Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

log hijackthis.. Opzioni
trebor89
Inviato: Wednesday, November 25, 2009 7:46:33 PM
Rank: Member

Iscritto dal : 11/15/2008
Posts: 11
Ciao potete controllarmi i file log? il computer quando navigo in internet e provo ad aprire una finestra in più, crasha e si blocca per u paio di secondi il computer...veramente fastidioso aiutatemi a fare un pò di pulizia, credo di avere qualche virus....vi ringrazio anticipatamente...=)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19.43.13, on 25/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Programmi\NewSoft\Presto! PVR\Monitor.exe
C:\Programmi\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Creative\Shared Files\CamTray.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\Programmi\DAEMON Tools Lite\daemon.exe
C:\Programmi\Steam\Steam.exe
C:\Programmi\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Programmi\Spyware Doctor\pctsAuxs.exe
C:\Programmi\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\FlashGet\flashget.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.europowersearch.com/Search.html?SelectedSearchLang=IT
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Google Plus - {01677B4B-0610-4814-94A0-5F570DD7A88F} - C:\PROGRA~1\GooglePlusVideos\17.GooglePlusVideos.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Programmi\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Programmi\FlashGet\jccatch.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Super-Search - search like an expert - {B88F0A3B-663C-4342-A7CE-2D6F81032897} - C:\PROGRA~1\EasySearch\BHO\4.SuperSearch.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programmi\FlashGet\getflash.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programmi\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programmi\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] C:\Programmi\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Programmi\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [XboxStat] "c:\Programmi\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [ChangeFilterMerit] C:\Programmi\NewSoft\Presto! PVR\ChangeFilterMerit.exe
O4 - HKLM\..\Run: [Presto! PVR Monitor] C:\Programmi\NewSoft\Presto! PVR\Monitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Programmi\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Programmi\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programmi\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Programmi\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Utilità controllo supporti di Picture Motion Browser.lnk = C:\Programmi\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O8 - Extra context menu item: &Scarica con FlashGet - C:\Programmi\FlashGet\jc_link.htm
O8 - Extra context menu item: &Scarica tutto con FlashGet - C:\Programmi\FlashGet\jc_all.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programmi\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programmi\FlashGet\FlashGet.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/uno1/GAME_UNO1.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Programmi\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programmi\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programmi\Spyware Doctor\pctsSvc.exe

--
End of file - 10737 bytes
Sponsor
Inviato: Wednesday, November 25, 2009 7:46:33 PM

 
shapiro
Inviato: Wednesday, November 25, 2009 7:59:54 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ciao trebor

esegui questa scansione

scarica Malwarebytes http://www.malwarebytes.org/mbam/program/mbam-setup.exe
1) lo installi
2) lo aggiorni
3) fai una scansione scegliendo la modalità completa
4) NON eliminare per ora le ventuali minacce che rileva
5) finita la scansione seleziona il tabellino log, apri il file di testo e postalo sul forum
trebor89
Inviato: Wednesday, November 25, 2009 8:04:02 PM
Rank: Member

Iscritto dal : 11/15/2008
Posts: 11
ok;) quando si blocca mi esce l'errore jccatch.dll, e dopo mi mette pagina recuperata...cmq ora lo faccio subito!!
trebor89
Inviato: Wednesday, November 25, 2009 8:35:38 PM
Rank: Member

Iscritto dal : 11/15/2008
Posts: 11
Malwarebytes' Anti-Malware 1.41
Versione del database: 3231
Windows 5.1.2600 Service Pack 2

25/11/2009 20.34.11
mbam-log-2009-11-25 (20-34-06).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 177818
Tempo trascorso: 23 minute(s), 43 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 2

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
C:\System Volume Information\_restore{70FC3439-DEF1-40B0-92AD-4BE983187B89}\RP107\A0030039.exe (Backdoor.Netbus) -> No action taken.
C:\Documents and Settings\Robert\Dati applicazioni\Convivea\Bit_Che\scripts\special.exe (Trojan.Downloader) -> No action taken.
shapiro
Inviato: Wednesday, November 25, 2009 8:42:24 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
riavvia il programma e togli quello che ha trovato

volevo anche ricordarti una cosa molto importante - devi scaricare ed installare il service pack 3 , dopo ti invio il link


disattiva il ripristino

Commenta:
Start/tasto destro del mouse su risorse del computer/proprietà/Ripristino configurazione del sistema/e metti la spunta su "disattiva ripristino configurazione del sistema"


riavvia il pc, riattiva il ripristino(fai l'operazione al contrario) crea un nuovo punto ed esegui una scansione con Combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Salvalo sul desktop.
Doppio click su combofix.exe (comparirà una videata.)
Digita 1 premi Invio e segui le indicazioni.
Al termine, verrà creato un file log chiamato C:\ComboFix.txt. Postalo qui.
Durante l'operazione di scansione è importante non usare il PC e attendere pazientemente la fine delle operazioni.

Mentre effettua la scansione, non toccare mouse e tastiera
trebor89
Inviato: Wednesday, November 25, 2009 10:46:25 PM
Rank: Member

Iscritto dal : 11/15/2008
Posts: 11
ComboFix 09-11-25.01 - Robert 25/11/2009 21.49.17.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.2046.1497 [GMT 1:00]
Eseguito da: c:\documents and settings\Robert\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00200000-EE94-0012-94EE-120094EE1200}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-2C24-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-3C24-9E7C08000A00}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\progra~1\EasySearch\BHO\4.SUpersearch.dll
c:\progra~1\GooglePlusVideos\17.Googleplusvideos.dll
c:\programmi\GooglePlusVideos
c:\programmi\GooglePlusVideos\17.GooglePlusVideos.dll
c:\programmi\GooglePlusVideos\DeploymentHelper.exe
c:\programmi\GooglePlusVideos\FFExt\chrome.manifest
c:\programmi\GooglePlusVideos\FFExt\chrome\content\googleplusvideos.xul
c:\programmi\GooglePlusVideos\FFExt\chrome\content\script-injector.js
c:\programmi\GooglePlusVideos\FFExt\install.rdf
c:\programmi\GooglePlusVideos\GooglePlusVideosLicense.txt
c:\programmi\GooglePlusVideos\GooglePlusVideosXPCOM.dll
c:\programmi\GooglePlusVideos\GVConfig.ini
c:\programmi\GooglePlusVideos\IGooglePlusVideosXPCOM.xpt
c:\programmi\GooglePlusVideos\MFC42U.DLL
c:\programmi\GooglePlusVideos\Uninstall.bat

.
((((((((((((((((((((((((( Files Creati Da 2009-10-25 al 2009-11-25 )))))))))))))))))))))))))))))))))))
.

2009-11-25 18:42 . 2009-11-25 18:42 -------- d-----w- c:\programmi\Trend Micro
2009-11-24 20:01 . 2009-11-24 20:01 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\Malwarebytes
2009-11-24 20:01 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-24 20:01 . 2009-11-24 20:01 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-11-24 20:01 . 2009-11-24 20:01 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-11-24 20:01 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-23 18:44 . 2009-11-23 18:44 -------- d-----w- c:\documents and settings\Robert\Impostazioni locali\Dati applicazioni\Threat Expert
2009-11-23 18:41 . 2009-10-08 10:31 149456 ----a-w- c:\windows\SGDetectionTool.dll
2009-11-23 18:41 . 2009-10-08 10:31 165840 ----a-w- c:\windows\PCTBDRes.dll
2009-11-23 18:41 . 2009-10-08 10:31 1636304 ----a-w- c:\windows\PCTBDCore.dll
2009-11-23 18:41 . 2009-10-08 10:31 767952 ----a-w- c:\windows\BDTSupport.dll
2009-11-23 18:41 . 2009-10-02 13:19 1152470 ----a-w- c:\windows\UDB.zip
2009-11-23 18:41 . 2008-11-26 11:08 131 ----a-w- c:\windows\IDB.zip
2009-11-23 18:39 . 2009-09-24 07:55 229304 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-11-23 18:39 . 2009-10-06 15:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-11-23 18:39 . 2009-09-23 15:10 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-11-23 18:39 . 2009-09-03 08:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-11-23 18:39 . 2009-11-23 18:41 -------- d-----w- c:\programmi\File comuni\PC Tools
2009-11-23 18:39 . 2009-11-25 20:49 -------- d-----w- c:\programmi\Spyware Doctor
2009-11-23 18:39 . 2009-11-23 18:39 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\PC Tools
2009-11-23 18:39 . 2009-11-23 18:39 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PC Tools
2009-11-23 18:39 . 2009-11-25 20:48 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-11-23 00:41 . 2009-11-24 23:33 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\vlc
2009-11-19 15:19 . 2009-11-19 15:19 -------- d-----w- c:\programmi\Electronic Arts
2009-11-18 17:22 . 2009-11-18 18:57 -------- d-----w- c:\windows\SxsCaPendDel
2009-11-18 16:59 . 2009-11-18 16:59 -------- d-----w- c:\documents and settings\Robert\Impostazioni locali\Dati applicazioni\Monte Cristo
2009-11-18 16:51 . 2009-11-18 16:51 -------- d-----w- c:\programmi\Monte Cristo
2009-11-17 19:14 . 2009-11-17 19:14 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\Convivea
2009-11-17 19:14 . 2009-04-10 17:40 118784 ----a-w- c:\documents and settings\Robert\Dati applicazioni\Convivea\Bit_Che\scripts\x.exe
2009-11-17 19:14 . 2008-03-28 09:07 20992 ----a-w- c:\documents and settings\Robert\Dati applicazioni\Convivea\Bit_Che\languages\compare.exe
2009-11-17 19:14 . 2008-03-28 09:02 60928 ----a-w- c:\documents and settings\Robert\Dati applicazioni\Convivea\Bit_Che\scripts\update.exe
2009-11-17 19:14 . 2003-08-19 04:06 80896 ----a-w- c:\documents and settings\Robert\Dati applicazioni\Convivea\Bit_Che\scripts\x.dll
2009-11-17 19:14 . 2009-11-17 19:14 -------- d-----w- c:\programmi\Bit Che
2009-11-13 14:44 . 2009-11-13 14:44 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\TeamViewer
2009-11-13 14:44 . 2009-11-13 14:44 -------- d-----w- c:\documents and settings\Robert\temp
2009-11-13 14:34 . 2009-11-13 14:49 -------- d-----w- C:\Documents
2009-11-13 13:09 . 2009-11-25 20:46 -------- d-----w- c:\programmi\Steam
2009-11-13 13:09 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-11-13 13:09 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-11-13 13:09 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-11-13 13:09 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-11-13 13:09 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-11-13 13:09 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-11-13 13:09 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-11-12 22:35 . 2009-11-19 23:40 -------- d-----w- C:\Downloads
2009-11-12 22:30 . 2009-11-25 20:42 -------- d-----w- c:\programmi\FlashGet
2009-11-09 21:48 . 2009-11-09 21:48 -------- d-----w- c:\programmi\EA Sports
2009-11-06 13:25 . 2009-11-06 13:25 -------- d-----w- c:\programmi\CAPCOM
2009-10-30 10:06 . 2009-10-30 10:06 -------- d-----w- c:\documents and settings\Robert\Impostazioni locali\Dati applicazioni\Risen
2009-10-30 10:05 . 2009-10-30 10:05 -------- d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2009-10-30 10:00 . 2009-10-30 10:00 -------- d-----w- c:\programmi\Deep Silver
2009-10-30 09:34 . 2009-10-30 09:34 73837 ----a-w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream\uninstall.exe
2009-10-30 09:34 . 2009-10-30 09:34 74688 ----a-w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream\NetscapePlugin1.0.2.9\RegisterVSNP.exe
2009-10-30 09:34 . 2009-10-30 09:34 62400 ----a-w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream\RegisterVSAX.exe
2009-10-30 09:34 . 2009-10-30 09:34 293312 ----a-w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream\VuzeATL1.0.2.0.dll
2009-10-30 09:34 . 2009-10-30 09:34 176608 ----a-w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream\UpdateLauncher.exe
2009-10-30 09:34 . 2009-10-30 09:34 170432 ----a-w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream\NetscapePlugin1.0.2.9\npVuzeStream.dll
2009-10-30 09:34 . 2009-10-30 09:34 174560 ----a-w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream\VuzeStream.exe
2009-10-30 09:34 . 2009-10-30 09:34 -------- d-----w- c:\programmi\Microsoft Silverlight
2009-10-30 09:34 . 2009-10-30 09:44 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\VuzeStream
2009-10-30 09:28 . 2009-10-30 09:28 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Azureus
2009-10-30 09:27 . 2009-11-12 13:41 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\Azureus
2009-10-30 09:27 . 2009-10-30 09:27 -------- d-----w- c:\programmi\Vuze
2009-10-29 23:35 . 2009-11-12 21:59 -------- d-----w- c:\programmi\JDownloader
2009-10-29 23:34 . 2009-10-29 23:34 -------- d-----w- c:\windows\Sun
2009-10-29 09:55 . 2009-10-29 09:55 -------- d-----w- c:\programmi\KONAMI
2009-10-29 09:55 . 2009-10-29 09:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\KONAMI

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-25 20:46 . 2001-08-31 12:00 79292 ----a-w- c:\windows\system32\perfc010.dat
2009-11-25 20:46 . 2001-08-31 12:00 478808 ----a-w- c:\windows\system32\perfh010.dat
2009-11-25 19:49 . 2009-09-25 13:55 50496 ----a-w- c:\documents and settings\Robert\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-11-25 11:19 . 2009-09-25 14:52 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NOS
2009-11-19 14:44 . 2009-09-29 22:48 138064 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-19 14:43 . 2009-09-29 22:48 189184 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-11-13 19:11 . 2009-10-19 00:25 859304 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2009-11-13 15:00 . 2009-09-29 22:33 -------- d-----w- c:\programmi\Activision
2009-10-30 10:05 . 2009-09-25 14:11 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2009-10-30 10:00 . 2009-09-25 13:43 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-10-28 14:02 . 2009-09-25 23:34 -------- d-----w- c:\programmi\File comuni\Adobe
2009-10-21 14:26 . 2009-10-21 14:26 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\FUEL
2009-10-21 14:22 . 2009-10-21 14:21 -------- d-----w- c:\programmi\Microsoft Games for Windows - LIVE
2009-10-21 14:18 . 2009-10-21 14:18 -------- d-----w- c:\programmi\Codemasters
2009-10-20 13:04 . 2009-10-20 12:53 -------- d-----w- c:\programmi\EasySearch
2009-10-20 12:43 . 2009-10-20 12:42 -------- d-----w- c:\programmi\Windows Live Safety Center
2009-10-20 10:43 . 2009-10-20 10:43 -------- d-----w- c:\programmi\Microsoft.NET
2009-10-19 18:12 . 2006-06-22 20:43 360320 ----a-w- c:\windows\system32\drivers\TCPIP.SYS
2009-10-19 18:12 . 2009-10-19 18:12 360320 ----a-w- c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
2009-10-18 23:20 . 2009-10-18 23:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DriverScanner
2009-10-18 23:19 . 2009-10-18 23:19 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-10-18 23:19 . 2009-10-18 22:53 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\Uniblue
2009-10-18 23:19 . 2009-10-18 22:53 -------- d-----w- c:\programmi\Uniblue
2009-10-18 23:13 . 2009-10-18 23:13 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
2009-10-15 09:48 . 2009-10-15 09:48 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\Ubisoft
2009-10-15 09:41 . 2009-10-15 09:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Tages
2009-10-15 09:36 . 2009-10-15 09:36 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-10-15 09:36 . 2009-10-15 09:36 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-10-15 09:31 . 2009-10-15 09:31 -------- d-----w- c:\programmi\Ubisoft
2009-10-14 16:22 . 2009-10-14 16:22 -------- d-----w- c:\programmi\Smart Projects
2009-10-08 16:01 . 2009-10-08 16:01 -------- d-----w- c:\programmi\File comuni\NewSoft
2009-10-08 16:01 . 2009-10-08 16:01 -------- d-----w- c:\programmi\NewSoft
2009-10-08 15:58 . 2009-10-08 15:58 -------- d-----w- c:\programmi\Dexxon
2009-10-08 15:49 . 2009-10-08 15:49 -------- d-----w- c:\programmi\MSBuild
2009-10-08 15:49 . 2009-10-08 15:49 -------- d-----w- c:\programmi\Reference Assemblies
2009-10-08 15:47 . 2009-10-08 15:47 -------- d-----w- c:\programmi\MSXML 6.0
2009-10-06 21:15 . 2009-10-06 21:15 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PC Drivers HeadQuarters
2009-10-01 12:25 . 2009-10-01 12:25 -------- d-----w- c:\programmi\VideoLAN
2009-09-30 18:40 . 2009-09-25 13:25 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-09-30 18:34 . 2009-09-30 18:34 -------- d-----w- c:\programmi\TVAnts
2009-09-30 12:52 . 2009-09-25 16:21 -------- d-----w- c:\programmi\Windows Media Connect 2
2009-09-30 12:44 . 2009-09-29 22:48 139152 ----a-w- c:\documents and settings\Robert\Dati applicazioni\PnkBstrK.sys
2009-09-30 12:44 . 2009-09-29 22:48 139152 ----a-w- c:\documents and settings\Robert\Dati applicazioni\PnkBstrK.sys
2009-09-30 12:44 . 2009-09-29 22:48 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-09-30 12:44 . 2009-09-30 12:44 794408 ----a-w- c:\windows\system32\pbsvc[1].exe
2009-09-30 12:21 . 2009-09-30 12:21 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01001.Wdf
2009-09-30 12:21 . 2009-09-30 12:21 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01001_Coinstaller_Critical.Wdf
2009-09-30 12:20 . 2009-09-30 12:20 -------- d-----w- c:\programmi\Microsoft Xbox 360 Accessories
2009-09-30 10:54 . 2009-09-30 10:54 -------- d-----w- c:\documents and settings\Robert\Dati applicazioni\Leadertech
2009-09-29 22:48 . 2009-09-29 22:48 682280 ----a-w- c:\windows\system32\pbsvc.exe
2009-09-28 11:40 . 2009-09-28 11:40 -------- d-----w- c:\programmi\eMule
2009-09-28 09:31 . 2009-10-18 23:13 2838456 -c--a-w- c:\documents and settings\All Users\Dati applicazioni\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\speedupmypc2009.exe
2009-09-26 14:32 . 2009-09-26 14:32 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-09-26 12:34 . 2009-09-26 12:34 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-09-25 16:39 . 2009-09-25 16:39 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-25 16:39 . 2009-09-25 16:39 152576 ----a-w- c:\documents and settings\Robert\Dati applicazioni\Sun\Java\jre1.6.0_16\lzma.dll
2009-09-25 15:16 . 2009-09-25 15:16 10134 ----a-r- c:\documents and settings\Robert\Dati applicazioni\Microsoft\Installer\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}\ARPPRODUCTICON.exe
2009-09-25 14:50 . 2009-09-25 14:50 1961720 ----a-w- c:\documents and settings\Robert\Dati applicazioni\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-09-25 13:43 . 2009-09-25 13:43 315392 ----a-w- c:\windows\HideWin.exe
2009-09-25 13:22 . 2009-09-25 13:22 21840 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-04 16:44 . 2009-10-15 09:36 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
.

------- Sigcheck -------

[-] 2009-10-19 . 3C966F647BAB332093CB0F92692B5CB8 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\TCPIP.SYS
[-] 2009-10-19 . 3C966F647BAB332093CB0F92692B5CB8 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\TCPIP.SYS
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\073a8e9684d59d4923c2eb2e44aa36af\tcpip.sys
[7] 2006-06-22 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
[7] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[7] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-25 39408]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Creative WebCam Tray"="c:\programmi\Creative\Shared Files\CamTray.exe" [2005-10-27 299008]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208]
"DAEMON Tools Lite"="c:\programmi\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"Steam"="c:\programmi\Steam\Steam.exe" [2009-11-13 1217808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Quick Search Box"="c:\programmi\Google\Quick Search Box\GoogleQuickSearchBox.exe " [X]
"XboxStat"="c:\programmi\Microsoft Xbox 360 Accessories\XboxStat.exe silentrun" [X]
"nwiz"="c:\programmi\NVIDIA Corporation\nView\nwiz.exe" [2009-08-12 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-09-25 149280]
"ChangeFilterMerit"="c:\programmi\NewSoft\Presto! PVR\ChangeFilterMerit.exe" [2007-06-08 51280]
"Presto! PVR Monitor"="c:\programmi\NewSoft\Presto! PVR\Monitor.exe" [2009-01-15 157520]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"ISTray"="c:\programmi\Spyware Doctor\pctsTray.exe" [2009-09-22 1243088]
"Malwarebytes Anti-Malware (reboot)"="c:\programmi\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-03-21 16126464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\Robert\Menu Avvio\Programmi\Esecuzione automatica\
Utilit… controllo supporti di Picture Motion Browser.lnk - c:\programmi\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-9-25 390432]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Programmi\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Programmi\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Programmi\\TVAnts\\Tvants.exe"=
"c:\\Programmi\\Ubisoft\\Related Designs\\ANNO 1404\\Anno4.exe"=
"c:\\Programmi\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Anno4Web.exe"=
"c:\\Programmi\\Codemasters\\FUEL\\FUEL.exe"=
"c:\\Documents and Settings\\Robert\\Desktop\\pes2010.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Programmi\\Vuze\\Azureus.exe"=
"c:\\Documents and Settings\\Robert\\Dati applicazioni\\VuzeStream\\VuzeStream.exe"=
"c:\\Programmi\\CAPCOM\\RESIDENT EVIL 5\\RE5DX9.EXE"=
"c:\\Programmi\\CAPCOM\\RESIDENT EVIL 5\\RE5DX10.EXE"=
"c:\\Programmi\\FlashGet\\flashget.exe"=
"c:\\Documents and Settings\\Robert\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [23/11/2009 19.39.29 207280]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\programmi\Spyware Doctor\BDT\BDTUpdateService.exe [23/11/2009 19.41.00 112592]
R2 sdAuxService;PC Tools Auxiliary Service;c:\programmi\Spyware Doctor\pctsAuxs.exe [23/11/2009 19.39.15 358600]
R3 V0260VID;Live! Cam Vista IM;c:\windows\system32\drivers\V0260Vid.sys [25/09/2009 16.49.00 178913]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26/09/2009 13.34.37 721904]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [25/09/2009 23.48.57 133104]

--- Altri Servizi/Drivers In Memoria ---

*Deregistered* - PCTSDInjDriver32
.
Contenuto della cartella 'Scheduled Tasks'

2009-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-09-25 22:48]

2009-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-09-25 22:48]

2009-11-25 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-09-27 20:18]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.europowersearch.com/Search.html?SelectedSearchLang=IT
uInternet Settings,ProxyOverride = local
IE: &Scarica con FlashGet - c:\programmi\FlashGet\jc_link.htm
IE: &Scarica tutto con FlashGet - c:\programmi\FlashGet\jc_all.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-NWEReboot - (no file)
AddRemove-NVIDIA Drivers - c:\windows\system32\nvuninst.exe UninstallGUI
AddRemove-Uniblue DriverScanner 2009 - c:\documents and settings\All Users\Dati applicazioni\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe REMOVE=TRUE MODIFY=FALSE
AddRemove-Uniblue SpeedUpMyPC 2009 - c:\documents and settings\All Users\Dati applicazioni\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\speedupmypc2009.exe REMOVE=TRUE MODIFY=FALSE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-25 21:52
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2009-11-25 21:53
ComboFix-quarantined-files.txt 2009-11-25 20:53

Pre-Run: 301.690.707.968 byte disponibili
Post-Run: 301.682.933.760 byte disponibili

- - End Of File - - CF0A04A061FF40A09D5658CDAB4944C8
shapiro
Inviato: Thursday, November 26, 2009 10:17:52 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
vai qui =======>> http://www.virustotal.com/it/

analizza questo file e controlla se gli antivirus rilevano voci in rosso, e postami il risultato

c:\windows\system32\pbsvc.exe
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.