Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » PROBLEMA DI AVVIO COMPUTER PORTATILE

6 pages: [1] 2 3 4 5 6
PROBLEMA DI AVVIO COMPUTER PORTATILE Opzioni
Topic Precedente · Topic Sucessivo
susyb
Inviato: Thursday, May 13, 2010 6:41:25 PM
Rank: AiutAmico

Iscritto dal : 5/10/2010
Posts: 51
SALVE, VI RINGRAZIO FIN DA ORA PER L'AIUTO CHE MI DARETE E PER QUELLO GIA' DATO. GLI AMICI DEL FORUM, AVENDO PROBLEMI CON L'AVVIO DEL COMPUTER. IN BREVE IL MIO COMPUTER SI ACCENDE, MA NON SI SENTE L'AUDIO DI AVVIO E IL MOUSE NON RIESCE A DARE COMANDI, DOPO VARIE SCANSIONI DEL DISCO, ANTIVIRUS ETC, IL COMPUTER ALL'ACCENSIONE, INVECE DI IMPIEGARCI UN'ORA PER AVVIARSI IMPIEGA LA META', MA IL PROBLEMA NON E' RISOLTO. ORA PROVO, GRAZIE AI CONSIGLI DEGLI AMICI, DI INCOLLARE IL LOG DEL PROGRAMMA HIJACKTHIS, PER TROVARE IL FILE DA CANCELLARE. GRAZIE.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18.33.20, on 13/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Programmi\Atheros\ACU.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\NetRatingsNetSight\NetSight\NielsenOnline.exe
C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Programmi\NetRatingsNetSight\NetSight\NielsenOnline.exe
C:\Programmi\SweetIM\Messenger\SweetIM.exe
C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe
C:\Programmi\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Documents and Settings\All Users\Dati applicazioni\BarDiscover\bardiscover121.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
C:\Programmi\BarDiscover\bardiscover.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\M1HS\Modem.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2530241
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Softonic-IT Toolbar - {e3393495-8103-46a0-8181-270273eddd60} - C:\Programmi\Softonic-IT\tbSoft.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Softonic-IT Toolbar - {e3393495-8103-46a0-8181-270273eddd60} - C:\Programmi\Softonic-IT\tbSoft.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programmi\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Softonic-IT Toolbar - {e3393495-8103-46a0-8181-270273eddd60} - C:\Programmi\Softonic-IT\tbSoft.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [ACU] C:\Programmi\Atheros\ACU.exe -nogui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmi\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [NielsenOnline] C:\Programmi\NetRatingsNetSight\NetSight\NielsenOnline.exe
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [SweetIM] C:\Programmi\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON SX110 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE /FU "C:\WINDOWS\TEMP\E_S139.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BC32386-99EC-45B7-8754-A5B0200BC6F1}: NameServer = 213.230.130.222 217.200.200.42
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Servizio di configurazione Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BarDiscover Service - Unknown owner - C:\Documents and Settings\All Users\Dati applicazioni\BarDiscover\bardiscover121.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 10740 bytes
Torna in alto
 
Sponsor
Inviato: Thursday, May 13, 2010 6:41:25 PM

 
Torna in alto
 
wolfestein
Inviato: Thursday, May 13, 2010 7:04:46 PM

Rank: AiutAmico

Iscritto dal : 2/15/2009
Posts: 15,950
Non sono un grande esperto in questo settore ma ti consiglio di aggiornare Avast alla versione 5 il 4 non è più supportato e installa un firewall.
Disinstalla tutte le toolbar.Il programma Bar Discovery sei sicura che sia pulito?
Hai anche troppe applicazioni inutili che partono all'avvio di Windows che contribuiscono a rallentare il caricamento dello stesso.
Torna in alto
 
susyb
Inviato: Thursday, May 13, 2010 7:07:35 PM
Rank: AiutAmico

Iscritto dal : 5/10/2010
Posts: 51
wolfestein ha scritto:
Non sono un grande esperto in questo settore ma ti consiglio di aggiornare Avast alla versione 5 il 4 non è più supportato e installa un firewall.
Disinstalla tutte le toolbar.Il programma Bar Discovery sei sicura che sia pulito?
Hai anche troppe applicazioni inutili che partono all'avvio di Windows che contribuiscono a rallentare il caricamento dello stesso.

MA HO QUALCHE VIRUS?
Torna in alto
 
fdaccc
Inviato: Thursday, May 13, 2010 7:11:11 PM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
susyb non scrivere maiuscolo, altrimenti sembra che tu stia urlando.
I virus dal log pare ce ne siano pochi, forse zero, ma non sono un esperto.
Hai fatto la scansione con Malwarebytes?
Torna in alto
 
susyb
Inviato: Thursday, May 13, 2010 7:15:03 PM
Rank: AiutAmico

Iscritto dal : 5/10/2010
Posts: 51
fdaccc ha scritto:
susyb non scrivere maiuscolo, altrimenti sembra che tu stia urlando.
I virus dal log pare ce ne siano pochi, forse zero, ma non sono un esperto.
Hai fatto la scansione con Malwarebytes?

Si' ho fatto la scansione Malwarebytes e ha trovato oltre 72 virus, ma ha ripulito tutto. L'ho rifatta e tutto è andato bene. Ora non so più cosa fare, non sono esperta.
Torna in alto
 
paolopa
Inviato: Thursday, May 13, 2010 7:52:50 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
apri hijack e clicca su "do a system scan only",poi con tutte le applicazioni chiuse e disconnesso da internet seleziona le seguenti righe
C:\Documents and Settings\All Users\Dati applicazioni\BarDiscover\bardiscover121.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2530241
O23 - Service: BarDiscover Service - Unknown owner - C:\Documents and Settings\All Users\Dati
premi "fix checked"
poi:
Scarica Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop.

Importante: dopo aver scaricato COMBOFIX chiudi la connessione disabilita il tuo antivirus e
chiudi TUTTI i programmi aperti,(Firewall compreso) e

Doppio click su combofix.exe (comparirà una videata.)

E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix)
tu ignorali.

Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse)
e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.
Torna in alto
 
susyb
Inviato: Thursday, May 13, 2010 8:17:24 PM
Rank: AiutAmico

Iscritto dal : 5/10/2010
Posts: 51
paolopa ha scritto:
apri hijack e clicca su "do a system scan only",poi con tutte le applicazioni chiuse e disconnesso da internet seleziona le seguenti righe
C:\Documents and Settings\All Users\Dati applicazioni\BarDiscover\bardiscover121.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2530241
O23 - Service: BarDiscover Service - Unknown owner - C:\Documents and Settings\All Users\Dati
premi "fix checked"
poi:
Scarica Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop.

Importante: dopo aver scaricato COMBOFIX chiudi la connessione disabilita il tuo antivirus e
chiudi TUTTI i programmi aperti,(Firewall compreso) e

Doppio click su combofix.exe (comparirà una videata.)

E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix)
tu ignorali.

Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse)
e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.

sono disorientata, il computer ha problemi e devo cancellare quei file?
Torna in alto
 
paolopa
Inviato: Thursday, May 13, 2010 8:24:13 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
no,puoi tranquillamente tenerli,è una scelta tua.sei venuta a chiedere un aiuto,se hai timore ad eseguire quanto ti viene consigliato non farlo.
Torna in alto
 
susyb
Inviato: Thursday, May 13, 2010 8:42:17 PM
Rank: AiutAmico

Iscritto dal : 5/10/2010
Posts: 51
paolopa ha scritto:
no,puoi tranquillamente tenerli,è una scelta tua.sei venuta a chiedere un aiuto,se hai timore ad eseguire quanto ti viene consigliato non farlo.

Mi sono espressa male. Volevo solo chiarimenti, non essendo esperta, sul tipo di problema, se era risolvibile o meno. Non me li voglio tenere di certo, considerato che, il computer mi sta facendo impazzire. Ti ringrazio
Torna in alto
 
paolopa
Inviato: Thursday, May 13, 2010 8:55:41 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
ascolta,malwarebytes è un buon programma antimalware(a mio avviso ottimo,infatti ti ha eliminato 71 infezioni,e se postavi il suo log era meglio)ma COME TUTTI i programmi antimalware puo' tralasciare qualcosa.dallanalisi online del log di hijack sembra che quelle voci siano infette,da qui il consiglio di eliminarle.combofix è un ottimo strumento di rimozione infezioni,nonche' fonte di ulteriori notizie,per esempio riguardo il masterboot record,per questo ti ho chiesto di usarlo.posso capire le tue perplessita' e le tue paure,io ne avevo di piu'.fai cosi':aspetta indicazioni che non ti creino dubbi,saremo entrambi piu' tranquilli.
Torna in alto
 
susyb
Inviato: Friday, May 14, 2010 6:42:07 PM
Rank: AiutAmico

Iscritto dal : 5/10/2010
Posts: 51
paolopa ha scritto:
ascolta,malwarebytes è un buon programma antimalware(a mio avviso ottimo,infatti ti ha eliminato 71 infezioni,e se postavi il suo log era meglio)ma COME TUTTI i programmi antimalware puo' tralasciare qualcosa.dallanalisi online del log di hijack sembra che quelle voci siano infette,da qui il consiglio di eliminarle.combofix è un ottimo strumento di rimozione infezioni,nonche' fonte di ulteriori notizie,per esempio riguardo il masterboot record,per questo ti ho chiesto di usarlo.posso capire le tue perplessita' e le tue paure,io ne avevo di piu'.fai cosi':aspetta indicazioni che non ti creino dubbi,saremo entrambi piu' tranquilli.

ciao scusa se ti disturbo nuovamente, ma non riesco a trovare la riga C:/ etc. per cancellarla. Nel log c'è, ma cliccando sull'altro tasto non c'è, ci sono solo numeri e lettere all'inizio, tipo 23 etc. oppure Ro.
grazie
Torna in alto
 
paolopa
Inviato: Friday, May 14, 2010 7:05:05 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
si,hai ragione,fa nulla,esegui combofix secondo le modalita' che ti ho indicato.
Torna in alto
 
susyb
Inviato: Friday, May 14, 2010 7:55:26 PM
Rank: AiutAmico

Iscritto dal : 5/10/2010
Posts: 51
paolopa ha scritto:
si,hai ragione,fa nulla,esegui combofix secondo le modalita' che ti ho indicato.

ciao, ho cancellato le stringhe e finalmente scaricherò il programma. Nel frattempo ti posto il log di Malwarebytes della scansione, praticamente tutto infetto.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Versione database: 4089

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

11/05/2010 14.25.08
mbam-log-2010-05-11 (14-25-08).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi esaminati: 162875
Tempo trascorso: 32 minuti, 5 secondi

Processi infetti in memoria: 2
Moduli di memoria infetti: 2
Chiavi di registro infette: 133
Valori di registro infetti: 5
Voci infette nei dati di registro: 3
Cartelle infette: 43
File infetti: 288

Processi infetti in memoria:
C:\Programmi\Hotbar\bin\11.0.175.0\HotbarSA.exe (Adware.Hotbar) -> Unloaded process successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\Weather.exe (Adware.Hotbar) -> Unloaded process successfully.

Moduli di memoria infetti:
c:\programmi\Hotbar\bin\11.0.175.0\hotbarsahook.dll (Adware.Hotbar) -> Delete on reboot.
C:\Programmi\Hotbar\bin\11.0.175.0\WeSkin.dll (Adware.Hotbar) -> Delete on reboot.

Chiavi di registro infette:
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0729f461-8054-47dc-8d39-a31b61cc0119} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{40ca90f3-4098-4877-ae87-23eb612b18c7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4c3b62af-ca25-4fba-8405-32e44f83bb6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5a635a91-c303-45c9-8db9-f759d98a3b9d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7e335d04-2e6e-4d0e-a921-c3d9192e7121} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99ccfb8c-6380-4a14-8fdd-ef3e7e95335d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b20d7add-989c-4bc0-a797-f6fe7998efd7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bfc20a15-b0ac-44cc-a25a-a7039014ba9f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f019aec4-4c95-46de-a107-e302473e3b9a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2d00aa2a-69ef-487a-8a40-b3e27f07c91e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{86c5840b-80c4-4c30-a655-37344a542009} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{a57470de-14c7-4fcd-9d4c-e5711f24f0ed} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2557dd3f-23a0-477c-bcd8-90fd0aecc4b8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2893116c-a176-42b1-8794-da8c9fc45564} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99fdca0c-7380-4e9c-8d99-5dc4750334ef} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b1d9f4b1-b9ff-463f-bf15-ab9cb26160f7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{71f731b3-008b-4052-9ea4-4145acce40c3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarweather.weathercontroller (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarweather.weathercontroller.1 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2f9ad413-2e0b-4a85-bb2a-cf961238262a} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{70880ce6-308c-4204-a89e-b266c3f7b7fa} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c788aa2-7530-43be-97b7-4d491f13bea3} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{148e1447-c728-48fd-beec-a7d06c5fff58} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ee46f55-1ce1-4db9-811a-68938ec7f3dd} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a87dfd99-cf81-4241-85ce-881e0026b686} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c96b9fae-a032-4100-bb47-32ef05e28be4} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{14113b47-d59c-4f0f-9d10-ff1730265584} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9c42a57-421c-4572-8b12-249c59183d1c} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8292078f-f6e9-412b-8eb1-360c05c5ece5} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2447e305-5e90-42a8-bd1e-0bc333b807e1} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{50d2fdcc-2707-49cb-8223-7fe0424909aa} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{878ce013-7ba9-4650-a78c-b2234c0c1648} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a5b6fa30-d317-41ca-9cb1-c898d3c7f34e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc19a5f2-b4ad-41d5-a5c9-0680904c1483} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{76d54105-99eb-4ecb-95b2-a944f50cc566} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{30b15818-e110-4527-9c05-46ace5a3460d} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{618aad04-921f-44c2-be38-c0818af69861} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b5d2ed96-62f9-4c2c-956d-e425b1f67337} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d3a412e8-1e4b-47d2-9b12-f88291f5afbb} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3e67daa-da01-4da5-98be-3088b554a11e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a3e67daa-da01-4da5-98be-3088b554a11e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d95c7240-0282-4c01-93f5-673bca03da86} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d95c7240-0282-4c01-93f5-673bca03da86} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{03d7ff6e-9781-40b5-bb7f-94291a361604} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3ceb04ab-08af-45f4-81b4-70d13c1f7b85} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a7213d71-47e1-4832-92d7-d61dfe9f231f} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf82f350-e1c4-4916-ac12-ba73db60afb7} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c62a9e79-2b52-439b-af57-2e60bb06e86c} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{15fd8424-d12a-4c51-8c6c-d5d57b80f781} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{67b3becf-7b6f-42b2-99f0-f7656f89cffa} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{715ffd42-4e05-4eab-9513-c8daa5395ae2} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{759d6f7c-8d30-45b6-abea-fa51c190eed5} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9a4a64a4-a2fb-48fa-9bba-1ac50267695d} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{62906e60-bce2-4e1b-9ed0-8b9042ee15e4} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f9bfa98d-9935-4ea4-a05a-72c7f0778f02} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{cdc73256-a88d-4642-844e-a8f20b76789c} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d1063603-f045-475f-afbc-8cba7d5797fb} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.info (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.info.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.userprofiles (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.userprofiles.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\hotbarsa (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdic (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdic.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdisp (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdisp.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.

Valori di registro infetti:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hotbarsa (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\weatherdpa (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\forceclassiccontrolpanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.

Voci infette nei dati di registro:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Cartelle infette:
C:\Documents and Settings\All Users\Dati applicazioni\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\ShoppingReport\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\ShoppingReport\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\ShoppingReport\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\ShoppingReport\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\ShoppingReport\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\firefox (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\firefox\extensions (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\firefox\extensions\plugins (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Programmi\ShoppingReport\Bin (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Programmi\ShoppingReport\Bin\2.6.79 (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\IESkins (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\HostOI (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\HostOI\dynamic (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\HostOL (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\HostOL\dynamic (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\HostWD (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\HostWD\static (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\HostWD\static\1 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\HostWD\static\2 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\HostWD\static\DownLoad (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\TooltipXML (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\ustat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\Weather (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\Weather\WeatherDPA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\Weather\WeatherDPA\Weather_XML (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\Weather\Weather_XML (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dati applicazioni\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\WeatherDPA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.

File infetti:
C:\Programmi\Hotbar\bin\11.0.175.0\CoreSrv.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\HostIE.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Programmi\ShoppingReport\Bin\2.6.79\ShoppingReport.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{5F5955DB-614C-4804-AFC7-CAFCD64487CB}\RP52\A0063803.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\ShoppingReport\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\ShoppingReport\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\ShoppingReport\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\ShoppingReport\cs\dwld\WhiteList.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\ShoppingReport\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\ShoppingReport\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\ShoppingReport\cs\res1\WhiteList.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\arrow.ico (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\CntntCntr.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\copyright.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\HostOL.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\HotbarSA.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\HotbarSAAX.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\HotbarSADF.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\HotbarSAHook.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\HotbarUninstaller.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\Srv.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\Toolbar.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\Weather.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\WeSkin.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\firefox\extensions\chrome.manifest (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\firefox\extensions\install.rdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\Hotbar\bin\11.0.175.0\firefox\extensions\plugins\npclntax_HotbarSA.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Programmi\ShoppingReport\Uninst.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\1.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\1389152.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\439122.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\498583.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\600583.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\962652.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\domains.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\230333 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\268125 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\278975 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\32137 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\41364 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\564375 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\78328 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\dynamic\ustat\3994.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\ads.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\btntrans.idx (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\btntrans1.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\business_promo.htm (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\buttondir.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\components.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\cursors.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\default.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_511745-514279.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz1.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz10.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz11.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz12.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz13.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz14.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz15.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz16.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz17.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz18.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz19.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz2.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz20.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz3.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz4.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz5.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz6.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz7.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz8.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_bidz9.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_categorize.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_comparison.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_em_PROFL_CA_flow_b_IEB.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_explorer-Mails.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_explorer-people.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_favorites.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_Games.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_Hide.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_hotbarcom.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_Hotmail.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_hsskin.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_jemster.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_jemsterie.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_jemsteruk.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_jobsearch.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_Mails.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_new.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_premium.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_reun.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_ringtones.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_SearchBoxTrapper.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_searchfor.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_searchgo.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_weather.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Default_yellowpages.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_1000.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_2000.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_3000.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_bar.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_bbar1.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_logos.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_other.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\d_icons_weather.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\editblbuttons.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\email-def-511724-548964.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\email-def-511724-9595.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\email-t1-bg.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\gamesmenu.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\gamesMenu.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\hb_ie_menu.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\hotbar-premium-hotbar-premium.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\hotbar-premium.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\hotbar_promo.htm (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\icons2.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\ie_games_icon.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\ie_video.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\keywords.idx (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\keywords1.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\layout.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\linkpathlegal.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\more.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\new_games.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\progress.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\sales_buttons.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\sdfmodifier.xml (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\s_icons_buttons.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\t2_bg.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\theweb.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\top7.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\Top7_theweb.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\tsd_bg.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\1\weathericon.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\ads.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\btntrans.idx (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\btntrans1.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\business_promo.htm (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\buttondir.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\components.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\cursors.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\default.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_511745-514279.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz1.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz10.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz11.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz12.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz13.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz14.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz15.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz16.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz17.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz18.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz19.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz2.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz20.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz3.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz4.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz5.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz6.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz7.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz8.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_bidz9.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_categorize.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_comparison.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_em_PROFL_CA_flow_b_IEB.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_explorer-Mails.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_explorer-people.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_favorites.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_Games.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_Hide.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_hotbarcom.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_Hotmail.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_hsskin.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_jemster.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_jemsterie.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_jemsteruk.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_jobsearch.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_Mails.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_new.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_premium.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_reun.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_ringtones.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_SearchBoxTrapper.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_searchfor.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_searchgo.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_weather.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Default_yellowpages.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\d_icons_buttons_1000.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\d_icons_buttons_2000.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\d_icons_buttons_3000.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\d_icons_buttons_bar.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\d_icons_buttons_bbar1.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\d_icons_buttons_logos.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\d_icons_buttons_other.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\d_icons_weather.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\editblbuttons.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\email-def-511724-548964.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\email-def-511724-9595.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\email-t1-bg.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\gamesmenu.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\gamesMenu.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\hb_ie_menu.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\hotbar-premium-hotbar-premium.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\hotbar-premium.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\hotbar_promo.htm (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\icons2.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\ie_games_icon.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\ie_video.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\keywords.idx (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\keywords1.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\layout.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\linkpathlegal.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\more.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\new_games.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\progress.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\sales_buttons.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\sdfmodifier.xml (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\s_icons_buttons.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\t2_bg.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\theweb.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\top7.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\Top7_theweb.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\tsd_bg.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\2\weathericon.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ads.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\BtnTrans.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\BtnTrans1.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\business_promo.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\buttondir.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\cursors.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\default.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_1000.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_2000.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_3000.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_bar.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_logos.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_other.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_weather.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\editblbuttons.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\email-t1-bg.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\gamesmenu.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\hb_ie_menu.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\hotbar-premium.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\hotbar_promo.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\icons2.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ie_games_icon.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\ie_video.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\keywords.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\keywords1.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\layout.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\linkpathlegal.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\more.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\progress.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\sales_buttons.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\samplegroups2.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\samplegroups2.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\sdfmodifier.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\s_icons_buttons.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\t2_bg.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\top7.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\tsd_bg.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\v3.5\Hotbar\static\DownLoad\weathericon.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\Weather\history (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\Weather\WeatherStartup.xml (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\Weather\WeatherDPA\Links (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\Weather\WeatherDPA\WeatherPreferences (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\Weather\WeatherDPA\Weather_XML\Display (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\Weather\WeatherDPA\Weather_XML\Loading (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\Weather\WeatherDPA\Weather_XML\screen2 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\Weather\Weather_XML\Default (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\Weather\Weather_XML\Genera1 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Windows xp\Dati applicazioni\Hotbar\Weather\Weather_XML\General (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dati applicazioni\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dati applicazioni\HotbarSA\HotbarSAAbout.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dati applicazioni\HotbarSA\HotbarSAau.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dati applicazioni\HotbarSA\HotbarSAEULA.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dati applicazioni\HotbarSA\HotbarSA_kyf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Hotbar\About Hotbar.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Hotbar\Hotbar Customer Support Center.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Hotbar\Hotbar Games!.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Hotbar\Hotbar Uninstall Instructions.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Hotbar\Hotbar Videos!.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Hotbar\Reset Cursor.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Hotbar\Weather.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
Torna in alto
 
paolopa
Inviato: Friday, May 14, 2010 8:32:40 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
ecchecaiser....non ci facciamo mancare nulla eh??!! Angel come ti è stato giustamente consigliato dal buon wolfe sara' meglio che cambiamo l antivirus,e installiamo un firewall che non sia quello di windows che in xp è una vera cioffeca.
Torna in alto
 
susyb
Inviato: Friday, May 14, 2010 8:47:18 PM
Rank: AiutAmico

Iscritto dal : 5/10/2010
Posts: 51
paolopa ha scritto:
ecchecaiser....non ci facciamo mancare nulla eh??!! Angel come ti è stato giustamente consigliato dal buon wolfe sara' meglio che cambiamo l antivirus,e installiamo un firewall che non sia quello di windows che in xp è una vera cioffeca.


ti incollo il log di combofix. come dovrei fare per cambiare l'antivirus senza danni?
grazie

ComboFix 10-05-13.04 - Windows xp 14/05/2010 20.25.21.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.502.112 [GMT 2:00]
Eseguito da: c:\documents and settings\Windows xp\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100514-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((( Files Creati Da 2010-04-14 al 2010-05-14 )))))))))))))))))))))))))))))))))))
.

2010-05-14 11:53 . 2008-04-13 17:13 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-05-14 11:50 . 2010-05-14 11:50 -------- d-----w- c:\programmi\MSXML 4.0
2010-05-13 17:17 . 2010-02-17 12:05 2193664 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-05-13 17:17 . 2010-02-16 19:05 2149888 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-05-13 17:17 . 2010-02-16 19:05 2028032 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-05-13 16:35 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-05-13 16:03 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-05-12 20:09 . 2010-05-12 20:09 388096 ----a-r- c:\documents and settings\Windows xp\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-05-12 20:09 . 2010-05-12 20:09 -------- d-----w- c:\programmi\Trend Micro
2010-05-12 20:07 . 2008-06-14 17:32 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-05-12 20:07 . 2008-06-14 17:32 272768 ------w- c:\windows\system32\drivers\bthport.sys
2010-05-11 19:33 . 2010-05-11 19:39 -------- d-----w- c:\windows\system32\NtmsData
2010-05-11 18:54 . 2010-05-11 18:54 -------- d-----w- c:\programmi\Conduit
2010-05-11 18:54 . 2010-05-11 18:54 -------- d-----w- c:\documents and settings\Windows xp\Impostazioni locali\Dati applicazioni\Conduit
2010-05-11 18:54 . 2010-05-12 16:36 -------- d-----w- c:\documents and settings\Windows xp\Impostazioni locali\Dati applicazioni\Softonic-IT
2010-05-11 18:54 . 2010-05-11 18:54 -------- d-----w- c:\programmi\Softonic-IT
2010-05-11 18:54 . 2010-03-18 18:48 52224 ----a-w- c:\documents and settings\Windows xp\Dati applicazioni\Mozilla\Firefox\Profiles\5cqdkyx6.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}\components\FFExternalAlert.dll
2010-05-11 18:54 . 2010-03-18 18:48 101376 ----a-w- c:\documents and settings\Windows xp\Dati applicazioni\Mozilla\Firefox\Profiles\5cqdkyx6.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}\components\RadioWMPCore.dll
2010-05-11 18:33 . 2010-05-12 16:45 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Yahoo! Companion
2010-05-11 18:33 . 2010-05-11 18:33 -------- d-----w- c:\documents and settings\Windows xp\Dati applicazioni\Yahoo!
2010-05-11 18:33 . 2010-05-11 18:33 -------- d-----w- c:\programmi\Yahoo!
2010-05-11 18:33 . 2010-05-11 20:06 -------- d-----w- c:\programmi\CCleaner
2010-05-11 18:18 . 2006-12-27 22:00 208896 ----a-w- c:\windows\system32\esint7e.dll
2010-05-11 18:18 . 2006-03-09 22:00 3584 ----a-w- c:\windows\system32\eswiaml.dll
2010-05-11 18:18 . 2006-12-27 22:00 66560 ----a-w- c:\windows\system32\eswia7e.dll
2010-05-11 11:45 . 2010-05-11 11:45 -------- d-----w- c:\documents and settings\Windows xp\Dati applicazioni\Malwarebytes
2010-05-11 11:44 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-11 11:44 . 2010-05-11 11:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-05-11 11:44 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-11 11:44 . 2010-05-11 11:44 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-05-07 18:22 . 2008-11-13 06:04 296960 ----a-w- c:\documents and settings\All Users\Dati applicazioni\EPSON\EPSON SX110 Series\Language\0410.E_DIX0RE.DLL
2010-05-07 18:19 . 2010-05-11 18:22 -------- d-----w- c:\documents and settings\Windows xp\Dati applicazioni\Epson
2010-05-07 18:15 . 2010-05-07 18:15 -------- d-----w- c:\documents and settings\LocalService\Menu Avvio
2010-05-07 18:15 . 2009-01-16 04:04 56320 ----a-w- c:\documents and settings\All Users\Dati applicazioni\EPSON\EPSON SX110 Series\Language\0410.E_SBE0B7.DLL
2010-05-07 18:15 . 2007-12-17 22:00 143872 ----a-w- c:\documents and settings\All Users\Dati applicazioni\EPSON\EPW!3 SSRP\E_S40ST7.EXE
2010-05-07 18:15 . 2007-01-11 22:02 113664 ----a-w- c:\documents and settings\All Users\Dati applicazioni\EPSON\EPW!3 SSRP\E_S40RP7.EXE
2010-05-07 18:15 . 2009-01-15 06:04 213504 ----a-w- c:\documents and settings\All Users\Dati applicazioni\EPSON\EPSON SX110 Series\Language\0410.E_DI0FBE.DLL
2010-05-07 18:14 . 2007-12-07 20:01 78848 ----a-w- c:\windows\system32\E_FD4BFBE.DLL
2010-05-07 18:14 . 2008-08-08 20:09 86528 ----a-w- c:\windows\system32\E_FLBFBE.DLL
2010-05-07 18:12 . 2010-05-07 18:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\UDL
2010-05-07 18:05 . 2010-05-07 18:10 -------- d-----w- c:\programmi\Epson Software
2010-05-07 18:02 . 2010-05-07 18:05 -------- d-----w- c:\programmi\ABBYY FineReader 6.0 Sprint
2010-05-07 17:57 . 2010-05-07 17:57 -------- dc----w- c:\windows\system32\DRVSTORE
2010-05-07 17:56 . 2009-04-30 22:00 15872 ----a-w- c:\windows\system32\escdev.dll
2010-05-07 17:56 . 2009-04-30 22:00 128392 ----a-w- c:\windows\system32\esdevapp.exe
2010-05-07 17:56 . 2008-11-16 22:00 342016 ----a-w- c:\windows\system32\eswiaud.dll
2010-05-06 21:43 . 2008-04-13 09:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-05-06 21:43 . 2008-04-13 09:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-05-06 21:32 . 2010-05-07 18:13 -------- d-----w- c:\programmi\epson
2010-05-05 18:02 . 2008-04-13 09:40 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-05-05 18:02 . 2008-04-13 09:40 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys
2010-05-05 18:02 . 2008-04-13 09:41 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-05-05 18:02 . 2008-04-13 09:41 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-05-05 18:01 . 2008-04-13 09:41 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-04-27 19:42 . 2010-04-21 03:27 61712 ----a-w- c:\documents and settings\All Users\Dati applicazioni\BarDiscover\bardiscover121.exe
2010-04-27 19:37 . 2010-04-27 20:48 -------- d-----w- c:\programmi\BarDiscover
2010-04-27 19:37 . 2010-04-27 19:42 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\BarDiscover

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-14 18:06 . 2009-07-04 15:55 -------- d-----w- c:\programmi\M1HS
2010-05-14 12:58 . 2001-08-31 12:00 70964 ----a-w- c:\windows\system32\perfc010.dat
2010-05-14 12:58 . 2001-08-31 12:00 440738 ----a-w- c:\windows\system32\perfh010.dat
2010-05-07 18:14 . 2009-07-08 10:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\EPSON
2010-05-07 18:10 . 2009-07-03 14:24 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-05-05 17:58 . 2010-05-05 17:56 16 ----a-w- c:\documents and settings\Windows xp\Dati applicazioni\qvjsge.dat
2010-04-30 17:45 . 2009-07-19 15:14 -------- d-----w- c:\documents and settings\Windows xp\Dati applicazioni\eMule
2010-04-30 17:45 . 2009-07-03 14:57 -------- d-----w- c:\programmi\eMule
2010-04-13 20:23 . 2010-04-13 20:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DivX
2010-03-30 06:41 . 2009-11-23 14:24 79488 ----a-w- c:\documents and settings\Windows xp\Dati applicazioni\Sun\Java\jre1.6.0_17\gtapi.dll
2010-03-09 11:09 . 2008-04-13 17:13 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-02-24 13:11 . 2008-04-13 10:17 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-22 19:22 . 2009-07-03 14:24 68832 ----a-w- c:\documents and settings\Windows xp\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr
2010-02-17 12:05 . 2008-04-13 16:55 2193664 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:05 . 2008-04-13 18:55 2070528 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-08-06 08:23 . 2009-08-06 08:23 369112 ----a-w- c:\programmi\PrimeCasino.exe
2008-03-31 11:38 . 2008-03-31 11:38 7278 ----a-w- c:\programmi\PrimeCasino.ico
2006-12-11 14:09 . 2006-12-11 14:09 7278 ----a-w- c:\programmi\PrimeScratchCards.ico
2009-12-29 13:08 . 2010-05-04 19:42 433152 ----a-w- c:\programmi\mozilla firefox\components\nsgkff30_meter3.dll
2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\programmi\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\programmi\mozilla firefox\plugins\ssldivx.dll
.

------- Sigcheck -------

[-] 2008-04-27 . D5E120A3BA164D2E7307A6688FEB26B2 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e3393495-8103-46a0-8181-270273eddd60}"= "c:\programmi\Softonic-IT\tbSoft.dll" [2010-03-17 2355224]

[HKEY_CLASSES_ROOT\clsid\{e3393495-8103-46a0-8181-270273eddd60}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e3393495-8103-46a0-8181-270273eddd60}]
2010-03-17 13:45 2355224 ----a-w- c:\programmi\Softonic-IT\tbSoft.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e3393495-8103-46a0-8181-270273eddd60}"= "c:\programmi\Softonic-IT\tbSoft.dll" [2010-03-17 2355224]

[HKEY_CLASSES_ROOT\clsid\{e3393495-8103-46a0-8181-270273eddd60}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E3393495-8103-46A0-8181-270273EDDD60}"= "c:\programmi\Softonic-IT\tbSoft.dll" [2010-03-17 2355224]

[HKEY_CLASSES_ROOT\clsid\{e3393495-8103-46a0-8181-270273eddd60}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY" [X]
"SoundMan"="SOUNDMAN.EXE" [2005-04-15 77824]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-01-23 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-01-23 126976]
"SynTPLpr"="c:\programmi\Synaptics\SynTP\SynTPLpr.exe" [2005-02-04 102490]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2005-02-04 708698]
"ACU"="c:\programmi\Atheros\ACU.exe" [2005-01-31 253952]
"NeroFilterCheck"="c:\programmi\File comuni\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-07-03 148888]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"RemoteControl"="c:\programmi\CyberLink\PowerDVD\PDVDServ.exe" [2006-12-06 69216]
"LanguageShortcut"="c:\programmi\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"NielsenOnline"="c:\programmi\NetRatingsNetSight\NetSight\NielsenOnline.exe" [2009-02-25 45056]
"MobileConnect"="c:\programmi\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2008-11-04 2087424]
"SweetIM"="c:\programmi\SweetIM\Messenger\SweetIM.exe" [2009-12-10 111928]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2008-04-27 123904]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Epson Software\\Event Manager\\EEventManager.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [03/07/2009 16.59.51 114768]
R1 nnrnstdi;nnrnstdi;c:\windows\system32\drivers\nnrnstdi.sys [29/09/2009 21.30.10 15360]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [03/07/2009 16.59.51 20560]
R2 VMCService;Vodafone Mobile Connect Service;c:\programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [04/11/2008 12.39.20 14336]
R3 km_filter;km_filter;c:\windows\system32\drivers\km_filter.sys [29/09/2009 21.30.10 9088]
R3 ONDAUsbDiag;ONDA USB Diagnostics Port;c:\windows\system32\drivers\ONDAUsbDiag.sys [04/07/2009 17.55.37 92928]
R3 ONDAUsbModem;ONDA USB MODEM DRIVER;c:\windows\system32\drivers\ONDAUsbModem.sys [04/07/2009 17.55.37 92928]
R3 ONDAUsbNmea;ONDA USB NMEA Port;c:\windows\system32\drivers\ONDAusbnmea.sys [04/07/2009 17.55.37 92928]
S4 BarDiscover Service;BarDiscover Service;c:\documents and settings\All Users\Dati applicazioni\BarDiscover\bardiscover121.exe [27/04/2010 21.42.09 61712]
.
Contenuto della cartella 'Scheduled Tasks'

2010-05-13 c:\windows\Tasks\Epson Printer Software Downloader.job
- c:\programmi\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26 09:43]
.
.
------- Scansione supplementare -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Windows xp\Dati applicazioni\Mozilla\Firefox\Profiles\5cqdkyx6.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2530241&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Softonic-IT Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2530241&SearchSource=13
FF - component: c:\documents and settings\Windows xp\Dati applicazioni\Mozilla\Firefox\Profiles\5cqdkyx6.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Windows xp\Dati applicazioni\Mozilla\Firefox\Profiles\5cqdkyx6.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Windows xp\Dati applicazioni\Mozilla\Firefox\Profiles\5cqdkyx6.default\extensions\{f08a1f0d-a1bc-4d74-9dea-dc3afa7d5c71}\components\FFExternalAlert.dll
FF - component: c:\programmi\Mozilla Firefox\components\nsgkff30_meter3.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-14 20:29
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\programmi\CyberLink\PowerDVD\000.fcl"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(612)
c:\windows\System32\BCMLogon.dll

- - - - - - - > 'explorer.exe'(1012)
c:\windows\system32\ieframe.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
Ora fine scansione: 2010-05-14 20:31:42
ComboFix-quarantined-files.txt 2010-05-14 18:31
ComboFix2.txt 2010-05-14 18:18

Pre-Run: 32.672.235.520 byte disponibili
Post-Run: 32.662.183.936 byte disponibili

- - End Of File - - 156A7D5291FA28E5E6F300FEB02EC949
Torna in alto
 
paolopa
Inviato: Friday, May 14, 2010 8:58:02 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
per l antivirus e il firewall guarda nella homepage di aiutamici,clicchi sulla finestra dove c è scritto software,vedrai che a sinistra si apre un menu a tendina,clicchi su sicurezza,poi antivirus ,e guardi nelle varie schede con le istruzioni e le spiegazioni quello che fa di piu' al caso tuo(io mi trovo bene con avira,che pero' non scansiona le email)stessa cosa con il firewall.ti scarichi gli installer,ti disconnetti da internet,disabiliti l antivirus,disinstalli l antivirus,installi antivirus e firewall e ti ricolleghi,e la prima cosa che fai è aggiornare l antivirus che hai installato.prima pero' elimina questo :vai in risorse del computer,discoC,Documents and Settings\All Users\Dati applicazioni\BarDiscover\bardiscover121.exe click col dx scegli elimina e svuota il cestino.poi postami un log di hijack
Torna in alto
 
paolopa
Inviato: Friday, May 14, 2010 9:12:56 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
se avessi difficolta' a disinstallare avast col suo disinstallatore,puoi usare questo tool:http://avast-uninstall-utility.softonic.it/
Torna in alto
 
susyb
Inviato: Friday, May 14, 2010 9:56:56 PM
Rank: AiutAmico

Iscritto dal : 5/10/2010
Posts: 51
infatti ho avuto difficoltà , solo che neanche con l'altro programma ci riesco. L'ho installato, poi pigiato su esegui etc, ma al momento di avviarlo compare un'icona e quel suono fastidioso che mi impedisce di portare a termine l'operazione
Torna in alto
 
paolopa
Inviato: Friday, May 14, 2010 10:02:15 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
l hai disattivato l antivirus prima di provare a disinstallarlo?puoi provare con questo programma.se clicchi su usb non serve neppure installarlo http://www.aiutamici.com/software?ID=80254 leggi attentamente le istruzioni,e mi raccomandodi non navigare senza antivirus.
Torna in alto
 
Utenti presenti in questo topic
Guest

6 pages: [1] 2 3 4 5 6

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » PROBLEMA DI AVVIO COMPUTER PORTATILE


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.