Benvenuto Ospite

Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Ho tolto tutti i virus???

5 pages: 1 2 [3] 4 5

Ho tolto tutti i virus???

Opzioni

Topic Precedente · Topic Sucessivo

dc881

Inviato: Sunday, March 21, 2010 9:18:11 AM

Rank: AiutAmico

Iscritto dal : 8/2/2009
Posts: 53

Credo che questa volta hai fatto un ottimo lavoro, il pc è tornato pimpante al risveglio di questa mattina.
Vorrei approfittare ancora un po' della tua grande disponibilità e conoscenza.

Quale antivirus mi consigli?
Il problema riscontrato (nell'ultima parte) era legato al software di Nikon (originale) cosa mi consigli di fare lo riinstallo o ne cerco un'altro.
Grazie

paolopa

Inviato: Sunday, March 21, 2010 9:44:38 AM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777

ricordati solo,quando sei certo che il pc è a posto,che dobbiamo azzerare i punti di ripristino.farai cosi':start,pannello di controllo,sistema,ripristino configurazione di sistema,metti la spunta a "disattiva ripristino configurazione di sistema su tutte le unita'",applica,ok.spegni e riaccendi il pc e fai l operazione inversa levando la spunta.l abbiamo tenuto per ultimo perchè potrebbe essere un paracadute di riserva,che forse è il caso avere con se.

dc881

Inviato: Sunday, March 21, 2010 11:47:40 AM

Rank: AiutAmico

Iscritto dal : 8/2/2009
Posts: 53

IL computer va bene, ma resta il rallentamento su mozilla (explorer non lo uso) soprattutto quando devi scrivere una frase (come questa) si ferma e poi scrive velocemente tutto quello che è stato digitato.

dc881

Inviato: Sunday, March 21, 2010 1:17:54 PM

Rank: AiutAmico

Iscritto dal : 8/2/2009
Posts: 53

Adesso sono rallentate tutte le operazioni, clicchi e dopo un po' viene l'eseguito, mi sa che ho ancora qualche trojano

dc881

Inviato: Sunday, March 21, 2010 2:50:23 PM

Rank: AiutAmico

Iscritto dal : 8/2/2009
Posts: 53

Ho riavviato e... funziona normalmente, ma penso che tra un po' ricomincerà a fare le bizze

r16

Inviato: Sunday, March 21, 2010 3:09:17 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Elimina questa voce di HJT:
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Programmi\WinPcap\rpcapd.exe

Elimina questa cartella in rosso:
C:\Programmi\WinPcap\rpcapd.exe
Riavvia il pc.

dc881

Inviato: Sunday, March 21, 2010 3:15:38 PM

Rank: AiutAmico

Iscritto dal : 8/2/2009
Posts: 53

Fatto, ma per un'oretta non posso riavviare il PC...a dopo

dc881

Inviato: Sunday, March 21, 2010 5:30:10 PM

Rank: AiutAmico

Iscritto dal : 8/2/2009
Posts: 53

Ho riavviato, per ora funziona, diamogli ancora un po' di tempo per vedere se è risolto

dc881

Inviato: Sunday, March 21, 2010 6:47:02 PM

Rank: AiutAmico

Iscritto dal : 8/2/2009
Posts: 53

Non ci siamo, dopo un'ora circa è ritornato a fare le bizze!!!!! Lento e a blocchi in scrittura, pulsanti che non rispondono al primo click, pagine lente nello scrool

r16

Inviato: Sunday, March 21, 2010 9:12:09 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Non resta che fare una ennesima scansione con Combofix, e postare l'ennesimo log.

dc881

Inviato: Monday, March 22, 2010 12:04:35 AM

Rank: AiutAmico

Iscritto dal : 8/2/2009
Posts: 53

Eccolo, se rilevi qualche programma sospetto non preoccuparti lo elimino senza problemi anche se è solo sospetto. L'alternativa è la formattazione, molto più noiosa

ComboFix 10-03-19.07 - 6750 21/03/2010 23.35.21.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2038.1233 [GMT 1:00]
Eseguito da: c:\documents and settings\6750\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\attAB.xls
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\attC4.doc
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fmC5
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto6.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto7.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto8.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\icon_xls(03-21-09-06-52).png
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\icon_xls.png
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Modulo ordine Cascina Biraga 12 02 10.xls
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\POF a.s.2009-2010.doc
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\scrollbar.css
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-20-17-12-25).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-20-17-16-07).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-20-17-36-54).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-20-17-37-05).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-20-18-43-04).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-20-18-43-14).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-09-06-15).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-09-06-33).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-09-06-52).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-09-06-54).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-09-14-38).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-09-52-46).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-09-55-18).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-10-41-18).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-10-41-20).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-10-41-27).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-10-41-29).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-11-19-56).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-11-44-09).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-11-51-19).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-13-04-48).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-14-11-30).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-14-31-42).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-14-31-45).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-14-31-49).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-15-13-09).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-17-36-26).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-17-46-03).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-17-46-06).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-18-36-51).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-18-37-54).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-18-48-23).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-18-54-35).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-18-55-29).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-18-57-15).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-21-19-47-32).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown.htm
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF

((((((((((((((((((((((((( Files Creati Da 2010-02-21 al 2010-03-21 )))))))))))))))))))))))))))))))))))
.

2010-03-20 15:00 . 2010-03-20 15:00 -------- d-----w- c:\programmi\p-nand-q.com
2010-03-20 12:17 . 2010-03-20 12:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Autorun Eater
2010-03-19 23:31 . 2010-03-19 23:31 -------- d-----w- c:\programmi\Your Company Name
2010-03-19 23:31 . 2010-03-19 23:31 -------- d-----w- c:\programmi\eDisplay
2010-03-19 22:16 . 2010-03-19 22:16 -------- d-----w- c:\programmi\Arclab
2010-03-19 13:33 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-17 21:25 . 2009-12-28 21:21 12288 ----a-w- c:\windows\system32\netset.exe
2010-03-17 21:18 . 2010-03-17 21:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FreeRIP
2010-03-15 20:54 . 2010-03-15 20:54 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2010-03-15 20:50 . 2010-03-15 20:50 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Google
2010-03-15 20:49 . 2010-03-15 20:50 -------- d-----w- c:\programmi\Google
2010-03-14 12:47 . 2010-03-14 12:47 -------- d-----w- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Winamp Toolbar
2010-03-12 15:14 . 2010-03-12 15:17 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Synthesia
2010-03-12 15:11 . 2010-03-12 15:11 -------- d-----w- c:\programmi\Synthesia
2010-03-11 16:53 . 2010-03-11 16:53 540568 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2010-03-10 20:55 . 2010-03-10 20:55 -------- d-----w- c:\programmi\Winamp Toolbar
2010-03-10 20:55 . 2010-03-10 20:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar
2010-03-10 19:13 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-03-10 19:13 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-03-10 19:13 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-03-10 19:13 . 2010-02-02 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-03-10 19:12 . 2010-03-10 19:16 -------- d-----w- c:\programmi\K-Lite Codec Pack
2010-03-09 22:06 . 2010-03-09 22:06 -------- d-----w- c:\programmi\Lame for Audacity
2010-03-09 19:10 . 2010-03-09 19:10 -------- d-----w- C:\MAGIX
2010-03-09 17:32 . 2010-03-11 13:44 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Audacity
2010-03-09 17:32 . 2010-03-09 17:32 -------- d-----w- c:\programmi\Audacity 1.3 Beta (Unicode)
2010-03-07 22:58 . 2010-03-07 22:58 -------- d-----w- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Phase_One
2010-03-07 22:42 . 2010-03-07 22:42 -------- d-----w- c:\programmi\DIFX
2010-03-07 22:42 . 2010-03-07 22:42 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Phase One
2010-03-07 22:42 . 2010-03-07 22:47 -------- d-----w- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\CaptureOne
2010-03-05 18:31 . 2010-03-07 19:11 -------- d-----w- c:\programmi\File comuni\Symantec Shared
2010-03-05 18:27 . 2010-03-07 19:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Norton
2010-03-05 18:27 . 2010-03-05 18:27 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Symantec
2010-03-05 18:27 . 2010-03-05 18:27 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NortonInstaller
2010-03-03 14:52 . 2010-03-03 14:52 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-03-02 22:38 . 2010-03-02 22:44 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Trellian
2010-03-02 22:38 . 2010-03-02 22:40 -------- d-----w- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\WebPage
2010-03-02 22:36 . 2007-09-07 22:43 512000 ----a-w- c:\windows\system32\Achroma2.dll
2010-03-02 22:36 . 2010-03-18 17:42 -------- d-----w- c:\programmi\Trellian
2010-03-02 22:22 . 2010-03-02 22:22 -------- d-----w- c:\programmi\HTML TableFactory
2010-03-02 17:29 . 2010-03-02 17:29 -------- d-----w- c:\programmi\MPC HomeCinema
2010-03-02 17:26 . 2010-03-02 17:26 -------- d-----w- c:\programmi\File comuni\Adobe AIR
2010-02-28 19:52 . 2010-02-28 19:52 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\freeTVRadio
2010-02-28 17:09 . 2010-03-18 17:46 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\OfferBox
2010-02-22 19:10 . 2010-02-22 19:10 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Facebook

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-21 22:49 . 2009-04-08 21:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2010-03-21 22:47 . 2009-04-08 21:10 3924000 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2010-03-21 22:47 . 2009-04-08 21:10 29449760 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-03-21 22:47 . 2009-04-08 21:10 293960 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-03-21 22:47 . 2009-04-08 21:10 107564 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2010-03-21 22:32 . 2009-05-10 19:38 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\uTorrent
2010-03-21 17:01 . 2009-05-06 12:14 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\foobar2000
2010-03-21 15:04 . 2009-04-16 15:11 79776 ----a-w- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-03-21 14:13 . 2009-04-16 22:37 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\FileZilla
2010-03-20 08:22 . 2009-11-16 15:53 79776 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-03-19 12:19 . 2009-06-22 18:12 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Paltalk
2010-03-18 17:52 . 2009-10-19 16:37 -------- d-----w- c:\programmi\File comuni\DVDVideoSoft
2010-03-18 17:48 . 2009-04-08 21:04 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-03-18 17:45 . 2009-05-07 18:59 -------- d-----w- c:\programmi\RipTiger
2010-03-18 17:43 . 2009-12-30 12:50 -------- d-----w- c:\programmi\eBay
2010-03-18 16:48 . 2009-08-28 22:31 -------- d-----w- c:\programmi\PHPNukeIT
2010-03-17 21:15 . 2009-08-08 14:53 -------- d-----w- c:\programmi\FLVPlayer4Free
2010-03-17 17:56 . 2009-08-02 16:09 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-03-16 23:02 . 2009-05-13 14:06 -------- d-----w- c:\programmi\Direct MIDI to MP3 Converter
2010-03-16 23:01 . 2009-04-08 22:21 -------- d-----w- c:\programmi\eMule
2010-03-16 23:00 . 2009-10-01 13:50 -------- d-----w- c:\programmi\e107 Theme Creator Beta
2010-03-16 23:00 . 2009-10-01 13:52 -------- d-----w- c:\programmi\e107 Tool
2010-03-16 23:00 . 2010-01-12 21:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AppSoft
2010-03-11 16:40 . 2009-05-23 16:20 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\muvee Technologies
2010-03-11 08:57 . 2009-05-23 14:58 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\muvee Technologies
2010-03-11 08:56 . 2009-05-23 14:59 -------- d-----w- c:\programmi\File comuni\muvee Technologies
2010-03-11 08:56 . 2009-05-23 14:59 -------- d-----w- c:\programmi\muvee Technologies
2010-03-11 08:11 . 2010-01-11 16:18 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLbx.DAT
2010-03-10 20:57 . 2009-11-19 18:58 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Winamp
2010-03-10 20:56 . 2009-11-19 18:58 -------- d-----w- c:\programmi\Winamp
2010-03-10 19:10 . 2009-04-21 21:25 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\DivX
2010-03-06 20:29 . 2010-01-11 16:34 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLdu.DAT
2010-03-04 07:36 . 2009-07-27 21:49 -------- d-----w- c:\programmi\Microsoft ActiveSync
2010-03-03 14:56 . 2009-10-29 09:27 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-02-27 07:58 . 2009-04-21 21:13 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Any Video Converter
2010-02-25 18:41 . 2009-05-01 14:07 -------- d-----w- c:\programmi\FileZilla FTP Client
2010-02-24 08:48 . 2009-11-30 15:51 66 ----a-w- c:\documents and settings\6750\Dati applicazioni\isfree4_1.tmp
2010-02-18 07:37 . 2010-01-21 22:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DVD Shrink
2010-02-16 21:28 . 2009-04-18 13:34 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\U3
2010-02-16 21:23 . 2010-01-05 12:21 -------- d-----w- c:\programmi\CA VMN Anti-Spyware
2010-02-14 18:46 . 2009-04-08 20:45 -------- d-----w- c:\programmi\microsoft frontpage
2010-02-14 15:15 . 2009-04-08 21:27 -------- d-----w- c:\programmi\Notepad++
2010-02-14 15:15 . 2009-04-08 21:27 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Notepad++
2010-02-10 21:49 . 2010-02-10 21:49 -------- d-----w- c:\programmi\STEARsoft
2010-02-10 19:22 . 2009-12-16 19:29 798 ----a-w- c:\windows\unins000.dat
2010-02-10 10:12 . 2009-06-08 21:13 -------- d-----w- c:\programmi\MSECache
2010-02-07 23:02 . 2009-04-28 15:36 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2010-02-06 08:30 . 2010-02-06 08:25 -------- d-----w- c:\programmi\Grammatica32SG
2010-02-06 08:25 . 2009-05-13 14:19 253952 ------w- c:\windows\Setup1.exe
2010-02-06 08:23 . 2010-02-06 08:22 -------- d-----w- c:\programmi\linguavox
2010-02-06 08:22 . 2009-04-21 22:10 74752 ------w- c:\windows\ST6UNST.EXE
2010-02-03 14:47 . 2009-12-01 12:41 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\QuickScan
2010-01-31 12:21 . 2010-01-31 12:10 -------- d-----w- c:\programmi\Esplorando 3 Matematica per le medie inferiori
2010-01-31 12:10 . 2010-01-31 12:10 -------- d-----w- c:\programmi\Finson Live Update
2010-01-26 16:36 . 2010-01-26 16:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Cakewalk
2010-01-26 16:36 . 2010-01-26 16:34 -------- d-----w- c:\programmi\Cakewalk
2010-01-26 16:33 . 2010-01-26 16:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ableton
2010-01-26 16:33 . 2010-01-26 16:33 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Ableton
2010-01-26 15:54 . 2010-01-26 15:54 -------- d-----w- c:\programmi\Ableton
2010-01-25 17:26 . 2010-01-25 17:26 -------- d-----w- c:\programmi\Oversoft
2010-01-24 22:27 . 2009-12-22 12:53 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\ACAMPREF
2010-01-23 19:32 . 2010-01-23 19:30 -------- d-----w- c:\programmi\EMC
2010-01-22 19:49 . 2009-04-24 19:24 -------- d-----w- c:\programmi\CyberLink
2010-01-22 12:11 . 2009-12-30 12:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\eBay
2010-01-22 12:11 . 2009-12-30 12:50 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\eBay
2010-01-21 22:51 . 2010-01-21 22:51 -------- d-----w- c:\programmi\DVD Shrink
2010-01-21 22:15 . 2010-01-21 22:15 -------- d-----w- c:\programmi\DVD Decrypter
2010-01-11 17:04 . 2010-01-11 17:00 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLdw.DAT
2010-01-11 16:25 . 2010-01-11 16:25 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLck.DAT
2010-01-07 15:07 . 2009-08-02 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-08-02 16:09 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 17:33 . 2010-01-06 17:33 295424 ----a-w- c:\windows\system32\bwmedia1.dll
2010-01-06 17:33 . 2010-01-06 17:33 150016 ----a-w- c:\windows\system32\bwmedia.dll
2010-01-05 13:42 . 2001-08-31 12:00 80946 ----a-w- c:\windows\system32\perfc010.dat
2010-01-05 13:42 . 2001-08-31 12:00 481680 ----a-w- c:\windows\system32\perfh010.dat
2010-01-01 14:18 . 2010-01-01 14:18 44544 ------w- c:\windows\AWuninstall.exe
2009-12-31 16:50 . 2008-04-13 10:15 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-23 17:30 . 2010-01-26 15:57 368640 ----a-w- c:\windows\system32\ReWire.dll
2009-12-23 17:30 . 2010-01-26 15:57 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2009-12-22 16:05 . 2009-12-22 12:52 724 ----a-w- c:\windows\wacam.TMP
2009-12-22 12:52 . 2009-12-22 12:52 1409 ----a-w- c:\windows\Fonts\SToccata.fot
2009-09-23 16:47 . 2009-09-23 16:47 28488 ----a-w- c:\programmi\mozilla firefox\plugins\atgpcdec.dll
2009-09-23 16:47 . 2009-09-23 16:47 185240 ----a-w- c:\programmi\mozilla firefox\plugins\atgpcext.dll
2009-09-23 16:50 . 2009-09-23 16:50 46408 ----a-w- c:\programmi\mozilla firefox\plugins\atmccli.dll
2009-09-23 16:47 . 2009-09-23 16:47 99224 ----a-w- c:\programmi\mozilla firefox\plugins\ieatgpc.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\programmi\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\programmi\mozilla firefox\plugins\ssldivx.dll
.

------- Sigcheck -------

[-] 2008-05-08 . 4ED067D8270174E777286A26FECDB3E8 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-03-20_11.59.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-21 22:48 . 2010-03-21 22:48 16384 c:\windows\temp\Perflib_Perfdata_1e4.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-20 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-20 138008]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 16126464]
"MaxBlastMonitor.exe"="c:\programmi\Maxtor\MaxBlast\MaxBlastMonitor.exe" [2007-08-30 1190760]
"AcronisTimounterMonitor"="c:\programmi\Maxtor\MaxBlast\TimounterMonitor.exe" [2007-08-30 1966376]
"Acronis Scheduler2 Service"="c:\programmi\File comuni\Maxtor\Schedule2\schedhlp.exe" [2007-08-30 148760]
"CAPON"="c:\windows\system32\Spool\Drivers\w32x86\3\CAPONN.EXE" [2000-04-20 22528]
"AdobeCS4ServiceManager"="c:\programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-02 201992]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

c:\documents and settings\6750\Menu Avvio\Programmi\Esecuzione automatica\
Collegamento a html2pop3.exe (2).lnk - c:\documents and settings\6750\Desktop\html2pop3232win32\html2pop3.exe [2009-4-8 111104]
FastFX Trader.lnk - c:\programmi\FastFX Trader\terminal.exe [2009-5-14 2765520]
ibfx42l.exe.lnk - c:\programmi\Interbank42\terminal.exe [2009-7-10 2765520]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2009-4-25 113664]
Finestra di stato di Canon LBP-800.LNK - c:\windows\system32\spool\drivers\w32x86\3\CAPPSWK.EXE [2009-4-14 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2009-06-30 07:55 2329224 ----a-w- c:\programmi\IObit\Advanced SystemCare 3\AWC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Programmi\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Programmi\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\programmi\Microsoft ActiveSync\rapimgr.exe"= c:\programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programmi\Microsoft ActiveSync\wcescomm.exe"= c:\programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programmi\Microsoft ActiveSync\WCESMgr.exe"= c:\programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\File comuni\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programmi\\Opera\\opera.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [14/04/2009 16.58.59 40464]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17.29.38 33808]
R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [23/05/2009 16.50.46 15172]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [14/06/2008 18.02.12 17408]
R2 MailList Controller;MailList Controller;c:\programmi\Arclab\MailList Controller\amlcSVC.exe [19/03/2010 23.17.00 2214400]
R2 RapidPort;RapidPort;c:\windows\system32\drivers\CAPLPTN.SYS [20/10/2009 20.36.34 23008]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [08/04/2009 22.06.14 39424]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 18.02.46 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/12/2007 12.28.40 24592]
S2 gupdate;Google Update Service (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [15/03/2010 21.49.44 135664]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\programmi\MAGIX\Common\Database\bin\fbserver.exe [22/12/2009 12.17.45 1527900]
S3 JTVNCProxy_10.0;JTVNCProxy;c:\programmi\Freedom Scientific\JAWS\10.0\JTVNCProxy.exe [22/10/2008 23.22.00 17176]
.
Contenuto della cartella 'Scheduled Tasks'

2010-02-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-03-21 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary Utilities\initialize.exe [2009-08-24 14:09]

2010-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-03-15 20:49]

2010-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-03-15 20:49]

2010-03-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1580818891-1801674531-1003Core.job
- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-09-17 19:18]

2010-03-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1580818891-1801674531-1003UA.job
- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-09-17 19:18]

2010-03-21 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 14:07]

2010-03-21 c:\windows\Tasks\User_Feed_Synchronization-{BEB02B75-5635-4488-9403-B5782412E6A5}.job
- c:\windows\system32\msfeedssync.exe [2001-08-31 03:31]

2010-03-21 c:\windows\Tasks\User_Feed_Synchronization-{F10321DB-C234-4692-8587-F00FC7DCB7DF}.job
- c:\windows\system32\msfeedssync.exe [2001-08-31 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.igoogle.it/
uInternet Connection Wizard,ShellNext = hxxp://www.incredimail.com/app/?tag=page_app_welcome&lang=16&version=5853823&setup_id=16000002&aff_id=1&addon=IncrediMail
IE: &BOM hinzufügen - c:\\PROGRA~1\\BID-O-~1\\\\AddToBOM.hta
IE: Aggiungi al banner Blocco pubblicità - c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti nel file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Ricerca - c:\programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
IE: Sothink SWF Catcher - c:\programmi\File comuni\SourceTec\SWF Catcher\InternetExplorer.htm
TCP: {6B4864BE-E218-4265-A013-AD9896B69D39} = 151.99.125.1,195.110.128.1
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\6750\Dati applicazioni\Mozilla\Firefox\Profiles\n5stigdk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
FF - prefs.js: browser.search.selectedEngine - Fast Browser Search
FF - prefs.js: browser.startup.homepage - www.igoogle.it
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - component: c:\documents and settings\6750\Dati applicazioni\Mozilla\Firefox\Profiles\n5stigdk.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\programmi\Google\Google Gears\Firefox\lib\ff30\gears.dll
FF - plugin: c:\documents and settings\6750\Dati applicazioni\Facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npatgpc.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\NPMyrMus.dll
FF - plugin: c:\programmi\Musicnotes\GuitarGuru\npmusicn.dll
FF - plugin: c:\programmi\Opera\program\plugins\NPMyrMus.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

FF - user.js: browser.sessionstore.resume_from_crash - false
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

AddRemove-WinPcapInst - c:\programmi\WinPcap\uninstall.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-21 23:49
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
"0140210900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
"OOBETimer"=hex:ff,d5,71,d6,8b,6a,8d,6f,d5,33,93,fd
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(992)
c:\windows\system32\klogon.dll
c:\programmi\File comuni\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'lsass.exe'(1412)
c:\windows\system32\relog_ap.dll

- - - - - - - > 'explorer.exe'(3548)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
c:\programmi\File comuni\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\File comuni\Maxtor\Schedule2\schedul2.exe
c:\programmi\Bonjour\mDNSResponder.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Google\Update\1.2.183.23\GoogleCrashHandler.exe
c:\xampp\mysql\bin\mysqld-nt.exe
c:\windows\system32\CAPRPCSK.EXE
c:\windows\system32\fxssvc.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\RTHDCPL.EXE
c:\programmi\Microsoft ActiveSync\wcescomm.exe
c:\progra~1\MICROS~4\rapimgr.exe
.
**************************************************************************
.
Ora fine scansione: 2010-03-21 23:58:40 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-03-21 22:58
ComboFix2.txt 2010-03-20 12:02

Pre-Run: 74.828.099.584 byte disponibili
Post-Run: 74.832.928.768 byte disponibili

- - End Of File - - D1B01A9B107119B93619159CE8086259

dc881

Inviato: Tuesday, March 23, 2010 12:36:40 PM

Rank: AiutAmico

Iscritto dal : 8/2/2009
Posts: 53

La situazione è ancora instabile e rallentata perciò se rilevi qualche programma sospetto non preoccuparti lo elimino senza problemi anche se è solo sospetto. L'alternativa è la formattazione, molto più noiosa
Nel post precedente c'é lultimo log di combofix

r16

Inviato: Tuesday, March 23, 2010 1:25:12 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Ciao.
Crea un punto di ripristino.
In questo modo, se le cose peggiorano, fai il Ripristino Configurazione Sistema.

Apri un file di testo sul Desktop (start\esegui\digita: notepad.exe e poi clicca Ok
Ci incolli il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente con il nome CFScript.txt

Code:

KillAll::

File::
c:\windows\system32\netset.exe
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
c:\windows\Tasks\GlaryInitialize.job

Folder::
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Winamp Toolbar
c:\documents and settings\6750\Dati applicazioni\Synthesia
c:\programmi\Winamp Toolbar
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Phase_One
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\CaptureOne
c:\programmi\File comuni\Symantec Shared
c:\documents and settings\All Users\Dati applicazioni\Norton
c:\documents and settings\All Users\Dati applicazioni\Symantec
c:\documents and settings\All Users\Dati applicazioni\NortonInstaller
c:\documents and settings\6750\Dati applicazioni\Trellian
c:\programmi\Trellian
c:\documents and settings\6750\Dati applicazioni\freeTVRadio
c:\documents and settings\6750\Dati applicazioni\OfferBox
c:\documents and settings\6750\Dati applicazioni\foobar2000
c:\documents and settings\6750\Dati applicazioni\Paltalk

RegLock::
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]

e trascinalo sull'icona di ComboFix.
Attendi la fine dei lavori, senza toccare tastiera, mouse o altro.
Posta il log aggiornato di combofix.
Se il pc, non si riavvia da solo, riavvialo tu.

dc881

Inviato: Tuesday, March 23, 2010 1:40:51 PM

Rank: AiutAmico

Iscritto dal : 8/2/2009
Posts: 53

Questi credo siano gli ultimi programmi che ho installato prima di trovarmi in questa situazione. Guarda perfavore se c'é qualche cosa di sospetto:
flvplayer4free_setup.exe
freeripmp3-setup33.exe
SoftonicDownloader91805.exe
Synthesia-0.7.0-installer.exe
YouTubeDownloaderSetup253c.exe
Piano_Electronico_2.5.zip
In tanto faccio l'operazione che mi hai detto

r16

Inviato: Tuesday, March 23, 2010 1:45:24 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Infatti, sono quasi tutti dentro lo script.
Caso mai, se il problema rimane, toglieremo il resto.

dc881

Inviato: Tuesday, March 23, 2010 2:16:26 PM

Rank: AiutAmico

Iscritto dal : 8/2/2009
Posts: 53

ComboFix 10-03-19.07 - 6750 23/03/2010 13.50.18.6.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2038.1445 [GMT 1:00]
Eseguito da: c:\documents and settings\6750\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\6750\Desktop\CFScript.txt
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
* Creato nuovo punto di ripristino

FILE ::
"c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT"
"c:\windows\system32\netset.exe"
"c:\windows\Tasks\GlaryInitialize.job"
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\6750\Dati applicazioni\foobar2000
c:\documents and settings\6750\Dati applicazioni\foobar2000\foobar2000.cfg
c:\documents and settings\6750\Dati applicazioni\foobar2000\playlists\00000001.fpl
c:\documents and settings\6750\Dati applicazioni\foobar2000\playlists\index.dat
c:\documents and settings\6750\Dati applicazioni\foobar2000\theme.fth
c:\documents and settings\6750\Dati applicazioni\freeTVRadio
c:\documents and settings\6750\Dati applicazioni\freeTVRadio\Settings.xml
c:\documents and settings\6750\Dati applicazioni\OfferBox
c:\documents and settings\6750\Dati applicazioni\OfferBox\config.xml
c:\documents and settings\6750\Dati applicazioni\Paltalk
c:\documents and settings\6750\Dati applicazioni\Paltalk\groups\dc8812\betaList3.txt
c:\documents and settings\6750\Dati applicazioni\Paltalk\profile repository\45573307_.jpg
c:\documents and settings\6750\Dati applicazioni\Synthesia
c:\documents and settings\6750\Dati applicazioni\Synthesia\folders.xml
c:\documents and settings\6750\Dati applicazioni\Synthesia\log.txt
c:\documents and settings\6750\Dati applicazioni\Synthesia\scores.xml
c:\documents and settings\6750\Dati applicazioni\Synthesia\songInfo.xml
c:\documents and settings\6750\Dati applicazioni\Synthesia\tracks.xml
c:\documents and settings\6750\Dati applicazioni\Trellian
c:\documents and settings\6750\Dati applicazioni\Trellian\Trellian WebPage\temp.htm
c:\documents and settings\6750\Dati applicazioni\Trellian\userdict.txt
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\CaptureOne
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\CaptureOne\CustomCommands\CaptureOne 3.7 Default.xml
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\CaptureOne\CustomCommands\CaptureOne Default.xml
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\CaptureOne\Logs\Application.log
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\CaptureOne\Logs\CaptureCore.log
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\CaptureOne\Logs\CaptureProcess.log
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\CaptureOne\Logs\ImgCore.log
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\CaptureOne\Logs\ImgCoreExternal.log
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\CaptureOne\Recipes\Formula senza nome.xml
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\CaptureOne\userLog.db
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\CaptureOne\WebContactSheetTemp\contactsheet.dtd
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Phase_One
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Phase_One\CaptureOne.exe_Url_2mm5qma2dlklwfku3gft30iooc0i2ofk\5.1.36421.0\user.config
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Winamp Toolbar
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Winamp Toolbar\ieToolbar\en-US\buttons.xml
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Winamp Toolbar\ieToolbar\en-US\default_aol.xml
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Winamp Toolbar\ieToolbar\en-US\domains.xml
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Winamp Toolbar\ieToolbar\en-US\ietbconfig.xml
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\55-200(1).jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\55-200.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\att81.doc
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\att9C.png
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\attB0.JPG
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Carta Intestat Ega.doc
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\clip_image002.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\DSC_0296.JPG
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\DSC_0298.JPG
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\DSC_0304.JPG
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\DSC_0306.JPG
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\DSC_0307.JPG
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\DSC_0312.JPG
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fm102
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fm103
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fm104
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fm105
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fm106
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fm107
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fm108
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\fm109
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto1.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto10.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto11.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto12(03-22-21-22-02).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto12.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto13(03-22-21-22-02).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto13.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto14(03-22-21-22-02).jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto14.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto15(03-22-21-22-02).jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto15.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto16(03-22-21-22-02).jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto16.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto17(03-22-21-22-02).jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto17.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto2.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto3.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto4.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto5.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto8.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\foto9.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\GASBLod(03-22-08-38-13).gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\GASBLod.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\icon_doc.png
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\icon_pdf(03-22-20-33-50).png
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\icon_pdf(03-22-20-33-51).png
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\icon_pdf.png
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\icon_xls(03-22-20-33-50).png
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\icon_xls.png
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\IMG_3299.JPG
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\IMG_3311.JPG
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\IMG_3383.JPG
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\IMG_3404.JPG
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Iniziativa_di_Beppe_Grillo_x_il_caro_benzina.doc
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\leftbg.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\logo(1).png
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\logo.png
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Modulo ordine Cascina Biraga 04 03 2010.xls
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\Modulo ordine Cascina Biraga 19 03 2010.xls
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\obiett.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\obiettivo 2.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\obiettivo con custodia.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\obiettivo.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\pdf.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\premio varesi 2010.doc
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\premio varesi 2010.odt
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\rightbg.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\scrollbar.css
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\spacer.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\stampa_girl_line_it.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\toppic.gif
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-08-35-38).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-08-38-05).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-08-38-13).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-08-38-14).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-08-38-18).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-08-38-24).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-08-38-29).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-08-38-48).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-08-38-50).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-33-04).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-33-32).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-37-02).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-37-04).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-37-06).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-37-07).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-37-12).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-37-15).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-37-16).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-37-18).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-37-21).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-37-22).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-37-24).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-37-26).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-39-22).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-39-58).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-39-59).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-40-01)(1).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-40-01).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-13-40-03).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-16-41-21).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-16-41-23).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-16-41-27).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-16-41-39).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-16-41-48).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-16-41-48).jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-16-41-52).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-16-42-22).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-16-42-33)(1).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-16-42-33).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-17-01-34).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-19-10-05).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-19-10-25).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-19-10-30).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-19-10-58).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-29-22).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-29-38).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-29-44).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-29-55).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-30-01).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-30-04).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-30-08)(1).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-30-08).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-30-19).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-30-29).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-30-40).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-30-51).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-31-09).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-31-17).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-31-18).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-31-19).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-31-20).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-31-24).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-31-26).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-31-29).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-31-34).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-31-54).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-31-55).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-32-03).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-32-16).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-32-31).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-32-36).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-32-42).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-32-43).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-32-45).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-32-48).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-01).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-06)(1).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-06).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-14).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-16).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-21).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-26).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-27).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-28).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-31).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-32).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-36).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-40).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-48).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-50).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-51)(1).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-51).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-33-56).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-01).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-05).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-08).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-09).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-12).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-13).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-14)(1).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-14).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-15).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-21).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-22).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-23).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-24)(1).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-24)(2).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-24).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-25).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-26)(1).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-26)(2).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-26).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-27)(1).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-27)(2).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-27)(3).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-27)(4).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-27).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-28)(1).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-28).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-29)(1).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-29)(2).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-29).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-31)(1).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-31).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-32).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-20-34-33).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-21-22-01).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-21-22-02).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-22-08-39).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown(03-22-22-08-50).htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown.htm
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\unknown.jpg
c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\xls.gif
c:\documents and settings\All Users\Dati applicazioni\Norton
c:\documents and settings\All Users\Dati applicazioni\Norton\symdata.xml
c:\documents and settings\All Users\Dati applicazioni\NortonInstaller
c:\documents and settings\All Users\Dati applicazioni\NortonInstaller\Logs\03-05-2010-19h27m18s\Install.1.mft.7z
c:\documents and settings\All Users\Dati applicazioni\NortonInstaller\Logs\03-05-2010-19h27m18s\NortonInstall-03-05-2010-19h27m18s.log
c:\documents and settings\All Users\Dati applicazioni\NortonInstaller\Logs\03-07-2010-20h10m59s\Install.1.mft.7z
c:\documents and settings\All Users\Dati applicazioni\NortonInstaller\Logs\03-07-2010-20h10m59s\NortonInstall-03-07-2010-20h10m59s.log
c:\documents and settings\All Users\Dati applicazioni\NortonInstaller\Logs\03-07-2010-20h11m15s\NortonInstall-03-07-2010-20h11m15s.log
c:\documents and settings\All Users\Dati applicazioni\Symantec
c:\documents and settings\All Users\Dati applicazioni\Symantec\symdata.xml
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\buttons\alerts\alert.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\buttons\alerts\alerts.css
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\buttons\alerts\alerts.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\buttons\alerts\alerts.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\buttons\alerts\alerts.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\buttons\defaultButtons.xml
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\buttons\searchedit.bmp
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\arrow_left.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\arrow_left_on.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\arrow_right.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\arrow_right_on.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_buy.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_buy_on.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_enqall_off.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_enqall_on.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_info.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_info_on.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_play.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_play_on.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_playall_off.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_playall_on.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_playlist.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_playlist_on.jpg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\mediamonitor.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\mediamonitor.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\rss\menu.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\rss\menu.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\rss\qap.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\rss\rss.css
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\rss\rss.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\rss\rss.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\rss\staf.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\rss\staf.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\about.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\addcustombutton.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\addcustombutton_confirm.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\addsearch.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\ani_media_icon.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\blocker.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\blue_input_down_1.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\blue_input_down_2.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\blue_input_normal_1.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\blue_input_normal_2.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\blue_input_over_1.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\blue_input_over_2.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\branding.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_movedowndisabled.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_movedowndown.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_movedownover.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_movedownup.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_moveupdisabled.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_moveupdown.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_moveupover.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_moveupup.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_nextdown.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_nextover.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_nextup.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_prevdown.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_prevover.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_prevup.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\buttonManager.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\buttons.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\buttons_frame.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\clearprints.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\clearprints_confirm.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\content.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\content_header01.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\content_header02.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\custom_button.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\custombutton.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\customize_icon.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\defaultsearch.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\disabled_input_1.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\disabled_input_2.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\dot.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\dropcustombutton.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\firsttimepage.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\footprints.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\footprints_frame.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\general_icon.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\green_input_down_1.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\green_input_down_2.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\green_input_normal_1.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\green_input_normal_2.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\green_input_over_1.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\green_input_over_2.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\latest.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\metrics.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\olderversion.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\options_frame.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_bottom_left.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_bottom_right.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_bottom_tile.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_left_tile.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_right_tile.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_top_left.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_top_left_bot.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_top_left_large.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_top_right.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_top_right_bot.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_top_right_large.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_top_tile.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\popup_icon.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\popups_frame.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\popups_icon.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\preferences.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\preferences.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\privacy_icon.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\renamecustombutton.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\resettoolbar.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\search.js
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\search_frame.htm
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\search_icon.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\SettingTabActive.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\SettingTabNormal.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\SettingTabOver.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\sidebar_bg.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\sidebar_bottom.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\sidebar_left.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\sidebar_top.gif
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\ui\stylesheet.css
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\winamptb.cfg
c:\documents and settings\All Users\Dati applicazioni\Winamp Toolbar\ieToolbar\resources\en-US\winamptbres.dll
c:\programmi\File comuni\Symantec Shared
c:\programmi\Trellian
c:\programmi\Trellian\SEO Toolkit v3.0\control.log
c:\programmi\Trellian\Toolbar\about.txt
c:\programmi\Trellian\Toolbar\atl80.dll
c:\programmi\Trellian\Toolbar\autofill.ini
c:\programmi\Trellian\Toolbar\cache\007ac82db8786b489aacd1c0f8c71ff6.ico
c:\programmi\Trellian\Toolbar\cache\0165032726caf84c36f9a3b8eb770405.ico
c:\programmi\Trellian\Toolbar\cache\08932513ae414e81f24f827d9091b016.ico
c:\programmi\Trellian\Toolbar\cache\08b4adbc2fb74d1a201a9ea07fc9d25e.ico
c:\programmi\Trellian\Toolbar\cache\0940a83437353a0d03b2157295d16624.ico
c:\programmi\Trellian\Toolbar\cache\0bdda919f600d1f155a5105f57ed903b.ico
c:\programmi\Trellian\Toolbar\cache\0e14a9b3be3e576dce11cd20c2f809eb.ico
c:\programmi\Trellian\Toolbar\cache\0e2100df635a037297e572ac7efb089d.ico.err
c:\programmi\Trellian\Toolbar\cache\1069214ffd0a12b6028bb2dc410f6fe8.ico
c:\programmi\Trellian\Toolbar\cache\12529b5a0ff88ccd2c68849dafb4b2eb.ico
c:\programmi\Trellian\Toolbar\cache\13b29d095ec4467e118aa8c50fa844d8.ico
c:\programmi\Trellian\Toolbar\cache\13f50e3bb929e18966645c62ae9ce8f5.bmp
c:\programmi\Trellian\Toolbar\cache\15aeadf53d8210e2ec0a70cc7343a076.ico.err
c:\programmi\Trellian\Toolbar\cache\1cebe9d175f4b9106b7a6b7aa10ea1a5.ico
c:\programmi\Trellian\Toolbar\cache\2254eb13eb7194be0b884189a2861a06.ico
c:\programmi\Trellian\Toolbar\cache\225b4ae2b79d2535aea2614f4bdbca5e.ico
c:\programmi\Trellian\Toolbar\cache\26a1fbd6c13ef1983ca1bce8e238840b.ico
c:\programmi\Trellian\Toolbar\cache\27a1636de8dd3c2d8a3a9c9f4bc996a8.ico
c:\programmi\Trellian\Toolbar\cache\27d2f0cdb0894546cc268412f5cbb913.ico
c:\programmi\Trellian\Toolbar\cache\2a23ae91610b3e19099eec6bef9cee97.htm
c:\programmi\Trellian\Toolbar\cache\2e80d902be021b315d40da962407f03f.ico
c:\programmi\Trellian\Toolbar\cache\2f7cb5a8fcd71f07805786d2937a28bc.ico
c:\programmi\Trellian\Toolbar\cache\398ca6d2dc203eb32f6203ae09cea6f2.ico
c:\programmi\Trellian\Toolbar\cache\3f5237f301164c43b6159955af058145.htm
c:\programmi\Trellian\Toolbar\cache\415700cc560fdecdbc46cedaf1139fd4.ico
c:\programmi\Trellian\Toolbar\cache\4516ae25e208e5cc4623a11cfad327f8.ico
c:\programmi\Trellian\Toolbar\cache\46de3d056e22b7be9f4454eeaef2f5c5.htm
c:\programmi\Trellian\Toolbar\cache\47928a8555473ac304ed9d2907728d63.ico
c:\programmi\Trellian\Toolbar\cache\4ad317545b9c5a13982e5c9a4eb460da.ico.err
c:\programmi\Trellian\Toolbar\cache\4bce8ee100e87817438be0ce7de74869.ico
c:\programmi\Trellian\Toolbar\cache\4cde186588fd51296067cb88e219fd77.ico
c:\programmi\Trellian\Toolbar\cache\4d725f848ce97eb032cbc5f4fcc0b468.ico
c:\programmi\Trellian\Toolbar\cache\4e1f4b527457f1d8446d2fd97cefdd1f.ico
c:\programmi\Trellian\Toolbar\cache\4e63438be99a05aac594b482891da300.ico
c:\programmi\Trellian\Toolbar\cache\517c9e319333b3ad7c671324f9147126.htm
c:\programmi\Trellian\Toolbar\cache\521ea89037d3152ab64c6ae4d83503e2.ico
c:\programmi\Trellian\Toolbar\cache\54435ae4c7081e449ca3bb4688e02664.ico
c:\programmi\Trellian\Toolbar\cache\54b49f64c003943494b61d1b8e665a32.ico
c:\programmi\Trellian\Toolbar\cache\59d78b5e4f6fdb1d8e58c4335482b887.ico
c:\programmi\Trellian\Toolbar\cache\5b9e8c2f89454739514a6085464a0160.ico
c:\programmi\Trellian\Toolbar\cache\5c7acf0b873952f085dc75eef93390db.ico
c:\programmi\Trellian\Toolbar\cache\5f3ccca9825f4ccd4af2bf8be3904df7.ico
c:\programmi\Trellian\Toolbar\cache\713fa8e2a9338e3ef9c0f6df850decb0.ico
c:\programmi\Trellian\Toolbar\cache\74b1ccb38bd2836ab502383f9b6a8df4.ico
c:\programmi\Trellian\Toolbar\cache\7bea670a44b78f10a9e5970eea9d9393.ico
c:\programmi\Trellian\Toolbar\cache\880a276465e64a7ee9e50eb4d56e87ac.ico
c:\programmi\Trellian\Toolbar\cache\8846b699ff9980f83e6a85958d1e8774.ico
c:\programmi\Trellian\Toolbar\cache\8b1bb658b266f6d10f5a5a24a167f7ec.htm
c:\programmi\Trellian\Toolbar\cache\8b67bda87d8ad932166e3b13026874c9.ico
c:\programmi\Trellian\Toolbar\cache\8d46e66b0174b8fa64ad4f9da272e1ed.ico
c:\programmi\Trellian\Toolbar\cache\8f4187f17653142e52e0a32c26e68175.ico
c:\programmi\Trellian\Toolbar\cache\903e701c08b3c86fe5dbbc02d27935a5.ico
c:\programmi\Trellian\Toolbar\cache\98b5c3f0889dbf38977f8c63a4c0d664.ico
c:\programmi\Trellian\Toolbar\cache\9c5a2424f698adad8f10e154263b42c2.ico
c:\programmi\Trellian\Toolbar\cache\9f60387beb1126a0ac467db29434e031.ico
c:\programmi\Trellian\Toolbar\cache\a8b8b1d6c6a00b074b695bebd5267903.ico
c:\programmi\Trellian\Toolbar\cache\aa22d6b7e4fc45e90eecd6182191c080.ico
c:\programmi\Trellian\Toolbar\cache\b493989ce3983f84eff4fc8d6aa3c360.ico
c:\programmi\Trellian\Toolbar\cache\b499ac101835f8cd50966659952bd883.ico
c:\programmi\Trellian\Toolbar\cache\b6ce8f94604d7df81d933d0ec4b727b8.ico
c:\programmi\Trellian\Toolbar\cache\b70205ff8b107daa2c70ac8a742de8b6.ico
c:\programmi\Trellian\Toolbar\cache\bd2234d0c264ae881430c1a07ee00c71.ico
c:\programmi\Trellian\Toolbar\cache\ca4f6b9e86799bae8c76c740c9e8215f.ico
c:\programmi\Trellian\Toolbar\cache\cf9a5ef9738aeffa493a191cba7d895b.htm
c:\programmi\Trellian\Toolbar\cache\d41d8cd98f00b204e9800998ecf8427e.htm.err
c:\programmi\Trellian\Toolbar\cache\d5ed768403b3b80d5ee0b7142e121159.ico
c:\programmi\Trellian\Toolbar\cache\d6421c86a460f6585519f45d01238b97.ico
c:\programmi\Trellian\Toolbar\cache\d708a714eee5630e13c9c0fd60f6ad07.ico
c:\programmi\Trellian\Toolbar\cache\d7989b369d8aec963f654eff5c38948a.ico
c:\programmi\Trellian\Toolbar\cache\d953b6143539fe812890ecb187b4b5b0.ico.err
c:\programmi\Trellian\Toolbar\cache\de398ae973b1daf18347a03741274288.ico
c:\programmi\Trellian\Toolbar\cache\de96996df0f5f7962a7bb34b57b0cdad.htm
c:\programmi\Trellian\Toolbar\cache\e0bb05d03607650a458f62a4e4036ab7.ico
c:\programmi\Trellian\Toolbar\cache\e29dcf510584b9598cbb2da192bc292a.ico
c:\programmi\Trellian\Toolbar\cache\e91f3b59ff42ec1f857247ca439e6c6d.ico
c:\programmi\Trellian\Toolbar\cache\ea138eeeb29c4d0fdb7287264cc2c8aa.ico
c:\programmi\Trellian\Toolbar\cache\eb1a25f18d7012bd37157ea140eb0669.ico
c:\programmi\Trellian\Toolbar\cache\ee9e1aa09f84e0b3c8fe0372b124a71b.ico
c:\programmi\Trellian\Toolbar\cache\f2ee3d2cc0d7236ac12e1aec6d5f2dfe.ico
c:\programmi\Trellian\Toolbar\cache\f320877aa55c4e9398e70c1c93c81da2.ico
c:\programmi\Trellian\Toolbar\cache\f3ca955220ef5b1f84b1892bcc298754.ico
c:\programmi\Trellian\Toolbar\cache\f4bee2688f543c3c3f6c5c6fc1fb7fd5.ico
c:\programmi\Trellian\Toolbar\cache\f6a51b62eaa4d81848a4b7a712afa68f.htm
c:\programmi\Trellian\Toolbar\cache\f82d5bc181b20f2889115dc89fa290e8.ico
c:\programmi\Trellian\Toolbar\cache\fc4fa4756a57673c00298bac61c1b222.htm
c:\programmi\Trellian\Toolbar\Default.htm
c:\programmi\Trellian\Toolbar\lang\lang_de.lng
c:\programmi\Trellian\Toolbar\lang\lang_fr.lng
c:\programmi\Trellian\Toolbar\lang\lang_nl.lng
c:\programmi\Trellian\Toolbar\lang\lang_pl.lng
c:\programmi\Trellian\Toolbar\lang\lang_se.lng
c:\programmi\Trellian\Toolbar\Loading.htm
c:\programmi\Trellian\Toolbar\Microsoft.VC80.ATl.manifest
c:\programmi\Trellian\Toolbar\missing.ico
c:\programmi\Trellian\Toolbar\unToolbarBrowser\unins000.dat
c:\programmi\Trellian\Toolbar\unToolbarBrowser\unins000.exe
c:\programmi\Winamp Toolbar
c:\programmi\Winamp Toolbar\apopup.dll
c:\programmi\Winamp Toolbar\install.log
c:\programmi\Winamp Toolbar\msvcr71.dll
c:\programmi\Winamp Toolbar\uninstall.exe
c:\programmi\Winamp Toolbar\winamptb.dll
c:\programmi\Winamp Toolbar\winampTbServer.exe
c:\programmi\Winamp Toolbar\winamptbServerPS.dll
c:\programmi\Winamp Toolbar\xprt5.dll
c:\windows\system32\netset.exe

.
((((((((((((((((((((((((( Files Creati Da 2010-02-23 al 2010-03-23 )))))))))))))))))))))))))))))))))))
.

2010-03-21 23:07 . 2010-03-21 23:07 -------- d-----w- c:\programmi\Ask.com
2010-03-20 15:00 . 2010-03-20 15:00 -------- d-----w- c:\programmi\p-nand-q.com
2010-03-20 12:17 . 2010-03-20 12:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Autorun Eater
2010-03-19 23:31 . 2010-03-19 23:31 -------- d-----w- c:\programmi\Your Company Name
2010-03-19 23:31 . 2010-03-19 23:31 -------- d-----w- c:\programmi\eDisplay
2010-03-19 22:16 . 2010-03-19 22:16 -------- d-----w- c:\programmi\Arclab
2010-03-19 13:33 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-17 21:18 . 2010-03-17 21:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FreeRIP
2010-03-15 20:54 . 2010-03-15 20:54 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2010-03-15 20:50 . 2010-03-15 20:50 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Google
2010-03-15 20:49 . 2010-03-15 20:50 -------- d-----w- c:\programmi\Google
2010-03-12 15:11 . 2010-03-12 15:11 -------- d-----w- c:\programmi\Synthesia
2010-03-11 16:53 . 2010-03-11 16:53 540568 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2010-03-10 19:13 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-03-10 19:13 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-03-10 19:13 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-03-10 19:13 . 2010-02-02 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-03-10 19:12 . 2010-03-10 19:16 -------- d-----w- c:\programmi\K-Lite Codec Pack
2010-03-09 22:06 . 2010-03-09 22:06 -------- d-----w- c:\programmi\Lame for Audacity
2010-03-09 19:10 . 2010-03-09 19:10 -------- d-----w- C:\MAGIX
2010-03-09 17:32 . 2010-03-11 13:44 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Audacity
2010-03-09 17:32 . 2010-03-09 17:32 -------- d-----w- c:\programmi\Audacity 1.3 Beta (Unicode)
2010-03-07 22:42 . 2010-03-07 22:42 -------- d-----w- c:\programmi\DIFX
2010-03-07 22:42 . 2010-03-07 22:42 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Phase One
2010-03-03 14:52 . 2010-03-03 14:52 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-03-02 22:38 . 2010-03-02 22:40 -------- d-----w- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\WebPage
2010-03-02 22:36 . 2007-09-07 22:43 512000 ----a-w- c:\windows\system32\Achroma2.dll
2010-03-02 22:22 . 2010-03-02 22:22 -------- d-----w- c:\programmi\HTML TableFactory
2010-03-02 17:29 . 2010-03-02 17:29 -------- d-----w- c:\programmi\MPC HomeCinema
2010-03-02 17:26 . 2010-03-02 17:26 -------- d-----w- c:\programmi\File comuni\Adobe AIR
2010-02-22 19:10 . 2010-02-22 19:10 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Facebook

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-23 13:03 . 2009-04-08 21:10 3924000 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2010-03-23 13:03 . 2009-04-08 21:10 29449760 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-03-23 13:03 . 2009-04-08 21:10 293960 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-03-23 13:03 . 2009-04-08 21:10 107564 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2010-03-23 12:30 . 2009-05-10 19:38 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\uTorrent
2010-03-23 11:34 . 2009-04-16 22:37 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\FileZilla
2010-03-23 08:11 . 2009-04-08 21:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2010-03-20 08:22 . 2009-11-16 15:53 79776 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-03-18 17:52 . 2009-10-19 16:37 -------- d-----w- c:\programmi\File comuni\DVDVideoSoft
2010-03-18 17:48 . 2009-04-08 21:04 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-03-18 17:45 . 2009-05-07 18:59 -------- d-----w- c:\programmi\RipTiger
2010-03-18 17:43 . 2009-12-30 12:50 -------- d-----w- c:\programmi\eBay
2010-03-18 16:48 . 2009-08-28 22:31 -------- d-----w- c:\programmi\PHPNukeIT
2010-03-17 21:15 . 2009-08-08 14:53 -------- d-----w- c:\programmi\FLVPlayer4Free
2010-03-17 17:56 . 2009-08-02 16:09 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-03-16 23:02 . 2009-05-13 14:06 -------- d-----w- c:\programmi\Direct MIDI to MP3 Converter
2010-03-16 23:01 . 2009-04-08 22:21 -------- d-----w- c:\programmi\eMule
2010-03-16 23:00 . 2009-10-01 13:50 -------- d-----w- c:\programmi\e107 Theme Creator Beta
2010-03-16 23:00 . 2009-10-01 13:52 -------- d-----w- c:\programmi\e107 Tool
2010-03-16 23:00 . 2010-01-12 21:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AppSoft
2010-03-11 16:40 . 2009-05-23 16:20 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\muvee Technologies
2010-03-11 08:57 . 2009-05-23 14:58 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\muvee Technologies
2010-03-11 08:56 . 2009-05-23 14:59 -------- d-----w- c:\programmi\File comuni\muvee Technologies
2010-03-11 08:56 . 2009-05-23 14:59 -------- d-----w- c:\programmi\muvee Technologies
2010-03-11 08:11 . 2010-01-11 16:18 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLbx.DAT
2010-03-10 20:57 . 2009-11-19 18:58 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Winamp
2010-03-10 20:56 . 2009-11-19 18:58 -------- d-----w- c:\programmi\Winamp
2010-03-10 19:10 . 2009-04-21 21:25 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\DivX
2010-03-06 20:29 . 2010-01-11 16:34 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLdu.DAT
2010-03-04 07:36 . 2009-07-27 21:49 -------- d-----w- c:\programmi\Microsoft ActiveSync
2010-03-03 14:56 . 2009-10-29 09:27 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-02-27 07:58 . 2009-04-21 21:13 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Any Video Converter
2010-02-25 18:41 . 2009-05-01 14:07 -------- d-----w- c:\programmi\FileZilla FTP Client
2010-02-18 07:37 . 2010-01-21 22:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DVD Shrink
2010-02-16 21:28 . 2009-04-18 13:34 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\U3
2010-02-16 21:23 . 2010-01-05 12:21 -------- d-----w- c:\programmi\CA VMN Anti-Spyware
2010-02-14 18:46 . 2009-04-08 20:45 -------- d-----w- c:\programmi\microsoft frontpage
2010-02-14 15:15 . 2009-04-08 21:27 -------- d-----w- c:\programmi\Notepad++
2010-02-14 15:15 . 2009-04-08 21:27 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Notepad++
2010-02-10 21:49 . 2010-02-10 21:49 -------- d-----w- c:\programmi\STEARsoft
2010-02-10 19:22 . 2009-12-16 19:29 798 ----a-w- c:\windows\unins000.dat
2010-02-10 10:12 . 2009-06-08 21:13 -------- d-----w- c:\programmi\MSECache
2010-02-07 23:02 . 2009-04-28 15:36 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2010-02-06 08:30 . 2010-02-06 08:25 -------- d-----w- c:\programmi\Grammatica32SG
2010-02-06 08:25 . 2009-05-13 14:19 253952 ------w- c:\windows\Setup1.exe
2010-02-06 08:23 . 2010-02-06 08:22 -------- d-----w- c:\programmi\linguavox
2010-02-06 08:22 . 2009-04-21 22:10 74752 ------w- c:\windows\ST6UNST.EXE
2010-02-03 14:47 . 2009-12-01 12:41 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\QuickScan
2010-01-31 12:21 . 2010-01-31 12:10 -------- d-----w- c:\programmi\Esplorando 3 Matematica per le medie inferiori
2010-01-31 12:10 . 2010-01-31 12:10 -------- d-----w- c:\programmi\Finson Live Update
2010-01-26 16:36 . 2010-01-26 16:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Cakewalk
2010-01-26 16:36 . 2010-01-26 16:34 -------- d-----w- c:\programmi\Cakewalk
2010-01-26 16:33 . 2010-01-26 16:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ableton
2010-01-26 16:33 . 2010-01-26 16:33 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Ableton
2010-01-26 15:54 . 2010-01-26 15:54 -------- d-----w- c:\programmi\Ableton
2010-01-25 17:26 . 2010-01-25 17:26 -------- d-----w- c:\programmi\Oversoft
2010-01-24 22:27 . 2009-12-22 12:53 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\ACAMPREF
2010-01-23 19:32 . 2010-01-23 19:30 -------- d-----w- c:\programmi\EMC
2010-01-22 19:49 . 2009-04-24 19:24 -------- d-----w- c:\programmi\CyberLink
2010-01-11 17:04 . 2010-01-11 17:00 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLdw.DAT
2010-01-11 16:25 . 2010-01-11 16:25 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLck.DAT
2010-01-07 15:07 . 2009-08-02 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-08-02 16:09 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 17:33 . 2010-01-06 17:33 295424 ----a-w- c:\windows\system32\bwmedia1.dll
2010-01-06 17:33 . 2010-01-06 17:33 150016 ----a-w- c:\windows\system32\bwmedia.dll
2010-01-05 13:42 . 2001-08-31 12:00 80946 ----a-w- c:\windows\system32\perfc010.dat
2010-01-05 13:42 . 2001-08-31 12:00 481680 ----a-w- c:\windows\system32\perfh010.dat
2010-01-01 14:18 . 2010-01-01 14:18 44544 ------w- c:\windows\AWuninstall.exe
2009-12-31 16:50 . 2008-04-13 10:15 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-23 17:30 . 2010-01-26 15:57 368640 ----a-w- c:\windows\system32\ReWire.dll
2009-12-23 17:30 . 2010-01-26 15:57 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2009-09-23 16:47 . 2009-09-23 16:47 28488 ----a-w- c:\programmi\mozilla firefox\plugins\atgpcdec.dll
2009-09-23 16:47 . 2009-09-23 16:47 185240 ----a-w- c:\programmi\mozilla firefox\plugins\atgpcext.dll
2009-09-23 16:50 . 2009-09-23 16:50 46408 ----a-w- c:\programmi\mozilla firefox\plugins\atmccli.dll
2009-09-23 16:47 . 2009-09-23 16:47 99224 ----a-w- c:\programmi\mozilla firefox\plugins\ieatgpc.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\programmi\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\programmi\mozilla firefox\plugins\ssldivx.dll
.

------- Sigcheck -------

[-] 2008-05-08 . 4ED067D8270174E777286A26FECDB3E8 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-11-18 17:40 1196936 ----a-w- c:\programmi\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2009-11-18 1196936]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeUpdater"="c:\programmi\File comuni\Adobe\Updater5\AdobeUpdater.exe" [2008-09-26 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-20 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-20 138008]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 16126464]
"MaxBlastMonitor.exe"="c:\programmi\Maxtor\MaxBlast\MaxBlastMonitor.exe" [2007-08-30 1190760]
"AcronisTimounterMonitor"="c:\programmi\Maxtor\MaxBlast\TimounterMonitor.exe" [2007-08-30 1966376]
"Acronis Scheduler2 Service"="c:\programmi\File comuni\Maxtor\Schedule2\schedhlp.exe" [2007-08-30 148760]
"CAPON"="c:\windows\system32\Spool\Drivers\w32x86\3\CAPONN.EXE" [2000-04-20 22528]
"AdobeCS4ServiceManager"="c:\programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-02 201992]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

c:\documents and settings\6750\Menu Avvio\Programmi\Esecuzione automatica\
Collegamento a html2pop3.exe (2).lnk - c:\documents and settings\6750\Desktop\html2pop3232win32\html2pop3.exe [2009-4-8 111104]
FastFX Trader.lnk - c:\programmi\FastFX Trader\terminal.exe [2009-5-14 2765520]
ibfx42l.exe.lnk - c:\programmi\Interbank42\terminal.exe [2009-7-10 2765520]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2009-4-25 113664]
Finestra di stato di Canon LBP-800.LNK - c:\windows\system32\spool\drivers\w32x86\3\CAPPSWK.EXE [2009-4-14 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2009-06-30 07:55 2329224 ----a-w- c:\programmi\IObit\Advanced SystemCare 3\AWC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Programmi\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Programmi\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\programmi\Microsoft ActiveSync\rapimgr.exe"= c:\programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programmi\Microsoft ActiveSync\wcescomm.exe"= c:\programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programmi\Microsoft ActiveSync\WCESMgr.exe"= c:\programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\File comuni\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programmi\\Opera\\opera.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [14/04/2009 16.58.59 40464]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17.29.38 33808]
R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [23/05/2009 16.50.46 15172]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [14/06/2008 18.02.12 17408]
R2 MailList Controller;MailList Controller;c:\programmi\Arclab\MailList Controller\amlcSVC.exe [19/03/2010 23.17.00 2214400]
R2 RapidPort;RapidPort;c:\windows\system32\drivers\CAPLPTN.SYS [20/10/2009 20.36.34 23008]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [08/04/2009 22.06.14 39424]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 18.02.46 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/12/2007 12.28.40 24592]
S2 gupdate;Google Update Service (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [15/03/2010 21.49.44 135664]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\programmi\MAGIX\Common\Database\bin\fbserver.exe [22/12/2009 12.17.45 1527900]
S3 JTVNCProxy_10.0;JTVNCProxy;c:\programmi\Freedom Scientific\JAWS\10.0\JTVNCProxy.exe [22/10/2008 23.22.00 17176]
.
Contenuto della cartella 'Scheduled Tasks'

2010-02-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-03-15 20:49]

2010-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-03-15 20:49]

2010-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1580818891-1801674531-1003Core.job
- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-09-17 19:18]

2010-03-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1580818891-1801674531-1003UA.job
- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-09-17 19:18]

2010-03-23 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 14:07]

2010-03-23 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\programmi\Ask.com\UpdateTask.exe [2009-11-18 17:40]

2010-03-23 c:\windows\Tasks\User_Feed_Synchronization-{BEB02B75-5635-4488-9403-B5782412E6A5}.job
- c:\windows\system32\msfeedssync.exe [2001-08-31 03:31]

2010-03-23 c:\windows\Tasks\User_Feed_Synchronization-{F10321DB-C234-4692-8587-F00FC7DCB7DF}.job
- c:\windows\system32\msfeedssync.exe [2001-08-31 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.igoogle.it/
uInternet Connection Wizard,ShellNext = hxxp://www.incredimail.com/app/?tag=page_app_welcome&lang=16&version=5853823&setup_id=16000002&aff_id=1&addon=IncrediMail
IE: &BOM hinzufügen - c:\\PROGRA~1\\BID-O-~1\\\\AddToBOM.hta
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti nel file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Ricerca - c:\programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
IE: Sothink SWF Catcher - c:\programmi\File comuni\SourceTec\SWF Catcher\InternetExplorer.htm
TCP: {6B4864BE-E218-4265-A013-AD9896B69D39} = 151.99.125.1,195.110.128.1
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\6750\Dati applicazioni\Mozilla\Firefox\Profiles\n5stigdk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
FF - prefs.js: browser.search.selectedEngine - Fast Browser Search
FF - prefs.js: browser.startup.homepage - www.igoogle.it
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - component: c:\documents and settings\6750\Dati applicazioni\Mozilla\Firefox\Profiles\n5stigdk.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\programmi\Google\Google Gears\Firefox\lib\ff30\gears.dll
FF - plugin: c:\documents and settings\6750\Dati applicazioni\Facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npatgpc.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\NPMyrMus.dll
FF - plugin: c:\programmi\Musicnotes\GuitarGuru\npmusicn.dll
FF - plugin: c:\programmi\Opera\program\plugins\NPMyrMus.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

FF - user.js: browser.sessionstore.resume_from_crash - false
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

AddRemove-ToolbarBrowser_is1 - c:\programmi\TRELLIAN\Toolbar\unToolbarBrowser\unins000.exe
AddRemove-Winamp Toolbar - c:\programmi\Winamp Toolbar\uninstall.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-23 14:05
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
"0140210900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(992)
c:\windows\system32\klogon.dll
c:\programmi\File comuni\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'lsass.exe'(1412)
c:\windows\system32\relog_ap.dll

- - - - - - - > 'explorer.exe'(1132)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\File comuni\Maxtor\Schedule2\schedul2.exe
c:\programmi\Bonjour\mDNSResponder.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Google\Update\1.2.183.23\GoogleCrashHandler.exe
c:\xampp\mysql\bin\mysqld-nt.exe
c:\windows\system32\CAPRPCSK.EXE
c:\windows\system32\fxssvc.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\programmi\Microsoft ActiveSync\wcescomm.exe
c:\progra~1\MICROS~4\rapimgr.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2010-03-23 14:14:50 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-03-23 13:14
ComboFix2.txt 2010-03-21 22:58
ComboFix3.txt 2010-03-20 12:02

Pre-Run: 74.037.751.808 byte disponibili
Post-Run: 74.036.191.232 byte disponibili

- - End Of File - - 0C5C6DA33DF6CF9211464D6B2920DE61

r16

Inviato: Tuesday, March 23, 2010 2:28:04 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Apri un file di testo sul Desktop (start\esegui\digita: notepad.exe e poi clicca Ok
Ci incolli il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente con il nome CFScript.txt

Code:

Folder::
c:\programmi\Ask.com
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

e trascinalo sull'icona di ComboFix.
Attendi la fine dei lavori, senza toccare tastiera, mouse o altro.
Posta il log aggiornato di combofix.
Se il pc non si riavvia, riavvialo tu.

dc881

Inviato: Tuesday, March 23, 2010 3:05:31 PM

Rank: AiutAmico

Iscritto dal : 8/2/2009
Posts: 53

Il pc non si è riavviato e ha mostrato subito il LOG

ComboFix 10-03-19.07 - 6750 23/03/2010 14.50.16.7.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2038.1439 [GMT 1:00]
Eseguito da: c:\documents and settings\6750\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\6750\Desktop\CFScript.txt
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\6750\Impostazioni locali\Temporary Internet Files\scrollbar.css
c:\programmi\Ask.com
c:\programmi\Ask.com\cobrand.ico
c:\programmi\Ask.com\config.xml
c:\programmi\Ask.com\favicon.ico
c:\programmi\Ask.com\GenericAskToolbar.dll
c:\programmi\Ask.com\mupcfg.xml
c:\programmi\Ask.com\SaUpdate.exe
c:\programmi\Ask.com\UpdateTask.exe

.
((((((((((((((((((((((((( Files Creati Da 2010-02-23 al 2010-03-23 )))))))))))))))))))))))))))))))))))
.

2010-03-23 13:16 . 2010-03-23 13:16 -------- d-----w- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\AskToolbar
2010-03-20 15:00 . 2010-03-20 15:00 -------- d-----w- c:\programmi\p-nand-q.com
2010-03-20 12:17 . 2010-03-20 12:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Autorun Eater
2010-03-19 23:31 . 2010-03-19 23:31 -------- d-----w- c:\programmi\Your Company Name
2010-03-19 23:31 . 2010-03-19 23:31 -------- d-----w- c:\programmi\eDisplay
2010-03-19 22:16 . 2010-03-19 22:16 -------- d-----w- c:\programmi\Arclab
2010-03-19 13:33 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-17 21:18 . 2010-03-17 21:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FreeRIP
2010-03-15 20:54 . 2010-03-15 20:54 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2010-03-15 20:50 . 2010-03-15 20:50 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Google
2010-03-15 20:49 . 2010-03-15 20:50 -------- d-----w- c:\programmi\Google
2010-03-12 15:11 . 2010-03-12 15:11 -------- d-----w- c:\programmi\Synthesia
2010-03-11 16:53 . 2010-03-11 16:53 540568 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2010-03-10 19:13 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-03-10 19:13 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-03-10 19:13 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-03-10 19:13 . 2010-02-02 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-03-10 19:12 . 2010-03-10 19:16 -------- d-----w- c:\programmi\K-Lite Codec Pack
2010-03-09 22:06 . 2010-03-09 22:06 -------- d-----w- c:\programmi\Lame for Audacity
2010-03-09 19:10 . 2010-03-09 19:10 -------- d-----w- C:\MAGIX
2010-03-09 17:32 . 2010-03-11 13:44 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Audacity
2010-03-09 17:32 . 2010-03-09 17:32 -------- d-----w- c:\programmi\Audacity 1.3 Beta (Unicode)
2010-03-07 22:42 . 2010-03-07 22:42 -------- d-----w- c:\programmi\DIFX
2010-03-07 22:42 . 2010-03-07 22:42 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Phase One
2010-03-03 14:56 . 2010-03-03 14:56 598368 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\EmailScanner.dll
2010-03-03 14:55 . 2010-03-03 14:55 17480 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\EmailScannerBridge.dll
2010-03-03 14:52 . 2010-03-03 14:52 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-03-03 14:52 . 2010-02-04 15:53 2954656 -c--a-w- c:\documents and settings\All Users\Dati applicazioni\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
2010-03-02 22:38 . 2010-03-02 22:40 -------- d-----w- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\WebPage
2010-03-02 22:36 . 2007-09-07 22:43 512000 ----a-w- c:\windows\system32\Achroma2.dll
2010-03-02 22:22 . 2010-03-02 22:22 -------- d-----w- c:\programmi\HTML TableFactory
2010-03-02 17:29 . 2010-03-02 17:29 -------- d-----w- c:\programmi\MPC HomeCinema
2010-03-02 17:26 . 2010-03-02 17:26 38784 ----a-w- c:\documents and settings\Default User\Dati applicazioni\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-03-02 17:26 . 2010-03-02 17:26 -------- d-----w- c:\programmi\File comuni\Adobe AIR
2010-03-02 17:24 . 2010-03-02 17:26 38784 ----a-w- c:\documents and settings\6750\Dati applicazioni\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-22 19:10 . 2010-02-22 19:10 50354 ----a-w- c:\documents and settings\6750\Dati applicazioni\Facebook\uninstall.exe
2010-02-22 19:10 . 2010-02-22 19:10 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Facebook

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-23 13:40 . 2009-04-16 22:37 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\FileZilla
2010-03-23 13:15 . 2009-04-08 21:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2010-03-23 13:03 . 2009-04-08 21:10 3924000 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2010-03-23 13:03 . 2009-04-08 21:10 29449760 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-03-23 13:03 . 2009-04-08 21:10 293960 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-03-23 13:03 . 2009-04-08 21:10 107564 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2010-03-23 12:30 . 2009-05-10 19:38 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\uTorrent
2010-03-22 18:14 . 2009-11-27 11:43 1 ----a-w- c:\documents and settings\6750\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-03-20 08:22 . 2009-11-16 15:53 79776 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-03-18 17:52 . 2009-10-19 16:37 -------- d-----w- c:\programmi\File comuni\DVDVideoSoft
2010-03-18 17:48 . 2009-04-08 21:04 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-03-18 17:45 . 2009-05-07 18:59 -------- d-----w- c:\programmi\RipTiger
2010-03-18 17:43 . 2009-12-30 12:50 -------- d-----w- c:\programmi\eBay
2010-03-18 16:48 . 2009-08-28 22:31 -------- d-----w- c:\programmi\PHPNukeIT
2010-03-17 21:15 . 2009-08-08 14:53 -------- d-----w- c:\programmi\FLVPlayer4Free
2010-03-17 17:56 . 2009-08-02 16:09 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-03-16 23:02 . 2009-05-13 14:06 -------- d-----w- c:\programmi\Direct MIDI to MP3 Converter
2010-03-16 23:01 . 2009-04-08 22:21 -------- d-----w- c:\programmi\eMule
2010-03-16 23:00 . 2009-10-01 13:50 -------- d-----w- c:\programmi\e107 Theme Creator Beta
2010-03-16 23:00 . 2009-10-01 13:52 -------- d-----w- c:\programmi\e107 Tool
2010-03-16 23:00 . 2010-01-12 21:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AppSoft
2010-03-11 16:40 . 2009-05-23 16:20 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\muvee Technologies
2010-03-11 08:57 . 2009-05-23 14:58 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\muvee Technologies
2010-03-11 08:56 . 2009-05-23 14:59 -------- d-----w- c:\programmi\File comuni\muvee Technologies
2010-03-11 08:56 . 2009-05-23 14:59 -------- d-----w- c:\programmi\muvee Technologies
2010-03-11 08:11 . 2010-01-11 16:18 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLbx.DAT
2010-03-10 20:57 . 2009-11-19 18:58 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Winamp
2010-03-10 20:56 . 2009-11-19 18:58 -------- d-----w- c:\programmi\Winamp
2010-03-10 19:10 . 2009-04-21 21:25 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\DivX
2010-03-06 20:29 . 2010-01-11 16:34 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLdu.DAT
2010-03-04 07:36 . 2009-07-27 21:49 -------- d-----w- c:\programmi\Microsoft ActiveSync
2010-03-03 14:56 . 2009-10-29 09:27 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-03-03 14:56 . 2009-10-29 09:27 95024 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Drivers\SBREDrv.sys
2010-03-03 14:56 . 2009-10-29 09:27 566608 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\sbap.dll
2010-03-03 14:56 . 2009-06-08 13:59 15880 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\lsdelete.exe
2010-03-03 14:56 . 2009-10-29 09:27 1230160 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\SBTE.dll
2010-03-03 14:56 . 2009-10-29 09:27 247120 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\SBRE.dll
2010-03-03 14:56 . 2009-07-27 14:35 6330848 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Resources.dll
2010-03-01 09:27 . 2009-09-21 13:49 3803208 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2010-02-27 07:58 . 2009-04-21 21:13 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Any Video Converter
2010-02-25 18:41 . 2009-05-01 14:07 -------- d-----w- c:\programmi\FileZilla FTP Client
2010-02-18 07:37 . 2010-01-21 22:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DVD Shrink
2010-02-16 21:28 . 2009-04-18 13:34 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\U3
2010-02-16 21:23 . 2010-01-05 12:21 -------- d-----w- c:\programmi\CA VMN Anti-Spyware
2010-02-14 18:46 . 2009-04-08 20:45 -------- d-----w- c:\programmi\microsoft frontpage
2010-02-14 15:15 . 2009-04-08 21:27 -------- d-----w- c:\programmi\Notepad++
2010-02-14 15:15 . 2009-04-08 21:27 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Notepad++
2010-02-10 21:49 . 2010-02-10 21:49 -------- d-----w- c:\programmi\STEARsoft
2010-02-10 19:22 . 2009-12-16 19:29 798 ----a-w- c:\windows\unins000.dat
2010-02-10 10:12 . 2009-06-08 21:13 -------- d-----w- c:\programmi\MSECache
2010-02-07 23:02 . 2009-04-28 15:36 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2010-02-06 08:30 . 2010-02-06 08:25 -------- d-----w- c:\programmi\Grammatica32SG
2010-02-06 08:25 . 2009-05-13 14:19 253952 ------w- c:\windows\Setup1.exe
2010-02-06 08:23 . 2010-02-06 08:22 -------- d-----w- c:\programmi\linguavox
2010-02-06 08:22 . 2009-04-21 22:10 74752 ------w- c:\windows\ST6UNST.EXE
2010-02-03 14:47 . 2009-12-01 12:41 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\QuickScan
2010-02-01 22:04 . 2010-02-01 22:04 847040 ----a-w- c:\documents and settings\6750\Dati applicazioni\Facebook\axfbootloader.dll
2010-02-01 22:04 . 2010-02-01 22:04 5578752 ----a-w- c:\documents and settings\6750\Dati applicazioni\Facebook\npfbplugin_1_0_1.dll
2010-01-31 12:21 . 2010-01-31 12:10 -------- d-----w- c:\programmi\Esplorando 3 Matematica per le medie inferiori
2010-01-31 12:10 . 2010-01-31 12:10 -------- d-----w- c:\programmi\Finson Live Update
2010-01-27 09:27 . 2009-07-27 14:35 8 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\Update\Savapibridge.dll
2010-01-26 16:36 . 2010-01-26 16:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Cakewalk
2010-01-26 16:36 . 2010-01-26 16:34 -------- d-----w- c:\programmi\Cakewalk
2010-01-26 16:33 . 2010-01-26 16:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ableton
2010-01-26 16:33 . 2010-01-26 16:33 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\Ableton
2010-01-26 15:54 . 2010-01-26 15:54 -------- d-----w- c:\programmi\Ableton
2010-01-25 17:26 . 2010-01-25 17:26 -------- d-----w- c:\programmi\Oversoft
2010-01-24 22:27 . 2009-12-22 12:53 -------- d-----w- c:\documents and settings\6750\Dati applicazioni\ACAMPREF
2010-01-23 19:32 . 2010-01-23 19:30 -------- d-----w- c:\programmi\EMC
2010-01-22 19:49 . 2009-04-24 19:24 -------- d-----w- c:\programmi\CyberLink
2010-01-22 18:11 . 2010-01-22 18:11 62800 ----a-w- c:\documents and settings\6750\Dati applicazioni\Mozilla\Firefox\Profiles\n5stigdk.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
2010-01-15 12:49 . 2010-01-15 12:49 1924744 ----a-w- c:\documents and settings\6750\Dati applicazioni\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
2010-01-11 17:04 . 2010-01-11 17:00 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLdw.DAT
2010-01-11 17:01 . 2010-01-11 16:22 49152 ----a-r- c:\documents and settings\6750\Dati applicazioni\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe
2010-01-11 16:35 . 2010-01-11 16:35 335872 ----a-r- c:\documents and settings\6750\Dati applicazioni\Microsoft\Installer\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}\ARPPRODUCTICON.exe
2010-01-11 16:25 . 2010-01-11 16:25 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLck.DAT
2010-01-11 16:21 . 2010-01-11 16:21 57344 ----a-r- c:\documents and settings\6750\Dati applicazioni\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2010-01-07 15:07 . 2009-08-02 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-08-02 16:09 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 17:33 . 2010-01-06 17:33 295424 ----a-w- c:\windows\system32\bwmedia1.dll
2010-01-06 17:33 . 2010-01-06 17:33 150016 ----a-w- c:\windows\system32\bwmedia.dll
2010-01-05 13:42 . 2001-08-31 12:00 80946 ----a-w- c:\windows\system32\perfc010.dat
2010-01-05 13:42 . 2001-08-31 12:00 481680 ----a-w- c:\windows\system32\perfh010.dat
2010-01-01 14:18 . 2010-01-01 14:18 44544 ------w- c:\windows\AWuninstall.exe
2009-12-31 16:50 . 2008-04-13 10:15 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-23 17:30 . 2010-01-26 15:57 368640 ----a-w- c:\windows\system32\ReWire.dll
2009-12-23 17:30 . 2010-01-26 15:57 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2009-09-23 16:47 . 2009-09-23 16:47 28488 ----a-w- c:\programmi\mozilla firefox\plugins\atgpcdec.dll
2009-09-23 16:47 . 2009-09-23 16:47 185240 ----a-w- c:\programmi\mozilla firefox\plugins\atgpcext.dll
2009-09-23 16:50 . 2009-09-23 16:50 46408 ----a-w- c:\programmi\mozilla firefox\plugins\atmccli.dll
2009-09-23 16:47 . 2009-09-23 16:47 99224 ----a-w- c:\programmi\mozilla firefox\plugins\ieatgpc.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\programmi\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\programmi\mozilla firefox\plugins\ssldivx.dll
.

------- Sigcheck -------

[-] 2008-05-08 . 4ED067D8270174E777286A26FECDB3E8 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeUpdater"="c:\programmi\File comuni\Adobe\Updater5\AdobeUpdater.exe" [2008-09-26 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-20 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-20 138008]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 16126464]
"MaxBlastMonitor.exe"="c:\programmi\Maxtor\MaxBlast\MaxBlastMonitor.exe" [2007-08-30 1190760]
"AcronisTimounterMonitor"="c:\programmi\Maxtor\MaxBlast\TimounterMonitor.exe" [2007-08-30 1966376]
"Acronis Scheduler2 Service"="c:\programmi\File comuni\Maxtor\Schedule2\schedhlp.exe" [2007-08-30 148760]
"CAPON"="c:\windows\system32\Spool\Drivers\w32x86\3\CAPONN.EXE" [2000-04-20 22528]
"AdobeCS4ServiceManager"="c:\programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-02 201992]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

c:\documents and settings\6750\Menu Avvio\Programmi\Esecuzione automatica\
Collegamento a html2pop3.exe (2).lnk - c:\documents and settings\6750\Desktop\html2pop3232win32\html2pop3.exe [2009-4-8 111104]
FastFX Trader.lnk - c:\programmi\FastFX Trader\terminal.exe [2009-5-14 2765520]
ibfx42l.exe.lnk - c:\programmi\Interbank42\terminal.exe [2009-7-10 2765520]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2009-4-25 113664]
Finestra di stato di Canon LBP-800.LNK - c:\windows\system32\spool\drivers\w32x86\3\CAPPSWK.EXE [2009-4-14 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2009-06-30 07:55 2329224 ----a-w- c:\programmi\IObit\Advanced SystemCare 3\AWC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Programmi\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Programmi\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\programmi\Microsoft ActiveSync\rapimgr.exe"= c:\programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programmi\Microsoft ActiveSync\wcescomm.exe"= c:\programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programmi\Microsoft ActiveSync\WCESMgr.exe"= c:\programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\File comuni\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programmi\\Opera\\opera.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [14/04/2009 16.58.59 40464]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17.29.38 33808]
R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [23/05/2009 16.50.46 15172]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [14/06/2008 18.02.12 17408]
R2 MailList Controller;MailList Controller;c:\programmi\Arclab\MailList Controller\amlcSVC.exe [19/03/2010 23.17.00 2214400]
R2 RapidPort;RapidPort;c:\windows\system32\drivers\CAPLPTN.SYS [20/10/2009 20.36.34 23008]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [08/04/2009 22.06.14 39424]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 18.02.46 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/12/2007 12.28.40 24592]
S2 gupdate;Google Update Service (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [15/03/2010 21.49.44 135664]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\programmi\MAGIX\Common\Database\bin\fbserver.exe [22/12/2009 12.17.45 1527900]
S3 JTVNCProxy_10.0;JTVNCProxy;c:\programmi\Freedom Scientific\JAWS\10.0\JTVNCProxy.exe [22/10/2008 23.22.00 17176]
.
Contenuto della cartella 'Scheduled Tasks'

2010-02-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-03-15 20:49]

2010-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-03-15 20:49]

2010-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1580818891-1801674531-1003Core.job
- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-09-17 19:18]

2010-03-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1580818891-1801674531-1003UA.job
- c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-09-17 19:18]

2010-03-23 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 14:07]

2010-03-23 c:\windows\Tasks\User_Feed_Synchronization-{BEB02B75-5635-4488-9403-B5782412E6A5}.job
- c:\windows\system32\msfeedssync.exe [2001-08-31 03:31]

2010-03-23 c:\windows\Tasks\User_Feed_Synchronization-{F10321DB-C234-4692-8587-F00FC7DCB7DF}.job
- c:\windows\system32\msfeedssync.exe [2001-08-31 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.igoogle.it/
uInternet Connection Wizard,ShellNext = hxxp://www.incredimail.com/app/?tag=page_app_welcome&lang=16&version=5853823&setup_id=16000002&aff_id=1&addon=IncrediMail
IE: &BOM hinzufügen - c:\\PROGRA~1\\BID-O-~1\\\\AddToBOM.hta
IE: Aggiungi al banner Blocco pubblicità - c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti nel file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Ricerca - c:\programmi\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
IE: Sothink SWF Catcher - c:\programmi\File comuni\SourceTec\SWF Catcher\InternetExplorer.htm
TCP: {6B4864BE-E218-4265-A013-AD9896B69D39} = 151.99.125.1,195.110.128.1
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\6750\Dati applicazioni\Mozilla\Firefox\Profiles\n5stigdk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
FF - prefs.js: browser.search.selectedEngine - Fast Browser Search
FF - prefs.js: browser.startup.homepage - www.igoogle.it
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - component: c:\documents and settings\6750\Dati applicazioni\Mozilla\Firefox\Profiles\n5stigdk.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\programmi\Google\Google Gears\Firefox\lib\ff30\gears.dll
FF - plugin: c:\documents and settings\6750\Dati applicazioni\Facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npatgpc.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\NPMyrMus.dll
FF - plugin: c:\programmi\Musicnotes\GuitarGuru\npmusicn.dll
FF - plugin: c:\programmi\Opera\program\plugins\NPMyrMus.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

FF - user.js: browser.sessionstore.resume_from_crash - false
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-23 14:59
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
"0140210900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(992)
c:\windows\system32\klogon.dll
c:\programmi\File comuni\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'lsass.exe'(1412)
c:\windows\system32\relog_ap.dll
.
Ora fine scansione: 2010-03-23 15:01:50
ComboFix-quarantined-files.txt 2010-03-23 14:01
ComboFix2.txt 2010-03-23 13:14
ComboFix3.txt 2010-03-21 22:58
ComboFix4.txt 2010-03-20 12:02

Pre-Run: 74.026.606.592 byte disponibili
Post-Run: 74.002.726.912 byte disponibili

- - End Of File - - 0DE126022718F316389C529F1D82A2EF

r16

Inviato: Tuesday, March 23, 2010 3:13:29 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Elimina a mano anche questa:
c:\documents and settings\6750\Impostazioni locali\Dati applicazioni\AskToolbar
Per eliminarla devi "visualizzare i file, e le cartelle nascoste".
(Pannello di controllo-> Opzioni Cartella-> Visualizzazione)
1) Metti la spunta su: Visualizza file e cartelle nascoste
2) Togli la spunta: nascondi file protetti di sistema (consigliato)

E' stato fatto tutto per niente?

dc881

Inviato: Tuesday, March 23, 2010 3:38:46 PM

Rank: AiutAmico

Iscritto dal : 8/2/2009
Posts: 53

Fatto. Al momento sembra andare tutto bene, ma come per le precedenti operazioni devo attendere almeno un'ora per vedere se cambia qualche cosa.
Per ora ti ringrazio, ci risentiamo tra un po'
Dante

Utenti presenti in questo topic

5 pages: 1 2 [3] 4 5

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Ho tolto tutti i virus???

Salta al Forum

Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS :

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.

Invia topic via Email

RSS Feed

Watch this topic

Stampa topic

Normale

Threaded