Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Controllo log

2 pages: [1] 2
Controllo log Opzioni
Topic Precedente · Topic Sucessivo
tiziano64
Inviato: Tuesday, March 02, 2010 1:14:56 AM
Rank: AiutAmico

Iscritto dal : 4/7/2001
Posts: 113
Ciao mi potreste controllare il log
grazie



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:11:54, on 02/03/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Iminent\IMBooster\IMBooster.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Tiziano\AppData\Roaming\java\29025.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Iminent\MMServer\Iminent.MMServer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.iminent.com/?appId=95a6f3d1-6e34-47d1-8717-2b2e4286203e
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll
O2 - BHO: Iminent.LinkToContent - {A6E9BAAF-53CD-4575-967B-2AF710A7D21F} - C:\Program Files\Iminent\IMBooster\Iminent.LinkToContent.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SSC Service Utility] C:\Program Files\SSC Service Utility\ssc_serv.exe /s
O4 - HKLM\..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe /warmup
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Iminent.Notifier] C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [MSMSGS] C:\Users\Tiziano\AppData\Roaming\java\29025.exe
O4 - HKCU\..\RunOnce: [Iminent.Notifier Install] "C:\Users\Tiziano\AppData\Local\Temp\NotifierSetup.exe" /s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Startup: CCC.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: gearsec - GEAR Software - C:\Windows\system32\gearsec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8095 bytes
Torna in alto
 
Sponsor
Inviato: Tuesday, March 02, 2010 1:14:56 AM

 
Torna in alto
 
paolopa
Inviato: Tuesday, March 02, 2010 7:07:59 AM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
il log all analisi online presenta un problema(imbooster),vediamo se mbam ci mette una pezza o se bisogna agire diversamente.
scarica ed installa questo programma,aggiornalo,e fai una scansione completa:
http://software.aiutamici.com/software?ID=80346
Torna in alto
 
tiziano64
Inviato: Wednesday, March 03, 2010 6:34:46 PM
Rank: AiutAmico

Iscritto dal : 4/7/2001
Posts: 113
Dopo 2 scansioni complete con Malware bite's dove ha trovato con la prima 6 malware con la seconda 2 riinvio il log per un controllo :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:31:15, on 03/03/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Iminent\IMBooster\IMBooster.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.iminent.com/?appId=95a6f3d1-6e34-47d1-8717-2b2e4286203e
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll
O2 - BHO: Iminent.LinkToContent - {A6E9BAAF-53CD-4575-967B-2AF710A7D21F} - C:\Program Files\Iminent\IMBooster\Iminent.LinkToContent.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SSC Service Utility] C:\Program Files\SSC Service Utility\ssc_serv.exe /s
O4 - HKLM\..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe /warmup
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Iminent.Notifier] C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\RunOnce: [Iminent.Notifier Install] "C:\Users\Tiziano\AppData\Local\Temp\NotifierSetup.exe" /s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Startup: CCC.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: gearsec - GEAR Software - C:\Windows\system32\gearsec.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7952 bytes

Grazie
Torna in alto
 
paolopa
Inviato: Wednesday, March 03, 2010 7:53:46 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
veramente avrei voluto vedere il log di mbam....comunque hai ancora problemi,quindi passiamo a qualcos altro:
Scarica Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop.

Importante:dopo aver scaricato COMBOFIX, chiudi la connessione,disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso)

Doppio click su combofix.exe (comparirà una videata.)

E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix) tu ignorali.

Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.
Torna in alto
 
tiziano64
Inviato: Thursday, March 04, 2010 1:11:45 AM
Rank: AiutAmico

Iscritto dal : 4/7/2001
Posts: 113
Ecco il log risultato dalla scansione con combofix


ComboFix 10-03-03.03 - Tiziano 03/03/2010 23:01:29.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.39.1040.18.1790.887 [GMT 1:00]
Eseguito da: c:\users\Tiziano\Downloads\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1075603932-4235294838-3250333571-1004
C:\Microsoft
c:\users\Tiziano\AppData\Roaming\Microsoft\select10.exe20P
c:\users\Tiziano\AppData\Roaming\Microsoft\select10.exeWebDL
c:\windows\system32\wins.exe

.
((((((((((((((((((((((((( Files Creati Da 2010-02-03 al 2010-03-03 )))))))))))))))))))))))))))))))))))
.

2010-03-03 22:11 . 2010-03-03 22:12 -------- d-----w- c:\users\Tiziano\AppData\Local\temp
2010-03-03 22:11 . 2010-03-03 22:11 -------- d-----w- c:\users\RemoteUser\AppData\Local\temp
2010-03-03 22:11 . 2010-03-03 22:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-03 22:11 . 2010-03-03 22:11 -------- d-----w- c:\users\tizio prova\AppData\Local\temp
2010-03-03 18:07 . 2010-03-03 18:07 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-03-02 17:40 . 2010-03-02 17:40 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Malwarebytes
2010-03-02 17:40 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-02 17:40 . 2010-03-02 17:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-02 17:40 . 2010-03-02 17:40 -------- d-----w- c:\programdata\Malwarebytes
2010-03-02 17:40 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-02 00:11 . 2010-03-02 00:11 -------- d-----w- c:\program files\Trend Micro
2010-02-24 06:11 . 2009-12-13 09:30 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-02-24 06:11 . 2009-12-13 09:30 465408 ----a-w- c:\windows\system32\psisdecd.dll
2010-02-24 06:11 . 2009-12-13 09:29 417792 ----a-w- c:\windows\system32\msdri.dll
2010-02-24 06:11 . 2010-02-02 07:45 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-22 20:23 . 2010-02-25 17:51 -------- d--h--w- c:\users\Tiziano\AppData\Roaming\sys
2010-02-22 20:23 . 2010-02-22 20:23 48128 ---ha-w- c:\users\RemoteUser\AppData\Roaming\sys\winfinder.exe
2010-02-21 22:53 . 2010-03-02 19:59 -------- d-----w- c:\users\Tiziano\AppData\Roaming\java
2010-02-21 22:53 . 2010-02-21 22:53 49152 ---ha-w- c:\users\Tiziano\AppData\Roaming\java\msnmsgs.exe
2010-02-21 22:53 . 2010-02-21 22:59 49152 ----a-w- c:\users\Tiziano\AppData\Roaming\msnmsgs.exe
2010-02-17 20:03 . 2010-02-17 20:03 -------- d-----w- C:\Grand Theft Auto Vice City
2010-02-16 17:58 . 2010-02-16 17:58 -------- d-----w- c:\program files\ConvertHelper
2010-02-16 09:02 . 2010-02-16 08:51 344064 ----a-w- c:\users\Tiziano\AppData\Roaming\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\_setup.dll
2010-02-16 08:52 . 2010-02-16 08:52 -------- d-----w- c:\users\Tiziano\AppData\Roaming\InstallShield Installation Information
2010-02-16 08:52 . 2002-12-02 20:33 107512 ----a-w- c:\users\Tiziano\AppData\Roaming\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\setup.exe
2010-02-16 08:52 . 2010-02-16 08:52 -------- d-----w- c:\program files\Rockstar Games
2010-02-11 19:41 . 2010-02-11 19:41 -------- d-----w- C:\GCorp
2010-02-10 17:05 . 2010-02-10 17:08 -------- d-----w- c:\users\Tiziano\AppData\Local\Sony
2010-02-10 16:45 . 2010-02-10 16:45 -------- d-----w- c:\program files\Sony Setup
2010-02-09 18:01 . 2010-02-09 19:47 -------- d-----w- c:\program files\FotoDigital
2010-02-09 12:09 . 2010-02-10 08:16 -------- d--h--w- c:\programdata\{C8831C54-20C5-4438-9725-9E4A8BFFA66C}
2010-02-05 19:26 . 2010-02-05 19:26 -------- d-----w- c:\users\Tiziano\AppData\Local\Nero
2010-02-04 23:20 . 2010-02-04 23:20 -------- d-----w- c:\users\Tiziano\AppData\Roaming\inkscape
2010-02-04 23:09 . 2010-02-04 23:19 -------- d-----w- c:\program files\Inkscape
2010-02-04 22:27 . 2010-02-04 22:30 -------- d-----w- c:\users\Tiziano\AppData\Roaming\SmartDraw
2010-02-04 19:39 . 1999-09-08 18:10 6528 ----a-r- c:\windows\isk3ro.exe
2010-02-04 19:39 . 1999-09-08 18:10 11200 ----a-r- c:\windows\welc.exe
2010-02-04 18:26 . 1996-12-21 03:05 116736 ----a-w- c:\windows\system32\PCDLIB32.DLL
2010-02-04 18:26 . 1997-07-01 11:42 194560 ----a-w- c:\windows\system32\MGXBM21.DLL
2010-02-04 18:26 . 1997-05-07 11:38 38400 ----a-w- c:\windows\system32\MGXFRM20.DLL
2010-02-04 18:26 . 1997-02-07 01:00 1483776 ----a-w- c:\windows\MGXRDR32.DLL
2010-02-04 18:26 . 1996-09-07 10:37 921872 ----a-w- c:\windows\system32\MGX40.DLL
2010-02-04 14:27 . 2010-02-04 14:27 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Ubisoft
2010-02-04 14:17 . 2010-02-04 14:17 -------- d-----w- c:\programdata\Ubisoft
2010-02-04 13:57 . 2010-02-04 13:57 -------- d-----w- c:\program files\Ubisoft
2010-02-03 13:37 . 2009-08-05 21:48 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-02-03 13:37 . 2010-02-03 13:37 -------- dc----w- c:\windows\system32\DRVSTORE
2010-02-02 08:20 . 2010-02-02 08:20 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Conviva
2010-02-02 08:20 . 2009-07-22 09:40 86070 ----a-w- c:\users\Tiziano\AppData\Roaming\Conviva\RineraProxyFF\pthreadVC2.dll
2010-02-02 08:20 . 2009-07-22 09:40 1831664 ----a-w- c:\users\Tiziano\AppData\Roaming\Conviva\RineraProxyFF\ConvivaProxy.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-03 22:06 . 2009-07-14 08:21 689472 ----a-w- c:\windows\system32\perfh010.dat
2010-03-03 22:06 . 2009-07-14 08:21 124626 ----a-w- c:\windows\system32\perfc010.dat
2010-03-03 18:14 . 2010-01-12 16:24 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Windows Live Writer
2010-03-03 18:07 . 2009-09-29 08:10 -------- d-----w- c:\program files\Windows Live
2010-03-03 17:08 . 2009-09-30 11:33 -------- d-----w- c:\program files\Google
2010-03-03 06:22 . 2009-09-29 20:30 -------- d-----w- c:\users\Tiziano\AppData\Roaming\uTorrent
2010-03-02 18:51 . 2010-02-22 18:46 415 ----a-w- c:\windows\system32\tempfile.tmp
2010-03-02 17:40 . 2009-09-29 09:05 -------- d-----w- c:\program files\PowerArchiver
2010-03-01 17:48 . 2009-11-20 20:25 -------- d-----w- c:\program files\Messenger Plus! Live
2010-02-27 10:52 . 2009-11-04 12:42 1332 ----a-w- c:\program files\undercoverxp.cfg
2010-02-25 17:52 . 2010-02-25 17:51 -------- d--h--w- c:\users\RemoteUser\AppData\Roaming\sys
2010-02-24 08:16 . 2009-10-02 21:03 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-20 23:12 . 2010-01-17 23:06 -------- d-----w- c:\users\Tiziano\AppData\Roaming\vlc
2010-02-15 12:12 . 2009-09-29 20:31 -------- d-----w- c:\program files\uTorrent
2010-02-13 12:03 . 2009-09-29 07:35 127232 ----a-w- c:\users\Tiziano\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-10 17:05 . 2010-02-10 16:45 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Sony
2010-02-10 16:50 . 2010-02-10 16:50 -------- d-----w- c:\program files\Common Files\Sony Shared
2010-02-10 16:50 . 2010-02-10 16:49 -------- d-----w- c:\program files\Sony
2010-02-10 16:50 . 2010-02-10 16:50 10134 ----a-r- c:\users\Tiziano\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
2010-02-10 16:49 . 2010-02-10 16:49 -------- d-----w- c:\programdata\Sony Corporation
2010-02-10 16:49 . 2009-11-02 10:41 -------- d-----w- c:\program files\QuickTime
2010-02-10 16:48 . 2009-11-02 10:41 -------- d-----w- c:\programdata\Apple Computer
2010-02-10 16:48 . 2010-02-10 16:48 -------- d-----w- c:\program files\Common Files\Apple
2010-02-10 16:47 . 2010-02-10 16:47 -------- d-----w- c:\program files\Apple Software Update
2010-02-10 16:47 . 2010-02-10 16:47 -------- d-----w- c:\programdata\Apple
2010-02-10 16:47 . 2010-02-10 16:46 32494896 ----a-w- c:\users\Tiziano\AppData\Roaming\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe
2010-02-10 16:46 . 2010-02-10 16:45 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Sony Setup
2010-02-10 08:16 . 2010-01-29 19:34 -------- d-----w- c:\program files\Iminent
2010-02-10 02:01 . 2009-09-29 07:41 -------- d-----w- c:\programdata\Microsoft Help
2010-02-09 19:47 . 2010-01-11 12:39 -------- d-----w- c:\users\Tiziano\AppData\Roaming\PhotoFiltre
2010-02-09 19:47 . 2010-01-10 16:26 -------- d-----w- c:\program files\PhotoScape
2010-02-06 19:15 . 2009-11-20 20:32 -------- d-----w- c:\programdata\Messenger Plus!
2010-02-04 13:56 . 2009-09-29 08:46 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-01 19:52 . 2010-02-01 19:52 -------- d-----w- c:\program files\SweetIM
2010-02-01 19:52 . 2010-02-01 19:52 -------- d-----w- c:\programdata\SweetIM
2010-02-01 13:47 . 2010-01-21 12:11 50354 ----a-w- c:\users\Tiziano\AppData\Roaming\Facebook\uninstall.exe
2010-02-01 13:47 . 2010-01-21 12:11 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Facebook
2010-01-30 15:52 . 2010-01-30 15:51 -------- d-----w- c:\users\Tiziano\AppData\Roaming\AVSMedia
2010-01-30 15:51 . 2009-10-13 19:36 -------- d-----w- c:\program files\Common Files\AVSMedia
2010-01-30 15:49 . 2010-01-30 15:49 -------- d-----w- c:\program files\AVSMedia
2010-01-30 08:24 . 2010-01-30 08:19 -------- d-----w- c:\program files\Babylon
2010-01-29 19:36 . 2010-01-29 19:36 -------- d--h--w- c:\programdata\{924B45CC-9477-41E9-808B-6F623B920F1E}
2010-01-29 19:36 . 2010-01-29 19:35 -------- d-----w- c:\programdata\Iminent
2010-01-29 19:35 . 2010-01-29 19:35 -------- d--h--w- c:\programdata\{C9221463-F18B-4A58-9384-77F6E3552EDB}
2010-01-28 23:36 . 2010-01-28 23:27 -------- d-----w- c:\program files\NEC
2010-01-28 15:56 . 2010-01-29 19:35 2482800 ----a-w- c:\programdata\{C9221463-F18B-4A58-9384-77F6E3552EDB}\IMBoosterSetup.exe
2010-01-27 03:21 . 2010-01-27 03:21 847040 ----a-w- c:\users\Tiziano\AppData\Roaming\Facebook\axfbootloader.dll
2010-01-27 03:20 . 2010-01-27 03:20 5578752 ----a-w- c:\users\Tiziano\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
2010-01-25 22:38 . 2010-01-23 17:56 -------- d-----w- c:\program files\REALTEK
2010-01-25 12:02 . 2010-01-24 18:46 -------- d-----w- c:\program files\SnadBoy's Revelation v2
2010-01-24 23:16 . 2010-01-24 23:16 126840 ----a-w- c:\users\tizio prova\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-24 23:15 . 2010-01-24 23:15 -------- d-----w- c:\users\tizio prova\AppData\Roaming\ATI
2010-01-24 18:56 . 2010-01-24 18:56 -------- d-----w- c:\program files\Camtech
2010-01-24 18:49 . 2010-01-24 18:49 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2010-01-24 00:55 . 2010-01-24 00:55 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2010-01-23 12:01 . 2010-01-23 12:01 -------- d-----w- c:\program files\EASEUS
2010-01-22 12:10 . 2009-10-14 16:41 -------- d-----w- c:\programdata\Electronic Arts
2010-01-22 12:10 . 2010-01-22 12:10 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-22 12:10 . 2010-02-25 17:51 38784 ----a-w- c:\users\RemoteUser\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-22 12:10 . 2010-01-24 23:14 38784 ----a-w- c:\users\tizio prova\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-22 12:10 . 2010-01-22 12:10 38784 ----a-w- c:\users\Tiziano\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-22 12:10 . 2010-01-22 12:10 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-20 13:29 . 2009-09-29 08:01 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 23:29 . 2010-02-09 19:54 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-09 19:54 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-09 19:54 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-09 19:54 369152 ----a-w- c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-09 19:54 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-09 19:54 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-09 19:54 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-09 19:54 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-18 12:45 . 2010-01-18 12:45 -------- d-----w- c:\program files\VideoLAN
2010-01-17 18:39 . 2010-01-17 18:39 -------- d-----w- c:\program files\TVLC
2010-01-17 00:02 . 2010-01-17 00:02 -------- d-----w- c:\programdata\5DFly Software Team
2010-01-17 00:01 . 2010-01-17 00:01 -------- d-----w- c:\program files\5DFly
2010-01-15 08:14 . 2010-01-15 08:10 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Synthesia
2010-01-15 08:09 . 2010-01-15 08:09 -------- d-----w- c:\program files\Synthesia
2010-01-11 13:22 . 2010-01-11 13:22 4096 ----a-w- c:\windows\d3dx.dat
2010-01-11 12:39 . 2010-01-11 12:39 -------- d-----w- c:\program files\PhotoFiltre
2010-01-09 21:43 . 2010-01-08 22:42 -------- d-----w- c:\program files\My Photo Calendars & cards (Digilabs Edition)
2010-01-08 22:42 . 2010-01-08 22:42 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2010-01-08 17:13 . 2010-01-08 16:20 -------- d-----w- c:\program files\AVIConverter
2010-01-08 03:18 . 2010-02-09 19:54 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-09 19:54 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-01-07 12:42 . 2010-01-07 12:42 -------- d-----w- c:\programdata\DVD Shrink
2010-01-07 12:42 . 2010-01-07 12:42 -------- d-----w- c:\program files\DVD Shrink
2010-01-06 21:43 . 2010-01-06 21:22 -------- d-----w- c:\program files\VirtualDJ
2010-01-02 11:08 . 2010-01-02 11:08 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-19 13:47 . 2009-12-19 13:47 375616 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2009-12-19 13:31 . 2009-12-19 13:31 13094 ----a-r- c:\users\Tiziano\AppData\Roaming\Microsoft\Installer\{E7D83573-9E85-4326-8A8E-B4E7F23C9BA8}\_9F09FC5451D2BC62EF006A.exe
2009-12-19 13:31 . 2009-12-19 13:31 13094 ----a-r- c:\users\Tiziano\AppData\Roaming\Microsoft\Installer\{E7D83573-9E85-4326-8A8E-B4E7F23C9BA8}\_6FEFF9B68218417F98F549.exe
2009-12-19 13:31 . 2009-12-19 13:31 13094 ----a-r- c:\users\Tiziano\AppData\Roaming\Microsoft\Installer\{E7D83573-9E85-4326-8A8E-B4E7F23C9BA8}\_446884E9B97E1D175BFA29.exe
2009-12-19 09:02 . 2010-01-22 03:25 977920 ----a-w- c:\windows\system32\wininet.dll
2009-12-19 09:02 . 2010-02-09 19:54 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-19 09:02 . 2010-02-09 19:54 1328640 ----a-w- c:\windows\system32\quartz.dll
2009-12-19 09:02 . 2010-02-09 19:54 22016 ----a-w- c:\windows\system32\msyuv.dll
2009-12-19 09:02 . 2010-02-09 19:54 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-19 09:02 . 2010-02-09 19:54 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-19 09:02 . 2010-02-09 19:54 84480 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-19 09:02 . 2010-02-09 19:54 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-10-19 187192]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A6E9BAAF-53CD-4575-967B-2AF710A7D21F}]
2010-01-28 13:42 105960 ----a-w- c:\program files\Iminent\IMBooster\Iminent.LinkToContent.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-10-19 15:15 1345336 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-11-24 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"IMBooster"="c:\program files\Iminent\IMBooster\IMBooster.exe" [2010-01-28 1334248]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-10-20 111928]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]

c:\users\Tiziano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [29/09/2009 10:27 114768]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\System32\drivers\vwififlt.sys [14/07/2009 00:52 48128]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [29/09/2009 10:27 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [29/09/2009 10:27 53328]
R2 gearsec;gearsec;c:\windows\System32\gearsec.exe [01/12/2003 15:27 53248]
R3 dc3d;MS Hardware Device Detection Driver (HID);c:\windows\System32\drivers\dc3d.sys [04/11/2009 02:59 17408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\System32\drivers\vwifimp.sys [14/07/2009 00:52 14336]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [02/01/2010 12:08 721904]
S2 gupdate;Servizio di Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [03/03/2010 18:04 135664]
S3 A5AGU;D-Link Wireless LAN 802.11 USB device driver;c:\windows\System32\drivers\AGUx86.sys [08/10/2007 09:53 892416]
S3 epmntdrv;epmntdrv;c:\windows\System32\epmntdrv.sys [23/01/2010 13:01 14216]
S3 EuGdiDrv;EuGdiDrv;c:\windows\System32\EuGdiDrv.sys [23/01/2010 13:01 8456]
S3 fssfltr;fssfltr;c:\windows\System32\drivers\fssfltr.sys [03/02/2010 14:37 54632]
S3 fsssvc;Servizio Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
S3 marlbus;NEC WMC USB_AD1 Composite Device driver (WDM);c:\windows\System32\drivers\marlbus.sys [16/07/2005 09:11 58352]
S3 marlmdfl;NEC WMC USB_AD1 Modem Filter;c:\windows\System32\drivers\marlmdfl.sys [16/07/2005 09:13 8272]
S3 marlmdm;NEC WMC USB_AD1 Modem Drivers;c:\windows\System32\drivers\marlmdm.sys [16/07/2005 09:13 93968]
S3 marlobex;NEC WMC USB_AD1 OBEX Interface Drivers (WDM);c:\windows\System32\drivers\marlobex.sys [16/07/2005 09:17 83344]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\System32\drivers\VSTAZL3.SYS [13/07/2009 23:13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\System32\drivers\VSTDPV3.SYS [13/07/2009 23:13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\System32\drivers\VSTCNXT3.SYS [13/07/2009 23:13 661504]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1D1BADC6-EAC7-0CCD-03A7-EDF22BE6FCD8}]
2010-02-22 20:23 48128 ---ha-w- c:\users\RemoteUser\AppData\Roaming\sys\winfinder.exe
.
Contenuto della cartella 'Scheduled Tasks'

2010-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-03 17:04]

2010-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-03 17:04]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://search.iminent.com/?appId=95a6f3d1-6e34-47d1-8717-2b2e4286203e
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Tiziano\AppData\Roaming\Mozilla\Firefox\Profiles\rld1qrt2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
FF - prefs.js: browser.search.selectedEngine - Wikipedia (it)
FF - prefs.js: browser.startup.homepage - hxxp://www.libero.it/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\program files\Mozilla Firefox\extensions\linkcontent@iminent\components\Iminent.LinkToContentFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\webbooster@iminent.com\components\Iminent.XPCOM.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Sony\Media Go\npmediago.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Tiziano\AppData\Roaming\Facebook\npfbplugin_1_0_0.dll
FF - plugin: c:\users\Tiziano\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\users\Tiziano\AppData\Roaming\Mozilla\Firefox\Profiles\rld1qrt2.default\extensions\StreamingPlugin@conviva.com\platform\WINNT_x86-msvc\plugins\npconviva.4.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\all-iminent.js - pref("iminent.appInstanceUid", "95a6f3d1-6e34-47d1-8717-2b2e4286203e");
c:\program files\Mozilla Firefox\defaults\pref\all-iminent.js - pref("iminent.currentLcid", 1040);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKCU-RunOnce-Iminent.Notifier Install - c:\users\Tiziano\AppData\Local\Temp\NotifierSetup.exe
HKLM-Run-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
HKLM-Run-SSC Service Utility - c:\program files\SSC Service Utility\ssc_serv.exe
HKLM-Run-Iminent.Notifier - c:\program files\Iminent\SearchTheWeb\Iminent.Notifier.exe
ActiveSetup-ccc-core-static - msiexec
ActiveSetup-{1D1BADC6-EAC7-0CCD-03A7-EDF22BE6FCD8} - c:\users\Tiziano\AppData\Roaming\sys\winfinder.exe


.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000004

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2010-03-03 23:16:04
ComboFix-quarantined-files.txt 2010-03-03 22:16

Pre-Run: 85.043.994.624 byte disponibili
Post-Run: 91.430.248.448 byte disponibili

- - End Of File - - BCA7D4A2E8A70BE50E03E3192940E232
Torna in alto
 
paolopa
Inviato: Thursday, March 04, 2010 6:32:08 AM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
qualcos altro ha eliminato...momentaneamente tieni ancora installato combofix,nel caso r16 volesse farti eseguire uno script,intanto posta un log aggiornato di hijack,cosi vediamo se dobbiamo agire manualmente.
Torna in alto
 
tiziano64
Inviato: Thursday, March 04, 2010 1:12:40 PM
Rank: AiutAmico

Iscritto dal : 4/7/2001
Posts: 113
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:13:17, on 04/03/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Iminent\IMBooster\IMBooster.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Iminent\MMServer\Iminent.MMServer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.iminent.com/?appId=95a6f3d1-6e34-47d1-8717-2b2e4286203e
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll
O2 - BHO: Iminent.LinkToContent - {A6E9BAAF-53CD-4575-967B-2AF710A7D21F} - C:\Program Files\Iminent\IMBooster\Iminent.LinkToContent.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe /warmup
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: CCC.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: gearsec - GEAR Software - C:\Windows\system32\gearsec.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7330 bytes
Torna in alto
 
paolopa
Inviato: Thursday, March 04, 2010 1:30:47 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
ti do la procedura,ma siccome non sono autorizzato a farti cancellare voci con hijack,aspetta il benestare di r16,vedrai che non tardera' molto.
avvia hijack,spunta le seguenti voci:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.iminent.com/?appId=95a6f3d1-6e34-47d1-8717-2b2e4286203e
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll
O2 - BHO: Iminent.LinkToContent - {A6E9BAAF-53CD-4575-967B-2AF710A7D21F} - C:\Program Files\Iminent\IMBooster\Iminent.LinkToContent.dll
O4 - HKLM\..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe /warmup
con tutte le applicazioni chiuse e disconnesso da internet premi il pulsante fix.
Torna in alto
 
r16
Inviato: Thursday, March 04, 2010 1:39:46 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Elimina queste voci di HJT:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.iminent.com/?appId=95a6f3d1-6e34-47d1-8717-2b2e4286203e
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - Startup: CCC.lnk = ?
Pulisci con CCleaner.
Riavvia il pc.
Il log di Combofix, presenta qualche problema.
Riscontri rallentamenti, o anomalie sul pc?
Torna in alto
 
paolopa
Inviato: Thursday, March 04, 2010 1:46:36 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
ciao r16,quelle che ho indicato non andavano fixate?
Torna in alto
 
r16
Inviato: Thursday, March 04, 2010 1:57:20 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
paolopa ha scritto:
ciao r16,quelle che ho indicato non andavano fixate?

Queste:
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll
O2 - BHO: Iminent.LinkToContent - {A6E9BAAF-53CD-4575-967B-2AF710A7D21F} - C:\Program Files\Iminent\IMBooster\Iminent.LinkToContent.dll
Se fixate, non gli funzionerebbe correttamente il software IMBooster.
Detto software, dovrebbe servire a scaricare "Emotion" per i vari Messenger Yhaoo ecc,,,
Fosse per me, fulminerei anche il software, ma bisognerebbe chiedere a tiziano64 , se è d'accordo.
Le voci che ho eliminato io, sono principalmente per la Toolbar SweetIM.
Conosciuta, per scaricare spyware.
Torna in alto
 
paolopa
Inviato: Thursday, March 04, 2010 2:14:50 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
avevo guardato"iminent.com" con google,e nella quasi totalita' delle pagine wot da semaforo rosso,per questo pensavo che dipendesse da questo.
Torna in alto
 
r16
Inviato: Thursday, March 04, 2010 2:33:29 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Perchè, è il link dove lo ha scaricato, che è pericoloso.
Il software IMBooster, di per sè, non presenta problemi, ma se lo ha scaricato da quel sito, oltre a scaricargli il software, gli ha dato in "omaggio", anche qualche spyware.
Comunque stò preparando uno script "robusto" per l'eventuale eliminazione.
Vediamo se tiziano64, è d'accordo.
Torna in alto
 
tiziano64
Inviato: Thursday, March 04, 2010 7:03:52 PM
Rank: AiutAmico

Iscritto dal : 4/7/2001
Posts: 113
Ciao siccome mi fido cecamente di voi ho eliminato tutto cio che avete elencato
sia paolopa che r16 anche perchè IMBooster lo ha scaricato mio figlio e non so da dove
Ho fatto la scansione coc Ccleaner e riavviato
la prima cosa che ho notato è stata che Messenger ora funziona mentre fino ad oggi da un po di tempo
mio figlio lamentava che non si connetteva e dava l'errore 80048820
r16 parlavi di uno script robusto cosa intendi? siccome non capisco al volo certe cose
ma se è una cosa che mi puo migliorare il pc ben venga.
Torna in alto
 
r16
Inviato: Thursday, March 04, 2010 7:31:49 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Vediamo cosa hai eliminato:
Apri un file di testo sul Desktop (start\esegui\digita: notepad.exe e poi clicca Ok
Ci incolli il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente con il nome CFScript.txt

Code:
Folder::
c:\program files\SweetIM
c:\programdata\SweetIM

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=-
"IMBooster"=-
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A6E9BAAF-53CD-4575-967B-2AF710A7D21F}]

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]



e trascinalo sull'icona di ComboFix.
Attendi la fine dei lavori, senza toccare tastiera, mouse o altro.
Posta il log aggiornato di combofix
Torna in alto
 
tiziano64
Inviato: Friday, March 05, 2010 2:31:24 AM
Rank: AiutAmico

Iscritto dal : 4/7/2001
Posts: 113
ComboFix 10-03-03.03 - Tiziano 05/03/2010 0:00.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.39.1040.18.1790.1173 [GMT 1:00]
Eseguito da: c:\users\Tiziano\Desktop\ComboFix.exe
Opzioni usate :: c:\users\Tiziano\Desktop\CFScript .txt.txt
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\SweetIM
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgAIMAuto.dll
c:\program files\SweetIM\Messenger\mgAIMMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgIEPlayer.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\GamesButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\version.txt
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
c:\programdata\SweetIM
c:\programdata\SweetIM\Messenger\conf\adapter.xml
c:\programdata\SweetIM\Messenger\conf\autoupdate.xml
c:\programdata\SweetIM\Messenger\conf\logger.xml
c:\programdata\SweetIM\Messenger\conf\messages.xml
c:\programdata\SweetIM\Messenger\conf\sweetim.xml
c:\programdata\SweetIM\Messenger\conf\sweetimapp.xml
c:\programdata\SweetIM\Messenger\conf\users\main_user_config.xml
c:\programdata\SweetIM\Messenger\data\contentdb\cache_indx.dat

.
((((((((((((((((((((((((( Files Creati Da 2010-02-04 al 2010-03-04 )))))))))))))))))))))))))))))))))))
.

2010-03-04 23:10 . 2010-03-04 23:10 -------- d-----w- c:\users\Tiziano\AppData\Local\temp
2010-03-04 23:10 . 2010-03-04 23:10 -------- d-----w- c:\users\tizio prova\AppData\Local\temp
2010-03-04 23:10 . 2010-03-04 23:10 -------- d-----w- c:\users\RemoteUser\AppData\Local\temp
2010-03-04 23:10 . 2010-03-04 23:10 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-03-04 23:10 . 2010-03-04 23:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-04 18:43 . 1998-10-06 17:57 327168 ----a-w- c:\windows\IsUn0410.exe
2010-03-04 17:45 . 2010-03-04 17:45 -------- d-----w- c:\program files\CCleaner
2010-03-03 18:07 . 2010-03-03 18:07 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-03-02 17:40 . 2010-03-02 17:40 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Malwarebytes
2010-03-02 17:40 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-02 17:40 . 2010-03-02 17:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-02 17:40 . 2010-03-02 17:40 -------- d-----w- c:\programdata\Malwarebytes
2010-03-02 17:40 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-02 00:11 . 2010-03-02 00:11 -------- d-----w- c:\program files\Trend Micro
2010-02-24 06:11 . 2009-12-13 09:30 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-02-24 06:11 . 2009-12-13 09:30 465408 ----a-w- c:\windows\system32\psisdecd.dll
2010-02-24 06:11 . 2009-12-13 09:29 417792 ----a-w- c:\windows\system32\msdri.dll
2010-02-24 06:11 . 2010-02-02 07:45 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-22 20:23 . 2010-03-03 22:16 -------- d--h--w- c:\users\Tiziano\AppData\Roaming\sys
2010-02-22 20:23 . 2010-02-22 20:23 48128 ---h--w- c:\users\Tiziano\AppData\Roaming\sys\winfinder.exe
2010-02-21 22:53 . 2010-03-02 19:59 -------- d-----w- c:\users\Tiziano\AppData\Roaming\java
2010-02-21 22:53 . 2010-02-21 22:53 49152 ---ha-w- c:\users\Tiziano\AppData\Roaming\java\msnmsgs.exe
2010-02-21 22:53 . 2010-02-21 22:59 49152 ----a-w- c:\users\Tiziano\AppData\Roaming\msnmsgs.exe
2010-02-17 20:03 . 2010-02-17 20:03 -------- d-----w- C:\Grand Theft Auto Vice City
2010-02-16 17:58 . 2010-02-16 17:58 -------- d-----w- c:\program files\ConvertHelper
2010-02-16 09:02 . 2010-02-16 08:51 344064 ----a-w- c:\users\Tiziano\AppData\Roaming\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\_setup.dll
2010-02-16 08:52 . 2010-02-16 08:52 -------- d-----w- c:\users\Tiziano\AppData\Roaming\InstallShield Installation Information
2010-02-16 08:52 . 2002-12-02 20:33 107512 ----a-w- c:\users\Tiziano\AppData\Roaming\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\setup.exe
2010-02-16 08:52 . 2010-02-16 08:52 -------- d-----w- c:\program files\Rockstar Games
2010-02-11 19:41 . 2010-02-11 19:41 -------- d-----w- C:\GCorp
2010-02-10 17:05 . 2010-02-10 17:08 -------- d-----w- c:\users\Tiziano\AppData\Local\Sony
2010-02-10 16:45 . 2010-02-10 16:45 -------- d-----w- c:\program files\Sony Setup
2010-02-09 18:01 . 2010-02-09 19:47 -------- d-----w- c:\program files\FotoDigital
2010-02-09 12:09 . 2010-02-10 08:16 -------- d--h--w- c:\programdata\{C8831C54-20C5-4438-9725-9E4A8BFFA66C}
2010-02-05 19:26 . 2010-02-05 19:26 -------- d-----w- c:\users\Tiziano\AppData\Local\Nero
2010-02-04 23:20 . 2010-02-04 23:20 -------- d-----w- c:\users\Tiziano\AppData\Roaming\inkscape
2010-02-04 23:09 . 2010-02-04 23:19 -------- d-----w- c:\program files\Inkscape
2010-02-04 22:27 . 2010-02-04 22:30 -------- d-----w- c:\users\Tiziano\AppData\Roaming\SmartDraw
2010-02-04 19:39 . 1999-09-08 18:10 6528 ----a-r- c:\windows\isk3ro.exe
2010-02-04 19:39 . 1999-09-08 18:10 11200 ----a-r- c:\windows\welc.exe
2010-02-04 18:26 . 1996-12-21 03:05 116736 ----a-w- c:\windows\system32\PCDLIB32.DLL
2010-02-04 18:26 . 1997-07-01 11:42 194560 ----a-w- c:\windows\system32\MGXBM21.DLL
2010-02-04 18:26 . 1997-05-07 11:38 38400 ----a-w- c:\windows\system32\MGXFRM20.DLL
2010-02-04 18:26 . 1997-02-07 01:00 1483776 ----a-w- c:\windows\MGXRDR32.DLL
2010-02-04 18:26 . 1996-09-07 10:37 921872 ----a-w- c:\windows\system32\MGX40.DLL
2010-02-04 14:27 . 2010-02-04 14:27 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Ubisoft
2010-02-04 14:17 . 2010-02-04 14:17 -------- d-----w- c:\programdata\Ubisoft
2010-02-04 13:57 . 2010-02-04 13:57 -------- d-----w- c:\program files\Ubisoft
2010-02-03 13:37 . 2009-08-05 21:48 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-02-03 13:37 . 2010-02-03 13:37 -------- dc----w- c:\windows\system32\DRVSTORE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-04 23:05 . 2009-07-14 08:21 689472 ----a-w- c:\windows\system32\perfh010.dat
2010-03-04 23:05 . 2009-07-14 08:21 124626 ----a-w- c:\windows\system32\perfc010.dat
2010-03-04 17:51 . 2009-09-29 07:35 127232 ----a-w- c:\users\Tiziano\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-04 17:45 . 2009-09-29 09:05 -------- d-----w- c:\program files\PowerArchiver
2010-03-04 17:42 . 2010-01-29 19:34 -------- d-----w- c:\program files\Iminent
2010-03-03 22:16 . 2010-02-25 17:51 -------- d--h--w- c:\users\RemoteUser\AppData\Roaming\sys
2010-03-03 18:14 . 2010-01-12 16:24 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Windows Live Writer
2010-03-03 18:07 . 2009-09-29 08:10 -------- d-----w- c:\program files\Windows Live
2010-03-03 17:08 . 2009-09-30 11:33 -------- d-----w- c:\program files\Google
2010-03-03 06:22 . 2009-09-29 20:30 -------- d-----w- c:\users\Tiziano\AppData\Roaming\uTorrent
2010-03-02 18:51 . 2010-02-22 18:46 415 ----a-w- c:\windows\system32\tempfile.tmp
2010-03-01 17:48 . 2009-11-20 20:25 -------- d-----w- c:\program files\Messenger Plus! Live
2010-02-27 10:52 . 2009-11-04 12:42 1332 ----a-w- c:\program files\undercoverxp.cfg
2010-02-24 08:16 . 2009-10-02 21:03 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-20 23:12 . 2010-01-17 23:06 -------- d-----w- c:\users\Tiziano\AppData\Roaming\vlc
2010-02-15 12:12 . 2009-09-29 20:31 -------- d-----w- c:\program files\uTorrent
2010-02-10 17:05 . 2010-02-10 16:45 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Sony
2010-02-10 16:50 . 2010-02-10 16:50 -------- d-----w- c:\program files\Common Files\Sony Shared
2010-02-10 16:50 . 2010-02-10 16:49 -------- d-----w- c:\program files\Sony
2010-02-10 16:50 . 2010-02-10 16:50 10134 ----a-r- c:\users\Tiziano\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
2010-02-10 16:49 . 2010-02-10 16:49 -------- d-----w- c:\programdata\Sony Corporation
2010-02-10 16:49 . 2009-11-02 10:41 -------- d-----w- c:\program files\QuickTime
2010-02-10 16:48 . 2009-11-02 10:41 -------- d-----w- c:\programdata\Apple Computer
2010-02-10 16:48 . 2010-02-10 16:48 -------- d-----w- c:\program files\Common Files\Apple
2010-02-10 16:47 . 2010-02-10 16:47 -------- d-----w- c:\program files\Apple Software Update
2010-02-10 16:47 . 2010-02-10 16:47 -------- d-----w- c:\programdata\Apple
2010-02-10 16:47 . 2010-02-10 16:46 32494896 ----a-w- c:\users\Tiziano\AppData\Roaming\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe
2010-02-10 16:46 . 2010-02-10 16:45 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Sony Setup
2010-02-10 02:01 . 2009-09-29 07:41 -------- d-----w- c:\programdata\Microsoft Help
2010-02-09 19:47 . 2010-01-11 12:39 -------- d-----w- c:\users\Tiziano\AppData\Roaming\PhotoFiltre
2010-02-09 19:47 . 2010-01-10 16:26 -------- d-----w- c:\program files\PhotoScape
2010-02-06 19:15 . 2009-11-20 20:32 -------- d-----w- c:\programdata\Messenger Plus!
2010-02-04 13:56 . 2009-09-29 08:46 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-02 08:20 . 2010-02-02 08:20 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Conviva
2010-02-01 13:47 . 2010-01-21 12:11 50354 ----a-w- c:\users\Tiziano\AppData\Roaming\Facebook\uninstall.exe
2010-02-01 13:47 . 2010-01-21 12:11 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Facebook
2010-01-30 15:52 . 2010-01-30 15:51 -------- d-----w- c:\users\Tiziano\AppData\Roaming\AVSMedia
2010-01-30 15:51 . 2009-10-13 19:36 -------- d-----w- c:\program files\Common Files\AVSMedia
2010-01-30 15:49 . 2010-01-30 15:49 -------- d-----w- c:\program files\AVSMedia
2010-01-30 08:24 . 2010-01-30 08:19 -------- d-----w- c:\program files\Babylon
2010-01-28 23:36 . 2010-01-28 23:27 -------- d-----w- c:\program files\NEC
2010-01-27 03:21 . 2010-01-27 03:21 847040 ----a-w- c:\users\Tiziano\AppData\Roaming\Facebook\axfbootloader.dll
2010-01-27 03:20 . 2010-01-27 03:20 5578752 ----a-w- c:\users\Tiziano\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
2010-01-25 22:38 . 2010-01-23 17:56 -------- d-----w- c:\program files\REALTEK
2010-01-25 12:02 . 2010-01-24 18:46 -------- d-----w- c:\program files\SnadBoy's Revelation v2
2010-01-24 23:16 . 2010-01-24 23:16 126840 ----a-w- c:\users\tizio prova\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-24 23:15 . 2010-01-24 23:15 -------- d-----w- c:\users\tizio prova\AppData\Roaming\ATI
2010-01-24 18:56 . 2010-01-24 18:56 -------- d-----w- c:\program files\Camtech
2010-01-24 18:49 . 2010-01-24 18:49 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2010-01-24 00:55 . 2010-01-24 00:55 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2010-01-23 12:01 . 2010-01-23 12:01 -------- d-----w- c:\program files\EASEUS
2010-01-22 12:10 . 2009-10-14 16:41 -------- d-----w- c:\programdata\Electronic Arts
2010-01-22 12:10 . 2010-01-22 12:10 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-22 12:10 . 2010-02-25 17:51 38784 ----a-w- c:\users\RemoteUser\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-22 12:10 . 2010-01-24 23:14 38784 ----a-w- c:\users\tizio prova\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-22 12:10 . 2010-01-22 12:10 38784 ----a-w- c:\users\Tiziano\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-22 12:10 . 2010-01-22 12:10 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-20 13:29 . 2009-09-29 08:01 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 23:29 . 2010-02-09 19:54 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-09 19:54 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-09 19:54 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-09 19:54 369152 ----a-w- c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-09 19:54 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-09 19:54 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-09 19:54 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-09 19:54 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-18 12:45 . 2010-01-18 12:45 -------- d-----w- c:\program files\VideoLAN
2010-01-17 18:39 . 2010-01-17 18:39 -------- d-----w- c:\program files\TVLC
2010-01-17 00:02 . 2010-01-17 00:02 -------- d-----w- c:\programdata\5DFly Software Team
2010-01-17 00:01 . 2010-01-17 00:01 -------- d-----w- c:\program files\5DFly
2010-01-15 08:14 . 2010-01-15 08:10 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Synthesia
2010-01-15 08:09 . 2010-01-15 08:09 -------- d-----w- c:\program files\Synthesia
2010-01-11 13:22 . 2010-01-11 13:22 4096 ----a-w- c:\windows\d3dx.dat
2010-01-11 12:39 . 2010-01-11 12:39 -------- d-----w- c:\program files\PhotoFiltre
2010-01-09 21:43 . 2010-01-08 22:42 -------- d-----w- c:\program files\My Photo Calendars & cards (Digilabs Edition)
2010-01-08 22:42 . 2010-01-08 22:42 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2010-01-08 17:13 . 2010-01-08 16:20 -------- d-----w- c:\program files\AVIConverter
2010-01-08 03:18 . 2010-02-09 19:54 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-09 19:54 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-01-07 12:42 . 2010-01-07 12:42 -------- d-----w- c:\programdata\DVD Shrink
2010-01-07 12:42 . 2010-01-07 12:42 -------- d-----w- c:\program files\DVD Shrink
2010-01-06 21:43 . 2010-01-06 21:22 -------- d-----w- c:\program files\VirtualDJ
2010-01-02 11:08 . 2010-01-02 11:08 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-19 13:47 . 2009-12-19 13:47 375616 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2009-12-19 13:31 . 2009-12-19 13:31 13094 ----a-r- c:\users\Tiziano\AppData\Roaming\Microsoft\Installer\{E7D83573-9E85-4326-8A8E-B4E7F23C9BA8}\_9F09FC5451D2BC62EF006A.exe
2009-12-19 13:31 . 2009-12-19 13:31 13094 ----a-r- c:\users\Tiziano\AppData\Roaming\Microsoft\Installer\{E7D83573-9E85-4326-8A8E-B4E7F23C9BA8}\_6FEFF9B68218417F98F549.exe
2009-12-19 13:31 . 2009-12-19 13:31 13094 ----a-r- c:\users\Tiziano\AppData\Roaming\Microsoft\Installer\{E7D83573-9E85-4326-8A8E-B4E7F23C9BA8}\_446884E9B97E1D175BFA29.exe
2009-12-19 09:02 . 2010-01-22 03:25 977920 ----a-w- c:\windows\system32\wininet.dll
2009-12-19 09:02 . 2010-02-09 19:54 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-19 09:02 . 2010-02-09 19:54 1328640 ----a-w- c:\windows\system32\quartz.dll
2009-12-19 09:02 . 2010-02-09 19:54 22016 ----a-w- c:\windows\system32\msyuv.dll
2009-12-19 09:02 . 2010-02-09 19:54 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-19 09:02 . 2010-02-09 19:54 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-19 09:02 . 2010-02-09 19:54 84480 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-19 09:02 . 2010-02-09 19:54 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-19 09:02 . 2010-02-09 19:54 91648 ----a-w- c:\windows\system32\avifil32.dll
2009-12-17 06:49 . 2009-12-17 06:49 5562368 ----a-w- c:\users\Tiziano\AppData\Roaming\Facebook\npfbplugin_1_0_0.dll
2009-12-08 11:40 . 2010-02-09 19:54 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 11:40 . 2010-02-09 19:54 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 11:32 . 2010-02-09 19:54 292864 ----a-w- c:\windows\system32\apphelp.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
Torna in alto
 
r16
Inviato: Friday, March 05, 2010 1:00:33 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Il log non è completo.
Manca tutta la parte, che riguarda le chiavi del registro, e la parte finale.
Selezionalo tutto e postalo.
Torna in alto
 
tiziano64
Inviato: Friday, March 05, 2010 1:21:37 PM
Rank: AiutAmico

Iscritto dal : 4/7/2001
Posts: 113
Scusa eccolo tutto

ComboFix 10-03-03.03 - Tiziano 05/03/2010 0:00.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.39.1040.18.1790.1173 [GMT 1:00]
Eseguito da: c:\users\Tiziano\Desktop\ComboFix.exe
Opzioni usate :: c:\users\Tiziano\Desktop\CFScript .txt.txt
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\SweetIM
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgAIMAuto.dll
c:\program files\SweetIM\Messenger\mgAIMMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgIEPlayer.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\GamesButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\version.txt
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
c:\programdata\SweetIM
c:\programdata\SweetIM\Messenger\conf\adapter.xml
c:\programdata\SweetIM\Messenger\conf\autoupdate.xml
c:\programdata\SweetIM\Messenger\conf\logger.xml
c:\programdata\SweetIM\Messenger\conf\messages.xml
c:\programdata\SweetIM\Messenger\conf\sweetim.xml
c:\programdata\SweetIM\Messenger\conf\sweetimapp.xml
c:\programdata\SweetIM\Messenger\conf\users\main_user_config.xml
c:\programdata\SweetIM\Messenger\data\contentdb\cache_indx.dat

.
((((((((((((((((((((((((( Files Creati Da 2010-02-04 al 2010-03-04 )))))))))))))))))))))))))))))))))))
.

2010-03-04 23:10 . 2010-03-04 23:10 -------- d-----w- c:\users\Tiziano\AppData\Local\temp
2010-03-04 23:10 . 2010-03-04 23:10 -------- d-----w- c:\users\tizio prova\AppData\Local\temp
2010-03-04 23:10 . 2010-03-04 23:10 -------- d-----w- c:\users\RemoteUser\AppData\Local\temp
2010-03-04 23:10 . 2010-03-04 23:10 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-03-04 23:10 . 2010-03-04 23:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-04 18:43 . 1998-10-06 17:57 327168 ----a-w- c:\windows\IsUn0410.exe
2010-03-04 17:45 . 2010-03-04 17:45 -------- d-----w- c:\program files\CCleaner
2010-03-03 18:07 . 2010-03-03 18:07 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-03-02 17:40 . 2010-03-02 17:40 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Malwarebytes
2010-03-02 17:40 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-02 17:40 . 2010-03-02 17:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-02 17:40 . 2010-03-02 17:40 -------- d-----w- c:\programdata\Malwarebytes
2010-03-02 17:40 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-02 00:11 . 2010-03-02 00:11 -------- d-----w- c:\program files\Trend Micro
2010-02-24 06:11 . 2009-12-13 09:30 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-02-24 06:11 . 2009-12-13 09:30 465408 ----a-w- c:\windows\system32\psisdecd.dll
2010-02-24 06:11 . 2009-12-13 09:29 417792 ----a-w- c:\windows\system32\msdri.dll
2010-02-24 06:11 . 2010-02-02 07:45 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-22 20:23 . 2010-03-03 22:16 -------- d--h--w- c:\users\Tiziano\AppData\Roaming\sys
2010-02-22 20:23 . 2010-02-22 20:23 48128 ---h--w- c:\users\Tiziano\AppData\Roaming\sys\winfinder.exe
2010-02-21 22:53 . 2010-03-02 19:59 -------- d-----w- c:\users\Tiziano\AppData\Roaming\java
2010-02-21 22:53 . 2010-02-21 22:53 49152 ---ha-w- c:\users\Tiziano\AppData\Roaming\java\msnmsgs.exe
2010-02-21 22:53 . 2010-02-21 22:59 49152 ----a-w- c:\users\Tiziano\AppData\Roaming\msnmsgs.exe
2010-02-17 20:03 . 2010-02-17 20:03 -------- d-----w- C:\Grand Theft Auto Vice City
2010-02-16 17:58 . 2010-02-16 17:58 -------- d-----w- c:\program files\ConvertHelper
2010-02-16 09:02 . 2010-02-16 08:51 344064 ----a-w- c:\users\Tiziano\AppData\Roaming\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\_setup.dll
2010-02-16 08:52 . 2010-02-16 08:52 -------- d-----w- c:\users\Tiziano\AppData\Roaming\InstallShield Installation Information
2010-02-16 08:52 . 2002-12-02 20:33 107512 ----a-w- c:\users\Tiziano\AppData\Roaming\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\setup.exe
2010-02-16 08:52 . 2010-02-16 08:52 -------- d-----w- c:\program files\Rockstar Games
2010-02-11 19:41 . 2010-02-11 19:41 -------- d-----w- C:\GCorp
2010-02-10 17:05 . 2010-02-10 17:08 -------- d-----w- c:\users\Tiziano\AppData\Local\Sony
2010-02-10 16:45 . 2010-02-10 16:45 -------- d-----w- c:\program files\Sony Setup
2010-02-09 18:01 . 2010-02-09 19:47 -------- d-----w- c:\program files\FotoDigital
2010-02-09 12:09 . 2010-02-10 08:16 -------- d--h--w- c:\programdata\{C8831C54-20C5-4438-9725-9E4A8BFFA66C}
2010-02-05 19:26 . 2010-02-05 19:26 -------- d-----w- c:\users\Tiziano\AppData\Local\Nero
2010-02-04 23:20 . 2010-02-04 23:20 -------- d-----w- c:\users\Tiziano\AppData\Roaming\inkscape
2010-02-04 23:09 . 2010-02-04 23:19 -------- d-----w- c:\program files\Inkscape
2010-02-04 22:27 . 2010-02-04 22:30 -------- d-----w- c:\users\Tiziano\AppData\Roaming\SmartDraw
2010-02-04 19:39 . 1999-09-08 18:10 6528 ----a-r- c:\windows\isk3ro.exe
2010-02-04 19:39 . 1999-09-08 18:10 11200 ----a-r- c:\windows\welc.exe
2010-02-04 18:26 . 1996-12-21 03:05 116736 ----a-w- c:\windows\system32\PCDLIB32.DLL
2010-02-04 18:26 . 1997-07-01 11:42 194560 ----a-w- c:\windows\system32\MGXBM21.DLL
2010-02-04 18:26 . 1997-05-07 11:38 38400 ----a-w- c:\windows\system32\MGXFRM20.DLL
2010-02-04 18:26 . 1997-02-07 01:00 1483776 ----a-w- c:\windows\MGXRDR32.DLL
2010-02-04 18:26 . 1996-09-07 10:37 921872 ----a-w- c:\windows\system32\MGX40.DLL
2010-02-04 14:27 . 2010-02-04 14:27 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Ubisoft
2010-02-04 14:17 . 2010-02-04 14:17 -------- d-----w- c:\programdata\Ubisoft
2010-02-04 13:57 . 2010-02-04 13:57 -------- d-----w- c:\program files\Ubisoft
2010-02-03 13:37 . 2009-08-05 21:48 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-02-03 13:37 . 2010-02-03 13:37 -------- dc----w- c:\windows\system32\DRVSTORE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-04 23:05 . 2009-07-14 08:21 689472 ----a-w- c:\windows\system32\perfh010.dat
2010-03-04 23:05 . 2009-07-14 08:21 124626 ----a-w- c:\windows\system32\perfc010.dat
2010-03-04 17:51 . 2009-09-29 07:35 127232 ----a-w- c:\users\Tiziano\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-04 17:45 . 2009-09-29 09:05 -------- d-----w- c:\program files\PowerArchiver
2010-03-04 17:42 . 2010-01-29 19:34 -------- d-----w- c:\program files\Iminent
2010-03-03 22:16 . 2010-02-25 17:51 -------- d--h--w- c:\users\RemoteUser\AppData\Roaming\sys
2010-03-03 18:14 . 2010-01-12 16:24 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Windows Live Writer
2010-03-03 18:07 . 2009-09-29 08:10 -------- d-----w- c:\program files\Windows Live
2010-03-03 17:08 . 2009-09-30 11:33 -------- d-----w- c:\program files\Google
2010-03-03 06:22 . 2009-09-29 20:30 -------- d-----w- c:\users\Tiziano\AppData\Roaming\uTorrent
2010-03-02 18:51 . 2010-02-22 18:46 415 ----a-w- c:\windows\system32\tempfile.tmp
2010-03-01 17:48 . 2009-11-20 20:25 -------- d-----w- c:\program files\Messenger Plus! Live
2010-02-27 10:52 . 2009-11-04 12:42 1332 ----a-w- c:\program files\undercoverxp.cfg
2010-02-24 08:16 . 2009-10-02 21:03 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-20 23:12 . 2010-01-17 23:06 -------- d-----w- c:\users\Tiziano\AppData\Roaming\vlc
2010-02-15 12:12 . 2009-09-29 20:31 -------- d-----w- c:\program files\uTorrent
2010-02-10 17:05 . 2010-02-10 16:45 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Sony
2010-02-10 16:50 . 2010-02-10 16:50 -------- d-----w- c:\program files\Common Files\Sony Shared
2010-02-10 16:50 . 2010-02-10 16:49 -------- d-----w- c:\program files\Sony
2010-02-10 16:50 . 2010-02-10 16:50 10134 ----a-r- c:\users\Tiziano\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
2010-02-10 16:49 . 2010-02-10 16:49 -------- d-----w- c:\programdata\Sony Corporation
2010-02-10 16:49 . 2009-11-02 10:41 -------- d-----w- c:\program files\QuickTime
2010-02-10 16:48 . 2009-11-02 10:41 -------- d-----w- c:\programdata\Apple Computer
2010-02-10 16:48 . 2010-02-10 16:48 -------- d-----w- c:\program files\Common Files\Apple
2010-02-10 16:47 . 2010-02-10 16:47 -------- d-----w- c:\program files\Apple Software Update
2010-02-10 16:47 . 2010-02-10 16:47 -------- d-----w- c:\programdata\Apple
2010-02-10 16:47 . 2010-02-10 16:46 32494896 ----a-w- c:\users\Tiziano\AppData\Roaming\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe
2010-02-10 16:46 . 2010-02-10 16:45 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Sony Setup
2010-02-10 02:01 . 2009-09-29 07:41 -------- d-----w- c:\programdata\Microsoft Help
2010-02-09 19:47 . 2010-01-11 12:39 -------- d-----w- c:\users\Tiziano\AppData\Roaming\PhotoFiltre
2010-02-09 19:47 . 2010-01-10 16:26 -------- d-----w- c:\program files\PhotoScape
2010-02-06 19:15 . 2009-11-20 20:32 -------- d-----w- c:\programdata\Messenger Plus!
2010-02-04 13:56 . 2009-09-29 08:46 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-02 08:20 . 2010-02-02 08:20 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Conviva
2010-02-01 13:47 . 2010-01-21 12:11 50354 ----a-w- c:\users\Tiziano\AppData\Roaming\Facebook\uninstall.exe
2010-02-01 13:47 . 2010-01-21 12:11 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Facebook
2010-01-30 15:52 . 2010-01-30 15:51 -------- d-----w- c:\users\Tiziano\AppData\Roaming\AVSMedia
2010-01-30 15:51 . 2009-10-13 19:36 -------- d-----w- c:\program files\Common Files\AVSMedia
2010-01-30 15:49 . 2010-01-30 15:49 -------- d-----w- c:\program files\AVSMedia
2010-01-30 08:24 . 2010-01-30 08:19 -------- d-----w- c:\program files\Babylon
2010-01-28 23:36 . 2010-01-28 23:27 -------- d-----w- c:\program files\NEC
2010-01-27 03:21 . 2010-01-27 03:21 847040 ----a-w- c:\users\Tiziano\AppData\Roaming\Facebook\axfbootloader.dll
2010-01-27 03:20 . 2010-01-27 03:20 5578752 ----a-w- c:\users\Tiziano\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
2010-01-25 22:38 . 2010-01-23 17:56 -------- d-----w- c:\program files\REALTEK
2010-01-25 12:02 . 2010-01-24 18:46 -------- d-----w- c:\program files\SnadBoy's Revelation v2
2010-01-24 23:16 . 2010-01-24 23:16 126840 ----a-w- c:\users\tizio prova\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-24 23:15 . 2010-01-24 23:15 -------- d-----w- c:\users\tizio prova\AppData\Roaming\ATI
2010-01-24 18:56 . 2010-01-24 18:56 -------- d-----w- c:\program files\Camtech
2010-01-24 18:49 . 2010-01-24 18:49 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2010-01-24 00:55 . 2010-01-24 00:55 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2010-01-23 12:01 . 2010-01-23 12:01 -------- d-----w- c:\program files\EASEUS
2010-01-22 12:10 . 2009-10-14 16:41 -------- d-----w- c:\programdata\Electronic Arts
2010-01-22 12:10 . 2010-01-22 12:10 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-22 12:10 . 2010-02-25 17:51 38784 ----a-w- c:\users\RemoteUser\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-22 12:10 . 2010-01-24 23:14 38784 ----a-w- c:\users\tizio prova\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-22 12:10 . 2010-01-22 12:10 38784 ----a-w- c:\users\Tiziano\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-22 12:10 . 2010-01-22 12:10 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-20 13:29 . 2009-09-29 08:01 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 23:29 . 2010-02-09 19:54 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-09 19:54 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-09 19:54 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-09 19:54 369152 ----a-w- c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-09 19:54 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-09 19:54 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-09 19:54 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-09 19:54 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-18 12:45 . 2010-01-18 12:45 -------- d-----w- c:\program files\VideoLAN
2010-01-17 18:39 . 2010-01-17 18:39 -------- d-----w- c:\program files\TVLC
2010-01-17 00:02 . 2010-01-17 00:02 -------- d-----w- c:\programdata\5DFly Software Team
2010-01-17 00:01 . 2010-01-17 00:01 -------- d-----w- c:\program files\5DFly
2010-01-15 08:14 . 2010-01-15 08:10 -------- d-----w- c:\users\Tiziano\AppData\Roaming\Synthesia
2010-01-15 08:09 . 2010-01-15 08:09 -------- d-----w- c:\program files\Synthesia
2010-01-11 13:22 . 2010-01-11 13:22 4096 ----a-w- c:\windows\d3dx.dat
2010-01-11 12:39 . 2010-01-11 12:39 -------- d-----w- c:\program files\PhotoFiltre
2010-01-09 21:43 . 2010-01-08 22:42 -------- d-----w- c:\program files\My Photo Calendars & cards (Digilabs Edition)
2010-01-08 22:42 . 2010-01-08 22:42 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2010-01-08 17:13 . 2010-01-08 16:20 -------- d-----w- c:\program files\AVIConverter
2010-01-08 03:18 . 2010-02-09 19:54 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-09 19:54 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-01-07 12:42 . 2010-01-07 12:42 -------- d-----w- c:\programdata\DVD Shrink
2010-01-07 12:42 . 2010-01-07 12:42 -------- d-----w- c:\program files\DVD Shrink
2010-01-06 21:43 . 2010-01-06 21:22 -------- d-----w- c:\program files\VirtualDJ
2010-01-02 11:08 . 2010-01-02 11:08 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-19 13:47 . 2009-12-19 13:47 375616 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2009-12-19 13:31 . 2009-12-19 13:31 13094 ----a-r- c:\users\Tiziano\AppData\Roaming\Microsoft\Installer\{E7D83573-9E85-4326-8A8E-B4E7F23C9BA8}\_9F09FC5451D2BC62EF006A.exe
2009-12-19 13:31 . 2009-12-19 13:31 13094 ----a-r- c:\users\Tiziano\AppData\Roaming\Microsoft\Installer\{E7D83573-9E85-4326-8A8E-B4E7F23C9BA8}\_6FEFF9B68218417F98F549.exe
2009-12-19 13:31 . 2009-12-19 13:31 13094 ----a-r- c:\users\Tiziano\AppData\Roaming\Microsoft\Installer\{E7D83573-9E85-4326-8A8E-B4E7F23C9BA8}\_446884E9B97E1D175BFA29.exe
2009-12-19 09:02 . 2010-01-22 03:25 977920 ----a-w- c:\windows\system32\wininet.dll
2009-12-19 09:02 . 2010-02-09 19:54 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-19 09:02 . 2010-02-09 19:54 1328640 ----a-w- c:\windows\system32\quartz.dll
2009-12-19 09:02 . 2010-02-09 19:54 22016 ----a-w- c:\windows\system32\msyuv.dll
2009-12-19 09:02 . 2010-02-09 19:54 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-19 09:02 . 2010-02-09 19:54 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-19 09:02 . 2010-02-09 19:54 84480 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-19 09:02 . 2010-02-09 19:54 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-19 09:02 . 2010-02-09 19:54 91648 ----a-w- c:\windows\system32\avifil32.dll
2009-12-17 06:49 . 2009-12-17 06:49 5562368 ----a-w- c:\users\Tiziano\AppData\Roaming\Facebook\npfbplugin_1_0_0.dll
2009-12-08 11:40 . 2010-02-09 19:54 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 11:40 . 2010-02-09 19:54 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 11:32 . 2010-02-09 19:54 292864 ----a-w- c:\windows\system32\apphelp.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-11-24 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [29/09/2009 10:27 114768]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\System32\drivers\vwififlt.sys [14/07/2009 00:52 48128]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [29/09/2009 10:27 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [29/09/2009 10:27 53328]
R2 gearsec;gearsec;c:\windows\System32\gearsec.exe [01/12/2003 15:27 53248]
R3 dc3d;MS Hardware Device Detection Driver (HID);c:\windows\System32\drivers\dc3d.sys [04/11/2009 02:59 17408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\System32\drivers\vwifimp.sys [14/07/2009 00:52 14336]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [02/01/2010 12:08 721904]
S2 gupdate;Servizio di Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [03/03/2010 18:04 135664]
S3 A5AGU;D-Link Wireless LAN 802.11 USB device driver;c:\windows\System32\drivers\AGUx86.sys [08/10/2007 09:53 892416]
S3 epmntdrv;epmntdrv;c:\windows\System32\epmntdrv.sys [23/01/2010 13:01 14216]
S3 EuGdiDrv;EuGdiDrv;c:\windows\System32\EuGdiDrv.sys [23/01/2010 13:01 8456]
S3 fssfltr;fssfltr;c:\windows\System32\drivers\fssfltr.sys [03/02/2010 14:37 54632]
S3 fsssvc;Servizio Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
S3 marlbus;NEC WMC USB_AD1 Composite Device driver (WDM);c:\windows\System32\drivers\marlbus.sys [16/07/2005 09:11 58352]
S3 marlmdfl;NEC WMC USB_AD1 Modem Filter;c:\windows\System32\drivers\marlmdfl.sys [16/07/2005 09:13 8272]
S3 marlmdm;NEC WMC USB_AD1 Modem Drivers;c:\windows\System32\drivers\marlmdm.sys [16/07/2005 09:13 93968]
S3 marlobex;NEC WMC USB_AD1 OBEX Interface Drivers (WDM);c:\windows\System32\drivers\marlobex.sys [16/07/2005 09:17 83344]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\System32\drivers\VSTAZL3.SYS [13/07/2009 23:13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\System32\drivers\VSTDPV3.SYS [13/07/2009 23:13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\System32\drivers\VSTCNXT3.SYS [13/07/2009 23:13 661504]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1D1BADC6-EAC7-0CCD-03A7-EDF22BE6FCD8}]
2010-02-22 20:23 48128 ---h--w- c:\users\Tiziano\AppData\Roaming\sys\winfinder.exe

[HKEY_CURRENT_USER\software\microsoft\active setup\installed components\{1D1BADC6-EAC7-0CCD-03A7-EDF22BE6FCD8}]
2010-02-22 20:23 48128 ---h--w- c:\users\Tiziano\AppData\Roaming\sys\winfinder.exe
.
Contenuto della cartella 'Scheduled Tasks'

2010-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-03 17:04]

2010-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-03 17:04]
.
.
------- Scansione supplementare -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Tiziano\AppData\Roaming\Mozilla\Firefox\Profiles\rld1qrt2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
FF - prefs.js: browser.search.selectedEngine - Wikipedia (it)
FF - prefs.js: browser.startup.homepage - hxxp://www.libero.it/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Sony\Media Go\npmediago.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Tiziano\AppData\Roaming\Facebook\npfbplugin_1_0_0.dll
FF - plugin: c:\users\Tiziano\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\users\Tiziano\AppData\Roaming\Mozilla\Firefox\Profiles\rld1qrt2.default\extensions\StreamingPlugin@conviva.com\platform\WINNT_x86-msvc\plugins\npconviva.4.dll
.
.
Ora fine scansione: 2010-03-05 00:13:16
ComboFix-quarantined-files.txt 2010-03-04 23:13
ComboFix2.txt 2010-03-03 22:16

Pre-Run: 91.202.551.808 byte disponibili
Post-Run: 91.142.934.528 byte disponibili

- - End Of File - - 146DE75654C4DBE93D3C4A2AFC7F9F9C
Torna in alto
 
r16
Inviato: Friday, March 05, 2010 1:33:23 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
E' stata fatta "piazza pulita".
Problemi?
N.B:
Se noti problemi con Messenger, è normale.
Messenger, lo devi scaricare dal sito ufficiale.
Non da SweetIM.
Torna in alto
 
Utenti presenti in questo topic
Guest

2 pages: [1] 2

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Controllo log


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.