bibbuccio

Utenti
  • Numero contenuti

    40
  • Iscritto

  • Ultima visita

Su bibbuccio

  • Livello
    Novizio
  1. Pikeeeeeeeeee ^____________^ allora ?? che dici.....è ancora sporco e infetto ???
  2. Grazie Gopher....dò uno sguardo.... Pike, cosa mi dici dunque ??? ti risulta pulito il pc dai log che ti ho mandato o c'è ancora qualche secchiata di virus infetti e maledetti ??? stavolta apro il pc e ci spruzzo una bombola di insetticida...vediamo se vinco io ^________^
  3. questa comunque non me la spiego...... l'ho cancellato, nella funzione " cerca " non me lo tira fuori, vado in C e lo trovo li.... come è possibile ????
  4. ComboFix 13-04-02.01 - bibbuccio 2013-04-03 0:26.19.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.3062.2394 [GMT 2:00] Eseguito da: c:\documents and settings\bibbuccio\Documenti\Downloads\ComboFix.exe AV: AntiVir Desktop *Enabled/Updated* {00000002-0002-0000-7C25-9E7C08000A00} AV: Avira Desktop *Disabled/Outdated* {0012F2B4-5C49-7C92-0300-000100000000} AV: Avira Desktop *Enabled/Outdated* {00000000-0000-0000-0000-000000000000} AV: Avira Desktop *Enabled/Outdated* {00000000-0715-0000-08F2-12003094807C} . . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Dati applicazioni\36D c:\documents and settings\All Users\Dati applicazioni\36D\{CE74FC39-384A-4F87-B94A-F88E2797DDE4}.swf c:\documents and settings\bibbuccio\Dati applicazioni\CHRONIC.EXE c:\documents and settings\bibbuccio\Dati applicazioni\Toolbar4 c:\documents and settings\bibbuccio\WINDOWS C:\InfoSat.txt C:\Muestras C:\Thumbs.db c:\windows\IsUn0410.exe c:\windows\system32\CddbCdda.dll c:\windows\system32\dllcache\wmpvis.dll c:\windows\system32\SETB7.tmp c:\windows\system32\SETB9.tmp c:\windows\system32\SETC7.tmp c:\windows\system32 mp.reg c:\windows\wininit.ini D:\install.exe . . ((((((((((((((((((((((((( Files Creati Da 2013-03-02 al 2013-04-02 ))))))))))))))))))))))))))))))))))) . . 2013-04-02 14:56 . 2013-04-02 16:21 181064 ----a-w- c:\windows\PSEXESVC.EXE 2013-03-28 16:37 . 2013-03-28 16:37 -------- d-----w- c:\windows\SysWOW64 2013-03-20 20:06 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys 2013-03-20 20:06 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys 2013-03-16 17:42 . 2008-06-27 09:39 332928 ----a-r- c:\windows\system32\drivers\RTL8187.sys 2013-03-07 06:45 . 2013-02-11 10:28 35896 ----a-w- c:\windows\system32\drivers\gfiark.sys 2013-03-07 06:06 . 2012-11-29 13:45 44424 ----a-r- c:\windows\system32\SBBD.EXE 2013-03-07 06:06 . 2012-10-30 12:46 66344 ----a-r- c:\windows\system32\drivers\sbapifs.sys 2013-03-07 06:06 . 2012-10-30 12:46 22064 ----a-r- c:\windows\system32\drivers\sbaphd.sys 2013-03-07 06:06 . 2013-03-07 13:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\STOPzilla! . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-13 13:13 . 2012-12-30 09:47 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-03-13 13:13 . 2012-01-11 07:12 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-02-12 00:32 . 2008-08-04 20:15 12928 ------w- c:\windows\system32\drivers\usb8023x.sys 2013-02-12 00:32 . 2003-04-08 19:00 12928 ------w- c:\windows\system32\drivers\usb8023.sys 2013-01-26 03:55 . 2003-04-08 19:00 552448 ------w- c:\windows\system32\oleaut32.dll 2013-01-07 07:24 . 2003-04-08 19:00 2152448 ------w- c:\windows\system32\ntoskrnl.exe 2013-01-07 07:24 . 2002-09-09 13:34 2031104 ------w- c:\windows\system32\ntkrnlpa.exe 2013-01-04 10:09 . 2003-04-08 19:00 1867264 ------w- c:\windows\system32\win32k.sys 2013-01-11 16:34 . 2013-01-11 16:34 262704 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\programmi\Windows Media Player\WMPNSCFG.exe" [2009-02-04 204288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2012-09-11 348664] "AdobeAAMUpdater-1.0"="c:\programmi\File comuni\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904] "RTHDCPL"="rthdcpl.exe" [2007-07-11 16132608] "QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2012-04-18 421888] "SwitchBoard"="c:\programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS6ServiceManager"="c:\programmi\File comuni\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312] . c:\documents and settings\bibbuccio\Menu Avvio\Programmi\Esecuzione automatica\ Adobe Gamma.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] . c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\ Bluetooth Manager.lnk - c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-8-2 2760704] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio veloce di Adobe Reader.lnk] path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Reader.lnk backup=c:\windows\pss\Avvio veloce di Adobe Reader.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD] 2007-11-30 05:28 1637312 ----a-w- c:\programmi\SlySoft\AnyDVD\AnyDVD.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DexrexIMBackup] 2010-04-13 14:50 175104 ----a-w- c:\programmi\Dexrex\DexrexIMBackup.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2009-02-26 17:36 30040 ----a-w- c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] 2007-07-11 04:07 155648 ------w- c:\windows\system32\hkcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2007-07-11 04:07 131072 ------w- c:\windows\system32\igfxtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect] 2009-07-03 09:40 2328576 ----a-w- c:\programmi\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2010-05-14 08:32 1479680 ----a-w- c:\programmi\Nokia\Nokia PC Suite 7\PCSuite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-04-18 18:56 421888 ----a-w- c:\programmi\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip] 2007-02-20 09:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "WMPNSCFG"=c:\programmi\Windows Media Player\WMPNSCFG.exe "EPSON Stylus DX7400 Series"=c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "c:\windows\TEMP\E_S8E.tmp" /EF "HKCU" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "ArcSoft Connection Service"=c:\programmi\File comuni\ArcSoft\Connection Service\Bin\ACDaemon.exe "DVAPTray"=c:\windows\System32\DVAPTray.exe "GrooveMonitor"="c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe" "SwitchBoard"=c:\programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe "AdobeCS5ServiceManager"="c:\programmi\File comuni\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\rundisabled] "Persistence"=c:\windows\System32\igfxpers.exe "RTHDCPL"=RTHDCPL.EXE . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programmi\\Nokia\\Nokia Home Media Server\\Media Server\ wonkymedia.exe"= "c:\\Programmi\\Nokia\\Nokia Home Media Server\\Media Server\ wonkymediaserver.exe"= "c:\\Programmi\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Programmi\\File comuni\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Programmi\\Real\\RealPlayer\\realplay.exe"= "c:\\Programmi\\uTorrent\\uTorrent.exe"= "c:\\Programmi\\File comuni\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Programmi\\Microsoft Office\\Office12\\EXCEL.EXE"= "c:\\Programmi\\ODEON\\JAF\\JCOP.EXE"= "c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Programmi\\Google\\Google Earth\\plugin\\geplugin.exe"= "c:\\Programmi\\eMule\\emule.exe"= "c:\\Programmi\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\WINDOWS\\system32\\msiexec.exe"= "c:\\Programmi\\File comuni\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 "5061:TCP"= 5061:TCP:SPF Port 5061 TCP "39801:TCP"= 39801:TCP:SPF Port 39801 TCP "49643:UDP"= 49643:UDP:SPF Port 49643 UDP "5985:TCP"= 5985:TCP:Gestione remota Windows "1542:TCP"= 1542:TCP:Realtek WPS TCP Prot "1542:UDP"= 1542:UDP:Realtek WPS UDP Prot "53:UDP"= 53:UDP:Realtek AP UDP Prot . R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2012-12-26 14776] R0 szkg5;szkg5;c:\windows\system32\drivers\SZKG.sys [2012-11-26 61328] R0 szkgfs;szkgfs;c:\windows\system32\drivers\SZKGFS.sys [2012-11-07 64512] R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-12-31 36000] R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\programmi\IObit\Advanced SystemCare 4\ASCService.exe [2012-12-26 328536] R2 AntiVirSchedulerService;Avira Pianificatore;c:\programmi\Avira\AntiVir Desktop\sched.exe [2011-12-31 86224] R2 BBUpdate;BBUpdate;c:\programmi\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2011-09-22 66560] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088] R2 VMCService;Vodafone Mobile Connect Service;c:\programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-07-03 9216] S0 eiqhe;eiqhe;c:\windows\system32\drivers\ulwwn.sys --> c:\windows\system32\drivers\ulwwn.sys [?] S0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [2012-11-26 61328] S0 vhlmf;vhlmf;c:\windows\system32\drivers\odiirker.sys --> c:\windows\system32\drivers\odiirker.sys [?] S2 BBSvc;Bing Bar Update Service;c:\programmi\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] S3 AVMAP_CP;AvMap Chart Plotter USB Driver (x86);c:\windows\system32\drivers\avmap_cp.sys [2010-12-16 18736] S3 AVMAP_S3C;AvMap S3C Chart Plotter USB Driver (avmap_cp.sys);c:\windows\system32\drivers\avmap_cp.sys [2010-12-16 18736] S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2010-06-12 112640] S3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [2013-03-07 35896] S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2010-06-12 102656] S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2012-12-28 35144] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-08-22 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-08-22 8320] S3 phil2vid;Fotocamera VGA USB Philip;c:\windows\system32\drivers\philcam2.sys [2011-06-07 173696] S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [2010-08-22 32377] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2013-02-23 606056] S3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2013-03-16 332928] S3 SwitchBoard;SwitchBoard;c:\programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 WPRO_40_1123;WinPcap Packet Driver (WPRO_40_1123);c:\windows\system32\drivers\WPRO_40_1123.sys --> c:\windows\system32\drivers\WPRO_40_1123.sys [?] S4 DexrexDaemon;DexrexDaemon;c:\programmi\Dexrex\DexrexDaemon.exe [2010-04-13 174592] S4 TwonkyMedia;TwonkyMedia;c:\programmi\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\programmi\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?] . --- Altri Servizi/Drivers In Memoria --- . *NewlyCreated* - 16695132 *Deregistered* - 16695132 . Contenuto della cartella 'Scheduled Tasks' . 2013-04-02 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-30 13:13] . 2013-03-29 c:\windows\Tasks\AdobeAAMUpdater-1.0-DESK1-bibbuccio.job - c:\programmi\File comuni\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-09-20 06:27] . 2013-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programmi\Google\Update\GoogleUpdate.exe [2010-07-17 20:32] . 2013-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programmi\Google\Update\GoogleUpdate.exe [2010-07-17 20:32] . 2013-04-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1383384898-839522115-1004Core.job - c:\documents and settings\bibbuccio\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2010-05-21 12:41] . 2013-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1383384898-839522115-1004UA.job - c:\documents and settings\bibbuccio\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2010-05-21 12:41] . 2013-04-02 c:\windows\Tasks\SmartDefragUpdate.job - c:\programmi\IObit\Smart Defrag 2\AutoUpdate.exe [2012-12-25 10:06] . 2013-04-02 c:\windows\Tasks\User_Feed_Synchronization-{44FB57ED-4C15-4C80-BB0C-ADFC6F44AEDE}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Scansione supplementare ------- . uInternet Settings,ProxyOverride = *.local IE: Apri un'immagine con PhotoME... - c:\programmi\PhotoME\iemenuext.html IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Free YouTube to MP3 Converter - c:\documents and settings\bibbuccio\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Locate Spot on Map by GPS - c:\programmi\Opanda\IExif 2.3\IExifMap.htm IE: Post Image to Blog - c:\programmi\ImageShackToolbar\ImageShackToolbar.dll/5003 IE: Tag This Image - c:\programmi\ImageShackToolbar\ImageShackToolbar.dll/5002 IE: Transload Image to ImageShack - c:\programmi\ImageShackToolbar\ImageShackToolbar.dll/5004 IE: Upload All Images to ImageShack - c:\programmi\ImageShackToolbar\ImageShackToolbar.dll/5000 IE: Upload Image to ImageShack - c:\programmi\ImageShackToolbar\ImageShackToolbar.dll/5001 IE: View Exif/GPS/IPTC with IExif - c:\programmi\Opanda\IExif 2.3\IExifCom.htm FF - ProfilePath - c:\documents and settings\bibbuccio\Dati applicazioni\Mozilla\Firefox\Profiles\xq9zggwi.default\ FF - prefs.js: browser.startup.homepage - www.virgilio.it FF - prefs.js: network.proxy.type - 0 # Mozilla User Preferences /* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ FF - user.js: app.update.disable_button.showUpdateHistory - false FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1359806571 FF - user.js: app.update.lastUpdateTime.background-update-timer - 1358627154 FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1359806691 FF - user.js: app.update.lastUpdateTime.browser-cleanup-thumbnails - 1359806451 FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1361629871 FF - user.js: browser.cache.disk.capacity - 358400 FF - user.js: browser.cache.disk.smart_size.first_run - false FF - user.js: browser.cache.disk.smart_size.use_old_max - false FF - user.js: browser.cache.disk.smart_size_cached_value - 358400 FF - user.js: browser.download.dir - c:\\Documents and Settings\\bibbuccio\\Documenti\\Download FF - user.js: browser.download.manager.alertOnEXEOpen - false FF - user.js: browser.keywordURLPromptDeclined - 1 FF - user.js: browser.migration.version - 8 FF - user.js: browser.newtabpage.storageVersion - 1 FF - user.js: browser.pagethumbnails.storage_version - 2 FF - user.js: browser.places.smartBookmarksVersion - 4 FF - user.js: browser.preferences.advanced.selectedTabIndex - 0 FF - user.js: browser.rights.3.shown - true FF - user.js: browser.search.update - false FF - user.js: browser.search.useDBForOrder - false FF - user.js: browser.shell.checkDefaultBrowser - false FF - user.js: browser.startup.homepage - www.virgilio.it FF - user.js: browser.startup.homepage_override.buildID - 20130104151925 FF - user.js: browser.startup.homepage_override.mstone - 18.0 FF - user.js: browser.syncPromoViewsLeft - 0 FF - user.js: browser.tabs.warnOnClose - false FF - user.js: browser.urlbar.autocomplete.enabled - false FF - user.js: extensions.blocklist.pingCountTotal - 7 FF - user.js: extensions.blocklist.pingCountVersion - 3 FF - user.js: extensions.bootstrappedAddons - {} FF - user.js: extensions.databaseSchema - 14 FF - user.js: extensions.enabledAddons - iobit%40mybrowserbar.com:7.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0 FF - user.js: extensions.installCache - [{\name\:\winreg-app-global\,\addons\:{\{ABDE892B-13A8-4d1b-88E6-365A6E755758}\:{\descriptor\:\c:\\\\Programmi\\\\Real\\\\RealPlayer\\\\browserrecord\,\mtime\:1228773435000},\jqs@sun.com\:{\descriptor\:\c:\\\\Programmi\\\\Java\\\\jre6\\\\lib\\\\deploy\\\\jqs\\\\ff\,\mtime\:1229334209171},\{20a82645-c095-46ed-80e3-08825760534b}\:{\descriptor\:\c:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\,\mtime\:1251804199809},\helperframework@zonemedia.com\:{\descriptor\:\c:\\\\Programmi\\\\Internet Explorer\\\\bin\,\mtime\:1352045330046},\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\:{\descriptor\:\c:\\\\Programmi\\\\File comuni\\\\DVDVideoSoft\\\\plugins\\\\ff\,\mtime\:1357922978250}}},{\name\:\app-global\,\addons\:{\{972ce4c6-7e08-4474-a285-3208198ce6fd}\:{\descriptor\:\c:\\\\Programmi\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\,\mtime\:1357922060703}}},{\name\:\app-profile\,\addons\:{\iobit@mybrowserbar.com\:{\descriptor\:\c:\\\\Programmi\\\\IObit Toolbar\\\\FF\,\mtime\:1362167189062}}}] FF - user.js: extensions.lastAppVersion - 18.0 FF - user.js: extensions.lastPlatformVersion - 18.0 FF - user.js: extensions.pendingOperations - false FF - user.js: extensions.shownSelectionUI - true FF - user.js: gecko.buildID - 20130104151925 FF - user.js: gecko.mstone - 18.0 FF - user.js: idle.lastDailyNotification - 1357764462 FF - user.js: intl.charsetmenu.browser.cache - windows-1252, ISO-8859-1, UTF-8 FF - user.js: network.cookie.prefsMigrated - true FF - user.js: network.proxy.type - 0 FF - user.js: places.database.lastMaintenance - 1357764462 FF - user.js: places.history.enabled - false FF - user.js: places.history.expiration.transient_current_max_pages - 80267 FF - user.js: pref.privacy.disable_button.cookie_exceptions - false FF - user.js: pref.privacy.disable_button.view_cookies - false FF - user.js: privacy.sanitize.didShutdownSanitize - true FF - user.js: privacy.sanitize.migrateFx3Prefs - true FF - user.js: privacy.sanitize.sanitizeOnShutdown - true FF - user.js: security.warn_viewing_mixed - false FF - user.js: services.sync.clients.lastSync - 0 FF - user.js: services.sync.clients.lastSyncLocal - 0 FF - user.js: services.sync.globalScore - 0 FF - user.js: services.sync.migrated - true FF - user.js: services.sync.nextSync - 0 FF - user.js: services.sync.tabs.lastSync - 0 FF - user.js: services.sync.tabs.lastSyncLocal - 0 FF - user.js: signon.rememberSignons - false FF - user.js: storage.vacuum.last.index - 1 FF - user.js: storage.vacuum.last.places.sqlite - 1356897692 FF - user.js: toolkit.startup.last_success - 1362638567 FF - user.js: toolkit.telemetry.prompted - 2 FF - user.js: toolkit.telemetry.rejected - true FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1365230576 FF - user.js: xpinstall.whitelist.add - FF - user.js: xpinstall.whitelist.add.180 - FF - user.js: xpinstall.whitelist.add.36 - . - - - - CHIAVI ORFANE RIMOSSE - - - - . WebBrowser-{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - (no file) HKCU-Run-AdobeBridge - (no file) Notify-TPSvc - TPSvc.dll SafeBoot-WudfPf SafeBoot-WudfRd MSConfigStartUp-SearchSettings - c:\programmi\File comuni\Spigot\Search Settings\SearchSettings.exe AddRemove-Adobe Acrobat 4.0 - c:\windows\ISUN0410.EXE . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-04-03 00:30 Windows 5.1.2600 Service Pack 3 NTFS . scansione processi nascosti ... . scansione entrate autostart nascoste ... . Scansione files nascosti ... . Scansione completata con successo Files nascosti: 0 . ************************************************************************** . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,cb,0f,b0,90,d0,99,fa,4f,81,5b,27,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,cb,0f,b0,90,d0,99,fa,4f,81,5b,27,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version] "Version"=hex:e5,43,10,f6,94,47,72,77,b7,94,76,d0,42,52,10,f6,3b,ff,ca,a3,9a, 37,c4,3b,f0,f9,3c,be,c2,ae,2f,01,b9,24,c1,ad,fd,ef,f7,4e,8c,e8,b0,11,bf,27,\ . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version] "Version"=hex:e5,43,10,f6,94,47,72,77,b7,94,76,d0,42,52,10,f6,3b,ff,ca,a3,9a, 37,c4,3b,f0,f9,3c,be,c2,ae,2f,01,b9,24,c1,ad,fd,ef,f7,4e,8c,e8,b0,11,bf,27,\ . --------------------- Dlls caricate dai processi in esecuzione --------------------- . - - - - - - - > 'winlogon.exe'(700) c:\programmi\File comuni\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . Ora fine scansione: 2013-04-03 00:33:11 ComboFix-quarantined-files.txt 2013-04-02 22:33 ComboFix2.txt 2009-02-11 17:10 ComboFix3.txt 2009-02-01 15:14 ComboFix4.txt 2009-01-30 17:25 ComboFix5.txt 2009-03-13 07:57 . Pre-Run: 15,594,532,864 byte disponibili Post-Run: 16,333,766,656 byte disponibili . - - End Of File - - 75F3EB6C5EC09AA6B437D22F07B44942
  5. azzzzz....come fà ad esserci una linguetta del log ??? si, sò dov'è, ed è proprio li che sono andato a cancellarlo..... ho provato anche con " cerca " dandogli combofix .txt ma non lo trova.... ma la linguetta del log di cui parli è di combofix ??? se si, non riesco a capire come possa esserci..
  6. allora, ti posto quello di MBAM appena fatto: mondoMalwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Versione database: v2013.04.02.15 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 bibbuccio :: DESK1 [amministratore] 2013-04-04 22:48:17 mbam-log-2013-04-04 (22-48-17).txt Tipo di scansione: Scansione veloce Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM Opzioni di scansione disattivate: P2P Elementi esaminati: 257176 Tempo impiegato: 6 minuti, 22 secondi Processi rilevati in memoria: 0 (non sono stati rilevati elementi nocivi) Moduli di memoria rilevati: 0 (non sono stati rilevati elementi nocivi) Chiavi di registro rilevate: 0 (non sono stati rilevati elementi nocivi) Valori di registro rilevati: 0 (non sono stati rilevati elementi nocivi) Voci rilevate nei dati di registro: 0 (non sono stati rilevati elementi nocivi) Cartelle rilevate: 0 (non sono stati rilevati elementi nocivi) File rilevati: 0 (non sono stati rilevati elementi nocivi) (fine)
  7. eh.....na parola.....quando ho visto che tutto funzionava, l'ho buttato....se lo rifaccio ora non si vede nulla...
  8. ho disattivato il punto di ripristino, poi ho dato una passata di combofix, poi ho ho setacciato il tutto con Spybot - Search & Destroy, poi con Malwarebytes Anti-Malware dopodichè ho ripulito tutto con CCleaner.... il tutto in modalità provvisoria e ad ogni riavvio avviavo sempre in modalità provvisoria.... dopodichè ho staccato internet, ho chiuso l'antivirus, ho chiuso il firewall, ho rifatto gli stessi passaggi in modalità normale e tutto è uscito fuori pulito.... ho riavviato il pc, ho riabilitato il punto di ripristino, ho fatto una scansione con l'antivirus e tutto risulta pulito... il pc è tornato una scheggia, ora naviga bene,non ha più i problemi di lentezza di prima, tutti i programmi aprono immediatamente e non si pianta più quando è sotto sforzo.... mi ritengo soddisfatto dai.....può andare ^_^
  9. Grazie mille.....ho risolto stamane alle 10 ma prima d'ora non ho potuto avvertirvi....infinite grazie per l'interessamento...
  10. ok....come li preferisci in modalità provvisoria o in modalità normale ???
  11. ah....ok....scusami...pensavo che non fosse stato letto....sono in attesa ^_______^
  12. Qualcuno mi aiuta ???
  13. Salve ragazzi.... seguendo il percorso Document e setting/ fabrizio/ impostazioni locali, trovo un file che si chiama Chronic.exe.... crea problema, rallenta il pc e dà problemi alla connessione... ho provato a debellarlo andando in modalità provvisoria, l'ho scovato e cancellato con Spybot - Search & Destroy, poi con Malwarebytes Anti-Malware, poi con HijackThis, e infine ho ripulito con CCleaner..... non c'è verso di toglierlo e i problemi continuano.... potete aiutarmi cortesemente ??? Grazie... Fabrizio
  14. no...tutto a posto.... grazie infinite a voi....
  15. Grazie mille.... ho scaricato e istallato come da tua informazione... ecco il log dopo aver usato LopS&D: --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Pentium® Dual CPU E2180 @ 2.00GHz ) BIOS : Default System BIOS USER : bibbuccio ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) C:\ (Local Disk) - NTFS - Total:58 Go (Free:39 Go) D:\ (Local Disk) - NTFS - Total:239 Go (Free:146 Go) E:\ (CD or DVD) F:\ (CD or DVD) G:\ (USB) H:\ (USB) I:\ (USB) J:\ (USB) M:\ (USB) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [2] ( 2009-09-12|19:01 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX Deleted! - C:\DOCUME~1\ALLUSE~1\DATIAP~1\Mapi Meta Book Bits\Comp cdrom.dat Deleted! - C:\DOCUME~1\ALLUSE~1\DATIAP~1\Mapi Meta Book Bits\poke upload.dat Deleted! - C:\DOCUME~1\ALLUSE~1\DATIAP~1\Mapi Meta Book Bits\poke upload.exe Deleted! - C:\DOCUME~1\BIBBUC~1\DATIAP~1\facefi~1\dwekftnq.exe Deleted! - C:\DOCUME~1\BIBBUC~1\DATIAP~1\facefi~1\thatway.exe Deleted! - C:\DOCUME~1\BIBBUC~1\DATIAP~1\facefi~1\UpBarbPlan.exe Deleted! - C:\DOCUME~1\BIBBUC~1\Cookies\bibbuccio@www.adserver5[1].txt Deleted! - C:\DOCUME~1\BIBBUC~1\Cookies\bibbuccio@adultfriendfinder[1].txt Deleted! - C:\WINDOWS\Tasks\A6C3A1CE91842026.job Deleted! - C:\DOCUME~1\ALLUSE~1\DATIAP~1\Mapi Meta Book Bits Deleted! - C:\DOCUME~1\BIBBUC~1\DATIAP~1\facefi~1 Deleted! - C:\Programmi\facefi~1 - [ Hosts file ] .. Restored! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing folders in DATIAP~1 [2008-12-06|23:55] C:\DOCUME~1\ALLUSE~1\DATIAP~1\ACD Systems [2009-01-09|04:51] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe [2008-08-05|13:03] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe Systems [2008-08-05|08:56] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Ahead [2008-08-22|12:27] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Apple Computer [2009-04-29|16:53] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Avira [2008-12-07|18:29] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Elaborate Bytes [2008-08-26|08:12] C:\DOCUME~1\ALLUSE~1\DATIAP~1\EnterNHelp [2009-07-02|21:59] C:\DOCUME~1\ALLUSE~1\DATIAP~1\EPSON [2009-03-11|16:27] C:\DOCUME~1\ALLUSE~1\DATIAP~1\FLEXnet [2009-01-17|11:31] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Installations [2008-08-22|12:35] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Kodak [2009-01-16|14:15] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Malwarebytes [2008-09-24|22:40] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Messenger Plus! [2009-04-03|22:16] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft [2009-09-09|00:54] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft Help [2008-08-26|08:12] C:\DOCUME~1\ALLUSE~1\DATIAP~1\MIDI Patch Names [2008-08-05|14:01] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Minnetonka Audio Software [2008-08-26|08:12] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Multipressor [2008-11-27|23:57] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Nokia [2008-11-06|13:51] C:\DOCUME~1\ALLUSE~1\DATIAP~1\NokiaMusic [2009-02-18|09:06] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Office Genuine Advantage [2008-11-06|17:30] C:\DOCUME~1\ALLUSE~1\DATIAP~1\PC Suite [2008-09-18|13:52] C:\DOCUME~1\ALLUSE~1\DATIAP~1\PhotoME [2008-12-05|16:38] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Pinnacle [2008-12-05|16:42] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Pinnacle VideoSpin [2008-12-01|23:12] C:\DOCUME~1\ALLUSE~1\DATIAP~1\pISE_lic_file [2008-09-25|14:24] C:\DOCUME~1\ALLUSE~1\DATIAP~1\SlySoft [2009-09-09|15:20] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Spybot - Search & Destroy [2008-08-05|08:46] C:\DOCUME~1\ALLUSE~1\DATIAP~1\UDL [2008-08-26|08:12] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Ultima_T15 [2008-12-05|16:39] C:\DOCUME~1\ALLUSE~1\DATIAP~1\VideoSpin [2008-08-05|11:18] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Windows Genuine Advantage [2008-08-05|13:05] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Yahoo! Companion [0|File] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte [36|Directory] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte disponibili [2008-12-06|23:56] C:\DOCUME~1\BIBBUC~1\DATIAP~1\ACD Systems [2009-01-09|04:56] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Adobe [2008-09-15|15:38] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Ahead [2008-11-27|15:20] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Apple Computer [2008-11-28|11:46] C:\DOCUME~1\BIBBUC~1\DATIAP~1\AVS4YOU [2009-01-09|04:22] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Download Manager [2009-01-22|19:54] C:\DOCUME~1\BIBBUC~1\DATIAP~1\dvdcss [2008-10-14|21:08] C:\DOCUME~1\BIBBUC~1\DATIAP~1\EPSON [2008-08-05|09:13] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Help [2008-08-04|21:33] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Identities [2008-08-04|21:40] C:\DOCUME~1\BIBBUC~1\DATIAP~1\InstallShield [2009-01-16|14:21] C:\DOCUME~1\BIBBUC~1\DATIAP~1\IObit [2009-06-19|12:33] C:\DOCUME~1\BIBBUC~1\DATIAP~1\JPEGsnoop [2008-08-04|23:02] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Macromedia [2009-01-16|14:15] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Malwarebytes [2009-08-23|00:20] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Microsoft [2008-09-15|12:54] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Mozilla [2008-09-15|12:54] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Netscape [2009-04-12|22:32] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Nik Software [2008-08-22|12:31] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Nikon [2008-11-07|19:11] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Nokia [2008-11-06|17:33] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Nseries [2009-01-08|23:41] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Opera [2008-12-05|18:49] C:\DOCUME~1\BIBBUC~1\DATIAP~1\PC Suite [2008-09-15|12:53] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Photodex [2008-12-09|00:18] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Real [2009-02-06|16:49] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Shareaza [2008-08-22|18:05] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Skinux [2008-11-30|21:42] C:\DOCUME~1\BIBBUC~1\DATIAP~1\streamripper [2008-11-12|15:05] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Sun [2009-08-23|00:29] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Titanium Gears [2009-03-18|00:41] C:\DOCUME~1\BIBBUC~1\DATIAP~1\uTorrent [2008-08-06|00:05] C:\DOCUME~1\BIBBUC~1\DATIAP~1\vlc [2008-08-09|12:33] C:\DOCUME~1\BIBBUC~1\DATIAP~1\Winamp [0|File] C:\DOCUME~1\BIBBUC~1\DATIAP~1\byte [36|Directory] C:\DOCUME~1\BIBBUC~1\DATIAP~1\byte disponibili [2008-08-04|21:30] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Microsoft [0|File] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte [3|Directory] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte disponibili [2008-08-05|11:23] C:\DOCUME~1\LOCALS~1\DATIAP~1\Microsoft [0|File] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte [3|Directory] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte disponibili [2008-08-04|21:30] C:\DOCUME~1\NETWOR~1\DATIAP~1\Microsoft [0|File] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte [3|Directory] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte disponibili --------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks [2009-09-12 18:46][--ah-----] C:\WINDOWS\tasks\SA.DAT [2003-04-08 21:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [2003-04-08 21:00][--ahs----] C:\WINDOWS\tasks\FOLDER.TSX --------------------\\ Listing Folders in C:\Programmi [2008-08-25|23:14] C:\Programmi\7-Zip [2008-08-12|14:40] C:\Programmi\ABBYY FineReader 6.0 Sprint [2008-12-23|10:06] C:\Programmi\AC3Filter [2008-12-15|14:42] C:\Programmi\ACD Systems [2009-01-09|04:52] C:\Programmi\Adobe [2009-01-09|04:50] C:\Programmi\Adobe Media Player [2008-08-05|08:57] C:\Programmi\Ahead [2009-04-29|16:53] C:\Programmi\Avira [2008-08-04|22:54] C:\Programmi\Bonjour [2009-02-01|17:31] C:\Programmi\CCleaner [2009-08-22|14:51] C:\Programmi\Conduit [2009-02-20|23:53] C:\Programmi\Crystal Software [2008-12-23|10:02] C:\Programmi\DivX [2009-03-26|19:55] C:\Programmi\DynamicPhotoHDR4 [2008-09-25|14:29] C:\Programmi\Elaborate Bytes [2009-09-09|11:04] C:\Programmi\eMule [2009-07-02|22:00] C:\Programmi\epson [2009-08-22|08:14] C:\Programmi\Er Finestra [2009-08-22|01:32] C:\Programmi\FDRLab [2009-04-03|22:12] C:\Programmi\File comuni [2009-04-27|18:33] C:\Programmi\ImageShackToolbar [2008-11-02|15:55] C:\Programmi\InstallShield Installation Information [2008-08-04|21:36] C:\Programmi\Intel [2009-07-29|19:40] C:\Programmi\Internet Explorer [2009-01-16|14:21] C:\Programmi\IObit [2008-12-15|11:43] C:\Programmi\Java [2008-12-23|10:06] C:\Programmi\Ligos [2009-08-23|00:25] C:\Programmi\Loquendo [2009-09-11|10:26] C:\Programmi\Malwarebytes' Anti-Malware [2008-08-13|15:31] C:\Programmi\Messenger [2009-02-11|22:33] C:\Programmi\Messenger Plus! Live [2009-04-03|22:18] C:\Programmi\Microsoft [2008-08-04|21:30] C:\Programmi\microsoft frontpage [2008-08-04|23:33] C:\Programmi\Microsoft Office [2009-04-03|22:18] C:\Programmi\Microsoft Office Outlook Connector [2009-09-09|01:55] C:\Programmi\Microsoft Silverlight [2008-08-04|23:33] C:\Programmi\Microsoft Visual Studio [2008-08-04|23:31] C:\Programmi\Microsoft Visual Studio 8 [2008-08-04|23:33] C:\Programmi\Microsoft Works [2008-08-04|23:32] C:\Programmi\Microsoft.NET [2008-08-05|10:57] C:\Programmi\Mjuice Media Player [2008-08-07|14:41] C:\Programmi\Movie Maker [2008-11-30|21:25] C:\Programmi\mp3DirectCut [2008-11-06|13:58] C:\Programmi\MSBuild [2008-08-04|21:28] C:\Programmi\MSN [2008-08-04|21:28] C:\Programmi\MSN Gaming Zone [2009-04-03|22:17] C:\Programmi\MSN Messenger [2008-08-04|21:35] C:\Programmi\MSXML 4.0 [2008-11-06|14:09] C:\Programmi\MSXML 6.0 [2009-08-22|15:01] C:\Programmi\Music Oasis [2009-08-22|14:51] C:\Programmi\myBabylon_English [2008-08-05|12:19] C:\Programmi\Neat Image [2008-08-07|14:39] C:\Programmi\NetMeeting [2009-03-29|22:59] C:\Programmi\Nikon [2008-12-23|10:03] C:\Programmi\NimoCodec Pack [2009-01-17|11:32] C:\Programmi\Nokia [2008-09-14|08:07] C:\Programmi\Opanda [2009-08-12|07:37] C:\Programmi\Outlook Express [2009-01-17|11:31] C:\Programmi\PC Connectivity Solution [2008-09-23|13:53] C:\Programmi\Photodex [2009-09-11|23:59] C:\Programmi\Photodex Presenter [2009-04-06|12:41] C:\Programmi\Photomatix [2008-08-05|22:53] C:\Programmi\PhotomatixPro3 [2008-09-18|13:52] C:\Programmi\PhotoME [2008-10-04|21:46] C:\Programmi\PictureCode [2008-12-05|16:46] C:\Programmi\Pinnacle [2008-11-02|15:55] C:\Programmi\PIXELA [2008-08-22|12:27] C:\Programmi\QuickTime [2008-12-08|23:57] C:\Programmi\Real [2008-08-04|21:42] C:\Programmi\Realtek [2008-11-06|13:55] C:\Programmi\Reference Assemblies [2008-09-02|17:31] C:\Programmi\RescuePRO Deluxe [2009-02-02|18:01] C:\Programmi\Riva [2009-08-23|00:26] C:\Programmi\ScanSoft [2008-08-04|21:28] C:\Programmi\Servizi in linea [2008-08-05|11:19] C:\Programmi\Shareaza Applications [2009-04-12|22:09] C:\Programmi\SharkMate [2008-09-25|14:22] C:\Programmi\SlySoft [2008-11-02|15:54] C:\Programmi\Sony Corporation [2009-09-11|10:25] C:\Programmi\Spybot - Search & Destroy [2008-12-05|20:07] C:\Programmi\Toshiba [2009-02-01|22:30] C:\Programmi\Trend Micro [2008-08-04|21:33] C:\Programmi\Uninstall Information [2009-01-06|18:03] C:\Programmi\uTorrent [2008-08-06|00:03] C:\Programmi\VideoLAN [2008-08-09|12:33] C:\Programmi\Winamp [2009-04-03|22:17] C:\Programmi\Windows Live [2009-04-03|22:16] C:\Programmi\Windows Live SkyDrive [2008-08-05|11:23] C:\Programmi\Windows Media Connect 2 [2008-08-07|14:39] C:\Programmi\Windows Media Player [2008-08-07|14:39] C:\Programmi\Windows NT [2008-08-04|22:01] C:\Programmi\WindowsUpdate [2008-08-05|09:25] C:\Programmi\WinRAR [2008-08-05|09:13] C:\Programmi\WinZip [2008-08-04|21:30] C:\Programmi\xerox [2009-08-22|01:32] C:\Programmi\XviD [2008-08-05|12:54] C:\Programmi\Yahoo! [0|File] C:\Programmi\byte [99|Directory] C:\Programmi\byte disponibili --------------------\\ Listing Folders in C:\Programmi\File comuni [2008-12-15|14:42] C:\Programmi\File comuni\ACD Systems [2009-01-09|04:51] C:\Programmi\File comuni\Adobe [2009-01-08|19:15] C:\Programmi\File comuni\Adobe AIR [2009-01-08|21:18] C:\Programmi\File comuni\Adobe Systems Shared [2008-08-05|08:56] C:\Programmi\File comuni\Ahead [2008-08-04|23:33] C:\Programmi\File comuni\DESIGNER [2008-11-02|15:54] C:\Programmi\File comuni\InstallShield [2008-11-12|15:05] C:\Programmi\File comuni\Java [2008-08-22|17:49] C:\Programmi\File comuni\Kodak [2008-08-04|22:49] C:\Programmi\File comuni\Macrovision Shared [2009-04-03|22:16] C:\Programmi\File comuni\Microsoft Shared [2008-08-04|21:29] C:\Programmi\File comuni\MSSoap [2008-11-06|17:21] C:\Programmi\File comuni\muvee Technologies [2009-03-29|22:59] C:\Programmi\File comuni\Nikon [2009-01-17|11:32] C:\Programmi\File comuni\Nokia [2008-08-04|22:26] C:\Programmi\File comuni\ODBC [2009-01-17|11:32] C:\Programmi\File comuni\PCSuite [2008-12-08|23:57] C:\Programmi\File comuni\Real [2008-08-04|21:29] C:\Programmi\File comuni\Services [2008-08-04|22:26] C:\Programmi\File comuni\SpeechEngines [2009-02-02|18:02] C:\Programmi\File comuni\SWF Studio [2009-04-03|22:18] C:\Programmi\File comuni\System [2009-04-03|22:12] C:\Programmi\File comuni\Windows Live [2008-12-08|23:57] C:\Programmi\File comuni\xing shared [0|File] C:\Programmi\File comuni\byte [26|Directory] C:\Programmi\File comuni\byte disponibili --------------------\\ Process ( 39 Processes ) ... OK ! --------------------\\ Searching with S_Lop No Lop folder found ! --------------------\\ Searching for Lop Files - Folders No Lop folder found ! --------------------\\ Searching within the Registry ..... OK ! --------------------\\ Checking the Hosts file Hosts file CLEAN --------------------\\ Searching for hidden files with Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-09-12 19:02:30 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 2 --------------------\\ Searching for other infections No other infections found ! [F:36][D:3]-> C:\DOCUME~1\BIBBUC~1\IMPOST~1\Temp [F:140][D:0]-> C:\DOCUME~1\BIBBUC~1\Cookies [F:3120][D:20]-> C:\DOCUME~1\BIBBUC~1\IMPOST~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 2009-09-12|19:00 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 2009-09-12|19:03 - Option : [2] --------------------\\ Scan completed at 19:03:07