log di malware-bytes:
Malwarebytes' Anti-Malware 1.33
Versione del database: 1714
Windows 5.1.2600 Service Pack 3
02/02/2009 14.52.48
mbam-log-2009-02-02 (14-52-32).txt
Tipo di scansione: Scansione completa (C:\|D:\|)
Elementi scansionati: 157586
Tempo trascorso: 1 hour(s), 5 minute(s), 33 second(s)
Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 2
Valori di registro infetti: 1
Elementi dato del registro infetti: 0
Cartelle infette: 2
File infetti: 7
Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)
Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)
Chiavi di registro infette:
HKEY_CLASSES_ROOT\homeview (Trojan.DNSChanger) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> No action taken.
Valori di registro infetti:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> No action taken.
Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)
Cartelle infette:
D:\WINDOWS\system32\drivers\down (Trojan.Downloader) -> No action taken.
D:\Documents and Settings\Joe\Dati applicazioni\m (Trojan.Agent) -> No action taken.
File infetti:
D:\Documents and Settings\Joe\Dati applicazioni\m\data.oct (Trojan.Agent) -> No action taken.
D:\Documents and Settings\Joe\Dati applicazioni\m\list.oct (Trojan.Agent) -> No action taken.
D:\Documents and Settings\Joe\Dati applicazioni\m\srvlist.oct (Trojan.Agent) -> No action taken.
D:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> No action taken.
D:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> No action taken.
D:\Documents and Settings\Joe\Dati applicazioni\m\flec006.exe (Trojan.Agent) -> No action taken.
D:\Documents and Settings\Joe\Dati applicazioni\drivers\winupgro.exe (Trojan.Agent) -> No action taken.
Come hai consigliato te non ho eliminato i file infetti
Log di combofix:
ComboFix 09-02-01.01 - Joe 2009-02-02 15:59:41.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.1023.747 [GMT 1:00]
Eseguito da: d:\documents and settings\Joe\Desktop\abc.exe
AV: avast! antivirus 4.8.1296 [VPS 090201-0] *On-access scanning disabled* (Updated)
* Creato nuovo punto di ripristino
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
ADS - WINDOWS: deleted 24 bytes in 1 streams. ((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\InfoSat.txt
d:\documents and settings\Joe\Dati applicazioni\drivers\downld
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1050031.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1050703.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1051265.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1056609.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1057593.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1058031.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1060625.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1061625.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1075296.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1077609.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1078984.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1080609.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1081828.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1082406.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1083359.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1084421.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1084906.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\112609.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\113546.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\113562.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1190250.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1191031.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1191312.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1195890.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1209640.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1211453.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\1211937.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\122875.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\124000.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\124453.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\130218.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\130593.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\130843.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\134781.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\138578.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\138843.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\140328.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\142796.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\143546.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\154796.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\155703.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\156218.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\177609.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\177765.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\198500.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\198828.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\199109.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\213750.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\218296.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\218875.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\246968.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\247484.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\247765.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\252265.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\252828.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\253109.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\255437.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\256296.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\256515.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\269859.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\270171.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\270406.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\274937.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\275875.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\276078.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\278421.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\279312.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\279781.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\328296.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\329625.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\330156.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\331140.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\332156.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\333343.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\334515.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\334921.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\334953.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\335187.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\335609.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\335859.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\349343.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\351187.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\351468.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\351609.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\353156.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\353953.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\354921.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\356093.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\357046.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\358593.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\359078.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\359343.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\361359.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\365203.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\365750.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\371203.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\371875.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\372406.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\400250.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\400765.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\400859.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\409062.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\409312.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\409328.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\414734.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\425000.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\426343.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\427375.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\463609.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\464500.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\465109.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\480921.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\482171.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\484906.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\494984.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\495171.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\495250.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\495500.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\495515.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\497656.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\498500.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\498859.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\516312.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\526906.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\527500.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\578531.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\580578.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\581468.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\582109.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\582734.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\583890.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\585796.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\586312.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\586625.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\597421.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\598578.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\598984.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\626296.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\626765.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\626937.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\648390.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\649031.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\649437.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\689765.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\691484.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\692390.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\959859.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\967437.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\967687.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\downld\967734.exe
d:\documents and settings\Joe\Dati applicazioni\drivers\srosa2.sys
d:\documents and settings\Joe\Dati applicazioni\drivers\wfsintwq.sys
d:\documents and settings\Joe\Dati applicazioni\drivers\winupgro.exe
d:\documents and settings\Joe\Dati applicazioni\m
d:\documents and settings\Joe\Dati applicazioni\m\data.oct
d:\documents and settings\Joe\Dati applicazioni\m\flec006.exe
d:\documents and settings\Joe\Dati applicazioni\m\list.oct
d:\documents and settings\Joe\Dati applicazioni\m\shared\.Winrar.v3.42.Tr.Nod32.v2.12.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\[HGame_XP][AVG][jpn_jpn][ã„ãŸã„ã‘ãªå½¼å¥³][Game.Disc].zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\[Mcafee.VirusScan.Plus.2007.简体ä¸æ–‡ç‰ˆ].mcafee2007.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\190-531 - Administering Lotus QuickPlace 3 Practice Exam Questions 1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\ABest MOV Video Converter 6.17.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Abscissa.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Acids & Bases - The Ritzytown Water Proj 2.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\ActivityRecording 1.9.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Adblock Filterset.G Updater 0.3.1.3.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Advanced Bookmark Search 0.3.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\AIM2Fone 2.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\All Recorder 3.3.5.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Allok MPEG4 Converter 5.1.0925.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\America 2.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\AnimeVision 0.6.5 buid 1820.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\APP.ITA.-.Panda.Platinum.Internet.Security.2006.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Auto Web View Screensaver 4.00.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Avira Premium Security Suite 8.2.0.251.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Barcode ActiveX Control 4.7.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Baseball Statistic Calculator 2.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\BatchCCEWS 0.9.1.6 Final.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\BBC Asian Network Radio 1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Big Stretch 0.2.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Bitdefender.Professional.Plus.v8.0.Crack.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Camping Memories Screen Saver Collection 2.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Car Book Plus 5.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\CatalogBlog 2.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Categorizing Data for Excel 2.3.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Classroom Timer 1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Clipboard Assistant 1.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Complimentary $100 Seafood Dinner 1.12.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Cookie Crumble 1.0.2510.42108.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Cranberry Gin 1.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Cute Password Manager 2008 1.3.9.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\CXY 2.1.40.77.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Daniusoft DVD to 3GP Converter 1.3.29.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\DatabaseToDoc 2.4.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Dead Pixel Tester 2.30.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Drive Doppler 1.31.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Easymenu 2.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\eduCam! 1.9.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Emsa Web monitor 1.0.21.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Ewisoft Template Builder 1.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Exif Date Changer 1.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\EyeDefender 1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Fast smarty harvester 1.2.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\File Assembler 1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\File Identifier 1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\FileWatcher 2.5.4.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Flexsite 2.8e.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Flickr Photo Search 1.01.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Flower Tower 3D Nokia n73 240x320.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\foo dsp continuator 0.5.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\FRAMER 3.3.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\GMT Clock 1.31.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Great Stella 4.1.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Groovy backgrounds 12.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\HtmlTree Plug-in 1.4.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\IdeaSling RSS Reader 2.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\IET Discover Plugin (Firefox Edition) 1.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Inno7zip 1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\inSpeak Communicator 4.2.0 Build 477.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Intelliscore Polyphonic WAV to MIDI Converter 7.2.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\iPod Access Photo 1.6.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\ItelPop 1.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Jaguar XK120 Screensaver 1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\JPEE Email Utility Lite 5.3.4.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Kernel Palm PDB 4.03.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Ligos Indeo Codec 5.11.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\ListRenamer 1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\localTrezor 1.0.8.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Maid Of The Wave Theme.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\McAfee.SpamKiller.v4.0.47.1.Retail-ACME.ShareReactor.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\McAfee.Spamkiller.v7.0.14.Retail-ZWT.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Mighty Ticker 1.1.4.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Millionaire 1.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\MMup 1.0.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Mortgages+ 1.2.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\NOD32_Antivirus_System_v2.70.23_Full.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\OakDoc PS to PDF Converter Command Line 2.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\OggCarton for Linux 1.0 Beta.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Page Popup Maker 2.1.2.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\PaintingAll Paul Cezanne Screensaver 1.1.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Palm Coast Screensaver 1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\PDFsearcher 1.1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Pepinator Vocabulary Trainer 1.0.8.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Perfgraph 2.0.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Photo Slideshow Builder 3.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Picture Magnifier 1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\PictureGirdle 2.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Plato DVD iPod Ripper 7.85.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\ProcessActivityView 1.05.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Project64 1.6.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Qlick 1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Quick Macros 2.2.1.3 Beta.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\ReSieve 2.0.37.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Rotate Image 0.1.3.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\ShopWiki Form Filler Assistant 1.20.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Siemens Mobile Control 2.2.8.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\SimVector 4.22 Build 422001.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\SizeFixer SRL 1.2.2.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\spider-man_3_s60v2_multilang_gioco_giochi_Java_Nokia_6600_7610_6630_3650_3660_66803_.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\SQL Assistant 1.0.70.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Stock Photo Assistant 1.3.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Stormpay Shopping Cart 1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Sundi 1.060.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Symantec.Norton.Personal.Firewall.2005.Full.(Spanish-Español).Keygen.By.Charly-Team.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Systerac XP Tools 4.02.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Tasks Reminder 1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\The Easy Bee 3.1.4.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Tinnes Desktop Calendar 0.42b.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Traditional Chinese ClearType Fonts.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Troi Activator Plug-in 2.0.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\TwinSeek 1.2.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Ultra trigger FX Pro 1.000.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\URL Suffix 0.3.3.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\UseBestMail Personal Edition 1.0.1.4.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Visendo popConnect 6.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Voxelsoft HIDE 1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Voxengo LF-Punch 1.4.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\WIDI Recognition System Professional 3.3.2 Build 588.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\Wikipedia Lookup Extension 0.3.1.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\YahooTaster 1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\ZakatCalculater 1.0.zip
d:\documents and settings\Joe\Dati applicazioni\m\shared\ZipTools 1.2.zip
d:\documents and settings\Joe\Dati applicazioni\m\srvlist.oct
d:\programmi\MSN Messenger\msnmsgr.exe
d:\windows\system32\43upd.dll
d:\windows\system32\44upd.dll
d:\windows\system32\45upd.dll
d:\windows\system32\46upd.dll
d:\windows\system32\ban_list.txt
d:\windows\system32\drivers\down
d:\windows\system32\mdelk.exe
d:\windows\system32\wintems.exe
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SK9OU0S
-------\Service_sK9Ou0s
((((((((((((((((((((((((( Files Creati Da 2009-01-02 al 2009-02-02 )))))))))))))))))))))))))))))))))))
.
2009-02-02 13:45 . 2009-02-02 13:45 <DIR> d-------- d:\programmi\Malwarebytes' Anti-Malware
2009-02-02 13:45 . 2009-01-14 16:11 38,496 --a------ d:\windows\system32\drivers\mbamswissarmy.sys
2009-02-02 13:45 . 2009-01-14 16:11 15,504 --a------ d:\windows\system32\drivers\mbam.sys
2009-02-02 12:43 . 2009-02-02 12:47 <DIR> d-------- d:\programmi\FindyKill
2009-02-02 11:52 . 2009-02-02 16:01 <DIR> d--h----- d:\documents and settings\Joe\Dati applicazioni\drivers
2009-02-02 11:46 . 2008-08-30 12:11 40,960 --a------ d:\windows\system32\drivers\VIRAGTLT.SYS
2009-02-01 09:37 . 2009-02-01 09:50 <DIR> d-------- d:\documents and settings\Franco\Dati applicazioni\MEGAUPLOADTOOLBAR
2009-02-01 09:37 . 2009-02-01 09:47 <DIR> d-------- d:\documents and settings\Franco\Dati applicazioni\EmailNotifier
2009-01-31 21:14 . 2001-08-30 20:41 12,160 --a------ d:\windows\system32\drivers\mouhid.sys
2009-01-31 21:14 . 2001-08-30 20:41 12,160 --a------ d:\windows\system32\dllcache\mouhid.sys
2009-01-31 21:14 . 2008-04-13 19:45 10,368 --a------ d:\windows\system32\drivers\hidusb.sys
2009-01-31 21:14 . 2008-04-13 19:45 10,368 --a------ d:\windows\system32\dllcache\hidusb.sys
2009-01-26 20:44 . 2009-01-26 20:44 <DIR> d-------- d:\documents and settings\Joe\Dati applicazioni\MozillaControl
2009-01-26 20:40 . 2009-01-26 20:40 <DIR> d-------- d:\windows\'Full Speed' Internet Booster + Performance Tests
2009-01-26 20:40 . 2009-01-26 20:41 <DIR> d-------- d:\programmi\'Full Speed' Internet Booster + Performance Tests
2009-01-26 13:40 . 2009-01-26 13:40 <DIR> d-------- d:\documents and settings\Joe\Dati applicazioni\Malwarebytes
2009-01-26 13:40 . 2009-01-26 13:40 <DIR> d-------- d:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-01-25 13:48 . 2009-01-25 13:48 50 --a------ d:\windows\MegaManager.INI
2009-01-25 13:07 . 2009-01-25 13:07 <DIR> d-------- d:\programmi\Microsoft Silverlight
2009-01-24 14:00 . 2009-01-24 14:03 <DIR> d-------- d:\programmi\MegauploadToolbar
2009-01-24 14:00 . 2009-02-02 15:51 <DIR> d-------- d:\documents and settings\Joe\Dati applicazioni\MegauploadToolbar
2009-01-24 14:00 . 2009-01-24 14:00 <DIR> d-------- d:\documents and settings\Joe\Dati applicazioni\Megaupload
2009-01-24 14:00 . 2009-01-24 14:00 <DIR> d-------- d:\documents and settings\Joe\Dati applicazioni\EmailNotifier
2009-01-24 14:00 . 2009-01-24 14:00 <DIR> d-------- d:\documents and settings\All Users\Dati applicazioni\Megaupload
2009-01-24 14:00 . 2009-01-24 14:00 <DIR> d-------- d:\documents and settings\All Users\Dati applicazioni\EmailNotifier
2009-01-22 14:48 . 2009-01-22 14:48 <DIR> d-------- d:\documents and settings\All Users\Dati applicazioni\NCH Software
2009-01-22 14:47 . 2009-01-22 14:47 <DIR> d-------- d:\programmi\NCH Software
2009-01-18 20:14 . 2009-01-18 20:14 268 --ah----- D:\sqmdata19.sqm
2009-01-18 20:14 . 2009-01-18 20:14 244 --ah----- D:\sqmnoopt19.sqm
2009-01-14 20:33 . 2009-01-14 20:33 268 --ah----- D:\sqmdata18.sqm
2009-01-14 20:33 . 2009-01-14 20:33 244 --ah----- D:\sqmnoopt18.sqm
2009-01-14 15:22 . 2009-01-14 15:22 268 --ah----- D:\sqmdata17.sqm
2009-01-14 15:22 . 2009-01-14 15:22 244 --ah----- D:\sqmnoopt17.sqm
2009-01-14 13:28 . 2009-01-14 13:28 584 --a------ d:\windows\imsins.BAK
2009-01-14 13:25 . 2008-06-20 18:46 247,296 --------- d:\windows\system32\dllcache\mswsock.dll
2009-01-14 13:25 . 2008-06-20 12:08 225,856 --------- d:\windows\system32\dllcache\tcpip6.sys
2009-01-14 13:25 . 2008-06-20 18:46 147,968 --------- d:\windows\system32\dllcache\dnsapi.dll
2009-01-13 21:04 . 2009-01-13 21:04 268 --ah----- D:\sqmdata16.sqm
2009-01-13 21:04 . 2009-01-13 21:04 244 --ah----- D:\sqmnoopt16.sqm
2009-01-12 21:08 . 2009-01-12 21:08 268 --ah----- D:\sqmdata15.sqm
2009-01-12 21:08 . 2009-01-12 21:08 244 --ah----- D:\sqmnoopt15.sqm
2009-01-12 20:52 . 2009-01-12 20:53 <DIR> d-------- d:\programmi\uTorrent
2009-01-12 20:43 . 2008-06-20 12:51 361,600 --a------ d:\windows\system32\dllcache\tcpip.sys
2009-01-12 20:43 . 2009-01-12 20:43 361,344 --a------ d:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
2009-01-12 20:17 . 2009-01-12 20:17 268 --ah----- D:\sqmdata14.sqm
2009-01-12 20:17 . 2009-01-12 20:17 244 --ah----- D:\sqmnoopt14.sqm
2009-01-12 14:56 . 2009-01-12 14:56 268 --ah----- D:\sqmdata13.sqm
2009-01-12 14:56 . 2009-01-12 14:56 244 --ah----- D:\sqmnoopt13.sqm
2009-01-12 14:37 . 2009-01-12 14:37 268 --ah----- D:\sqmdata12.sqm
2009-01-12 14:37 . 2009-01-12 14:37 244 --ah----- D:\sqmnoopt12.sqm
2009-01-10 22:18 . 2009-01-26 11:50 <DIR> d-------- d:\documents and settings\Joe\Dati applicazioni\FrostWire
2009-01-10 22:16 . 2009-01-10 22:18 <DIR> d-------- d:\programmi\FrostWire
2009-01-10 22:16 . 2009-01-10 22:16 <DIR> d-------- d:\programmi\AskBarDis
2009-01-10 21:27 . 2009-01-10 21:27 547,840 --a------ d:\windows\system32\wiaaut.dll
2009-01-10 21:27 . 2009-01-10 21:27 108,336 --a------ d:\windows\system32\Mswinsck.ocx
2009-01-10 21:27 . 2009-01-10 21:27 102,400 --a------ d:\windows\system32\DinkITXPUIMenus.ocx
2009-01-10 21:27 . 2009-01-10 21:27 65,536 --a------ d:\windows\system32\EnhSliderOcx.ocx
2009-01-10 21:27 . 2009-01-10 21:27 64,000 --a------ d:\windows\system32\wiaaut.oca
2009-01-09 14:47 . 2009-01-26 11:50 <DIR> d-------- d:\documents and settings\Joe\Incomplete
2009-01-09 14:46 . 2009-01-10 22:16 <DIR> d-------- d:\programmi\LimeWire
2009-01-09 14:46 . 2009-01-10 22:07 <DIR> d-------- d:\documents and settings\Joe\Dati applicazioni\LimeWire
2009-01-08 20:09 . 2009-01-08 20:09 410,984 --a------ d:\windows\system32\deploytk.dll
2009-01-08 20:09 . 2009-01-08 20:09 73,728 --a------ d:\windows\system32\javacpl.cpl
2009-01-08 19:02 . 2009-01-08 19:02 <DIR> d-------- d:\programmi\MP3SPLITTER
2009-01-08 19:02 . 2009-01-13 14:39 <DIR> d-------- d:\documents and settings\Joe\Dati applicazioni\uTorrent
2009-01-06 16:48 . 2009-01-06 16:48 <DIR> d-------- d:\documents and settings\All Users\Dati applicazioni\TVU Networks
2009-01-06 13:15 . 2009-01-08 19:02 <DIR> d-------- d:\programmi\mp3DirectCut
2009-01-05 15:28 . 2009-01-08 19:02 <DIR> d-------- d:\documents and settings\Joe\Dati applicazioni\uTorrent(2)
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-02 15:01 --------- d-----w d:\programmi\MSN Messenger
2009-02-02 11:51 --------- d-----w d:\programmi\VEXPLITE
2009-02-02 10:53 --------- d-----w d:\programmi\eMule
2009-01-24 12:59 --------- d--h--w d:\programmi\InstallShield Installation Information
2009-01-22 13:46 --------- d-----w d:\programmi\NCH Swift Sound
2009-01-14 12:29 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-01-01 17:55 --------- d-----w d:\programmi\Java
2008-12-23 11:38 --------- d-----w d:\documents and settings\Franco\Dati applicazioni\DivX
2008-12-17 19:29 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\FLEXnet
2008-12-17 19:26 --------- d-----w d:\programmi\File comuni\Adobe
2008-12-17 19:26 --------- d-----w d:\programmi\Bonjour
2008-12-17 19:18 --------- d-----w d:\programmi\File comuni\Macrovision Shared
2008-12-17 19:11 --------- d-----w d:\programmi\Adobe CS3
2008-12-17 09:36 --------- d-----w d:\programmi\SlySoft
2008-12-14 12:32 --------- d-----w d:\documents and settings\Joe\Dati applicazioni\Any Video Converter Professional
2008-12-14 12:27 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\SlySoft
2008-12-13 12:44 --------- d-----w d:\documents and settings\Franco\Dati applicazioni\Search Settings
2008-12-13 12:31 --------- d-----w d:\programmi\MSBuild
2008-12-13 12:31 --------- d-----w d:\programmi\Microsoft Works
2008-12-13 12:30 --------- d-----w d:\programmi\Microsoft.NET
2008-12-13 12:28 --------- d-----w d:\programmi\Microsoft Visual Studio 8
2008-12-13 10:34 --------- d-----w d:\programmi\Free Audio Pack
2008-12-13 10:32 --------- d-----w d:\programmi\Search Settings
2008-12-13 10:32 --------- d-----w d:\documents and settings\Joe\Dati applicazioni\Search Settings
2008-12-12 11:23 81,920 ----a-w d:\documents and settings\Joe\Dati applicazioni\ezpinst.exe
2008-12-12 11:23 47,360 ----a-w d:\windows\system32\drivers\pcouffin.sys
2008-12-12 11:23 47,360 ----a-w d:\documents and settings\Joe\Dati applicazioni\pcouffin.sys
2008-12-12 11:23 --------- d-----w d:\programmi\Video Convert Master
2008-12-12 11:23 --------- d-----w d:\documents and settings\Joe\Dati applicazioni\Vso
2008-12-12 11:03 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Office Genuine Advantage
2008-12-11 10:57 333,952 ----a-w d:\windows\system32\drivers\srv.sys
2008-12-10 19:06 --------- d-----w d:\documents and settings\Joe\Dati applicazioni\NCH Swift Sound
2008-12-10 19:06 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\NCH Swift Sound
2008-12-10 17:55 --------- d-----w d:\programmi\File comuni\AVSMedia
2008-12-10 13:52 --------- d-----w d:\documents and settings\Joe\Dati applicazioni\AVS4YOU
2008-12-10 13:52 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\AVS4YOU
2008-12-10 13:25 --------- d-----w d:\programmi\File comuni\Java
2008-12-10 11:37 --------- d-----w d:\programmi\Fellowes
2008-12-10 11:37 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\Fellowes
2008-12-10 11:34 --------- d-----w d:\programmi\EPSON
2008-12-10 11:33 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\EPSON
2008-12-10 11:27 --------- d-----w d:\programmi\File comuni\InstallShield
2008-12-10 11:25 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\UDL
2008-12-07 22:59 --------- d---a-w d:\documents and settings\All Users\Dati applicazioni\TEMP
2008-12-05 10:10 --------- d-----w d:\programmi\GSpot
2008-12-04 22:17 --------- d-----w d:\programmi\IObit
2008-12-04 21:30 --------- d-----w d:\programmi\VideoLAN
2008-12-04 20:32 --------- d-----w d:\programmi\Trend Micro
2008-12-04 13:25 --------- d-----w d:\programmi\NOS
2008-12-04 13:25 --------- d-----w d:\documents and settings\All Users\Dati applicazioni\NOS
2008-12-04 09:58 --------- d-----w d:\programmi\Total Video Converter
2008-12-03 20:17 167,424 ----a-w d:\windows\system32\SpoonUninstall.exe
2008-12-03 20:16 67,584 ----a-w d:\windows\system32\xanalyze.dll
2008-12-03 20:16 --------- d-----w d:\programmi\Illustrate
2008-12-03 19:06 --------- d-----w d:\documents and settings\Joe\Dati applicazioni\Media Player Classic
2008-11-24 14:32 57,344 ----a-w d:\windows\system32\ff_vfw.dll
2006-10-11 08:04 61,036 ----a-w d:\programmi\mozilla firefox\components\jar50.dll
2006-10-11 08:04 48,742 ----a-w d:\programmi\mozilla firefox\components\jsd3250.dll
2006-10-11 08:05 29,313 ----a-w d:\programmi\mozilla firefox\components\myspell.dll
2006-10-11 08:05 41,082 ----a-w d:\programmi\mozilla firefox\components\spellchk.dll
2006-10-11 08:04 166,510 ----a-w d:\programmi\mozilla firefox\components\xpinstal.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}]
2008-08-04 21:44 1947080 --a------ d:\programmi\MegauploadToolbar\megauploadtoolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A057A204-BACC-4D26-C39E-35F1D2A32EC8}"= "d:\programmi\MegauploadToolbar\megauploadtoolbar.dll" [2008-08-04 1947080]
[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-c39e-35f1d2a32ec8}]
[HKEY_CLASSES_ROOT\megauploadtoolbar.MEGAUPLOADTOOLBAR]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A057A204-BACC-4D26-C39E-35F1D2A32EC8}"= "d:\programmi\MegauploadToolbar\megauploadtoolbar.dll" [2008-08-04 1947080]
[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-c39e-35f1d2a32ec8}]
[HKEY_CLASSES_ROOT\megauploadtoolbar.MEGAUPLOADTOOLBAR]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SmartRAM"="d:\programmi\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2008-11-06 202256]
"Advanced SystemCare 3"="d:\programmi\IObit\Advanced SystemCare 3\AWC.exe" [2008-11-26 2235920]
"EPSON Stylus DX6000 Series"="d:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE" [2006-09-22 139264]
"MSMSGS"="d:\programmi\Messenger\msmsgs.exe" [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CnxDslTaskBar"="d:\programmi\Conexant\AccessRunner ADSL\CnxDslTb.exe" [2003-10-29 462848]
"SystemProtect"="d:\programmi\System Protect\SysProtect_Tray.exe" [2008-11-17 1223680]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-02 81000]
"Adobe Reader Speed Launcher"="d:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"MediaFace Integration"="d:\programmi\Fellowes\MediaFACE 4.2\SetHook.exe" [2005-03-28 53248]
"SunJavaUpdateSched"="d:\programmi\Java\jre6\bin\jusched.exe" [2009-01-08 136600]
"SearchSettings"="d:\programmi\Search Settings\SearchSettings.exe" [2008-06-12 991584]
"GrooveMonitor"="d:\programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2008-10-16 d:\windows\system32\advpack.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Lanterna\\Lantmirc.exe"=
"d:\\Programmi\\MSN Messenger\\livecall.exe"=
"d:\\Programmi\\eMule\\emule.exe"=
"d:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"d:\\Programmi\\uTorrent\\uTorrent.exe"=
R0 d344bus;d344bus;d:\windows\system32\drivers\d344bus.sys [2008-11-17 137216]
R0 d344prt;d344prt;d:\windows\system32\drivers\d344prt.sys [2008-11-17 5248]
R0 VIRAGTLT;VIRAGTLT;d:\windows\system32\drivers\VIRAGTLT.SYS [2009-02-02 40960]
R2 SP_Service;System Protect Deletion Prevention Service;d:\programmi\System Protect\SysProtect_srv.exe [2008-11-17 598528]
R3 ACSSCR;ACR38 Smart Card Reader;d:\windows\system32\drivers\a38usb.sys [2006-03-24 33536]
R3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver;d:\windows\system32\drivers\CnxEtP.sys [2008-11-17 60288]
R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;d:\windows\system32\drivers\CnxEtU.sys [2008-11-17 646784]
R3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver;d:\windows\system32\drivers\CnxTgN.sys [2008-11-17 108675]
R3 sp_prot;System Protect Filter Driver;d:\windows\system32\drivers\sp_prot.sys [2008-11-17 12288]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;d:\windows\system32\DRIVERS\aswFsBlk.sys --> d:\windows\system32\DRIVERS\aswFsBlk.sys [?]
S2 viritsvclite;Virit eXplorer Lite;d:\programmi\VEXPLITE\VIRITSVC.EXE [2006-02-24 57344]
S3 Ndisprot;ArcNet NDIS Protocol Driver;d:\windows\system32\drivers\ndisprot.sys [2008-11-21 27904]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - d:\programmi\AskBarDis\bar\bin\askBar.dll
Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - d:\programmi\AskBarDis\bar\bin\askBar.dll
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - d:\programmi\AskBarDis\bar\bin\askBar.dll
HKCU-Run-msnmsgr - d:\programmi\MSN Messenger\msnmsgr.exe
HKLM-Run-VIRIT LITE MONITOR - d:\vexplite\MONLITE.EXE
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Settings,ProxyOverride = *.local
IE: E&sporta in Microsoft Excel - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Scarica link utilizzando Mega Manager...
FF - ProfilePath - d:\documents and settings\Joe\Dati applicazioni\Mozilla\Firefox\Profiles\hzxwmart.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?o=101677&l=dis
FF - prefs.js: keyword.URL - hxxp://it.search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - component: d:\programmi\Mozilla Firefox\components\xpinstal.dll
FF - component: d:\programmi\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll
FF - component: d:\programmi\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll
FF - component: d:\programmi\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-02-02 16:05:28
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
------------------------ Altri processi in esecuzione ------------------------
.
d:\windows\system32\scardsvr.exe
d:\programmi\Bonjour\mDNSResponder.exe
d:\programmi\Java\jre6\bin\jqs.exe
d:\programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
d:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2009-02-02 16:08:06 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-02-02 15:08:04
Pre-Run: 17,346,256,896 byte disponibili
Post-Run: 17,422,716,928 byte disponibili
556 --- E O F --- 2009-01-14 12:29:23
Report di combofix:
Non li trovo... non c sono nella cartella qoobox