Ho fatto come hai detto. La scansione l'ho fatta in modalità normale:ha trovato 256 infezioni impiegandoci 6h (Si è fermato moltissimo si Windows Live Messanger!!Preciso che per problemi io lavevo disinstallato! E'rimasta questa cartella o questa si riferisce al Windows Messanger che io sul pc preinstallato??). Cmq le infezioni le ho concellate, prò ho salvato il Log :
Malwarebytes' Anti-Malware 1.42
Versione del database: 3340
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
14/12/2009 22.55.08
mbam-log-2009-12-14 (22-55-08).txt
Tipo di scansione: Scansione completa (C:\|D:\|)
Elementi scansionati: 211963
Tempo trascorso: 5 hour(s), 43 minute(s), 13 second(s)
Processi delle memoria infetti: 0
Moduli della memoria infetti: 2
Chiavi di registro infette: 31
Valori di registro infetti: 0
Elementi dato del registro infetti: 4
Cartelle infette: 24
File infetti: 188
Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)
Moduli della memoria infetti:
C:\WINDOWS\system32\dhcpsapi32.dll (Trojan.Tracur) -> Delete on reboot.
C:\WINDOWS\system32\73.tmp (Trojan.Agent) -> Delete on reboot.
Chiavi di registro infette:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22bfb6e3-9ca3-4350-861e-7611f4c4e15b} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{22bfb6e3-9ca3-4350-861e-7611f4c4e15b} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\d851b982697 (Trojan.Tracur) -> Delete on reboot.
HKEY_CLASSES_ROOT\premiereadvertisingplatform.premiereadvertisingplatform (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\premiereadvertisingplatform.premiereadvertisingplatform.1 (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{547395d9-934a-ced6-b851-f238c86079e5} (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35a5b43b-cb8a-49ca-a9f4-d3b308d2e3cc} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{547395d9-934a-ced6-b851-f238c86079e5} (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\privacy-components (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{22bfb6e3-9ca3-4350-861e-7611f4c4e15b} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e94a360c-6b32-48a6-ed1f-3ba7ea514295 (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servises (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\PremiereAdvertisingPlatform.dll (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\PremiereAdvertisingPlatform (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PremiereAdvertisingPlatform (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4988e850-89be-907e-7985-942b96ad72ae} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4988e850-89be-907e-7985-942b96ad72ae} (Adware.AdRotator) -> Quarantined and deleted successfully.
Valori di registro infetti:
(Nessun elemento malevolo rilevato)
Elementi dato del registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur) -> Data: c:\windows\system32\dhcpsapi32.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur) -> Data: system32\dhcpsapi32.dll -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (C:\Documents and Settings\Rita\Dati applicazioni\PC\pc.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Cartelle infette:
C:\Programmi\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar\chrome\locale (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar\chrome\locale\en-US (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar\searchplugins (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\PremiereAdvertisingPlatform (Adware.PlayMP3z) -> Quarantined and deleted successfully.
C:\Programmi\System Search Dispatcher (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\System Search Dispatcher\1.2.0.750 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\System Search Dispatcher\1.2.0.750\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService (Worm.Archive) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\faq (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\faq\images (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Programmi\PSecurity (Rogue.PSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\PSecurity (Rogue.PSecurity) -> Quarantined and deleted successfully.
C:\Programmi\File comuni\PSecurityUninstall (Rogue.PSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32 (Worm.Archive) -> Quarantined and deleted successfully.
File infetti:
C:\WINDOWS\system32\autodisc32.dll (Trojan.BHO.H) -> Delete on reboot.
C:\WINDOWS\system32\dhcpsapi32.dll (Trojan.Tracur) -> Delete on reboot.
C:\WINDOWS\system32\73.tmp (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Rita\Dati applicazioni\PC\uninstall.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Impostazioni locali\Temp\16.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Impostazioni locali\Temp\17.tmp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Impostazioni locali\Temp\18.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Impostazioni locali\Temp\19.tmp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Impostazioni locali\Temp\1B.tmp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Impostazioni locali\Temp\1D.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Impostazioni locali\Temp\1F.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Impostazioni locali\Temp\4.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Impostazioni locali\Temp\8.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Impostazioni locali\Temp\B.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Impostazioni locali\Temp\C.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Programmi\Trend Micro\HijackThis\backups\backup-20091206-195810-839.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Recycled\Dc11.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Recycled\Dc16.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{3702730B-00E6-499C-A0FA-432D066F2D9D}\RP2\A0001101.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{3702730B-00E6-499C-A0FA-432D066F2D9D}\RP2\A0001124.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{3702730B-00E6-499C-A0FA-432D066F2D9D}\RP2\A0001141.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fde32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\e94a360c-6b32-48a6-ed1f-3ba7ea514295.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\8DF.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dnsapi32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Cache\248d6576afce4ee94af42d7350131106.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Cache\24a70fb875fab686b6b3c217612bc07c.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_Cursor.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_DailyVideo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_Game.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_Glitter.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_Recipe.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_Ringtone.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_Screensaver.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_Smiley.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_Wallpaper.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\Module_Web.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar\chrome\locale\en-US\global.dtd (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar\components\DDAutoComplete.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar\components\ISmileyCore.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar\components\TBFFHelper.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar\components\TBFFHelper.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar\searchplugins\gamingharborsearchplugins.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Cursor.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Cursor.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Game.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Glitter.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Glitter.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Recipe.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Ringtone.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Screensaver.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Smiley.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Smiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\Module_Web.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnDefault.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnDisplay.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnGlitters.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnOption.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnSmiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnTellFd.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnWink.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnWink.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Skins\TellafriendSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\DoubleD\GamingHarbor Toolbar\4.1.2.19770\Skins\ToastSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\PremiereAdvertisingPlatform\uninstall.exe (Adware.PlayMP3z) -> Quarantined and deleted successfully.
C:\Programmi\System Search Dispatcher\1.2.0.750\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\System Search Dispatcher\1.2.0.750\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Programmi\System Search Dispatcher\1.2.0.750\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\329.crack.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\329.crack.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\330.keygen.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\330.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\331.serial.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\331.serial.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\332.setup.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\332.setup.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\333.music.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\333.music.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\334.music2.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\334.music2.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\335.music3.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\335.music3.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\336.music4.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\336.music4.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\faq\guide.html (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\faq\images\gimg1.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\faq\images\gimg10.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\faq\images\gimg2.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\faq\images\gimg3.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\faq\images\gimg4.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\faq\images\gimg5.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\faq\images\gimg6.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\faq\images\gimg7.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\faq\images\gimg8.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\faq\images\gimg9.jpg (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\PSecurity\Computer Scan.lnk (Rogue.PSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\PSecurity\Help.lnk (Rogue.PSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\PSecurity\Personal Security.lnk (Rogue.PSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\PSecurity\Registration.lnk (Rogue.PSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\PSecurity\Security Center.lnk (Rogue.PSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\PSecurity\Settings.lnk (Rogue.PSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\PSecurity\Update.lnk (Rogue.PSecurity) -> Quarantined and deleted successfully.
C:\Programmi\File comuni\PSecurityUninstall\Uninstall.lnk (Rogue.PSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u34333656v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u34333656v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u34333656v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u34333656v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u34333656v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u34333656v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u34333656v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\@u34333656v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi34333656v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi34333656v4.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi34333656v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi34333656v5.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi34333656v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi34333656v6.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi34333656v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi34333656v7.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu34333656v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu34333656v0.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu34333656v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu34333656v1.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu34333656v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu34333656v2.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu34333656v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu34333656v3.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_i34333656v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_i34333656v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_i34333656v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_i34333656v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u34333656v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u34333656v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u34333656v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u34333656v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\PSecurity.lnk (Rogue.PSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicy000.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\agent.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rita\Dati applicazioni\PC\settings.ini (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Poi ho fatto la scansione con Hjackthis è questo è il Log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8.52.13, on 15/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\Programmi\ClamWin\bin\ClamTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil_.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe
C:\Programmi\Panda Security\Panda Cloud Antivirus\PSANToManager.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.libero.itR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://arianna.libero.itR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://it.intl.acer.yahoo.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Programmi\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PSUNMain] "C:\Programmi\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Search - ?p=ZNfox000
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: NanoServiceMain - Panda Security, S.L. - C:\Programmi\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\system32\WFXSVC.EXE
--
End of file - 8429 bytes
Quelle 2 voci realmente non ci sono più!!!!! Ora sto rifando la scansione è ne ha trovati finora altri 3--
