Oggi un mio amico mi ha portato il suo netbook con un curioso problema, i caratteri sullo schermo sono completamente illeggibili, un po' come visitare una pagina web in giapponese senza le lingue di supporto: si visualizzano solo tanti quadratini , tiangoli, pallini....Qualsiasi carattere viene rimpiazzato: la scritta sul memù start, nella barra del titolo e delle applicazioni e in qualsiasi altro programma o tool di Windows.
Aiutandomi col mio PC sono andato nelle impostazioni internazionali e della lingua ed ho ripristinato i valori di default, ma nulla è cambiato....
Mi è allora tornato in mente il primo pensiero che mi era passato per la testa: un malware.
Avira non rileva nulla. Combofix ha eliminato qualcosa, ed ho evidenziato in grassetto ciò che mi pare sospetto nel log, che posto assieme a quello di HJT:
ComboFix 10-06-02.04 - GIOVANNI 03/06/2010 18.49.11.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1014.420 [GMT 2:00]
Eseguito da: d:\pulizia\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {00000002-0002-0000-7C25-9E7C08000A00}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000023_.tmp.dll
c:\windows\system32\_000024_.tmp.dll
c:\windows\system32\_000025_.tmp.dll
c:\windows\system32\_000026_.tmp.dll
.
((((((((((((((((((((((((( Files Creati Da 2010-05-03 al 2010-06-03 )))))))))))))))))))))))))))))))))))
.
2010-06-03 14:51 . 2010-06-03 14:51 -------- d-----w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\Temp
2010-06-03 14:51 . 2010-06-03 14:51 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\SMART Technologies Inc
2010-06-03 14:51 . 2010-06-03 14:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\CyberLink
2010-06-03 14:28 . 2008-04-14 12:00 2560 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\USMT\iconlib.dll
2010-06-01 14:28 . 2010-06-01 14:28 -------- d-----w- c:\windows\system32\wbem\Repository
2010-05-30 10:47 . 2010-05-30 10:47 -------- d-----w- c:\programmi\TeamViewer
2010-05-30 10:42 . 2010-06-03 14:52 -------- d-----w- c:\programmi\Adobe(2)
2010-05-29 21:43 . 2010-05-29 21:43 -------- d-----w- c:\documents and settings\Rosso1\Impostazioni locali\Dati applicazioni\Mozilla
2010-05-29 15:50 . 2010-05-29 15:50 -------- d-----w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\Mozilla
2010-05-29 15:45 . 2010-06-03 14:52 -------- d-----w- c:\programmi\Mozilla Firefox(2)
2010-05-29 14:58 . 2010-05-29 14:58 -------- d-sh--w- c:\documents and settings\GIOVANNI\IECompatCache
2010-05-29 14:58 . 2010-06-03 14:52 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\vlc
2010-05-28 19:38 . 2010-05-28 19:38 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\Apple Computer
2010-05-28 19:38 . 2010-05-28 19:38 -------- d-----w- c:\documents and settings\Rosso1\Impostazioni locali\Dati applicazioni\Apple Computer
2010-05-28 16:09 . 2010-05-28 16:09 56 ---ha-w- c:\windows\system32\ezsidmv.dat2010-05-28 16:09 . 2010-06-03 13:19 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\skypePM
2010-05-28 16:07 . 2010-06-03 14:51 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\Skype
2010-05-28 16:06 . 2010-06-03 14:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2010-05-28 15:04 . 2010-05-28 15:33 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-05-27 13:18 . 2010-05-27 13:18 -------- d-----w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\SMART Technologies Inc
2010-05-27 13:17 . 2010-06-03 14:51 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\CyberLink
2010-05-27 12:31 . 2010-05-28 15:37 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\Apple Computer
2010-05-27 12:31 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-05-27 12:31 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-05-27 12:30 . 2010-05-27 12:30 -------- d-----w- c:\programmi\iPod
2010-05-27 12:30 . 2010-05-27 12:31 -------- d-----w- c:\programmi\iTunes
2010-05-27 12:30 . 2010-05-27 12:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-05-27 12:28 . 2010-05-27 12:29 -------- d-----w- c:\programmi\QuickTime
2010-05-27 12:28 . 2010-05-27 12:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2010-05-27 12:27 . 2010-05-27 12:27 -------- d-----w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\Apple
2010-05-27 12:27 . 2010-05-27 12:27 -------- d-----w- c:\programmi\Apple Software Update
2010-05-27 12:27 . 2010-04-16 06:33 41472 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-05-27 12:27 . 2010-04-16 06:33 3003680 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-05-27 12:26 . 2010-05-27 12:26 -------- d-----w- c:\programmi\Bonjour
2010-05-27 12:25 . 2010-05-28 14:58 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple
2010-05-27 12:25 . 2010-05-27 12:30 -------- d-----w- c:\programmi\File comuni\Apple
2010-05-26 19:42 . 2010-05-26 19:42 503808 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-38fd29dd-n\msvcp71.dll
2010-05-26 19:42 . 2010-05-26 19:42 348160 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-38fd29dd-n\msvcr71.dll
2010-05-26 19:42 . 2010-05-26 19:42 61440 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-43bf3518-n\decora-sse.dll
2010-05-26 19:42 . 2010-05-26 19:42 499712 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-38fd29dd-n\jmc.dll
2010-05-26 19:42 . 2010-05-26 19:42 12800 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-43bf3518-n\decora-d3d.dll
2010-05-26 19:41 . 2010-06-03 14:52 -------- d-----w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\Adobe
2010-05-26 19:27 . 2010-05-26 19:27 348160 ----a-w- c:\documents and settings\GIOVANNI\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2c019995-n\msvcr71.dll
2010-05-26 19:27 . 2010-05-26 19:27 503808 ----a-w- c:\documents and settings\GIOVANNI\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2c019995-n\msvcp71.dll
2010-05-26 19:27 . 2010-05-26 19:27 499712 ----a-w- c:\documents and settings\GIOVANNI\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2c019995-n\jmc.dll
2010-05-26 19:27 . 2010-05-26 19:27 61440 ----a-w- c:\documents and settings\GIOVANNI\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-58456881-n\decora-sse.dll
2010-05-26 19:27 . 2010-05-26 19:27 12800 ----a-w- c:\documents and settings\GIOVANNI\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-58456881-n\decora-d3d.dll
2010-05-26 19:19 . 2010-05-27 12:31 -------- d-----w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\Apple Computer
2010-05-26 19:03 . 2010-05-26 19:03 -------- d-sh--w- c:\documents and settings\GIOVANNI\PrivacIE
2010-05-26 19:03 . 2010-05-26 19:03 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\Yahoo!
2010-05-26 18:38 . 2010-05-26 18:38 -------- d-----w- c:\documents and settings\GIOVANNI\Dati applicazioni\SMART Technologies
2010-05-26 18:38 . 2010-05-26 18:38 -------- d-----w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\S2PC
2010-05-23 14:21 . 2010-05-23 14:21 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\eSobi
2010-05-23 14:04 . 2001-08-30 21:07 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-05-23 14:04 . 2008-04-13 17:13 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-05-23 14:04 . 2008-04-13 09:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-05-23 14:04 . 2008-04-13 09:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-05-22 09:29 . 2010-05-29 21:48 -------- d-----w- c:\programmi\Mozilla Thunderbird
2010-05-22 09:05 . 2010-05-22 09:05 0 ----a-w- c:\windows\nsreg.dat
2010-05-22 09:05 . 2010-05-22 09:29 -------- d-----w- c:\documents and settings\Rosso1\Impostazioni locali\Dati applicazioni\Thunderbird
2010-05-22 09:05 . 2010-05-22 09:05 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\Thunderbird
2010-05-07 07:19 . 2010-05-07 07:19 -------- d-----w- C:\ADOBEPATH
2010-05-07 07:14 . 2003-02-14 17:14 110592 ----a-w- c:\windows\system32\tsccvid.dll
2010-05-07 07:13 . 2010-05-07 07:18 -------- d-----w- c:\programmi\SMART Technologies
2010-05-07 07:12 . 2010-05-07 07:12 -------- d-----w- c:\documents and settings\Rosso1\Impostazioni locali\Dati applicazioni\Downloaded Installations
2010-05-07 06:51 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-05-06 17:40 . 2010-05-06 17:40 -------- d-----w- c:\documents and settings\Rosso1\Impostazioni locali\Dati applicazioni\Identities
2010-05-06 17:35 . 2010-05-06 17:35 -------- d-----w- c:\programmi\Microsoft.NET
2010-05-06 17:32 . 2010-05-06 17:33 -------- d-----w- c:\windows\SHELLNEW
2010-05-06 17:31 . 2010-05-06 17:31 -------- d-----r- C:\MSOCache
2010-05-06 07:01 . 2010-06-03 14:27 -------- d-----w- c:\windows\SxsCaPendDel
2010-05-05 15:51 . 2010-05-05 15:51 -------- d-----w- c:\documents and settings\Rosso1\Impostazioni locali\Dati applicazioni\S2PC
2010-05-05 15:51 . 2008-08-08 01:51 479232 ----a-w- c:\windows\ssndii.exe2010-05-05 15:51 . 2007-08-13 05:59 21776 ----a-w- c:\windows\system32\msxml2a.dll
2010-05-05 15:51 . 2007-08-13 05:59 44544 ----a-w- c:\windows\system32\msxml4a.dll
2010-05-05 15:51 . 2010-05-05 15:51 -------- d-----w- c:\windows\Samsung
2010-05-05 15:51 . 2007-10-22 06:55 41984 ----a-w- c:\windows\system32\drivers\DgivEcp.sys
2010-05-05 15:48 . 2007-10-23 02:53 110592 ----a-r- c:\windows\Wiainst.exe
2010-05-05 15:47 . 2008-01-10 12:29 81920 ------w- c:\windows\system32\ssdevm.dll
2010-05-05 15:47 . 2007-08-13 08:22 49152 ----a-w- c:\windows\system32\Ssusbpn.dll
2010-05-05 15:47 . 2009-02-03 10:08 143872 ----a-w- c:\windows\system32\SaXPWIA.dll
2010-05-05 15:47 . 2009-02-03 10:08 138240 ----a-w- c:\windows\system32\SaXPUIEx.dll
2010-05-05 15:47 . 2009-02-03 10:08 87552 ----a-w- c:\windows\system32\SaXPSTI.dll
2010-05-05 15:47 . 2009-02-03 10:08 116736 ----a-w- c:\windows\system32\SaXPIPH.dll
2010-05-05 15:47 . 2009-02-03 10:08 139776 ----a-w- c:\windows\system32\SaXPEH.dll
2010-05-05 15:46 . 2007-08-14 01:01 22723 ----a-w- c:\windows\system32\sst1cl3.dll
2010-05-05 15:46 . 2007-08-14 01:00 19968 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\sst1cpc.dll
2010-05-05 15:46 . 2007-08-14 00:59 151552 ----a-w- c:\windows\system32\sst1cci.exe
2010-05-05 15:46 . 2007-08-14 00:59 65536 ----a-w- c:\windows\system32\sst1cci.dll
2010-05-05 15:46 . 2010-05-05 15:46 -------- d-----w- c:\programmi\Samsung
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-03 14:52 . 2010-04-16 16:54 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft
2010-06-03 14:52 . 2010-04-16 16:50 -------- d-----w- c:\programmi\Yahoo!
2010-06-03 14:52 . 2009-07-29 14:03 -------- d-----w- c:\programmi\File comuni\Adobe
2010-06-03 14:49 . 2009-07-29 13:23 -------- d-----w- c:\programmi\Acer GameZone
2010-05-30 13:36 . 2010-05-30 13:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_netaapl_01005.Wdf
2010-05-30 12:39 . 2009-09-23 14:58 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\Temp
2010-05-28 16:11 . 2009-07-29 12:59 -------- d-----w- c:\programmi\Google
2010-05-26 18:39 . 2010-05-26 18:37 69776 ----a-w- c:\documents and settings\GIOVANNI\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-05-23 14:21 . 2009-07-29 14:05 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\eSobi
2010-05-23 14:21 . 2010-04-16 15:49 69776 ----a-w- c:\documents and settings\Rosso1\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-05-23 12:35 . 2009-07-29 13:05 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2010-05-07 09:22 . 2010-04-26 12:36 1 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-05-07 07:15 . 2010-05-03 16:43 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SMART Technologies
2010-05-07 07:14 . 2010-05-02 14:27 -------- d-----w- c:\programmi\File comuni\SMART Technologies
2010-05-07 06:53 . 2009-07-29 13:15 -------- d-----w- c:\programmi\Microsoft Silverlight
2010-05-06 18:36 . 2009-07-29 13:08 -------- d-----w- c:\programmi\Microsoft Works
2010-05-05 18:11 . 2009-07-29 12:55 -------- d-----w- c:\programmi\File comuni\InstallShield
2010-05-05 16:32 . 2009-07-29 20:04 80008 ----a-w- c:\windows\system32\perfc010.dat
2010-05-05 16:32 . 2009-07-29 20:04 480058 ----a-w- c:\windows\system32\perfh010.dat2010-05-05 15:49 . 2009-07-29 12:41 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-05-04 21:18 . 2010-04-16 16:50 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\vlc
2010-05-04 08:32 . 2010-05-03 16:40 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Downloaded Installations
2010-05-04 08:31 . 2010-05-04 08:31 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\SMART Technologies
2010-05-02 14:27 . 2010-05-02 14:27 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\SMART Technologies Inc
2010-04-28 13:45 . 2010-04-28 13:45 73000 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe
2010-04-26 12:36 . 2010-04-26 12:36 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\OpenOffice.org
2010-04-23 17:43 . 2010-04-23 17:43 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\dvdcss
2010-04-16 21:37 . 2010-04-16 21:37 503808 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-742840d4-n\msvcp71.dll
2010-04-16 21:37 . 2010-04-16 21:37 348160 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-742840d4-n\msvcr71.dll
2010-04-16 21:37 . 2010-04-16 21:37 499712 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-742840d4-n\jmc.dll
2010-04-16 21:37 . 2010-04-16 21:37 61440 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7ed9cd7a-n\decora-sse.dll
2010-04-16 21:37 . 2010-04-16 21:37 12800 ----a-w- c:\documents and settings\Rosso1\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7ed9cd7a-n\decora-d3d.dll
2010-04-16 17:40 . 2010-04-16 17:40 -------- d-----w- c:\programmi\MSBuild
2010-04-16 17:40 . 2010-04-16 17:40 -------- d-----w- c:\programmi\Reference Assemblies
2010-04-16 17:09 . 2010-04-16 17:09 -------- d-----w- c:\programmi\JRE
2010-04-16 17:09 . 2010-04-16 17:09 -------- d-----w- c:\programmi\OpenOffice.org 3
2010-04-16 17:08 . 2010-04-16 17:08 -------- d-----w- c:\programmi\File comuni\Java
2010-04-16 17:08 . 2010-04-16 17:08 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-16 17:08 . 2010-04-16 17:08 -------- d-----w- c:\programmi\Java
2010-04-16 17:03 . 2010-04-16 17:03 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-04-16 16:51 . 2010-04-16 16:51 -------- d-----w- c:\programmi\Avira
2010-04-16 16:51 . 2010-04-16 16:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2010-04-16 16:50 . 2010-04-16 16:50 -------- d-----w- c:\programmi\CCleaner
2010-04-16 16:50 . 2010-04-16 16:50 -------- d-----w- c:\documents and settings\Rosso1\Dati applicazioni\Yahoo!
2010-04-16 16:49 . 2010-04-16 16:49 -------- d-----w- c:\programmi\VideoLAN
2010-04-16 16:49 . 2010-04-16 16:49 16 ----a-w- c:\windows\popcinfo.dat
2010-04-16 16:15 . 2010-04-16 16:15 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\SACore
2010-04-16 16:08 . 2009-07-29 10:28 76875 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-16 15:50 . 2009-07-29 14:05 -------- d-----w- c:\programmi\Acer
2010-04-16 12:12 . 2009-07-29 13:26 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McAfee
2010-04-16 12:00 . 2010-04-16 12:00 -------- d-----w- c:\documents and settings\LocalService\Dati applicazioni\SACore
2010-04-08 11:20 . 2010-04-08 11:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 11:20 . 2010-04-08 11:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-03-10 06:15 . 2009-07-29 20:04 420352 ----a-w- c:\windows\system32\vbscript.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProductReg"="c:\programmi\Acer\WR_PopUp\ProductReg.exe" [2009-04-15 135168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\programmi\Launch Manager\LManager.exe" [2009-02-20 817672]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-05-01 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-05-01 354840]
"PersistenceThread"="c:\windows\system32\PersistenceThread.exe" [2009-05-01 92696]
"AzMixerSel"="c:\programmi\Realtek\Audio\Drivers\AzMixerSel.exe" [2006-07-17 53248]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2009-02-27 1434920]
"RemoteControl8"="c:\programmi\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-10-17 91432]
"PDVD8LanguageShortcut"="c:\programmi\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-02-27 552960]
"3170 Scan2PC"="c:\windows\Twain_32\Samsung\CLX3170\Scan2pc.exe" [2009-01-30 503808]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Rosso1\Menu Avvio\Programmi\Esecuzione automatica\
OpenOffice.org 3.2.lnk - c:\programmi\OpenOffice.org 3\program\quickstart.exe [2009-12-15 384000]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Acer VCM.lnk - c:\programmi\Acer\Acer VCM\AcerVCM.exe [2009-7-29 565248]
BTTray.lnk - c:\programmi\WIDCOMM\Bluetooth Software\BTTray.exe [2009-6-20 607584]
SMART Board Tools.lnk - c:\programmi\SMART Technologies\SMART Board Drivers\SMARTBoardTools.exe [2009-7-23 10227712]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igdlogin]
2009-04-28 03:44 65536 ----a-w- c:\windows\system32\igdlogin.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 00:38 34672 ----a-w- c:\programmi\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2010-05-28 14:33 30192 ----a-w- c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2008-04-14 12:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-04-28 13:06 142120 ----a-w- c:\programmi\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2008-04-14 12:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2008-04-14 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2008-04-14 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\programmi\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-01-11 13:21 246504 ----a-w- c:\programmi\File comuni\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-04-16 15:50 39408 ----a-w- c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\ScanMgr.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\CLX3170\\Scan2Pc.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\CLX3170\\Sscan2io.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\SMART Technologies\\SMART Board Drivers\\UCGui.exe"=
"c:\\Programmi\\SMART Technologies\\SMART Board Drivers\\SMARTSNMPAgent.exe"=
"c:\\Programmi\\SMART Technologies\\SMART Board Drivers\\UCService.exe"=
"c:\\Programmi\\SMART Technologies\\SMART Board Drivers\\WebServer.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12001:UDP"= 12001:UDP:SMART WebServer Handshake Multicast Port
R2 RS_Service;Raw Socket Service;c:\programmi\Acer\Acer VCM\RS_Service.exe [29/07/2009 16.05.50 237568]
R3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [29/07/2009 14.49.22 5096544]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [16/04/2010 18.17.51 135664]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S2 TeamViewer5;TeamViewer 5;"c:\programmi\TeamViewer\Version5\TeamViewer_Service.exe" -service --> c:\programmi\TeamViewer\Version5\TeamViewer_Service.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29/07/2009 14.55.41 1684736]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\programmi\Google\Google Desktop Search\GoogleDesktop.exe [29/07/2009 14.59.06 30192]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys --> c:\windows\system32\DRIVERS\netaapl.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys --> c:\windows\system32\Drivers\RtsUStor.sys [?]
S3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 SMART SNMP Agent Service;SMART SNMP Agent Service;c:\programmi\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe [23/07/2009 16.57.58 1048576]
S3 SMART Web Server;Server Web SMART;c:\programmi\SMART Technologies\SMART Board Drivers\WebServer.exe [23/07/2009 16.51.42 1245184]
.
Contenuto della cartella 'Scheduled Tasks'
2010-05-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]
2010-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-04-16 16:17]
2010-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-04-16 16:17]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&m=ao751h&r=0xph04108906l0393wuh5w87115714
uInternet Settings,ProxyOverride = *.local
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Invia a Bluetooth - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Invia a periferica &Bluetooth... - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
MSConfigStartUp-Adobe ARM - c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
AddRemove-Mozilla Firefox (3.6.3) - c:\programmi\Mozilla Firefox\uninstall\helper.exe
AddRemove-TeamViewer 5 - c:\programmi\TeamViewer\Version5\uninstall.exe
**************************************************************************
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti:
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'explorer.exe'(432)
c:\windows\system32\WININET.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Avira\AntiVir Desktop\sched.exe
c:\programmi\Avira\AntiVir Desktop\avguard.exe
c:\programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programmi\Bonjour\mDNSResponder.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
c:\windows\system32\wdfmgr.exe
c:\programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\igfxext.exe
.
**************************************************************************
.
Ora fine scansione: 2010-06-03 19:01:40 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-06-03 17:01
Pre-Run: 117.329.862.656 byte disponibili
Post-Run: 118.720.425.984 byte disponibili
- - End Of File - - 20E03924B22B10C7CB43478211F4FC8E
HJT
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19.07.16, on 03/06/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Acer\Acer VCM\RS_Service.exe
C:\Programmi\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\Launch Manager\LManager.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\PersistenceThread.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\WINDOWS\Twain_32\Samsung\CLX3170\Scan2pc.exe
C:\Programmi\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\explorer.exe
D:\Pulizia\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&m=ao751h&r=0xph04108906l0393wuh5w87115714R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Programmi\SMART Technologies\SMART Notebook\NotebookPlugin.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LManager] C:\Programmi\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PersistenceThread] C:\WINDOWS\system32\PersistenceThread.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\Audio\Drivers\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl8] C:\Programmi\CyberLink\PowerDVD8\PDVD8Serv.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] C:\Programmi\CyberLink\PowerDVD8\Language\Language.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [3170 Scan2PC] "C:\WINDOWS\Twain_32\Samsung\CLX3170\Scan2pc.exe"
O4 - HKCU\..\Run: [ProductReg] C:\Programmi\Acer\WR_PopUp\ProductReg.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: SMART Board Tools.lnk = C:\Programmi\SMART Technologies\SMART Board Drivers\SMARTBoardTools.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Invia a Bluetooth - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1273168086640O20 - Winlogon Notify: igdlogin - igdlogin.dll (file missing)
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Programmi\Acer\Acer VCM\RS_Service.exe
O23 - Service: SMART Board Service - SMART Technologies - C:\Programmi\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
O23 - Service: SMART SNMP Agent Service - SMART Technologies ULC - C:\Programmi\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe
O23 - Service: Server Web SMART (SMART Web Server) - Unknown owner - C:\Programmi\SMART Technologies\SMART Board Drivers\WebServer.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - Unknown owner - C:\Programmi\TeamViewer\Version5\TeamViewer_Service.exe (file missing)
--
End of file - 8975 bytes
Grazie mille.
EDIT:
Ora sta facendo la scansione con MBAM, quando avrò a disposizione il PC (forse sabato), eseguirò le indicazioni.
Ciao!
