Grazie per il tuo intervento, i 47 01 sono spariti tutti, ti posto il file che e' emerso dopo la scansione Combofix, attendo le tue considerazioni, grazie ancora,a presto.

ComboFix 11-02-18.04 - Administrator 19/02/2011 12.12.12.1.4 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.3326.2648 [GMT 1:00]
Eseguito da: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Dati applicazioni\OfferBox
c:\documents and settings\Administrator\Dati applicazioni\OfferBox\config.dat
c:\documents and settings\Administrator\Dati applicazioni\OfferBox\config.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\1.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\a.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\b.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\c.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\d.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\e.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\f.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\g.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\h.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\i.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\J.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\k.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\l.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\m.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\mru.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\n.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\o.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\p.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\q.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\r.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\s.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\t.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\u.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\v.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\w.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\x.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\y.xml
c:\documents and settings\Administrator\Dati applicazioni\PriceGong\Data\z.xml
c:\documents and settings\Administrator\Dati applicazioni\searchqutb
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\dtx.ini
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\games\00d2dfc64c07a4f32824abac1d6f735b
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\games\3e4265e00cbc4a9cf22a105046a46d8a
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\games\44a5d79f5451d3036ba3986425e234c8
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\games\GameCategories.xml
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\games\GameTypes.xml
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\guid.dat
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\preferences.dat
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\stats.dat
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\uninstallIE.dat
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\weather\5d4d07ac3c34e1fbe8d457d43e658652
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\weather\e2708969e32e9f3addf8b7b3a32e807f
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\weather\forecasts_cache.xml
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\weather\observations_cache.xml
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\weatherbutton_prefs.xml
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\widgets_cache\84b70525cff6359fdeca553342c23e4c
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\widgets_cache\bf5b6317ae07da699882fc948f22eda4
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\widgets_cache\category_cache.xml
c:\documents and settings\Administrator\Dati applicazioni\searchqutb\widgets_cache\widget_cache.xml
c:\documents and settings\Administrator\Dati applicazioni\ShopperReports3
c:\documents and settings\Administrator\Dati applicazioni\ShopperReports3\Firefox\cs\Config.xml
c:\documents and settings\Administrator\Dati applicazioni\ShopperReports3\Firefox\cs\db\Aliases.dbs
c:\documents and settings\Administrator\Dati applicazioni\ShopperReports3\Firefox\cs\db\Sites.dbs
c:\documents and settings\Administrator\Dati applicazioni\ShopperReports3\Firefox\cs\dwld\WhiteList.xip
c:\documents and settings\Administrator\Dati applicazioni\ShopperReports3\Firefox\cs\report\aggr_storage.xml
c:\documents and settings\Administrator\Dati applicazioni\ShopperReports3\Firefox\cs\report\send_storage.xml
c:\documents and settings\Administrator\Dati applicazioni\ShopperReports3\Firefox\cs\res1\WhiteList.dbs
c:\documents and settings\Administrator\Recent\CLSV.tmp
c:\documents and settings\Administrator\Recent\energy.tmp
c:\documents and settings\Administrator\Recent\FW.tmp
c:\documents and settings\All Users\Menu Avvio\Programmi\OfferBox Browser.lnk
c:\documents and settings\All Users\Menu Avvio\Programmi\ShopperReports
c:\documents and settings\All Users\Menu Avvio\Programmi\ShopperReports\About Us.lnk
c:\documents and settings\All Users\Menu Avvio\Programmi\ShopperReports\Customer Support.lnk
c:\documents and settings\All Users\Menu Avvio\Programmi\ShopperReports\ShopperReports Uninstall Instructions.lnk
c:\programmi\facemoods.com
c:\programmi\facemoods.com\facemoods\1.4.17.3\facemoods.crx
c:\programmi\facemoods.com\facemoods\1.4.17.3\facemoods.png
c:\programmi\facemoods.com\facemoods\1.4.17.3\facemoodsApp.dll
c:\programmi\facemoods.com\facemoods\1.4.17.3\facemoodsEng.dll
c:\programmi\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe
c:\programmi\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll
c:\programmi\facemoods.com\facemoods\1.4.17.3\uninstall.exe
c:\programmi\Internet Explorer\Plugin\npqtplugin2.dll
c:\programmi\Internet Explorer\Plugin\npqtplugin3.dll
c:\programmi\Internet Explorer\Plugin\npqtplugin4.dll
c:\programmi\Internet Explorer\Plugin\npqtplugin5.dll
c:\programmi\Internet Explorer\Plugin\npqtplugin6.dll
c:\programmi\Internet Explorer\Plugin\npqtplugin7.dll
c:\programmi\Mozilla Firefox\Plugins\npqtplugin2.dll
c:\programmi\Mozilla Firefox\plugins\npqtplugin3.dll
c:\programmi\Mozilla Firefox\Plugins\npqtplugin4.dll
c:\programmi\Mozilla Firefox\Plugins\npqtplugin5.dll
c:\programmi\Mozilla Firefox\plugins\npqtplugin6.dll
c:\programmi\Mozilla Firefox\plugins\npqtplugin7.dll
c:\programmi\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
c:\programmi\OfferBox
c:\programmi\OfferBox\OfferBox.exe
c:\programmi\OfferBox\OfferBoxBHO.dll
c:\programmi\OfferBox\OfferBoxChromeExtension.crx
c:\programmi\OfferBox\OfferBoxEngine.dll
c:\programmi\OfferBox\offerboxffx@offerbox.com\chrome.manifest
c:\programmi\OfferBox\offerboxffx@offerbox.com\chrome\content\events.js
c:\programmi\OfferBox\offerboxffx@offerbox.com\chrome\content\overlay.xul
c:\programmi\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.dll
c:\programmi\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.xpt
c:\programmi\OfferBox\offerboxffx@offerbox.com\install.rdf
c:\programmi\OfferBox\OfferBoxLauncher.exe
c:\programmi\OfferBox\res\language.xml
c:\programmi\OfferBox\res\loader.gif
c:\programmi\OfferBox\uninst.exe
c:\programmi\Opera\program\plugins\npqtplugin2.dll
c:\programmi\Opera\program\plugins\npqtplugin3.dll
c:\programmi\Opera\program\plugins\npqtplugin4.dll
c:\programmi\Opera\program\plugins\npqtplugin5.dll
c:\programmi\Opera\program\plugins\npqtplugin6.dll
c:\programmi\Opera\program\plugins\npqtplugin7.dll
c:\programmi\QuickTime\Plugins\npqtplugin2.dll
c:\programmi\QuickTime\Plugins\npqtplugin3.dll
c:\programmi\QuickTime\Plugins\npqtplugin4.dll
c:\programmi\QuickTime\Plugins\npqtplugin5.dll
c:\programmi\QuickTime\Plugins\npqtplugin6.dll
c:\programmi\QuickTime\Plugins\npqtplugin7.dll
c:\programmi\SeaMonkey\plugins\npqtplugin2.dll
c:\programmi\SeaMonkey\plugins\npqtplugin3.dll
c:\programmi\SeaMonkey\plugins\npqtplugin4.dll
c:\programmi\SeaMonkey\plugins\npqtplugin5.dll
c:\programmi\SeaMonkey\plugins\npqtplugin6.dll
c:\programmi\SeaMonkey\plugins\npqtplugin7.dll
c:\programmi\ShopperReports3
c:\programmi\ShopperReports3\bin\3.0.517.0\BRNstIE.dll
c:\programmi\ShopperReports3\bin\3.0.517.0\CmndFF.dll
c:\programmi\ShopperReports3\bin\3.0.517.0\CntntCntr.dll
c:\programmi\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome.manifest
c:\programmi\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar
c:\programmi\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll
c:\programmi\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt
c:\programmi\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\install.rdf
c:\programmi\ShopperReports3\bin\3.0.517.0\link.ico
c:\programmi\ShopperReports3\bin\3.0.517.0\moZIllaps.dll
c:\programmi\ShopperReports3\bin\3.0.517.0\Pltfrm.dll
c:\programmi\ShopperReports3\bin\3.0.517.0\ShopperReportsUninstaller.exe
c:\programmi\Windows Searchqu Toolbar
c:\programmi\Windows Searchqu Toolbar\Datamngr\datamngr.dll
c:\programmi\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\.#searchqutb.js.1.3
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search\engines.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search\search.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\about.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxwin.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\external.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\neterror.xhtml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\wmpstreamer.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\modules\datastore.jsm
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\preferences.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\searchqutb.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.htm
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217.zip
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\bluelite.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\bluesky.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-search-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-settings-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-settings.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-widgets-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-widgets.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn_settings.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-back-ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-back-ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\ca.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\dictionary.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\divider.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\downloadcom.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\email.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\email_on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\games.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\graphred0.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\graphred0_5.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\grey.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\headsup.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\ico-shield.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\images.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\add.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\aol.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-right.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-up.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\blank.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnback-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnright-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\checkmark.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\chevron.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\collapse.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\comcast.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\dtx.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\edit-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\expand.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\found.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\gmail.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_blue.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_lime.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\hotmail.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\imap.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\loadingMid.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\lock.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\mailcom.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\move.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\movetarget.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\footer.htm
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gameData.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\pop.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\track.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\remove.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rename.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\resize-box.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rss.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rsschannelback.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\RSSLogo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\scroll-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\scroll-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\search-go.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\throbber.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\template.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\template.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\weather.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\yahoo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lichen.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\logo-about.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\logo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\maps.bmp
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\menuseparatorback.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\modify-save.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\modify.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\modifyhot.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\music.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\news.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-main.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-weather.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-widgets.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\orange.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\pixsy.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\relatedlinks.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-collapse.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-delete.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-expand.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-feed.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder-remove.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder-rename.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-found.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-reload.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-subscribe.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rssback.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rsstopback.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\search-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchqutb.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\settings.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\shopping.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\siteinfo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-bluelite.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-bluesky.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-lichen.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-orange.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-yellow.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\technorati.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\throbber.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\toolbarsplitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\video.bmp
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\weather.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\web.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_allocine.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_bliptv.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_calcal.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_calculator.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_gservices.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_sudoku.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_todo.jpg
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_todo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_trio.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_uconverter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widgets-square-16px.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widgets.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\wikipedia.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\yahoosearch.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\yellow.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\youtube.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\zoom.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\components\windowmediator.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\manifest.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
c:\programmi\Windows Searchqu Toolbar\ToolBar\SearchquTb.dll
c:\programmi\Windows Searchqu Toolbar\ToolBar\uninstall.exe
c:\programmi\Windows Searchqu Toolbar\uninstall.exe
c:\windows\system32\mp3codec32win.dll
c:\windows\system32\twunk_32.exe

.
((((((((((((((((((((((((( Files Creati Da 2011-01-19 al 2011-02-19 )))))))))))))))))))))))))))))))))))
.

2011-02-19 11:16 . 2011-02-19 11:16 -------- d-----w- c:\windows\system32\xircom
2011-02-19 11:16 . 2011-02-19 11:16 -------- d-----w- c:\windows\system32\wbem\snmp
2011-02-19 11:16 . 2011-02-19 11:16 -------- d-----w- c:\programmi\microsoft frontpage
2011-02-19 11:05 . 2011-02-19 11:15 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\BitComet
2011-02-17 15:31 . 2011-02-17 15:31 388096 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-02-17 13:54 . 2011-02-17 13:54 -------- d-----w- c:\windows\system32\wbem\Repository
2011-02-13 16:46 . 2011-02-13 16:47 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Apple Computer
2011-02-09 18:03 . 2011-02-09 18:03 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Corel
2011-02-09 17:59 . 2011-02-09 17:59 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\COWON
2011-02-09 17:42 . 2011-02-09 17:42 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\FLEXnet
2011-02-08 21:56 . 2011-02-08 21:56 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Bandoo
2011-02-08 17:46 . 2011-02-19 11:05 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\bearsharemediabartb
2011-02-06 14:04 . 2011-02-07 12:02 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\U3
2011-02-02 12:16 . 2011-02-03 14:17 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2011-02-02 12:16 . 2011-02-02 12:16 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2011-02-01 13:51 . 2011-02-01 14:17 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\BearShare
2011-02-01 12:26 . 2011-02-01 14:20 -------- d-----w- c:\programmi\BearShare Applications
2011-01-30 18:25 . 2011-01-30 18:25 -------- d-----w- c:\windows\Ulead.dat
2011-01-30 18:08 . 2006-03-29 06:50 233472 ----a-w- c:\windows\system32\DiskIO.dll
2011-01-30 18:08 . 2006-03-29 06:45 184320 ----a-w- c:\windows\system32\RALmain.dll
2011-01-30 18:08 . 2005-12-12 14:57 32768 ----a-w- c:\windows\system32\MLPagAx.dll
2011-01-30 18:08 . 2003-11-25 13:02 138752 ----a-w- c:\windows\system32\mase32.dll
2011-01-30 18:08 . 2003-11-25 13:02 57856 ----a-w- c:\windows\system32\masd32.dll
2011-01-30 18:08 . 2003-11-25 13:02 27648 ----a-w- c:\windows\system32\ma32.dll
2011-01-30 18:08 . 2003-11-25 13:02 196096 ----a-w- c:\windows\system32\macd32.dll
2011-01-30 18:08 . 2003-11-25 13:02 136192 ----a-w- c:\windows\system32\mamc32.dll
2011-01-30 18:08 . 2003-03-15 23:15 90112 ----a-w- c:\windows\unvise32.exe
2011-01-30 18:05 . 2011-01-30 18:05 -------- d-----w- c:\windows\system32\Quicktime
2011-01-30 18:00 . 2011-01-30 18:07 -------- d-----w- c:\programmi\Avid
2011-01-30 17:59 . 2011-01-30 18:09 -------- d-----w- c:\windows\Downloaded Installations
2011-01-29 16:16 . 2011-02-12 16:59 -------- d-----w- c:\documents and settings\Administrator\MusicFrost
2011-01-29 16:15 . 2011-01-30 11:53 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\MusicFrost
2011-01-29 16:14 . 2011-01-29 16:15 -------- d-----w- c:\programmi\MusicFrost
2011-01-26 17:59 . 2011-01-26 17:59 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\NVIDIA
2011-01-24 18:11 . 2011-01-24 18:11 -------- d-----w- c:\programmi\Electronic Arts
2011-01-24 18:10 . 1998-05-01 12:39 299008 ----a-w- c:\windows\uninst.exe
2011-01-24 18:10 . 2011-01-24 18:10 -------- d-----w- c:\documents and settings\Administrator\WINDOWS
2011-01-22 14:30 . 2004-08-19 14:39 159232 ----a-w- c:\windows\system32\ptpusd.dll
2011-01-22 14:30 . 2001-08-30 22:07 5632 ----a-w- c:\windows\system32\ptpusb.dll
2011-01-22 11:31 . 2011-01-22 14:30 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Uniblue
2011-01-22 11:29 . 2011-02-03 17:27 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\vlc
2011-01-21 16:14 . 2011-01-21 16:14 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Ares
2011-01-21 16:14 . 2011-01-21 16:14 -------- d-----w- c:\programmi\Ares

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-10 17:19 . 2010-11-17 17:31 5018 --sha-w- c:\documents and settings\All Users\Dati applicazioni\KGyGaAvL.sys
2011-01-13 08:47 . 2010-11-15 10:16 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-11-15 10:16 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-11-15 10:16 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-11-15 10:16 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-11-15 10:16 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-11-15 10:16 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-11-15 10:16 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-11-15 10:16 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-12 21:39 . 2011-01-12 21:39 49152 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe
2011-01-12 21:38 . 2011-01-12 21:38 335872 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}\ARPPRODUCTICON.exe
2011-01-12 21:37 . 2011-01-12 21:37 57344 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2011-01-12 21:34 . 2003-03-19 11:05 106496 ----a-w- c:\windows\system32\ATL71.DLL
2010-12-31 20:06 . 2010-11-15 10:16 38848 ----a-w- c:\windows\avastSS.scr
2010-12-19 10:02 . 2010-11-17 16:18 361288 ------w- c:\windows\system32\TuneUpDefragService.exe
2010-12-18 09:46 . 2010-12-11 10:03 312154 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\mdbu.bin
2010-12-15 15:23 . 2010-12-15 15:23 9216 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{7426428E-71D4-452C-BA13-B14E5EB52859}\Icon7426428E16.exe
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ------w- c:\windows\system32\GPhotos.scr
.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\073a8e9684d59d4923c2eb2e44aa36af\atapi.sys
[-] 2004-08-03 21:59 . !HASH: COULD NOT OPEN FILE !!!!! . 95360 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys

[-] 2008-04-14 . 4314623FD836E96A51343CE5C74B48A8 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\073a8e9684d59d4923c2eb2e44aa36af\browser.dll
[-] 2007-01-03 . 39128B5A743545BAEDD3984C210F00A8 . 77824 . . [5.1.2600.2586] . . c:\windows\system32\browser.dll

[-] 2008-04-14 . B6FCBB157E9C8ABDCA4134C535535A8B . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\073a8e9684d59d4923c2eb2e44aa36af\cryptsvc.dll
[-] 2007-01-03 . 87F3E2D2A3231F820F9248DB90090F42 . 62464 . . [5.1.2600.2845] . . c:\windows\system32\cryptsvc.dll

[-] 2008-04-14 . 99B69A5697F622A192B2C1E0D55B48AB . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\073a8e9684d59d4923c2eb2e44aa36af\linkinfo.dll
[-] 2007-01-03 . 212DEC5056523F8727C7B4E7E86782D5 . 19968 . . [5.1.2600.2839] . . c:\windows\system32\linkinfo.dll

[-] 2008-04-14 . FE5A5329CCFC33D645C33077FF04F052 . 296960 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\073a8e9684d59d4923c2eb2e44aa36af\termsrv.dll
[-] 2007-01-03 . F959D929A6A22D78E3A6851A9361CE18 . 296960 . . [5.1.2600.2627] . . c:\windows\system32\termsrv.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
2009-12-20 09:51 87480 ----a-w- c:\progra~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0a452a47-c5a8-4854-a237-4b9b06b376f0}]
2010-10-18 10:26 3908192 ----a-w- c:\programmi\Gossiper\tbGos0.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2011-01-06 14:06 721840 ----a-w- c:\progra~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0a452a47-c5a8-4854-a237-4b9b06b376f0}"= "c:\programmi\Gossiper\tbGos0.dll" [2010-10-18 3908192]
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "c:\progra~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll" [2009-12-20 87480]

[HKEY_CLASSES_ROOT\clsid\{0a452a47-c5a8-4854-a237-4b9b06b376f0}]

[HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{0A452A47-C5A8-4854-A237-4B9B06B376F0}"= "c:\programmi\Gossiper\tbGos0.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{0a452a47-c5a8-4854-a237-4b9b06b376f0}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-17 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\programmi\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-28 19557480]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2010-05-04 124928]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Uniblue SpyEraser"="c:\programmi\Uniblue\SpyEraser\SpyEraser.exe" -m
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"Uniblue RegistryBooster 2"=c:\programmi\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
"Uniblue SpeedUpMyPC"=c:\programmi\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
"SpybotSD TeaTimer"=c:\programmi\Spybot - Search & Destroy\TeaTimer.exe
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Skype"="c:\programmi\Skype\Phone\Skype.exe" /nosplash /minimized
"ares"="c:\programmi\Ares\Ares.exe" -h

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"nwiz"=c:\programmi\NVIDIA Corporation\nView\nwiz.exe /installquiet
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"TrueImageMonitor.exe"=c:\programmi\Acronis\TrueImage\TrueImageMonitor.exe
"Acronis Scheduler2 Service"="c:\programmi\File comuni\Acronis\Schedule2\schedhlp.exe"
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe"
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" -atboottime
"DATAMNGR"=c:\progra~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\BitComet\\BitComet.exe"=
"c:\\Programmi\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\Opera\\opera.exe"=
"c:\\Programmi\\Vuze\\Azureus.exe"=
"c:\\Programmi\\Pando Networks\\Pando\\Pando.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\isposure\\IsposureAgent.exe"=
"c:\\Programmi\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Documents and Settings\\All Users\\Documenti\\UltraTorrent\\UltraTorrent.exe"=
"c:\\Programmi\\Ares\\Ares.exe"=
"c:\\Programmi\\Avid\\Avid Liquid 7\\Program\\RM.exe"=
"c:\\Programmi\\Avid\\Avid Liquid 7\\Program\\StudioU.mod"=
"c:\\Programmi\\Acoustica CD Label Maker\\cdlabel.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8898:TCP"= 8898:TCP:BitComet 8898 TCP
"8898:UDP"= 8898:UDP:BitComet 8898 UDP
"56155:TCP"= 56155:TCP:Pando
"56155:UDP"= 56155:UDP:Pando
"12814:TCP"= 12814:TCP:BitComet 12814 TCP
"12814:UDP"= 12814:UDP:BitComet 12814 UDP
"8217:TCP"= 8217:TCP:BitComet 8217 TCP
"8217:UDP"= 8217:UDP:BitComet 8217 UDP

R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [22/11/2010 17.27.37 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [22/11/2010 17.27.37 5248]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18/11/2010 19.18.02 691696]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [15/11/2010 11.16.35 294608]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\programmi\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [16/09/2008 12.03.18 169312]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [15/11/2010 11.16.36 17744]
R2 isposure_svc;IsposureAgent;c:\programmi\isposure\IsposureAgent.exe [18/06/2009 16.52.46 761856]
R2 PDFProFiltSrv;PDFProFiltSrv;c:\programmi\Nuance\PDF Professional 6\PDFProFiltSrv.exe [30/06/2009 16.49.06 134944]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [17/11/2010 12.34.13 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [15/11/2010 13.01.28 1691480]
S3 SwitchBoard;SwitchBoard;c:\programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe [19/02/2010 13.37.14 517096]
S4 Fun4IM Coordinator;Fun4IM Coordinator;"c:\progra~1\Fun4IM\Bandoo.exe" --> c:\progra~1\Fun4IM\Bandoo.exe [?]
.
Contenuto della cartella 'Scheduled Tasks'

2010-11-27 c:\windows\Tasks\AdobeAAMUpdater-1.0-A7600686AC474E7-Administrator.job
- c:\programmi\File comuni\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-11-27 02:44]

2011-02-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2011-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-11-17 11:34]

2011-01-02 c:\windows\Tasks\Uniblue SpyEraser.job
- c:\programmi\Uniblue\SpyEraser\SpyEraser.exe [2011-01-02 08:03]
.
.
------- Scansione supplementare -------
.
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append the content of the link to existing PDF file - c:\programmi\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\programmi\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\programmi\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - c:\programmi\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\programmi\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\programmi\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Open with Nuance PDF Converter 6.0 - c:\programmi\Nuance\PDF Professional 6\cnvres_eng.dll /100
IE: Open with PDF Professional 6 - c:\programmi\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: Scarica tutto usando BitComet - c:\programmi\BitComet\BitComet.exe/AddAllLink.htm
IE: Scarica usando &BitComet - c:\programmi\BitComet\BitComet.exe/AddLink.htm
IE: Translate this web page with Babylon - c:\programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
FF - ProfilePath - c:\documents and settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\zgiqcdr3.default\
FF - prefs.js: keyword.URL - hxxp://search.musicfrost.com/results.php?q=
FF - prefs.js: browser.startup.homepage - hxxp://search.musicfrost.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programmi\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programmi\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

URLSearchHooks-{25A6EDBF-C0FD-4ff7-B6A7-C6EDEA3B0B55} - (no file)
Toolbar-10 - (no file)
WebBrowser-{ECDEE021-0D17-467F-A1FF-C7A115230949} - (no file)
WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
AddRemove-OfferBox Browser - c:\programmi\OfferBox\uninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-19 12:17
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1140)
c:\windows\system32\SHSVCS.dll
c:\windows\system32\CLBCATQ.DLL

- - - - - - - > 'lsass.exe'(1240)
c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

- - - - - - - > 'explorer.exe'(660)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\LINKINFO.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\programmi\Alwil Software\Avast5\AvastSvc.exe
c:\programmi\File comuni\Acronis\Schedule2\schedul2.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\Protexis\License Service\PsiService_2.exe
c:\windows\RTHDCPL.EXE
c:\windows\System32\TUProgSt.exe
c:\programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Ora fine scansione: 2011-02-19 12:19:34 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2011-02-19 11:19

Pre-Run: 72.590.761.984 byte disponibili
Post-Run: 72.557.240.320 byte disponibili

- - End Of File - - D47B3C1CE59DC4CE17933E7EEC6936DE

La spunta su tea timer non c'era quindi non ho fatto nulla, ho provato a trascinare sull'icona di Combofix ma non succede nulla, sbaglio qualcosa?

Si vi era un piccolo errore nel salvataggio . Ecco il post di Combofix

ComboFix 11-02-18.04 - Administrator 20/02/2011 11.56.35.4.4 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.3326.2709 [GMT 1:00]
Eseguito da: d:\programmi\ComboFix.exe
Opzioni usate :: c:\documents and settings\Administrator\Desktop\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!

FILE ::
"c:\windows\uninst.exe"
.

((((((((((((((((((((((((( Files Creati Da 2011-01-20 al 2011-02-20 )))))))))))))))))))))))))))))))))))
.

2011-02-19 11:16 . 2011-02-19 11:16 -------- d-----w- c:\windows\system32\xircom
2011-02-19 11:16 . 2011-02-19 11:16 -------- d-----w- c:\windows\system32\wbem\snmp
2011-02-19 11:16 . 2011-02-19 11:16 -------- d-----w- c:\programmi\microsoft frontpage
2011-02-19 11:05 . 2011-02-20 10:45 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\BitComet
2011-02-17 15:31 . 2011-02-17 15:31 388096 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-02-17 13:54 . 2011-02-17 13:54 -------- d-----w- c:\windows\system32\wbem\Repository
2011-02-13 16:46 . 2011-02-13 16:47 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Apple Computer
2011-02-09 18:03 . 2011-02-09 18:03 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Corel
2011-02-09 17:59 . 2011-02-09 17:59 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\COWON
2011-02-09 17:42 . 2011-02-09 17:42 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\FLEXnet
2011-02-08 21:56 . 2011-02-08 21:56 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Bandoo
2011-02-08 17:46 . 2011-02-19 11:05 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\bearsharemediabartb
2011-02-06 14:04 . 2011-02-07 12:02 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\U3
2011-02-02 12:16 . 2011-02-03 14:17 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2011-02-02 12:16 . 2011-02-02 12:16 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2011-02-01 13:51 . 2011-02-01 14:17 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\BearShare
2011-02-01 12:26 . 2011-02-01 14:20 -------- d-----w- c:\programmi\BearShare Applications
2011-01-30 18:25 . 2011-01-30 18:25 -------- d-----w- c:\windows\Ulead.dat
2011-01-30 18:08 . 2006-03-29 06:50 233472 ----a-w- c:\windows\system32\DiskIO.dll
2011-01-30 18:08 . 2006-03-29 06:45 184320 ----a-w- c:\windows\system32\RALmain.dll
2011-01-30 18:08 . 2005-12-12 14:57 32768 ----a-w- c:\windows\system32\MLPagAx.dll
2011-01-30 18:08 . 2003-11-25 13:02 138752 ----a-w- c:\windows\system32\mase32.dll
2011-01-30 18:08 . 2003-11-25 13:02 57856 ----a-w- c:\windows\system32\masd32.dll
2011-01-30 18:08 . 2003-11-25 13:02 27648 ----a-w- c:\windows\system32\ma32.dll
2011-01-30 18:08 . 2003-11-25 13:02 196096 ----a-w- c:\windows\system32\macd32.dll
2011-01-30 18:08 . 2003-11-25 13:02 136192 ----a-w- c:\windows\system32\mamc32.dll
2011-01-30 18:08 . 2003-03-15 23:15 90112 ----a-w- c:\windows\unvise32.exe
2011-01-30 18:05 . 2011-01-30 18:05 -------- d-----w- c:\windows\system32\Quicktime
2011-01-30 18:00 . 2011-01-30 18:07 -------- d-----w- c:\programmi\Avid
2011-01-30 17:59 . 2011-01-30 18:09 -------- d-----w- c:\windows\Downloaded Installations
2011-01-29 16:16 . 2011-02-12 16:59 -------- d-----w- c:\documents and settings\Administrator\MusicFrost
2011-01-29 16:15 . 2011-01-30 11:53 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\MusicFrost
2011-01-29 16:14 . 2011-01-29 16:15 -------- d-----w- c:\programmi\MusicFrost
2011-01-26 17:59 . 2011-01-26 17:59 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\NVIDIA
2011-01-24 18:11 . 2011-01-24 18:11 -------- d-----w- c:\programmi\Electronic Arts
2011-01-24 18:10 . 2011-01-24 18:10 -------- d-----w- c:\documents and settings\Administrator\WINDOWS
2011-01-22 14:30 . 2004-08-19 14:39 159232 ----a-w- c:\windows\system32\ptpusd.dll
2011-01-22 14:30 . 2001-08-30 22:07 5632 ----a-w- c:\windows\system32\ptpusb.dll
2011-01-22 11:31 . 2011-01-22 14:30 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Uniblue
2011-01-22 11:29 . 2011-02-03 17:27 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\vlc
2011-01-21 16:14 . 2011-01-21 16:14 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Ares
2011-01-21 16:14 . 2011-01-21 16:14 -------- d-----w- c:\programmi\Ares

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-10 17:19 . 2010-11-17 17:31 5018 --sha-w- c:\documents and settings\All Users\Dati applicazioni\KGyGaAvL.sys
2011-01-13 08:47 . 2010-11-15 10:16 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-11-15 10:16 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-11-15 10:16 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-11-15 10:16 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-11-15 10:16 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-11-15 10:16 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-11-15 10:16 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-11-15 10:16 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-12 21:39 . 2011-01-12 21:39 49152 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe
2011-01-12 21:38 . 2011-01-12 21:38 335872 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}\ARPPRODUCTICON.exe
2011-01-12 21:37 . 2011-01-12 21:37 57344 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2011-01-12 21:34 . 2003-03-19 11:05 106496 ----a-w- c:\windows\system32\ATL71.DLL
2010-12-31 20:06 . 2010-11-15 10:16 38848 ----a-w- c:\windows\avastSS.scr
2010-12-19 10:02 . 2010-11-17 16:18 361288 ------w- c:\windows\system32\TuneUpDefragService.exe
2010-12-18 09:46 . 2010-12-11 10:03 312154 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\mdbu.bin
2010-12-15 15:23 . 2010-12-15 15:23 9216 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{7426428E-71D4-452C-BA13-B14E5EB52859}\Icon7426428E16.exe
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ------w- c:\windows\system32\GPhotos.scr
.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\073a8e9684d59d4923c2eb2e44aa36af\atapi.sys
[-] 2004-08-03 21:59 . !HASH: COULD NOT OPEN FILE !!!!! . 95360 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys

[-] 2008-04-14 . 4314623FD836E96A51343CE5C74B48A8 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\073a8e9684d59d4923c2eb2e44aa36af\browser.dll
[-] 2007-01-03 . 39128B5A743545BAEDD3984C210F00A8 . 77824 . . [5.1.2600.2586] . . c:\windows\system32\browser.dll

[-] 2008-04-14 . B6FCBB157E9C8ABDCA4134C535535A8B . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\073a8e9684d59d4923c2eb2e44aa36af\cryptsvc.dll
[-] 2007-01-03 . 87F3E2D2A3231F820F9248DB90090F42 . 62464 . . [5.1.2600.2845] . . c:\windows\system32\cryptsvc.dll

[-] 2008-04-14 . 99B69A5697F622A192B2C1E0D55B48AB . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\073a8e9684d59d4923c2eb2e44aa36af\linkinfo.dll
[-] 2007-01-03 . 212DEC5056523F8727C7B4E7E86782D5 . 19968 . . [5.1.2600.2839] . . c:\windows\system32\linkinfo.dll

[-] 2008-04-14 . FE5A5329CCFC33D645C33077FF04F052 . 296960 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\073a8e9684d59d4923c2eb2e44aa36af\termsrv.dll
[-] 2007-01-03 . F959D929A6A22D78E3A6851A9361CE18 . 296960 . . [5.1.2600.2627] . . c:\windows\system32\termsrv.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-02-19_11.17.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-02-20 11:00 . 2011-02-20 11:00 16384 c:\windows\Temp\Perflib_Perfdata_f1c.dat
+ 2011-02-20 11:01 . 2011-02-20 11:01 16384 c:\windows\Temp\Perflib_Perfdata_e80.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-17 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\programmi\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-28 19557480]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2010-05-04 124928]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Uniblue SpyEraser"="c:\programmi\Uniblue\SpyEraser\SpyEraser.exe" -m
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"Uniblue RegistryBooster 2"=c:\programmi\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
"Uniblue SpeedUpMyPC"=c:\programmi\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
"SpybotSD TeaTimer"=c:\programmi\Spybot - Search & Destroy\TeaTimer.exe
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Skype"="c:\programmi\Skype\Phone\Skype.exe" /nosplash /minimized
"ares"="c:\programmi\Ares\Ares.exe" -h

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"nwiz"=c:\programmi\NVIDIA Corporation\nView\nwiz.exe /installquiet
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"TrueImageMonitor.exe"=c:\programmi\Acronis\TrueImage\TrueImageMonitor.exe
"Acronis Scheduler2 Service"="c:\programmi\File comuni\Acronis\Schedule2\schedhlp.exe"
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe"
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" -atboottime
"DATAMNGR"=c:\progra~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\BitComet\\BitComet.exe"=
"c:\\Programmi\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\Opera\\opera.exe"=
"c:\\Programmi\\Vuze\\Azureus.exe"=
"c:\\Programmi\\Pando Networks\\Pando\\Pando.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\isposure\\IsposureAgent.exe"=
"c:\\Programmi\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Documents and Settings\\All Users\\Documenti\\UltraTorrent\\UltraTorrent.exe"=
"c:\\Programmi\\Ares\\Ares.exe"=
"c:\\Programmi\\Avid\\Avid Liquid 7\\Program\\RM.exe"=
"c:\\Programmi\\Avid\\Avid Liquid 7\\Program\\StudioU.mod"=
"c:\\Programmi\\Acoustica CD Label Maker\\cdlabel.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8898:TCP"= 8898:TCP:BitComet 8898 TCP
"8898:UDP"= 8898:UDP:BitComet 8898 UDP
"12814:TCP"= 12814:TCP:BitComet 12814 TCP
"12814:UDP"= 12814:UDP:BitComet 12814 UDP
"8217:TCP"= 8217:TCP:BitComet 8217 TCP
"8217:UDP"= 8217:UDP:BitComet 8217 UDP

R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [22/11/2010 17.27.37 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [22/11/2010 17.27.37 5248]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18/11/2010 19.18.02 691696]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [15/11/2010 11.16.35 294608]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\programmi\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [16/09/2008 12.03.18 169312]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [15/11/2010 11.16.36 17744]
R2 isposure_svc;IsposureAgent;c:\programmi\isposure\IsposureAgent.exe [18/06/2009 16.52.46 761856]
R2 PDFProFiltSrv;PDFProFiltSrv;c:\programmi\Nuance\PDF Professional 6\PDFProFiltSrv.exe [30/06/2009 16.49.06 134944]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [17/11/2010 12.34.13 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [15/11/2010 13.01.28 1691480]
S3 SwitchBoard;SwitchBoard;c:\programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe [19/02/2010 13.37.14 517096]
S4 Fun4IM Coordinator;Fun4IM Coordinator;"c:\progra~1\Fun4IM\Bandoo.exe" --> c:\progra~1\Fun4IM\Bandoo.exe [?]
.
Contenuto della cartella 'Scheduled Tasks'

2010-11-27 c:\windows\Tasks\AdobeAAMUpdater-1.0-A7600686AC474E7-Administrator.job
- c:\programmi\File comuni\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-11-27 02:44]

2011-02-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2011-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-11-17 11:34]

2011-01-02 c:\windows\Tasks\Uniblue SpyEraser.job
- c:\programmi\Uniblue\SpyEraser\SpyEraser.exe [2011-01-02 08:03]
.
.
------- Scansione supplementare -------
.
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append the content of the link to existing PDF file - c:\programmi\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\programmi\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\programmi\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - c:\programmi\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\programmi\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\programmi\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Open with Nuance PDF Converter 6.0 - c:\programmi\Nuance\PDF Professional 6\cnvres_eng.dll /100
IE: Open with PDF Professional 6 - c:\programmi\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: Scarica tutto usando BitComet - c:\programmi\BitComet\BitComet.exe/AddAllLink.htm
IE: Scarica usando &BitComet - c:\programmi\BitComet\BitComet.exe/AddLink.htm
IE: Translate this web page with Babylon - c:\programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
FF - ProfilePath - c:\documents and settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\zo90ef84.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1547340&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Gossiper Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.findeer.it/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programmi\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com
FF - Ext: Bandoo for Firefox: firefox@bandoo.com - %profile%\extensions\firefox@bandoo.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: uTorrentBar_IT Community Toolbar: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - %profile%\extensions\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Gossiper Toolbar: {0a452a47-c5a8-4854-a237-4b9b06b376f0} - %profile%\extensions\{0a452a47-c5a8-4854-a237-4b9b06b376f0}
FF - Ext: MediaBar: {E84D42CA-64EB-11DE-A65F-8C3656D89593} - %profile%\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programmi\Java\jre6\lib\deploy\jqs\ff
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-20 12:01
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1184)
c:\windows\system32\SHSVCS.dll
c:\windows\system32\CLBCATQ.DLL

- - - - - - - > 'lsass.exe'(1272)
c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

- - - - - - - > 'explorer.exe'(3000)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\LINKINFO.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\programmi\Alwil Software\Avast5\AvastSvc.exe
c:\windows\RTHDCPL.EXE
c:\programmi\File comuni\Acronis\Schedule2\schedul2.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\Protexis\License Service\PsiService_2.exe
c:\windows\System32\TUProgSt.exe
c:\programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Ora fine scansione: 2011-02-20 12:03:18 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2011-02-20 11:03
ComboFix2.txt 2011-02-19 19:48
ComboFix3.txt 2011-02-19 11:19

Pre-Run: 72.373.891.072 byte disponibili
Post-Run: 72.361.074.688 byte disponibili

- - End Of File - - 42A35B548D345615033C0B9D16B2093F



Molto interessante questa procedura, vorrei saperne di piu' se puoi darmi qualche informazione in piu', per esempio quali sono le funzioni principali e quando usarlo, inoltre mi e' venuta voglia di disinstallare Search Destroy che ho installato pochi giorni fa, se non erro e' stato lui il responsabile di quanto successo o no? Ti ringrazio

Disattiva il ripristino configurazione di sistema,
http://guide.aiutamici.com/guide?C1=7&C2=68&ID=80121

Scarica TFC by OldTimer sul desktop
http://oldtimer.geekstogo.com/TFC.exe
chiudi tutti i programmi
avvia TFC, clicca su "start"
al termine della scansione ti chiederà il riavvio, dai ok.

Per eliminare i vari Tooll scaricati:
Scarica OTC by OldTimer sul desktop:
http://oldtimer.geekstogo.com/OTC.exe
doppio clic per eseguirlo
Clicca su CleanUp.
Ti chiederà di riavviare il pc.
Clicca sì.

Segui questo percorso e svuota la cartella Prefetch : (non eliminare la cartella)
C:\Windows\Prefetch
SVUOTA IL CESTINO.

Riattiva il ripristino configurazione di sistema.
Se il pc funziona bene, abbiamo concluso.