controllo log di hijackthis - Sicurezza VIRUS

Benvenuto Ospite

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » controllo log di hijackthis

controllo log di hijackthis

Opzioni

Topic Precedente · Topic Sucessivo

carmine1965

Inviato: Tuesday, May 25, 2010 11:15:33 PM

Rank: Member

Iscritto dal : 5/5/2010
Posts: 14

ecLogfile di Trend Micro HijackThis v2.0.2
Scansione salvato 23:05:33, sulla 25/05/2010
Piattaforma: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

processi in esecuzione:
C: \ Windows \ system32 \ dwm.exe
C: \ Windows \ Explorer.EXE
C: \ Windows \ System32 taskeng.exe \
C: \ Program Files \ Avira \ AntiVir Desktop avgnt.exe \
C: \ Programmi \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe
C: \ Program Files \ Windows Media Player wmpnscfg.exe \
C: \ Windows \ system32 \ WBEM \ Unsecapp.exe
C: \ Programmi \ Internet Explorer \ iexplore.exe
C: \ Programmi \ Internet Explorer \ iexplore.exe
C: \ Programmi \ Google \ Google Toolbar \ GoogleToolbarUser_32.exe
C: \ Windows \ system32 \ Macromed \ Flash \ FlashUtil10e.exe
C: \ Users \ Coccola \ Downloads \ HiJackThis \ HijackThis.exe

% S R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw = = & tbid = 60.076
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.it/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://it.intl.acer.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347
R0 - \ Software HKCU \ Toolbar \ Microsoft \ Internet Explorer, LinksFolderName =
O1 - Hosts::: 1 localhost
O2 - BHO: (no name) - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - (no file)
O2 - BHO: Supporto di Collegamento per Adobe PDF Reader - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre6 \ bin \ ssv.dll
O2 - BHO: Guida per l'acces un Windows Live ID - (9030D464-4C02, 4ABF-8ECC-5164760863C6) - C: \ Programmi \ File comuni \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8.333-CF10577473F7) - C: \ Programmi \ Google \ Google Toolbar \ GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4.638-B6FA-CE66B5AD205D) - C: \ Programmi \ Google \ GoogleToolbarNotifier \ 5.5.5126.1836 \ swg.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435B-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: Class EpsonToolBandKicker - (E99421FB-68DD-40F0-B4AC-B7027CAE2F1A) - C: \ Programmi \ EPSON \ EPSON Web-To-Page \ EPSON Web-To-Page.dll
O3 - Toolbar: Acer eDataSecurity Management - (5CBE3B7C-1E47-477e-A7DD-396DB0476E29) - C: \ Windows \ system32 \ eDStoolbar.dll
O3 - Toolbar: (no name) - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
Toolbar O3 -: EPSON Web-To-Page - (EE5D279F-081B-4.404-994D-C6B60AAEBA6D) - C: \ Programmi \ EPSON \ EPSON Web-To-Page \ EPSON Web-To-Page.dll
O3 - Toolbar: Veoh Web Player Finder Video - (0FBB9689-D3D7-4f7a-A2E2-585B10099BFC) - C: \ Programmi \ Veoh Networks \ VeohWebPlayer \ VeohIEToolbar.dll
O3 - Toolbar: Google Toolbar - (2318C2B1-4.965-11D4-9B18-009027A5CD4F) - C: \ Programmi \ Google \ Google Toolbar \ GoogleToolbar_32.dll
O4 - HKLM \ .. Run \: [] ARM Adobe "C: \ Programmi \ File comuni \ Adobe \ ARM \ 1.0 AdobeARM.exe \"
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ msascui.exe-hide
O4 - HKLM \ .. \ Run:] avgnt ["C: \ Program Files \ Avira \ AntiVir Desktop avgnt.exe \" / min
O4 - HKLM \ .. \ RunOnce: [Malwarebytes 'Anti-Malware] C: \ Programmi \ Malwarebytes' Anti-Malware mbamgui.exe \ / install / silent
O4 - HKCU \ .. Run \: [] SWG "C: \ Programmi \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe"
O4 - HKCU \ .. Run \: [] WMPNSCFG C: \ Programmi \ Windows Media Player \ wmpnscfg.exe
O4 - HKUS \ S-1-5-18 \ .. \ Run: [] (User 'SYSTEM')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [] StartCCC C: \ Programmi \ ATI Technologies \ ATI.ACE \ CLIStart.exe \ Core-Static (User 'SYSTEM')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Tour] Acer Promemoria C: Acer \ \ AcerTour \ Reminder.exe (SYSTEM 'utente')
O4 - HKUS \. DEFAULT \ .. \ Run: [] (utente predefinito 'utente')
O8 - elemento di contesto extra menu: E & sporta in Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ EXCEL.EXE/3000
O8 - elemento di contesto extra menu: Google Sidewiki ... - Res: / / C: \ Programmi \ Google \ Google Toolbar Component \ GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html \
O9 - Extra pulsante: Invia uno OneNote - (2670000A-7.350-8.081-4f3c-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I & nvia uno OneNote - (2670000A-7.350-8.081-4f3c-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ ONBttnIE.dll
O9 - Pulsante extra: (no name) - (-85d1f590 48f4-11d9-9.669-0800200c9a66) - C: \ Windows bdoscandel.exe \
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - (85d1f590-48f4-11d9-9.669-0800200c9a66) - C: \ Windows bdoscandel.exe \
O9 - Pulsante extra: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ REFIEBAR.DLL
Ø13 - Gopher Prefix:
O16 - DPF: (7530BFB8-7.293-4D34-9923-61A11451AFC5) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: (9191F686-7F0A-441d-8A98-2FE3AC1BD913) (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: (A27C56D2-3F58-4ABB-AA31-1168EDA6636F) (PCMaticVer Class) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
O16 - DPF: (E2883E8F-472F-4FB0-9.522-AC9BF37916A7) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - proprietario Unknown - C: \ Acer \ Empowering Technology \ ePerformance \ MemCheck.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C: \ Program Files \ Avira \ AntiVir Desktop sched.exe \
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C: \ Program Files \ Avira \ AntiVir Desktop avguard.exe \
O23 - Service: Ati esterno Event Utility - ATI Technologies Inc. - C: \ Windows \ system32 \ Ati2evxx.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C: \ Acer \ Empowering Technology \ eDataSecurity eDSService.exe \
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C: \ Acer \ Empowering Technology \ eRecovery eRecoveryService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C: \ Programmi \ Google \ Update \ GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C: \ Programmi \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
Servizio O23 -: Direct Disc Labeling LightScribeService Service (LightScribeService) - Hewlett-Packard Company - C: \ Programmi \ File comuni \ LightScribe \ LSSrvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C: \ Programmi \ Spyware Terminator sp_rsser.exe \
O23 - Service: Utilità di PIANIFICAZIONE di LiveUpdate Automatico - proprietario Unknown - C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe (file missing)

-
Fine del file - 7.545 byte
Il logo co di HijackThis potete controllare se il se c'e Qualcosa di anomalo. Grazie.

Torna in alto

Sponsor

Inviato: Tuesday, May 25, 2010 11:15:33 PM

Torna in alto

a.roselli

Inviato: Wednesday, May 26, 2010 1:38:50 AM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,055

Scarica l'ultima versione di Hijack e mandaci un nuovo log

http://software.aiutamici.com/software?ID=11175

alfonso_aiutamici@hotmail.it

Torna in alto

paolopa

Inviato: Wednesday, May 26, 2010 6:28:16 AM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777

carmine,non aprire nuove discussioni per il solito problema,continua su questa.un utente che ti leggesse qua ti consiglierebbe magari una scansione con malwarebytes,che hai gia fatto,ma lui non lo saprebbe...lo dico solo per accorciare i tempi di intervento.a proposito:hai aggiornato mbam prima della scansione?hai fatto la scansione completa?segui il consiglio di alfonso qua sopra.

Torna in alto

peppe9999

Inviato: Wednesday, May 26, 2010 11:50:05 PM

Rank: Newbie

Iscritto dal : 5/26/2010
Posts: 3

salve ragazzi potete controllarmi questo log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:51:00, on 26/05/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\SysWOW64\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0410&m=imedia_s3712&r=173612097206p0325v165y48l2122q
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0410&m=imedia_s3712&r=173612097206p0325v165y48l2122q
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0410&m=imedia_s3712&r=173612097206p0325v165y48l2122q
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files (x86)\Automated Content Enhancer\4.1.0.5260\ACEIEAddOn.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files (x86)\Customized Platform Advancer\4.1.0.1850\CPAIEAddOn.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files (x86)\Content Management Wizard\1.1.0.1990\CMWIE.dll
O2 - BHO: Textual Content Provider - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files (x86)\Textual Content Provider\1.1.0.1810\TCPIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files (x86)\Web Search Operator\4.1.0.1990\wso.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [PhoneDaemon] C:\Users\Peppe\Desktop\iPhone PC Suite\PhoneDaemon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} (FBootloaderAX) - http://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\SysWOW64\drivers\pclepci.sys
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11445 bytes

Torna in alto

paolopa

Inviato: Thursday, May 27, 2010 7:13:57 AM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777

@peppe9999:dovresti aprire una discussione tutta tua,altrimenti si genera confusione.il tuo sistema è a 64bit,e hijack non è affidabile,anche se c è una voce che non mi piace.fai una scansione con questo:
Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.aiutamici.com/software?id=80346
Prima di fare la scansione AGGIORNALO. (è molto importante)
Esegui una scansione completa del sistema.
se trova infezioni posta il log che ti rilascera' nella nuova discussione che aprirai,qualcuno ti seguira',io purtroppo di sistemi a 64bit capisco poco e niente.

Torna in alto

carmine1965

Inviato: Friday, May 28, 2010 7:10:01 PM

Rank: Member

Iscritto dal : 5/5/2010
Posts: 14

salve ho fatto la scansione con malwaraebyt ,prima di fare la scansione ho fatto l'aggiornamento ,poiho fatto la scansione sia quella breve che quella lunga risultato niente ora mando il log con lultima versione di hijackthis,spero di averfatto tutto quello che mi avete detto ,comunque grazie

Torna in alto

carmine1965

Inviato: Friday, May 28, 2010 7:20:33 PM

Rank: Member

Iscritto dal : 5/5/2010
Posts: 14

ecco il Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:41:38, on 28/05/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\coccola\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60076
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} (PCMaticVer Class) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

--
End of file - 7606 bytes
log

Torna in alto

paolopa

Inviato: Friday, May 28, 2010 7:36:06 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777

vediamo di andare un po piu' a fondo:
Scarica Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop.

Importante: dopo aver scaricato COMBOFIX chiudi la connessione disabilita il tuo antivirus e
chiudi TUTTI i programmi aperti,(Firewall compreso) e

Doppio click su combofix.exe (comparirà una videata.)

E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix)
tu ignorali.

Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse)
e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.

Torna in alto

carmine1965

Inviato: Sunday, June 06, 2010 12:52:32 PM

Rank: Member

Iscritto dal : 5/5/2010
Posts: 14

salve eccomi scusate il ritardo e doveroso chiedervi il motivo dei ritardi ,( problemi seri di famiglia) comunque vimano il log che ho fatto con combofix ,swe potete dare un occhiata grazie ComboFix 10-06-05.01 - coccola 06/06/2010 12:19:36.2.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.39.1040.18.767.365 [GMT 2:00]
Eseguito da: c:\users\coccola\Desktop\ComboFix.exe
AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
AV: Panda Internet Security 2008 *On-access scanning disabled* (Outdated) {4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0}
FW: Norton AntiVirus *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: Panda Internet Security 2008 *disabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Norton AntiVirus *disabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Panda Internet Security 2008 *disabled* (Outdated) {FE6602D3-1E71-4EBB-B4E3-D1C9CBDAF0A1}
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Creati Da 2010-05-06 al 2010-06-06 )))))))))))))))))))))))))))))))))))
.

2010-06-06 10:28 . 2010-06-06 10:28 -------- d-----w- c:\users\coccola\AppData\Local\temp
2010-06-06 10:28 . 2010-06-06 10:28 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-06-06 10:28 . 2010-06-06 10:28 -------- d-----w- c:\users\michi\AppData\Local\temp
2010-06-06 10:28 . 2010-06-06 10:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-06-04 17:34 . 2010-06-04 17:34 -------- d-----w- c:\program files\Microsoft
2010-06-04 16:30 . 2010-06-04 16:30 -------- d-----w- c:\users\michi\AppData\Local\Apple
2010-06-04 12:13 . 2010-06-04 12:13 -------- d-----w- c:\program files\Microsoft Works
2010-05-28 06:07 . 2010-06-04 16:27 680 ----a-w- c:\users\michi\AppData\Local\d3d9caps.dat
2010-05-28 06:07 . 2010-05-28 06:07 -------- d-----w- c:\users\michi\AppData\Local\VirtualStore
2010-05-26 18:53 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll
2010-05-25 18:12 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-25 18:12 . 2010-05-25 18:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-25 18:12 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-25 16:18 . 2010-05-25 16:18 501872 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbB337.tmp.exe
2010-05-25 15:19 . 2010-05-25 15:19 -------- d-----w- c:\users\coccola\.PhotoBook
2010-05-25 15:19 . 2010-05-25 15:19 -------- d-----w- c:\users\coccola\.digilabs
2010-05-25 15:16 . 2010-05-25 15:17 -------- d-----w- c:\program files\My PhotoBooks
2010-05-25 15:14 . 2010-05-25 16:14 -------- d-----w- c:\users\coccola\AppData\Roaming\Digilabs
2010-05-23 18:01 . 2010-06-05 12:50 1 ----a-w- c:\users\coccola\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-05-23 18:01 . 2010-05-23 18:01 -------- d-----w- c:\users\coccola\AppData\Roaming\OpenOffice.org
2010-05-23 17:25 . 2010-05-23 17:25 -------- d-----w- c:\program files\JRE
2010-05-23 17:24 . 2010-05-23 17:25 -------- d-----w- c:\program files\OpenOffice.org 3
2010-05-20 01:28 . 2010-05-20 01:28 443912 ----a-w- c:\users\coccola\AppData\Roaming\Real\Update\setup3.10\setup.exe
2010-05-19 00:44 . 2010-05-24 08:37 -------- d-----w- c:\users\coccola\AppData\Roaming\Scribus
2010-05-19 00:42 . 2010-05-19 00:44 -------- d-----w- c:\program files\Scribus 1.3.6
2010-05-18 17:40 . 2009-04-11 06:28 800768 ----a-w- c:\windows\system32\_entreelist.dll
2010-05-18 17:40 . 2009-04-11 06:27 1202168 ----a-w- c:\windows\system32\_enviewlist.dll
2010-05-18 17:00 . 2010-05-18 17:00 -------- d-----w- c:\program files\Enigma Software Group
2010-05-18 16:59 . 2010-05-18 17:08 -------- d-----w- c:\windows\61D3AAE1D5214CD7939B37813DE8F955.TMP
2010-05-18 16:59 . 2010-05-28 18:07 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-05-12 01:46 . 2010-01-29 15:40 738816 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-11 10:06 . 2010-05-11 10:08 -------- d-----w- c:\program files\WebSite X5 v8 - Evolution
2010-05-11 10:05 . 1997-01-15 22:00 29696 ----a-w- c:\windows\system32\VB5STKIT.DLL
2010-05-11 10:05 . 2009-03-15 15:35 207872 ----a-w- c:\windows\system32\iwpsetup.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-06 07:35 . 2007-12-22 20:59 1356 ----a-w- c:\users\coccola\AppData\Local\d3d9caps.dat
2010-06-05 12:24 . 2006-11-06 01:45 661860 ----a-w- c:\windows\system32\perfh010.dat
2010-06-05 12:24 . 2006-11-06 01:45 119742 ----a-w- c:\windows\system32\perfc010.dat
2010-06-04 12:13 . 2007-05-06 13:56 -------- d-----w- c:\programdata\Microsoft Help
2010-06-04 11:35 . 2009-04-06 02:59 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-28 18:08 . 2010-04-19 17:13 -------- d-----w- c:\program files\Panda Security
2010-05-24 16:40 . 2007-12-22 16:13 77336 ----a-w- c:\users\coccola\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-20 02:38 . 2008-12-13 23:51 -------- d-----w- c:\program files\Common Files\Real
2010-05-18 21:10 . 2010-02-16 18:28 50354 ----a-w- c:\users\coccola\AppData\Roaming\Facebook\uninstall.exe
2010-05-18 21:10 . 2010-02-16 18:28 -------- d-----w- c:\users\coccola\AppData\Roaming\Facebook
2010-05-14 15:09 . 2010-04-13 14:49 -------- d-----w- c:\program files\PCPitstop
2010-05-14 15:06 . 2009-08-23 20:56 -------- d-----w- c:\users\coccola\AppData\Roaming\Uniblue
2010-05-13 13:09 . 2008-03-20 15:56 -------- d-----w- c:\program files\Google
2010-05-12 18:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-05-12 09:21 . 2009-10-02 18:10 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-05 19:22 . 2008-09-06 11:15 -------- d-----w- c:\program files\Java
2010-05-05 19:22 . 2008-09-06 11:14 -------- d-----w- c:\program files\Common Files\Java
2010-05-05 08:10 . 2010-04-30 19:07 -------- d-----w- c:\program files\a-squared Anti-Malware
2010-05-02 14:22 . 2010-05-02 14:22 -------- d-----w- c:\program files\Burn4Free
2010-04-23 14:58 . 2007-12-26 16:55 -------- d-----w- c:\program files\ccleaner
2010-04-20 17:13 . 2010-04-20 17:02 -------- d-----w- c:\users\coccola\AppData\Roaming\FreeFixer
2010-04-20 16:19 . 2010-02-06 13:54 -------- d-----w- c:\users\coccola\AppData\Roaming\Spyware Terminator
2010-04-20 16:19 . 2010-02-06 13:54 -------- d-----w- c:\program files\Spyware Terminator
2010-04-20 14:10 . 2010-04-20 08:25 -------- d-----w- c:\users\coccola\AppData\Roaming\SUPERAntiSpyware.com
2010-04-20 14:10 . 2010-04-20 08:25 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-04-20 13:53 . 2010-02-06 13:54 -------- d-----w- c:\programdata\Spyware Terminator
2010-04-20 10:51 . 2008-03-20 16:04 -------- d-----w- c:\program files\Common Files\Adobe
2010-04-20 08:25 . 2010-04-20 08:25 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-04-13 14:54 . 2010-04-13 14:49 -------- d-----w- c:\programdata\PCPitstop
.

((((((((((((((((((((((((((((( SnapShot@2010-06-05_11.07.50 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-05-06 13:48 . 2010-06-06 07:37 69842 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2006-11-02 13:02 . 2010-06-05 06:34 72356 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:02 . 2010-06-06 07:37 72356 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2007-12-22 16:48 . 2010-06-04 11:42 14750 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-386902657-4257126248-1374816572-1000_UserData.bin
+ 2007-12-22 16:48 . 2010-06-06 07:37 14750 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-386902657-4257126248-1374816572-1000_UserData.bin
+ 2007-10-12 00:58 . 2010-06-06 07:43 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-10-12 00:58 . 2010-06-05 10:55 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-10-12 00:58 . 2010-06-06 07:43 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2007-10-12 00:58 . 2010-06-05 10:55 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-06-19 16:59 . 2010-06-04 22:59 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-06-19 16:59 . 2010-06-05 17:06 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-06-19 16:59 . 2010-06-05 17:06 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-06-19 16:59 . 2010-06-04 22:59 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-06-19 16:59 . 2010-06-05 17:06 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-06-19 16:59 . 2010-06-04 22:59 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-02-28 21:08 . 2010-06-04 16:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-02-28 21:08 . 2010-06-06 07:35 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-02-28 21:08 . 2010-06-06 07:35 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-02-28 21:08 . 2010-06-04 16:20 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-02-28 21:08 . 2010-06-06 07:35 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-02-28 21:08 . 2010-06-04 16:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2007-12-29 10:14 . 2010-05-27 19:29 92582 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\XviD1_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 92582 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\XviD1_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 92582 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\MPEGOLD4_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 92582 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\MPEGOLD4_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 92582 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\MPEGOLD11_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 92582 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\MPEGOLD11_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 92582 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\MPEGOLD1_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 92582 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\MPEGOLD1_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 26694 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\MOVdefaults1_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 26694 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\MOVdefaults1_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 26694 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\MOVdefaults_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 26694 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\MOVdefaults_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 26694 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\HaaliDefaults_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 26694 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\HaaliDefaults_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 61440 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\Haali_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 61440 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\Haali_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 40960 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ffdshowraw_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 40960 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ffdshowraw_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 26694 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ffdshowON_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 26694 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ffdshowON_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 26694 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ffdshowOFF_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 26694 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ffdshowOFF_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 53248 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ffdshowencoder_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 53248 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ffdshowencoder_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 53248 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ffdshowdecoder_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 53248 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ffdshowdecoder_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 53248 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ffdshowaudio_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 53248 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ffdshowaudio_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 26694 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\enableCAMmov_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 26694 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\enableCAMmov_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 26694 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\Donate_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 26694 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\Donate_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2010-06-05 06:32 . 2010-06-05 09:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-06-06 07:35 . 2010-06-06 07:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-06-06 07:35 . 2010-06-06 07:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2010-06-05 06:32 . 2010-06-05 09:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2007-12-29 10:14 . 2010-06-05 13:41 7406 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\XviD_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 7406 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\XviD_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 7406 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\vobsub238_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 7406 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\vobsub238_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 7406 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\DXvid_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 7406 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\DXvid_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2006-11-02 10:33 . 2010-06-05 12:24 586568 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-05-29 20:33 586568 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-05-29 20:33 100640 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2010-06-05 12:24 100640 c:\windows\System32\perfc009.dat
+ 2009-06-18 13:18 . 2010-06-05 17:28 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-06-18 13:18 . 2010-06-02 17:14 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2007-10-12 00:58 . 2010-06-05 10:55 114688 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-10-12 00:58 . 2010-06-06 07:43 114688 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-08 22:54 . 2010-06-05 16:15 545176 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2007-12-29 10:14 . 2010-05-27 19:29 280054 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\reset.exe1_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 280054 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\reset.exe1_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 161862 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\reset.exe_F9FD80CE04484D4F8BCD77FC514C3F99.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 161862 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\reset.exe_F9FD80CE04484D4F8BCD77FC514C3F99.exe
+ 2007-12-29 10:14 . 2010-06-05 13:41 280054 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ARPPRODUCTICON.exe
- 2007-12-29 10:14 . 2010-05-27 19:29 280054 c:\windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ARPPRODUCTICON.exe
+ 2006-10-07 10:18 . 2006-10-07 10:18 185952 c:\windows\Installer\$PatchCache$\Managed\EC08DF9F8440F4D4B8DC77CF15C4F399\4.5.5\rmoc3260.dll
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-13 39408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^coccola^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\coccola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-03-24 18:17 952768 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-02 18:05 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
2009-03-02 11:08 209153 ----a-w- c:\program files\Avira\AntiVir Desktop\avgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2007-02-06 22:04 464168 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-04-29 13:39 437584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
2010-02-06 13:54 3037696 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-05-13 13:09 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
2008-11-03 22:45 3522296 ----a-w- c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):06,f5,23,f8,37,12,ca,01

R2 gupdate;Servizio di Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-13 136176]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-02-06 142592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenuto della cartella 'Scheduled Tasks'

2010-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-13 13:09]

2010-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-13 13:09]

2010-06-06 c:\windows\Tasks\User_Feed_Synchronization-{91DC4126-BAA4-49B0-B20D-EEED6E29E8FC}.job
- c:\windows\system32\msfeedssync.exe [2010-03-31 04:54]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
Trusted Zone: humyo.com\www
DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-06 12:28
Windows 6.0.6002 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\ACD Systems\ACDSee\90\BurnBasket\Columns]
@DACL=(02 0000)
"ColCount"=dword:00000007
"SortFieldTag"=dword:00000004
"Sort00"=dword:7c22002f
"Column00Tag"=dword:00000004
"Column00Group"=dword:00000001
"Column00Width"=dword:00000064
"Sort01"=dword:0000000b
"Column01Tag"=dword:00000009
"Column01Group"=dword:00000001
"Column01Width"=dword:00000064
"Sort02"=dword:0000000b
"Column02Tag"=dword:00000028
"Column02Group"=dword:00000003
"Column02Width"=dword:00000064
"Sort03"=dword:00000000
"Column03Tag"=dword:0000000a
"Column03Group"=dword:00000001
"Column03Width"=dword:00000064
"Sort04"=dword:7275425c
"Column04Tag"=dword:0000002b
"Column04Group"=dword:00000003
"Column04Width"=dword:00000064
"Sort05"=dword:7361426e
"Column05Tag"=dword:00000013
"Column05Group"=dword:00000002
"Column05Width"=dword:00000064
"Sort06"=dword:0074656b
"Column06Tag"=dword:00000015
"Column06Group"=dword:00000002
"Column06Width"=dword:00000064

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\ACD Systems\ACDSee\90\BurnBasket\TPColumns]
@DACL=(02 0000)
"Column00Width"=dword:00000064
"Column01Width"=dword:00000064
"Column02Width"=dword:00000064
"Column03Width"=dword:00000064
"Column04Width"=dword:00000064
"Column05Width"=dword:00000064
"Column06Width"=dword:00000064

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\ALWIL Software\Avast]
@DACL=(02 0000)

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\F-Secure\GKH]
@DACL=(02 0000)

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.032"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ani"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bay"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bmp"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bw"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cr2"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.crw"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cs1"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cur"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dcr"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dcx"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dib"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.djv"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.djvu"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dng"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.emf"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.eps"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.erf"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fff"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fpx"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.gif"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.icl"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.icn"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ico"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.iff"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ilbm"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.int"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.inta"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.iw4"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.j2c"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.j2k"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jfif"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jif"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jp2"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpc"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpe"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpeg"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpg"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpk"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpx"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.lbm"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mos"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mrw"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.nef"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.orf"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pbm"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pcd"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pct"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pcx"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pef"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pgm"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pic"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pict"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pix"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.png"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ppm"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.psd"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.psp"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.raf"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ras"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.raw"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rgb"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rgba"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rle"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rsb"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sgi"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sr2"

[HKEY_USERS\S-1-5-21-386902657-4257126248-1374816572-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.srf"

[HKEY_LOCAL_MACHINE\SOFTWARE\ESET\Setup]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\SOFTWARE\LaSchedina.com\Zeta lotto DEMO]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\SOFTWARE\Lottobit.com\Banco lotto]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\SOFTWARE\Poikosoft\Easy CD-DA Extractor 11]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\SOFTWARE\SmartDraw.com\SmartDraw]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\SOFTWARE\TRUST\TRUST 120 SPACEC@M]
@DACL=(02 0000)
.
Ora fine scansione: 2010-06-06 12:32:30
ComboFix-quarantined-files.txt 2010-06-06 10:32
ComboFix2.txt 2010-06-05 11:11

Pre-Run: 4.861.984.768 byte disponibili
Post-Run: 4.836.208.640 byte disponibili

- - End Of File - - 348D11283410240909A8BE9AA6347D3B

Torna in alto

paolopa

Inviato: Sunday, June 06, 2010 4:42:15 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777

aspetta che te lo analizzi r16.

Torna in alto

r16

Inviato: Sunday, June 06, 2010 7:43:31 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Ciao carmine1965 .
Domanda:
Che problemi ha il pc?
Disistalla i "rimasugli" del Norton con questo Tool:
http://www.aiutamici.com/software?ID=11273

Torna in alto

Utenti presenti in questo topic

Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » controllo log di hijackthis

Salta al Forum

Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Invia topic via Email

RSS Feed

Watch this topic

Stampa topic

Normale

Threaded