Ciao, allora ho fatto come mi avete detto: ora posterò i log fatti con Combo (sono 2) uno dopo aver sostituito il file che mi avete detto di creare e due, la successiva scansione fatta sempre con Combo. Posto poi quello successivo fatto con HijackThis; ditemi se va tutto ok.
ComboFix 10-04-08.06 - User 12/04/2010 13.59.09.3.4 - x86Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.39.1040.18.2047.1174 [GMT 2:00]
Eseguito da: c:\users\User\Desktop\ComboFix.exe
Opzioni usate :: c:\users\User\Desktop\CFScript.txt
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Common Files\Symantec Shared
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll
c:\program files\Common Files\Symantec Shared\Help\LUALL.CHM
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertUi.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\dcGlobal.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\dcmhSvar.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\dcProd.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\Languages\10\01\AlertEng.loc
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\Languages\fallback.dat
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\lun.ico
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\mhDSA.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\mhSched.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\mhUpgr.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\pifCrawl.exe
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifPep06.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifPep07.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PollMgr.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\readme.txt
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\SymHTML.dll
c:\program files\Common Files\Symantec Shared\SPManifests\AlertEng.grd
c:\program files\Common Files\Symantec Shared\SPManifests\AlertEng.sig
c:\program files\Common Files\Symantec Shared\SPManifests\AlertEng.spm
c:\program files\Common Files\Symantec Shared\SPManifests\LuSymProtect.grd
c:\program files\Common Files\Symantec Shared\SPManifests\LuSymProtect.sig
c:\program files\Common Files\Symantec Shared\SPManifests\LuSymProtect.spm
c:\program files\Common Files\Symantec Shared\SPManifests\PifCore.grd
c:\program files\Common Files\Symantec Shared\SPManifests\PifCore.sig
c:\program files\Common Files\Symantec Shared\SPManifests\PifCore.spm
c:\program files\Symantec
c:\program files\Symantec\LiveUpdate\1.Settings.Default.LiveUpdate
c:\program files\Symantec\LiveUpdate\ALUNOTIFY.EXE
c:\program files\Symantec\LiveUpdate\ALUNOTIFYRES.DLL
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvcRes.dll
c:\program files\Symantec\LiveUpdate\AUPDATE.EXE
c:\program files\Symantec\LiveUpdate\AUPDATERES.DLL
c:\program files\Symantec\LiveUpdate\Leggimi.txt
c:\program files\Symantec\LiveUpdate\LSETUP.EXE
c:\program files\Symantec\LiveUpdate\LUALL.EXE
c:\program files\Symantec\LiveUpdate\LUALLRES.DLL
c:\program files\Symantec\LiveUpdate\LuCallbackProxy.exe
c:\program files\Symantec\LiveUpdate\LUCheck.exe
c:\program files\Symantec\LiveUpdate\LuComServer_3_2.EXE
c:\program files\Symantec\LiveUpdate\LuConfig.EXE
c:\program files\Symantec\LiveUpdate\ludirloc.dat
c:\program files\Symantec\LiveUpdate\LUINFO.INF
c:\program files\Symantec\LiveUpdate\LUInit.exe
c:\program files\Symantec\LiveUpdate\LUInit.ini
c:\program files\Symantec\LiveUpdate\LUINSDLL.DLL
c:\program files\Symantec\LiveUpdate\LuInsRes.dll
c:\program files\Symantec\LiveUpdate\LuPreCon.DLL
c:\program files\Symantec\LiveUpdate\LuResult.txt
c:\program files\Symantec\LiveUpdate\LUSETUP.EXE
c:\program files\Symantec\LiveUpdate\LUUPDATE.EXE
c:\program files\Symantec\LiveUpdate\MFC71.DLL
c:\program files\Symantec\LiveUpdate\MSVCP71.DLL
c:\program files\Symantec\LiveUpdate\MSVCR71.DLL
c:\program files\Symantec\LiveUpdate\NetDetectController_3_2.DLL
c:\program files\Symantec\LiveUpdate\NotifyHA.exe
c:\program files\Symantec\LiveUpdate\ProductRegCom_3_2.DLL
c:\program files\Symantec\LiveUpdate\ResLuComServer_3_2.DLL
c:\program files\Symantec\LiveUpdate\S32LIVE1.DLL
c:\program files\Symantec\LiveUpdate\S32LUCP1RES.DLL
c:\program files\Symantec\LiveUpdate\S32LUCP2.CPL
c:\program files\Symantec\LiveUpdate\S32LUIS1.DLL
c:\program files\Symantec\LiveUpdate\S32LUWI1.DLL
c:\program files\Symantec\LiveUpdate\Settings.Default.LiveUpdate
c:\program files\Symantec\LiveUpdate\SETUPRES.DLL
c:\program files\Symantec\LiveUpdate\SymantecRootInstaller.exe
c:\program files\Symantec\LiveUpdate\SymantecRootInstaller.log
c:\program files\Symantec\LiveUpdate\SymantecRootInstallerRes.dll
c:\program files\Symantec\LiveUpdate\UNRAR.DLL
c:\programdata\Symantec
c:\programdata\Symantec\Definitions\SymcData\nco1.0defs\latest-hub-webauth.sql\LHW.sql.bin
c:\programdata\Symantec\DSA\V_G\DSASL.xml
c:\programdata\Symantec\LiveUpdate\1.Configuration.Log.LiveUpdate
c:\programdata\Symantec\LiveUpdate\1.Product.Inventory.LiveUpdate
c:\programdata\Symantec\LiveUpdate\1.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\10.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2.Product.Inventory.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2010-03-30_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2010-03-31_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2010-04-01_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2010-04-02_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2010-04-03_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2010-04-04_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2010-04-05_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2010-04-06_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2010-04-07_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2010-04-08_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2010-04-09_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2010-04-10_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2010-04-11_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2010-04-12_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\3.Product.Inventory.LiveUpdate
c:\programdata\Symantec\LiveUpdate\3.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\4.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\5.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\6.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\7.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\8.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\9.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\Configuration.Log.LiveUpdate
c:\programdata\Symantec\LiveUpdate\Downloads\1217886103jtun_coh32.rar.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1217886497jtun_cohdata.rar.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1222722077jtun_the_syknapps_engine.zip.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1222765840jtun_nav_emea.x00.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1222765948jtun_nis_emea.x00.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1224780537jtun_systemrestore_emea.x00.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1244078727jtun_the_scd.zip.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1256931859jtun_the_scd.zip.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1257380895jtun_the_scd.zip.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1257995028jtun_the_scd.zip.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\antivirus_1.2.00_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\appcore_1.1.1_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\automatic$20liveupdate_3.2.0.41_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\avenge$20microdefs25$20nav2007_microdefsb.curdefs_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\avenge$20microdefs25$20nav2007_microdefsb.mar_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\avenge$20microdefs25$20nav2007_microdefsb.old_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\ccpd$5fretail$5flicensing$5ftechnology_6.0_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\coh$20data$20update_6.1.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\coh$20update_6.0.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\coh$20update_6.1.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\decomposer_1.0.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\firewall_2.2.0_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\firewall_2.3.0_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\firewall_2.3.1_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\firewall_2.3.2_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\ids$20$2d$20consumer_7.2.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\ids$20defs$202007.2$20microdefs25_microdefsb.apr_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\ids$20defs$202007.2$20microdefs25_microdefsb.curdefs_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\ids$20defs$202007.2$20microdefs25_microdefsb.jun_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\ids$20defs$202007.2$20microdefs25_microdefsb.may_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\ids$20defs$202007.2$20microdefs25_microdefsb.old_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\liveupdate$20notice_1.4.5.83_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\liveupdate$20notice_1.4.5.91_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\minitri.flg
c:\programdata\Symantec\LiveUpdate\Downloads\navnt$202007$20resource_14.2.0.29_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\navnt$202007$20resource_14.5.0_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\norton$20internet$20security$20other_2.0_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\norton$20internet$20security$20resource_10.2.0_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\norton$20internet$20security$20resource_10.5.0_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\norton$20internet$20security_10.2.0_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\nortonprotectioncenter_2007.2.00_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\nortonprotectioncenter_2007.4.00_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\opc70x$5fcore_7.5_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\spbbc_3.2.0.21_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\srtsp$20consumer_10.1.4_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\submission$20engine$20data_1.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symantec$20known$20application$20system_1.0.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symantec$20known$20application$20system_1.5.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symantec$20security$20content$20a_microdefsb.curdefs_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symantec$20trusted$20application$20list_2.0_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symantec$20trusted$20application$20list_2.1_italian_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symevent$20installer$20$2d$20consumer_12.3_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symevent$20installer$20$2d$20consumer_12.5_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symnet$20consumer_7.2.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\web$20authentication$20data_microdefsb.curdefs_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\web$20authentication$20data_microdefsb.mar_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\web$20authentication$20data_microdefsb.old_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\web$20protection$20data_1.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\web$20protection$20data_2006.1.0.60_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Log.LiveUpdate
c:\programdata\Symantec\LiveUpdate\LUInstall.LiveUpdate
c:\programdata\Symantec\LiveUpdate\Product.Inventory.LastGood.LiveUpdate
c:\programdata\Symantec\LiveUpdate\Product.Inventory.LiveUpdate
c:\programdata\Symantec\LiveUpdate\Settings.LiveUpdate
c:\programdata\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors\HBPep2_{BC8D3EAF-F864-4D4B-AB4D-B3D0C32E2840}.dat
c:\programdata\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors\HBPep2_{BC8D3EAF-F864-4D4B-AB4D-B3D0C32E2840}.tmp
c:\programdata\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors\Pep2_{BC8D3EAF-F864-4D4B-AB4D-B3D0C32E2840}.dat
c:\programdata\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors\System_.dat
c:\programdata\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors\System_.tmp
c:\programdata\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PollManager\PollManager_Current.dat
c:\programdata\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PollManager\PollManager_Job.dat
c:\programdata\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\SVAR\SVAR_{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}.dat
c:\programdata\Symantec\wcid0.log
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_viritsvclite
-------\Service_LiveUpdate Notice Service
-------\Service_Utilità di pianificazione di LiveUpdate automatico
((((((((((((((((((((((((( Files Creati Da 2010-03-12 al 2010-04-12 )))))))))))))))))))))))))))))))))))
.
2010-04-12 12:05 . 2010-04-12 12:08 -------- d-----w- c:\users\User\AppData\Local\temp
2010-04-12 12:05 . 2010-04-12 12:05 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-04-12 12:05 . 2010-04-12 12:05 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2010-04-12 12:05 . 2010-04-12 12:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-12 08:05 . 2009-08-24 12:47 378368 ----a-w- c:\windows\system32\winhttp.dll
2010-04-10 09:08 . 2009-06-15 15:28 272384 ----a-w- c:\windows\system32\schannel.dll
2010-04-10 09:08 . 2009-06-15 15:23 494592 ----a-w- c:\windows\system32\kerberos.dll
2010-04-07 22:59 . 2010-04-07 22:59 -------- d-----w- C:\$AVG
2010-04-07 22:58 . 2010-04-12 11:41 -------- d-----w- c:\programdata\avg9
2010-04-07 22:17 . 2010-04-07 22:17 -------- d-----w- c:\users\User\AppData\Roaming\Creative
2010-03-27 16:53 . 2010-03-27 16:53 -------- d-----w- C:\ACCA
2010-03-18 15:47 . 2010-02-12 10:49 293376 ----a-w- c:\windows\system32\browserchoice.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-12 11:41 . 2010-04-07 22:58 -------- d-----w- c:\programdata\avg9
2010-04-12 08:40 . 2008-04-17 18:46 -------- d-----w- c:\users\User\AppData\Roaming\Spyware Terminator
2010-04-12 08:39 . 2008-04-17 17:32 -------- d-----w- c:\users\User\AppData\Roaming\Skype
2010-04-12 08:29 . 2008-06-20 12:42 -------- d-----w- c:\users\User\AppData\Roaming\skypePM
2010-04-12 08:29 . 2008-04-17 18:46 -------- d-----w- c:\programdata\Spyware Terminator
2010-04-10 09:59 . 2010-04-10 09:59 4076824 ----a-w- c:\programdata\avg9\update\backup\avgui.exe
2010-04-10 09:59 . 2010-04-10 09:59 2059544 ----a-w- c:\programdata\avg9\update\backup\avgtray.exe
2010-04-10 09:59 . 2010-04-10 09:59 1274136 ----a-w- c:\programdata\avg9\update\backup\avgfrw.exe
2010-04-10 09:59 . 2010-04-10 09:59 1598744 ----a-w- c:\programdata\avg9\update\backup\avgssie.dll
2010-04-10 09:59 . 2010-04-10 09:59 598296 ----a-w- c:\programdata\avg9\update\backup\avgsrmx.dll
2010-04-10 09:59 . 2010-04-10 09:59 1515224 ----a-w- c:\programdata\avg9\update\backup\avgwd.dll
2010-04-10 09:59 . 2010-04-10 09:59 313112 ----a-w- c:\programdata\avg9\update\backup\avglogx.dll
2010-04-10 09:59 . 2010-04-10 09:59 4250976 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2010-04-10 09:59 . 2010-04-10 09:59 341272 ----a-w- c:\programdata\avg9\update\backup\avgxch32.dll
2010-04-10 09:59 . 2010-04-10 09:59 459544 ----a-w- c:\programdata\avg9\update\backup\avgcclix.dll
2010-04-10 09:58 . 2010-04-10 09:58 1086744 ----a-w- c:\programdata\avg9\update\backup\avgchsvx.exe
2010-04-10 09:58 . 2010-04-10 09:58 556824 ----a-w- c:\programdata\avg9\update\backup\avgchjwx.dll
2010-04-10 09:58 . 2010-04-10 09:58 301336 ----a-w- c:\programdata\avg9\update\backup\avgchclx.dll
2010-04-10 09:57 . 2010-04-10 09:57 1035032 ----a-w- c:\programdata\avg9\update\backup\avgupd.exe
2010-04-10 09:57 . 2010-04-10 09:57 1685784 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll
2010-04-10 09:38 . 2007-09-13 05:25 682184 ----a-w- c:\windows\system32\perfh010.dat
2010-04-10 09:38 . 2007-09-13 05:25 114622 ----a-w- c:\windows\system32\perfc010.dat
2010-04-09 13:42 . 2008-04-17 18:46 -------- d-----w- c:\program files\Spyware Terminator
2010-04-09 12:07 . 2008-04-17 18:46 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-04-08 21:36 . 2008-07-15 21:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-04-08 13:11 . 2008-07-15 21:18 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-04-08 10:45 . 2008-04-19 12:16 -------- d-----w- c:\program files\FotoTaxi3
2010-04-08 09:02 . 2009-09-10 13:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-08 09:00 . 2010-04-08 09:00 5918776 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-04-07 22:58 . 2008-07-24 22:31 -------- d-----w- c:\program files\AVG
2010-04-07 22:54 . 2008-05-05 16:18 -------- d-----w- c:\program files\Creative
2010-04-07 22:18 . 2008-05-05 16:20 -------- d-----w- c:\programdata\Creative
2010-04-07 22:17 . 2010-04-07 22:17 -------- d-----w- c:\users\User\AppData\Roaming\Creative
2010-04-07 11:30 . 2007-09-12 20:19 -------- d-----w- c:\programdata\Roxio
2010-04-02 13:45 . 2007-09-12 20:23 -------- d-----w- c:\program files\Java
2010-03-29 22:46 . 2009-09-10 13:20 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-29 22:45 . 2009-09-10 13:20 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-27 16:53 . 2007-09-12 20:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-12 10:28 . 2010-03-05 16:51 -------- d-----w- c:\programdata\River Past G5
2010-03-11 18:31 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-03-11 07:58 . 2008-04-17 15:23 -------- d-----w- c:\programdata\Microsoft Help
2010-03-09 02:28 . 2009-03-08 14:35 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-05 16:51 . 2010-03-05 16:51 -------- d-----w- c:\users\User\AppData\Roaming\River Past G5
2010-02-25 09:45 . 2008-04-17 07:16 168952 ----a-w- c:\users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 09:16 . 2009-10-02 17:34 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 06:39 . 2010-03-31 07:17 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 06:33 . 2010-03-31 07:17 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-02-23 06:33 . 2010-03-31 07:17 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-02-23 04:55 . 2010-03-31 07:17 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-02-20 23:54 . 2010-03-11 07:52 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-20 23:51 . 2010-03-11 07:52 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 21:30 . 2010-03-11 07:52 396800 ----a-w- c:\windows\system32\drivers\http.sys
2010-02-12 10:49 . 2010-03-18 15:47 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-01-30 10:59 . 2010-01-30 10:59 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb6E7D.tmp.exe
2010-01-25 12:58 . 2010-02-24 09:46 473088 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-25 12:58 . 2010-02-24 09:46 154624 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:58 . 2010-02-24 09:46 154112 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-25 12:58 . 2010-02-24 09:46 472576 ----a-w- c:\windows\system32\secproc.dll
2010-01-25 12:56 . 2010-02-24 09:46 312320 ----a-w- c:\windows\system32\msdrm.dll
2010-01-25 08:36 . 2010-02-24 09:46 435712 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-25 08:36 . 2010-02-24 09:46 515584 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-25 08:36 . 2010-02-24 09:46 431104 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:35 . 2010-02-24 09:46 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-23 08:05 . 2010-02-24 09:47 2048 ----a-w- c:\windows\system32\tzres.dll
2007-09-13 05:40 . 2007-09-13 05:27 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-04-17 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-10 39408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-04-09 3037696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-08-09 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-08-09 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-08-09 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-05-24 71176]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"DSLSTATEXE"="c:\program files\Conexant\Adsl\dslstat.exe" [2006-12-18 376832]
"DSLAGENTEXE"="c:\program files\Conexant\Adsl\dslagent.exe" [2006-12-18 90112]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-09 2176512]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"Waiting1690"="c:\windows\stid1690.exe" [2007-06-05 60416]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-10 122368]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
R2 gupdate;Servizio di Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 135664]
R2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]
R3 CAM1690;USB PC CAMERA 301P;c:\windows\system32\Drivers\cam1690.sys [2007-09-20 177664]
R3 DCamUSBNW802;NoteCam Pro USB PC Camera;c:\windows\system32\DRIVERS\pcam.sys [2003-08-07 161468]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-04-06 23064]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-04-09 142592]
S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
S2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
S3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2008-02-26 493568]
.
Contenuto della cartella 'Scheduled Tasks'
2010-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 11:20]
2010-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 11:20]
2010-03-31 c:\windows\Tasks\HPCeeScheduleForUser.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-09-12 14:55]
2010-04-11 c:\windows\Tasks\User_Feed_Synchronization-{88FBAF56-92D0-453F-9C0D-3C28950A72CF}.job
- c:\windows\system32\msfeedssync.exe [2010-03-31 04:54]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.corriere.it/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=IT_IT&c=74&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
DPF: {3BB4FE3B-7A37-11D3-A41E-0060080C03B3} - hxxp://193.205.23.35/vblu/NWWClientFull.cab
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
AddRemove-LiveUpdate - c:\program files\Symantec\LiveUpdate\LSETUP.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-04-12 14:08
Windows 6.0.6000 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'Explorer.exe'(3752)
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_ita.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Ora fine scansione: 2010-04-12 14:16:03 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-04-12 12:16
ComboFix2.txt 2010-04-10 09:27
Pre-Run: 293.998.862.336 byte disponibili
Post-Run: 293.544.452.096 byte disponibili
- - End Of File - - A933D99E7AF4227CE9B8E1F0FC791DE9
ComboFix 10-04-08.06 - User 12/04/2010 14.24.34.4.4 - x86Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.39.1040.18.2047.1258 [GMT 2:00]
Eseguito da: c:\users\User\Desktop\ComboFix.exe
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Files Creati Da 2010-03-12 al 2010-04-12 )))))))))))))))))))))))))))))))))))
.
2010-04-12 12:29 . 2010-04-12 12:29 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-04-12 12:29 . 2010-04-12 12:29 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2010-04-12 12:29 . 2010-04-12 12:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-12 12:16 . 2010-04-12 12:29 -------- d-----w- c:\users\User\AppData\Local\temp
2010-04-12 08:05 . 2009-08-24 12:47 378368 ----a-w- c:\windows\system32\winhttp.dll
2010-04-10 09:59 . 2010-04-10 09:59 4076824 ----a-w- c:\programdata\avg9\update\backup\avgui.exe
2010-04-10 09:59 . 2010-04-10 09:59 2059544 ----a-w- c:\programdata\avg9\update\backup\avgtray.exe
2010-04-10 09:59 . 2010-04-10 09:59 1274136 ----a-w- c:\programdata\avg9\update\backup\avgfrw.exe
2010-04-10 09:59 . 2010-04-10 09:59 1598744 ----a-w- c:\programdata\avg9\update\backup\avgssie.dll
2010-04-10 09:59 . 2010-04-10 09:59 598296 ----a-w- c:\programdata\avg9\update\backup\avgsrmx.dll
2010-04-10 09:59 . 2010-04-10 09:59 1515224 ----a-w- c:\programdata\avg9\update\backup\avgwd.dll
2010-04-10 09:59 . 2010-04-10 09:59 313112 ----a-w- c:\programdata\avg9\update\backup\avglogx.dll
2010-04-10 09:59 . 2010-04-10 09:59 4250976 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2010-04-10 09:59 . 2010-04-10 09:59 341272 ----a-w- c:\programdata\avg9\update\backup\avgxch32.dll
2010-04-10 09:59 . 2010-04-10 09:59 459544 ----a-w- c:\programdata\avg9\update\backup\avgcclix.dll
2010-04-10 09:58 . 2010-04-10 09:58 1086744 ----a-w- c:\programdata\avg9\update\backup\avgchsvx.exe
2010-04-10 09:58 . 2010-04-10 09:58 556824 ----a-w- c:\programdata\avg9\update\backup\avgchjwx.dll
2010-04-10 09:58 . 2010-04-10 09:58 301336 ----a-w- c:\programdata\avg9\update\backup\avgchclx.dll
2010-04-10 09:57 . 2010-04-10 09:57 1035032 ----a-w- c:\programdata\avg9\update\backup\avgupd.exe
2010-04-10 09:57 . 2010-04-10 09:57 1685784 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll
2010-04-10 09:08 . 2009-06-15 15:28 272384 ----a-w- c:\windows\system32\schannel.dll
2010-04-10 09:08 . 2009-06-15 15:23 494592 ----a-w- c:\windows\system32\kerberos.dll
2010-04-08 09:00 . 2010-04-08 09:00 5918776 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-04-07 22:59 . 2010-04-07 22:59 -------- d-----w- C:\$AVG
2010-04-07 22:58 . 2010-04-12 11:41 -------- d-----w- c:\programdata\avg9
2010-04-07 22:17 . 2010-04-07 22:17 -------- d-----w- c:\users\User\AppData\Roaming\Creative
2010-03-27 16:53 . 2010-03-27 16:53 -------- d-----w- C:\ACCA
2010-03-18 15:47 . 2010-02-12 10:49 293376 ----a-w- c:\windows\system32\browserchoice.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-12 08:40 . 2008-04-17 18:46 -------- d-----w- c:\users\User\AppData\Roaming\Spyware Terminator
2010-04-12 08:39 . 2008-04-17 17:32 -------- d-----w- c:\users\User\AppData\Roaming\Skype
2010-04-12 08:29 . 2008-06-20 12:42 -------- d-----w- c:\users\User\AppData\Roaming\skypePM
2010-04-12 08:29 . 2008-04-17 18:46 -------- d-----w- c:\programdata\Spyware Terminator
2010-04-10 09:38 . 2007-09-13 05:25 682184 ----a-w- c:\windows\system32\perfh010.dat
2010-04-10 09:38 . 2007-09-13 05:25 114622 ----a-w- c:\windows\system32\perfc010.dat
2010-04-09 13:42 . 2008-04-17 18:46 -------- d-----w- c:\program files\Spyware Terminator
2010-04-09 12:07 . 2008-04-17 18:46 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-04-08 21:36 . 2008-07-15 21:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-04-08 13:11 . 2008-07-15 21:18 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-04-08 10:45 . 2008-04-19 12:16 -------- d-----w- c:\program files\FotoTaxi3
2010-04-08 09:02 . 2009-09-10 13:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-07 22:58 . 2008-07-24 22:31 -------- d-----w- c:\program files\AVG
2010-04-07 22:54 . 2008-05-05 16:18 -------- d-----w- c:\program files\Creative
2010-04-07 22:18 . 2008-05-05 16:20 -------- d-----w- c:\programdata\Creative
2010-04-07 11:30 . 2007-09-12 20:19 -------- d-----w- c:\programdata\Roxio
2010-04-02 13:45 . 2007-09-12 20:23 -------- d-----w- c:\program files\Java
2010-03-29 22:46 . 2009-09-10 13:20 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-29 22:45 . 2009-09-10 13:20 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-27 16:53 . 2007-09-12 20:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-12 10:28 . 2010-03-05 16:51 -------- d-----w- c:\programdata\River Past G5
2010-03-11 18:31 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-03-11 07:58 . 2008-04-17 15:23 -------- d-----w- c:\programdata\Microsoft Help
2010-03-09 02:28 . 2009-03-08 14:35 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-05 16:51 . 2010-03-05 16:51 -------- d-----w- c:\users\User\AppData\Roaming\River Past G5
2010-02-25 09:45 . 2008-04-17 07:16 168952 ----a-w- c:\users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 09:16 . 2009-10-02 17:34 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 06:39 . 2010-03-31 07:17 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 06:33 . 2010-03-31 07:17 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-02-23 06:33 . 2010-03-31 07:17 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-02-23 04:55 . 2010-03-31 07:17 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-02-20 23:54 . 2010-03-11 07:52 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-20 23:51 . 2010-03-11 07:52 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 21:30 . 2010-03-11 07:52 396800 ----a-w- c:\windows\system32\drivers\http.sys
2010-01-30 10:59 . 2010-01-30 10:59 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb6E7D.tmp.exe
2010-01-25 12:58 . 2010-02-24 09:46 473088 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-25 12:58 . 2010-02-24 09:46 154624 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:58 . 2010-02-24 09:46 154112 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-25 12:58 . 2010-02-24 09:46 472576 ----a-w- c:\windows\system32\secproc.dll
2010-01-25 12:56 . 2010-02-24 09:46 312320 ----a-w- c:\windows\system32\msdrm.dll
2010-01-25 08:36 . 2010-02-24 09:46 435712 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-25 08:36 . 2010-02-24 09:46 515584 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-25 08:36 . 2010-02-24 09:46 431104 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:35 . 2010-02-24 09:46 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-23 08:05 . 2010-02-24 09:47 2048 ----a-w- c:\windows\system32\tzres.dll
2007-09-13 05:40 . 2007-09-13 05:27 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-04-17 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-10 39408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-04-09 3037696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-08-09 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-08-09 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-08-09 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-05-24 71176]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"DSLSTATEXE"="c:\program files\Conexant\Adsl\dslstat.exe" [2006-12-18 376832]
"DSLAGENTEXE"="c:\program files\Conexant\Adsl\dslagent.exe" [2006-12-18 90112]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-09 2176512]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"Waiting1690"="c:\windows\stid1690.exe" [2007-06-05 60416]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-10 122368]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
R2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
R2 gupdate;Servizio di Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 135664]
R2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]
R3 CAM1690;USB PC CAMERA 301P;c:\windows\system32\Drivers\cam1690.sys [2007-09-20 177664]
R3 DCamUSBNW802;NoteCam Pro USB PC Camera;c:\windows\system32\DRIVERS\pcam.sys [2003-08-07 161468]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-04-06 23064]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-04-09 142592]
S2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
S3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2008-02-26 493568]
.
Contenuto della cartella 'Scheduled Tasks'
2010-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 11:20]
2010-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 11:20]
2010-03-31 c:\windows\Tasks\HPCeeScheduleForUser.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-09-12 14:55]
2010-04-11 c:\windows\Tasks\User_Feed_Synchronization-{88FBAF56-92D0-453F-9C0D-3C28950A72CF}.job
- c:\windows\system32\msfeedssync.exe [2010-03-31 04:54]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.corriere.it/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=IT_IT&c=74&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
DPF: {3BB4FE3B-7A37-11D3-A41E-0060080C03B3} - hxxp://193.205.23.35/vblu/NWWClientFull.cab
.
.
------- Associazioni dei file -------
.
inifile=%SystemRoot%\System32\NOTEPAD.EXE %1"
.scr=AutoCADScriptFile
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-04-12 14:29
Windows 6.0.6000 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
Ora fine scansione: 2010-04-12 14:31:12
ComboFix-quarantined-files.txt 2010-04-12 12:31
ComboFix2.txt 2010-04-12 12:16
ComboFix3.txt 2010-04-10 09:27
Pre-Run: 293.491.580.928 byte disponibili
Post-Run: 293.446.860.800 byte disponibili
- - End Of File - - F499BB2A3CF8C5B35C86ED979BF197B2
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 15.25.45, on 12/04/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Conexant\Adsl\DslStat.exe
C:\Program Files\Conexant\Adsl\dslagent.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\StiD1690.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.corriere.it/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=IT_IT&c=74&bd=Pavilion&pf=desktopR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\Conexant\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Conexant\Adsl\dslagent.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Waiting1690] C:\Windows\stid1690.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) -
http://www.creative.com/softwareupdate/su/ocx/15031/CTSUEng.cabO16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cabO16 - DPF: {3BB4FE3B-7A37-11D3-A41E-0060080C03B3} (Entire Screen Builder Web Viewer) -
http://193.205.23.35/vblu/NWWClientFull.cabO16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) -
http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-24-0.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldit-it.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1252064537596O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1252064599757O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) -
http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cabO16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) -
http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldit-it.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
--
End of file - 13019 bytes
