AndreaSCULTORE

Utenti
  • Numero contenuti

    2
  • Iscritto

  • Ultima visita

Su AndreaSCULTORE

  • Livello
    Iniziato

Profile Information

  • Sesso
    Maschio
  1. Ad esempio poco fa si è aperta questa finestra http://ut10s4spm0.s.ad6media.fr/su/03f30e4abda82348702cb6d76f99d5a1/3/2567?w=1457&h=819&o=
  2. Salve. Nel mio pc si aprivano finestre pubblicitarie ed ho usato vari sistemi per pulirlo: CCleaner, Malwarebytes Anti-Malware, adwcleaner_4.111, Advanced SystemCare 8. Come sistema operativo c'è XP PRO con AVAST free e IOBIT Malware, che nei giorni scorsi ho disattivato ed ho scansionato tutto con Combofix come nelle istruzioni. Avevo anche provato a installare SpyHunter, ma ho scoperto presto che è un inganno, così l'ho faticosamente rimosso ed ho eliminato anche la cartella che aveva un altro nome. Questo è il log di Combofix, se per favore qualche esperto mi dice cosa devo rimuovere ancora prima di procedere alla disinstallazione di combofix con uninstall da Esegui. ComboFix 15-03-01.01 - INTEL-2013 04/03/2015 16.37.20.4.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.3552.2287 [GMT 1:00] Eseguito da: c:\documents and settings\INTEL-2013\Desktop\COMBO-Explorer.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} * Creato nuovo punto di ripristino . . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\_ctypes.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\_elementtree.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\_hashlib.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\_multiprocessing.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\_socket.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\_ssl.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\hashobjs_ext.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\pyexpat.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\pysqlite2._sqlite.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\python27.dll c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\pythoncom27.dll c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\PyWinTypes27.dll c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\select.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\unicodedata.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\win32api.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\win32com.shell.shell.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\win32crypt.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\win32event.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\win32file.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\win32gui.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\win32inet.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\win32pdh.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\win32pipe.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\win32process.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\win32profile.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\win32security.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\win32ts.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\windows._lib_cacheinvalidation.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\wx._animate.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\wx._controls_.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\wx._core_.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\wx._gdi_.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\wx._html2.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\wx._misc_.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\wx._windows_.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\wx._wizard.pyd c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\wxbase294u_net_vc90.dll c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\wxbase294u_vc90.dll c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\wxmsw294u_adv_vc90.dll c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\wxmsw294u_core_vc90.dll c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\wxmsw294u_html_vc90.dll c:\docume~1\INTEL-~1\IMPOST~1\Temp\_MEI39802\wxmsw294u_webview_vc90.dll c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\_ctypes.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\_elementtree.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\_hashlib.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\_multiprocessing.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\_socket.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\_ssl.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\hashobjs_ext.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\pyexpat.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\pysqlite2._sqlite.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\python27.dll c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\pythoncom27.dll c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\PyWinTypes27.dll c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\select.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\unicodedata.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\win32api.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\win32com.shell.shell.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\win32crypt.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\win32event.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\win32file.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\win32gui.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\win32inet.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\win32pdh.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\win32pipe.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\win32process.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\win32profile.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\win32security.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\win32ts.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\windows._lib_cacheinvalidation.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\wx._animate.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\wx._controls_.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\wx._core_.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\wx._gdi_.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\wx._html2.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\wx._misc_.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\wx._windows_.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\wx._wizard.pyd c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\wxbase294u_net_vc90.dll c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\wxbase294u_vc90.dll c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\wxmsw294u_adv_vc90.dll c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\wxmsw294u_core_vc90.dll c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\wxmsw294u_html_vc90.dll c:\documents and settings\INTEL-2013\Impostazioni locali\Temp\_MEI39802\wxmsw294u_webview_vc90.dll c:\documents and settings\INTEL-2013\WINDOWS c:\programmi\GOOGLE~1.exe c:\programmi\Malwarebytes Anti-Malware-setup-2.0.4.1028.exe c:\programmi\Setup_FileViewPro_2015.exe c:\windows\IsUn0410.exe c:\windows\system32\Cache c:\windows\system32\Cache\26c630d098e22dd5.fb c:\windows\system32\Cache\272512937d9e61a4.fb c:\windows\system32\Cache\287204568329e189.fb c:\windows\system32\Cache\28bc8f716fd76a47.fb c:\windows\system32\Cache\31a0997e9a5b5eb3.fb c:\windows\system32\Cache\32c84fe32bb74d60.fb c:\windows\system32\Cache\3917078cb68ec657.fb c:\windows\system32\Cache\46aef9c27697257b.fb c:\windows\system32\Cache\590ba23ce359fd0c.fb c:\windows\system32\Cache\610289e025a3ee9a.fb c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb c:\windows\system32\Cache\6d03dad1035885d3.fb c:\windows\system32\Cache\95f567698be8a182.fb c:\windows\system32\Cache\a4c54b803ffd4fb3.fb c:\windows\system32\Cache\ad10a52aff5e038d.fb c:\windows\system32\Cache\c1fa887b03019701.fb c:\windows\system32\Cache\c4d28dca2e7648be.fb c:\windows\system32\Cache\d201ef9910cd39de.fb c:\windows\system32\Cache\d2e94710a5708128.fb c:\windows\system32\Cache\d79b9dfe81484ec4.fb c:\windows\system32\Cache\f998975c9cc711ee.fb c:\windows\system32\SET160.tmp c:\windows\system32\SET163.tmp c:\windows\system32\Thumbs.db c:\windows\TEMP\97b64d64-70ca-4c85-9f9b-36b3ba95d050\AgileDotNetRT.dll c:\windows\TEMP\d8d0b1a6-b273-47b6-aea8-289f428e3256\AgileDotNetRT.dll c:\windows\wininit.ini c:\windows\wmsysprx.prx . . ((((((((((((((((((((((((( Files Creati Da 2015-02-04 al 2015-03-04 ))))))))))))))))))))))))))))))))))) . . 2015-03-04 13:55 . 2015-03-04 14:59 -------- d-----w- c:\programmi\AUTORUNS 2015-02-23 23:07 . 2011-10-15 08:51 602432 ----a-r- c:\windows\system32\easyupdatusapiu.dll 2015-02-23 23:06 . 2011-10-15 08:51 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll 2015-02-23 13:09 . 2015-02-23 13:09 -------- d-----w- c:\documents and settings\Default User\LocalLow 2015-02-23 13:08 . 2015-02-23 13:08 -------- d-----w- c:\documents and settings\INTEL-2013\Impostazioni locali\Dati applicazioni\NVIDIA 2015-02-23 13:06 . 2015-02-23 13:06 -------- d-----w- c:\programmi\AGEIA Technologies 2015-02-23 13:04 . 2014-07-02 18:40 3826628 ----a-w- c:\windows\system32\nvcoproc.bin 2015-02-23 13:03 . 2014-07-02 20:43 1054552 ----a-w- c:\windows\system32\nvdispco3234052.dll 2015-02-23 13:03 . 2014-07-02 20:43 906584 ----a-w- c:\windows\system32\nvdispgenco3234052.dll 2015-02-23 13:01 . 2015-02-23 13:01 -------- d-----w- C:\NVIDIA 2015-02-18 22:34 . 2015-03-04 07:26 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2015-02-18 22:33 . 2014-11-21 05:14 54360 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2015-02-18 22:33 . 2014-11-21 05:14 23256 ----a-w- c:\windows\system32\drivers\mbam.sys 2015-02-18 21:33 . 2015-02-18 21:33 2126848 ----a-w- c:\programmi\adwcleaner_4.111.exe 2015-02-17 17:41 . 2015-02-23 13:07 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NVIDIA Corporation 2015-02-16 07:28 . 2015-02-16 10:29 94304 ----a-w- c:\programmi\Free_Opener_1.0.exe 2015-02-12 01:05 . 2015-02-12 01:05 2112512 ----a-w- c:\programmi\adwcleaner_4.110.exe 2015-02-07 11:00 . 2015-02-07 11:00 -------- d-----w- c:\documents and settings\INTEL-2013\Dati applicazioni\Avant Downloader 2015-02-07 11:00 . 2015-02-07 11:00 -------- d-----w- c:\documents and settings\INTEL-2013\Dati applicazioni\Avant Profiles 2015-02-07 11:00 . 2015-02-22 14:18 -------- d-----w- c:\programmi\Avant Browser 2015-02-05 23:20 . 2015-02-05 23:20 -------- d-----w- c:\documents and settings\INTEL-2013\Dati applicazioni\Enigma Software Group 2015-02-05 23:19 . 2015-02-05 23:19 -------- d-----w- C:\sh4ldr 2015-02-05 23:09 . 2015-02-05 23:09 19984 ----a-w- c:\windows\system32\drivers\EsgScanner.sys 2015-02-04 22:36 . 2015-02-04 22:36 -------- d-----w- c:\documents and settings\INTEL-2013\Impostazioni locali\Dati applicazioni\Foxit Reader 2015-02-04 15:30 . 2015-02-05 13:52 -------- d-----w- C:\AClock 2015-02-04 15:30 . 2015-02-04 15:30 160712 ----a-w- c:\windows\AIR Software Astro Clock Uninstaller.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-03-04 14:12 . 2013-05-13 23:26 196608 ----a-w- c:\windows\system32\drivers\nVivid.bin 2015-02-19 11:24 . 2013-05-13 23:26 196608 ----a-w- c:\windows\system32\drivers\nAsmedia.bin 2015-02-06 21:32 . 2013-12-03 09:30 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2015-02-06 21:32 . 2013-04-06 12:12 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2015-01-30 22:50 . 2014-07-27 07:01 44440344 ----a-w- c:\programmi\advanced-systemcare-setup.exe 2015-01-28 14:13 . 2015-01-28 14:12 11443560 ----a-w- c:\programmi\Media Player Classic-HC.1.7.8.x86.exe 2015-01-16 15:05 . 2015-01-16 15:05 4282020 ----a-w- c:\programmi\picture-cutout-guide-3-1-4-en-win.exe 2014-12-28 12:54 . 2014-12-28 12:54 48392 ----a-w- c:\windows\system32\certsentry.dll 2014-12-27 20:32 . 2014-12-27 20:32 880784 ----a-w- c:\programmi\googledrivesync.exe 2014-12-26 07:02 . 2014-12-26 07:01 6286448 ----a-w- c:\programmi\Silverlight.exe 2014-12-16 19:01 . 2013-09-15 16:57 98488 ----a-w- c:\windows\system32\pdfcmon.dll 2014-12-05 11:43 . 2014-12-05 11:43 1049376 -c--a-w- c:\windows\system32\nvdispco3232723.dll 2014-12-05 11:43 . 2014-12-05 11:43 893728 -c--a-w- c:\windows\system32\nvdispgenco3232723.dll 2014-12-05 11:43 . 2013-04-17 14:58 22928 ----a-w- c:\windows\system32\drivers\HPZipr12.sys 2014-12-05 11:43 . 2013-04-17 14:57 28000 ----a-w- c:\windows\system32\drivers\HPZius12.sys 2014-11-19 15:53 . 2014-11-19 15:53 762984 ----a-w- c:\programmi\Malavida_Download_Manager.exe 2014-11-13 10:32 . 2014-11-13 10:29 45674720 ----a-w- c:\programmi\doPDF_v8.0.915.exe 2014-10-02 22:13 . 2014-10-02 22:12 14515184 ----a-w- c:\programmi\Glary_Utilities_v5.9.0.16.exe 2014-09-25 11:58 . 2014-09-25 11:55 38662680 ----a-w- c:\programmi\advanced-systemcare-setup_7.4.0.474.exe 2014-09-15 21:21 . 2014-09-15 21:21 752992 ----a-w- c:\programmi\nitro-pdf-reader.exe 2014-08-01 18:44 . 2014-08-01 18:44 594016 ----a-w- c:\programmi\rectordecryptor_2.5.40.0.exe 2014-08-01 16:49 . 2014-08-01 16:49 3081200 ------w- c:\programmi\Norton Power Eraser.exe 2014-07-15 11:57 . 2014-07-15 11:57 501248 ----a-w- c:\programmi\FacebookVideoCallSetup_v1.2.205.0.exe 2014-07-11 22:34 . 2014-07-11 22:34 1016261 ----a-w- c:\programmi\JRT.exe 2014-06-14 11:56 . 2014-06-14 11:56 1128916 ----a-w- c:\programmi\pdf2wordsetup.exe 2014-06-13 07:42 . 2014-06-13 07:42 13567680 ----a-w- c:\programmi\Glary_Utilities_v5.1.0.4.exe 2014-06-13 07:07 . 2014-06-13 07:07 2242832 ----a-w- c:\programmi\SystemExplorerSetup_570.exe 2014-05-21 20:23 . 2014-05-21 20:23 2292792 ----a-w- c:\programmi\SystemExplorerSetup_560.exe 2014-03-12 21:06 . 2014-03-12 21:06 1853008 ----a-w- c:\programmi\uTorrent.exe 2014-02-22 15:40 . 2014-02-22 15:39 24465791 ----a-w- c:\programmi\ZET9SETUP214-EN.exe 2014-02-12 18:55 . 2014-02-12 18:55 2473400 ----a-w- c:\programmi\zaSetupWeb_120_121_000.exe 2014-01-28 11:52 . 2014-01-28 11:52 1069512 ----a-w- c:\programmi\install_flashplayer12x32au_mssd_awc_aih.exe 2013-12-24 20:54 . 2013-12-24 20:53 5946344 ----a-w- c:\programmi\ADE_2.0_Installer.exe 2013-11-04 13:32 . 2013-11-04 13:31 38103832 ----a-w- c:\programmi\KindleForPC-installer.exe 2013-10-14 14:00 . 2013-10-14 14:00 784840 ----a-w- c:\programmi\GoogleEarthSetup.exe 2013-10-14 12:38 . 2013-10-14 12:38 642560 ----a-w- c:\programmi\GiFResizer.exe 2013-07-13 07:20 . 2013-07-13 07:20 909176 ----a-w- c:\programmi\WGAPluginInstall.exe 2013-06-17 13:54 . 2013-06-17 13:54 3782822 ----a-w- c:\programmi\ConvertHelperSetup.exe 2013-06-15 14:14 . 2013-06-15 14:14 2061008 ----a-w- c:\programmi\SystemExplorerSetup_422.exe 2013-05-27 09:13 . 2013-05-27 09:13 41404760 ----a-w- c:\programmi\QuickTimeInstaller.exe 2013-05-16 08:23 . 2013-04-06 19:01 1528184 ----a-w- c:\programmi\GenuineCheck.exe 2013-04-21 19:04 . 2013-04-21 19:04 2237968 ----a-w- c:\programmi dsskiller2.8.16.0.exe 2013-04-07 03:51 . 2013-04-06 18:35 11116496 -c--a-w- c:\programmi\mseinstall.exe 2013-04-06 18:46 . 2013-04-06 18:45 16968544 ----a-w- c:\programmi\IE8-WindowsXP-x86-ITA.exe 2013-03-06 19:09 . 2013-05-16 07:34 83977160 ----a-w- c:\programmi\InPixio_Photo_Cutout_Pro.exe 2012-01-12 19:16 . 2013-05-17 15:43 16442689 ----a-w- c:\programmi\InstallDLM666E.EXE 2011-10-17 15:01 . 2013-09-15 21:22 241664 ----a-w- c:\programmi\JPEGtoPDF.exe 2009-03-04 13:37 . 2013-05-17 15:38 107520 ----a-w- c:\programmi\numerologia.exe 2007-11-07 09:42 . 2014-06-20 18:58 197618794 ----a-w- c:\programmi\nero_burningrom8.0.3.0b.exe . [code]<pre> c:\programmi\Nero 12 Platinum 12.0.020 + Patch + Key [EC]\Patch + Key\Nero-12.0.02000_trial .exe </pre> . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] 2015-01-30 22:51 752960 ----a-w- c:\programmi\IObit\IObit Uninstaller\UninstallExplorer32.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{10921475-03CE-4E04-90CE-E2E7EF20C814}"= "c:\programmi\IObit\IObit Uninstaller\UninstallExplorer32.dll" [2015-01-30 752960] . [HKEY_CLASSES_ROOT\clsid\{10921475-03ce-4e04-90ce-e2e7ef20c814}] [HKEY_CLASSES_ROOT\UninstallExplorer32.ExplorerBtn] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2014-11-17 00:12 723976 ----a-w- c:\programmi\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2015-01-15 15:59 577864 ----a-w- c:\programmi\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2015-01-15 15:59 577864 ----a-w- c:\programmi\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2015-01-15 15:59 577864 ----a-w- c:\programmi\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2015-01-15 15:59 577864 ----a-w- c:\programmi\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2015-01-15 15:59 577864 ----a-w- c:\programmi\Google\Drive\googledrivesync32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Avast-Browser-Cleanup"="c:\programmi\AVAST Software\Avast\BrowserCleanup.exe/RunOnce" [X] "ChronosXP"="c:\programmi\ChronosXP\ChronosXP.exe" [2009-04-12 599040] "swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2013-04-06 39408] "Adobe Reader Synchronizer"="c:\programmi\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe" [2014-09-12 759712] "GoogleDriveSync"="c:\programmi\Google\Drive\googledrivesync.exe" [2015-01-15 23308256] "Advanced SystemCare 8"="c:\programmi\IObit\Advanced SystemCare 8\ASCTray.exe" [2015-01-20 2428704] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UnlockerAssistant"="c:\programmi\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408] "hpqSRMon"="c:\programmi\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896] "Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2014-09-12 959176] "APSDaemon"="c:\programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712] "SystemExplorerAutoStart"="c:\programmi\System Explorer\SystemExplorer.exe" [2014-10-21 3371528] "DivXMediaServer"="c:\programmi\DivX\DivX Media Server\DivXMediaServer.exe" [2014-08-19 448856] "DivXUpdate"="c:\programmi\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968] "AvastUI.exe"="c:\programmi\AVAST Software\Avast\AvastUI.exe" [2015-01-27 5227112] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-05-17 169792] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-05-17 143680] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-05-17 181568] "QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2014-01-17 421888] "NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2014-10-15 157480] "Smart File Advisor"="c:\programmi\Smart File Advisor\sfa.exe" [2014-08-12 283248] "IObit Malware Fighter"="c:\programmi\IObit\IObit Malware Fighter\IMF.exe" [2015-01-27 5768480] "NvBackend"="c:\programmi\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104] "RTHDCPL"="RTHDCPL.EXE" [2012-06-06 20065936] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-15 16744256] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-10-15 203072] "Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-13 143872] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360] "Advanced SystemCare 8"="c:\programmi\IObit\Advanced SystemCare 8\ASCTray.exe" [2015-01-20 2428704] . c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\ HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLinkedConnections"= 1 (0x1) "SoftwareSASGeneration"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^INTEL-2013^Menu Avvio^Programmi^Esecuzione automatica^JtvfEBGz.exe] path=c:\documents and settings\INTEL-2013\Menu Avvio\Programmi\Esecuzione automatica\JtvfEBGz.exe backup=c:\windows\pss\JtvfEBGz.exeStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares] 2008-08-21 14:45 888832 ----a-w- c:\programmi\Ares\Ares.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2011-03-04 10:45 2741616 ----a-w- c:\programmi\File comuni\LightScribe\LightScribeControlPanel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaFace Integration] 2004-07-01 17:08 53248 -c--a-w- c:\programmi\Fellowes\MediaFACE 4.0\SetHook.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] c:\programmi\Messenger\msmsgs.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent] 2012-02-28 13:53 190768 -c--a-w- c:\programmi\Nokia\Nokia Software Updater\nsu3ui_agent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2012-06-26 11:10 1516632 ----a-w- c:\programmi\Nokia\Nokia PC Suite 7\PCSuite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2013-03-01 10:16 18643560 ----a-r- c:\programmi\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "NWCWorkstation"=3 (0x3) "TlntSvr"=3 (0x3) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" "ASUSGamerOSD"=c:\program files\ASUS\GamerOSD\GamerOSD.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableNotifications"= 1 (0x1) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programmi\\Opera\\opera.exe"= "c:\\Programmi\\WebSite X5 v9 - Evolution\\WebSiteX5.exe"= "c:\\Programmi\\WebSite X5 v9 - Evolution\\imUpdate.exe"= "c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"= "c:\\Programmi\\WebSite X5 v9 - Evolution\\unins000.exe"= "c:\\Programmi\\eMule\\emule.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Programmi\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Programmi\\Photobie\\Photobie.exe"= "c:\\Programmi\\Ares\\Ares.exe"= "c:\\WINDOWS\\system32\\msiexec.exe"= "c:\\Programmi\\LibreOffice 4\\program\\soffice.bin"= "c:\\Programmi\\Skype\\Phone\\Skype.exe"= "c:\\Programmi\\uTorrent.exe"= "c:\\Documents and Settings\\INTEL-2013\\Dati applicazioni\\uTorrent\\uTorrent.exe"= "c:\\Programmi\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Documents and Settings\\INTEL-2013\\Impostazioni locali\\Dati applicazioni\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"= "c:\\Programmi\\Nero\\KM\\KwikMedia.exe"= "c:\\Programmi\\iTunes\\iTunes.exe"= "c:\\Programmi\\Maxthon\\bin\\Maxthon.exe"= "c:\\Programmi\\Maxthon\\bin\\MxUp.exe"= "c:\\Programmi\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"= "c:\\Programmi\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"= "c:\\Programmi\\Mozilla Firefox\\firefox.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Gestione remota Windows . R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [01/08/2014 19.21.54 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [01/08/2014 19.21.54 206248] R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [02/07/2014 15.48.47 56496] R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [02/07/2014 15.48.51 12464] R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [27/07/2014 10.21.19 15808] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [01/08/2014 19.21.54 787800] R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [01/08/2014 19.21.54 423784] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [12/03/2014 16.20.32 42272] R2 AdvancedSystemCareService8;Advanced SystemCare Service 8;c:\programmi\IObit\Advanced SystemCare 8\ASCService.exe [30/01/2015 23.51.34 815392] R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [01/08/2014 19.21.54 24184] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [01/08/2014 19.21.54 70384] R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\programmi\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [28/12/2014 10.11.59 244448] R2 IMFservice;IMF Service;c:\programmi\IObit\IObit Malware Fighter\IMFsrv.exe [05/08/2014 7.55.05 344864] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\programmi\Intel\iCLS Client\HeciServer.exe [20/04/2012 13.11.32 462048] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\programmi\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [06/04/2013 12.31.17 166720] R2 NAUpdate;Nero Update;c:\programmi\Nero\Update\NASvc.exe [13/07/2012 15.27.00 769432] R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\programmi\Nitro\Pro 8\NitroPDFDriverService8.exe [18/09/2012 13.28.28 197128] R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\programmi\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [26/07/2013 5.48.28 196624] R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NLSSRV32.EXE [18/09/2012 13.28.32 69640] R2 NovaPdfServer;novaPDF Server;c:\programmi\Softland\novaPDF 8\Server\novapdfs.exe [01/08/2014 11.38.18 204576] R2 NvNetworkService;NVIDIA Network Service;c:\programmi\NVIDIA Corporation\NetService\NvNetworkService.exe [23/02/2015 14.05.40 1720608] R2 PDF Architect Helper Service;PDF Architect Helper Service;c:\programmi\PDF Architect\HelperService.exe [08/04/2013 17.44.12 1320496] R2 PDF Architect Service;PDF Architect Service;c:\programmi\PDF Architect\ConversionService.exe [08/04/2013 17.43.36 799280] R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\programmi\RealNetworks\RealDownloader\rndlresolversvc.exe [14/08/2013 15.19.24 39056] R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe [09/10/2013 9.58.16 3275136] R2 Soda PDF 6 Creator;Soda PDF 6 Creator;c:\programmi\Soda PDF 6\creator-ws.exe [27/08/2014 19.39.10 621408] R2 UNS;Intel® Management and Security Application User Notification Service;c:\programmi\Intel\Intel® Management Engine Components\UNS\UNS.exe [06/04/2013 12.31.12 365376] R3 FileMonitor;FileMonitor;c:\programmi\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [31/01/2015 1.24.42 247968] R3 RegFilter;RegFilter;c:\programmi\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [31/01/2015 1.24.42 31776] R3 SystemExplorerHelpService;System Explorer Service;c:\programmi\System Explorer\service\SystemExplorerService.exe [16/06/2013 21.15.23 567144] R3 UrlFilter;UrlFilter;c:\programmi\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [31/01/2015 1.24.42 17360] S2 LiveUpdateSvc;LiveUpdate;c:\programmi\IObit\LiveUpdate\LiveUpdate.exe [27/07/2014 10.12.16 2724128] S2 SkypeUpdate;Skype Updater;c:\programmi\Skype\Updater\Updater.exe [01/03/2013 11.11.32 161384] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [06/04/2013 12.29.25 1691480] S3 esgiguard;esgiguard;\??\c:\programmi\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\programmi\Enigma Software Group\SpyHunter\esgiguard.sys [?] S3 EsgScanner;EsgScanner;c:\windows\system32\drivers\EsgScanner.sys [06/02/2015 0.09.24 19984] S3 IntcDAud;Audio schermo Intel®;c:\windows\system32\drivers\IntcDAud.sys [21/04/2013 17.58.56 270080] S3 IOMap;IOMap;c:\windows\system32\drivers\IOMap.sys [20/07/2013 9.13.57 33280] S3 ip100xp;10/100Mbps Fast Ethernet Adapter NT Driver;c:\windows\system32\drivers\ipfnd51.sys [19/07/2013 21.31.12 26624] S3 LULU Software CrashHandler;LULU Software CrashHandler;c:\programmi\Soda PDF 6\crash-handler-ws.exe [27/08/2014 19.39.10 744800] S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\programmi\McAfee Security Scan\3.8.150\McCHSvc.exe" --> c:\programmi\McAfee Security Scan\3.8.150\McCHSvc.exe [?] S3 MEI;Intel® Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [06/04/2013 12.31.06 55104] S3 RK28USB;Driver for RK28USB Device;c:\windows\system32\drivers\RK28USB.sys [17/01/2015 0.58.10 72320] S3 RTL8192cu;300Mbps Wireless USB Adapter;c:\windows\system32\drivers\RTL8192cu.sys [09/03/2014 18.06.29 1076968] S3 Soda PDF 6;Soda PDF 6;c:\programmi\Soda PDF 6\ws.exe [27/08/2014 19.39.10 1655136] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc ORBTR REG_MULTI_SZ Orbiter . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 10:29 451872 ----a-w- c:\programmi\File comuni\LightScribe\LSRunOnce.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-03-04 03:19 1059656 ----a-w- c:\programmi\Google\Chrome\Application\41.0.2272.76\Installer\chrmstp.exe . Contenuto della cartella 'Scheduled Tasks' . 2015-03-04 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-06 21:32] . 2015-03-04 c:\windows\Tasks\ASC8_PerformanceMonitor.job - c:\programmi\IObit\Advanced SystemCare 8\Monitor.exe [2015-01-30 13:32] . 2015-03-04 c:\windows\Tasks\avast! Emergency Update.job - c:\programmi\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-17 00:12] . 2015-03-04 c:\windows\Tasks\Driver Booster Scan.job - c:\programmi\IObit\Driver Booster\Scheduler.exe [2014-12-05 14:52] . 2015-03-04 c:\windows\Tasks\Driver Booster Update.job - c:\programmi\IObit\Driver Booster\AutoUpdate.exe [2014-12-05 15:17] . 2015-03-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1606980848-861567501-725345543-1003Core.job - c:\documents and settings\INTEL-2013\Impostazioni locali\Dati applicazioni\Facebook\Update\FacebookUpdate.exe [2014-07-15 11:57] . 2015-03-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1606980848-861567501-725345543-1003UA.job - c:\documents and settings\INTEL-2013\Impostazioni locali\Dati applicazioni\Facebook\Update\FacebookUpdate.exe [2014-07-15 11:57] . 2015-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programmi\Google\Update\GoogleUpdate.exe [2013-04-06 14:05] . 2015-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programmi\Google\Update\GoogleUpdate.exe [2013-04-06 14:05] . 2015-03-04 c:\windows\Tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Accesso.job - c:\windows\system32\xp_eos.exe [2014-03-09 23:28] . 2015-02-08 c:\windows\Tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Mensile.job - c:\windows\system32\xp_eos.exe [2014-03-09 23:28] . 2015-03-04 c:\windows\Tasks\Opera scheduled Autoupdate 1408138736.job - c:\programmi\Opera\launcher.exe [2014-08-15 09:05] . 2015-03-01 c:\windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1606980848-861567501-725345543-1003.job - c:\programmi\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14 14:19] . 2015-03-04 c:\windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1606980848-861567501-725345543-1003.job - c:\programmi\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14 14:19] . 2015-02-25 c:\windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1606980848-861567501-725345543-1003.job - c:\programmi\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14 14:19] . 2015-03-04 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1606980848-861567501-725345543-1003.job - c:\programmi\Real\RealUpgrade\realupgrade.exe [2013-08-14 16:13] . 2015-03-04 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1606980848-861567501-725345543-1003.job - c:\programmi\Real\RealUpgrade\realupgrade.exe [2013-08-14 16:13] . 2015-03-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1606980848-861567501-725345543-1003.job - c:\programmi\Real\RealUpgrade\realupgrade.exe [2013-08-14 16:13] . 2015-02-28 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1606980848-861567501-725345543-1003.job - c:\programmi\Real\RealUpgrade\realupgrade.exe [2013-08-14 16:13] . 2015-03-04 c:\windows\Tasks\SmartDefrag3_Startup.job - c:\programmi\IObit\Smart Defrag 3\SmartDefrag.exe [2014-07-27 14:46] . 2015-03-04 c:\windows\Tasks\SmartDefrag3_Update.job - c:\programmi\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-27 13:05] . . ------- Scansione supplementare ------- . uStart Page = hxxp://www.google.com mStart Page = www.google.com IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\INTEL-2013\Dati applicazioni\Mozilla\Firefox\Profiles\sv76145n.default-1385792483703\ FF - prefs.js: browser.startup.homepage - www.google.it FF - ExtSQL: 2015-01-31 11:36; iobitapps@mybrowserbar.com; c:\program files\IObit Apps Toolbar\FF . - - - - CHIAVI ORFANE RIMOSSE - - - - . BHO-{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - (no file) Toolbar-10 - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2015-03-04 16:54 Windows 5.1.2600 Service Pack 3 NTFS . scansione processi nascosti ... . scansione entrate autostart nascoste ... . Scansione files nascosti ... . Scansione completata con successo Files nascosti: 0 . ************************************************************************** . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- Dlls caricate dai processi in esecuzione --------------------- . - - - - - - - > 'explorer.exe'(7016) c:\windows\system32\WININET.dll c:\windows\system32\msi.dll c:\programmi\Google\Drive\googledrivesync32.dll c:\windows\system32\webcheck.dll c:\progra~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL c:\programmi\File comuni\Microsoft Shared\Web Components\10\1040\OWCI10.DLL c:\windows\system32\mshtml.dll c:\windows\system32\msls31.dll c:\windows\system32\WPDShServiceObj.dll c:\programmi\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\programmi\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\programmi\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ita.nlr c:\programmi\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Altri processi in esecuzione ------------------------ . c:\programmi\Nero\Nero 7\InCD\InCDsrv.exe c:\programmi\AVAST Software\Avast\AvastSvc.exe c:\programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\ATKKBService.exe c:\programmi\Java\jre7\bin\jqs.exe c:\programmi\Google\Update\1.3.26.9\GoogleCrashHandler.exe c:\programmi\File comuni\LightScribe\LSSrvc.exe c:\programmi\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe c:\windows\system32\msiexec.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\wscntfy.exe c:\programmi\IObit\Driver Booster\DriverBooster.exe c:\windows\RTHDCPL.EXE c:\programmi\IObit\IObit Uninstaller\UninstallMonitor.exe c:\windows\System32\wbem\wmiapsrv.exe c:\windows\System32\wbem\unsecapp.exe c:\programmi\iPod\bin\iPodService.exe c:\programmi\HP\Digital Imaging\bin\hpqSTE08.exe c:\programmi\HP\Digital Imaging\bin\hpqbam08.exe c:\programmi\IObit\IObit Malware Fighter\IMFTips.exe . ************************************************************************** . Ora fine scansione: 2015-03-04 16:58:35 - Il pc è stato riavviato ComboFix-quarantined-files.txt 2015-03-04 15:58 ComboFix2.txt 2014-02-06 21:38 ComboFix3.txt 2013-11-29 12:21 . Pre-Run: 16.379.949.056 byte disponibili Post-Run: 17.252.712.448 byte disponibili . - - End Of File - - 6031CB6796CDBB99C103575D8EABEE56 828E02D5C4A4FBE53441EE9DBEE51F43[/code]