madonialuca

Utenti
  • Numero contenuti

    837
  • Iscritto

  • Ultima visita

Su madonialuca

  • Livello
    Maniaco
  • Compleanno 05/15/1978

Contact Methods

  • Website URL
    http://

Profile Information

  • Interessi
    lo sport,la tecnologia,la musica.
  1. Di che tipo di attrezzatura avrei di bisogno ??
  2. buongiorno....ecco il mio problema. in ufficio ho un pc collegato via ethernet con un modem alice,a questo collego in tutta tranquillita' si iphone che iphad. poco distante ho un secondo ufficio con un vecchio pc non munito di scheda di rete wifi ma di ingresso ethernet. tramite un secondo modem alice (che ho gia' in possesso) posso collegare il vecchio pc alla rete del modem collegato a internet ?? in parole povere avere un modem che normalmente continua a fare il suo dovere di trasmettere il segnale,e un secondo che lo riceve !!!
  3. quindi in parole povere al momento del ripristino non dovrei piu' riattivare la copia di windows ne reistallare tutti i driver ma sopratutto tuto tornerebbe al momento del salvataggio ????
  4. come li elimino......... ? mi porto sulla directory tasto ddestro e elimono ???? --------------------------------------------------------------- si comunque ho fatto nella maniera piu classica ,che e' anche l'unica che conosco....tasto destro e elimona..... ho reistallato avast e tutto tornato alla normalita'..... grazie mille....... scusami se ancora ti assillo con i miei problemi.... esiste un modo per creare una specie di punto di ripristino ,magari su un dvd,im modo da non avere in caso di attacco alcuna noia... mi spiego meglio,mettiamo il caso che io adesso formatto reistallo tutti i programmi che solitamente uso in modo da avere una macchina pulita...salvo il tutto e al momento di un attacco inserico il dvd torna in dietro e per magia tutto pulito..... ovviamente i file di mio interesse vengono salvati su una periferica esterna.... se e possibile togli una noia a me ,ma anche a te...perche puntualmente verrei a disturbarti. ciao e grazie
  5. ecco anche il secondo.. opss....non mi inserisce l'allegato......... KASPERSKY ONLINE SCANNER 7 REPORT Sunday, November 16, 2008 Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Saturday, November 15, 2008 15:59:11 Records in database: 1386080 Scan settings Scan using the following database extended Scan archives yes Scan mail databases yes Scan area My Computer A:\ C:\ D:\ E:\ Scan statistics Files scanned 76832 Threat name 7 Infected objects 37 Suspicious objects 0 Duration of the scan 01:21:32 File name Threat name Threats count C:\Program Files\BPK\bpk.exe Infected: not-a-virus:Monitor.Win32.Perflogger.f 1 C:\Program Files\BPK\bpkhk.dll Infected: Trojan-Spy.Win32.Perfloger.w 1 C:\Program Files\BPK\bpkr.exe Infected: not-a-virus:Monitor.Win32.Perflogger.f 1 C:\Program Files\BPK\bpkun.exe Infected: not-a-virus:Monitor.Win32.Perflogger.f 1 C:\Program Files\BPK\bpkvw.exe Infected: not-a-virus:Monitor.Win32.Perflogger.f 1 C:\WINDOWS\system32\rinst.exe Infected: not-a-virus:Monitor.Win32.Perflogger.f 1 D:\file internet\scaricone\Mumcode Mumsms v4.16 s60 Symbian Cracked.sis Infected: Trojan-Spy.SymbOS.Kiazh.a 1 D:\file internet\scaricone\OfficeSuite 4 S60 multilanguage.zip Infected: Rootkit.Win32.Agent.ajn 1 D:\file internet\scaricone\OfficeSuite S60 3rd Edition V4.60 v1.4.8.1 cracked.rar Infected: Rootkit.Win32.Agent.ajn 1 D:\LUCHINO\ccc\Nuova cartella\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250.zip Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c 2 D:\LUCHINO\ccc\Nuova cartella\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c 2 D:\LUCHINO\ex c\keylogger attivo\Perfect Keylogger 1.74 Pro Kg(Crack) Excell.zip Infected: Trojan-Spy.Win32.Perfloger.w 5 D:\LUCHINO\ex c\keylogger attivo\Perfect Keylogger 1.74 Pro Kg(Crack) Excell.zip Infected: not-a-virus:Monitor.Win32.Perflogger.d 5 D:\LUCHINO\ex c\keylogger attivo\Perfect Keylogger 1.74 Pro Kg(Crack) Excell.zip Infected: not-a-virus:Monitor.Win32.Perflogger.f 13 D:\RECYCLER\S-1-5-21-448539723-573735546-839522115-1003\Dd1.zip Infected: Trojan-Downloader.Win32.Bagle.afy 1 The selected area was scanned.
  6. ecco il primo....... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:51, on 2008-11-15 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Alcatel\SpeedTouch USB\Dragdiag.exe C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Programmi\Analog Devices\Core\smax4pnp.exe C:\Program Files\ASUS\Six Engine\SixEngine.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Nokia\Nokia PC Suite 7\PCSync2.exe C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Programmi\PC Connectivity Solution\ServiceLayer.exe C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe C:\WINDOWS\system32\wuauclt.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\WinRAR\WinRAR.exe C:\DOCUME~1\PROPRI~1\IMPOST~1\Temp\Rar$EX00.594\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [Diagnostica SpeedTouch USB] "C:\Programmi\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [startCCC] "C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Programmi\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Programmi\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{E0ECDEEE-46F4-4DC1-918B-B94394DE9E0C}: NameServer = 193.70.152.15 193.70.152.25 O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programmi\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe -- End of file - 4642 bytes
  7. MUSA..!! avro fatto bene ??? ecco il risultato e ancora grazie... ComboFix 08-11-13.01 - Proprietario 2008-11-15 16:08:28.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.1551 [GMT 1:00] Eseguito da: c:\documents and settings\Proprietario\Desktop\abc.exe Interruttori di comando utilizzati :: c:\documents and settings\Proprietario\Desktop\CFScript.txt * Creato nuovo punto di ripristino FILE :: c:\windows\imsins.BAK c:\windows\system32\drivers\hctiwfl.sys c:\windows\system32\drivers\srosa2.sys C:\zip.exe . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\imsins.BAK c:\windows\system32\drivers\hctiwfl.sys c:\windows\system32\drivers\srosa2.sys C:\zip.exe . ((((((((((((((((((((((((((((((((((((((( Driver/Servizi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SK9OU0S -------\Service_sK9Ou0s ((((((((((((((((((((((((( Files Creati Da 2008-10-15 al 2008-11-15 ))))))))))))))))))))))))))))))))))) . 2008-11-15 11:22 . 2008-11-15 11:22 <DIR> d-------- c:\programmi\Spybot - Search & Destroy 2008-11-14 22:40 . 2008-11-15 11:22 <DIR> d-------- C:\SDFix 2008-11-14 21:39 . 2008-11-14 21:39 <DIR> d-------- c:\programmi\Trend Micro 2008-11-14 21:31 . 2008-11-15 16:10 0 --a------ c:\windows\system.ini 2008-11-12 19:44 . 2008-11-12 19:44 <DIR> d-------- c:\programmi\File comuni\Adobe Systems Shared 2008-11-12 19:44 . 2008-11-12 19:44 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Adobe Systems 2008-11-12 19:01 . 2008-11-12 19:01 0 --a------ c:\windows\ativpsrm.bin 2008-11-12 19:00 . 2008-11-12 19:00 <DIR> d-------- c:\programmi\Alcatel 2008-11-12 07:22 . 2008-09-04 18:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll 2008-11-12 07:22 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys 2008-11-10 23:18 . 2008-11-10 23:18 <DIR> d-------- C:\ATI 2008-11-10 16:55 . 2008-11-10 16:58 <DIR> d-------- c:\documents and settings\Proprietario\Dati applicazioni\PC Suite 2008-11-10 16:55 . 2008-11-10 16:57 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\PC Suite 2008-11-10 16:52 . 2008-11-10 16:52 <DIR> d-------- c:\programmi\PC Connectivity Solution 2008-11-10 16:52 . 2008-11-10 16:52 <DIR> d-------- c:\programmi\File comuni\PCSuite 2008-11-10 16:52 . 2008-11-10 16:52 <DIR> d-------- c:\programmi\File comuni\Nokia 2008-11-10 16:52 . 2008-11-10 16:52 <DIR> d-------- c:\programmi\DIFX 2008-11-10 16:52 . 2008-05-07 07:39 1,419,232 --a------ c:\windows\system32\wdfcoinstaller01005.dll 2008-11-10 16:52 . 2008-05-07 07:38 659,968 --a------ c:\windows\system32\nmwcdcocls.dll 2008-11-10 16:52 . 2007-09-17 15:53 21,632 --a------ c:\windows\system32\drivers\pccsmcfd.sys 2008-11-10 16:52 . 2008-05-07 07:38 20,864 --a------ c:\windows\system32\drivers\ccdcmbo.sys 2008-11-10 16:52 . 2008-05-07 07:38 17,536 --a------ c:\windows\system32\drivers\ccdcmb.sys 2008-11-10 16:52 . 2008-06-06 09:24 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys 2008-11-10 16:51 . 2008-11-10 16:52 <DIR> d-------- c:\programmi\Nokia 2008-11-10 16:51 . 2008-05-07 07:38 90,624 --a------ c:\windows\system32\nmwcdcls.dll 2008-11-10 16:51 . 2008-11-10 16:51 19 --a------ c:\windows\SoundConverter.INI 2008-11-10 16:50 . 2008-11-10 16:50 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Installations 2008-11-10 12:52 . 2008-11-10 19:54 <DIR> d-------- c:\documents and settings\Proprietario\Dati applicazioni\Nokia 2008-11-10 12:33 . 2008-04-13 19:45 26,112 --a------ c:\windows\system32\drivers\usbser.sys 2008-11-10 12:33 . 2008-04-13 19:45 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys 2008-11-10 12:31 . 2008-11-10 12:31 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-11-10 12:31 . 2008-11-10 12:31 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2008-11-10 12:23 . 2008-11-10 12:23 <DIR> d-------- c:\documents and settings\Proprietario\Phone Browser 2008-11-08 11:00 . 2008-11-08 11:00 17,144 --a------ c:\documents and settings\Proprietario\Dati applicazioni\GDIPFONTCACHEV1.DAT 2008-11-05 18:50 . 2008-11-05 18:52 <DIR> d-------- C:\Nuova cartella 2008-11-02 09:24 . 2008-11-02 09:24 <DIR> d-------- C:\Brolo 2008 da stampare 2008-11-02 09:22 . 2008-10-29 10:25 4,791,544 --a------ C:\Eva Cassidy - Fields of Gold.Mp3 2008-11-02 09:21 . 2008-10-29 09:20 6,660,096 --a------ C:\Take That - Rule The World.mp3 2008-11-02 09:21 . 2008-09-22 12:31 4,003,840 --a------ C:\Alicia Keys - No One(2).mp3 2008-11-01 20:50 . 2008-11-01 20:52 <DIR> d-------- C:\favignana2008 2008-11-01 20:45 . 2008-11-01 20:45 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Office Genuine Advantage 2008-11-01 11:54 . 2008-11-01 11:54 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Minnetonka Audio Software 2008-11-01 11:54 . 2008-11-01 11:54 1,025 --a------ c:\windows\system32\sysprs7.tgz 2008-11-01 11:54 . 2008-11-01 11:54 1,025 --a------ c:\windows\system32\sysprs7.dll 2008-11-01 11:54 . 2008-11-01 11:54 1,025 --a------ c:\windows\system32\clauth2.dll 2008-11-01 11:54 . 2008-11-01 11:54 1,025 --a------ c:\windows\system32\clauth1.dll 2008-11-01 11:54 . 2008-11-01 11:54 219 --a------ c:\windows\system32\lsprst7.tgz 2008-11-01 11:54 . 2008-11-01 11:54 87 --a------ c:\windows\system32\ssprs.tgz 2008-10-30 19:44 . 2008-11-12 19:46 <DIR> d-------- c:\programmi\File comuni\Adobe 2008-10-29 23:50 . 2008-10-29 23:50 <DIR> d-------- c:\programmi\Xvid 2008-10-29 23:50 . 2008-04-27 10:33 765,952 --a------ c:\windows\system32\xvidcore.dll 2008-10-29 23:50 . 2008-04-27 10:35 180,224 --a------ c:\windows\system32\xvidvfw.dll 2008-10-29 23:50 . 2007-06-28 18:55 77,824 --a------ c:\windows\system32\xvid.ax 2008-10-29 23:18 . 2008-10-29 23:20 <DIR> d-------- c:\documents and settings\Proprietario\Dati applicazioni\DivX 2008-10-29 23:17 . 2008-10-29 23:20 <DIR> d-------- c:\programmi\DivX 2008-10-29 20:24 . 2008-10-29 20:24 <DIR> d-------- c:\programmi\Windows Media Connect 2 2008-10-29 20:23 . 2008-10-29 20:23 <DIR> d-------- c:\windows\system32\LogFiles 2008-10-29 20:23 . 2008-11-10 16:58 <DIR> d-------- c:\windows\system32\drivers\UMDF 2008-10-29 20:16 . 2008-10-29 20:16 <DIR> d-------- c:\windows\system32\windows media 2008-10-29 20:16 . 2008-10-29 20:16 <DIR> d--h----- c:\windows\msdownld.tmp 2008-10-29 20:16 . 2008-10-29 20:16 <DIR> d-------- c:\programmi\Windows Media Components 2008-10-29 19:59 . 2008-11-15 00:18 116 --a------ c:\windows\NeroDigital.ini 2008-10-29 19:26 . 2008-10-29 19:26 <DIR> d-------- c:\documents and settings\Proprietario\Dati applicazioni\Ahead 2008-10-29 18:04 . 2008-10-29 18:04 <DIR> d-------- c:\windows\system32\it 2008-10-29 18:04 . 2008-10-29 18:04 <DIR> d-------- c:\windows\system32\bits 2008-10-29 18:04 . 2008-10-29 18:05 <DIR> d-------- c:\windows\ServicePackFiles 2008-10-29 18:04 . 2008-10-29 18:04 <DIR> d-------- c:\windows\l2schemas 2008-10-29 18:00 . 2008-10-29 18:00 <DIR> d-------- c:\windows\EHome 2008-10-29 17:00 . 2008-10-29 23:59 <DIR> d-------- c:\windows\system32\it-it 2008-10-29 16:55 . 2008-10-29 16:55 <DIR> d-------- c:\programmi\MSXML 4.0 2008-10-29 16:34 . 2007-07-30 19:19 271,224 --a------ c:\windows\system32\mucltui.dll 2008-10-29 16:34 . 2007-07-30 19:19 207,736 --a------ c:\windows\system32\muweb.dll 2008-10-29 16:34 . 2007-07-30 19:18 30,072 --a------ c:\windows\system32\mucltui.dll.mui 2008-10-29 12:58 . 2008-10-29 17:26 161,290 --a------ c:\windows\system32\PremierePro2_0Content.dat 2008-10-29 12:58 . 2008-10-29 12:58 82,432 --a------ c:\windows\system32\msxml4r.dll 2008-10-29 12:58 . 2008-09-16 01:14 43,528 --------- c:\windows\system32\drivers\pxhelp20.sys 2008-10-29 12:58 . 2008-10-29 17:26 146 --a------ c:\windows\system32\{57922B53-02D4-4DFC-AC24-A3519DC1F49A}-FunctionContent.dat 2008-10-29 12:25 . 2008-10-29 12:25 <DIR> d-------- c:\programmi\File comuni\Ahead 2008-10-29 12:25 . 2008-10-29 12:25 <DIR> d-------- c:\programmi\Ahead 2008-10-29 12:25 . 2004-07-26 17:16 1,568,768 --------- c:\windows\system32\ImagX7.dll 2008-10-29 12:25 . 2004-07-26 17:16 476,320 --------- c:\windows\system32\ImagXpr7.dll 2008-10-29 12:25 . 2004-07-26 17:16 471,040 --------- c:\windows\system32\ImagXRA7.dll 2008-10-29 12:25 . 2004-07-26 17:16 262,144 --------- c:\windows\system32\ImagXR7.dll 2008-10-29 12:25 . 2001-07-09 11:50 155,648 --a------ c:\windows\system32\NeroCheck.exe 2008-10-29 12:25 . 2004-03-02 17:37 125,184 --------- c:\windows\system32\drivers\imagesrv.sys 2008-10-29 12:25 . 2000-06-26 11:45 106,496 --a------ c:\windows\system32\TwnLib20.dll 2008-10-29 12:25 . 2004-03-02 17:37 5,504 --------- c:\windows\system32\drivers\imagedrv.sys 2008-10-29 12:17 . 2008-10-29 12:17 <DIR> d-------- c:\windows\ShellNew 2008-10-29 10:09 . 2008-10-29 10:09 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus! 2008-10-29 06:49 . 2008-10-29 06:49 <DIR> d-------- c:\programmi\Messenger Plus! Live 2008-10-29 06:43 . 2008-10-29 06:49 <DIR> d-------- c:\documents and settings\Proprietario\Contacts 2008-10-29 06:39 . 2008-10-29 06:43 <DIR> d-------- c:\programmi\Windows Live 2008-10-29 06:39 . 2008-10-29 06:42 <DIR> d--hsc--- c:\programmi\File comuni\WindowsLiveInstaller 2008-10-29 06:39 . 2008-10-29 06:39 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\WLInstaller 2008-10-29 06:30 . 2008-10-29 06:30 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\IM 2008-10-29 06:29 . 2008-10-29 06:29 <DIR> d-------- c:\programmi\IncrediMail 2008-10-29 06:29 . 2008-10-29 06:29 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\IncrediMail 2008-10-28 22:40 . 2008-10-28 22:40 <DIR> d-------- c:\documents and settings\Proprietario\Dati applicazioni\TMP 2008-10-28 22:21 . 2008-10-28 22:21 <DIR> d--hs---- c:\documents and settings\Proprietario\UserData 2008-10-28 22:04 . 2008-10-28 22:04 <DIR> d-------- c:\documents and settings\Proprietario\Dati applicazioni\ATI . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-15 10:56 --------- d-----w c:\programmi\eMule 2008-11-12 18:00 --------- d--h--w c:\programmi\InstallShield Installation Information 2008-11-10 11:18 --------- d-----w c:\programmi\File comuni\InstallShield 2008-10-28 21:44 --------- d-----w c:\programmi\ASUS 2008-10-28 21:40 --------- d-----w c:\programmi\Marvell 2008-10-28 21:29 --------- d-----w c:\programmi\Intel 2008-10-28 21:27 --------- d-----w c:\programmi\Analog Devices 2008-10-28 21:04 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\ATI 2008-10-28 20:54 --------- d-----w c:\programmi\ATI Technologies 2008-10-28 20:54 --------- d-----w c:\programmi\Alwil Software 2008-10-28 20:52 --------- d-----w c:\programmi\File comuni\ATI Technologies 2008-10-28 19:44 --------- d-----w c:\programmi\microsoft frontpage 2008-10-28 19:43 --------- d-----w c:\programmi\Servizi in linea 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys . ((((((((((((((((((((((((((((( snapshot@2008-11-15_11.36.12.82 ))))))))))))))))))))))))))))))))))))))))) . + 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE - 2008-11-15 10:27:09 58,596 ----a-w c:\windows\system32\perfc009.dat + 2008-11-15 10:39:15 58,596 ----a-w c:\windows\system32\perfc009.dat - 2008-11-15 10:27:09 69,568 ----a-w c:\windows\system32\perfc010.dat + 2008-11-15 10:39:15 69,568 ----a-w c:\windows\system32\perfc010.dat - 2008-11-15 10:27:09 392,296 ----a-w c:\windows\system32\perfh009.dat + 2008-11-15 10:39:15 392,296 ----a-w c:\windows\system32\perfh009.dat - 2008-11-15 10:27:09 437,272 ----a-w c:\windows\system32\perfh010.dat + 2008-11-15 10:39:15 437,272 ----a-w c:\windows\system32\perfh010.dat . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "Nokia.PCSync"="c:\programmi\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280] "PC Suite Tray"="c:\programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Diagnostica SpeedTouch USB"="c:\programmi\Alcatel\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816] "StartCCC"="c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-07-16 61440] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-15 81000] "SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2008-03-16 1040384] "Six Engine"="c:\program files\ASUS\Six Engine\SixEngine.exe" [2008-05-14 5958656] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "SpeedTouch USB Diagnostics"="c:\programmi\Alcatel\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Proprietario\Menu Avvio\Programmi\Esecuzione automatica\ Adobe Gamma.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664] c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\ Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Programmi\\eMule\\emule.exe"= "c:\\Programmi\\IncrediMail\\bin\\ImApp.exe"= "c:\\Programmi\\IncrediMail\\bin\\IncMail.exe"= "c:\\Programmi\\IncrediMail\\bin\\ImpCnt.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"= "c:\\Programmi\\Bonjour\\mDNSResponder.exe"= R0 mv61xx;mv61xx;c:\windows\system32\DRIVERS\mv61xx.sys [2008-05-19 150568] R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2008-07-02 89600] S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [ ] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] \Shell\AutoRun\command - D:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea2fa71b-a568-11dd-9be5-806d6172696f}] \Shell\AutoRun\command - e:\.\Bin\Assetup.exe . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-15 16:10:48 Windows 5.1.2600 Service Pack 3 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ************************************************************************** . ------------------------ Altri processi in esecuzione ------------------------ . c:\programmi\Bonjour\mDNSResponder.exe c:\windows\system32\wscntfy.exe c:\programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CCC.exe c:\programmi\PC Connectivity Solution\ServiceLayer.exe c:\programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe c:\programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe c:\programmi\PC Connectivity Solution\Transports\NclRSSrv.exe . ************************************************************************** . Ora fine scansione: 2008-11-15 16:12:00 - macchina è stato riavviato ComboFix-quarantined-files.txt 2008-11-15 15:11:45 ComboFix2.txt 2008-11-15 10:37:43 Pre-Run: 486,459,559,936 byte disponibili Post-Run: 486,406,803,456 byte disponibili WindowsXP-KB310994-SP2-Home-BootDisk-ITA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect 230 --- E O F --- 2008-11-12 18:04:30
  8. grazie mille....... ecco il report....... ComboFix 08-11-13.01 - Proprietario 2008-11-15 11:33:01.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.1728 [GMT 1:00] Interruttori di comando utilizzati :: /killall * Creato nuovo punto di ripristino ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !! . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Proprietario\Dati applicazioni\m c:\documents and settings\Proprietario\Dati applicazioni\m\data.oct c:\documents and settings\Proprietario\Dati applicazioni\m\flec006.exe c:\documents and settings\Proprietario\Dati applicazioni\m\list.oct c:\documents and settings\Proprietario\Dati applicazioni\m\shared\3D Hearts and Flowers 1.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Active Email Monitor 2.FF.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\ActiveX_Easy_Compression_Library_1.00.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Age_of_Empires_III_The_WarChiefs_demo.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Alcyone Ephemeris 2.5.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Anagrams 2.4.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\AT&T_WorldNet_6.2.2.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Auction_Data_Retriever_1.5.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\AV_EAGLE_2.702_Key.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\AVG.Email.Server.Edition-keygen.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Avg.Rescue.Cd.7.5.czip.Archive.20061129.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Axara_AudioConverter_2.4.1_Patch.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Az_Duplicates_2006_2.3.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\B4Failure_4.50.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\BioSeqAnalyzer_1.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Border_Patrol_1.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\CD Art Display 1.0 Preview 3 Build 1.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Chinese_Checkers_Game_1.0.0.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\ClamWin Portable v0.88.5.updt Jan08-2007.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Command_&_Conquer_Generals_-_Lord_of_the_Three_Towers_map.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Company Directory 2.0.1.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\CompanyGate 2006.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\CrossLoop_1.11_Build_20070720164151.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Crysnet_Bandwidth_Manager_1.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\CSS menu beta 8.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\CyberLink_PowerDirector_Premium_5.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\CypherZIP_1.0.0_[Cracked].zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Easy CD-DA Extractor 11.5.2 Build 3.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Eclayer 1.0.1.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Egyptian_Portraits_by_Winifred_Brunton_1.0_[With_Crack].zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Email_Redemption_for_Outlook_1.61_KeyGen.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\EngCalc_(Heat_and_Mass_Transfer)_1.1.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\FaceCode_2.0_[serial].zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\form.suite4.net 1.5.0.2910 [serial].zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Formulator_2.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\FusionDesk Professional Edition 1.1.47.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\GatherInfo_Suite_2006_1.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\GCMNotes 1.3.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\GedFiliations_1.1.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\GeoDataSource_World_Cities_Database_(Gold_Edition)_July_2006.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Ham Club Organizer 1.5.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Handy_Folders_3.0.2.808_(Key+Serial).zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\HandyFind_2.0.4.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Hard Disk Sentinel 2.10.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\HourWorld_Lite_3.1.5.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\HTML-Protector 1.0 Key+Serial.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Html2JavaScript_1.2.5.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\HttpDetect (EffeTech HTTP Sniffer) 4.1.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Inspic 1.5.1.1.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\InvoLOGIC SE 1.1.4.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\IQEdit_4.7.24.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Java_Launcher_3.201.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Jit-dpr_8.5.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Jpeg2000 SDK 1.0 beta.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Kwik_Grader_5.9_(Cracked).zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\LaFemme_Plus_1.02.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Lenogo_iPod_to_PC_Transfer_4.0_(Cracked).zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Light Video Player 1.0.6.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\LingvoSoft Learning PhraseBook 2007 Turkish - Greek 2.2.75.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Lock_and_Hide_Folder_1.2.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Love Calculator Vista Gadget 1.0.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Macromedia_contribute_Desktop_3.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\MatrixShow_ActiveX_2.0_Key+Serial.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\mediate 1.5.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Microsoft 10-184 Practice Test Exam Questions.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Mountain Lake Animated ScreenSaver 5.07.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Movie_Camera_Jigsaw_Puzzle_108pc.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\MS_Powerpoint_Export_To_Multiple_HTML_Files_Software_7.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\MSDict_Concise_Oxford_Spanish_Dictionary_(Symbian_Series_80)_2.40.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\myFavorites_2.1.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\MySQL Remove (Delete, Replace) Text, Spaces & Characters From Fields Software 7.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Naruto_Video_Suite_Pro_3.1.1.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\NeoN Reminder 1.3.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Net Send Lite 2.00.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\NetScope_1.10.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\NetworkActiv Web Server 3.5.16.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\O&O MediaRecovery 4.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Odbc 4 All 2.1.1 (Key).zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\OEM Logo Stamper 2.07.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\OidView_Professional_2.8_[KeyGen].zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\OpenGL_Fireworks_1.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Oracle Monitoring Agent for SysPerf Framework 1.1.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Oxygen_Mobile_ActiveX_Control_3.0_(Serial).zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Password Guru 1.01.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Password_Assistant_2.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\PasswordCreator 1.9.0.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\PosiTweak 1.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\PrivacyWatcher_1.20_Crack.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Programming Editor 1.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\PSI-Plot_8.11a_[Patch].zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\QNote_1.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\QuakeMap 3.6.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Random Name 1.00.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\RolloverFX_2.1_Cracked.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\RSI_KeySwap_1.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\S.C.A.R.S._updated_demo.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Sea Floor Ship Animated Screensaver 3.11.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\SeaSolution 1.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\SecurityVault 1.31.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Sencesa_Free_Flash_Player_1.5.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Simple_Dictionary_Application_1.04.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Smart_PC_4.1_(Patch).zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Soundbase 2007.08.01.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\SpyStopper Pro 5.00.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\SViGio 1.298.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\SWF Lister Lite 1.5.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Takeda_demo.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\The Cooxie Toolbar 1.2.03.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\The Noteable Music Flashcards 5.05.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\The.Hacker.Antivirus.6.1.2007.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Time_Lapse_Recorder_1.1.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\TransLite_Russian-English_Dictionary_8.1.27.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Tree_MDI_3.65.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Ultra Video To Flash Converter 2.0.2007.318 (Crack).zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\uniKode for Tamil 1.00.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\V_-_The_File_Viewer_8.0_[Crack].zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Viper 1.3.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\VoMail 1.02.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\VSCalculator 1.0.2.2.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\WatchHDTV_1.92.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\WebLater_1.3_[serial].zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\WIA-Loader_1.3.3.0.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Windows_Eraser_1.1.2.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\X2Net_Contacts_1.0.0.5.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\Xilisoft_YouTube_to_iPod_Converter_1.0.38.0723_[With_Crack].zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\XMPlay 3.4.2.1.zip c:\documents and settings\Proprietario\Dati applicazioni\m\shared\zCam_Lite_1.3_(KeyGen).zip c:\documents and settings\Proprietario\Dati applicazioni\m\srvlist.oct C:\InfoSat.txt c:\programmi\Windows Live\Messenger\MsnMsgr.exe c:\windows\system32\ban_list.txt c:\windows\system32\drivers\downld c:\windows\system32\drivers\downld\111296.exe c:\windows\system32\drivers\downld\121343.exe c:\windows\system32\drivers\downld\122343.exe c:\windows\system32\drivers\downld\127546.exe c:\windows\system32\drivers\downld\134093.exe c:\windows\system32\drivers\downld\134546.exe c:\windows\system32\drivers\downld\135109.exe c:\windows\system32\drivers\downld\139296.exe c:\windows\system32\drivers\downld\140796.exe c:\windows\system32\drivers\downld\143500.exe c:\windows\system32\drivers\downld\145906.exe c:\windows\system32\drivers\downld\150640.exe c:\windows\system32\drivers\downld\151546.exe c:\windows\system32\drivers\downld\153000.exe c:\windows\system32\drivers\downld\156015.exe c:\windows\system32\drivers\downld\160500.exe c:\windows\system32\drivers\downld\162859.exe c:\windows\system32\drivers\downld\165078.exe c:\windows\system32\drivers\downld\165312.exe c:\windows\system32\drivers\downld\168625.exe c:\windows\system32\drivers\downld\170718.exe c:\windows\system32\drivers\downld\171531.exe c:\windows\system32\drivers\downld\173500.exe c:\windows\system32\drivers\downld\175640.exe c:\windows\system32\drivers\downld\175953.exe c:\windows\system32\drivers\downld\185515.exe c:\windows\system32\drivers\downld\186062.exe c:\windows\system32\drivers\downld\1867875.exe c:\windows\system32\drivers\downld\187031.exe c:\windows\system32\drivers\downld\188156.exe c:\windows\system32\drivers\downld\1894609.exe c:\windows\system32\drivers\downld\1898593.exe c:\windows\system32\drivers\downld\191359.exe c:\windows\system32\drivers\downld\1939437.exe c:\windows\system32\drivers\downld\1942718.exe c:\windows\system32\drivers\downld\1945125.exe c:\windows\system32\drivers\downld\1947515.exe c:\windows\system32\drivers\downld\1957390.exe c:\windows\system32\drivers\downld\196750.exe c:\windows\system32\drivers\downld\197921.exe c:\windows\system32\drivers\downld\1992515.exe c:\windows\system32\drivers\downld\2016093.exe c:\windows\system32\drivers\downld\2016968.exe c:\windows\system32\drivers\downld\2058609.exe c:\windows\system32\drivers\downld\2072640.exe c:\windows\system32\drivers\downld\2080437.exe c:\windows\system32\drivers\downld\212093.exe c:\windows\system32\drivers\downld\212593.exe c:\windows\system32\drivers\downld\221421.exe c:\windows\system32\drivers\downld\223421.exe c:\windows\system32\drivers\downld\226546.exe c:\windows\system32\drivers\downld\230890.exe c:\windows\system32\drivers\downld\231734.exe c:\windows\system32\drivers\downld\233015.exe c:\windows\system32\drivers\downld\234578.exe c:\windows\system32\drivers\downld\235171.exe c:\windows\system32\drivers\downld\238484.exe c:\windows\system32\drivers\downld\240312.exe c:\windows\system32\drivers\downld\246515.exe c:\windows\system32\drivers\downld\246953.exe c:\windows\system32\drivers\downld\250281.exe c:\windows\system32\drivers\downld\252390.exe c:\windows\system32\drivers\downld\255156.exe c:\windows\system32\drivers\downld\255578.exe c:\windows\system32\drivers\downld\263656.exe c:\windows\system32\drivers\downld\263671.exe c:\windows\system32\drivers\downld\266734.exe c:\windows\system32\drivers\downld\268718.exe c:\windows\system32\drivers\downld\270843.exe c:\windows\system32\drivers\downld\271421.exe c:\windows\system32\drivers\downld\276031.exe c:\windows\system32\drivers\downld\282281.exe c:\windows\system32\drivers\downld\290546.exe c:\windows\system32\drivers\downld\292500.exe c:\windows\system32\drivers\downld\294984.exe c:\windows\system32\drivers\downld\300078.exe c:\windows\system32\drivers\downld\304265.exe c:\windows\system32\drivers\downld\309562.exe c:\windows\system32\drivers\downld\311406.exe c:\windows\system32\drivers\downld\314437.exe c:\windows\system32\drivers\downld\315046.exe c:\windows\system32\drivers\downld\332890.exe c:\windows\system32\drivers\downld\333328.exe c:\windows\system32\drivers\downld\351312.exe c:\windows\system32\drivers\downld\360953.exe c:\windows\system32\drivers\downld\368578.exe c:\windows\system32\drivers\downld\372578.exe c:\windows\system32\drivers\downld\381359.exe c:\windows\system32\drivers\downld\388437.exe c:\windows\system32\drivers\downld\407656.exe c:\windows\system32\drivers\downld\417468.exe c:\windows\system32\drivers\downld\418484.exe c:\windows\system32\drivers\downld\452984.exe c:\windows\system32\drivers\downld\467750.exe c:\windows\system32\drivers\downld\471906.exe c:\windows\system32\drivers\downld\474187.exe c:\windows\system32\drivers\downld\476562.exe c:\windows\system32\drivers\downld\481921.exe c:\windows\system32\drivers\downld\516750.exe c:\windows\system32\drivers\downld\540500.exe c:\windows\system32\drivers\downld\540953.exe c:\windows\system32\drivers\srosa.sys c:\windows\system32\drivers\winfilse.exe c:\windows\system32\lsprst7.dll c:\windows\system32\mdelk.exe c:\windows\system32\ssprs.dll c:\windows\system32\wintems.exe D:\Autorun.inf . ((((((((((((((((((((((((((((((((((((((( Driver/Servizi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_SROSA -------\Legacy_SROSA ((((((((((((((((((((((((( Files Creati Da 2008-10-15 al 2008-11-15 ))))))))))))))))))))))))))))))))))) . 2008-11-15 11:22 . 2008-11-15 11:22 <DIR> d-------- c:\programmi\Spybot - Search & Destroy 2008-11-14 23:39 . 2008-11-14 23:39 135,168 --a------ C:\zip.exe 2008-11-14 23:39 . 2008-11-14 23:39 61,440 --a------ c:\windows\system32\drivers\hctiwfl.sys 2008-11-14 23:33 . 2008-11-15 11:24 7,168 --a------ c:\windows\system32\drivers\srosa2.sys 2008-11-14 22:40 . 2008-11-15 11:22 <DIR> d-------- C:\SDFix 2008-11-14 21:39 . 2008-11-14 21:39 <DIR> d-------- c:\programmi\Trend Micro 2008-11-14 21:31 . 2008-11-15 11:35 0 --a------ c:\windows\system.ini 2008-11-12 19:44 . 2008-11-12 19:44 <DIR> d-------- c:\programmi\File comuni\Adobe Systems Shared 2008-11-12 19:44 . 2008-11-12 19:44 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Adobe Systems 2008-11-12 19:03 . 2008-11-12 19:03 1,393 --a------ c:\windows\imsins.BAK 2008-11-12 19:01 . 2008-11-12 19:01 0 --a------ c:\windows\ativpsrm.bin 2008-11-12 19:00 . 2008-11-12 19:00 <DIR> d-------- c:\programmi\Alcatel 2008-11-12 07:22 . 2008-09-04 18:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll 2008-11-12 07:22 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys 2008-11-10 23:18 . 2008-11-10 23:18 <DIR> d-------- C:\ATI 2008-11-10 16:55 . 2008-11-10 16:58 <DIR> d-------- c:\documents and settings\Proprietario\Dati applicazioni\PC Suite 2008-11-10 16:55 . 2008-11-10 16:57 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\PC Suite 2008-11-10 16:52 . 2008-11-10 16:52 <DIR> d-------- c:\programmi\PC Connectivity Solution 2008-11-10 16:52 . 2008-11-10 16:52 <DIR> d-------- c:\programmi\File comuni\PCSuite 2008-11-10 16:52 . 2008-11-10 16:52 <DIR> d-------- c:\programmi\File comuni\Nokia 2008-11-10 16:52 . 2008-11-10 16:52 <DIR> d-------- c:\programmi\DIFX 2008-11-10 16:52 . 2008-05-07 07:39 1,419,232 --a------ c:\windows\system32\wdfcoinstaller01005.dll 2008-11-10 16:52 . 2008-05-07 07:38 659,968 --a------ c:\windows\system32\nmwcdcocls.dll 2008-11-10 16:52 . 2007-09-17 15:53 21,632 --a------ c:\windows\system32\drivers\pccsmcfd.sys 2008-11-10 16:52 . 2008-05-07 07:38 20,864 --a------ c:\windows\system32\drivers\ccdcmbo.sys 2008-11-10 16:52 . 2008-05-07 07:38 17,536 --a------ c:\windows\system32\drivers\ccdcmb.sys 2008-11-10 16:52 . 2008-06-06 09:24 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys 2008-11-10 16:51 . 2008-11-10 16:52 <DIR> d-------- c:\programmi\Nokia 2008-11-10 16:51 . 2008-05-07 07:38 90,624 --a------ c:\windows\system32\nmwcdcls.dll 2008-11-10 16:51 . 2008-11-10 16:51 19 --a------ c:\windows\SoundConverter.INI 2008-11-10 16:50 . 2008-11-10 16:50 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Installations 2008-11-10 12:52 . 2008-11-10 19:54 <DIR> d-------- c:\documents and settings\Proprietario\Dati applicazioni\Nokia 2008-11-10 12:33 . 2008-04-13 19:45 26,112 --a------ c:\windows\system32\drivers\usbser.sys 2008-11-10 12:33 . 2008-04-13 19:45 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys 2008-11-10 12:31 . 2008-11-10 12:31 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-11-10 12:31 . 2008-11-10 12:31 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2008-11-10 12:23 . 2008-11-10 12:23 <DIR> d-------- c:\documents and settings\Proprietario\Phone Browser 2008-11-08 11:00 . 2008-11-08 11:00 17,144 --a------ c:\documents and settings\Proprietario\Dati applicazioni\GDIPFONTCACHEV1.DAT 2008-11-05 18:50 . 2008-11-05 18:52 <DIR> d-------- C:\Nuova cartella 2008-11-02 09:24 . 2008-11-02 09:24 <DIR> d-------- C:\Brolo 2008 da stampare 2008-11-02 09:22 . 2008-10-29 10:25 4,791,544 --a------ C:\Eva Cassidy - Fields of Gold.Mp3 2008-11-02 09:21 . 2008-10-29 09:20 6,660,096 --a------ C:\Take That - Rule The World.mp3 2008-11-02 09:21 . 2008-09-22 12:31 4,003,840 --a------ C:\Alicia Keys - No One(2).mp3 2008-11-01 20:50 . 2008-11-01 20:52 <DIR> d-------- C:\favignana2008 2008-11-01 20:45 . 2008-11-01 20:45 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Office Genuine Advantage 2008-11-01 11:54 . 2008-11-01 11:54 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Minnetonka Audio Software 2008-11-01 11:54 . 2008-11-01 11:54 1,025 --a------ c:\windows\system32\sysprs7.tgz 2008-11-01 11:54 . 2008-11-01 11:54 1,025 --a------ c:\windows\system32\sysprs7.dll 2008-11-01 11:54 . 2008-11-01 11:54 1,025 --a------ c:\windows\system32\clauth2.dll 2008-11-01 11:54 . 2008-11-01 11:54 1,025 --a------ c:\windows\system32\clauth1.dll 2008-11-01 11:54 . 2008-11-01 11:54 219 --a------ c:\windows\system32\lsprst7.tgz 2008-11-01 11:54 . 2008-11-01 11:54 87 --a------ c:\windows\system32\ssprs.tgz 2008-10-30 19:44 . 2008-11-12 19:46 <DIR> d-------- c:\programmi\File comuni\Adobe 2008-10-29 23:50 . 2008-10-29 23:50 <DIR> d-------- c:\programmi\Xvid 2008-10-29 23:50 . 2008-04-27 10:33 765,952 --a------ c:\windows\system32\xvidcore.dll 2008-10-29 23:50 . 2008-04-27 10:35 180,224 --a------ c:\windows\system32\xvidvfw.dll 2008-10-29 23:50 . 2007-06-28 18:55 77,824 --a------ c:\windows\system32\xvid.ax 2008-10-29 23:18 . 2008-10-29 23:20 <DIR> d-------- c:\documents and settings\Proprietario\Dati applicazioni\DivX 2008-10-29 23:17 . 2008-10-29 23:20 <DIR> d-------- c:\programmi\DivX 2008-10-29 20:24 . 2008-10-29 20:24 <DIR> d-------- c:\programmi\Windows Media Connect 2 2008-10-29 20:23 . 2008-10-29 20:23 <DIR> d-------- c:\windows\system32\LogFiles 2008-10-29 20:23 . 2008-11-10 16:58 <DIR> d-------- c:\windows\system32\drivers\UMDF 2008-10-29 20:16 . 2008-10-29 20:16 <DIR> d-------- c:\windows\system32\windows media 2008-10-29 20:16 . 2008-10-29 20:16 <DIR> d--h----- c:\windows\msdownld.tmp 2008-10-29 20:16 . 2008-10-29 20:16 <DIR> d-------- c:\programmi\Windows Media Components 2008-10-29 19:59 . 2008-11-15 00:18 116 --a------ c:\windows\NeroDigital.ini 2008-10-29 19:26 . 2008-10-29 19:26 <DIR> d-------- c:\documents and settings\Proprietario\Dati applicazioni\Ahead 2008-10-29 18:04 . 2008-10-29 18:04 <DIR> d-------- c:\windows\system32\it 2008-10-29 18:04 . 2008-10-29 18:04 <DIR> d-------- c:\windows\system32\bits 2008-10-29 18:04 . 2008-10-29 18:05 <DIR> d-------- c:\windows\ServicePackFiles 2008-10-29 18:04 . 2008-10-29 18:04 <DIR> d-------- c:\windows\l2schemas 2008-10-29 18:00 . 2008-10-29 18:00 <DIR> d-------- c:\windows\EHome 2008-10-29 17:00 . 2008-10-29 23:59 <DIR> d-------- c:\windows\system32\it-it 2008-10-29 16:55 . 2008-10-29 16:55 <DIR> d-------- c:\programmi\MSXML 4.0 2008-10-29 16:34 . 2007-07-30 19:19 271,224 --a------ c:\windows\system32\mucltui.dll 2008-10-29 16:34 . 2007-07-30 19:19 207,736 --a------ c:\windows\system32\muweb.dll 2008-10-29 16:34 . 2007-07-30 19:18 30,072 --a------ c:\windows\system32\mucltui.dll.mui 2008-10-29 12:58 . 2008-10-29 17:26 161,290 --a------ c:\windows\system32\PremierePro2_0Content.dat 2008-10-29 12:58 . 2008-10-29 12:58 82,432 --a------ c:\windows\system32\msxml4r.dll 2008-10-29 12:58 . 2008-09-16 01:14 43,528 --------- c:\windows\system32\drivers\pxhelp20.sys 2008-10-29 12:58 . 2008-10-29 17:26 146 --a------ c:\windows\system32\{57922B53-02D4-4DFC-AC24-A3519DC1F49A}-FunctionContent.dat 2008-10-29 12:25 . 2008-10-29 12:25 <DIR> d-------- c:\programmi\File comuni\Ahead 2008-10-29 12:25 . 2008-10-29 12:25 <DIR> d-------- c:\programmi\Ahead 2008-10-29 12:25 . 2004-07-26 17:16 1,568,768 --------- c:\windows\system32\ImagX7.dll 2008-10-29 12:25 . 2004-07-26 17:16 476,320 --------- c:\windows\system32\ImagXpr7.dll 2008-10-29 12:25 . 2004-07-26 17:16 471,040 --------- c:\windows\system32\ImagXRA7.dll 2008-10-29 12:25 . 2004-07-26 17:16 262,144 --------- c:\windows\system32\ImagXR7.dll 2008-10-29 12:25 . 2001-07-09 11:50 155,648 --a------ c:\windows\system32\NeroCheck.exe 2008-10-29 12:25 . 2004-03-02 17:37 125,184 --------- c:\windows\system32\drivers\imagesrv.sys 2008-10-29 12:25 . 2000-06-26 11:45 106,496 --a------ c:\windows\system32\TwnLib20.dll 2008-10-29 12:25 . 2004-03-02 17:37 5,504 --------- c:\windows\system32\drivers\imagedrv.sys 2008-10-29 12:17 . 2008-10-29 12:17 <DIR> d-------- c:\windows\ShellNew 2008-10-29 10:09 . 2008-10-29 10:09 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus! 2008-10-29 06:49 . 2008-10-29 06:49 <DIR> d-------- c:\programmi\Messenger Plus! Live 2008-10-29 06:43 . 2008-10-29 06:49 <DIR> d-------- c:\documents and settings\Proprietario\Contacts 2008-10-29 06:39 . 2008-10-29 06:43 <DIR> d-------- c:\programmi\Windows Live 2008-10-29 06:39 . 2008-10-29 06:42 <DIR> d--hsc--- c:\programmi\File comuni\WindowsLiveInstaller 2008-10-29 06:39 . 2008-10-29 06:39 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\WLInstaller 2008-10-29 06:30 . 2008-10-29 06:30 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\IM 2008-10-29 06:29 . 2008-10-29 06:29 <DIR> d-------- c:\programmi\IncrediMail 2008-10-29 06:29 . 2008-10-29 06:29 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\IncrediMail 2008-10-28 22:40 . 2008-10-28 22:40 <DIR> d-------- c:\documents and settings\Proprietario\Dati applicazioni\TMP 2008-10-28 22:21 . 2008-10-28 22:21 <DIR> d--hs---- c:\documents and settings\Proprietario\UserData 2008-10-28 22:04 . 2008-10-28 22:04 <DIR> d-------- c:\documents and settings\Proprietario\Dati applicazioni\ATI . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-15 09:07 --------- d-----w c:\programmi\eMule 2008-11-12 18:00 --------- d--h--w c:\programmi\InstallShield Installation Information 2008-11-10 11:18 --------- d-----w c:\programmi\File comuni\InstallShield 2008-10-28 21:44 --------- d-----w c:\programmi\ASUS 2008-10-28 21:40 --------- d-----w c:\programmi\Marvell 2008-10-28 21:29 --------- d-----w c:\programmi\Intel 2008-10-28 21:27 --------- d-----w c:\programmi\Analog Devices 2008-10-28 21:04 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\ATI 2008-10-28 20:54 --------- d-----w c:\programmi\ATI Technologies 2008-10-28 20:54 --------- d-----w c:\programmi\Alwil Software 2008-10-28 20:52 --------- d-----w c:\programmi\File comuni\ATI Technologies 2008-10-28 19:44 --------- d-----w c:\programmi\microsoft frontpage 2008-10-28 19:43 --------- d-----w c:\programmi\Servizi in linea 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "Nokia.PCSync"="c:\programmi\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280] "PC Suite Tray"="c:\programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Diagnostica SpeedTouch USB"="c:\programmi\Alcatel\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816] "StartCCC"="c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-07-16 61440] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-15 81000] "SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2008-03-16 1040384] "Six Engine"="c:\program files\ASUS\Six Engine\SixEngine.exe" [2008-05-14 5958656] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "SpeedTouch USB Diagnostics"="c:\programmi\Alcatel\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Proprietario\Menu Avvio\Programmi\Esecuzione automatica\ Adobe Gamma.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664] c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\ Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Programmi\\eMule\\emule.exe"= "c:\\Programmi\\IncrediMail\\bin\\ImApp.exe"= "c:\\Programmi\\IncrediMail\\bin\\IncMail.exe"= "c:\\Programmi\\IncrediMail\\bin\\ImpCnt.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"= "c:\\Programmi\\Bonjour\\mDNSResponder.exe"= R0 mv61xx;mv61xx;c:\windows\system32\DRIVERS\mv61xx.sys [2008-05-19 150568] R1 sK9Ou0s;sK9Ou0s;c:\windows\system32\drivers\srosa2.sys [2008-11-15 7168] R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2008-07-02 89600] S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [ ] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] \Shell\AutoRun\command - D:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea2fa71b-a568-11dd-9be5-806d6172696f}] \Shell\AutoRun\command - e:\.\Bin\Assetup.exe . - - - - ORFÃOS REMOVIDOS - - - - HKCU-Run-MsnMsgr - c:\programmi\Windows Live\Messenger\MsnMsgr.Exe . ------- Supplementare di scansione ------- . FireFox -: Profile - c:\documents and settings\Proprietario\Dati applicazioni\Mozilla\Firefox\Profiles\iffcsjhs.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://google.it . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-15 11:35:26 Windows 5.1.2600 Service Pack 3 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ************************************************************************** . ------------------------ Altri processi in esecuzione ------------------------ . c:\programmi\Bonjour\mDNSResponder.exe c:\windows\system32\wscntfy.exe c:\programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CCC.exe c:\programmi\PC Connectivity Solution\ServiceLayer.exe c:\programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe c:\programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe c:\programmi\PC Connectivity Solution\Transports\NclRSSrv.exe . ************************************************************************** . Ora fine scansione: 2008-11-15 11:37:42 - macchina è stato riavviato ComboFix-quarantined-files.txt 2008-11-15 10:37:40 Pre-Run: 486,441,455,616 byte disponibili Post-Run: 486,465,400,832 byte disponibili 458 --- E O F --- 2008-11-12 18:04:30
  9. ciao ragazzi..... e da un bel po che non mi succedeva, proprio questa sera ho beccato un file,vista la mia curiosita' l'ho aperto,e per magia si e aperta una finestra strana ntsb investigators ...... morale della favola avast mi e' scomparso,mi volevo portare avanti con il lavoro e ho provato a scaricare hijack....ma mi dice che non e un'aplicazione win32 valida vi posto il report di alibegla che all'inizio pareva non funzionare ma poi per magia e' partito... grazie in anticipo Fri Nov 14 22:15:40 2008 EliBagle v11.96 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 14 de Noviembre del 2008) ---------------------------------------------- Lista de Acciones (por Acción Directa): C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado. C:\DOCUMENTS AND SETTINGS\PROPRIETARIO\DATI APPLICAZIONI\M\FLEC006.EXE --> Bagle Acceso Denegado. Restaurada Clave: "SafeBoot\Minimal y Network" Reinicie para Completar la Limpieza. Fri Nov 14 22:15:42 2008 EliBagle v11.96 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 14 de Noviembre del 2008) ---------------------------------------------- Lista de Acciones (por Exploración): Explorando Unidad C:\ Fri Nov 14 22:25:14 2008 EliBagle v11.96 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 14 de Noviembre del 2008) ---------------------------------------------- Lista de Acciones (por Acción Directa): C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado. C:\DOCUMENTS AND SETTINGS\PROPRIETARIO\DATI APPLICAZIONI\M\FLEC006.EXE --> Bagle Acceso Denegado. Restaurada Clave: "SafeBoot\Minimal y Network" Reinicie para Completar la Limpieza. Fri Nov 14 22:25:17 2008 EliBagle v11.96 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 14 de Noviembre del 2008) ---------------------------------------------- Lista de Acciones (por Exploración): Explorando Unidad C:\ Nº Total de Directorios: 5378 Nº Total de Ficheros: 58010 Nº de Ficheros Analizados: 10457 Nº de Ficheros Infectados: 0 Nº de Ficheros Limpiados: 0 Fri Nov 14 22:43:34 2008 EliBagle v11.96 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 14 de Noviembre del 2008) ---------------------------------------------- Lista de Acciones (por Acción Directa): C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado. C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado. C:\DOCUMENTS AND SETTINGS\PROPRIETARIO\DATI APPLICAZIONI\M\FLEC006.EXE --> Bagle Acceso Denegado. C:\DOCUMENTS AND SETTINGS\PROPRIETARIO\DATI APPLICAZIONI\M\LIST.OCT --> Eliminado Bagle Restaurada Clave: "SafeBoot\Minimal y Network" Reinicie para Completar la Limpieza. Fri Nov 14 22:43:37 2008 EliBagle v11.96 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 14 de Noviembre del 2008) ---------------------------------------------- Lista de Acciones (por Exploración): Explorando Unidad C:\ Nº Total de Directorios: 5383 Nº Total de Ficheros: 58181 Nº de Ficheros Analizados: 10493 Nº de Ficheros Infectados: 0 Nº de Ficheros Limpiados: 0
  10. allora che ne dite di queste ....aiutatemi memorie... CORSAIR DDR2 6400 (800Mhz) XMS2 1GB Module Kingston HyperX - Memoria - 1 GB - DIMM a 240 pin - DDR2 - 1066 MHz / PC2-8500 - CL5 - 2.2 V - non ECC Kingston Technology Kingston HyperX - Memoria - 2 GB ( 2 x 1 GB ) - DIMM a 240 pin - DDR2 - 1066 MHz / PC2-8500 - CL5 - 2.2 V - senza buffer - non ECC hd Seagate Barracuda 250GB SATA-II 16MB
  11. non capisco quale e meglio o quale e' possibile tra ata e sata
  12. allora considera che a livello amatoriale uso il pc per fare editing video ritocco di foto e avvolte anche giocare...... quindi quale scegliere ?? la hd4850 potrebbe andare bene ??
  13. ciao ragazzi confido ancora nella vosra esperienza..ho gia' ordinato: scheda madre asus p5q-e processore asus e8400 che ddr2 e che hd mi consigliate....??
  14. ciao allora finalmente ci sono quasi ancora gli ultimi pezzi e il pc equasi pronto .... ho gia' acquistato : scheda madre asus p5q-e processore asus e8400 adesso mi manca una scheda video decente.....quale mi consigliate ??
  15. no troppo bello....solo per la scheda madre e tu mirkoming che ne pensi ??