Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Logfile Opzioni
massimob
Inviato: Saturday, February 12, 2011 1:49:21 PM

Rank: AiutAmico

Iscritto dal : 12/13/2005
Posts: 162
Salve a tutti, invio il mio logfile da controllare, credo di avere un problema, ieri deve essermi entrato qualche cosa mentre aprivo un file scaricato da emule, infatti, all'improvviso, non sono più riuscito a entrare in internet, e la pagina iniziale in caricamento non è più la mia, ma la seguente, www.searchqu.com. ho fatto una scansione antivirus ma non mi ha trovato nulla ( il modem funzionava regolarmente, perche c'era un altro computer collegato che funzionava correttamente ).
Grazie in anticipo e cordiali saluti.
MassimoBrick wall


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:48:36, on 06/02/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\AVG\AVG10\avgwdsvc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Nero\Update\NASvc.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\Programmi\Uniblue\RegistryBooster\rbmonitor.exe
C:\Programmi\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Macrium\Reflect\ReflectService.exe
C:\Programmi\Sandboxie\SbieSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\TeamViewer\Version6\TeamViewer_Service.exe
C:\Programmi\AVG\AVG10\avgnsx.exe
C:\Programmi\AVG\AVG10\avgemcx.exe
C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\PROGRA~1\Fun4IM\Bandoo.exe
C:\Programmi\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Programmi\TeamViewer\Version6\TeamViewer.exe
C:\Programmi\TeamViewer\Version6\tv_w32.exe
C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
C:\PROGRA~1\ALICET~1\vendors\AliceRE\content\template\DRIVEN~1\syncer\MCCITR~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\AVG\AVG10\avgtray.exe
C:\Programmi\QuickTime\QTTask.exe
C:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Packard Bell\Software Suite\PBSoftSuite.exe
C:\Documents and Settings\All Users\Dati applicazioni\U3\U3Launcher\LaunchU3.exe
C:\Programmi\Panda USB Vaccine\USBVaccine.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\Programmi\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Programmi\Packard Bell\Software Suite\pbDevDetect.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Programmi\AVG\AVG10\avgcsrvx.exe
C:\Programmi\AVG\AVG10\avgui.exe
C:\Programmi\AVG\AVG10\avgscanx.exe
C:\Programmi\AVG\AVG10\avgcsrvx.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\OfferBox\OfferBox.exe
C:\PROGRA~1\Fun4IM\BndCore.exe
D:\Protezione\AUP_Hijack\PortableApps\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/403
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:55152
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Programmi\uTorrentBar_IT\tbuTor.dll
R3 - URLSearchHook: ilcorsaronero Toolbar - {f4035115-6152-4901-a81d-f4e0a0479615} - C:\Programmi\ilcorsaronero\prxtbilco.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: My.Freeze.com Toolbar - {0bd6f992-62ad-47f7-aca6-299729be4e2b} - C:\Programmi\myfreezetoolbar\myfreezedx.dll
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Programmi\PriceGong\2.1.0\PriceGongIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programmi\ConduitEngine\ConduitEngine.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG10\avgssie.dll
O2 - BHO: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Programmi\uTorrentBar_IT\tbuTor.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WI9130~1\ToolBar\SearchquDx.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Updater For My.Freeze.com Toolbar - {C26CD490-5F01-41E3-B150-EB29F19DA056} - C:\Programmi\myfreezetoolbar\auxi\myfreezetoolbAu.dll
O2 - BHO: (no name) - {CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Programmi\Fun4IM\Plugins\IE\ieplugin.dll
O2 - BHO: ilcorsaronero - {f4035115-6152-4901-a81d-f4e0a0479615} - C:\Programmi\ilcorsaronero\prxtbilco.dll
O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Programmi\OfferBox\OfferBoxBHO.dll
O3 - Toolbar: My.Freeze.com Toolbar - {0bd6f992-62ad-47f7-aca6-299729be4e2b} - C:\Programmi\myfreezetoolbar\myfreezedx.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: FrostWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Programmi\uTorrentBar_IT\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programmi\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: ilcorsaronero Toolbar - {f4035115-6152-4901-a81d-f4e0a0479615} - C:\Programmi\ilcorsaronero\prxtbilco.dll
O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WI9130~1\ToolBar\SearchquDx.dll
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [AliceRE_McciTrayApp] C:\PROGRA~1\ALICET~1\vendors\AliceRE\content\template\DRIVEN~1\syncer\MCCITR~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Programmi\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE
O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Programmi\Packard Bell\Software Suite\PBSoftSuite.exe" /run
O4 - HKCU\..\Run: [Software Suite] "C:\Programmi\Packard Bell\Software Suite\PBSoftSuite.exe" /RUN
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: LaunchU3.exe.lnk = ?
O4 - Startup: PandaUSBVaccine.lnk = C:\Programmi\Panda USB Vaccine\USBVaccine.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Massimo1\Menu Avvio\Programmi\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1272383408734
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9D1EF3A-1327-4CC5-B3FE-82323DEF3DD7}: NameServer = 85.37.17.17 85.38.28.72
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\wi9130~1\datamngr\datamngr.dll c:\progra~1\fun4im\bndhook.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG10\avgwdsvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Programmi\File comuni\BOONTY Shared\Service\Boonty.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Fun4IM Coordinator - Bandoo Media Inc. - C:\PROGRA~1\Fun4IM\Bandoo.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: @C:\Programmi\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Programmi\Nero\Update\NASvc.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PowerSave Service (PowerSave) - Packard Bell Services - C:\Programmi\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Programmi\Macrium\Reflect\ReflectService.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Programmi\Sandboxie\SbieSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Programmi\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 14490 bytes
Sponsor
Inviato: Saturday, February 12, 2011 1:49:21 PM

 
r16
Inviato: Saturday, February 12, 2011 1:53:35 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Scarica Combofix (usa Internet Explorer)

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop. (è obligatorio)

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (se usi Vista: tasto destro su Combofix.exe e clicca su: "Esegui come Amministratore" )

E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix) tu ignorali.

Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt.
Postalo qui.
massimob
Inviato: Saturday, February 12, 2011 2:06:06 PM

Rank: AiutAmico

Iscritto dal : 12/13/2005
Posts: 162
Domanda, la scansione la debbo fare in modalita provvisoria?
Ciao r16
r16
Inviato: Saturday, February 12, 2011 2:13:22 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
No, meglio in modalità normale.
massimob
Inviato: Saturday, February 12, 2011 2:32:01 PM

Rank: AiutAmico

Iscritto dal : 12/13/2005
Posts: 162
Ok grazie.
massimob
Inviato: Saturday, February 12, 2011 10:21:54 PM

Rank: AiutAmico

Iscritto dal : 12/13/2005
Posts: 162
Salve r16 questo è il log.
Grazie

ComboFix 11-02-11.02 - Massimo1 12/02/2011 21:27:26.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1535.1059 [GMT 1:00]
Eseguito da: c:\documents and settings\Massimo1\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Massimo1\Dati applicazioni\OfferBox
c:\documents and settings\Massimo1\Dati applicazioni\OfferBox\config.dat
c:\documents and settings\Massimo1\Dati applicazioni\OfferBox\config.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\1.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\a.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\b.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\c.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\d.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\e.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\f.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\g.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\h.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\i.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\J.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\k.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\l.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\m.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\mru.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\n.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\o.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\p.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\q.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\r.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\s.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\t.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\u.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\v.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\w.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\x.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\y.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\z.xml
c:\documents and settings\Massimo1\Dati applicazioni\searchqutb
c:\documents and settings\Massimo1\Dati applicazioni\searchqutb\dtx.ini
c:\documents and settings\Massimo1\Dati applicazioni\searchqutb\games\GameTypes.xml
c:\documents and settings\Massimo1\Dati applicazioni\searchqutb\guid.dat
c:\documents and settings\Massimo1\Dati applicazioni\searchqutb\log.txt
c:\documents and settings\Massimo1\Dati applicazioni\searchqutb\preferences.dat
c:\documents and settings\Massimo1\Dati applicazioni\searchqutb\stats.dat
c:\documents and settings\Massimo1\Dati applicazioni\searchqutb\uninstallIE.dat
c:\documents and settings\Massimo1\Dati applicazioni\searchqutb\widgets_cache\category_cache.xml
c:\documents and settings\Massimo1\Dati applicazioni\searchqutb\widgets_cache\widget_cache.xml
c:\documents and settings\Massimo1\Dati applicazioni\syswin
c:\documents and settings\Maurizio\Dati applicazioni\OfferBox
c:\documents and settings\Maurizio\Dati applicazioni\OfferBox\config.dat
c:\documents and settings\Maurizio\Dati applicazioni\OfferBox\config.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\1.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\a.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\b.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\c.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\d.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\e.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\f.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\g.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\h.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\i.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\J.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\k.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\l.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\m.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\mru.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\n.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\o.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\p.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\q.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\r.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\s.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\t.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\u.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\v.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\w.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\x.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\y.xml
c:\documents and settings\Maurizio\Dati applicazioni\PriceGong\Data\z.xml
c:\programmi\OfferBox
c:\programmi\OfferBox\OfferBox.exe
c:\programmi\OfferBox\OfferBoxBHO.dll
c:\programmi\OfferBox\OfferBoxChromeExtension.crx
c:\programmi\OfferBox\OfferBoxEngine.dll
c:\programmi\OfferBox\offerboxffx@offerbox.com\chrome.manifest
c:\programmi\OfferBox\offerboxffx@offerbox.com\chrome\content\events.js
c:\programmi\OfferBox\offerboxffx@offerbox.com\chrome\content\overlay.xul
c:\programmi\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.dll
c:\programmi\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.xpt
c:\programmi\OfferBox\offerboxffx@offerbox.com\install.rdf
c:\programmi\OfferBox\OfferBoxLauncher.exe
c:\programmi\OfferBox\res\Language.xml
c:\programmi\OfferBox\res\loader.gif
c:\programmi\Windows Searchqu Toolbar
c:\programmi\Windows Searchqu Toolbar\Datamngr\datamngr.dll
c:\programmi\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
c:\programmi\Windows Searchqu Toolbar\del_DM_DLL_89.dll
c:\programmi\Windows Searchqu Toolbar\del_DM_EXE_86.dll
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\.#searchqutb.js.1.3
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search\engines.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search\search.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\about.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxwin.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\external.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\neterror.xhtml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\wmpstreamer.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\modules\datastore.jsm
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\preferences.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\searchqutb.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.htm
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217.zip
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\bluelite.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\bluesky.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-search-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-settings-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-settings.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-widgets-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-widgets.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn_settings.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-back-ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-back-ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\ca.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\dictionary.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\divider.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\downloadcom.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\email.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\email_on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\games.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\graphred0.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\graphred0_5.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\grey.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\headsup.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\ico-shield.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\images.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\add.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\aol.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-right.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-up.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\blank.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnback-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnright-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\checkmark.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\chevron.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\collapse.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\comcast.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\dtx.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\edit-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\expand.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\found.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\gmail.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_blue.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_lime.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\hotmail.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\imap.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\loadingMid.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\lock.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\mailcom.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\move.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\movetarget.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\footer.htm
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gameData.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\pop.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\track.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\remove.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rename.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\resize-box.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rss.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rsschannelback.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\RSSLogo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\scroll-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\scroll-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\search-go.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\throbber.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\template.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\template.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\weather.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\yahoo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lichen.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\logo-about.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\logo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\maps.bmp
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\menuseparatorback.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\modify-save.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\modify.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\modifyhot.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\music.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\news.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-main.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-weather.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-widgets.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\orange.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\pixsy.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\relatedlinks.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-collapse.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-delete.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-expand.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-feed.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder-remove.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder-rename.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-found.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-reload.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-subscribe.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rssback.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rsstopback.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\search-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchqutb.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\settings.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\shopping.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\siteinfo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-bluelite.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-bluesky.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-lichen.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-orange.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-yellow.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\technorati.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\throbber.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\toolbarsplitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\video.bmp
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\weather.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\web.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_allocine.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_bliptv.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_calcal.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_calculator.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_gservices.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_sudoku.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_todo.jpg
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_todo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_trio.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_uconverter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widgets-square-16px.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widgets.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\wikipedia.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\yahoosearch.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\yellow.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\youtube.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\zoom.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\components\windowmediator.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\manifest.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
c:\programmi\Windows Searchqu Toolbar\ToolBar\SearchquTb.dll
c:\programmi\Windows Searchqu Toolbar\ToolBar\uninstall.exe
c:\programmi\Windows Searchqu Toolbar\uninstall.exe
C:\Thumbs.db
c:\windows\system32\Temp
c:\windows\XSxS

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games


((((((((((((((((((((((((( Files Creati Da 2011-01-12 al 2011-02-12 )))))))))))))))))))))))))))))))))))
.

2011-02-06 14:51 . 2011-02-06 14:51 -------- d-----w- c:\documents and settings\Massimo1\Dati applicazioni\Bandoo
2011-02-06 14:42 . 2011-02-06 14:42 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Bandoo
2011-02-06 14:42 . 2011-02-06 14:42 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Fun4IM
2011-02-06 11:32 . 2011-02-06 11:32 -------- d-----w- c:\documents and settings\Massimo1\Impostazioni locali\Dati applicazioni\ilcorsaronero
2011-02-06 11:32 . 2011-02-06 11:32 -------- d-----w- c:\programmi\ilcorsaronero
2011-02-05 20:07 . 2011-02-05 20:07 13 ---h--w- c:\documents and settings\All Users\Dati applicazioni\1ÌØ13.sys
2011-02-05 17:55 . 2011-02-05 17:55 -------- d-----w- c:\documents and settings\Massimo1\Dati applicazioni\SWiSH miniMax4 ITA
2011-02-05 17:55 . 2011-02-05 17:55 -------- d-----w- c:\programmi\LameACM
2011-02-05 17:54 . 2011-02-05 17:54 -------- d-----w- c:\programmi\File comuni\SWiSHzone.com
2011-02-05 17:54 . 2011-02-05 17:55 -------- d-----w- c:\programmi\SWiSH miniMax4
2011-02-03 21:50 . 2011-02-04 19:59 -------- d-----w- C:\MioLavoro
2011-02-03 08:10 . 2011-02-03 11:03 -------- d-----w- c:\programmi\WebSite X5 v8 - Evolution
2011-02-03 07:37 . 2011-02-03 07:37 -------- d-----w- c:\programmi\icons
2011-01-31 13:10 . 2009-03-15 16:35 207872 ----a-w- c:\windows\system32\iwpsetup.exe
2011-01-31 13:10 . 1997-01-15 23:00 29696 ----a-w- c:\windows\system32\VB5STKIT.DLL
2011-01-31 07:01 . 2011-01-31 07:01 349 ----a-w- C:\temp.reg
2011-01-31 06:56 . 2011-01-31 06:57 -------- d-----w- c:\programmi\FS2ATC
2011-01-30 21:39 . 2000-01-24 04:01 453632 ----a-w- c:\windows\system32\stdvcl40.dll
2011-01-30 21:39 . 2011-01-30 21:40 -------- d-----w- c:\programmi\Web CEO
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\programmi\Internet Explorer\PLUGINS\nppdf32.dll
2011-01-25 07:27 . 2011-01-25 07:27 -------- d-----w- c:\documents and settings\Massimo1\DoctorWeb
2011-01-24 16:28 . 2011-01-24 16:28 125304 ----a-w- c:\windows\system32\drivers\dwprot.sys
2011-01-24 16:21 . 2011-01-24 16:21 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Canneverbe Limited
2011-01-23 16:50 . 2011-01-23 16:50 -------- d-----w- c:\programmi\Packard Bell
2011-01-23 16:49 . 2011-01-23 19:34 -------- d-----w- c:\programmi\Packard Bell External HDD
2011-01-23 14:21 . 2011-01-23 16:11 -------- d-----w- c:\documents and settings\Massimo1\Impostazioni locali\Dati applicazioni\Packard Bell
2011-01-21 15:00 . 2011-01-21 15:00 -------- d-----w- c:\windows\UfdApp
2011-01-21 14:44 . 2011-01-21 14:44 440832 -c----w- c:\windows\system32\dllcache\shimgvw.dll
2011-01-17 20:42 . 2011-01-17 20:03 12952 ----a-w- c:\windows\system32\drivers\PSVolAcc.sys
2011-01-17 20:42 . 2011-01-17 20:02 16024 ----a-w- c:\windows\system32\drivers\pssnap.sys
2011-01-17 20:42 . 2011-01-17 20:02 45208 ----a-w- c:\windows\system32\drivers\psmounter.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-31 06:56 . 2011-01-09 21:34 249856 ------w- c:\windows\Setup1.exe
2011-01-31 06:56 . 2011-01-09 21:34 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-01-21 14:44 . 2003-04-08 12:00 440832 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2003-04-08 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04 . 2003-04-08 12:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2003-04-08 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:53 . 2003-04-08 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:53 . 2003-04-08 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:53 . 2003-04-08 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26 . 2003-04-08 12:00 735744 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2004-08-19 22:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15 . 2003-04-08 12:00 739840 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 15:14 . 2003-04-08 12:00 2196480 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 15:14 . 2002-09-09 13:34 2073088 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-12-09 14:30 . 2003-04-08 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:12 . 2010-04-26 18:09 86016 ----a-w- c:\windows\system32\isign32.dll
2010-07-18 12:46 . 2010-07-18 12:46 3229954 ----a-w- c:\programmi\expaudioconverter.exe
2010-06-02 12:36 . 2010-06-02 12:36 26107319 ----a-w- c:\programmi\PriMus-DCF_vUNICO(b).EXE
2010-06-01 23:03 . 2010-06-01 23:03 64393944 ----a-w- c:\programmi\93.71_forceware_winxp2k_international_whql.exe
2010-04-26 22:13 . 2010-04-26 22:13 1162056 ----a-w- c:\programmi\wlsetup-custom.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}"= "c:\programmi\uTorrentBar_IT\tbuTor.dll" [2010-12-09 3911776]
"{f4035115-6152-4901-a81d-f4e0a0479615}"= "c:\programmi\ilcorsaronero\prxtbilco.dll" [2011-01-03 175400]

[HKEY_CLASSES_ROOT\clsid\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}]

[HKEY_CLASSES_ROOT\clsid\{f4035115-6152-4901-a81d-f4e0a0479615}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]
2010-03-28 19:53 353656 ----a-w- c:\programmi\PriceGong\2.1.0\PriceGongIE.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\programmi\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}]
2010-12-09 11:51 3911776 ----a-w- c:\programmi\uTorrentBar_IT\tbuTor.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\programmi\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f4035115-6152-4901-a81d-f4e0a0479615}]
2011-01-03 09:16 175400 ----a-w- c:\programmi\ilcorsaronero\prxtbilco.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}"= "c:\programmi\uTorrentBar_IT\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\programmi\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{f4035115-6152-4901-a81d-f4e0a0479615}"= "c:\programmi\ilcorsaronero\prxtbilco.dll" [2011-01-03 175400]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CLASSES_ROOT\clsid\{f4035115-6152-4901-a81d-f4e0a0479615}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}"= "c:\programmi\uTorrentBar_IT\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\programmi\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{F4035115-6152-4901-A81D-F4E0A0479615}"= "c:\programmi\ilcorsaronero\prxtbilco.dll" [2011-01-03 175400]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CLASSES_ROOT\clsid\{f4035115-6152-4901-a81d-f4e0a0479615}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-06 39408]
"Packard Bell Software Suite"="c:\programmi\Packard Bell\Software Suite\PBSoftSuite.exe" [2009-10-01 3144736]
"Software Suite"="c:\programmi\Packard Bell\Software Suite\PBSoftSuite.exe" [2009-10-01 3144736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Motive SmartBridge"="c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
"Google Desktop Search"="c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-27 30192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-05-14 248552]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2010-12-13 421160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Massimo1\Menu Avvio\Programmi\Esecuzione automatica\
LaunchU3.exe.lnk - c:\documents and settings\Massimo1\Dati applicazioni\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe [2010-6-13 22486]
PandaUSBVaccine.lnk - c:\programmi\Panda USB Vaccine\USBVaccine.exe [2010-6-9 1287176]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2010-5-1 110592]
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2010-4-26 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programmi\\Opera\\opera.exe"=
"d:\\eMule\\eMule.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Vuze\\Azureus.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\MyTorrentClient\\Halite.exe"=
"c:\\Programmi\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Programmi\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Programmi\\frostwire\\FrostWire.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=

R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [17/01/2011 21:42 16024]
R2 Fun4IM Coordinator;Fun4IM Coordinator;c:\progra~1\Fun4IM\Bandoo.exe [06/02/2011 15:42 1942416]
R2 NAUpdate;@c:\programmi\Nero\Update\NASvc.exe,-200;c:\programmi\Nero\Update\NASvc.exe [04/05/2010 12:07 503080]
R2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [28/04/2010 16:58 8192]
R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\drivers\ousbehci.sys [26/04/2010 20:34 46080]
R2 PowerSave;PowerSave Service;c:\programmi\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe [06/04/2009 10:35 1002016]
R2 ReflectService;Macrium Reflect Image Mounting Service;c:\programmi\Macrium\Reflect\ReflectService.exe [17/01/2011 21:42 220824]
R2 TeamViewer6;TeamViewer 6;c:\programmi\TeamViewer\Version6\TeamViewer_Service.exe [07/12/2010 11:32 2228008]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [26/04/2010 20:34 56960]
S0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys [24/01/2011 17:28 125304]
S2 gupdate;Google Update Service (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [27/04/2010 14:32 136176]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe [06/05/2010 21:36 30192]
S3 PSMounter;Macrium Reflect Image Explorer Service;c:\windows\system32\drivers\psmounter.sys [17/01/2011 21:42 45208]
S3 PSVolAcc;PSVolAcc;c:\windows\system32\drivers\PSVolAcc.sys [17/01/2011 21:42 12952]
.
Contenuto della cartella 'Scheduled Tasks'

2011-01-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]

2011-02-12 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary Utilities\initialize.exe [2010-11-30 09:47]

2011-02-12 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-05-06 20:36]

2011-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-04-27 13:32]

2011-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-04-27 13:32]

2011-02-12 c:\windows\Tasks\RegistryBooster.job
- c:\programmi\Uniblue\RegistryBooster\rbmonitor.exe [2010-09-30 11:18]

2011-02-07 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\programmi\Ask.com\UpdateTask.exe [2010-09-28 21:44]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.searchqu.com/403
uInternet Settings,ProxyServer = http=127.0.0.1:55152
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Massimo1\Menu Avvio\Programmi\IMVU\Run IMVU.lnk
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
.
------- Associazioni dei file -------
.
.scr=AutoCADScriptFile
.txt=
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

BHO-{CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC} - (no file)
HKLM-Run-DATAMNGR - c:\progra~1\WI9130~1\Datamngr\DATAMN~1.EXE
AddRemove-PDF Creator - i:\portableapps\PrinterSetup.exe
AddRemove-Google Chrome - c:\documents and settings\Massimo1\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\6.0.472.63\Installer\setup.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-12 21:42
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"Licence0"="04F0D21-79D8-7A25-D702-433F"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(2404)
c:\windows\system32\WININET.dll
c:\progra~1\ALICET~1\SMARTB~1\SBHook.dll
c:\windows\system32\AcSignIcon.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\programmi\File comuni\Autodesk Shared\AcSignCore16.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\programmi\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\windows\system32\ConnAPI.DLL
c:\programmi\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_ita.nlr
c:\programmi\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
c:\programmi\Sandboxie\SbieSvc.exe
c:\programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\programmi\TeamViewer\Version6\TeamViewer.exe
c:\programmi\TeamViewer\Version6\tv_w32.exe
c:\progra~1\ALICET~1\vendors\AliceRE\content\template\DRIVEN~1\syncer\MCCITR~1.EXE
c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wscntfy.exe
c:\documents and settings\All Users\Dati applicazioni\U3\U3Launcher\LaunchU3.exe
c:\programmi\Alice ti aiuta\bin\mpbtn.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\programmi\File comuni\PCSuite\Services\ServiceLayer.exe
c:\programmi\Packard Bell\Software Suite\pbDevDetect.exe
c:\progra~1\Motive\ASSTCO~1\MOTIVE~1.EXE
c:\programmi\Alice ti aiuta\bin\mad.exe
.
**************************************************************************
.
Ora fine scansione: 2011-02-12 21:48:59 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2011-02-12 20:48

Pre-Run: 34.703.978.496 byte disponibili
Post-Run: 35.899.428.864 byte disponibili

- - End Of File - - 60689CB43210302ABCDD1E512D4A0521
r16
Inviato: Sunday, February 13, 2011 2:37:22 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Apri un file di testo con il Block Note sul Desktop
Ci incolli il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente con il nome CFScript.txt

Code:
KillAll::

File::
c:\windows\Tasks\RegistryBooster.job
c:\programmi\Ask.com\UpdateTask.exe

Folder::
c:\programmi\Uniblue\RegistryBooster
c:\programmi\PriceGong
c:\programmi\Uniblue
c:\programmi\Ask.com

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]


e trascinalo sull'icona di ComboFix.
Attendi la fine dei lavori, senza toccare tastiera, mouse o altro.
Posta il log aggiornato di combofix
massimob
Inviato: Sunday, February 13, 2011 7:54:19 PM

Rank: AiutAmico

Iscritto dal : 12/13/2005
Posts: 162
Salve, questo è il nuovo log
Cordiali saluti

ComboFix 11-02-11.02 - Massimo1 13/02/2011 19:08:27.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1535.1064 [GMT 1:00]
Eseguito da: c:\documents and settings\Massimo1\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\Massimo1\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\programmi\Ask.com\UpdateTask.exe"
"c:\windows\Tasks\RegistryBooster.job"
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Massimo1\Dati applicazioni\PriceGong
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\1.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\a.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\b.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\c.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\d.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\e.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\f.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\g.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\h.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\i.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\J.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\k.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\l.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\m.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\mru.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\n.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\o.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\p.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\q.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\r.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\s.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\t.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\u.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\v.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\w.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\x.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\y.xml
c:\documents and settings\Massimo1\Dati applicazioni\PriceGong\Data\z.xml
c:\programmi\Ask.com
c:\programmi\Ask.com\cobrand.ico
c:\programmi\Ask.com\config.xml
c:\programmi\Ask.com\favicon.ico
c:\programmi\Ask.com\fv_39.ico
c:\programmi\Ask.com\GenericAskToolbar.dll
c:\programmi\Ask.com\mupcfg.xml
c:\programmi\Ask.com\SaUpdate.exe
c:\programmi\Ask.com\UpdateTask.exe
c:\programmi\PriceGong
c:\programmi\PriceGong\2.1.0\FF\chrome.manifest
c:\programmi\PriceGong\2.1.0\FF\components\PriceGong.xpt
c:\programmi\PriceGong\2.1.0\FF\components\PriceGongFF.dll
c:\programmi\PriceGong\2.1.0\FF\content\options.js
c:\programmi\PriceGong\2.1.0\FF\content\options.xul
c:\programmi\PriceGong\2.1.0\FF\content\PriceGong.png
c:\programmi\PriceGong\2.1.0\FF\install.rdf
c:\programmi\PriceGong\2.1.0\PriceGongIE.dll
c:\programmi\PriceGong\uninst.exe
c:\programmi\Uniblue
c:\programmi\Uniblue\DriverScanner\cache.dll
c:\programmi\Uniblue\DriverScanner\cwebpage.dll
c:\programmi\Uniblue\DriverScanner\DriverInstaller32.exe
c:\programmi\Uniblue\DriverScanner\DriverInstaller64.exe
c:\programmi\Uniblue\DriverScanner\driverscanner.exe
c:\programmi\Uniblue\DriverScanner\ds_move_serial.exe
c:\programmi\Uniblue\DriverScanner\ds_track_install.exe
c:\programmi\Uniblue\DriverScanner\InstallerExtensions.dll
c:\programmi\Uniblue\DriverScanner\intermediate_views.dat
c:\programmi\Uniblue\DriverScanner\Launcher.exe
c:\programmi\Uniblue\DriverScanner\library.dat
c:\programmi\Uniblue\DriverScanner\locale\br\br.dll
c:\programmi\Uniblue\DriverScanner\locale\br\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\de\de.dll
c:\programmi\Uniblue\DriverScanner\locale\de\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\dk\dk.dll
c:\programmi\Uniblue\DriverScanner\locale\dk\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\en\en.dll
c:\programmi\Uniblue\DriverScanner\locale\en\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\es\es.dll
c:\programmi\Uniblue\DriverScanner\locale\es\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\fi\fi.dll
c:\programmi\Uniblue\DriverScanner\locale\fi\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\fr\fr.dll
c:\programmi\Uniblue\DriverScanner\locale\fr\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\gr\gr.dll
c:\programmi\Uniblue\DriverScanner\locale\gr\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\it\it.dll
c:\programmi\Uniblue\DriverScanner\locale\it\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\jp\jp.dll
c:\programmi\Uniblue\DriverScanner\locale\jp\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\nl\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\nl\nl.dll
c:\programmi\Uniblue\DriverScanner\locale\no\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\no\no.dll
c:\programmi\Uniblue\DriverScanner\locale\pl\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\pl\pl.dll
c:\programmi\Uniblue\DriverScanner\locale\pt\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\pt\pt.dll
c:\programmi\Uniblue\DriverScanner\locale\ru\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\ru\ru.dll
c:\programmi\Uniblue\DriverScanner\locale\se\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\se\se.dll
c:\programmi\Uniblue\DriverScanner\locale\tr\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\tr\tr.dll
c:\programmi\Uniblue\DriverScanner\locale\xs\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\xs\xs.dll
c:\programmi\Uniblue\DriverScanner\locale\xt\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\DriverScanner\locale\xt\xt.dll
c:\programmi\Uniblue\DriverScanner\Microsoft.VC90.CRT.manifest
c:\programmi\Uniblue\DriverScanner\msvcp90.dll
c:\programmi\Uniblue\DriverScanner\msvcr90.dll
c:\programmi\Uniblue\DriverScanner\unins000.dat
c:\programmi\Uniblue\DriverScanner\unins000.exe
c:\programmi\Uniblue\DriverScanner\views.dat
c:\programmi\Uniblue\DriverScanner\x64\DriverInstaller64.exe
c:\programmi\Uniblue\DriverScanner\x64\Microsoft.VC90.CRT.manifest
c:\programmi\Uniblue\DriverScanner\x64\msvcp90.dll
c:\programmi\Uniblue\DriverScanner\x64\msvcr90.dll
c:\programmi\Uniblue\RegistryBooster\cache.dll
c:\programmi\Uniblue\RegistryBooster\cwebpage.dll
c:\programmi\Uniblue\RegistryBooster\InstallerExtensions.dll
c:\programmi\Uniblue\RegistryBooster\intermediate_views.dat
c:\programmi\Uniblue\RegistryBooster\Launcher.exe
c:\programmi\Uniblue\RegistryBooster\library.dat
c:\programmi\Uniblue\RegistryBooster\locale\br\br.dll
c:\programmi\Uniblue\RegistryBooster\locale\br\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\de\de.dll
c:\programmi\Uniblue\RegistryBooster\locale\de\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\dk\dk.dll
c:\programmi\Uniblue\RegistryBooster\locale\dk\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\en\en.dll
c:\programmi\Uniblue\RegistryBooster\locale\en\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\es\es.dll
c:\programmi\Uniblue\RegistryBooster\locale\es\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\fi\fi.dll
c:\programmi\Uniblue\RegistryBooster\locale\fi\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\fr\fr.dll
c:\programmi\Uniblue\RegistryBooster\locale\fr\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\gr\gr.dll
c:\programmi\Uniblue\RegistryBooster\locale\gr\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\it\it.dll
c:\programmi\Uniblue\RegistryBooster\locale\it\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\jp\jp.dll
c:\programmi\Uniblue\RegistryBooster\locale\jp\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\nl\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\nl\nl.dll
c:\programmi\Uniblue\RegistryBooster\locale\no\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\no\no.dll
c:\programmi\Uniblue\RegistryBooster\locale\pl\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\pl\pl.dll
c:\programmi\Uniblue\RegistryBooster\locale\pt\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\pt\pt.dll
c:\programmi\Uniblue\RegistryBooster\locale\ru\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\ru\ru.dll
c:\programmi\Uniblue\RegistryBooster\locale\se\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\se\se.dll
c:\programmi\Uniblue\RegistryBooster\locale\tr\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\tr\tr.dll
c:\programmi\Uniblue\RegistryBooster\locale\xs\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\xs\xs.dll
c:\programmi\Uniblue\RegistryBooster\locale\xt\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\RegistryBooster\locale\xt\xt.dll
c:\programmi\Uniblue\RegistryBooster\Microsoft.VC90.CRT.manifest
c:\programmi\Uniblue\RegistryBooster\msvcp90.dll
c:\programmi\Uniblue\RegistryBooster\msvcr90.dll
c:\programmi\Uniblue\RegistryBooster\rb_move_serial.exe
c:\programmi\Uniblue\RegistryBooster\rb_track_install.exe
c:\programmi\Uniblue\RegistryBooster\rbmonitor.exe
c:\programmi\Uniblue\RegistryBooster\rbnotifier.exe
c:\programmi\Uniblue\RegistryBooster\registrybooster.exe
c:\programmi\Uniblue\RegistryBooster\repair_transform.xsl
c:\programmi\Uniblue\RegistryBooster\unins000.dat
c:\programmi\Uniblue\RegistryBooster\unins000.exe
c:\programmi\Uniblue\RegistryBooster\views.dat
c:\programmi\Uniblue\SpeedUpMyPC\cache.dll
c:\programmi\Uniblue\SpeedUpMyPC\cwebpage.dll
c:\programmi\Uniblue\SpeedUpMyPC\InstallerExtensions.dll
c:\programmi\Uniblue\SpeedUpMyPC\intermediate_views.dat
c:\programmi\Uniblue\SpeedUpMyPC\Launcher.exe
c:\programmi\Uniblue\SpeedUpMyPC\library.dat
c:\programmi\Uniblue\SpeedUpMyPC\locale\br\br.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\br\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\de\de.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\de\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\dk\dk.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\dk\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\en\en.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\en\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\en\LC_MESSAGES\sumpmessages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\es\es.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\es\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\fi\fi.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\fi\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\fr\fr.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\fr\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\gr\gr.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\gr\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\it\it.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\it\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\it\LC_MESSAGES\sumpmessages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\jp\jp.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\jp\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\nl\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\nl\nl.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\no\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\no\no.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\pl\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\pl\pl.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\pt\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\pt\pt.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\ru\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\ru\ru.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\se\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\se\se.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\tr\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\tr\tr.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\xs\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\xs\xs.dll
c:\programmi\Uniblue\SpeedUpMyPC\locale\xt\LC_MESSAGES\messages.mo
c:\programmi\Uniblue\SpeedUpMyPC\locale\xt\xt.dll
c:\programmi\Uniblue\SpeedUpMyPC\Microsoft.VC90.CRT.manifest
c:\programmi\Uniblue\SpeedUpMyPC\msvcp90.dll
c:\programmi\Uniblue\SpeedUpMyPC\msvcr90.dll
c:\programmi\Uniblue\SpeedUpMyPC\sp_move_serial.exe
c:\programmi\Uniblue\SpeedUpMyPC\sp_track_install.exe
c:\programmi\Uniblue\SpeedUpMyPC\st.dat
c:\programmi\Uniblue\SpeedUpMyPC\sump.exe
c:\programmi\Uniblue\SpeedUpMyPC\unins000.dat
c:\programmi\Uniblue\SpeedUpMyPC\unins000.exe
c:\programmi\Uniblue\SpeedUpMyPC\views.dat
c:\windows\Tasks\RegistryBooster.job
H:\Autorun.inf

.
((((((((((((((((((((((((( Files Creati Da 2011-01-13 al 2011-02-13 )))))))))))))))))))))))))))))))))))
.

2011-02-13 16:13 . 2011-02-13 16:13 -------- d-----w- C:\io sito
2011-02-12 21:03 . 2011-01-13 08:37 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-12 21:03 . 2011-01-13 08:41 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-12 21:03 . 2011-01-13 08:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-12 21:03 . 2011-01-13 08:40 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-12 21:03 . 2011-01-13 08:40 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-02-12 21:03 . 2011-01-13 08:39 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-02-12 21:03 . 2011-01-13 08:37 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-02-12 21:03 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr
2011-02-12 21:03 . 2011-01-13 08:47 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-06 14:51 . 2011-02-06 14:51 -------- d-----w- c:\documents and settings\Massimo1\Dati applicazioni\Bandoo
2011-02-06 14:42 . 2011-02-06 14:42 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Bandoo
2011-02-06 14:42 . 2011-02-06 14:42 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Fun4IM
2011-02-06 11:32 . 2011-02-06 11:32 -------- d-----w- c:\documents and settings\Massimo1\Impostazioni locali\Dati applicazioni\ilcorsaronero
2011-02-06 11:32 . 2011-02-06 11:32 -------- d-----w- c:\programmi\ilcorsaronero
2011-02-05 20:07 . 2011-02-05 20:07 13 ---h--w- c:\documents and settings\All Users\Dati applicazioni\1ÌØ13.sys
2011-02-05 17:55 . 2011-02-05 17:55 -------- d-----w- c:\documents and settings\Massimo1\Dati applicazioni\SWiSH miniMax4 ITA
2011-02-05 17:55 . 2011-02-05 17:55 -------- d-----w- c:\programmi\LameACM
2011-02-05 17:54 . 2011-02-05 17:54 -------- d-----w- c:\programmi\File comuni\SWiSHzone.com
2011-02-05 17:54 . 2011-02-05 17:55 -------- d-----w- c:\programmi\SWiSH miniMax4
2011-02-03 21:50 . 2011-02-04 19:59 -------- d-----w- C:\MioLavoro
2011-02-03 08:10 . 2011-02-03 11:03 -------- d-----w- c:\programmi\WebSite X5 v8 - Evolution
2011-02-03 07:37 . 2011-02-03 07:37 -------- d-----w- c:\programmi\icons
2011-01-31 13:10 . 2009-03-15 16:35 207872 ----a-w- c:\windows\system32\iwpsetup.exe
2011-01-31 13:10 . 1997-01-15 23:00 29696 ----a-w- c:\windows\system32\VB5STKIT.DLL
2011-01-31 07:01 . 2011-01-31 07:01 349 ----a-w- C:\temp.reg
2011-01-31 06:56 . 2011-01-31 06:57 -------- d-----w- c:\programmi\FS2ATC
2011-01-30 21:39 . 2000-01-24 04:01 453632 ----a-w- c:\windows\system32\stdvcl40.dll
2011-01-30 21:39 . 2011-01-30 21:40 -------- d-----w- c:\programmi\Web CEO
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\programmi\Internet Explorer\PLUGINS\nppdf32.dll
2011-01-25 07:27 . 2011-01-25 07:27 -------- d-----w- c:\documents and settings\Massimo1\DoctorWeb
2011-01-24 16:28 . 2011-01-24 16:28 125304 ----a-w- c:\windows\system32\drivers\dwprot.sys
2011-01-24 16:21 . 2011-01-24 16:21 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Canneverbe Limited
2011-01-23 16:50 . 2011-01-23 16:50 -------- d-----w- c:\programmi\Packard Bell
2011-01-23 16:49 . 2011-01-23 19:34 -------- d-----w- c:\programmi\Packard Bell External HDD
2011-01-23 14:21 . 2011-01-23 16:11 -------- d-----w- c:\documents and settings\Massimo1\Impostazioni locali\Dati applicazioni\Packard Bell
2011-01-21 15:00 . 2011-01-21 15:00 -------- d-----w- c:\windows\UfdApp
2011-01-21 14:44 . 2011-01-21 14:44 440832 -c----w- c:\windows\system32\dllcache\shimgvw.dll
2011-01-17 20:42 . 2011-01-17 20:03 12952 ----a-w- c:\windows\system32\drivers\PSVolAcc.sys
2011-01-17 20:42 . 2011-01-17 20:02 16024 ----a-w- c:\windows\system32\drivers\pssnap.sys
2011-01-17 20:42 . 2011-01-17 20:02 45208 ----a-w- c:\windows\system32\drivers\psmounter.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-31 06:56 . 2011-01-09 21:34 249856 ------w- c:\windows\Setup1.exe
2011-01-31 06:56 . 2011-01-09 21:34 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-01-21 14:44 . 2003-04-08 12:00 440832 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2003-04-08 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04 . 2003-04-08 12:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2003-04-08 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:53 . 2003-04-08 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:53 . 2003-04-08 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:53 . 2003-04-08 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26 . 2003-04-08 12:00 735744 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2004-08-19 22:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15 . 2003-04-08 12:00 739840 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 15:14 . 2003-04-08 12:00 2196480 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 15:14 . 2002-09-09 13:34 2073088 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-12-09 14:30 . 2003-04-08 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:12 . 2010-04-26 18:09 86016 ----a-w- c:\windows\system32\isign32.dll
2010-07-18 12:46 . 2010-07-18 12:46 3229954 ----a-w- c:\programmi\expaudioconverter.exe
2010-06-02 12:36 . 2010-06-02 12:36 26107319 ----a-w- c:\programmi\PriMus-DCF_vUNICO(b).EXE
2010-06-01 23:03 . 2010-06-01 23:03 64393944 ----a-w- c:\programmi\93.71_forceware_winxp2k_international_whql.exe
2010-04-26 22:13 . 2010-04-26 22:13 1162056 ----a-w- c:\programmi\wlsetup-custom.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}"= "c:\programmi\uTorrentBar_IT\tbuTor.dll" [2010-12-09 3911776]
"{f4035115-6152-4901-a81d-f4e0a0479615}"= "c:\programmi\ilcorsaronero\prxtbilco.dll" [2011-01-03 175400]

[HKEY_CLASSES_ROOT\clsid\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}]

[HKEY_CLASSES_ROOT\clsid\{f4035115-6152-4901-a81d-f4e0a0479615}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}]
2010-12-09 11:51 3911776 ----a-w- c:\programmi\uTorrentBar_IT\tbuTor.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f4035115-6152-4901-a81d-f4e0a0479615}]
2011-01-03 09:16 175400 ----a-w- c:\programmi\ilcorsaronero\prxtbilco.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}"= "c:\programmi\uTorrentBar_IT\tbuTor.dll" [2010-12-09 3911776]
"{f4035115-6152-4901-a81d-f4e0a0479615}"= "c:\programmi\ilcorsaronero\prxtbilco.dll" [2011-01-03 175400]

[HKEY_CLASSES_ROOT\clsid\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}]

[HKEY_CLASSES_ROOT\clsid\{f4035115-6152-4901-a81d-f4e0a0479615}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}"= "c:\programmi\uTorrentBar_IT\tbuTor.dll" [2010-12-09 3911776]
"{F4035115-6152-4901-A81D-F4E0A0479615}"= "c:\programmi\ilcorsaronero\prxtbilco.dll" [2011-01-03 175400]

[HKEY_CLASSES_ROOT\clsid\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}]

[HKEY_CLASSES_ROOT\clsid\{f4035115-6152-4901-a81d-f4e0a0479615}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-06 39408]
"Packard Bell Software Suite"="c:\programmi\Packard Bell\Software Suite\PBSoftSuite.exe" [2009-10-01 3144736]
"Software Suite"="c:\programmi\Packard Bell\Software Suite\PBSoftSuite.exe" [2009-10-01 3144736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Motive SmartBridge"="c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
"Google Desktop Search"="c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-27 30192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-05-14 248552]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"avast5"="c:\programmi\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Massimo1\Menu Avvio\Programmi\Esecuzione automatica\
LaunchU3.exe.lnk - c:\documents and settings\Massimo1\Dati applicazioni\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe [2010-6-13 22486]
PandaUSBVaccine.lnk - c:\programmi\Panda USB Vaccine\USBVaccine.exe [2010-6-9 1287176]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2010-5-1 110592]
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2010-4-26 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Fun4IM\BndHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Opera\\opera.exe"=

R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [17/01/2011 21:42 16024]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [12/02/2011 22:03 294608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12/02/2011 22:03 17744]
R2 Fun4IM Coordinator;Fun4IM Coordinator;c:\progra~1\Fun4IM\Bandoo.exe [06/02/2011 15:42 1942416]
R2 NAUpdate;@c:\programmi\Nero\Update\NASvc.exe,-200;c:\programmi\Nero\Update\NASvc.exe [04/05/2010 12:07 503080]
R2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [28/04/2010 16:58 8192]
R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\drivers\ousbehci.sys [26/04/2010 20:34 46080]
R2 PowerSave;PowerSave Service;c:\programmi\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe [06/04/2009 10:35 1002016]
R2 ReflectService;Macrium Reflect Image Mounting Service;c:\programmi\Macrium\Reflect\ReflectService.exe [17/01/2011 21:42 220824]
R2 TeamViewer6;TeamViewer 6;c:\programmi\TeamViewer\Version6\TeamViewer_Service.exe [07/12/2010 11:32 2228008]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [26/04/2010 20:34 56960]
S0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys [24/01/2011 17:28 125304]
S2 gupdate;Google Update Service (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [27/04/2010 14:32 136176]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe [06/05/2010 21:36 30192]
S3 PSMounter;Macrium Reflect Image Explorer Service;c:\windows\system32\drivers\psmounter.sys [17/01/2011 21:42 45208]
S3 PSVolAcc;PSVolAcc;c:\windows\system32\drivers\PSVolAcc.sys [17/01/2011 21:42 12952]
.
Contenuto della cartella 'Scheduled Tasks'

2011-01-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]

2011-02-13 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary Utilities\initialize.exe [2010-11-30 09:47]

2011-02-13 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-05-06 20:36]

2011-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-04-27 13:32]

2011-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-04-27 13:32]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.tiscali.it/
uInternet Settings,ProxyServer = http=127.0.0.1:55152
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Massimo1\Menu Avvio\Programmi\IMVU\Run IMVU.lnk
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

AddRemove-PriceGong - c:\programmi\PriceGong\uninst.exe
AddRemove-{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1 - c:\programmi\Uniblue\DriverScanner\unins000.exe
AddRemove-{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 - c:\programmi\Uniblue\SpeedUpMyPC\unins000.exe
AddRemove-{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1 - c:\programmi\Uniblue\RegistryBooster\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-13 19:36
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"Licence0"="04F0D21-79D8-7A25-D702-433F"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(1972)
c:\windows\system32\WININET.dll
c:\progra~1\ALICET~1\SMARTB~1\SBHook.dll
c:\windows\system32\AcSignIcon.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\programmi\File comuni\Autodesk Shared\AcSignCore16.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\programmi\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\windows\system32\ConnAPI.DLL
c:\programmi\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_ita.nlr
c:\programmi\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Alwil Software\Avast5\AvastSvc.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
c:\windows\system32\nvsvc32.exe
c:\programmi\Sandboxie\SbieSvc.exe
c:\programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\programmi\TeamViewer\Version6\TeamViewer.exe
c:\programmi\TeamViewer\Version6\tv_w32.exe
c:\progra~1\ALICET~1\vendors\AliceRE\content\template\DRIVEN~1\syncer\MCCITR~1.EXE
c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
c:\windows\system32\RUNDLL32.EXE
c:\programmi\File comuni\PCSuite\Services\ServiceLayer.exe
c:\documents and settings\All Users\Dati applicazioni\U3\U3Launcher\LaunchU3.exe
c:\programmi\Alice ti aiuta\bin\mpbtn.exe
c:\programmi\Packard Bell\Software Suite\pbDevDetect.exe
c:\programmi\Alice ti aiuta\vendors\AliceRE\content\template\driven_dev\syncer\McciBrowser.exe
.
**************************************************************************
.
Ora fine scansione: 2011-02-13 19:42:45 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2011-02-13 18:42
ComboFix2.txt 2011-02-12 20:48

Pre-Run: 35.590.520.832 byte disponibili
Post-Run: 35.704.320.000 byte disponibili

- - End Of File - - CB5C058CBC7AE8EB709C91C2FD1E5ACF
r16
Inviato: Sunday, February 13, 2011 8:48:22 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Posta un log aggiornato di HijackThis.
Riscontri problemi?
massimob
Inviato: Sunday, February 13, 2011 9:23:34 PM

Rank: AiutAmico

Iscritto dal : 12/13/2005
Posts: 162
Come sempre non riesco ad entrare in internet. Faccio presente che sul mio computer ho istallato anche ubuntu, e quando lo uso, riesco ad entrare in internet e navigare normalmente.
Cosa può essere.
Cordiali saluti.
Ho allegato il logfile


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:07:28, on 13/02/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Nero\Update\NASvc.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\Programmi\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe
C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
C:\Programmi\Macrium\Reflect\ReflectService.exe
C:\Programmi\Sandboxie\SbieSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALICET~1\vendors\AliceRE\content\template\DRIVEN~1\syncer\MCCITR~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Programmi\TeamViewer\Version6\TeamViewer_Service.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Programmi\QuickTime\QTTask.exe
C:\Programmi\Alwil Software\Avast5\avastUI.exe
C:\Programmi\Packard Bell\Software Suite\PBSoftSuite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Dati applicazioni\U3\U3Launcher\LaunchU3.exe
C:\Programmi\Panda USB Vaccine\USBVaccine.exe
C:\Programmi\TeamViewer\Version6\TeamViewer.exe
C:\PROGRA~1\Fun4IM\Bandoo.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\Programmi\TeamViewer\Version6\tv_w32.exe
C:\Programmi\Packard Bell\Software Suite\pbDevDetect.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\explorer.exe
D:\Protezione\AUP_Hijack\PortableApps\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:55152
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Programmi\uTorrentBar_IT\tbuTor.dll
R3 - URLSearchHook: ilcorsaronero Toolbar - {f4035115-6152-4901-a81d-f4e0a0479615} - C:\Programmi\ilcorsaronero\prxtbilco.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Programmi\uTorrentBar_IT\tbuTor.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ilcorsaronero - {f4035115-6152-4901-a81d-f4e0a0479615} - C:\Programmi\ilcorsaronero\prxtbilco.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Programmi\uTorrentBar_IT\tbuTor.dll
O3 - Toolbar: ilcorsaronero Toolbar - {f4035115-6152-4901-a81d-f4e0a0479615} - C:\Programmi\ilcorsaronero\prxtbilco.dll
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [AliceRE_McciTrayApp] C:\PROGRA~1\ALICET~1\vendors\AliceRE\content\template\DRIVEN~1\syncer\MCCITR~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast5] "C:\Programmi\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Programmi\Packard Bell\Software Suite\PBSoftSuite.exe" /run
O4 - HKCU\..\Run: [Software Suite] "C:\Programmi\Packard Bell\Software Suite\PBSoftSuite.exe" /RUN
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: LaunchU3.exe.lnk = ?
O4 - Startup: PandaUSBVaccine.lnk = C:\Programmi\Panda USB Vaccine\USBVaccine.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Massimo1\Menu Avvio\Programmi\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1272383408734
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9D1EF3A-1327-4CC5-B3FE-82323DEF3DD7}: NameServer = 85.37.17.17 85.38.28.72
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\fun4im\bndhook.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Fun4IM Coordinator - Bandoo Media Inc. - C:\PROGRA~1\Fun4IM\Bandoo.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: @C:\Programmi\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Programmi\Nero\Update\NASvc.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PowerSave Service (PowerSave) - Packard Bell Services - C:\Programmi\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Programmi\Macrium\Reflect\ReflectService.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Programmi\Sandboxie\SbieSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Programmi\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 11775 bytes
r16
Inviato: Sunday, February 13, 2011 10:10:47 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Scarica TFC by OldTimer sul desktop
http://oldtimer.geekstogo.com/TFC.exe
chiudi tutti i programmi
avvia TFC, clicca su "start"
al termine della scansione ti chiederà il riavvio, dai ok.

Per eliminare i vari Tooll scaricati:
Scarica OTC by OldTimer sul desktop:
http://oldtimer.geekstogo.com/OTC.exe
doppio clic per eseguirlo
Clicca su CleanUp.
Ti chiederà di riavviare il pc.
Clicca sì.

Avvia hijackthis, metti la spunta alle voci che andrò ad elencarti e con tutte le applicazioni chiuse e disconnesso da Internet,premi su "fix checked":
Commenta:
R3 - URLSearchHook: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Programmi\uTorrentBar_IT\tbuTor.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Programmi\uTorrentBar_IT\tbuTor.dll
O3 - Toolbar: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Programmi\uTorrentBar_IT\tbuTor.dll
O3 - Toolbar: ilcorsaronero Toolbar - {f4035115-6152-4901-a81d-f4e0a0479615} - C:\Programmi\ilcorsaronero\prxtbilco.dll
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Massimo1\Menu Avvio\Programmi\IMVU\Run IMVU.lnk (file missing)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O20 - AppInit_DLLs: c:\progra~1\fun4im\bndhook.dll


Dai una pulita (registro compreso)con CCleaner http://www.aiutamici.com/software?ID=11223
Riavvia il pc.

Per la connessione, prova così:

Start\ pannello di controllo\ connessioni di rete
clicca con il tasto destro del mouse sulla tua connessione.
seleziona proprietà.
doppio click su "Protocollo Internet(TCP/IP)
metti la spunta a "ottieni indirizzo server DNS automaticamente".
Clicca OK.
Riavvia il pc.

Se non funziona:

Apri Internet Explorer.
Clicca su: Strumenti"
Opzioni Internet.
Connessioni.
Impostazioni LAN

Sotto: "Server proxy"
Togli la spunta a:
"utilizza un server proxy per le connessioni lan".

Clicca OK.
Riavvia il pc.

In questo modo,Internet Explorer dovrebbe funzionare.


massimob
Inviato: Monday, February 14, 2011 12:22:23 AM

Rank: AiutAmico

Iscritto dal : 12/13/2005
Posts: 162
Grazie r16, tutto OK.
Saluti a tutti
Massimo
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.