Sono finalmente riuscito ad eseguire ComboFix, questo è il log:

******************************************************
ComboFix 10-01-13.07 - desktop 13/01/2010 23.19.11.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2047.1641 [GMT 1:00]
Eseguito da: c:\documents and settings\desktop\Desktop\123.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-14EF-430008000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-7C25-9E7C08000A00}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\desktop\Dati applicazioni\drivers\downld
c:\documents and settings\desktop\Dati applicazioni\drivers\winupgro.exe
c:\documents and settings\desktop\Dati applicazioni\m
c:\documents and settings\desktop\Dati applicazioni\m\data.oct
c:\documents and settings\desktop\Dati applicazioni\m\flec006.exe
c:\documents and settings\desktop\Dati applicazioni\m\list.oct
c:\documents and settings\desktop\Dati applicazioni\m\shared\101 Famous Knock Knock Jokes 2.2.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\1st Choice FTPPro 2000.7.60.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\1st Source v1.0 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\32bit Service Monitor v9.65.14 Incl Keygen by ORiON.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\32bit Service Monitor v9.82.01 by BRD.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\5star BeeLines v1.1.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\A+ ScreenSaver Creator v3.23 by DBC.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Actualtests.com Oracle 1Z0-026 Examcheatsheet v11.22.03.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Actuate Active Portal v7.0 SP 2 for NET WinALL Regged by iNFECTED.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Adobe Acrobat Professional 9.2.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Advanced Email Monitoring 4.0.1.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Advanced MP3WMA Recorder 3.6.5.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Advanced Uninstaller Pro 2004 v6.7.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Advanced Zip Repair 1.6 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Ahead NeroMIX v1.4.0.32 by Core.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Aiprosoft Creative Zen Video Converter 4.0.02.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Alcohol 120 Percent v1.4.8 build 1222 by ARTeam.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Alive Video Converter v2.8.2.2 WinAll Incl KeyGen by EiTHeL.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Alldj DVD To Zune Ripper 3.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Altamira Composer Pro 1.1 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Animation Icon Option Button 1.00c (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Ankoku no Tou 1.1J for Mac.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\APNSoft TreeView 1.0-key.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Apollo DVD to iPhone 6.1.2.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\AppReports for NetIQ MailMarshal for SMTP v2.02 NET Incl Keygen by ECLiPSE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Atomic Email Autoresponder 3.50.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\AXE v3.4 by eynstyne.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Aztaka v0.1 [RETAIL] Updated +7 TRAINER.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Backup Chunker 2.2 patch.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Bad Cookie 1.6 for Mac.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Bentley speedikon Industrial v7.6.05 by SoS.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Blue Squirrel Easy Seeker 4.0.0.11.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Bravian Lands Retail Java by RLYEH.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\BSplayer Pro v1.35.823 by FOSI.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Capty MPEG Edit 1.0.2 for Mac.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Carcassonne v1.55 [GERMAN] Fixed EXE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\CD Throttle 0.991 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\CDMenuPro v6.01.03 Business Edition WinALL Incl Keygen by BRD.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Clean Center v1.3.2.5 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\ClickPad 2.1 for Mac.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Cloud Hero 1.7-key.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\cMail eXpress 1.5.2 patch.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\ColorFun 2.1.8.27.3.02.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\COM Explorer v2.0 by EViDENCE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Comic Kicker Europe v1.08 by EViDENCE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Cover Master 2.3.17.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\CRC .NET control 11.0.0.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Cricket Statz Standard v2005.1.0.3.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Cube Media Player v2.05.0117 by CRD.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\CZ-Ppt2Txt 2.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\DAZ Studio 3.0.1.135.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Dee Mon Video Enhancer v1.6.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Desktop Detective 2000 Professional Edition 3.0 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Desktop Dozen v1.4.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Device Driver Backup 7.10.01.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\DigiWatcher 2.00 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\DirectConvert Media Conversion Wizard v2.54.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Dj MP3 Media 4.0 RC2 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\DNC-Max v4.33.01.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Don Nelson Fantasy League Basketball 4.0 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\DVD Audio Extractor v4.0.1 Incl Keygen by TBE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\DVDFab v1.56.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\DVDIdle Pro v5.9.3.2 by YAG.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Easy Desktop Publisher 1.01 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Easy Rechnung v3.50.0.11 German by ACME.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\EONREALITY EON STUDIO v5.11 by FCN.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\eOrdering Complete 1.0 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\ESC LoanCalc Mortgage Loan Calculator 1.2.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\EuroThink Supermarche v1.50 french NEW CRK READ NFO by FFF.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\EZgather! 1.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\FatMon 1.2.06 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Fax 2000.1.01 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\File MagNet 1.30 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\FinePrint v5.24 Incl Keymaker by ACME.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Flamingpear Flexify v1.98 for Adobe Photoshop Incl Keygen by SCOTCH.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\FMV Pro 5.99.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Focus Magic v1.23.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\ForwardMail 3.06.8 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\GameHouse Aztec Ball by JonezCracker.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\GameIDE 2.4 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Garantie Master v2.11 German by BLiZZARD.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\General DVD Converter 3.2.6.299.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Genie Backup Manager Professional v8.0.286.456 by Unknown.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\GetData Zip Repair Pro v4.2.0.952 by SND.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Giant Antispyware 1.0 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Gold Sprinter 1.5.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\GoldWave v4.02.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Google SketchUp Pro v6.0.312.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Guard-IE v2.2 build 0253.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Gypsee Pro v1.72.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\HandyGames Townsmen 5 v1.4 Retail for SymbianOS S60v1 JAVA by RLYEH.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Hermansson Watchcap 1.11 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Hexenkuche v3.0 by dr.dOOm84.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Hot CPU Tester Pro v3.1 Lite.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\HotDog Pro 7.02.1.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\How to Operate A Restaurant 1.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\HyperSnap-DX v5.10.02.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Hysteria Hospital Emergency Ward v1.0 +1 TRAINER.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\ICQ 2000a build 3086.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\ImageEn for BCB 2.0.2.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Imagineer Systems Monet v2.1.1.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\ImTOO DVD Ripper v1.0.7 by TSRh.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Incredible Hulk Retail JAVA W810 by RLYEH.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\InfoRapid Cardfile System 2.2.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Integra Management Systems STAR Pro VII.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Internet Organizer Deluxe v2.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Internet Spy Hunter v2.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\IP Works! SSL C++ Edition v5.0.1284.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\IpArmor 5.39.20021025.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\ips3000 Baufinanzierung v2.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\JAM Software SmartBackup v2.2.0.229 Retail by ZWT.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Jeroboam 4.09.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\JPowered Advanced Menu Bar v2.5.5 by Lz0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\JPSoft 4NT v6.01.243 ASCII Fixed Crack Only by ZWT.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Katchall Archive 2.2.0.4.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\KeepAlive 5.0.0.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\KeepItSimple 2.10.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Kingdia DVD Ripper Professional v2.1.8 by ViRiLiTY.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Kodak Profile Editor all versions for Mac.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Learn Visual Basic 6 2.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Legends of Might & Magic v1.1 [MULTI] No-CD Fixed EXE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Live2Support 2.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\LNH Handball Manager 2008 v1.0 [FRENCH] Fixed EXE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Macromedia Dreamweaver 8.8.0 for Mac.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Magic Utilities 2004 v3.1.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\McPherran Software Uninstall v1.0DAC.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Mindjet MindManager Pro v6.0.664 German by ZWT.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Mini WMV to Video Converter v2.10 by SND.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Mockba to Berlin Unlocker RIP by TNT.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\MP3 Keyshifter 2.0-key.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Mr Biscuits The Case of the Ocean Pearl v1.0 by DVT.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\MSC-Patran 9.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Multi Clipboard v9.87.01 by EXPLOSiON.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\N72Smart v1.06 Retail for SymbianOS S60 by RLYEH.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Nature Clock 3D Screensaver v1.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\NCH Express Talk Business Edition v2.02 Incl Keymaker by ONE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\NetChat v2.6 by BLiZZARD.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\NetDL 1.0 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\NewLive All Media To Mp3 Converter Pro v3.1 by Core.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Norton Internet Security 2000 v1.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Novell Netware Client 5.12 for Mac (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Odyssey v1.12 build 052401.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Oggisoft Bibliothek v2006.9.160 German WinALL Incl Keygen by BLiZZARD.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\OO Clever CacheGerman 2 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Photo-Lux v3.02.412 by FFF.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Pocket Programming Language (PPL) v1.08 Full by RLYEH.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\QR Form Designer v1.6.0.0 by AT4RE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Quarterdeck Web Star 2.10 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\QueryShark 4.1.0.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\QuickMail v1.0 German by DVT.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\QuikProject Reports 2.1 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\RA Jigsaw Puzzle Golden Edition.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Rail Simulator v1.1 [MULTI5] No-DVD-Fixed EXE Updated.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Recipe Calc 98.1.4.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Red Alert 2 1.0006 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\RegTune 98.2.04 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Rental Property Tracker Plus v1.8.6 Incl Keygen by HERETiC.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\RinkRat II v1.1.2 by AmoK.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Rise of Nations 2 [MULTI] No-CD Fixed Image.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Rugby 2006 Universal Keygen and Key Changer.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Sax Basic Engine Enterprise 6.0 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\SCO Open Systems Networks 3.0.0 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\ScreenShot2Print v1.2.1.30 by REVENGE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Secret Herbal Formulas 1.0 Keygen.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\SecureCRT v4.x.x by Morglum.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\SemSim CCNA Test Router Simulator 2.2.1 patch.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Serial Port Tool Quick Timer v1.0 Retail for PocketPC WM2003 by RLYEH.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Servers Alive 1.0.543.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Shiznit Scanner 2.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Shuttle FTP Suite v3.31 Incl Keymaker by ACME.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\SmartMart Copy Manager 3.3.123 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\SMTPSEND 6.0.1 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Snappy Software Snappy Fax Server v2.1.5.4 Cracked by ARN.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Snitch 1.20.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\SobolSoft MS Access Copy Tables to Another Access Database Software by AT4RE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Software Midi Keyboard 1.8 keygen.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Sonalksis All Plugins Bundle VST DX RTAS v2.02.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Sony MainConcept MPEG-1 and 2 Pro Plugin v2.0 build 2022.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Sound Snooper v1.2.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\SourcePublisher for Ada v1.4.323 Win9xNT Incl Keygenerator by TMG.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\SourcePublisher for Ada v1.4.364b IRIX Incl Keygen by Lz0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Speech Workshop 1.05.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Star Wars Battlefront v1.0 +4 TRAINER.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\STRONGHOLD DELUXE MEGA TRAINER by DEViANCE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\SyncBookmarks 1.0RC2-1-key.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Synchronize It! 2.62.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\System Mechanic 3 don't know (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\SystemTools Hyena v6.3 by BLiZZARD.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\The JMaker VisualEffectStretch v2006.01.13 Incl Keygen by Lz0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\The Lost Cases of Sherlock Holmes v1.0 +2 TRAINER.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\TipTop Deluxe v1.1 by Cafe.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\ToneBank 1.1.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Total Recorder v6.1 by tRCN.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Trains and Trucks Tycoon v1.1 [ENGLISH] Fixed EXE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Transoft Mail Control 5.0 Beta 2 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Tritone Digital All Products Keygen Only v1.2 READ NFOAiR.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Trojan Remover v6.7.0 by FFF.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\TrueUpdate 3.5.2.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\TXT2HTML Maker v2.0 by AT4RE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Typhoon Software AutoRun v2.7 by N-GeN.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Ulead DVD MovieFactory v2.10.1300.0000 German.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\URL Address Book 6.07.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\uSeesoft Video to YouTube Converter 1.5.0.2.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\User Control 2005 v4.205.0.0 German by ViRiLiTY.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\UT2003 GoreLevel Fix.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\VidMorph PRO v1.1.0.32 by REVENGE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\VisNetic AntiVirus PlugIn for WinGate 4.4.3.0 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\VisSie 2.00c (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Voice Action 2.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Warlords of the Wasteland v1.0 +7 TRAINER.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\WeatherAloud v1.5 by ORiON.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Web Album Creator 2.5 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Web Pricelist 2001.1.0e (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\webcamXP v0.94.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\WebGAL build 3.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Weight By Date 1.524 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\WinAVI.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\WinGuides Tweak Manager v2.1 by diablo2oo2.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\WINner Tweak SE2 v2.6.2 Win2KXP Regged by iNFECTED.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\WinRescue 95 v10.08.32 by CHiCNCREAM.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\wintrans 1.4.51 crack by REVENGE.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\WinZip All Versions Serials by Unknown.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Woman Desktop 5.0.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\X-Plane v7.00 Beta 1.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\YPlog 4.36.zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\Zend Studio Server 3.0.1 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\shared\ZoneAlarm Pro 3.1.395 (Serial).zip
c:\documents and settings\desktop\Dati applicazioni\m\srvlist.oct
C:\InfoSat.txt
C:\Muestras
c:\muestras\WINUPGRO.EXE.Muestra EliBagle v13.40
c:\programmi\EasyPrediction\2.0\ltie.dll
c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
c:\windows\mdelk.exe
c:\windows\system32\mdelk.exe
c:\windows\system32\srosa2.sys
c:\windows\system32\wfsintwq.sys
c:\windows\system32\wintems.exe
c:\windows\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_IPRIP


((((((((((((((((((((((((( Files Creati Da 2009-12-13 al 2010-01-13 )))))))))))))))))))))))))))))))))))
.

2010-01-13 20:28 . 2010-01-13 20:28 121786772 ----a-w- C:\BackupRegistry4.reg
2010-01-13 20:23 . 2010-01-13 20:24 121868768 ----a-w- C:\BackupRegistry3.reg
2010-01-13 20:13 . 2010-01-13 20:14 122761172 ----a-w- C:\BackupRegistry2.reg
2010-01-13 20:02 . 2010-01-13 20:03 125005428 ----a-w- C:\BackupRegistry.reg
2010-01-13 20:01 . 2010-01-13 20:01 -------- d-----w- c:\programmi\Advanced System Cleaner
2010-01-12 23:52 . 2010-01-12 23:52 1213435 ----a-w- c:\windows\P4P81016.zip
2010-01-12 22:41 . 2010-01-12 22:41 73728 -c--a-w- c:\windows\system32\dllcache\sysinfo.exe.REN
2010-01-12 22:41 . 2010-01-12 22:41 14848 -c--a-w- c:\windows\system32\dllcache\register.exe.REN
2010-01-12 22:15 . 2010-01-12 22:15 -------- d-----w- c:\programmi\FindyKill
2010-01-12 19:36 . 2010-01-12 19:36 -------- d-----w- c:\documents and settings\desktop\Impostazioni locali\Dati applicazioni\EasyPrediction
2010-01-12 19:36 . 2010-01-12 19:36 -------- d-----w- c:\programmi\EasyPrediction
2010-01-12 19:36 . 2010-01-12 19:36 -------- d-----w- c:\documents and settings\desktop\Dati applicazioni\Babylon
2010-01-12 19:36 . 2010-01-12 19:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Babylon
2010-01-12 19:03 . 2010-01-13 22:24 -------- d--h--w- c:\documents and settings\desktop\Dati applicazioni\drivers
2010-01-12 18:46 . 2010-01-12 18:46 -------- d-----w- c:\windows\system32\config\systemprofile\Impostazioni locali\Dati applicazioni\Microsoft Help
2010-01-12 18:40 . 2010-01-12 18:40 -------- d-----w- c:\programmi\Microsoft Works
2010-01-12 18:39 . 2010-01-12 18:39 -------- d-----w- c:\programmi\Microsoft.NET
2010-01-12 18:35 . 2010-01-12 18:35 -------- d-----w- c:\programmi\Microsoft Visual Studio 8
2010-01-12 18:34 . 2010-01-12 18:39 -------- d-----w- c:\windows\SHELLNEW
2010-01-12 10:28 . 2010-01-12 10:28 -------- d-----w- c:\documents and settings\desktop\Dati applicazioni\PandoraRecovery
2010-01-12 10:28 . 2010-01-12 10:31 -------- d-----w- c:\programmi\Pandora Recovery
2010-01-12 10:18 . 2010-01-12 10:18 -------- d-----w- c:\programmi\CD Recovery Toolbox Free
2010-01-12 10:07 . 2010-01-12 10:07 -------- d-----w- c:\programmi\Partition Wizard Home Edition 4.1
2010-01-12 09:42 . 2010-01-12 09:42 -------- d-----w- c:\programmi\BinaryBiz
2010-01-12 01:48 . 2010-01-12 01:48 -------- d-----w- c:\documents and settings\desktop\Impostazioni locali\Dati applicazioni\WMTools Downloaded Files
2010-01-12 00:18 . 2010-01-12 01:03 -------- d-----w- c:\programmi\iRecover
2010-01-11 23:58 . 2010-01-11 23:58 -------- d-----w- c:\programmi\MagicISO
2010-01-11 23:35 . 2010-01-11 23:36 -------- d-----w- c:\programmi\ICE ECC
2010-01-11 13:58 . 2010-01-11 13:58 -------- d-----w- c:\programmi\Disk Investigator
2010-01-11 13:55 . 2010-01-11 13:55 -------- d-----w- c:\programmi\rest
2010-01-11 13:51 . 1999-11-24 00:00 288433 ----a-w- c:\temp\aspi32.exe
2010-01-11 13:51 . 2010-01-12 00:11 -------- d-----w- c:\temp\Aspi 470
2010-01-11 13:51 . 2002-06-13 15:39 153088 ----a-w- c:\temp\UNWISE.EXE
2010-01-11 13:51 . 2010-01-11 13:51 -------- d-----w- c:\programmi\Dead Disk Doctor
2010-01-11 13:46 . 2010-01-11 13:47 -------- d-----w- c:\programmi\PC Inspector File Recovery
2010-01-11 12:23 . 2010-01-11 12:24 -------- d-----w- c:\programmi\Part
2010-01-11 09:44 . 2010-01-11 09:44 -------- d-----w- c:\programmi\Restorer Ultimate
2010-01-11 08:59 . 2010-01-11 08:59 -------- d-----w- c:\programmi\Recuva
2010-01-11 08:53 . 2010-01-12 19:06 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2010-01-11 08:50 . 2010-01-13 20:57 -------- d-----w- C:\a
2010-01-11 08:19 . 2010-01-11 08:19 -------- d-----w- c:\programmi\testdisk-6.11.3
2010-01-11 01:36 . 2010-01-11 01:36 -------- d-----w- c:\windows\system32\wbem\Repository
2010-01-11 00:16 . 2010-01-11 00:16 -------- d-----w- C:\Intel
2010-01-08 23:52 . 2010-01-08 23:52 507392 ----a-w- c:\windows\system32\autoprnt.exe
2010-01-08 23:52 . 2010-01-08 23:52 81280 ----a-w- c:\windows\system32\drivers\snapman.sys
2010-01-08 23:52 . 2010-01-08 23:52 37888 ----a-w- c:\windows\system32\setupnt.dll
2010-01-08 23:52 . 2010-01-08 23:52 28064 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2010-01-08 23:52 . 2010-01-08 23:52 201984 ----a-w- c:\windows\system32\drivers\timntr.sys
2010-01-08 23:52 . 2010-01-08 23:52 126976 ----a-w- c:\windows\system32\snapapi.dll
2010-01-08 23:52 . 2010-01-08 23:52 -------- d-----w- c:\programmi\File comuni\Acronis
2010-01-03 17:54 . 2010-01-03 21:47 -------- d-----w- c:\documents and settings\desktop\Impostazioni locali\Dati applicazioni\Room Arranger
2010-01-03 12:55 . 2010-01-03 12:55 -------- d-----w- c:\programmi\xp-AntiSpy
2010-01-03 11:44 . 2010-01-03 22:21 -------- d-----w- c:\documents and settings\desktop\Dati applicazioni\inkscape
2009-12-30 21:12 . 2004-11-19 01:45 200704 ----a-w- c:\windows\system32\ciaSCls20.dll
2009-12-30 21:12 . 2003-12-12 16:41 53248 ----a-w- c:\windows\system32\ciaXPRegSvr20.dll
2009-12-30 11:16 . 2009-12-30 11:16 -------- d-----w- c:\programmi\File comuni\PCSuite
2009-12-30 11:16 . 2009-12-30 11:16 -------- d-----w- c:\programmi\File comuni\Nokia
2009-12-30 11:15 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-12-30 11:15 . 2009-12-30 11:15 -------- d-----w- c:\programmi\PC Connectivity Solution
2009-12-28 21:49 . 2009-12-28 21:49 -------- d-----w- c:\windows\system32\config\systemprofile\Impostazioni locali\Dati applicazioni\Google
2009-12-22 14:18 . 2009-12-22 14:18 335 ----a-w- c:\windows\mozregistry.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-13 20:01 . 2009-01-14 13:52 219680 ----a-w- c:\documents and settings\desktop\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-01-12 23:52 . 2009-10-05 22:53 -------- d-----w- c:\programmi\Xvid
2010-01-12 23:37 . 2009-01-24 23:28 -------- d-----w- c:\documents and settings\desktop\Dati applicazioni\Registry Booster
2010-01-12 18:45 . 2009-01-14 22:09 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2010-01-12 18:40 . 2009-01-14 22:14 -------- d-----w- c:\programmi\MSBuild
2010-01-11 13:46 . 2009-01-14 19:35 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-01-11 01:36 . 2009-01-14 19:38 -------- d-----w- c:\programmi\Intel
2010-01-10 23:27 . 2009-01-14 23:31 -------- d-----w- c:\documents and settings\desktop\Dati applicazioni\MailWasherFree
2010-01-03 11:15 . 2009-10-06 22:39 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator
2010-01-03 11:14 . 2009-04-01 20:27 5061520 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-03 11:14 . 2009-10-06 22:39 -------- d-----w- c:\documents and settings\desktop\Dati applicazioni\Spyware Terminator
2010-01-01 18:38 . 2009-08-27 13:07 -------- d-----w- c:\documents and settings\desktop\Dati applicazioni\Orbit
2009-12-30 13:55 . 2009-01-16 02:21 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-30 13:54 . 2009-01-16 02:21 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-30 11:13 . 2009-12-30 11:13 95232 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2009-12-30 11:13 . 2009-12-30 11:13 8192 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2009-12-30 11:13 . 2009-12-30 11:13 61440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-12-30 11:13 . 2009-12-30 11:13 10240 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2009-12-30 11:12 . 2009-02-03 23:38 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Installations
2009-12-30 11:12 . 2009-12-30 11:14 34541248 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_ita.exe
2009-12-28 21:49 . 2009-01-14 23:47 -------- d-----w- c:\programmi\Google
2009-12-26 22:32 . 2001-08-31 12:00 92408 ----a-w- c:\windows\system32\perfc010.dat
2009-12-26 22:32 . 2001-08-31 12:00 511376 ----a-w- c:\windows\system32\perfh010.dat
2009-12-22 21:33 . 2009-09-14 13:18 -------- d-----w- c:\programmi\QuickTime
2009-12-22 14:50 . 2009-03-03 20:25 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2009-12-21 19:39 . 2009-11-10 09:58 461368 ----a-w- c:\windows\system32\pwNative.exe
2009-12-21 19:39 . 2009-11-10 09:58 16456 ----a-w- c:\windows\system32\pwdrvio.sys
2009-12-21 19:39 . 2009-11-10 09:58 11088 ----a-w- c:\windows\system32\pwdspio.sys
2009-12-16 13:42 . 2009-12-22 14:27 872960 ----a-w- c:\documents and settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\vtjs5iq8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2009-12-16 13:42 . 2009-12-22 14:27 43008 ----a-w- c:\documents and settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\vtjs5iq8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-12-16 13:42 . 2009-12-22 14:27 340480 ----a-w- c:\documents and settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\vtjs5iq8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-12-16 13:41 . 2009-12-22 14:27 346624 ----a-w- c:\documents and settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\vtjs5iq8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-12-15 22:27 . 2009-12-15 22:27 79488 ----a-w- c:\documents and settings\desktop\Dati applicazioni\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-14 08:57 . 2009-01-14 13:41 -------- d-----w- c:\programmi\Microsoft Silverlight
2009-12-14 08:52 . 2009-12-14 08:52 3584 ----a-r- c:\documents and settings\desktop\Dati applicazioni\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2009-12-14 08:52 . 2009-12-14 08:52 -------- d-----w- c:\programmi\Windows Installer Clean Up
2009-12-14 08:51 . 2009-12-14 08:51 -------- d-----w- c:\programmi\MSECACHE
2009-12-11 15:00 . 2009-12-11 15:00 -------- d-----w- c:\programmi\Microsoft CAPICOM 2.1.0.2
2009-12-11 14:50 . 2009-12-11 14:50 -------- d-----w- c:\documents and settings\desktop\Dati applicazioni\gtk-2.0
2009-12-11 01:32 . 2009-01-22 13:34 136 ----a-w- c:\documents and settings\desktop\Impostazioni locali\Dati applicazioni\fusioncache.dat
2009-12-10 20:41 . 2009-12-03 20:13 -------- d-----w- c:\documents and settings\desktop\Dati applicazioni\XnView
2009-12-10 11:19 . 2009-10-05 19:41 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-02 13:45 . 2009-01-24 22:23 -------- d-----w- c:\documents and settings\desktop\Dati applicazioni\DeepBurner
2009-11-30 00:49 . 2009-11-30 00:49 -------- d-----w- c:\programmi\Avira
2009-11-30 00:49 . 2009-11-30 00:49 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2009-11-25 16:36 . 2009-11-25 16:36 884736 ----a-w- c:\documents and settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\vtjs5iq8.default\extensions\{3DB3D228-A2E9-4581-B400-CE1331C5269E}\components\LTff.dll
2009-11-21 15:54 . 2008-04-13 17:13 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 11:26 . 2009-11-21 11:27 5098496 ----a-w- C:\unetbtin.exe
2009-11-20 13:42 . 2009-11-20 13:42 -------- d-----w- c:\programmi\TitanTV
2009-11-06 14:10 . 2009-11-06 14:10 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-11-05 20:16 . 2009-11-05 20:16 73728 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
2009-11-04 00:05 . 2009-11-04 00:05 152576 ----a-w- c:\documents and settings\desktop\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-03 15:14 . 2009-11-03 15:13 1925024 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NOS\Adobe_Downloads\install_flash_player.exe
2009-11-02 14:34 . 2009-09-13 19:39 154444 ---ha-w- c:\windows\system32\mlfcache.dat
2009-10-29 07:40 . 2008-08-15 08:26 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-23 13:53 . 2009-10-23 13:53 95232 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2009-10-23 13:53 . 2009-10-23 13:53 8192 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
2009-10-23 13:53 . 2009-10-23 13:53 61440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-10-23 13:53 . 2009-10-23 13:53 10240 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2009-10-23 13:43 . 2009-10-23 13:53 33853800 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_ita_web.exe
2009-10-21 05:38 . 2008-04-13 17:13 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2008-04-13 17:13 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2008-04-13 09:53 265728 ------w- c:\windows\system32\drivers\http.sys
.

------- Sigcheck -------

[-] 2008-08-15 . E88631E21A9CACA06104802F9E915115 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\programmi\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\programmi\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\programmi\Windows Sidebar\sidebar.exe" [2008-08-15 1274880]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\programmi\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-05-29 790528]
"ATICCC"="c:\programmi\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Alice ti aiuta.lnk]
backup=c:\windows\pss\Alice ti aiuta.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Alice.lnk]
backup=c:\windows\pss\Alice.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio rapido di HP Image Zone.lnk]
backup=c:\windows\pss\Avvio rapido di HP Image Zone.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^McAfee Security Scan.lnk]
backup=c:\windows\pss\McAfee Security Scan.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^desktop^Menu Avvio^Programmi^Esecuzione automatica^Adobe Gamma.lnk]
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^desktop^Menu Avvio^Programmi^Esecuzione automatica^HDDlife.lnk]
backup=c:\windows\pss\HDDlife.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^desktop^Menu Avvio^Programmi^Esecuzione automatica^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Live! Cam Manager
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HydraVisionDesktopManager
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero PhotoShow Media Manager
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2010-01-08 23:52 65536 ----a-w- c:\programmi\File comuni\Acronis\Schedule2\schedhlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 15:10 35696 ----a-w- c:\programmi\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AliceRE_McciTrayApp]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
2010-01-13 22:11 209153 ----a-w- c:\programmi\Avira\AntiVir Desktop\avgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-08-22 08:52 94208 ------w- c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- d:\programmi\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
2004-05-12 14:18 241664 ------w- c:\programmi\HP\hpcoretech\hpcmpmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2004-02-12 12:38 49152 ------w- c:\programmi\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 1200 Series]
2006-07-13 05:30 57344 ------w- c:\programmi\Lexmark 1200 Series\lxczbmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-01-28 20:56 4363504 ------w- c:\programmi\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
2006-04-21 14:41 438359 ------w- c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44 3883856 ----a-w- c:\programmi\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ------w- c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 22:08 417792 ----a-w- c:\programmi\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\programmi\Java\jre6\bin\jusched.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PC Suite Tray"="d:\programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" -atboottime
"PinnacleDriverCheck"=c:\windows\system32\\PSDrvCheck.exe
"TVTray"=c:\progra~1\TVAV~1\TVAV~1\TVTray.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\ASUS\\AsusUpdate\\Update.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\java.exe"=
"d:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Gruppi peer-to-peer Windows
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [03/10/2009 1.48.53 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [03/10/2009 1.48.53 5248]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [20/02/2009 16.43.15 64160]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [06/10/2009 23.39.39 142592]
R2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [03/10/2009 15.27.35 110304]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [10/11/2009 10.32.54 14976]
R3 TTDec;ATI WDM Teletext Decoder;c:\windows\system32\drivers\atinttxx.sys [14/01/2009 15.35.01 13824]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [28/12/2009 22.49.07 135664]
S3 ASUSHWIO;ASUSHWIO;\??\c:\windows\system32\drivers\ASUSHWIO.sys --> c:\windows\system32\drivers\ASUSHWIO.sys [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;d:\programmi\Foto\MAGIX\Common\Database\bin\fbserver.exe --> d:\programmi\Foto\MAGIX\Common\Database\bin\fbserver.exe [?]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [10/11/2009 10.58.40 16456]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [10/11/2009 10.58.40 11088]
S3 UPnPService;UPnPService;c:\programmi\File comuni\MAGIX Shared\UPnPService\UPnPService.exe [03/10/2009 15.21.59 544768]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
S3 VF0350Vfx;VF0350 Video FX;c:\windows\system32\drivers\V0350Vfx.sys [15/01/2009 22.10.28 7424]
S3 VF0350Vid;Live! Cam Video IM (VF0350);c:\windows\system32\drivers\V0350Vid.sys [15/01/2009 22.10.25 170368]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\programmi\Lavasoft\Ad-Aware\AAWService.exe" --> c:\programmi\Lavasoft\Ad-Aware\AAWService.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 03:32 128512 ------w- c:\windows\system32\advpack.dll
.
Contenuto della cartella 'Scheduled Tasks'

2010-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-12-28 21:49]

2010-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-12-28 21:49]

2010-01-13 c:\windows\Tasks\User_Feed_Synchronization-{BAA84876-83C2-408E-B173-4487A0AA420E}.job
- c:\windows\system32\msfeedssync.exe [2001-08-31 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/ig
uInternet Settings,ProxyOverride = *.local
IE: E&sporta in Microsoft Excel - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mps.it\hb
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\vtjs5iq8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/ig
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13153&gct=&gc=1&q=
FF - component: c:\documents and settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\vtjs5iq8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\vtjs5iq8.default\extensions\{3DB3D228-A2E9-4581-B400-CE1331C5269E}\components\LTff.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Virtual Earth 3D\npVE3D.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
FF - user.js: yahoo.homepage.dontask - true.
- - - - CHIAVI ORFANE RIMOSSE - - - -

BHO-{905502AB-1987-46cd-9EC5-42B1E087D319} - c:\programmi\EasyPrediction\2.0\ltie.dll
MSConfigStartUp-Acronis†True†Image Monitor - d:\programmi\Diskutility\TrueImage\TrueImageMonitor.exe
MSConfigStartUp-ClamWin - d:\programmi\Diskutility\ClamWin\bin\ClamTray.exe
MSConfigStartUp-FileHippo - d:\programmi\Utility\FileHippo.com\UpdateChecker.exe
MSConfigStartUp-Malwarebytes Anti-Malware (reboot) - d:\programmi\DiskUtility\Malwarebytes' Anti-Malware\mbam.exe
MSConfigStartUp-SpywareTerminatorUpdate - d:\programmi\DiskUtility\Spyware Terminator\SpywareTerminatorUpdate.exe
MSConfigStartUp-swg - c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSConfigStartUp-Uniblue Registry Booster - d:\programmi\DiskUtility\Registry Booster\RegistryBooster.exe
AddRemove-CompuApps SwissKnife V3 - d:\programmi\Diskutility\SWISNIFE\SKUninst.ISU
AddRemove-uTorrent - d:\programmi\Internet\uTorrent\uTorrent.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-13 23:35
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...


c:\windows\system.ini 227 bytes

Scansione completata con successo
Files nascosti: 1

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A39D248]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf763bf28
\Driver\ACPI -> ACPI.sys @ 0xf7586cb8
\Driver\atapi -> 0x8a39d248
\Driver\iaStor -> iaStor55.sys @ 0xf7b1bb58
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805e66b2
ParseProcedure -> ntoskrnl.exe @ 0x8057b6b1
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805e66b2
ParseProcedure -> ntoskrnl.exe @ 0x8057b6b1
NDIS: 3Com Gigabit LOM (3C940) -> SendCompleteHandler -> NDIS.sys @ 0xbaf5bbb0
PacketIndicateHandler -> NDIS.sys @ 0xbaf4aa0d
SendHandler -> NDIS.sys @ 0xbaf5eb40
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(644)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3756)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\programmi\File comuni\Acronis\Schedule2\schedul2.exe
c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programmi\Bonjour\mDNSResponder.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\windows\system32\tcpsvcs.exe
c:\programmi\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\SearchIndexer.exe
.
**************************************************************************
.
Ora fine scansione: 2010-01-13 23:46:10 - Il pc Ë stato riavviato
ComboFix-quarantined-files.txt 2010-01-13 22:46
ComboFix2.txt 2009-11-30 00:44
ComboFix3.txt 2009-11-30 00:28
ComboFix4.txt 2009-11-29 21:43
ComboFix5.txt 2010-01-13 22:10

Pre-Run: 39.216.058.368 byte disponibili
Post-Run: 38.956.453.888 byte disponibili

- - End Of File - - F3885564511D6D4E75EC3D6B4FF3020D

hai una montagna di crack, sono quelli che ti hanno creato l'infezione

elimina quelli rimasti altrimenti siamo punto e a capo

dobbiamo controllare l' MBR, sembra che ci sia un problema qui >>> \Driver\iaStor -> iaStor55.sys @ 0xf7b1bb58

se non sbaglio e' un file di sistema dell'hard disk



scarica Mbr http://www2.gmer.net/mbr/mbr.exe

vai in modalita' provvisoria

Da Start - Esegui - digita C:\mbr.exe e clicca su OK

Posta il log - lo trovi in C:\ come mbr.log

puoi provare ad entrare con un cd live di linux e recuperare i file che ti interessano.

enzino85

mi dispiace averti messo da parte ma in questi giorni c'e' un po' di caos...

mentre controllo combofix, esegui queste due scansioni

tieni il ripristino disattivato e vai in modalita' provvisoria

scarica Malwarebytes http://www.malwarebytes.org/mbam/program/mbam-setup.exe
1) lo installi
2) lo aggiorni
3) fai una scansione scegliendo la modalità completa
4) NON eliminare per ora le ventuali minacce che rileva
5) finita la scansione seleziona il tabellino log, apri il file di testo e postalo sul forum


scarica

http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe

Finita la scansione, rimuovi i files infetti trovati e posta il log che viene generato sul desktop.

enzino85

mi riesegui findikyll e elibagla? tutti e due da provvisoria

http://dc108.4shared.com/download/75022994/b07bff/FindyKill.exe?tsid=20090209-102651-de3379fb

http://www.zonavirus.com/datos/descargas/95/elibagla.asp


con findikyll usa solo l'opzione 2

prima di continuare, ti volevo ricordare che se non elimini quella montagna di crack sarai di nuovo qui a chiedere aiuto

poi dovrai disinstallare e reinstallare puliti questi programmi, il bagle li ha messo fuori uso


Avira

Mozilla

SightSpeed

HijackThis

Thunderbird

ClamWin

per il file di aggiornamento asus
puo' riscaricarlo dal sito asus o dal cd della scheda madre


analizza questi due file sul sito virus total

c:\windows\system32\pwdrvio.sys

c:\windows\system32\pwdspio.sys