch.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\40_searchProvider.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\40_spYandex.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\41_searchProvider.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\41_spYandex.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\42_spGeneralSearch.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\43_searchProvider.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\43_spYandex.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\44_spGeneralSearch.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\45_searchProvider.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\45_spYandex.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\46_spGeneralSearch.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\48_searchProvider.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\48_spBaidu.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\49_searchProvider.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\49_spBaidu.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\50_searchProvider.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\50_spBaidu.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\56_spYahoo.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\57_spYahoo.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\58_spYahoo.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\59_spYahoo.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\chevron.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\contexthtml.css
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\dragdrop.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\emailchecker_icoEmail.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\emailchecker_icoEmailNew.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\gripper.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoAbout.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoAVGInfo.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoFacebook_facebook.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoFacebook_FriendReq.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoFacebook_messages.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoFacebook_pokes.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoGoButtonBG.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoHomepage.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoOptions.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoProtection.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoProtectionLimited.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoRSS.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoRSSBlue.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoRSSGray.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoRSSGreen.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_D.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_Q.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_R.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_S.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_U.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_W.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoTrash.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBAccess.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBCalc.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBExcel.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBExplorer.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBMediaPlayer.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBNotepad.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBOutlook.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBOutlookExpress.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBPaint.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBPowerPoint.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBSkype.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBWord.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoUpdate.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\icoWeather.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\logo.ico
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\logo.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\overlay.css
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\rssreader_!icoRead.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\rssreader_!icoUnread.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\Search_provider_drop.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\searchProvider.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\settings_icon.ico
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\slider.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\spImages.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\spLocal.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\spSearch.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\spShopping.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\spVideo.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\spWiki.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\spYahooBG.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\spYahooBG_small.png
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\chrome\skin\toolbarprotector_icon.ico
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\autocomplete.js
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\avgapi.js
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\facebook.js
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils.xpt
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils4.dll
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\notifications.js
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\sp.js
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgdatabaseversion.xpt
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgprogramversion.xpt
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgsearchratingsconfig.xpt
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.xpt
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi4.dll
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgverdicts.xpt
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\install.rdf
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\xpfunc.dll
c:\programmi\AVG\AVG9\Toolbar\Firefox\sp.xml
c:\programmi\AVG\AVG9\Toolbar\IE8Lib.dll
c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll
c:\programmi\AVG\AVG9\Toolbar\ToolbarBroker.exe
c:\programmi\AVG\AVG9\updatecomps.bak
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AVG Security Toolbar Service
-------\Legacy_avg9emc
-------\Legacy_avg9wd
-------\Legacy_avg9emc
-------\Legacy_avg9wd
-------\Service_avg9emc
-------\Service_avg9wd
-------\Service_avg9emc
-------\Service_avg9wd
.
.
((((((((((((((((((((((((( Files Creati Da 2011-07-15 al 2011-08-15 )))))))))))))))))))))))))))))))))))
.
.
2011-08-15 10:06 . 2011-08-15 10:46 -------- d-----w- c:\windows\SxsCaPendDel
2011-08-15 09:40 . 2011-08-15 09:40 -------- d-----w- C:\PrintKey.exe_V3_08
2011-08-15 09:00 . 2011-08-15 09:00 -------- d-----w- c:\documents and settings\BONI\Impostazioni locali\Dati applicazioni\WMTools Downloaded Files
2011-08-15 08:30 . 2011-08-15 08:31 -------- d-----w- c:\programmi\File comuni\DVDVideoSoft
2011-08-15 08:30 . 2011-08-15 08:30 -------- d-----w- c:\programmi\DVDVideoSoft
2011-08-14 22:34 . 2011-08-14 22:34 -------- d-----w- c:\documents and settings\BONI\Dati applicazioni\Malwarebytes
2011-08-14 22:34 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-14 22:34 . 2011-08-14 22:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2011-08-14 22:34 . 2011-08-14 22:34 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2011-08-14 22:34 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-14 17:13 . 2011-08-14 17:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2011-08-13 21:05 . 2011-08-13 21:05 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2011-08-13 21:00 . 2011-08-13 21:05 -------- d-----w- c:\documents and settings\BONI\Impostazioni locali\Dati applicazioni\Temp
2011-08-13 21:00 . 2011-08-13 21:00 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Google
2011-08-13 20:59 . 2011-08-15 16:47 -------- d-----w- c:\documents and settings\BONI\Dati applicazioni\Skype
2011-08-13 20:59 . 2011-08-13 21:00 -------- d-----r- c:\programmi\Skype
2011-08-13 20:59 . 2011-08-13 20:59 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2011-08-13 16:49 . 2011-08-15 08:07 -------- d-----w- c:\programmi\CCleaner
2011-08-13 16:45 . 2011-08-13 16:45 388096 ----a-r- c:\documents and settings\BONI\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-13 16:45 . 2011-08-13 16:45 -------- d-----w- c:\programmi\Trend Micro
2011-08-07 11:41 . 2011-08-07 11:41 -------- d-----w- c:\documents and settings\BONI\Impostazioni locali\Dati applicazioni\PCHealth
2011-07-20 18:29 . 2011-07-20 18:29 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-15 13:29 . 2009-07-30 17:28 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2009-07-30 17:28 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2009-07-30 08:50 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:30 . 2009-07-30 17:28 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:30 . 2009-07-30 17:28 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:30 . 2009-07-30 17:28 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2009-07-30 17:28 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2009-07-30 17:28 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-06-06 11:35 . 2009-07-30 17:28 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-06-23 22:31 . 2011-05-06 00:49 142296 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-08-15_11.40.50 )))))))))))))))))))))))))))))))))))))))))
.
- 2010-01-10 01:04 . 2010-02-22 14:27 18808 c:\windows\system32\spmsg.dll
+ 2010-01-10 01:04 . 2010-07-05 13:19 18808 c:\windows\system32\spmsg.dll
- 2009-07-30 17:28 . 2008-04-14 12:00 45568 c:\windows\system32\dnsrslvr.dll
+ 2009-07-30 17:28 . 2009-04-20 17:18 45568 c:\windows\system32\dnsrslvr.dll
- 2009-07-30 17:28 . 2008-04-14 12:00 45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2009-07-30 17:28 . 2009-04-20 17:18 45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2008-05-05 06:25 . 2011-02-17 12:54 5632 c:\windows\system32\xpsp4res.dll
- 2008-05-05 06:25 . 2010-08-27 01:43 5632 c:\windows\system32\xpsp4res.dll
- 2009-07-30 17:28 . 2008-04-14 12:00 135168 c:\windows\system32\shsvcs.dll
+ 2009-07-30 17:28 . 2009-07-27 23:16 135168 c:\windows\system32\shsvcs.dll
+ 2009-07-30 17:28 . 2011-04-29 17:25 151552 c:\windows\system32\schannel.dll
- 2009-07-30 17:28 . 2008-04-14 12:00 249856 c:\windows\system32\odbc32.dll
+ 2009-07-30 17:28 . 2010-11-09 14:51 249856 c:\windows\system32\odbc32.dll
+ 2009-07-30 17:28 . 2008-06-20 16:02 247296 c:\windows\system32\mswsock.dll
- 2009-07-30 17:28 . 2008-06-20 17:46 247296 c:\windows\system32\mswsock.dll
- 2009-07-30 17:28 . 2010-09-18 10:23 974848 c:\windows\system32\mfc42u.dll
+ 2009-07-30 17:28 . 2011-02-08 13:34 974848 c:\windows\system32\mfc42u.dll
+ 2009-07-30 17:28 . 2011-02-08 13:34 978944 c:\windows\system32\mfc42.dll
- 2009-07-30 17:28 . 2009-06-25 08:25 735744 c:\windows\system32\lsasrv.dll
+ 2009-07-30 17:28 . 2010-12-20 17:26 735744 c:\windows\system32\lsasrv.dll
+ 2009-07-30 10:45 . 2011-08-15 15:46 148400 c:\windows\system32\FNTCACHE.DAT
- 2009-07-30 10:45 . 2010-08-12 11:14 148400 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-30 17:28 . 2011-02-17 13:18 357888 c:\windows\system32\drivers\srv.sys
+ 2009-07-30 17:28 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll
+ 2009-07-30 17:28 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
- 2009-07-30 17:28 . 2008-04-14 12:00 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2009-07-30 17:28 . 2009-07-27 23:16 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2009-07-30 17:28 . 2011-04-29 17:25 151552 c:\windows\system32\dllcache\schannel.dll
+ 2009-07-30 17:28 . 2010-11-09 14:51 249856 c:\windows\system32\dllcache\odbc32.dll
- 2009-07-30 17:28 . 2008-04-14 12:00 249856 c:\windows\system32\dllcache\odbc32.dll
- 2009-07-30 17:28 . 2008-06-20 17:46 247296 c:\windows\system32\dllcache\mswsock.dll
+ 2009-07-30 17:28 . 2008-06-20 16:02 247296 c:\windows\system32\dllcache\mswsock.dll
- 2009-07-30 08:51 . 2008-04-14 12:00 102400 c:\windows\system32\dllcache\msjro.dll
+ 2009-07-30 08:51 . 2010-11-09 14:51 102400 c:\windows\system32\dllcache\msjro.dll
- 2009-07-30 08:51 . 2008-04-14 12:00 200704 c:\windows\system32\dllcache\msadox.dll
+ 2009-07-30 08:51 . 2010-11-09 14:51 200704 c:\windows\system32\dllcache\msadox.dll
+ 2009-07-30 08:51 . 2010-11-09 14:51 180224 c:\windows\system32\dllcache\msadomd.dll
- 2009-07-30 08:51 . 2008-04-14 12:00 180224 c:\windows\system32\dllcache\msadomd.dll
- 2009-07-30 08:51 . 2008-04-14 12:00 536576 c:\windows\system32\dllcache\msado15.dll
+ 2009-07-30 08:51 . 2010-11-09 14:51 536576 c:\windows\system32\dllcache\msado15.dll
- 2009-07-30 08:51 . 2008-04-14 12:00 143360 c:\windows\system32\dllcache\msadco.dll
+ 2009-07-30 08:51 . 2010-11-09 14:51 143360 c:\windows\system32\dllcache\msadco.dll
- 2009-07-30 17:28 . 2010-09-18 10:23 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2009-07-30 17:28 . 2011-02-08 13:34 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2009-07-30 17:28 . 2011-02-08 13:34 978944 c:\windows\system32\dllcache\mfc42.dll
+ 2009-07-30 17:28 . 2010-12-20 17:26 735744 c:\windows\system32\dllcache\lsasrv.dll
- 2009-07-30 17:28 . 2009-06-25 08:25 735744 c:\windows\system32\dllcache\lsasrv.dll
+ 2009-07-30 17:28 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
+ 2009-07-30 17:28 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
+ 2009-07-30 17:28 . 2011-02-15 12:56 290432 c:\windows\system32\atmfd.dll
+ 2009-07-30 17:28 . 2011-06-06 11:35 1858944 c:\windows\system32\dllcache\win32k.sys
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BatteryLifeExtender"="c:\programmi\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe" [2009-03-13 550912]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"uTorrent"="c:\programmi\uTorrent\uTorrent.exe" [2011-03-31 399736]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" [2011-07-29 17361032]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-21 17881600]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-18 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-18 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-18 137752]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2008-08-28 1044480]
"DMHotKey"="c:\programmi\Samsung\Easy Display Manager\DMLoader.exe" [2006-12-27 466944]
"BatteryManager"="c:\programmi\Samsung\Samsung Battery Manager\BatteryManager.exe" [2009-06-01 3153408]
"MagicKeyboard"="c:\programmi\SAMSUNG\MagicKBD\PreMKBD.exe" [2006-05-14 151552]
"SUPBackground"="c:\programmi\Samsung\Samsung Update Plus\SUPBackground.exe" [2010-04-20 300912]
"UCam_Menu"="c:\programmi\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Microsoft Default Manager"="c:\programmi\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\BONI\Menu Avvio\Programmi\Esecuzione automatica\
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\programmi\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-16 09:46 12536 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
.
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [02/01/2010 20.35.17 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [02/01/2010 20.34.58 243152]
R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [30/07/2009 10.57.50 4300]
R3 CryptOSD;Phoenix CryptOSD Device Driver;c:\windows\system32\drivers\CryptOSD.sys [01/05/2009 15.41.06 384896]
R3 VMC33F;Vimicro Camera Service VMC33F;c:\windows\system32\drivers\VMC33F.sys [30/07/2009 11.01.40 237952]
R3 xcpip;Driver protocollo TCP/IP;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]
R3 xpsec;Driver IPSEC;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [30/07/2009 10.59.23 1684736]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [15/08/2011 0.34.38 41272]
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-07-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-08-15 c:\windows\Tasks\User_Feed_Synchronization-{73C455EB-4DAB-4173-99FA-6351414946CD}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{C4046502-6524-4d87-896C-878F57D1FF07} - c:\programmi\PokerStars.IT\PokerStarsUpdate.exe
TCP: DhcpNameServer = 192.168.1.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
FF - ProfilePath - c:\documents and settings\BONI\Dati applicazioni\Mozilla\Firefox\Profiles\c3lhcrix.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=LMIMBU&PC=LMI_MB&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://it.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4b3f91df&v=6.103.018.001&i=23&tp=ab&iy=&ychte=us&lng=it&q=
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
HKLM-Run-ApnUpdater - c:\programmi\Ask.com\Updater\Updater.exe
AddRemove-AVG9Uninstall - c:\programmi\AVG\AVG9\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-15 18:58
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'explorer.exe'(1000)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\rundll32.exe
c:\programmi\SAMSUNG\MagicKBD\MagicKBD.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
.
**************************************************************************
.
Ora fine scansione: 2011-08-15 19:01:25 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2011-08-15 17:01
ComboFix2.txt 2011-08-15 11:50
ComboFix3.txt 2011-08-15 09:29
.
Pre-Run: 8.363.507.712 byte disponibili
Post-Run: 8.218.456.064 byte disponibili
.
- - End Of File - - E8D6D3F675A06AD32F37D87EAFF017F4

saluti
giap


shapiro
Inviato: Monday, August 15, 2011 7:56:07 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

mentre faccio un controllo nel rapporto installa la nuova versione di avg puoi scaricarla da qui

vedi se riesci a scovare questi due file che prima non vedevi e analizzali su virustotal

c:\windows\system32\drivers\xcpip.sys

c:\windows\system32\drivers\xpsec.sys
shapiro
Inviato: Monday, August 15, 2011 10:01:16 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164


ciao r16 approfitto per farti gli auguri

r16
Inviato: Monday, August 15, 2011 10:12:06 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
shapiro ha scritto:

ciao r16 approfitto per farti gli auguri

Hola Shap !
Auguri anche a te.Drool

Commenta:
vedi se riesci a scovare questi due file che prima non vedevi e analizzali su virustotal

Non li troverà mai amico mio, perchè sono nei servizi nascosti. Angel
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.