Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » AIUTO VIRUS?

5 pages: 1 2 [3] 4 5
AIUTO VIRUS? Opzioni
Topic Precedente · Topic Sucessivo
r16
Inviato: Tuesday, April 20, 2010 6:19:45 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ripeto:
Lascia perdere, le indicazioni provenienti fuori, da questo topic.
Servono solo a metterti in confusione.
Torna in alto
 
shapiro
Inviato: Tuesday, April 20, 2010 7:34:46 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
scarica questo programma sul desktop ed eseguilo ( e' combofix rinominato )

(non installare la recovery console)
Lascia lavorare il programma senza interferire
Allega il rapporto C:\ComboFix.txt nella tua risposta.
Torna in alto
 
mrxiah
Inviato: Tuesday, April 20, 2010 8:17:37 PM
Rank: AiutAmico

Iscritto dal : 4/20/2010
Posts: 38
ho il log di combofix, ma è lunghissimo.. come lo allego?
vabbè lo incollo :S

ComboFix 10-04-19.08 - MARZIA 20/04/2010 18.59.50.4.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.511.275 [GMT 2:00]
Eseguito da: c:\documents and settings\MARZIA\Desktop\ComboFix.exe

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26341366.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26341697.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26342037.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26342188.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26350079.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26350469.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26350920.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26366863.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26367204.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26367774.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26367905.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26368275.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26368906.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26393612.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26394753.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26395514.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26396526.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26397297.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26397757.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26398218.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26398398.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26398749.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26399560.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26402514.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26402705.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26403085.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26403205.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26403426.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26404858.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26405408.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26405579.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26405899.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26406150.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26406430.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26407742.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26409174.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26409364.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26409635.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26410255.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26411087.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26411798.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26412519.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26412829.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26413180.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26413340.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26413550.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26414091.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26417546.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26418547.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26419659.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26419839.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26420060.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26420270.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26423555.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26423945.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26424406.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26424556.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26424656.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26424987.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26425377.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26425768.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26426339.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26426779.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26427430.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26427510.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26427691.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26427931.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26428271.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26428442.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26428722.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26428972.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26429343.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26429543.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26429884.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26430454.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26430805.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26430905.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26431246.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26431656.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26432097.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26435672.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26436333.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26437004.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26479815.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26480056.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26480657.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26480737.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26480957.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26481498.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26481999.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26482489.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26483080.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26484072.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26485283.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26485534.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26485754.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26485974.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26486445.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26487547.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26488618.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26488758.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26489019.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26489309.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26490561.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26490821.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26491082.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26491983.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26493014.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26493465.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26494497.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26502098.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26503510.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26503830.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26504741.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26505282.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26505813.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26507065.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26508487.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26509518.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26510389.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26511211.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26512132.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26512713.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26513654.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26517019.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26517410.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26517680.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26518040.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26518171.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26518561.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26518691.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26518972.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26519493.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26519743.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26522827.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26524610.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26525061.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26525782.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26526352.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26527123.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26528255.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26528776.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26529206.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26529797.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26532742.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26535816.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26537428.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26538550.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26539101.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26539792.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26540172.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26540863.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26544338.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26545039.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26545410.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26545640.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26546181.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26546882.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26547142.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26548394.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26548905.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26549746.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26550247.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26551188.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26551649.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26551859.exe
c:\documents and settings\DEVIS\Dati applicazioni\drivers\downld\26552099.exe
c:\documents and settings\DEVIS\Dati applicazioni\hidires
c:\documents and settings\DEVIS\Dati applicazioni\hidires\config\preferences.ini
c:\documents and settings\DEVIS\Dati applicazioni\hidires\file.exe
c:\documents and settings\DEVIS\Dati applicazioni\hidires\names.txt
c:\documents and settings\DEVIS\Dati applicazioni\hidires\server.txt
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Access Grader 1.0.04 Key+Serial.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Active Printer 1.5.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Actual Window Guard 4.5 Patch.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\AdFree FLV 1.03.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Admin Report Kit for IIS 4.3.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\aGuitar Pro 2.01.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\AlphaButton 2.2.1 (Key).zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Amur Clock Screensaver 1.1.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Andromeda Internet Explorer Washer 7.69.010.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\ASP String Component 1.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Astronomy Screensaver 2005 1.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Audio Sound Recorder 1.22 (With Crack).zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Battery Status 1.01.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Card Collector 1.0 (Cracked).zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Civilization IV v1.61 patch.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Client Tracks 5.9 With Crack.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Countdown Mini .b.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\CountDown Timer 1.1.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Crazy Crash Racing 2.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\CyberDefender Free 1.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\CyberLink Power2Go 6.00.1005.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Desktop Scout 4.05.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Eagles Screensaver 1.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\EasyCustomer 3.6.0.1.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\eOrdering Professional 3.5.8.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\eTrust Antivirus r8 8.0.403.0 (Cracked).zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Fast Lightweight Expression Evaluator 0.9.25.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\FeedForDev 1.0.0.1.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\FlipPublisher Enterprise 1.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Fresh Start Professional Edition 2.41.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Frostbow Home Inventory 4.5.4.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Hip Hop Toolbar IE 4.5.128.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\iM1A2 Abrams demo.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\JFlightLog 1.9.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Just Bar Codes 1.2.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Keylogger Stopper 2.0 (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\LingvoSoft Suite 2008 English Russian 2.1.28.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Link Checker 2.40.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\M Hide Drives 1.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Master Uneraser 1.00.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\McSee Movie Converter 2.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Medal of Honor Pacific Assault multiplayer demo.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Mobile Music Polyphonic 2.63.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Movie DVD Case Icon Pack no.12.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\New Year Balloons Demo Screensaver 1.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\NovaMind 2.4.6.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Oxygen SMS ActiveX Control 3.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Patient Manager Advanced 1.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\PC Recent 1.1.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Pinball Golf Pool 1.1.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Points Import for IntelliCAD 1.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Print Hint 0.33.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Rich Mailer 3.1.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Shred File 2005 1.02 Crack.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Side List Links 1.2.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Signature Maker 1.0.1.2 With Crack.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Simple Server Monitor 2.0.1 [Crack].zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\SLInvest 1.1.czip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\SLInvest 1.1.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Smart Diary Suite 3.10 Key.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\The Sims - File Cop.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Time Sync Pro 1.3.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\TimeTracker 1.0 (Cracked).zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\Traditional Chinese ClearType Fonts.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\VistaMizer 2.5.1.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\WinBoss 1.2.zip
c:\documents and settings\DEVIS\Dati applicazioni\hidires\WDIR\X360 Tiff to Pdf Image ActiveX OCX 2.39.zip
c:\documents and settings\DEVIS\Dati applicazioni\m
c:\documents and settings\DEVIS\Dati applicazioni\m\data.oct
c:\documents and settings\DEVIS\Dati applicazioni\m\list.oct
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\.Net Compiler Project 2.0.3492 crack.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\4Media HD Video Converter v5.1 by AT4RE.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\7tools Partition Imager 2005.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\ABC Toolkit 1.1 (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\ACD FotoSlate v3.0 English by Bidjan.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Ace DVD Audio Extractor v1.2.4.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Adobe PhotoShop CS4 11.0.1.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\AdventNet ManageEngine OpStor v4.0 by SHOCK.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Aicbit 3.0.2.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Alarm Clock Pro v6.4.3 for Mac (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Animated Slots 2.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\AppendToFiles 1.08.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Apple TV enhanced DVD Converter 3.2.6.10.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\ArcaVir Internet Security 2009 keygen.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\AzureTray 2.2.czip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\AzureTray 2.2.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Battlestations Pacific v1.0 [MULTI5] No-DVD-Fixed EXE.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Berserk Perspectron v1.5.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\BIG Holdings Fantasy Football SMARTs v3.50.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Big2 Poker Retail JAVA by RLYEH.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\BitDefender Standard Edition.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\BlackBoard Turbo Transfer v1.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Brojac Impulsa 3.0.9.1.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Campaign Franklin v1.03 NoCD PatchSTONED.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Canon Photo Org Photo Albums 2.0 (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\CATraxx v6.05 Serial by FFF.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\CelticKnots Screen Saver 1.01.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Chess Genius 3.0 for Symbian OS (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\ClipExt J 1.0.0 for Mac.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\ClipViewer 1.0.3-key.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\CoCSoft Stream Down v2.5 by FFF.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Company of Heroes Opposing Fronts ENGLISH-2-FRENCH PATCH.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Cryptime v3.3 by CAFE.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\CyberGauge 1.1 for Mac.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\DiskArcher Backup Utility 1.02 (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Dupe Guru v2.2.5 Cracked by EXPLOSiON.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\DVDInfoPro 2.13.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\dzsoft perl editor 5.3.1.2 cracked exe by REVENGE.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Eclipse 3.1 x for Mac.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\FileZilla Password Recovery v1.0.150.2006 by HERiTAGE.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\FlashClean 3.2.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Fly Calculator 1.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Form Pilot Home v2.11 WinAll Cracked by HS.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\FpHelp Builder v1.3.22.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Fractal Roses Screensaver 1.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Galaxy Edition [GERMAN] UNLOCKERS.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\GameHouse JewelQuest Solitaire.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\GameHouse Rainbow Mystery Serial by BalCrNepal.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Gif Construction Set 1.0q Patch 5 (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\guardant novex envelope killer 1.3 full by TSRh.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\IES QuickRDesign v1.00.0004 by AGAiN.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Instant Theme Creator 2.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\IrfanView v3.97 WinAll Incl Keygen by EAT.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Jetman Jack v1.0 for PalmOS 5.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Kingdia DVD Ripper v3.0.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\KingMailer 1.3.0.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Lorenz Grafs HTML Tool 3.0 (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Luftwaffe Commander 11 CD-Copy.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Mabry FTP-X v2.03.047.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Maya v4.4.2 French.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Money S3 v10.030 ENT CZECH by rG.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\MP3 Namer 1.1.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Mr.Internet 3.5.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\MyUSBonly 5.8.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Nucleus Kernel MS Backup File Recovery v4.05.01 by Lz0.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Open Fitness v2.0 MacOSX Incl Keygen by DiGERATi.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Panda Antivirus + Firewall 2007 6.00.02 (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\PGR Retail JAVA K500 by RLYEH.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Picture Merge Genius v2.7.2 by SnD.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\PowerTerm Pro v8.0.1.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\profiSUBMIT v7.1 German.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Protect CD DVD 2.0.5.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Puzzler 1.0.3 for Mac (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\QuickWebSecure 1.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Random Password Generator Pro v11.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Scan2Email v1.08 by NiTROUS.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Screen Printer v3.0 by TMG.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\SD Capture 4.6.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\SECURE IE 2004 3.1286 (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Silver Catalyst 1.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Simply Balanced 3.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\slots tut V2.0 (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Smart Video Converter v1.5.21 by ACME.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\SnagIt 6.2 (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Soldiers of Anarchy Polish.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Source Code Spell Checker v3.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Spiderman (1984) (Load And Go Software) FULL!.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\StartPro 1.26c (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Taxi Racer London 2 CHEATS by PiZZADOX.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Trojan Remover6.0.3 (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Turn Off Monitor v3.x by tRUE.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\User Account Manager 3.3.4.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\VideoMAN v2.2.3.582 WinALL REGGED by LUCiD.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\VOB CD Wizard Pro (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\WeatherXpress 2000 2.1.1 (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\WinDates 4.24.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\WinFtp Server v2.1 Incl Keygen And Patch by BRD.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\Wireless Watch v2.0.10.0.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\WorkgroupMail Mail Server 6.2.0g by FHCF.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\WWAYM NWMaxx v1.x (Serial).zip
c:\documents and settings\DEVIS\Dati applicazioni\m\shared\ZipForge Component for Delphi 6 v2.59urceCode by DVT.zip
c:\documents and settings\DEVIS\Dati applicazioni\m\srvlist.oct
c:\documents and settings\MARZIA\Dati applicazioni\FunWebProducts
c:\documents and settings\MARZIA\Dati applicazioni\FunWebProducts\Data\MARZIA\avatar.dat
c:\documents and settings\MARZIA\Dati applicazioni\FunWebProducts\Data\MARZIA\zbucks.dat
c:\documents and settings\MARZIA\Dati applicazioni\hidires
c:\documents and settings\MARZIA\Dati applicazioni\m
C:\InfoSat.txt
C:\Muestras
c:\muestras\15150194.EXE.Muestra EliBagle v13.80
c:\muestras\555368.EXE.Muestra EliBagle v13.80
c:\muestras\FLEC003.EXE.Muestra EliBagle v13.80
c:\muestras\WFSINTWQ.SYS.Muestra EliBagle v13.80
c:\muestras\WINUPGRO.EXE.Muestra EliBagle v13.80
c:\programmi\Cheat Engine\dbk32.sys
c:\programmi\Fast Browser Search
c:\programmi\Fast Browser Search\IE\1.bat
c:\programmi\Fast Browser Search\IE\about.html
c:\programmi\Fast Browser Search\IE\affid.dat
c:\programmi\Fast Browser Search\IE\basis.xml
c:\programmi\Fast Browser Search\IE\basis_br.xml
c:\programmi\Fast Browser Search\IE\basis_de.xml
c:\programmi\Fast Browser Search\IE\basis_en.xml
c:\programmi\Fast Browser Search\IE\basis_es.xml
c:\programmi\Fast Browser Search\IE\basis_fr.xml
c:\programmi\Fast Browser Search\IE\basis_it.xml
c:\programmi\Fast Browser Search\IE\basis_nr.xml
c:\programmi\Fast Browser Search\IE\basis_pt.xml
c:\programmi\Fast Browser Search\IE\basis_ru.xml
c:\programmi\Fast Browser Search\IE\basis_tr.xml
c:\programmi\Fast Browser Search\IE\BHO.dll
c:\programmi\Fast Browser Search\IE\fbsSearchProvider.xml
c:\programmi\Fast Browser Search\IE\fbstoolbar.manifest
c:\programmi\Fast Browser Search\IE\icons.bmp
c:\programmi\Fast Browser Search\IE\info.txt
c:\programmi\Fast Browser Search\IE\local.xml
c:\programmi\Fast Browser Search\IE\logobg.bmp
c:\programmi\Fast Browser Search\IE\MTWBtoolbar.html
c:\programmi\Fast Browser Search\IE\search.bmp
c:\programmi\Fast Browser Search\IE\search_br.bmp
c:\programmi\Fast Browser Search\IE\search_de.bmp
c:\programmi\Fast Browser Search\IE\search_es.bmp
c:\programmi\Fast Browser Search\IE\search_fr.bmp
c:\programmi\Fast Browser Search\IE\search_it.bmp
c:\programmi\Fast Browser Search\IE\search_pt.bmp
c:\programmi\Fast Browser Search\IE\search_ru.bmp
c:\programmi\Fast Browser Search\IE\SearchGuardPlus.exe
c:\programmi\Fast Browser Search\IE\SearchGuardPlus.ico
c:\programmi\Fast Browser Search\IE\SGPU.ico
c:\programmi\Fast Browser Search\IE\sgpUpdater.exe
c:\programmi\Fast Browser Search\IE\sgpUpdater.xml
c:\programmi\Fast Browser Search\IE\SGPUpdaterS.exe
c:\programmi\Fast Browser Search\IE\tbhelper.dll
c:\programmi\Fast Browser Search\IE\tbs_include_script_003175.js
c:\programmi\Fast Browser Search\IE\tbs_include_script_005064.js
c:\programmi\Fast Browser Search\IE\tbs_include_script_012817.js
c:\programmi\Fast Browser Search\IE\Toolbar Help.htm
c:\programmi\Fast Browser Search\IE\uninstall.exe
c:\programmi\Fast Browser Search\IE\uninstalSGP.exe
c:\programmi\Fast Browser Search\IE\uninstalSGPU.exe
c:\programmi\Fast Browser Search\IE\update.exe
c:\programmi\Fast Browser Search\IE\version.txt
c:\programmi\FunWebProducts
c:\programmi\GooglePlusVideos
c:\programmi\GooglePlusVideos\DeploymentHelper.exe
c:\programmi\GooglePlusVideos\FFExt\chrome.manifest
c:\programmi\GooglePlusVideos\FFExt\chrome\content\googleplusvideos.xul
c:\programmi\GooglePlusVideos\FFExt\chrome\content\script-injector.js
c:\programmi\GooglePlusVideos\FFExt\install.rdf
c:\programmi\GooglePlusVideos\GooglePlusVideosLicense.txt
c:\programmi\GooglePlusVideos\GooglePlusVideosXPCOM.dll
c:\programmi\GooglePlusVideos\GVConfig.ini
c:\programmi\GooglePlusVideos\IGooglePlusVideosXPCOM.xpt
c:\programmi\GooglePlusVideos\MFC42U.DLL
c:\programmi\GooglePlusVideos\Uninstall.bat
c:\programmi\MyWebSearch
c:\programmi\MyWebSearch\bar\3.bin\MWSOEMON.EXE
c:\programmi\MyWebSearch\bar\3.bin\MWSOESTB.DLL
c:\programmi\MyWebSearch\bar\4.bin\F3CJpeg.dll
c:\programmi\MyWebSearch\bar\4.bin\F3DTACTL.DLL
c:\programmi\MyWebSearch\bar\4.bin\F3HISTSW.DLL
c:\programmi\MyWebSearch\bar\4.bin\F3HKSTUB.DLL
c:\programmi\MyWebSearch\bar\4.bin\F3HTMLMU.DLL
c:\programmi\MyWebSearch\bar\4.bin\F3HTTPCT.DLL
c:\programmi\MyWebSearch\bar\4.bin\F3POPSWT.DLL
c:\programmi\MyWebSearch\bar\4.bin\F3PSSAVR.SCR
c:\programmi\MyWebSearch\bar\4.bin\F3REGHK.DLL
c:\programmi\MyWebSearch\bar\4.bin\F3REPROX.DLL
c:\programmi\MyWebSearch\bar\4.bin\F3RESTUB.DLL
c:\programmi\MyWebSearch\bar\4.bin\F3SCHMON.EXE
c:\programmi\MyWebSearch\bar\4.bin\F3SCRCTR.DLL
c:\programmi\MyWebSearch\bar\4.bin\F3WPHOOK.DLL
c:\programmi\MyWebSearch\bar\4.bin\M3AUXSTB.DLL
c:\programmi\MyWebSearch\bar\4.bin\M3DLGHK.DLL
c:\programmi\MyWebSearch\bar\4.bin\M3FFXTBR.MANIFEST
c:\programmi\MyWebSearch\bar\4.bin\M3HIGHIN.EXE
c:\programmi\MyWebSearch\bar\4.bin\M3HTML.DLL
c:\programmi\MyWebSearch\bar\4.bin\M3IDLE.DLL
c:\programmi\MyWebSearch\bar\4.bin\M3IMPIPE.EXE
c:\programmi\MyWebSearch\bar\4.bin\M3MEDINT.EXE
c:\programmi\MyWebSearch\bar\4.bin\M3MSg.dll
c:\programmi\MyWebSearch\bar\4.bin\M3NTSTBR.MANIFEST
c:\programmi\MyWebSearch\bar\4.bin\M3OUTLCN.DLL
c:\programmi\MyWebSearch\bar\4.bin\M3PLUGIN.DLL
c:\programmi\MyWebSearch\bar\4.bin\M3SKIN.DLL
c:\programmi\MyWebSearch\bar\4.bin\M3SKPLAY.EXE
c:\programmi\MyWebSearch\bar\4.bin\M3SLSRCH.EXE
c:\programmi\MyWebSearch\bar\4.bin\M3SRCHMN.EXE
c:\programmi\MyWebSearch\bar\4.bin\MWSOEMON.EXE
c:\programmi\MyWebSearch\bar\4.bin\MWSOEPLG.DLL
c:\programmi\MyWebSearch\bar\4.bin\MWSOESTB.DLL
c:\programmi\MyWebSearch\bar\4.bin\MWSSVC.EXE
c:\programmi\MyWebSearch\bar\4.bin\NPMYWEBS.DLL
c:\programmi\MyWebSearch\bar\Cache\files.ini
c:\programmi\MyWebSearch\bar\icons\CM.ICO
c:\programmi\MyWebSearch\bar\icons\MFC.ICO
c:\programmi\MyWebSearch\bar\icons\PSS.ICO
c:\programmi\MyWebSearch\bar\icons\SMILEY.ICO
c:\programmi\MyWebSearch\bar\icons\WB.ICO
c:\programmi\MyWebSearch\bar\icons\ZWINKY.ICO
c:\programmi\SGPSA
c:\programmi\SGPSA\BHO.dll
c:\windows\system32\awTTrsib.dll
c:\windows\system32\nnnliHYo.dll

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_MYWEBSEARCHSERVICE
-------\Legacy_SROSA
-------\Service_Boonty Games


((((((((((((((((((((((((( Files Creati Da 2010-03-20 al 2010-04-20 )))))))))))))))))))))))))))))))))))
.

2010-04-20 15:33 . 2010-04-20 15:33 -------- d-----w- c:\programmi\FindyKill
2010-04-20 13:27 . 2010-04-20 13:27 -------- d-----w- c:\programmi\ESET
2010-04-20 12:16 . 2010-04-20 12:17 8884 ----a-w- C:\file1.zip
2010-04-20 10:01 . 2010-04-20 10:01 -------- d-----w- c:\windows\system32\LogFiles
2010-04-20 09:08 . 2010-04-20 09:08 -------- dc-h--w- c:\documents and settings\All Users\Dati applicazioni\{8306CC25-89B8-404F-ACAF-868FC1CF8CEA}
2010-04-20 09:07 . 2010-04-20 09:07 -------- d-----w- c:\documents and settings\MARZIA\Impostazioni locali\Dati applicazioni\PackageAware
2010-04-19 16:08 . 2010-04-20 09:42 -------- d-----w- c:\programmi\Tracker Software
2010-04-19 14:49 . 2010-04-20 14:57 -------- d-----w- c:\documents and settings\MARZIA\Dati applicazioni\drivers
2010-04-19 13:31 . 2010-04-19 13:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PaperlessPrinter Data
2010-04-19 13:18 . 2010-04-19 13:23 -------- d-----w- c:\documents and settings\MARZIA\Dati applicazioni\UDC Profiles
2010-04-19 13:16 . 2010-03-18 20:27 24440 ----a-w- c:\windows\system32\udcpm.dll
2010-04-19 13:00 . 2010-04-19 13:12 -------- d-----w- C:\ConvertTemp
2010-04-19 12:38 . 2010-04-19 12:41 -------- d-----w- C:\Output Files
2010-04-19 12:37 . 2010-04-19 15:56 -------- d-----w- c:\programmi\Word to Jpeg Converter 3000
2010-04-06 13:18 . 2010-04-06 13:20 -------- d-----w- c:\programmi\Hoyle Miami Solitaire
2010-04-06 11:58 . 2005-09-01 10:03 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-04-06 11:58 . 2005-09-01 10:03 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-04-06 11:56 . 2004-07-09 07:43 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-04-06 11:56 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-04-06 11:56 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-04-06 11:56 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-04-06 11:56 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-04-06 11:56 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-04-06 11:55 . 2006-01-12 14:40 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-04-06 11:55 . 2010-04-06 11:55 -------- d-----w- c:\programmi\File comuni\Ahead
2010-04-05 19:45 . 2010-04-05 19:46 -------- d-----w- c:\programmi\DVD Decrypter
2010-04-04 21:00 . 2010-04-04 21:00 -------- d-----w- c:\programmi\Erickson
2010-04-03 22:15 . 2010-04-03 22:15 -------- d-----w- c:\programmi\Zylom Games
2010-04-03 22:14 . 2010-04-03 22:14 -------- d-----w- c:\documents and settings\MARZIA\Dati applicazioni\PlayFirst
2010-04-03 22:14 . 2010-04-03 22:14 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PlayFirst
2010-03-25 13:24 . 2006-03-03 13:42 117248 ----a-w- c:\windows\Mystify.scr
2010-03-25 13:23 . 2006-03-01 03:53 773120 ----a-w- c:\windows\bubbles.scr

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-20 17:22 . 2009-09-23 13:33 -------- d-----w- c:\programmi\Cheat Engine
2010-04-20 14:58 . 2009-04-27 20:39 -------- d--h--w- c:\documents and settings\DEVIS\Dati applicazioni\drivers
2010-04-20 09:41 . 2008-07-31 20:47 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2010-04-20 09:41 . 2008-07-31 20:47 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2010-04-19 15:10 . 2010-02-04 14:21 -------- d-----w- c:\documents and settings\MARZIA\Dati applicazioni\uTorrent
2010-04-19 11:30 . 2009-11-09 20:24 1024 ----a-w- c:\documents and settings\All Users\Dati applicazioni\txtpdf2.dll
2010-04-06 11:56 . 2008-07-31 20:37 -------- d-----w- c:\programmi\Ahead
2010-04-03 22:15 . 2008-10-10 19:16 -------- d-----w- c:\documents and settings\MARZIA\Dati applicazioni\Zylom
2010-04-02 13:09 . 2008-07-31 20:48 -------- d-----w- c:\programmi\CCleaner
2010-03-28 20:01 . 2009-06-20 20:16 -------- d-----w- c:\programmi\Bricks Of Egypt 2
2010-03-28 15:41 . 2001-08-31 12:00 79292 ----a-w- c:\windows\system32\perfc010.dat
2010-03-28 15:41 . 2001-08-31 12:00 478808 ----a-w- c:\windows\system32\perfh010.dat
2010-03-25 10:38 . 2009-01-27 13:44 -------- d-----w- c:\documents and settings\MARZIA\Dati applicazioni\Skype
2010-03-25 10:15 . 2009-01-27 13:51 -------- d-----w- c:\documents and settings\MARZIA\Dati applicazioni\skypePM
2010-03-14 19:21 . 2009-01-03 14:38 23456 ----a-w- c:\documents and settings\GRANDE MAGO\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-02-19 11:24 . 2008-11-18 17:44 23456 ----a-w- c:\documents and settings\DEVIS\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-02-02 11:02 . 2008-08-04 19:28 23456 ----a-w- c:\documents and settings\MARZIA\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-02-01 19:56 . 2008-12-23 11:31 23456 ----a-w- c:\documents and settings\EVY\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-01-29 14:30 . 2009-10-16 12:57 0 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLdu.DAT
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-19 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 15:10 35696 ----a-w- c:\programmi\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-19 14:39 110592 ----a-w- c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
2004-08-22 16:05 81920 ----a-w- c:\programmi\D-Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-10-31 18:22 135664 ----atw- c:\documents and settings\MARZIA\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 04:24 286720 ----a-w- c:\programmi\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\programmi\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-04-20 14:51 1830128 ----a-w- c:\programmi\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-06-03 12:46 251240 ----a-w- c:\programmi\TomTom HOME 2\TomTomHOMERunner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpyEraser]
2008-12-22 06:23 1431816 ----a-w- c:\programmi\Uniblue\SpyEraser\SpyEraser.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"wuauserv"=2 (0x2)
"TomTomHOMEService"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Opera\\opera.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Programmi\\NetMeeting\\conf.exe"=
"d:\\Programmi\\zion\\Zion++.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\Microsoft Games\\Age of Empires II\\empires2.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Charles\\Charles.exe"=
"c:\\Programmi\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [01/07/2009 13.19.53 5248]
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [12/06/2009 22.32.43 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [12/06/2009 22.32.43 5248]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [28/04/2009 11.33.42 9968]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [28/04/2009 11.33.40 72944]
S2 gupdate1c98de3f42e9920;Servizio di Google Update (gupdate1c98de3f42e9920);c:\programmi\Google\Update\GoogleUpdate.exe [13/02/2009 16.04.10 133104]
S3 mgau;mgau;c:\windows\system32\drivers\mgaum.sys [31/07/2008 23.06.06 320384]
S3 qcusbmdm;Qualcomm Proprietary USB Driver (PID 3197);c:\windows\system32\drivers\qcusbmdm.sys [29/12/2008 21.12.50 59632]
S3 qcusbser;Qualcomm Diagnostic Port 3197;c:\windows\system32\drivers\qcusbser.sys [29/12/2008 21.17.08 59632]
S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [28/04/2009 11.33.44 7408]
S4 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [01/07/2009 13.19.53 160640]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/02/2009 22.27.33 717296]
S4 TomTomHOMEService;TomTomHOMEService;c:\programmi\TomTom HOME 2\TomTomHOMEService.exe [03/06/2009 14.46.36 92008]
.
Contenuto della cartella 'Scheduled Tasks'

2010-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-13 14:03]

2010-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-13 14:03]

2010-04-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1682526488-1060284298-1003Core.job
- c:\documents and settings\MARZIA\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2010-01-29 18:22]

2010-04-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1682526488-1060284298-1003UA.job
- c:\documents and settings\MARZIA\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2010-01-29 18:22]

2009-12-21 c:\windows\Tasks\NSSstub.job
- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2009-10-10 09:08]

2009-04-28 c:\windows\Tasks\Uniblue SpyEraser.job
- c:\programmi\Uniblue\SpyEraser\SpyEraser.exe [2009-04-28 06:23]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page =
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: {3117BA2F-EADC-4F26-89B8-56DAF55F7B72} = 208.67.222.222,208.67.220.220
DPF: 
FF - ProfilePath - c:\documents and settings\MARZIA\Dati applicazioni\Mozilla\Firefox\Profiles\82sv6xio.default\
FF - component: c:\documents and settings\MARZIA\Dati applicazioni\Mozilla\Firefox\Profiles\82sv6xio.default\extensions\{fc600575-3013-4e8e-941c-4b00dafce730}\components\FFExternalAlert.dll
FF - plugin: c:\documents and settings\All Users\Dati applicazioni\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\MARZIA\Impostazioni locali\Dati applicazioni\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\NPMyWebS.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKLM-Run-StartCCC - c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
MSConfigStartUp-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\4.bin\M3PLUGIN.DLL
AddRemove-Universal Document Converter_is1 - c:\programmi\Universal Document Converter\unins001.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-20 19:33
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x82B62D68]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf8503fc3
\Driver\ACPI -> ACPI.sys @ 0xf843fcb8
\Driver\atapi -> 0x82b62d68
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0094
ParseProcedure -> ntoskrnl.exe @ 0x8056f08e
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0094
ParseProcedure -> ntoskrnl.exe @ 0x8056f08e
NDIS: SiS 900 PCI Fast Ethernet Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf82d8af9
PacketIndicateHandler -> NDIS.sys @ 0xf82c5a0b
SendHandler -> NDIS.sys @ 0xf82d9b31
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-2000478354-1682526488-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{597988AB-BF88-5ECA-B68A-9AED9CF1812E}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iacclkkglboecfoiaf"=hex:6b,61,6c,6b,67,6a,64,66,70,70,62,6f,6a,6d,6a,6c,65,6c,
65,6d,69,6c,00,00
"haiebfogomcjjmji"=hex:6b,61,6c,6b,67,6a,64,66,70,70,62,6f,6a,6d,6a,6c,65,6c,
65,6d,69,6c,00,00

[HKEY_USERS\S-1-5-21-2000478354-1682526488-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9DB5F19F-8056-D620-011B-B3BA6E12C147}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iaopghoninljdiklio"=hex:6b,61,65,62,61,69,64,70,66,61,62,6b,67,6c,63,63,6f,63,
70,6a,69,62,00,00
"haioachdbkkiaekj"=hex:6b,61,65,62,61,69,64,70,66,61,62,6b,67,6c,63,63,6f,63,
70,6a,69,62,00,00
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(600)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2240)
c:\windows\system32\WININET.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\System32\SCardSvr.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\windows\System32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2010-04-20 19:48:31 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-04-20 17:48

Pre-Run: 4.538.916.864 byte disponibili
Post-Run: 4.869.844.992 byte disponibili

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - BAC83D55632557A69020695BA17C313B
Torna in alto
 
meme1580
Inviato: Tuesday, April 20, 2010 8:18:49 PM

Rank: AiutAmico

Iscritto dal : 3/25/2008
Posts: 170
lo copi e lo incolli qui
Torna in alto
 
mrxiah
Inviato: Tuesday, April 20, 2010 8:19:48 PM
Rank: AiutAmico

Iscritto dal : 4/20/2010
Posts: 38
fatto
Torna in alto
 
shapiro
Inviato: Tuesday, April 20, 2010 8:22:07 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
bene ci sono state molte eliminazioni

ora mentre controllo il log di combofix esegui una scansione con malwarebytes

1) lo installi
2) lo aggiorni
3) fai una scansione scegliendo la modalità completa
4) NON eliminare per ora le ventuali minacce che rileva
5) finita la scansione seleziona il tabellino log, apri il file di testo e postalo sul forum
Torna in alto
 
meme1580
Inviato: Tuesday, April 20, 2010 8:25:38 PM

Rank: AiutAmico

Iscritto dal : 3/25/2008
Posts: 170
chiedo scusa a shapiro se intevengo, ma se non sbaglio il nostro amico ha anche una possibile infezione nel MBR.
Torna in alto
 
shapiro
Inviato: Tuesday, April 20, 2010 8:27:54 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
si ho visto meme1580

appena finito malwarebytes faro' eseguire anche la pulizia dell' MBR, non voglio confonderla con troppe procedure
Torna in alto
 
meme1580
Inviato: Tuesday, April 20, 2010 8:29:50 PM

Rank: AiutAmico

Iscritto dal : 3/25/2008
Posts: 170
Immaginavo che avevi visto, ma per sicurezza l'ho scritto. :-)
Torna in alto
 
mrxiah
Inviato: Tuesday, April 20, 2010 9:33:37 PM
Rank: AiutAmico

Iscritto dal : 4/20/2010
Posts: 38
sta scandendo da un'ora ed è ancora a c\document and setting.. mi sa che ci vuole tutta la notte..
Torna in alto
 
shapiro
Inviato: Tuesday, April 20, 2010 9:34:47 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
quando ha finito posta il rapporto, dobbiamo fare anche un controllo del' MBR
Torna in alto
 
mrxiah
Inviato: Wednesday, April 21, 2010 12:44:04 AM
Rank: AiutAmico

Iscritto dal : 4/20/2010
Posts: 38
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Versione database: 4013

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13

21/04/2010 0.42.27
mbam-log-2010-04-21 (00-42-27).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi esaminati: 216272
Tempo trascorso: 4 ore, 7 minuti, 47 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 2
Valori di registro infetti: 0
Voci infette nei dati di registro: 0
Cartelle infette: 1
File infetti: 75

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.

Valori di registro infetti:
(Non sono stati rilevati elementi nocivi)

Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)

Cartelle infette:
C:\Documents and Settings\All Users\Menu Avvio\Programmi\SpyEraser (Rogue.SpyEraser) -> No action taken.

File infetti:
C:\Documents and Settings\MARZIA\Dati applicazioni\Uniblue\SpyEraser\Quarantine\AdTool.MyWebSearch (General Components)_27_09_2009_21_18_40.asq19718 (Adware.MyWebSearch) -> No action taken.
C:\Documents and Settings\MARZIA\Desktop\SpywareCease_Setup.exe (Rogue.SpywareCease) -> No action taken.
C:\Programmi\Cheat Engine\Systemcallretriever.exe (Trojan.Downloader) -> No action taken.
C:\Programmi\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWebSearch) -> No action taken.
C:\Programmi\Navilog1\gnc.exe (Trojan.Dropper) -> No action taken.
C:\Programmi\Navilog1\reg.exe (Backdoor.VB) -> No action taken.
C:\Programmi\NoAdware4\noadwareutils.dll_tobedeleted_old (Rogue.Agent) -> No action taken.
C:\Programmi\MemoriesOnTV\msvcirt.dll (Malware.Packer.Gen) -> No action taken.
C:\Programmi\MemoriesOnTV\msvcrt.dll (Malware.Packer.Gen) -> No action taken.
C:\Qoobox\Quarantine\C\Documents and Settings\DEVIS\Dati applicazioni\hidires\file.exe.vir (Rootkit.Bagle) -> No action taken.
C:\Qoobox\Quarantine\C\Documents and Settings\DEVIS\Dati applicazioni\hidires\WDIR\SLInvest 1.1.czip.vir (Rootkit.Bagle) -> No action taken.
C:\Qoobox\Quarantine\C\Documents and Settings\DEVIS\Dati applicazioni\m\data.oct.vir (Rootkit.Bagle) -> No action taken.
C:\Qoobox\Quarantine\C\Documents and Settings\DEVIS\Dati applicazioni\m\shared\AzureTray 2.2.czip.vir (Rootkit.Bagle) -> No action taken.
C:\Qoobox\Quarantine\C\Muestras\WINUPGRO.EXE.Muestra EliBagle v13.80.vir (Rootkit.Bagle) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\3.bin\MWSOEMON.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\3.bin\MWSOESTB.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\F3CJPEG.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\F3HKSTUB.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\F3PSSAVR.SCR.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\F3REGHK.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\F3RESTUB.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\F3SCHMON.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\M3AUXSTB.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\M3DLGHK.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\M3HIGHIN.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\M3HTML.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\M3IDLE.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\M3IMPIPE.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\M3MEDINT.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\M3MSG.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\M3OUTLCN.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\M3PLUGIN.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\M3SKIN.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\M3SKPLAY.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\M3SLSRCH.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\M3SRCHMN.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\MWSOEMON.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\MWSOEPLG.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\MWSOESTB.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\MWSSVC.EXE.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\Programmi\MyWebSearch\bar\4.bin\NPMYWEBS.DLL.vir (Adware.MyWebSearch) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\nnnliHYo.dll.vir (Trojan.Downloader) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000291.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000307.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000325.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000270.exe (Rootkit.Bagle) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000292.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000293.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000296.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000300.SCR (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000301.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000303.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000304.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000308.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000310.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000311.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000312.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000313.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000314.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000315.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000317.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000318.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000319.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000320.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000321.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000322.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000323.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000324.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000326.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000327.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{B57E2835-7C0D-4E06-838F-69E495B0E547}\RP1\A0000336.dll (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\All Users\Menu Avvio\Programmi\SpyEraser\SpyEraser Help.lnk (Rogue.SpyEraser) -> No action taken.
C:\Documents and Settings\All Users\Menu Avvio\Programmi\SpyEraser\SpyEraser.lnk (Rogue.SpyEraser) -> No action taken.
C:\Documents and Settings\All Users\Menu Avvio\Programmi\SpyEraser\Uninstall SpyEraser.lnk (Rogue.SpyEraser) -> No action taken.
C:\Documents and Settings\All Users\Desktop\SpyEraser.lnk (Rogue.SpyEraser) -> No action taken.

ora però non so se posso chiudere il programma :S
Torna in alto
 
shapiro
Inviato: Wednesday, April 21, 2010 1:08:14 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

ora segui questi passaggi

disattiva il ripristino

Code:
1.  clic su Start-> Programmi->Accessori->Esplora risorse.

   2.  clic con il pulsante destro del mouse sull'icona Risorse del computer e quindi su Proprietà.

   3. Selezionare la scheda "Ripristino configurazione di sistema".

   4. Selezionare la voce "Disattiva ripristino configurazione di sistema"

   5. Premere OK. Verrà richiesto di confermare l'azione in quanto saranno eliminati tutti i punti di ripristino memorizzati. Confermare premendo SI.


lascialo disattivato per ora

elimina quello che malwarebytes ha trovato

disinstalla combofix con questo tool

eseguilo
Clicca su CleanUp.
Alla richiesta di riavvio clicca SI


vai in C:\ ed elimina la cartella qoobox

fai una scansione con FindyKill

Una volta installato chiudi tutte le applicazioni attive e disconnettiti dal internet, poi clicca sull'icona di FindyKill e nella finestra dos che si aprirà scrivi 2 e premi Invio. Attendi il termine della scansione e posta qui il log che trovi in C:\FindyKill.txt
Torna in alto
 
mrxiah
Inviato: Wednesday, April 21, 2010 9:41:02 AM
Rank: AiutAmico

Iscritto dal : 4/20/2010
Posts: 38
non trovo la cartella qoobox, continuo con findykill o devo cercarla da un'altra parte?
Torna in alto
 
shapiro
Inviato: Wednesday, April 21, 2010 9:46:14 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
la cartella qoobox l'ha eliminata il programma OTC

prima di fare la scansione controlliamo un attimo l'MBR

SCARICA MBR.EXE nella Directory C:\

vai in provvisoria

Da Start - Esegui - digita C:\mbr.exe e clicca su OK

Posta il log che troverai in C:\ come mbr.log
Torna in alto
 
mrxiah
Inviato: Wednesday, April 21, 2010 9:49:18 AM
Rank: AiutAmico

Iscritto dal : 4/20/2010
Posts: 38
cosa intendi con "andare in provvisoria"?
ah ok.. in modalità provvisoria.. ok lo faccio subito
scusa eh ma sto andando insieme :P
Torna in alto
 
shapiro
Inviato: Wednesday, April 21, 2010 9:55:59 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
modalità provvisoria:

Code:
all'avvio del pc, prima che inizi a caricare Windows, premi ripetutamente F8. Uscirà la finestra del menu Opzioni avanzate di Windows => scegli modalità provvisoria


(usa il tasto freccia ^)
Torna in alto
 
mrxiah
Inviato: Wednesday, April 21, 2010 10:08:22 AM
Rank: AiutAmico

Iscritto dal : 4/20/2010
Posts: 38
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
Torna in alto
 
shapiro
Inviato: Wednesday, April 21, 2010 10:15:47 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ora torna in C:\ ed elimina quel file di log

riesegui la scansione Start>> Esegui e digita mbr.exe -f (fai copia\incolla)

posta il risultato
Torna in alto
 
mrxiah
Inviato: Wednesday, April 21, 2010 10:17:10 AM
Rank: AiutAmico

Iscritto dal : 4/20/2010
Posts: 38
sempre in modalità provvisoria?
Torna in alto
 
Utenti presenti in questo topic
Guest

5 pages: 1 2 [3] 4 5

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » AIUTO VIRUS?


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.