Problema Configurazione di ripristino - Sicurezza VIRUS - Aiutamici Forum

Aiutamici Forum

Benvenuto Ospite

Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Problema Configurazione di ripristino

2 pages: [1] 2

Problema Configurazione di ripristino

Opzioni

Topic Precedente · Topic Sucessivo

superman91

Inviato: Monday, June 15, 2009 10:15:40 PM

Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105

Salve ho un problema con il mio pc, da un giorno all'altro noto che le configurazion idi ripristino non ci sono più, infatti se vado su accessori e vado su ripristino configurazione di sistema i restore non ci sono più sono scomparsi.

Ho provato anche con Revo Unistaller che quando disinstalli un software ti crea in automatico il punto di ripristino, ma niente da fare mi da il messaggio di fallimento.

Sapreste aiutarmi?

Sponsor

Inviato: Monday, June 15, 2009 10:15:40 PM

r16

Inviato: Monday, June 15, 2009 11:04:15 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Ciao.
Proviamo a vedere se ci sono virus:
Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.aiutamici.com/software?id=80346
Prima di fare la scansione AGGIORNALO. (è molto importante)
Esegui una scansione completa del sistema.
Posta il log.
E già che ci sei, posta anche un log di HJT.

superman91

Inviato: Monday, June 15, 2009 11:36:39 PM

Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105

LOg HiJackThis, la scansione l'avevo fatta e ha trovato qualche virus....eliminato..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:35:40, on 15.06.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21045)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\crypserv.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\Programmi\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb02.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Programmi\eMule\emule.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.smsveloce.it/ricerca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programmi\Orbitdownloader\orbitcth.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IeMonitorBho Class - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Programmi\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programmi\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programmi\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb02.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Clean Traces - C:\Programmi\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download with &DAP - C:\Programmi\DAP\dapextie.htm
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Append the content of the link to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Append the content of the selected links to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Append to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Create PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF file from the content of the link - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF files from the selected links - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download &all with DAP - C:\Programmi\DAP\dapextie2.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Programmi\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1191420098671
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1123705518796
O16 - DPF: {6e32070a-766d-4ee6-879c-dc1fa91d2fc3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139406804265
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 11019 bytes

r16

Inviato: Tuesday, June 16, 2009 12:01:29 AM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Ciao.
Se non ti dispiace, vorrei vederli i log, anche per rendermi conto di che tipo di virus si trattava.

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Scarica Combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Salvalo sul desktop.
Doppio click su combofix.exe (comparirà una videata.)
Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.
E' probabile che ti siano inviati messaggi dall'antivirus, tu ignorali.
Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.

Altra cosa:
Usi una stampante Hewlett-Packard ?
Dal log di HJT, non vedo l'antivirus attivo.
Funziona bene?
Esegue gli aggiornamenti?
Riscontri altri problemi, oltre a quello citato? (del ripristino)

superman91

Inviato: Tuesday, June 16, 2009 1:48:55 AM

Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105

ComboFix 09-06-15.04 - Administrator 16.06.2009 1:29.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.702.344 [GMT 2:00]
Eseguito da: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Impostazioni locali\Temporary Internet Files\ijjistarter_verinfo.dat
c:\windows\system32\drivers\SKYNETkuxjmvnr.sys
c:\windows\system32\SKYNETghhtnruf.dat
c:\windows\system32\SKYNETiepeudhv.dat
c:\windows\system32\SKYNETkoxoynqt.dll
c:\windows\system32\SKYNETuysveogn.dll

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SKYNETdpfmrtwp

((((((((((((((((((((((((( Files Creati Da 2009-05-15 al 2009-06-15 )))))))))))))))))))))))))))))))))))
.

2009-06-15 20:08 . 2009-06-15 20:09 117760 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-06-15 20:07 . 2009-06-15 20:07 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2009-06-15 20:07 . 2009-06-15 20:07 -------- d-----w- c:\programmi\SUPERAntiSpyware
2009-06-15 20:07 . 2009-06-15 20:07 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\SUPERAntiSpyware.com
2009-06-15 20:07 . 2009-06-15 20:07 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2009-06-15 19:58 . 2009-06-15 19:58 3371383 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-06-15 18:32 . 2009-06-15 18:32 6144 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator\sp_rsdel.exe
2009-06-15 18:32 . 2009-06-15 18:32 5632 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator\fileobjinfo.sys
2009-06-15 18:32 . 2009-06-15 18:32 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-06-15 18:32 . 2009-06-15 21:45 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Spyware Terminator
2009-06-15 18:32 . 2009-06-15 19:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator
2009-06-15 18:32 . 2009-06-15 19:04 -------- d-----w- c:\programmi\Spyware Terminator
2009-06-15 15:13 . 2009-06-15 15:13 -------- d-----w- c:\documents and settings\LocalService\Menu Avvio
2009-06-15 13:46 . 2009-06-15 15:16 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\15151094
2009-06-15 11:41 . 2009-02-19 14:16 2309120 ----a-w- c:\windows\system32\pdftk.exe
2009-06-15 05:02 . 2009-06-15 05:02 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\cerasus.media
2009-06-15 04:40 . 2009-06-15 05:04 -------- d-----w- c:\programmi\Mystery Stories Berlin Nights
2009-06-15 04:09 . 2009-06-15 04:11 -------- d-----w- c:\programmi\Sky Taxi
2009-06-15 03:37 . 2009-06-15 04:06 -------- d-----w- c:\programmi\Mahjongg Ancient Mayas
2009-06-15 01:22 . 2009-06-15 01:25 -------- d-----w- c:\programmi\Setup Factory 8.0 Trial
2009-06-15 01:22 . 2009-06-15 01:22 -------- d-----w- c:\windows\Setup Factory 8.0 Trial
2009-06-12 21:46 . 2009-06-12 21:47 -------- d-----w- c:\programmi\FreeWareUpdater
2009-06-12 12:54 . 2009-06-12 12:54 971232 ----a-w- c:\windows\system32\drivers\tdrpm147.sys
2009-06-12 12:54 . 2009-06-12 12:54 540000 ----a-w- c:\windows\system32\drivers\timntr.sys
2009-06-12 12:54 . 2009-06-12 12:54 44704 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2009-06-12 12:54 . 2009-06-12 12:54 134272 ----a-w- c:\windows\system32\drivers\snman380.sys
2009-06-12 12:53 . 2009-06-12 12:53 -------- d-----w- c:\programmi\Acronis
2009-06-12 12:53 . 2009-06-12 12:53 -------- d-----w- c:\programmi\File comuni\Acronis
2009-06-12 12:39 . 2001-11-29 06:57 110592 ----a-w- c:\windows\system32\ccrpbds6.dll
2009-06-10 17:19 . 2009-06-15 19:46 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\MagicBall4
2009-06-10 08:27 . 2009-06-15 23:39 75591712 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-10 08:26 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\05165413.sys
2009-06-09 00:21 . 2009-06-09 00:22 -------- d-----w- c:\programmi\Fleshatomale RedTube Downloader
2009-06-08 11:37 . 2009-06-08 11:37 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Thinstall
2009-06-07 12:06 . 2009-06-07 12:06 -------- d-----w- C:\Movie Label Databases
2009-06-07 12:05 . 2009-06-07 12:05 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Movie Label
2009-06-07 12:05 . 2009-06-11 09:06 -------- d-----w- c:\programmi\Movie Label 2009
2009-06-05 20:50 . 2009-06-05 20:50 -------- d-----w- c:\programmi\uTorrent
2009-06-05 20:50 . 2009-06-12 23:36 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\uTorrent
2009-06-04 17:53 . 2009-06-04 17:56 -------- d-----w- c:\programmi\MegaLink
2009-06-04 17:39 . 2009-06-04 17:39 83456 ----a-w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit\DAP\SDCondition.dll
2009-06-04 17:36 . 2009-06-04 17:36 2169880 ----a-w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit\DAP\Offers\spo3.exe
2009-06-04 17:36 . 2009-06-04 17:36 3530776 ----a-w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit\DAP\Offers\VA23_DAPSO.exe
2009-06-04 17:35 . 2009-06-05 21:51 95744 ----a-w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit\DAP\Updates\Condition.dll
2009-06-04 17:34 . 2009-06-04 17:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit
2009-06-04 17:34 . 2009-06-04 17:34 50688 ----a-w- c:\windows\system32\wbhelp2.dll
2009-06-04 17:34 . 2009-06-04 17:36 -------- d-----w- c:\programmi\DAP
2009-05-31 15:47 . 2009-05-31 15:57 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\WarRockDF
2009-05-28 19:10 . 2009-05-27 17:21 34447128 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_ita_web.exe
2009-05-28 19:10 . 2009-05-28 19:10 8192 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-05-28 19:10 . 2009-05-28 19:10 61440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-05-28 19:10 . 2009-05-28 19:10 10240 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-05-20 12:19 . 2009-06-15 14:08 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-05-20 12:19 . 2009-05-20 12:21 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2009-05-17 16:35 . 2009-05-17 16:35 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\.clamwin
2009-05-17 16:35 . 2009-05-17 16:35 -------- d-----w- c:\programmi\ClamWin
2009-05-17 16:35 . 2009-05-17 16:35 -------- d-----w- c:\documents and settings\All Users\.clamwin
2009-05-17 15:45 . 2009-05-17 15:45 -------- d-----w- c:\programmi\File comuni\SWF Studio
2009-05-17 12:12 . 2009-06-08 20:40 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\MessengerDiscovery 2
2009-05-17 12:03 . 2009-05-29 16:43 -------- d-----w- c:\documents and settings\Administrator\Tracing
2009-05-17 12:01 . 2009-05-18 10:17 -------- d-----w- c:\programmi\Microsoft Silverlight
2009-05-17 12:00 . 2009-05-17 12:00 -------- d-----w- c:\programmi\Microsoft
2009-05-17 11:59 . 2009-05-17 11:59 -------- d-----w- c:\programmi\Windows Live SkyDrive
2009-05-17 11:51 . 2009-05-17 11:51 -------- d-----w- c:\programmi\File comuni\Windows Live
2009-05-17 11:01 . 2009-05-17 11:01 -------- d-----w- c:\programmi\ImageShack Corp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-15 22:09 . 2008-09-03 16:35 -------- d-----w- c:\programmi\eMule
2009-06-15 19:59 . 2009-05-13 20:10 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-06-15 19:57 . 2009-05-01 14:07 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\GameHouse
2009-06-15 19:56 . 2009-05-01 13:42 -------- d-----w- c:\programmi\RealArcade
2009-06-15 19:05 . 2008-09-07 17:59 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-06-15 15:17 . 2008-04-14 12:00 85528 ----a-w- c:\windows\system32\perfc010.dat
2009-06-15 15:17 . 2008-04-14 12:00 492826 ----a-w- c:\windows\system32\perfh010.dat
2009-06-15 15:11 . 2009-06-10 08:27 879164 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-15 05:38 . 2009-05-02 11:56 -------- d-----w- c:\programmi\Poker Superstars III
2009-06-15 01:25 . 2009-04-29 15:31 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\IndigoRose
2009-06-15 01:23 . 2009-04-29 15:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\IndigoRose
2009-06-15 01:02 . 2008-09-03 14:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-06-12 12:46 . 2008-09-03 23:08 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-06-08 18:04 . 2009-01-27 21:06 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Skype
2009-06-08 18:01 . 2009-01-27 21:08 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\skypePM
2009-06-07 17:35 . 2008-10-02 19:12 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\TeraCopy
2009-06-07 00:59 . 2008-12-13 12:12 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-05 22:21 . 2009-05-16 11:06 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Nimi
2009-06-05 10:49 . 2009-03-30 17:17 -------- d-----w- c:\programmi\Mozilla Thunderbird
2009-06-04 17:49 . 2008-09-06 09:45 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Orbit
2009-05-31 13:52 . 2008-09-06 09:45 -------- d-----w- c:\programmi\Orbitdownloader
2009-05-31 09:07 . 2008-12-13 19:57 -------- d-----w- c:\programmi\RadarSync
2009-05-31 09:06 . 2009-01-14 14:47 -------- d-----w- c:\programmi\File comuni\PCSuite
2009-05-31 09:06 . 2009-01-14 14:45 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Downloaded Installations
2009-05-31 08:11 . 2009-04-19 00:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Installations
2009-05-26 11:20 . 2009-05-13 20:10 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 11:19 . 2009-05-13 20:11 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-21 19:37 . 2009-04-15 10:56 -------- d-----w- c:\programmi\Google
2009-05-20 11:17 . 2009-05-02 06:35 1439488 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgupd.dll
2009-05-20 11:17 . 2009-05-02 06:35 755992 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avginet.dll
2009-05-17 17:11 . 2008-09-04 14:16 -------- d--h--w- c:\documents and settings\Administrator\Dati applicazioni\ijjigame
2009-05-17 12:01 . 2008-09-03 13:58 -------- d-----w- c:\programmi\Windows Live
2009-05-16 14:46 . 2009-05-16 14:30 -------- d-----w- c:\programmi\Luxor
2009-05-16 14:35 . 2009-05-01 14:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\MumboJumbo
2009-05-16 13:04 . 2009-05-16 13:04 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
2009-05-16 13:04 . 2009-05-16 13:04 -------- d-----w- c:\programmi\Stardock
2009-05-15 16:12 . 2009-04-24 14:39 30720 ----a-w- c:\windows\AWhiteu12.dat
2009-05-15 16:12 . 2009-04-24 14:39 30720 ----a-w- c:\windows\ADarku12.dat
2009-05-15 16:12 . 2009-04-24 14:39 6 ----a-w- c:\windows\AExpou.dat
2009-05-15 16:12 . 2009-04-24 14:39 3 ----a-w- c:\windows\Gain6.dat
2009-05-15 16:12 . 2009-04-24 14:39 3 ----a-w- c:\windows\AOffsetu.dat
2009-05-15 16:04 . 2009-04-24 14:28 -------- d-----w- c:\programmi\TextBridge Classic 2.0
2009-05-15 16:03 . 2009-05-15 16:03 -------- d-----w- c:\programmi\MGI
2009-05-15 16:02 . 2009-04-24 12:41 -------- d-----w- c:\programmi\ScanEZ
2009-05-14 15:48 . 2008-09-03 14:21 3688176 ----a-w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-05-13 22:29 . 2009-05-13 22:29 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\AMPSoft
2009-05-13 22:29 . 2009-05-13 22:29 -------- d-----w- c:\programmi\AMP Font Viewer
2009-05-13 22:19 . 2009-05-13 22:19 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\KC Softwares
2009-05-13 22:19 . 2009-05-13 22:19 -------- d-----w- c:\programmi\KC Softwares
2009-05-13 22:06 . 2009-04-27 19:06 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\SolidDocuments
2009-05-13 20:11 . 2009-05-13 20:11 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Malwarebytes
2009-05-13 20:10 . 2009-05-13 20:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-05-13 11:29 . 2009-05-13 11:29 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\USBSafelyRemove
2009-05-13 11:29 . 2009-05-13 11:29 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\USBSRService
2009-05-12 18:21 . 2009-05-01 14:25 -------- d-----w- c:\programmi\Luxor Quest For The Afterlife
2009-05-11 20:41 . 2009-05-11 20:41 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AlawarWrapper
2009-05-11 20:39 . 2009-05-11 20:39 -------- d-----w- c:\programmi\Alawar
2009-05-11 20:33 . 2009-05-11 20:33 -------- d-----w- c:\programmi\Virtual Families
2009-05-10 19:41 . 2009-05-10 19:41 -------- d-----w- c:\programmi\Ace Translator
2009-05-07 15:32 . 2008-04-14 12:00 347648 ----a-w- c:\windows\system32\localspl.dll
2009-05-05 19:00 . 2008-09-03 16:32 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\avg8
2009-05-04 16:26 . 2009-05-04 16:26 -------- d-----w- c:\programmi\PC Connectivity Solution
2009-05-04 13:24 . 2009-05-04 13:24 -------- d-----w- c:\programmi\GIMP-2.0
2009-05-02 20:54 . 2009-05-02 00:54 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Alawar
2009-05-02 06:38 . 2008-09-03 16:32 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-02 06:38 . 2008-09-03 16:32 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-02 06:38 . 2008-09-03 16:32 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-05-02 06:37 . 2009-04-25 17:08 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-02 01:01 . 2009-05-02 01:01 -------- d-----w- c:\programmi\MSXML 4.0
2009-05-01 18:32 . 2009-05-01 18:32 -------- d-----w- c:\programmi\Rar Repair Tool
2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2009-05-01 14:25 . 2009-05-01 14:25 -------- d-----w- c:\programmi\ReflexiveArcade
2009-05-01 14:08 . 2009-05-01 14:08 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\n7-89-o9-3r-4t-r9
2009-05-01 13:50 . 2009-05-01 13:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\rionix
2009-05-01 13:44 . 2009-05-01 13:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Trymedia
2009-05-01 00:51 . 2009-05-01 00:51 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\SolidDocuments
2009-04-30 17:48 . 2009-04-30 17:48 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-04-30 17:48 . 2009-04-30 17:48 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-04-30 17:48 . 2009-04-30 17:48 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\TuneUp Software
2009-04-30 17:48 . 2009-04-30 17:48 -------- d-----w- c:\programmi\TuneUp Utilities 2009
2009-04-30 17:48 . 2009-04-30 17:48 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\TuneUp Software
2009-04-30 17:47 . 2009-04-30 17:47 -------- d-sh--w- c:\documents and settings\All Users\Dati applicazioni\{55A29068-F2CE-456C-9148-C869879E2357}
2009-04-30 16:40 . 2009-04-30 16:37 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Ulead Systems
2009-04-30 16:37 . 2009-04-30 16:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ulead Systems
2009-04-30 16:36 . 2009-04-30 16:36 -------- d-----w- c:\programmi\File comuni\InterVideo
2009-04-30 16:36 . 2009-04-30 16:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\InterVideo
2009-04-30 16:36 . 2008-10-16 21:02 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-04-30 16:35 . 2009-04-30 16:35 -------- d-----w- c:\programmi\Windows Media Components
2009-04-30 16:35 . 2009-04-30 16:34 -------- d-----w- c:\programmi\File comuni\Ulead Systems
2009-04-30 16:34 . 2009-04-24 15:38 -------- d-----w- c:\programmi\Ulead Systems
2009-04-30 15:34 . 2009-04-30 15:34 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\proDAD
2009-04-30 15:34 . 2009-04-30 15:34 -------- d-----w- c:\programmi\proDAD
2009-04-30 15:34 . 2009-04-30 15:33 -------- d-----w- c:\programmi\Boris FX, Inc
2009-04-30 15:32 . 2009-04-30 15:22 -------- d-----w- c:\programmi\Pinnacle
2009-04-30 15:30 . 2009-04-30 15:30 29926 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{5EB90C06-964F-4195-B83E-BD7E55C88415}\ARPPRODUCTICON.exe
2009-04-30 15:30 . 2009-04-30 15:30 -------- d-----w- c:\programmi\File comuni\Pinnacle
2009-04-30 15:29 . 2009-04-30 15:29 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Pinnacle Studio Ultimate
2009-04-30 15:22 . 2009-04-30 15:22 -------- d-----w- c:\programmi\File comuni\Yahoo!
2009-04-30 15:22 . 2009-04-30 15:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Studio 12
2009-04-30 15:22 . 2009-04-30 15:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Pinnacle Studio Plus
2008-09-04 00:19 . 2008-09-04 00:16 48 --sh--w- c:\windows\S92681E4D.tmp
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-05 1947928]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb02.exe" [2001-04-17 192512]
"ISUSScheduler"="c:\programmi\File comuni\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-06-07 148888]
"SpywareTerminator"="c:\programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2009-06-15 2174464]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2007-12-20 77824]
"S3Trayp"="S3trayp.exe" - c:\windows\system32\S3Trayp.exe [2007-09-30 200704]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-02 06:38 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Avvio^Programmi^Esecuzione automatica^is-6O6IH.lnk]
path=c:\documents and settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica\is-6O6IH.lnk
backup=c:\windows\pss\is-6O6IH.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TuneUp.ProgramStatisticsSvc"=2 (0x2)
"UxTuneUp"=2 (0x2)
"TuneUp.Defrag"=3 (0x3)
"ServiceLayer"=3 (0x3)
"gusvc"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-]
"RegisterDropHandler"=c:\progra~1\TEXTBR~1.0\Bin\REGIST~1.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Documents and Settings\\Administrator\\Dati applicazioni\\Mozilla\\Firefox\\Profiles\\awlaoj0w.default\\extensions\\SolidStateION@solidstatenetworks.com\\plugins\\solidnm.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitdm.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitnet.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\java.exe"=
"c:\\Programmi\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Programmi\\Ace Translator\\AceTrans.exe"=
"c:\\Programmi\\Mozilla Thunderbird\\thunderbird.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26731:TCP"= 26731:TCP:*:Disabled:SolidNetworkManager
"26731:UDP"= 26731:UDP:*:Disabled:SolidNetworkManager
"5009:TCP"= 5009:TCP:SolidNetworkManager
"5009:UDP"= 5009:UDP:SolidNetworkManager

R0 snapman380;Acronis Snapshots Manager (Build 380);c:\windows\system32\drivers\snman380.sys [12.06.2009 14:54 134272]
R0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\system32\drivers\tdrpm147.sys [12.06.2009 14:54 971232]
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [24.04.2009 13:56 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [24.04.2009 13:56 53248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [03.09.2008 18:32 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [25.04.2009 19:08 108552]
R1 is-6O6IHdrv;is-6O6IHdrv;c:\windows\system32\drivers\05165413.sys [10.06.2009 10:26 148496]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [26.05.2009 10:05 9968]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [26.05.2009 10:05 72944]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [15.06.2009 20:32 142592]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [05.05.2009 21:02 298776]
R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\drivers\ousbehci.sys [03.09.2008 15:10 45696]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [03.09.2008 15:10 56960]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [03.09.2008 15:10 601600]
S1 as6eio;as6eio;c:\windows\system32\drivers\as6eio.sys --> c:\windows\system32\drivers\as6eio.sys [?]
S3 gwiopm;gwiopm;\??\c:\programmi\My Drivers\gwiopm.sys --> c:\programmi\My Drivers\gwiopm.sys [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [26.05.2009 10:05 7408]
S4 Seekeen Service;Seekeen Service;"c:\programmi\Seekeen\seekeen.exe" "c:\programmi\Seekeen\seekeen.dll" Service --> c:\programmi\Seekeen\seekeen.exe [?]
S4 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [30.04.2009 19:48 603904]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenuto della cartella 'Scheduled Tasks'

2009-06-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-583907252-842925246-1177238915-500.job
- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2008-10-09 17:23]

2009-06-15 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2009-06-15 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.smsveloce.it/ricerca/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Clean Traces - c:\programmi\DAP\Privacy Package\dapcleanerie.htm
IE: &Download by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/201
IE: &Download with &DAP - c:\programmi\DAP\dapextie.htm
IE: &Grab video by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append the content of the link to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: Do&wnload selected by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/202
IE: Download &all with DAP - c:\programmi\DAP\dapextie2.htm
IE: Download Link Using Mega Manager... - c:\programmi\Megaupload\Mega Manager\mm_file.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath -
.

**************************************************************************

disk not found C:\

please note that you need administrator rights to perform deep scan
scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti:

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-583907252-842925246-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)

[HKEY_USERS\S-1-5-21-583907252-842925246-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{796AABBB-44F5-67F7-D78C-CC9582F172EC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"abhiakgcmeobheckhanlgmjddhjlibhjbf"=hex:70,61,66,69,6b,6d,6c,6c,62,61,64,6c,
68,68,6c,63,6f,67,70,6d,64,70,6d,67,70,6c,64,69,69,6a,64,6d,00,40
"magijjcmkiaccnlnjhemjpmonm"=hex:6f,61,68,67,67,63,6a,67,66,6c,61,70,64,68,6a,
65,69,69,67,66,68,65,61,68,6a,70,6a,69,66,6b,00,6d

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,90,8b,56,f9,9d,
01,45,54,c8,28,51,af,b0,29,a3,98,39,53,20,d5,d1,b3,5a,c8,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,c0,b8,b4,06,14,
ca,dc,79,71,3b,04,66,8b,46,0d,96,7b,d9,7e,aa,2a,c2,db,b8,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,10,54,87,88,e8,
1e,26,51,25,da,ec,7e,55,20,c9,26,ed,83,bf,89,6e,ec,c7,09,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,03,73,66,75,32,
23,6a,00,3e,1e,9e,e0,57,5a,93,61,e4,dd,c8,ba,d9,33,41,14,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,ab,52,08,fd,23,
91,b8,64,cd,44,cd,b9,a6,33,6c,cd,09,44,29,f8,50,10,68,d9,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,09,9d,61,7e,f7,
4c,b0,0b,b0,18,ed,a7,3f,8d,37,a4,f3,32,d0,96,32,1f,8c,fc,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,cd,7c,81,bc,2d,
bb,7c,1f,31,77,e1,ba,b1,f8,68,02,72,88,b8,68,28,c4,de,fa,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,d5,17,bd,ff,4a,
5e,4f,51,83,6c,56,8b,a0,85,96,ab,6e,c2,3e,c9,a3,bf,ae,4f,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,10,5d,35,b3,1f,
2a,da,d3,51,fa,6e,91,28,9e,14,cc,b5,da,6e,83,4c,30,98,77,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,fb,70,69,eb,b5,
fe,6e,83,b1,cd,45,5a,a8,c4,f8,b9,79,aa,ff,e7,96,34,e5,4a,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,38,42,55,b0,cb,
ad,22,40,e3,0e,66,d5,eb,bc,2f,6b,c7,6f,cd,81,72,5e,68,83,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,2f,4c,d7,55,d3,
9a,98,1c,fa,ea,66,7f,d4,3b,6b,70,50,3b,a5,ee,81,8a,e2,02,6c,43,2d,1e,aa,22,\
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(808)
c:\programmi\SUPERAntiSpyware\SASWINLO.dll
.
Ora fine scansione: 2009-06-15 1:41
ComboFix-quarantined-files.txt 2009-06-15 23:41

Pre-Run: 68'239'122'432 byte disponibili
Post-Run: 68'320'993'280 byte disponibili

407 --- E O F --- 2009-06-15 01:03

Si uso una Stampante di quel tipo esattamente hpdeskjet 990cxi
Come antivirus uso AVG e funziona più che bene e insieme gli ho messo Spyware Terminator
Altri problemi, ogni tanto mi esce un errore di visual time debugger che premendo ok m ifa chiudere l'applicazione che sto usando, ma questo non accade sempre.

Qusto è l'errore che mi esce del visual time debugger

r16

Inviato: Tuesday, June 16, 2009 12:29:00 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Apri un file di testo sul Desktop
Ci incolli il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente con il nome CFScript.txt

Driver::
npggsvc

File::
c:\windows\system32\GameMon.des -service

Registry::
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]

e trascinalo sull'icona di ComboFix.
Attendi la fine dei lavori, senza toccare tastiera, mouse o altro.
Posta il log aggiornato di combofix

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"

superman91

Inviato: Tuesday, June 16, 2009 1:14:00 PM

Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105

Fatto

ComboFix 09-06-15.04 - Administrator 16.06.2009 12:55.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.702.360 [GMT 2:00]
Eseguito da: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Creato nuovo punto di ripristino

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!

FILE ::
"c:\windows\system32\GameMon.des -service"
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\ADMINI~1\IMPOST~1\Temp\catchme.dll
c:\documents and settings\Administrator\Impostazioni locali\Temp\catchme.dll

.
((((((((((((((((((((((((( Files Creati Da 2009-05-16 al 2009-06-16 )))))))))))))))))))))))))))))))))))
.

2009-06-16 10:38 . 2009-06-16 10:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Sprouts Adventure
2009-06-16 08:48 . 2009-06-16 08:50 -------- d-----w- c:\programmi\Sprouts Adventure
2009-06-16 08:37 . 2009-06-16 08:37 -------- d-----w- c:\windows\system32\xircom
2009-06-16 08:37 . 2009-06-16 08:37 -------- d-----w- c:\windows\system32\wbem\snmp
2009-06-16 08:37 . 2009-06-16 08:37 -------- d-----w- c:\programmi\microsoft frontpage
2009-06-15 20:08 . 2009-06-15 20:09 117760 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-06-15 20:07 . 2009-06-15 20:07 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2009-06-15 20:07 . 2009-06-15 20:07 -------- d-----w- c:\programmi\SUPERAntiSpyware
2009-06-15 20:07 . 2009-06-15 20:07 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\SUPERAntiSpyware.com
2009-06-15 20:07 . 2009-06-15 20:07 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2009-06-15 19:58 . 2009-06-15 19:58 3371383 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-06-15 18:32 . 2009-06-15 18:32 6144 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator\sp_rsdel.exe
2009-06-15 18:32 . 2009-06-15 18:32 5632 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator\fileobjinfo.sys
2009-06-15 18:32 . 2009-06-15 18:32 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-06-15 18:32 . 2009-06-16 09:53 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Spyware Terminator
2009-06-15 18:32 . 2009-06-16 08:52 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator
2009-06-15 18:32 . 2009-06-15 19:04 -------- d-----w- c:\programmi\Spyware Terminator
2009-06-15 15:13 . 2009-06-15 15:13 -------- d-----w- c:\documents and settings\LocalService\Menu Avvio
2009-06-15 13:46 . 2009-06-15 15:16 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\15151094
2009-06-15 11:41 . 2009-02-19 14:16 2309120 ----a-w- c:\windows\system32\pdftk.exe
2009-06-15 05:02 . 2009-06-15 05:02 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\cerasus.media
2009-06-15 04:40 . 2009-06-15 05:04 -------- d-----w- c:\programmi\Mystery Stories Berlin Nights
2009-06-15 04:09 . 2009-06-15 04:11 -------- d-----w- c:\programmi\Sky Taxi
2009-06-15 03:37 . 2009-06-15 04:06 -------- d-----w- c:\programmi\Mahjongg Ancient Mayas
2009-06-15 01:22 . 2009-06-15 01:25 -------- d-----w- c:\programmi\Setup Factory 8.0 Trial
2009-06-15 01:22 . 2009-06-15 01:22 -------- d-----w- c:\windows\Setup Factory 8.0 Trial
2009-06-12 21:46 . 2009-06-12 21:47 -------- d-----w- c:\programmi\FreeWareUpdater
2009-06-12 12:54 . 2009-06-12 12:54 971232 ----a-w- c:\windows\system32\drivers\tdrpm147.sys
2009-06-12 12:54 . 2009-06-12 12:54 540000 ----a-w- c:\windows\system32\drivers\timntr.sys
2009-06-12 12:54 . 2009-06-12 12:54 44704 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2009-06-12 12:54 . 2009-06-12 12:54 134272 ----a-w- c:\windows\system32\drivers\snman380.sys
2009-06-12 12:53 . 2009-06-12 12:53 -------- d-----w- c:\programmi\Acronis
2009-06-12 12:53 . 2009-06-12 12:53 -------- d-----w- c:\programmi\File comuni\Acronis
2009-06-12 12:39 . 2001-11-29 06:57 110592 ----a-w- c:\windows\system32\ccrpbds6.dll
2009-06-10 17:19 . 2009-06-15 19:46 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\MagicBall4
2009-06-10 08:27 . 2009-06-16 08:32 91559968 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-10 08:26 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\05165413.sys
2009-06-09 00:21 . 2009-06-09 00:22 -------- d-----w- c:\programmi\Fleshatomale RedTube Downloader
2009-06-08 11:37 . 2009-06-08 11:37 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Thinstall
2009-06-07 12:06 . 2009-06-07 12:06 -------- d-----w- C:\Movie Label Databases
2009-06-07 12:05 . 2009-06-07 12:05 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Movie Label
2009-06-07 12:05 . 2009-06-11 09:06 -------- d-----w- c:\programmi\Movie Label 2009
2009-06-05 20:50 . 2009-06-05 20:50 -------- d-----w- c:\programmi\uTorrent
2009-06-05 20:50 . 2009-06-12 23:36 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\uTorrent
2009-06-04 17:53 . 2009-06-04 17:56 -------- d-----w- c:\programmi\MegaLink
2009-06-04 17:39 . 2009-06-04 17:39 83456 ----a-w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit\DAP\SDCondition.dll
2009-06-04 17:36 . 2009-06-04 17:36 2169880 ----a-w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit\DAP\Offers\spo3.exe
2009-06-04 17:36 . 2009-06-04 17:36 3530776 ----a-w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit\DAP\Offers\VA23_DAPSO.exe
2009-06-04 17:35 . 2009-06-05 21:51 95744 ----a-w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit\DAP\Updates\Condition.dll
2009-06-04 17:34 . 2009-06-04 17:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SpeedBit
2009-06-04 17:34 . 2009-06-04 17:34 50688 ----a-w- c:\windows\system32\wbhelp2.dll
2009-06-04 17:34 . 2009-06-04 17:36 -------- d-----w- c:\programmi\DAP
2009-05-31 15:47 . 2009-05-31 15:57 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\WarRockDF
2009-05-28 19:10 . 2009-05-27 17:21 34447128 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_ita_web.exe
2009-05-28 19:10 . 2009-05-28 19:10 8192 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-05-28 19:10 . 2009-05-28 19:10 61440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-05-28 19:10 . 2009-05-28 19:10 10240 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-05-20 12:19 . 2009-06-15 14:08 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-05-20 12:19 . 2009-05-20 12:21 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2009-05-17 16:35 . 2009-05-17 16:35 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\.clamwin
2009-05-17 16:35 . 2009-05-17 16:35 -------- d-----w- c:\programmi\ClamWin
2009-05-17 16:35 . 2009-05-17 16:35 -------- d-----w- c:\documents and settings\All Users\.clamwin
2009-05-17 15:45 . 2009-05-17 15:45 -------- d-----w- c:\programmi\File comuni\SWF Studio
2009-05-17 12:12 . 2009-06-08 20:40 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\MessengerDiscovery 2
2009-05-17 12:03 . 2009-05-29 16:43 -------- d-----w- c:\documents and settings\Administrator\Tracing
2009-05-17 12:01 . 2009-05-18 10:17 -------- d-----w- c:\programmi\Microsoft Silverlight
2009-05-17 12:00 . 2009-05-17 12:00 -------- d-----w- c:\programmi\Microsoft
2009-05-17 11:59 . 2009-05-17 11:59 -------- d-----w- c:\programmi\Windows Live SkyDrive
2009-05-17 11:51 . 2009-05-17 11:51 -------- d-----w- c:\programmi\File comuni\Windows Live

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-16 10:24 . 2008-09-03 16:35 -------- d-----w- c:\programmi\eMule
2009-06-16 08:28 . 2009-03-30 17:17 -------- d-----w- c:\programmi\Mozilla Thunderbird
2009-06-15 19:59 . 2009-05-13 20:10 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-06-15 19:57 . 2009-05-01 14:07 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\GameHouse
2009-06-15 19:56 . 2009-05-01 13:42 -------- d-----w- c:\programmi\RealArcade
2009-06-15 19:05 . 2008-09-07 17:59 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-06-15 15:17 . 2008-04-14 12:00 85528 ----a-w- c:\windows\system32\perfc010.dat
2009-06-15 15:17 . 2008-04-14 12:00 492826 ----a-w- c:\windows\system32\perfh010.dat
2009-06-15 15:11 . 2009-06-10 08:27 879164 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-15 05:38 . 2009-05-02 11:56 -------- d-----w- c:\programmi\Poker Superstars III
2009-06-15 01:25 . 2009-04-29 15:31 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\IndigoRose
2009-06-15 01:23 . 2009-04-29 15:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\IndigoRose
2009-06-15 01:02 . 2008-09-03 14:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-06-12 12:46 . 2008-09-03 23:08 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-06-08 18:04 . 2009-01-27 21:06 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Skype
2009-06-08 18:01 . 2009-01-27 21:08 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\skypePM
2009-06-07 17:35 . 2008-10-02 19:12 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\TeraCopy
2009-06-07 00:59 . 2008-12-13 12:12 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-05 22:21 . 2009-05-16 11:06 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Nimi
2009-06-04 17:49 . 2008-09-06 09:45 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Orbit
2009-05-31 13:52 . 2008-09-06 09:45 -------- d-----w- c:\programmi\Orbitdownloader
2009-05-31 09:07 . 2008-12-13 19:57 -------- d-----w- c:\programmi\RadarSync
2009-05-31 09:06 . 2009-01-14 14:47 -------- d-----w- c:\programmi\File comuni\PCSuite
2009-05-31 09:06 . 2009-01-14 14:45 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Downloaded Installations
2009-05-31 08:11 . 2009-04-19 00:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Installations
2009-05-26 11:20 . 2009-05-13 20:10 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 11:19 . 2009-05-13 20:11 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-21 19:37 . 2009-04-15 10:56 -------- d-----w- c:\programmi\Google
2009-05-20 11:17 . 2009-05-02 06:35 1439488 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgupd.dll
2009-05-20 11:17 . 2009-05-02 06:35 755992 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avginet.dll
2009-05-17 17:11 . 2008-09-04 14:16 -------- d--h--w- c:\documents and settings\Administrator\Dati applicazioni\ijjigame
2009-05-17 12:01 . 2008-09-03 13:58 -------- d-----w- c:\programmi\Windows Live
2009-05-17 11:01 . 2009-05-17 11:01 -------- d-----w- c:\programmi\ImageShack Corp
2009-05-16 14:46 . 2009-05-16 14:30 -------- d-----w- c:\programmi\Luxor
2009-05-16 14:35 . 2009-05-01 14:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\MumboJumbo
2009-05-16 13:04 . 2009-05-16 13:04 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
2009-05-16 13:04 . 2009-05-16 13:04 -------- d-----w- c:\programmi\Stardock
2009-05-15 16:12 . 2009-04-24 14:39 30720 ----a-w- c:\windows\AWhiteu12.dat
2009-05-15 16:12 . 2009-04-24 14:39 30720 ----a-w- c:\windows\ADarku12.dat
2009-05-15 16:12 . 2009-04-24 14:39 6 ----a-w- c:\windows\AExpou.dat
2009-05-15 16:12 . 2009-04-24 14:39 3 ----a-w- c:\windows\Gain6.dat
2009-05-15 16:12 . 2009-04-24 14:39 3 ----a-w- c:\windows\AOffsetu.dat
2009-05-15 16:04 . 2009-04-24 14:28 -------- d-----w- c:\programmi\TextBridge Classic 2.0
2009-05-15 16:03 . 2009-05-15 16:03 -------- d-----w- c:\programmi\MGI
2009-05-15 16:02 . 2009-04-24 12:41 -------- d-----w- c:\programmi\ScanEZ
2009-05-14 15:48 . 2008-09-03 14:21 3688176 ----a-w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-05-13 22:29 . 2009-05-13 22:29 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\AMPSoft
2009-05-13 22:29 . 2009-05-13 22:29 -------- d-----w- c:\programmi\AMP Font Viewer
2009-05-13 22:19 . 2009-05-13 22:19 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\KC Softwares
2009-05-13 22:19 . 2009-05-13 22:19 -------- d-----w- c:\programmi\KC Softwares
2009-05-13 22:06 . 2009-04-27 19:06 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\SolidDocuments
2009-05-13 20:11 . 2009-05-13 20:11 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Malwarebytes
2009-05-13 20:10 . 2009-05-13 20:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-05-13 11:29 . 2009-05-13 11:29 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\USBSafelyRemove
2009-05-13 11:29 . 2009-05-13 11:29 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\USBSRService
2009-05-12 18:21 . 2009-05-01 14:25 -------- d-----w- c:\programmi\Luxor Quest For The Afterlife
2009-05-11 20:41 . 2009-05-11 20:41 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AlawarWrapper
2009-05-11 20:39 . 2009-05-11 20:39 -------- d-----w- c:\programmi\Alawar
2009-05-11 20:33 . 2009-05-11 20:33 -------- d-----w- c:\programmi\Virtual Families
2009-05-10 19:41 . 2009-05-10 19:41 -------- d-----w- c:\programmi\Ace Translator
2009-05-07 15:32 . 2008-04-14 12:00 347648 ----a-w- c:\windows\system32\localspl.dll
2009-05-05 19:00 . 2008-09-03 16:32 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\avg8
2009-05-04 16:26 . 2009-05-04 16:26 -------- d-----w- c:\programmi\PC Connectivity Solution
2009-05-04 13:24 . 2009-05-04 13:24 -------- d-----w- c:\programmi\GIMP-2.0
2009-05-02 20:54 . 2009-05-02 00:54 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Alawar
2009-05-02 06:38 . 2008-09-03 16:32 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-02 06:38 . 2008-09-03 16:32 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-02 06:38 . 2008-09-03 16:32 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-05-02 06:37 . 2009-04-25 17:08 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-02 01:01 . 2009-05-02 01:01 -------- d-----w- c:\programmi\MSXML 4.0
2009-05-01 18:32 . 2009-05-01 18:32 -------- d-----w- c:\programmi\Rar Repair Tool
2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2009-05-01 14:25 . 2009-05-01 14:25 -------- d-----w- c:\programmi\ReflexiveArcade
2009-05-01 14:08 . 2009-05-01 14:08 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\n7-89-o9-3r-4t-r9
2009-05-01 13:50 . 2009-05-01 13:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\rionix
2009-05-01 13:44 . 2009-05-01 13:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Trymedia
2009-05-01 00:51 . 2009-05-01 00:51 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\SolidDocuments
2009-04-30 17:48 . 2009-04-30 17:48 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-04-30 17:48 . 2009-04-30 17:48 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-04-30 17:48 . 2009-04-30 17:48 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\TuneUp Software
2009-04-30 17:48 . 2009-04-30 17:48 -------- d-----w- c:\programmi\TuneUp Utilities 2009
2009-04-30 17:48 . 2009-04-30 17:48 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\TuneUp Software
2009-04-30 17:47 . 2009-04-30 17:47 -------- d-sh--w- c:\documents and settings\All Users\Dati applicazioni\{55A29068-F2CE-456C-9148-C869879E2357}
2009-04-30 16:40 . 2009-04-30 16:37 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Ulead Systems
2009-04-30 16:37 . 2009-04-30 16:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ulead Systems
2009-04-30 16:36 . 2009-04-30 16:36 -------- d-----w- c:\programmi\File comuni\InterVideo
2009-04-30 16:36 . 2009-04-30 16:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\InterVideo
2009-04-30 16:36 . 2008-10-16 21:02 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-04-30 16:35 . 2009-04-30 16:35 -------- d-----w- c:\programmi\Windows Media Components
2009-04-30 16:35 . 2009-04-30 16:34 -------- d-----w- c:\programmi\File comuni\Ulead Systems
2009-04-30 16:34 . 2009-04-24 15:38 -------- d-----w- c:\programmi\Ulead Systems
2009-04-30 15:34 . 2009-04-30 15:34 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\proDAD
2009-04-30 15:34 . 2009-04-30 15:34 -------- d-----w- c:\programmi\proDAD
2009-04-30 15:34 . 2009-04-30 15:33 -------- d-----w- c:\programmi\Boris FX, Inc
2009-04-30 15:32 . 2009-04-30 15:22 -------- d-----w- c:\programmi\Pinnacle
2009-04-30 15:30 . 2009-04-30 15:30 29926 ----a-r- c:\documents and settings\Administrator\Dati applicazioni\Microsoft\Installer\{5EB90C06-964F-4195-B83E-BD7E55C88415}\ARPPRODUCTICON.exe
2009-04-30 15:30 . 2009-04-30 15:30 -------- d-----w- c:\programmi\File comuni\Pinnacle
2009-04-30 15:29 . 2009-04-30 15:29 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Pinnacle Studio Ultimate
2009-04-30 15:22 . 2009-04-30 15:22 -------- d-----w- c:\programmi\File comuni\Yahoo!
2009-04-30 15:22 . 2009-04-30 15:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Studio 12
2008-09-04 00:19 . 2008-09-04 00:16 48 --sh--w- c:\windows\S92681E4D.tmp
.

((((((((((((((((((((((((((((( SnapShot@2009-06-15_23.39.13 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-16 08:37 . 2009-06-16 08:37 16384 c:\windows\Temp\Perflib_Perfdata_61c.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-05 1947928]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb02.exe" [2001-04-17 192512]
"ISUSScheduler"="c:\programmi\File comuni\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-06-07 148888]
"SpywareTerminator"="c:\programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2009-06-15 2174464]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2007-12-20 77824]
"S3Trayp"="S3trayp.exe" - c:\windows\system32\S3Trayp.exe [2007-09-30 200704]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-02 06:38 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Avvio^Programmi^Esecuzione automatica^is-6O6IH.lnk]
path=c:\documents and settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica\is-6O6IH.lnk
backup=c:\windows\pss\is-6O6IH.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TuneUp.ProgramStatisticsSvc"=2 (0x2)
"UxTuneUp"=2 (0x2)
"TuneUp.Defrag"=3 (0x3)
"ServiceLayer"=3 (0x3)
"gusvc"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-]
"RegisterDropHandler"=c:\progra~1\TEXTBR~1.0\Bin\REGIST~1.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Documents and Settings\\Administrator\\Dati applicazioni\\Mozilla\\Firefox\\Profiles\\awlaoj0w.default\\extensions\\SolidStateION@solidstatenetworks.com\\plugins\\solidnm.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitdm.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitnet.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\java.exe"=
"c:\\Programmi\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Programmi\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Programmi\\Ace Translator\\AceTrans.exe"=
"c:\\Programmi\\Mozilla Thunderbird\\thunderbird.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26731:TCP"= 26731:TCP:*:Disabled:SolidNetworkManager
"26731:UDP"= 26731:UDP:*:Disabled:SolidNetworkManager
"5009:TCP"= 5009:TCP:SolidNetworkManager
"5009:UDP"= 5009:UDP:SolidNetworkManager

R0 snapman380;Acronis Snapshots Manager (Build 380);c:\windows\system32\drivers\snman380.sys [12.06.2009 14:54 134272]
R0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\system32\drivers\tdrpm147.sys [12.06.2009 14:54 971232]
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [24.04.2009 13:56 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [24.04.2009 13:56 53248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [03.09.2008 18:32 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [25.04.2009 19:08 108552]
R1 is-6O6IHdrv;is-6O6IHdrv;c:\windows\system32\drivers\05165413.sys [10.06.2009 10:26 148496]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [26.05.2009 10:05 9968]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [26.05.2009 10:05 72944]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [15.06.2009 20:32 142592]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [05.05.2009 21:02 298776]
R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\drivers\ousbehci.sys [03.09.2008 15:10 45696]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [03.09.2008 15:10 56960]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [03.09.2008 15:10 601600]
S1 as6eio;as6eio;c:\windows\system32\drivers\as6eio.sys --> c:\windows\system32\drivers\as6eio.sys [?]
S3 gwiopm;gwiopm;\??\c:\programmi\My Drivers\gwiopm.sys --> c:\programmi\My Drivers\gwiopm.sys [?]
S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [26.05.2009 10:05 7408]
S4 Seekeen Service;Seekeen Service;"c:\programmi\Seekeen\seekeen.exe" "c:\programmi\Seekeen\seekeen.dll" Service --> c:\programmi\Seekeen\seekeen.exe [?]
S4 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [30.04.2009 19:48 603904]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenuto della cartella 'Scheduled Tasks'

2009-06-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-583907252-842925246-1177238915-500.job
- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2008-10-09 17:23]

2009-06-15 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2009-06-16 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.smsveloce.it/ricerca/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Clean Traces - c:\programmi\DAP\Privacy Package\dapcleanerie.htm
IE: &Download by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/201
IE: &Download with &DAP - c:\programmi\DAP\dapextie.htm
IE: &Grab video by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append the content of the link to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: Do&wnload selected by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/202
IE: Download &all with DAP - c:\programmi\DAP\dapextie2.htm
IE: Download Link Using Mega Manager... - c:\programmi\Megaupload\Mega Manager\mm_file.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath -
.

**************************************************************************

disk not found C:\

please note that you need administrator rights to perform deep scan
scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti:

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-583907252-842925246-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)

[HKEY_USERS\S-1-5-21-583907252-842925246-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{796AABBB-44F5-67F7-D78C-CC9582F172EC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"abhiakgcmeobheckhanlgmjddhjlibhjbf"=hex:70,61,66,69,6b,6d,6c,6c,62,61,64,6c,
68,68,6c,63,6f,67,70,6d,64,70,6d,67,70,6c,64,69,69,6a,64,6d,00,40
"magijjcmkiaccnlnjhemjpmonm"=hex:6f,61,68,67,67,63,6a,67,66,6c,61,70,64,68,6a,
65,69,69,67,66,68,65,61,68,6a,70,6a,69,66,6b,00,6d

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,90,8b,56,f9,9d,
01,45,54,c8,28,51,af,b0,29,a3,98,39,53,20,d5,d1,b3,5a,c8,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,c0,b8,b4,06,14,
ca,dc,79,71,3b,04,66,8b,46,0d,96,7b,d9,7e,aa,2a,c2,db,b8,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,10,54,87,88,e8,
1e,26,51,25,da,ec,7e,55,20,c9,26,ed,83,bf,89,6e,ec,c7,09,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,03,73,66,75,32,
23,6a,00,3e,1e,9e,e0,57,5a,93,61,e4,dd,c8,ba,d9,33,41,14,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,ab,52,08,fd,23,
91,b8,64,cd,44,cd,b9,a6,33,6c,cd,09,44,29,f8,50,10,68,d9,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,09,9d,61,7e,f7,
4c,b0,0b,b0,18,ed,a7,3f,8d,37,a4,f3,32,d0,96,32,1f,8c,fc,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,cd,7c,81,bc,2d,
bb,7c,1f,31,77,e1,ba,b1,f8,68,02,72,88,b8,68,28,c4,de,fa,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,d5,17,bd,ff,4a,
5e,4f,51,83,6c,56,8b,a0,85,96,ab,6e,c2,3e,c9,a3,bf,ae,4f,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,10,5d,35,b3,1f,
2a,da,d3,51,fa,6e,91,28,9e,14,cc,b5,da,6e,83,4c,30,98,77,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,fb,70,69,eb,b5,
fe,6e,83,b1,cd,45,5a,a8,c4,f8,b9,79,aa,ff,e7,96,34,e5,4a,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,38,42,55,b0,cb,
ad,22,40,e3,0e,66,d5,eb,bc,2f,6b,c7,6f,cd,81,72,5e,68,83,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,2f,4c,d7,55,d3,
9a,98,1c,fa,ea,66,7f,d4,3b,6b,70,50,3b,a5,ee,81,8a,e2,02,6c,43,2d,1e,aa,22,\
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1048)
c:\programmi\SUPERAntiSpyware\SASWINLO.dll
.
Ora fine scansione: 2009-06-16 13:08
ComboFix-quarantined-files.txt 2009-06-16 11:08
ComboFix2.txt 2009-06-15 23:41

Pre-Run: 76'217'622'528 byte disponibili
Post-Run: 76'206'313'472 byte disponibili

410 --- E O F --- 2009-06-15 01:03

r16

Inviato: Tuesday, June 16, 2009 1:29:38 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Ok.
Proviamo a sistemare il Ripristino:
Scarica System Restore Repair :
Segui le indicazioni di questo link:
http://www.zonapc.it/downloads/ripara_pc/ripristino_config_sistema.php

superman91

Inviato: Tuesday, June 16, 2009 1:42:58 PM

Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105

Grandissimo ho risolto per quanto riguarda il ripristino.

Sapresti aiutarmi per quell'errore che ogni tanto mi esce? (sopra ho messo la foto)

r16

Inviato: Tuesday, June 16, 2009 1:55:19 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Ti è uscito anche dopo le operazioni che abbiamo fatto?
Posta un log di HJT.

superman91

Inviato: Tuesday, June 16, 2009 1:59:26 PM

Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105

No ancora non è uscito, però anche prima di queste scansioni alcuni giorni non usciva proprio

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:58:23, on 16.06.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21045)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\crypserv.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\Programmi\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb02.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Programmi\eMule\emule.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.smsveloce.it/ricerca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programmi\Orbitdownloader\orbitcth.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IeMonitorBho Class - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Programmi\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programmi\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programmi\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb02.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Clean Traces - C:\Programmi\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download with &DAP - C:\Programmi\DAP\dapextie.htm
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Append the content of the link to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Append the content of the selected links to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Append to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Create PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF file from the content of the link - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF files from the selected links - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download &all with DAP - C:\Programmi\DAP\dapextie2.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Programmi\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1191420098671
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1123705518796
O16 - DPF: {6e32070a-766d-4ee6-879c-dc1fa91d2fc3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139406804265
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 10682 bytes

r16

Inviato: Tuesday, June 16, 2009 2:10:21 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Aspettiamo per vedere se esce, prima di mettere le manacce a vanvera. Drool

Drool

Il log è pulito.
Curiosità:
A me sembrano troppe queste voci, sono 4:
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
Lo hai installato correttamente Chrome?
Forse, una disistallazione completa, e una reistallazione non farebbe male.
Poi esegui queste indicazioni:
Dai una pulita (registro compreso)con CCleaner http://www.aiutaamici.com/software?ID=11223
Poi:
Start\Esegui\copia e incolla la stringa %temp% clicca su Ok, svuota la cartella temp. (non eliminare la cartella)
Poi:
Provvedi a svuotare del suo contenuto la cartella Prefetch :
clicca su Risorse del Computer
clicca su Disco locale C:
cerca, all’interno delle cartelle che saranno visualizzate la cartella Windows, aprila ed, al suo interno, cerca la cartella Prefetch, la apri ed elimina tutte le voci conservate al suo interno ( non eliminare la cartella)
SVUOTA IL CESTINO
Poi:
Lancia Hijackthis e pulisci gli ADS in questo modo:
clicca sulla voce Open the misc tool section
clicca su Open ads spy
togli la spunta alla voce Quick scan (windows base folder only)
clicca su Scan
se venissero rilevati ADS, spunta tutte le caselline e clicca su Remove selected
Poi fai una deframmentazione del HD.

superman91

Inviato: Tuesday, June 16, 2009 3:27:41 PM

Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105

Ok fatti, grazie mille per tutto

se si dovesse ripresentare quell'errore riprendo questa disc

r16

Inviato: Tuesday, June 16, 2009 4:37:46 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Ciao.
Si, non aprire un'altro topic.
Preferisco continuare qui, è meglio .

superman91

Inviato: Tuesday, June 16, 2009 7:23:27 PM

Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105

Quell'errore è venuto fuori di nuovo <.< trovi il lo screen sopra

r16

Inviato: Wednesday, June 17, 2009 12:12:40 AM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Non ci messo molto tempo per rompere le scatole.....
Controlla su Windows Update, se ci sono aggiornamenti riguardo NET Framework
Controlla in "Installazioni Applicazione" quali NET Framework hai installato.
E postami le versioni (NET Framework 1.1 oppure 2.0 oppure 3.0) che vedi installate.
Altra cosa:
Dimmi che programma stavi usando quando ti è uscita la finestra.

superman91

Inviato: Wednesday, June 17, 2009 3:12:39 AM

Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105

Stavo aprendo emule....solo che questa cosa succede con qualsiasi programma...goni tanto succede con avg e addirittura mi ha dato l'errore explorer.exe (vedi immagine al posto di svchost.exe) e quindi sono spartire tutte le cartelle del desktop per poi ricomparire qualche secondo dopo.

Queste sono le versioni installate:

Microsoft Service .NET Framework 1 Service Pack 1
Microsoft Service .NET Framework 1 Service Pack 1 - Language pack ITA
Microsoft Service .NET Framework 2 Service Pack 1 Service pack 1
Microsoft Service .NET Framework 2 - Languace Pack ITA
Microsoft Service .NET Framework 3.0 Service Pack 1
Microsoft Service .NET Framework 3.0 Service Pack 1 - Language pack ITA
Microsoft Service .NET Framework 3.5
Microsoft Service .NET Framework 3.5 Language pack ITA

r16

Inviato: Wednesday, June 17, 2009 1:24:39 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Ciao.
Purtroppo questo non è il mio campo.
Ho fatto delle ricerche in rete, e sembra che quell'avviso, si verifica quando va in crash un'applicazione.
Ho trovato un link della Microsoft, che scrive di questo Just-In-Time Debugging
http://msdn.microsoft.com/en-us/library/5hs4b7a6.aspx
Questo è più interessante, sembra sia un problema di Microsoft Visual Studio
http://support.microsoft.com/kb/933561/it
Sembra che si possa attivare\disattivare, ma non me la sento di farti eseguire operazioni, in cui non sò con certezza, come và a finire.

superman91

Inviato: Wednesday, June 17, 2009 8:23:50 PM

Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105

Niente da fare ho pure provato a reinstallare Visual Studio 2008.

Utenti presenti in questo topic

2 pages: [1] 2

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Problema Configurazione di ripristino

Salta al Forum

Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS :

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.

Invia topic via Email

RSS Feed

Watch this topic

Stampa topic

Normale

Threaded