festav

Antivirus Disattivato

Iniziato da festav,

7 messaggi in questa discussione

Inviato

Eccomi qui di nuovo, salve a tutti, accendendo oggi il computer si è disattivato da solo avast antivirus e non riesco a riattivarlo (ho windows XP, esce scritto il messaggio di warning con lo scudo rosso e crove bianca "antivirus disattivato" ho fatto sia uno scan con hijack si usato cccleaner sia combofix, allego i logs

help please!

Grazie, Vic

log_hijackthis.txt

logcombofix.txt

Condividi questo messaggio

Link di questo messaggio
Condividi su altri siti

Inviato

ciao angelique

purtroppo kaspersky si blocca dopo un poco facendo riavviare in automatico il computer

prima con mozilla firefox poi con internet explorer fa lo stesso, ho provato a rimuovere avast antivirus e fa lo stesso

che devo fare?

grazie, V

Condividi questo messaggio

Link di questo messaggio
Condividi su altri siti

Inviato

Ciao festav,

Scarica TFC by OldTimer sul desktop

http://oldtimer.geekstogo.com/TFC.exe

chiudi tutti i programmi

avvia TFC, clicca su "star"

al termine della scansione ti chiederà il riavvio, dai ok

Scarica OTS.exe by OldTimer sul desktop

http://oldtimer.geekstogo.com/OTS.exe

chiudi tutti i programmi

avvia OTS, seleziona "scan all users"

clicca su "Run Scan"

salva il report ed allegalo nella tua risposta

:P:)

Condividi questo messaggio

Link di questo messaggio
Condividi su altri siti

Inviato (modificato)

ok fatto tutto quanto mi hai detto

ecco il log (era più grande di 100k e l'ho dovuto incollare qui)

grazie!!!, V ps angelique dove seiii!!!!

OTS logfile created on: 28/09/2009 12.35.02 - Run 3
OTS by OldTimer - Version 3.0.15.1	 Folder = C:\Documents and Settings\viki\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

447,48 Mb Total Physical Memory | 44,43 Mb Available Physical Memory | 9,93% Memory free
1,03 Gb Paging File | 0,73 Gb Available in Paging File | 70,83% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 55,88 Gb Total Space | 44,15 Gb Free Space | 79,00% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 418,24 Gb Total Space | 412,69 Gb Free Space | 98,67% Space Free | Partition Type: NTFS

Computer Name: YOUR-EEE5D5ECF1
Current User Name: viki
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days

[Processes - Safe List]
acrotray.exe -> C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe -> [2004/12/14 02.12.02 | 00,483,328 | ---- | M] (Adobe Systems Inc.)
acs.exe -> C:\WINDOWS\System32\ACS.exe -> [2004/07/07 16.16.24 | 00,036,864 | ---- | M] ()
agrsmmsg.exe -> C:\WINDOWS\AGRSMMSG.exe -> [2004/02/21 00.00.28 | 00,088,363 | ---- | M] (Agere Systems)
ati2evxx.exe -> C:\WINDOWS\System32\Ati2evxx.exe -> [2004/03/10 05.27.00 | 00,397,312 | ---- | M] ()
ati2evxx.exe -> C:\WINDOWS\System32\Ati2evxx.exe -> [2004/03/10 05.27.00 | 00,397,312 | ---- | M] ()
atiptaxx.exe -> C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe -> [2004/03/09 21.10.00 | 00,335,872 | ---- | M] (ATI Technologies, Inc.)
cfsvcs.exe -> C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe -> [2004/06/17 01.44.06 | 00,036,864 | ---- | M] (TOSHIBA CORPORATION)
datalayer.exe -> C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe -> [2005/03/31 10.30.52 | 01,106,944 | ---- | M] (Nokia Mobile Phones Ltd.)
explorer.exe -> C:\WINDOWS\Explorer.EXE -> [2008/04/14 04.14.07 | 01,036,288 | ---- | M] (Microsoft Corporation)
firefox.exe -> C:\Programmi\Mozilla Firefox\firefox.exe -> [2009/08/30 09.32.50 | 00,908,280 | ---- | M] (Mozilla Corporation)
googletoolbarnotifier.exe -> C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2007/06/29 14.27.26 | 00,068,856 | ---- | M] (Google Inc.)
jqs.exe -> C:\Programmi\Java\jre6\bin\jqs.exe -> [2009/09/22 13.13.54 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.)
jusched.exe -> C:\Programmi\Java\jre6\bin\jusched.exe -> [2009/09/22 13.13.54 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.)
launchapplication.exe -> C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -> [2005/03/22 10.39.34 | 00,167,936 | ---- | M] (Nokia)
mdm.exe -> C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/19 23.25.00 | 00,322,120 | ---- | M] (Microsoft Corporation)
msmsgs.exe -> C:\Programmi\Messenger\msmsgs.exe -> [2008/04/14 04.14.13 | 01,695,232 | ---- | M] (Microsoft Corporation)
ndstray.exe -> C:\Programmi\TOSHIBA\ConfigFree\NDSTray.exe -> [2004/07/14 06.51.04 | 00,892,928 | ---- | M] (TOSHIBA CORPORATION)
network adapter manager.exe -> C:\Programmi\Sierra Wireless Inc\Network Adapter Manager\Network Adapter Manager.exe -> [2004/06/02 18.25.32 | 00,159,744 | ---- | M] (Sierra Wireless Inc.)
nmbgmonitor.exe -> C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe -> [2005/09/16 09.47.44 | 00,094,208 | ---- | M] (Nero AG)
ots.exe -> C:\Documents and Settings\viki\Desktop\OTS.exe -> [2009/09/28 12.31.42 | 00,517,120 | ---- | M] (OldTimer Tools)
padexe.exe -> C:\Programmi\TOSHIBA\PadTouch\PadExe.exe -> [2004/02/12 11.45.58 | 01,019,904 | ---- | M] (TOSHIBA)
servic~1.exe -> C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe -> [2005/03/22 13.27.16 | 00,097,792 | ---- | M] (Nokia.)
siscmon.exe -> C:\WINDOWS\System32\siscmon.exe -> [2003/11/27 11.15.02 | 00,147,456 | ---- | M] ()
skype.exe -> C:\Programmi\Skype\Phone\Skype.exe -> [2009/05/26 19.41.16 | 24,264,488 | R--- | M] (Skype Technologies S.A.)
skypepm.exe -> C:\Programmi\Skype\Plugin Manager\skypePM.exe -> [2009/05/26 19.41.16 | 00,077,360 | R--- | M] (Skype Technologies)
smoothview.exe -> C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe -> [2004/04/30 12.01.42 | 00,118,784 | ---- | M] (TOSHIBA Corporation)
syntpenh.exe -> C:\Programmi\Synaptics\SynTP\SynTPEnh.exe -> [2004/04/23 01.23.18 | 00,507,904 | ---- | M] (Synaptics, Inc.)
syntplpr.exe -> C:\Programmi\Synaptics\SynTP\SynTPLpr.exe -> [2004/04/23 01.23.44 | 00,098,304 | ---- | M] (Synaptics, Inc.)
tfncky.exe -> C:\Programmi\TOSHIBA\TOSHIBA Controls\TFncKy.exe -> [2004/04/27 15.01.48 | 00,114,688 | ---- | M] (TOSHIBA Corporation)
thotkey.exe -> C:\Programmi\Toshiba\Toshiba Applet\thotkey.exe -> [2004/08/16 16.08.56 | 00,430,080 | ---- | M] (TOSHIBA)
tpsbattm.exe -> C:\WINDOWS\System32\TPSBattM.exe -> [2004/08/12 13.44.06 | 00,040,960 | ---- | M] (TOSHIBA Corporation)
winword.exe -> C:\Programmi\Microsoft Office\OFFICE11\WINWORD.EXE -> [2003/08/06 21.24.20 | 12,037,688 | ---- | M] (Microsoft Corporation)
wscntfy.exe -> C:\WINDOWS\System32\wscntfy.exe -> [2008/04/14 04.14.25 | 00,013,824 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
(ACS) Atheros Configuration Service [Win32_Own | Auto | Running] -> C:\WINDOWS\System32\ACS.exe -> [2004/07/07 16.16.24 | 00,036,864 | ---- | M] ()
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe -> [2008/10/16 11.47.17 | 00,069,632 | ---- | M] (Adobe Systems)
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -> [2003/02/20 19.19.38 | 00,032,768 | ---- | M] (Microsoft Corporation)
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> C:\WINDOWS\System32\Ati2evxx.exe -> [2004/03/10 05.27.00 | 00,397,312 | ---- | M] ()
(CFSvcs) ConfigFree Service [Win32_Own | Auto | Running] -> C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe -> [2004/06/17 01.44.06 | 00,036,864 | ---- | M] (TOSHIBA CORPORATION)
(gupdate1c9ef15406bf19c) Servizio di Google Update (gupdate1c9ef15406bf19c) [Win32_Own | Auto | Stopped] -> C:\Programmi\Google\Update\GoogleUpdate.exe -> [2009/06/17 08.31.21 | 00,133,104 | ---- | M] (Google Inc.)
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2007/06/13 16.56.51 | 00,138,168 | ---- | M] (Google)
(helpsvc) Guida in linea e supporto tecnico [Win32_Shared | Auto | Running] -> C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -> [2008/04/14 04.13.49 | 00,038,400 | ---- | M] (Microsoft Corporation)
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe -> [2005/11/14 02.06.04 | 00,069,632 | ---- | M] (Macrovision Corporation)
(Irmon) Monitor infrarossi [Win32_Shared | Auto | Running] -> C:\WINDOWS\System32\irmon.dll -> [2008/04/14 04.13.41 | 00,029,696 | ---- | M] (Microsoft Corporation)
(JavaQuickStarterService) Java Quick Starter [Win32_Own | Auto | Running] -> C:\Programmi\Java\jre6\bin\jqs.exe -> [2009/09/22 13.13.54 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.)
(MDM) Machine Debug Manager [Win32_Own | Auto | Running] -> C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/19 23.25.00 | 00,322,120 | ---- | M] (Microsoft Corporation)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 21.28.22 | 00,089,136 | ---- | M] (Microsoft Corporation)
(WMPNetworkSvc) Servizio di condivisione in rete Windows Media Player [Win32_Own | On_Demand | Stopped] -> C:\Programmi\Windows Media Player\WMPNetwk.exe -> [2006/11/02 23.56.50 | 00,918,528 | ---- | M] (Microsoft Corporation)

[Driver Services - Safe List]
(ACGPRS) Sierra Wireless EDGE Adapter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\acgprs.sys -> [2006/02/08 19.53.38 | 00,084,224 | ---- | M] (Sierra Wireless Inc.)
(AgereSoftModem) TOSHIBA V92 Software Modem [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\AGRSM.sys -> [2004/02/21 00.00.44 | 01,265,388 | ---- | M] (Agere Systems)
(ALCXSENS) Service for WDM 3D Audio Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\ALCXSENS.SYS -> [2004/02/24 20.08.52 | 00,400,384 | ---- | M] (Sensaura)
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\ALCXWDM.SYS -> [2004/02/27 09.50.38 | 00,611,820 | ---- | M] (Realtek Semiconductor Corp.)
(AR5211) Atheros Wireless Network Adapter Service [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\ar5211.sys -> [2004/05/28 11.45.02 | 00,390,944 | ---- | M] (Atheros Communications, Inc.)
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -> [2004/03/10 05.28.38 | 00,680,448 | ---- | M] (ATI Technologies Inc.)
(atiide) atiide [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\atiide.sys -> [2004/04/14 23.52.22 | 00,005,632 | R--- | M] (ATI Technologies Inc.)
(caboagp) ATI Cabo AGP Filter [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\atisgkaf.sys -> [2003/10/27 22.59.00 | 00,013,842 | ---- | M] (ATI Technologies Inc.)
(MDC8021X) AEGIS Protocol (IEEE 802.1x) v2.3.1.10 [Kernel | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\mdc8021x.sys -> [2006/02/08 19.05.27 | 00,015,890 | ---- | M] (Meetinghouse Data Communications)
(mf) mf [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\mf.sys -> [2008/04/13 20.36.41 | 00,063,744 | ---- | M] (Microsoft Corporation)
(Netdevio) TOSHIBA Network Device Usermode I/O Protocol [Kernel | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\netdevio.sys -> [2003/01/29 23.35.00 | 00,012,032 | ---- | M] (TOSHIBA Corporation.)
(Nokia USB Generic) Nokia USB Generic [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\drivers\nmwcdc.sys -> [2005/02/15 17.57.54 | 00,006,300 | ---- | M] (Nokia)
(Nokia USB Modem) Nokia USB Modem [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\drivers\nmwcdcm.sys -> [2005/02/15 17.57.54 | 00,009,021 | ---- | M] (Nokia)
(Nokia USB Phone Parent) Nokia USB Phone Parent [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\drivers\nmwcd.sys -> [2005/02/17 14.48.06 | 00,140,619 | ---- | M] (Nokia)
(Ptilink) Driver Direct Parallel Link [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\ptilink.sys -> [2004/08/19 12.00.00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(RTL8023) Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys -> [2003/12/06 04.53.00 | 00,068,352 | ---- | M] (Realtek Semiconductor Corporation						   )
(rtl8139) Driver NT scheda Fast Ethernet PCI Realtek basata su RTL8139 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -> [2004/08/04 00.31.34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation)
(SCR33X USB Smart Card Reader) SCR33X USB Smart Card Reader [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\SCR33X2K.sys -> [2004/04/06 05.24.00 | 00,064,088 | ---- | M] (SCM Microsystems Inc.)
(SCR3xx USB Smart Card Reader) SCR3xx USB Smart Card Reader [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\SCR3XX2K.sys -> [2006/02/10 05.31.00 | 00,046,848 | ---- | M] (SCM Microsystems Inc.)
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\secdrv.sys -> [2007/11/13 12.25.54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(SMCIRDA) SMC IrCC Miniport Device Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\smcirda.sys -> [2002/11/06 01.00.46 | 00,039,424 | ---- | M] (SMC)
(STC2DFU) STCII DFU Adapter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\Stc2Dfu.SYS -> [2004/10/25 01.04.00 | 00,007,796 | R--- | M] (SCM Microsystems Inc.)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\SynTP.sys -> [2004/04/23 01.18.48 | 00,182,688 | ---- | M] (Synaptics, Inc.)
(TVALD) Toshiba Mobile PC Service [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\NBSMI.sys -> [2004/07/26 14.28.02 | 00,004,352 | ---- | M] (Toshiba Corporation)
(WinDriver6) WinDriver6 [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\windrvr6.sys -> [2003/05/21 19.58.00 | 00,253,672 | ---- | M] (Jungo)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" ->  [binary data] -> 
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> 
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> 
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> 
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\] > -> -> 
HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> 
HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\: Main\\"Start Page" -> http://www.protectionsystems.it/ -> 
HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\: URLSearchHooks\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> Reg Error: Key error. [Yahoo! Toolbar con blocco Pop-Up] -> File not found
HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\: "ProxyEnable" -> 0 -> 
HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\: "ProxyOverride" -> 127.0.0.1 -> 
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\viki\Dati applicazioni\Mozilla\FireFox\Profiles\8rvqymyk.default\prefs.js -> 
extensions.enabledItems -> {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16 ->
extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com -> C:\PROGRAMMI\JAVA\JRE6\LIB\DEPLOY\JQS\FF [C:\PROGRAMMI\JAVA\JRE6\LIB\DEPLOY\JQS\FF] -> [2009/09/22 13.13.56 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components -> C:\PROGRAMMI\MOZILLA FIREFOX\COMPONENTS [C:\PROGRAMMI\MOZILLA FIREFOX\COMPONENTS] -> [2009/08/30 09.33.11 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins -> C:\PROGRAMMI\MOZILLA FIREFOX\PLUGINS [C:\PROGRAMMI\MOZILLA FIREFOX\PLUGINS] -> [2009/09/22 13.14.19 | 00,000,000 | ---D | M]
< FireFox Extensions [User Folders] > -> 
-> C:\Documents and Settings\viki\Dati applicazioni\mozilla\Extensions -> [2008/12/29 12.15.34 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\viki\Dati applicazioni\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} -> [2008/12/29 12.15.34 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\viki\Dati applicazioni\mozilla\Firefox\Profiles\8rvqymyk.default\extensions -> [2009/09/22 19.26.33 | 00,101,559 | ---- | M] ()
< FireFox Extensions [Program Folders] > -> 
-> C:\PROGRAMMI\MOZILLA FIREFOX\extensions -> [2009/08/30 09.33.11 | 10,728,440 | ---- | M] (Mozilla Foundation)
-> C:\PROGRAMMI\MOZILLA FIREFOX\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2009/08/30 09.33.11 | 10,728,440 | ---- | M] (Mozilla Foundation)
-> C:\PROGRAMMI\MOZILLA FIREFOX\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} -> [2009/08/30 09.33.11 | 10,728,440 | ---- | M] (Mozilla Foundation)
< FireFox Components [Program Folders] > -> 
C:\PROGRAMMI\MOZILLA FIREFOX\components\ -> C:\PROGRAMMI\MOZILLA FIREFOX\components -> [2009/08/30 09.33.11 | 00,000,000 | ---D | M]
browserdirprovider.dll -> C:\PROGRAMMI\MOZILLA FIREFOX\components\browserdirprovider.dll -> [2009/08/30 09.32.43 | 00,023,544 | ---- | M] (Mozilla Foundation)
brwsrcmp.dll -> C:\PROGRAMMI\MOZILLA FIREFOX\components\brwsrcmp.dll -> [2009/08/30 09.32.44 | 00,137,208 | ---- | M] (Mozilla Foundation)
< FireFox Plugins [Program Folders] > -> 
C:\PROGRAMMI\MOZILLA FIREFOX\plugins\ -> C:\PROGRAMMI\MOZILLA FIREFOX\plugins -> [2009/09/22 13.14.19 | 00,000,000 | ---D | M]
npdeploytk.dll -> C:\PROGRAMMI\MOZILLA FIREFOX\plugins\npdeploytk.dll -> [2009/09/22 13.13.55 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.)
npnul32.dll -> C:\PROGRAMMI\MOZILLA FIREFOX\plugins\npnul32.dll -> [2009/08/30 09.32.57 | 00,065,016 | ---- | M] (mozilla.org)
< FireFox SearchPlugins [Program Folders] > -> 
C:\PROGRAMMI\MOZILLA FIREFOX\searchplugins\ -> C:\PROGRAMMI\MOZILLA FIREFOX\searchplugins -> [2009/08/30 09.33.11 | 00,000,000 | ---D | M]
creativecommons.xml -> C:\PROGRAMMI\MOZILLA FIREFOX\searchplugins\creativecommons.xml -> [2009/08/30 09.33.00 | 00,001,534 | ---- | M] ()
demauro.xml -> C:\PROGRAMMI\MOZILLA FIREFOX\searchplugins\demauro.xml -> [2009/08/30 09.33.00 | 00,001,412 | ---- | M] ()
eBay-it.xml -> C:\PROGRAMMI\MOZILLA FIREFOX\searchplugins\eBay-it.xml -> [2009/08/30 09.33.00 | 00,000,744 | ---- | M] ()
google.xml -> C:\PROGRAMMI\MOZILLA FIREFOX\searchplugins\google.xml -> [2009/08/30 09.33.00 | 00,002,371 | ---- | M] ()
wikipedia-it.xml -> C:\PROGRAMMI\MOZILLA FIREFOX\searchplugins\wikipedia-it.xml -> [2009/08/30 09.33.00 | 00,001,182 | ---- | M] ()
yahoo-it.xml -> C:\PROGRAMMI\MOZILLA FIREFOX\searchplugins\yahoo-it.xml -> [2009/08/30 09.33.00 | 00,000,649 | ---- | M] ()
< HOSTS File > (27 bytes and 1 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
Reset Hosts
127.0.0.1	   localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> [2004/12/14 01.56.50 | 00,063,136 | ---- | M] (Adobe Systems Incorporated)
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKLM] -> C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2009/05/26 19.41.16 | 01,088,296 | ---- | M] (Skype Technologies S.A.)
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> c:\programmi\google\googletoolbar2.dll [Google Toolbar Helper] -> [2007/01/19 23.56.20 | 02,423,872 | R--- | M] (Google Inc.)
{AE7CD045-E861-484f-8273-0445EE161910} [HKLM] -> C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [AcroIEToolbarHelper Class] -> [2004/12/14 02.13.40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Programmi\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [Google Toolbar Notifier BHO] -> [2008/10/02 12.25.09 | 00,737,776 | ---- | M] (Google Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Programmi\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/09/22 13.13.54 | 00,041,760 | ---- | M] (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2009/09/22 13.13.56 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> c:\programmi\google\googletoolbar2.dll [&Google] -> [2007/01/19 23.56.20 | 02,423,872 | R--- | M] (Google Inc.)
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [2004/12/14 02.13.40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\] > -> HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\Software\Microsoft\Internet Explorer\Toolbar\ -> 
ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
ShellBrowser\\"{C4069E3A-68F1-403E-B40E-20066696354B}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> c:\programmi\google\googletoolbar2.dll [&Google] -> [2007/01/19 23.56.20 | 02,423,872 | R--- | M] (Google Inc.)
WebBrowser\\"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [2004/12/14 02.13.40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
WebBrowser\\"{A057A204-BACC-4D26-9990-79A187E2698E}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Acrobat Assistant 7.0" -> C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe ["C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"] -> [2004/12/14 02.12.02 | 00,483,328 | ---- | M] (Adobe Systems Inc.)
"AGRSMMSG" -> C:\WINDOWS\agrsmmsg.exe [AGRSMMSG.exe] -> [2004/02/21 00.00.28 | 00,088,363 | ---- | M] (Agere Systems)
"AirCardEnabler" -> C:\Programmi\Sierra Wireless Inc\Network Adapter Manager\Network Adapter Manager.exe [C:\Programmi\Sierra Wireless Inc\Network Adapter Manager\Network Adapter Manager.exe] -> [2004/06/02 18.25.32 | 00,159,744 | ---- | M] (Sierra Wireless Inc.)
"ATIModeChange" -> C:\WINDOWS\System32\Ati2mdxx.exe [Ati2mdxx.exe] -> [2001/09/04 23.24.26 | 00,028,672 | ---- | M] (ATI Technologies, Inc.)
"ATIPTA" -> C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe [C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe] -> [2004/03/09 21.10.00 | 00,335,872 | ---- | M] (ATI Technologies, Inc.)
"DataLayer" -> C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe [C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe] -> [2005/03/31 10.30.52 | 01,106,944 | ---- | M] (Nokia Mobile Phones Ltd.)
"NDSTray.exe" ->  [NDSTray.exe] -> File not found
"NeroFilterCheck" -> C:\WINDOWS\System32\NeroCheck.exe [C:\WINDOWS\system32\NeroCheck.exe] -> [2001/07/09 11.50.42 | 00,155,648 | ---- | M] (Ahead Software Gmbh)
"PadTouch" -> C:\Programmi\TOSHIBA\PadTouch\PadExe.exe ["C:\Programmi\TOSHIBA\PadTouch\PadExe.exe] -> [2004/02/12 11.45.58 | 01,019,904 | ---- | M] (TOSHIBA)
"PCSuiteTrayApplication" -> C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe [C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray] -> [2005/03/22 10.39.34 | 00,167,936 | ---- | M] (Nokia)
"SmoothView" -> C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe [C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe] -> [2004/04/30 12.01.42 | 00,118,784 | ---- | M] (TOSHIBA Corporation)
"SunJavaUpdateSched" -> C:\Programmi\Java\jre6\bin\jusched.exe ["C:\Programmi\Java\jre6\bin\jusched.exe"] -> [2009/09/22 13.13.54 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.)
"SynTPEnh" -> C:\Programmi\Synaptics\SynTP\SynTPEnh.exe [C:\Programmi\Synaptics\SynTP\SynTPEnh.exe] -> [2004/04/23 01.23.18 | 00,507,904 | ---- | M] (Synaptics, Inc.)
"SynTPLpr" -> C:\Programmi\Synaptics\SynTP\SynTPLpr.exe [C:\Programmi\Synaptics\SynTP\SynTPLpr.exe] -> [2004/04/23 01.23.44 | 00,098,304 | ---- | M] (Synaptics, Inc.)
"TFncKy" ->  [TFncKy.exe] -> File not found
"THotkey" -> C:\Programmi\Toshiba\Toshiba Applet\thotkey.exe [C:\Programmi\Toshiba\Toshiba Applet\thotkey.exe] -> [2004/08/16 16.08.56 | 00,430,080 | ---- | M] (TOSHIBA)
"TPSMain" -> C:\WINDOWS\System32\TPSMain.exe [TPSMain.exe] -> [2004/08/12 13.44.18 | 00,266,240 | ---- | M] (TOSHIBA Corporation)
< Run [HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\] > -> HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" -> C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe ["C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"] -> [2005/09/16 09.47.44 | 00,094,208 | ---- | M] (Nero AG)
"MSMSGS" -> C:\Programmi\Messenger\msmsgs.exe ["C:\Programmi\Messenger\msmsgs.exe" /background] -> [2008/04/14 04.14.13 | 01,695,232 | ---- | M] (Microsoft Corporation)
"Skype" -> C:\Programmi\Skype\Phone\Skype.exe ["C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized] -> [2009/05/26 19.41.16 | 24,264,488 | R--- | M] (Skype Technologies S.A.)
"swg" -> C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> [2007/06/29 14.27.26 | 00,068,856 | ---- | M] (Google Inc.)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica -> 
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma Loader.lnk -> C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe -> [2000/08/24 15.16.34 | 00,110,592 | ---- | M] (Adobe Systems, Inc.)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Acrobat.lnk -> C:\WINDOWS\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe -> [2008/10/16 12.06.30 | 00,025,214 | R--- | M] ()
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\siscmon.lnk -> C:\WINDOWS\System32\siscmon.exe -> [2003/11/27 11.15.02 | 00,147,456 | ---- | M] ()
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Menu Avvio\Programmi\Esecuzione automatica -> 
< viki Startup Folder > -> C:\Documents and Settings\viki\Menu Avvio\Programmi\Esecuzione automatica -> 
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
\Infodelivery\Restrictions\\"NoUpdateCheck" ->  [1] -> File not found
< Software Policy Settings [HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006] > -> HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [323] -> File not found
\\"NoDrives" ->  [0] -> File not found
\\"NoDriveAutoRun" ->  [67108863] -> File not found
\\"LinkResolveIgnoreLinkInfo" ->  [0] -> File not found
\\"NoResolveSearch" ->  [1] -> File not found
\\"HonorAutoRunSetting" ->  [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" ->  [0] -> File not found
\\"legalnoticecaption" ->  [] -> File not found
\\"legalnoticetext" ->  [] -> File not found
\\"shutdownwithoutlogon" ->  [1] -> File not found
\\"undockwithoutlogon" ->  [1] -> File not found
\\"DisableRegistryTools" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveAutoRun" ->  [67108863] -> File not found
\\"NoDriveTypeAutoRun" ->  [323] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveAutoRun" ->  [67108863] -> File not found
\\"NoDriveTypeAutoRun" ->  [323] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006] > -> HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"LinkResolveIgnoreLinkInfo" ->  [0] -> File not found
\\"NoDriveAutoRun" ->  [67108863] -> File not found
\\"NoDriveTypeAutoRun" ->  [323] -> File not found
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006] > -> HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\] > -> HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Converti destinazione link in Adobe PDF -> C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html] -> [2004/12/14 02.13.40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Converti destinazione link in file PDF esistente -> C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html] -> [2004/12/14 02.13.40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Converti i link selezionati in Adobe PDF -> C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html] -> [2004/12/14 02.13.40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Converti i link selezionati in file PDF esistente -> C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html] -> [2004/12/14 02.13.40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Converti in Adobe PDF -> C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html] -> [2004/12/14 02.13.40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Converti nel file PDF esistente -> C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html] -> [2004/12/14 02.13.40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Converti selezione in Adobe PDF -> C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html] -> [2004/12/14 02.13.40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
Converti selezione in file PDF esistente -> C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html] -> [2004/12/14 02.13.40 | 00,225,280 | ---- | M] (Adobe Systems Incorporated)
E&sporta in Microsoft Excel -> C:\Programmi\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] -> [2003/08/13 10.34.38 | 10,073,144 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Button: Skype] -> [2009/05/26 19.41.16 | 01,088,296 | ---- | M] (Skype Technologies S.A.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Ricerche] -> [2003/07/15 06.57.08 | 00,040,512 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Programmi\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/14 04.14.13 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Programmi\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/14 04.14.13 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\WINDOWS\System32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 19.26.26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL [Ricerche] -> [2003/07/15 06.57.08 | 00,040,512 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Programmi\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04.14.13 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\WINDOWS\System32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 19.26.26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL [Ricerche] -> [2003/07/15 06.57.08 | 00,040,512 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Programmi\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04.14.13 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\] > -> HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\WINDOWS\System32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 19.26.26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL [Ricerche] -> [2003/07/15 06.57.08 | 00,040,512 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Programmi\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04.14.13 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\] > -> HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1567 domain(s) found. -> 
8 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\] > -> HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-3377459932-771512587-881251600-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab [Java Plug-in 1.6.0_16] -> 
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab [Java Plug-in 1.6.0_16] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab [Java Plug-in 1.6.0_16] -> 
Microsoft XML Parser for Java [HKLM] -> file://C:\WINDOWS\Java\classes\xmldso.cab [Reg Error: Key error.] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{993D45CB-D05A-4666-A3DD-9F3FA8E91FBE}\\NameServer -> 151.99.125.1,151.99.0.100   (Realtek RTL8139/810x Family Fast Ethernet NIC) -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 04.14.07 | 01,036,288 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
AtiExtEvent -> C:\WINDOWS\System32\ati2evxx.dll -> [2004/03/10 05.27.06 | 00,086,016 | ---- | M] ()
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 20.53.32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\System32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/14 04.14.19 | 00,142,336 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 20.53.32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\System32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/14 04.14.19 | 00,142,336 | ---- | M] (Microsoft Corporation)
"C:\Programmi\Messenger\msmsgs.exe" -> C:\Programmi\Messenger\msmsgs.exe [C:\Programmi\Messenger\msmsgs.exe:*:Disabled:Windows Messenger] -> [2008/04/14 04.14.13 | 01,695,232 | ---- | M] (Microsoft Corporation)
"C:\Programmi\Microsoft Office\OFFICE11\WINWORD.EXE" -> C:\Programmi\Microsoft Office\OFFICE11\WINWORD.EXE [C:\Programmi\Microsoft Office\OFFICE11\WINWORD.EXE:*:Enabled:Microsoft Office Word] -> [2003/08/06 21.24.20 | 12,037,688 | ---- | M] (Microsoft Corporation)
"C:\Programmi\Mozilla Firefox\firefox.exe" -> C:\Programmi\Mozilla Firefox\firefox.exe [C:\Programmi\Mozilla Firefox\firefox.exe:*:Enabled:Firefox] -> [2009/08/30 09.32.50 | 00,908,280 | ---- | M] (Mozilla Corporation)
"C:\Programmi\Skype\Phone\Skype.exe" -> C:\Programmi\Skype\Phone\Skype.exe [C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype] -> [2009/05/26 19.41.16 | 24,264,488 | R--- | M] (Skype Technologies S.A.)
"C:\WINDOWS\system32\sessmgr.exe" -> C:\WINDOWS\System32\sessmgr.exe [C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019] -> [2008/04/14 04.14.19 | 00,142,336 | ---- | M] (Microsoft Corporation)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
"AlternateShell" -> cmd.exe -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> Driver del CD-ROM -> 
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  -> 
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2004/08/31 08.36.23 | 00,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 


[Files/Folders - Created Within 30 Days]
OTS.exe -> C:\Documents and Settings\viki\Desktop\OTS.exe -> [2009/09/28 12.31.39 | 00,517,120 | ---- | C] (OldTimer Tools)
~$d timer.doc -> C:\Documents and Settings\viki\Desktop\~$d timer.doc -> [2009/09/28 12.27.27 | 00,000,162 | -H-- | C] ()
TFC.exe -> C:\Documents and Settings\viki\Desktop\TFC.exe -> [2009/09/28 12.18.04 | 00,271,872 | ---- | C] (OldTimer Tools)
old timer.doc -> C:\Documents and Settings\viki\Desktop\old timer.doc -> [2009/09/28 11.49.54 | 00,028,160 | ---- | C] ()
Recent -> C:\Documents and Settings\viki\Recent -> [2009/09/23 20.09.28 | 00,000,000 | RH-D | C]
cc_20090922_180954.reg -> C:\Documents and Settings\viki\Documenti\cc_20090922_180954.reg -> [2009/09/22 18.09.57 | 00,000,658 | ---- | C] ()
HijackThis.lnk -> C:\Documents and Settings\viki\Desktop\HijackThis.lnk -> [2009/09/21 09.18.19 | 00,001,698 | ---- | C] ()
cc_20090921_091746.reg -> C:\Documents and Settings\viki\Documenti\cc_20090921_091746.reg -> [2009/09/21 09.17.47 | 00,000,794 | ---- | C] ()
CCleaner.lnk -> C:\Documents and Settings\viki\Desktop\CCleaner.lnk -> [2009/09/21 09.16.59 | 00,001,512 | ---- | C] ()
CCleaner -> C:\Programmi\CCleaner -> [2009/09/21 09.16.57 | 00,000,000 | ---D | C]
cc_20090921_091330.reg -> C:\Documents and Settings\viki\Documenti\cc_20090921_091330.reg -> [2009/09/21 09.13.32 | 00,003,746 | ---- | C] ()
RECYCLER -> C:\RECYCLER -> [2009/09/21 09.12.12 | 00,000,000 | -HSD | C]
PEV.exe -> C:\WINDOWS\PEV.exe -> [2009/09/21 09.00.48 | 00,229,888 | ---- | C] ()
b.exe -> C:\Documents and Settings\viki\Dati applicazioni\b.exe -> [2009/09/18 20.06.58 | 00,030,208 | ---- | C] ()
files CHI -> C:\Documents and Settings\viki\Desktop\files CHI -> [2009/09/18 18.16.37 | 00,000,000 | ---D | C]
Rubrica PERSONALE Ing luglio 09 MR.xls -> C:\Documents and Settings\viki\Desktop\Rubrica PERSONALE Ing luglio 09 MR.xls -> [2009/09/18 15.19.58 | 00,162,304 | ---- | C] ()
cc_20090914_144446.reg -> C:\Documents and Settings\viki\Documenti\cc_20090914_144446.reg -> [2009/09/14 14.44.47 | 00,000,858 | ---- | C] ()
ISPESL LINEE GUIDA REGOL SICUR RM 2009.pdf -> C:\Documents and Settings\viki\Desktop\ISPESL LINEE GUIDA REGOL SICUR RM 2009.pdf -> [2009/09/10 18.24.34 | 00,253,430 | ---- | C] ()
DOC CONGIUNTO ISPESL ISS SU CEM.pdf -> C:\Documents and Settings\viki\Desktop\DOC CONGIUNTO ISPESL ISS SU CEM.pdf -> [2009/09/10 18.16.00 | 00,244,889 | ---- | C] ()
MJ.jpg -> C:\Documents and Settings\viki\Desktop\MJ.jpg -> [2009/09/09 16.26.26 | 00,050,526 | ---- | C] ()
NAISMITH -> C:\Documents and Settings\viki\Desktop\NAISMITH -> [2009/08/31 00.32.22 | 00,000,000 | ---D | C]
cc_20090830_101719.reg -> C:\Documents and Settings\viki\Documenti\cc_20090830_101719.reg -> [2009/08/30 10.17.24 | 00,000,460 | ---- | C] ()
NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2007/04/18 16.07.08 | 00,000,116 | ---- | C] ()
ricdb.ini -> C:\WINDOWS\ricdb.ini -> [2007/03/19 12.25.27 | 00,000,141 | ---- | C] ()
SWWATER.INI -> C:\WINDOWS\SWWATER.INI -> [2007/03/09 16.42.59 | 00,000,313 | ---- | C] ()
HBCIKRNL.INI -> C:\WINDOWS\HBCIKRNL.INI -> [2006/12/05 14.02.02 | 00,000,454 | ---- | C] ()
RtlRack.ini -> C:\WINDOWS\RtlRack.ini -> [2006/06/16 12.08.22 | 00,000,169 | ---- | C] ()
RPCS.ini -> C:\WINDOWS\System32\RPCS.ini -> [2006/05/15 12.52.55 | 00,000,025 | ---- | C] ()
smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2004/09/01 07.54.00 | 00,000,061 | ---- | C] ()
TcdsASC2.ini -> C:\WINDOWS\TcdsASC2.ini -> [2004/09/01 07.35.06 | 00,006,757 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2004/09/01 06.55.18 | 00,000,424 | ---- | C] ()
ati2evxx.dll -> C:\WINDOWS\System32\ati2evxx.dll -> [2004/08/31 18.28.30 | 00,086,016 | ---- | C] ()
IVIresizeW7.dll -> C:\WINDOWS\System32\IVIresizeW7.dll -> [2004/08/31 15.28.05 | 00,204,800 | ---- | C] ()
IVIresizeA6.dll -> C:\WINDOWS\System32\IVIresizeA6.dll -> [2004/08/31 15.28.05 | 00,200,704 | ---- | C] ()
IVIresizeP6.dll -> C:\WINDOWS\System32\IVIresizeP6.dll -> [2004/08/31 15.28.05 | 00,192,512 | ---- | C] ()
IVIresizeM6.dll -> C:\WINDOWS\System32\IVIresizeM6.dll -> [2004/08/31 15.28.05 | 00,192,512 | ---- | C] ()
IVIresizePX.dll -> C:\WINDOWS\System32\IVIresizePX.dll -> [2004/08/31 15.28.05 | 00,188,416 | ---- | C] ()
IVIresize.dll -> C:\WINDOWS\System32\IVIresize.dll -> [2004/08/31 15.28.05 | 00,020,480 | ---- | C] ()
NDSTray.INI -> C:\WINDOWS\NDSTray.INI -> [2004/08/31 15.22.11 | 00,000,000 | ---- | C] ()
MousePage.dll -> C:\WINDOWS\System32\MousePage.dll -> [2004/08/31 14.03.06 | 00,126,976 | ---- | C] ()
TCtrlIO.dll -> C:\WINDOWS\System32\TCtrlIO.dll -> [2004/08/31 14.03.06 | 00,114,688 | ---- | C] ()
csellang.ini -> C:\WINDOWS\System32\csellang.ini -> [2004/08/31 13.57.04 | 00,128,113 | ---- | C] ()
csellang.dll -> C:\WINDOWS\System32\csellang.dll -> [2004/08/31 13.57.04 | 00,045,056 | ---- | C] ()
tosmreg.ini -> C:\WINDOWS\System32\tosmreg.ini -> [2004/08/31 13.57.04 | 00,010,179 | ---- | C] ()
cseltbl.ini -> C:\WINDOWS\System32\cseltbl.ini -> [2004/08/31 13.57.04 | 00,007,671 | ---- | C] ()
SynTPCoI.dll -> C:\WINDOWS\System32\SynTPCoI.dll -> [2004/08/31 13.50.41 | 00,077,824 | ---- | C] ()
avrack.ini -> C:\WINDOWS\avrack.ini -> [2004/08/31 13.36.18 | 00,000,164 | ---- | C] ()
RTLCPAPI.dll -> C:\WINDOWS\System32\RTLCPAPI.dll -> [2004/08/31 13.36.14 | 00,155,648 | ---- | C] ()
orun32.ini -> C:\WINDOWS\orun32.ini -> [2004/08/31 08.42.48 | 00,000,825 | ---- | C] ()
ToshBIOS.dll -> C:\WINDOWS\System32\ToshBIOS.dll -> [2004/08/31 08.13.32 | 00,028,672 | ---- | C] ()
OEMINFO.INI -> C:\WINDOWS\System32\OEMINFO.INI -> [2004/08/31 08.13.32 | 00,000,083 | ---- | C] ()
win.ini -> C:\WINDOWS\win.ini -> [2004/08/31 08.12.40 | 00,000,603 | ---- | C] ()
system.ini -> C:\WINDOWS\system.ini -> [2004/08/31 08.12.32 | 00,000,227 | ---- | C] ()
OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/04/01 11.49.16 | 00,005,360 | ---- | C] ()
MSRTEDIT.DLL -> C:\WINDOWS\System32\MSRTEDIT.DLL -> [1998/12/12 00.00.16 | 00,065,536 | ---- | C] ()

[Files/Folders - Modified Within 30 Days]
OTS.exe -> C:\Documents and Settings\viki\Desktop\OTS.exe -> [2009/09/28 12.31.42 | 00,517,120 | ---- | M] (OldTimer Tools)
~$d timer.doc -> C:\Documents and Settings\viki\Desktop\~$d timer.doc -> [2009/09/28 12.27.27 | 00,000,162 | -H-- | M] ()
GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2009/09/28 12.23.01 | 00,001,128 | ---- | M] ()
qmgr1.dat -> C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat -> [2009/09/28 12.22.52 | 00,007,293 | ---- | M] ()
qmgr0.dat -> C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat -> [2009/09/28 12.22.52 | 00,007,293 | ---- | M] ()
Avvio veloce di Adobe Acrobat.lnk -> C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Acrobat.lnk -> [2009/09/28 12.22.33 | 00,002,319 | ---- | M] ()
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2009/09/28 12.22.25 | 00,001,158 | ---- | M] ()
GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2009/09/28 12.22.21 | 00,001,124 | ---- | M] ()
Perflib_Perfdata_168.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_168.dat -> [2009/09/28 12.21.34 | 00,016,384 | ---- | M] ()
SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2009/09/28 12.21.27 | 00,000,006 | -H-- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2009/09/28 12.21.25 | 00,002,048 | --S- | M] ()
NTUSER.DAT -> C:\Documents and Settings\viki\NTUSER.DAT -> [2009/09/28 12.20.24 | 14,680,064 | ---- | M] ()
ntuser.ini -> C:\Documents and Settings\viki\ntuser.ini -> [2009/09/28 12.20.24 | 00,000,306 | -HS- | M] ()
TFC.exe -> C:\Documents and Settings\viki\Desktop\TFC.exe -> [2009/09/28 12.18.05 | 00,271,872 | ---- | M] (OldTimer Tools)
old timer.doc -> C:\Documents and Settings\viki\Desktop\old timer.doc -> [2009/09/28 11.49.55 | 00,028,160 | ---- | M] ()
IconCache.db -> C:\Documents and Settings\viki\Impostazioni locali\Dati applicazioni\IconCache.db -> [2009/09/25 18.22.53 | 09,110,726 | -H-- | M] ()
NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2009/09/23 19.54.27 | 00,000,116 | ---- | M] ()
CONFIG.NT -> C:\WINDOWS\System32\CONFIG.NT -> [2009/09/23 10.04.29 | 00,002,885 | ---- | M] ()
Google Chrome.lnk -> C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk -> [2009/09/23 08.27.12 | 00,001,777 | ---- | M] ()
Microsoft Office Word 2003.lnk -> C:\Documents and Settings\viki\Desktop\Microsoft Office Word 2003.lnk -> [2009/09/22 18.11.12 | 00,002,531 | ---- | M] ()
cc_20090922_180954.reg -> C:\Documents and Settings\viki\Documenti\cc_20090922_180954.reg -> [2009/09/22 18.10.15 | 00,000,658 | ---- | M] ()
Rubrica PERSONALE Ing luglio 09 MR.xls -> C:\Documents and Settings\viki\Desktop\Rubrica PERSONALE Ing luglio 09 MR.xls -> [2009/09/21 12.19.56 | 00,162,304 | ---- | M] ()
HijackThis.lnk -> C:\Documents and Settings\viki\Desktop\HijackThis.lnk -> [2009/09/21 09.18.19 | 00,001,698 | ---- | M] ()
cc_20090921_091746.reg -> C:\Documents and Settings\viki\Documenti\cc_20090921_091746.reg -> [2009/09/21 09.17.49 | 00,000,794 | ---- | M] ()
CCleaner.lnk -> C:\Documents and Settings\viki\Desktop\CCleaner.lnk -> [2009/09/21 09.16.59 | 00,001,512 | ---- | M] ()
cc_20090921_091330.reg -> C:\Documents and Settings\viki\Documenti\cc_20090921_091330.reg -> [2009/09/21 09.13.36 | 00,003,746 | ---- | M] ()
system.ini -> C:\WINDOWS\system.ini -> [2009/09/21 09.06.38 | 00,000,227 | ---- | M] ()
ComboFix.exe -> C:\Documents and Settings\viki\Desktop\ComboFix.exe -> [2009/09/21 08.59.22 | 03,317,378 | R--- | M] ()
b.exe -> C:\Documents and Settings\viki\Dati applicazioni\b.exe -> [2009/09/18 20.06.58 | 00,030,208 | ---- | M] ()
cc_20090914_144446.reg -> C:\Documents and Settings\viki\Documenti\cc_20090914_144446.reg -> [2009/09/14 14.44.50 | 00,000,858 | ---- | M] ()
PEV.exe -> C:\WINDOWS\PEV.exe -> [2009/09/14 02.12.36 | 00,229,888 | ---- | M] ()
ISPESL LINEE GUIDA REGOL SICUR RM 2009.pdf -> C:\Documents and Settings\viki\Desktop\ISPESL LINEE GUIDA REGOL SICUR RM 2009.pdf -> [2009/09/10 18.24.34 | 00,253,430 | ---- | M] ()
DOC CONGIUNTO ISPESL ISS SU CEM.pdf -> C:\Documents and Settings\viki\Desktop\DOC CONGIUNTO ISPESL ISS SU CEM.pdf -> [2009/09/10 18.16.00 | 00,244,889 | ---- | M] ()
MJ.jpg -> C:\Documents and Settings\viki\Desktop\MJ.jpg -> [2009/09/09 16.26.28 | 00,050,526 | ---- | M] ()
Skype.lnk -> C:\Documents and Settings\All Users\Desktop\Skype.lnk -> [2009/09/02 17.28.38 | 00,002,241 | ---- | M] ()
cc_20090830_101719.reg -> C:\Documents and Settings\viki\Documenti\cc_20090830_101719.reg -> [2009/08/30 10.17.24 | 00,000,460 | ---- | M] ()
opa11.dat -> C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\OFFICE\DATA\opa11.dat -> [2007/02/28 18.32.19 | 00,008,410 | ---- | M] ()
data.dat -> C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\OFFICE\DATA\data.dat -> [2006/07/31 11.19.40 | 00,001,372 | ---- | M] ()
< End of report >

Modificato da festav

Condividi questo messaggio

Link di questo messaggio
Condividi su altri siti

Inviato

Ciao festav,

scusa il ritardo nella risposta, come la situazione al momento?

scarica KASPERSKY VIRUS REMOVAL TOOL (non richiede l’installazione)

http://downloads5.kaspersky-labs.com/devbuilds/AVPTool/

http://avptool.virusinfo.info/en/

● crea una apposta Cartella sul Desktop ed al suo interno posiziona il file

● lancia il tool

● imposta le aree che intendi scansionare (non è possibile eseguire la scansione di specifiche cartelle)

● al termine della scansione sarà possibile rimuovere e/o mettere in quarantena i file infetti rilevati

Salva ed allega, il log che verrà rilasciato

:P:)

Condividi questo messaggio

Link di questo messaggio
Condividi su altri siti

Inviato

ciao angelique, non ti preoccupare..

ho fatto la scansione, ma ad un certo punto mentre la sta facendo si spegne l'hard disk e si riavvia automaticamente il computer. Ho provato a fare una scansione delle voci una per una, e mi va bene fino a quando non spunto "Risorse del Computer", lì il computer si spegne dopo un pò durante la scansione

che devo fare?

fammi sapere, grazie, V

:P:)

Condividi questo messaggio

Link di questo messaggio
Condividi su altri siti

Crea un account o accedi per lasciare un commento

Devi essere un utente registrato per partecipare

Crea un account

Iscriviti per un nuovo account nella nostra community. È facile!


Registra un nuovo account

Accedi

Sei già registrato? Accedi qui.


Accedi Ora
Vai alla lista Discussioni HiJackThis - Posta qui i Log