Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

pc infettato da spyware

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

pc infettato da spyware

Postdi ziotoby » 22/10/09 14:30

ciao,
ho il pc probabilemnte infettato da spyware; la pagina iniziale di ie si reindirizza e mi compaiono eseguibili mai richiesti sul desktop ad ogni riavvio, ecc.
ho scaricato il file log con hijackthis e ve lo posto, nel caso qualcuno potesse aiutarmi a stabilire cosa posso cancellare e cosa no.
grazie

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13.58.33, on 22/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\Explorer.EXE
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\utente\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] doskeys.exe
O8 - Extra context menu item: Aggiungi al banner Blocco pubblicità - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Download tramite QGet - C:\Program Files\QNAP\QGet\QGetCatch.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Statistiche sulla protezione del traffico Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://onecare.live.com
O15 - Trusted IP range: http://192.168.1.7
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resour ... cctrl2.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.4.1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/ ... s-i586.cab
O16 - DPF: {CCA0B877-CB5E-4ADC-AD30-457C379512DD} (Gif89 Lite Class) - http://192.168.1.7/xplugLite.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DVRMSFileWatcherService - http://babgvant.com - C:\Program Files\DVRMSToolbox\DVRMSFileWatcherService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servizio di Google Update (gupdate1c9e68b65846627) (gupdate1c9e68b65846627) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 11199 bytes
ziotoby
Newbie
 
Post: 7
Iscritto il: 22/10/09 14:25

Sponsor
 

Re: pc infettato da spyware

Postdi shel » 22/10/09 17:39

ciao

hai per caso installato qualche gioco ultimamente?

scarica questo file suk desktop

http://wikisend.com/download/931564/DelDomains.inf

tasto destro e scegli ''installa''


Scarica Combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
(non installare la recovery console)
Lascia lavorare il programma senza interferire
Allega il rapporto C:\ComboFix.txt nella tua risposta.

non usare il pc durante la scansione, nemmeno il mouse!
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: pc infettato da spyware

Postdi ziotoby » 23/10/09 08:48

Grazie, ecco il report di combofix.
perfavore, prova a dirmi cosa posso fare adesso...

ComboFix 09-10-21.02 - utente 23/10/2009 9.05.26.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.3326.2208 [GMT 2:00]
Eseguito da: c:\users\utente\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Kaspersky Internet Security *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-212273499-166003697-2153925751-1000
c:\$recycle.bin\S-1-5-21-3365455880-1164667996-1443343519-1000
c:\users\utente\AppData\Roaming\drivers\downld
c:\users\utente\AppData\Roaming\drivers\downld\100968.exe
c:\users\utente\AppData\Roaming\drivers\downld\102000.exe
c:\users\utente\AppData\Roaming\drivers\downld\102015.exe
c:\users\utente\AppData\Roaming\drivers\downld\102218.exe
c:\users\utente\AppData\Roaming\drivers\downld\102296.exe
c:\users\utente\AppData\Roaming\drivers\downld\102984.exe
c:\users\utente\AppData\Roaming\drivers\downld\103265.exe
c:\users\utente\AppData\Roaming\drivers\downld\103281.exe
c:\users\utente\AppData\Roaming\drivers\downld\104515.exe
c:\users\utente\AppData\Roaming\drivers\downld\105203.exe
c:\users\utente\AppData\Roaming\drivers\downld\105218.exe
c:\users\utente\AppData\Roaming\drivers\downld\106453.exe
c:\users\utente\AppData\Roaming\drivers\downld\107203.exe
c:\users\utente\AppData\Roaming\drivers\downld\107703.exe
c:\users\utente\AppData\Roaming\drivers\downld\107890.exe
c:\users\utente\AppData\Roaming\drivers\downld\108062.exe
c:\users\utente\AppData\Roaming\drivers\downld\109656.exe
c:\users\utente\AppData\Roaming\drivers\downld\110031.exe
c:\users\utente\AppData\Roaming\drivers\downld\110796.exe
c:\users\utente\AppData\Roaming\drivers\downld\112328.exe
c:\users\utente\AppData\Roaming\drivers\downld\112421.exe
c:\users\utente\AppData\Roaming\drivers\downld\113453.exe
c:\users\utente\AppData\Roaming\drivers\downld\114125.exe
c:\users\utente\AppData\Roaming\drivers\downld\114921.exe
c:\users\utente\AppData\Roaming\drivers\downld\115500.exe
c:\users\utente\AppData\Roaming\drivers\downld\115859.exe
c:\users\utente\AppData\Roaming\drivers\downld\115906.exe
c:\users\utente\AppData\Roaming\drivers\downld\116609.exe
c:\users\utente\AppData\Roaming\drivers\downld\117750.exe
c:\users\utente\AppData\Roaming\drivers\downld\118156.exe
c:\users\utente\AppData\Roaming\drivers\downld\119906.exe
c:\users\utente\AppData\Roaming\drivers\downld\120343.exe
c:\users\utente\AppData\Roaming\drivers\downld\120718.exe
c:\users\utente\AppData\Roaming\drivers\downld\124015.exe
c:\users\utente\AppData\Roaming\drivers\downld\124890.exe
c:\users\utente\AppData\Roaming\drivers\downld\125328.exe
c:\users\utente\AppData\Roaming\drivers\downld\126296.exe
c:\users\utente\AppData\Roaming\drivers\downld\128046.exe
c:\users\utente\AppData\Roaming\drivers\downld\137406.exe
c:\users\utente\AppData\Roaming\drivers\downld\140562.exe
c:\users\utente\AppData\Roaming\drivers\downld\142234.exe
c:\users\utente\AppData\Roaming\drivers\downld\14833656.exe
c:\users\utente\AppData\Roaming\drivers\downld\14833859.exe
c:\users\utente\AppData\Roaming\drivers\downld\14845140.exe
c:\users\utente\AppData\Roaming\drivers\downld\14847421.exe
c:\users\utente\AppData\Roaming\drivers\downld\14847531.exe
c:\users\utente\AppData\Roaming\drivers\downld\148562.exe
c:\users\utente\AppData\Roaming\drivers\downld\14872750.exe
c:\users\utente\AppData\Roaming\drivers\downld\14874484.exe
c:\users\utente\AppData\Roaming\drivers\downld\14875406.exe
c:\users\utente\AppData\Roaming\drivers\downld\14884531.exe
c:\users\utente\AppData\Roaming\drivers\downld\14885750.exe
c:\users\utente\AppData\Roaming\drivers\downld\14885937.exe
c:\users\utente\AppData\Roaming\drivers\downld\14886312.exe
c:\users\utente\AppData\Roaming\drivers\downld\14893250.exe
c:\users\utente\AppData\Roaming\drivers\downld\14893625.exe
c:\users\utente\AppData\Roaming\drivers\downld\14926765.exe
c:\users\utente\AppData\Roaming\drivers\downld\14928359.exe
c:\users\utente\AppData\Roaming\drivers\downld\14928843.exe
c:\users\utente\AppData\Roaming\drivers\downld\14941859.exe
c:\users\utente\AppData\Roaming\drivers\downld\14941875.exe
c:\users\utente\AppData\Roaming\drivers\downld\14941890.exe
c:\users\utente\AppData\Roaming\drivers\downld\14950296.exe
c:\users\utente\AppData\Roaming\drivers\downld\14951140.exe
c:\users\utente\AppData\Roaming\drivers\downld\14951578.exe
c:\users\utente\AppData\Roaming\drivers\downld\14976734.exe
c:\users\utente\AppData\Roaming\drivers\downld\14976812.exe
c:\users\utente\AppData\Roaming\drivers\downld\14976828.exe
c:\users\utente\AppData\Roaming\drivers\downld\149796.exe
c:\users\utente\AppData\Roaming\drivers\downld\14984687.exe
c:\users\utente\AppData\Roaming\drivers\downld\14985281.exe
c:\users\utente\AppData\Roaming\drivers\downld\14985703.exe
c:\users\utente\AppData\Roaming\drivers\downld\14988328.exe
c:\users\utente\AppData\Roaming\drivers\downld\14990625.exe
c:\users\utente\AppData\Roaming\drivers\downld\14991656.exe
c:\users\utente\AppData\Roaming\drivers\downld\15012515.exe
c:\users\utente\AppData\Roaming\drivers\downld\15012640.exe
c:\users\utente\AppData\Roaming\drivers\downld\15012656.exe
c:\users\utente\AppData\Roaming\drivers\downld\15016718.exe
c:\users\utente\AppData\Roaming\drivers\downld\15017218.exe
c:\users\utente\AppData\Roaming\drivers\downld\15017500.exe
c:\users\utente\AppData\Roaming\drivers\downld\15017593.exe
c:\users\utente\AppData\Roaming\drivers\downld\15017640.exe
c:\users\utente\AppData\Roaming\drivers\downld\15017796.exe
c:\users\utente\AppData\Roaming\drivers\downld\15018296.exe
c:\users\utente\AppData\Roaming\drivers\downld\15019562.exe
c:\users\utente\AppData\Roaming\drivers\downld\15020421.exe
c:\users\utente\AppData\Roaming\drivers\downld\15024125.exe
c:\users\utente\AppData\Roaming\drivers\downld\15024296.exe
c:\users\utente\AppData\Roaming\drivers\downld\15024312.exe
c:\users\utente\AppData\Roaming\drivers\downld\15026859.exe
c:\users\utente\AppData\Roaming\drivers\downld\15027078.exe
c:\users\utente\AppData\Roaming\drivers\downld\15027093.exe
c:\users\utente\AppData\Roaming\drivers\downld\15034625.exe
c:\users\utente\AppData\Roaming\drivers\downld\15035656.exe
c:\users\utente\AppData\Roaming\drivers\downld\15036484.exe
c:\users\utente\AppData\Roaming\drivers\downld\15038484.exe
c:\users\utente\AppData\Roaming\drivers\downld\15041843.exe
c:\users\utente\AppData\Roaming\drivers\downld\15042078.exe
c:\users\utente\AppData\Roaming\drivers\downld\15042312.exe
c:\users\utente\AppData\Roaming\drivers\downld\15042562.exe
c:\users\utente\AppData\Roaming\drivers\downld\15043265.exe
c:\users\utente\AppData\Roaming\drivers\downld\15052406.exe
c:\users\utente\AppData\Roaming\drivers\downld\15052953.exe
c:\users\utente\AppData\Roaming\drivers\downld\15052968.exe
c:\users\utente\AppData\Roaming\drivers\downld\15063656.exe
c:\users\utente\AppData\Roaming\drivers\downld\15063875.exe
c:\users\utente\AppData\Roaming\drivers\downld\15063968.exe
c:\users\utente\AppData\Roaming\drivers\downld\15072656.exe
c:\users\utente\AppData\Roaming\drivers\downld\15072671.exe
c:\users\utente\AppData\Roaming\drivers\downld\15072687.exe
c:\users\utente\AppData\Roaming\drivers\downld\15073171.exe
c:\users\utente\AppData\Roaming\drivers\downld\15076734.exe
c:\users\utente\AppData\Roaming\drivers\downld\15077125.exe
c:\users\utente\AppData\Roaming\drivers\downld\15077203.exe
c:\users\utente\AppData\Roaming\drivers\downld\15077312.exe
c:\users\utente\AppData\Roaming\drivers\downld\15077796.exe
c:\users\utente\AppData\Roaming\drivers\downld\15078281.exe
c:\users\utente\AppData\Roaming\drivers\downld\15078671.exe
c:\users\utente\AppData\Roaming\drivers\downld\15079203.exe
c:\users\utente\AppData\Roaming\drivers\downld\15094078.exe
c:\users\utente\AppData\Roaming\drivers\downld\15094109.exe
c:\users\utente\AppData\Roaming\drivers\downld\15094125.exe
c:\users\utente\AppData\Roaming\drivers\downld\15099343.exe
c:\users\utente\AppData\Roaming\drivers\downld\15099578.exe
c:\users\utente\AppData\Roaming\drivers\downld\15102390.exe
c:\users\utente\AppData\Roaming\drivers\downld\15104125.exe
c:\users\utente\AppData\Roaming\drivers\downld\15104781.exe
c:\users\utente\AppData\Roaming\drivers\downld\15106437.exe
c:\users\utente\AppData\Roaming\drivers\downld\15106875.exe
c:\users\utente\AppData\Roaming\drivers\downld\15109046.exe
c:\users\utente\AppData\Roaming\drivers\downld\15109437.exe
c:\users\utente\AppData\Roaming\drivers\downld\15109703.exe
c:\users\utente\AppData\Roaming\drivers\downld\15109718.exe
c:\users\utente\AppData\Roaming\drivers\downld\15112234.exe
c:\users\utente\AppData\Roaming\drivers\downld\15112281.exe
c:\users\utente\AppData\Roaming\drivers\downld\15125812.exe
c:\users\utente\AppData\Roaming\drivers\downld\15126812.exe
c:\users\utente\AppData\Roaming\drivers\downld\15128531.exe
c:\users\utente\AppData\Roaming\drivers\downld\15128859.exe
c:\users\utente\AppData\Roaming\drivers\downld\15129718.exe
c:\users\utente\AppData\Roaming\drivers\downld\15130187.exe
c:\users\utente\AppData\Roaming\drivers\downld\15145296.exe
c:\users\utente\AppData\Roaming\drivers\downld\15146468.exe
c:\users\utente\AppData\Roaming\drivers\downld\15146546.exe
c:\users\utente\AppData\Roaming\drivers\downld\15146562.exe
c:\users\utente\AppData\Roaming\drivers\downld\15147437.exe
c:\users\utente\AppData\Roaming\drivers\downld\15148484.exe
c:\users\utente\AppData\Roaming\drivers\downld\15153828.exe
c:\users\utente\AppData\Roaming\drivers\downld\15154078.exe
c:\users\utente\AppData\Roaming\drivers\downld\15154187.exe
c:\users\utente\AppData\Roaming\drivers\downld\15171828.exe
c:\users\utente\AppData\Roaming\drivers\downld\15171984.exe
c:\users\utente\AppData\Roaming\drivers\downld\15172062.exe
c:\users\utente\AppData\Roaming\drivers\downld\15172453.exe
c:\users\utente\AppData\Roaming\drivers\downld\15172937.exe
c:\users\utente\AppData\Roaming\drivers\downld\15173140.exe
c:\users\utente\AppData\Roaming\drivers\downld\15173437.exe
c:\users\utente\AppData\Roaming\drivers\downld\15174421.exe
c:\users\utente\AppData\Roaming\drivers\downld\15174625.exe
c:\users\utente\AppData\Roaming\drivers\downld\15193718.exe
c:\users\utente\AppData\Roaming\drivers\downld\15193828.exe
c:\users\utente\AppData\Roaming\drivers\downld\15203953.exe
c:\users\utente\AppData\Roaming\drivers\downld\15203968.exe
c:\users\utente\AppData\Roaming\drivers\downld\15213703.exe
c:\users\utente\AppData\Roaming\drivers\downld\15214593.exe
c:\users\utente\AppData\Roaming\drivers\downld\15214781.exe
c:\users\utente\AppData\Roaming\drivers\downld\15234171.exe
c:\users\utente\AppData\Roaming\drivers\downld\15234703.exe
c:\users\utente\AppData\Roaming\drivers\downld\15234796.exe
c:\users\utente\AppData\Roaming\drivers\downld\15235140.exe
c:\users\utente\AppData\Roaming\drivers\downld\15235156.exe
c:\users\utente\AppData\Roaming\drivers\downld\15235171.exe
c:\users\utente\AppData\Roaming\drivers\downld\152500.exe
c:\users\utente\AppData\Roaming\drivers\downld\15260609.exe
c:\users\utente\AppData\Roaming\drivers\downld\152609.exe
c:\users\utente\AppData\Roaming\drivers\downld\15261078.exe
c:\users\utente\AppData\Roaming\drivers\downld\15261296.exe
c:\users\utente\AppData\Roaming\drivers\downld\15284250.exe
c:\users\utente\AppData\Roaming\drivers\downld\15284421.exe
c:\users\utente\AppData\Roaming\drivers\downld\152953.exe
c:\users\utente\AppData\Roaming\drivers\downld\152968.exe
c:\users\utente\AppData\Roaming\drivers\downld\153000.exe
c:\users\utente\AppData\Roaming\drivers\downld\155921.exe
c:\users\utente\AppData\Roaming\drivers\downld\156859.exe
c:\users\utente\AppData\Roaming\drivers\downld\160890.exe
c:\users\utente\AppData\Roaming\drivers\downld\160906.exe
c:\users\utente\AppData\Roaming\drivers\downld\163609.exe
c:\users\utente\AppData\Roaming\drivers\downld\164656.exe
c:\users\utente\AppData\Roaming\drivers\downld\165109.exe
c:\users\utente\AppData\Roaming\drivers\downld\167281.exe
c:\users\utente\AppData\Roaming\drivers\downld\170718.exe
c:\users\utente\AppData\Roaming\drivers\downld\170921.exe
c:\users\utente\AppData\Roaming\drivers\downld\172375.exe
c:\users\utente\AppData\Roaming\drivers\downld\173359.exe
c:\users\utente\AppData\Roaming\drivers\downld\174625.exe
c:\users\utente\AppData\Roaming\drivers\downld\176062.exe
c:\users\utente\AppData\Roaming\drivers\downld\177312.exe
c:\users\utente\AppData\Roaming\drivers\downld\178109.exe
c:\users\utente\AppData\Roaming\drivers\downld\193390.exe
c:\users\utente\AppData\Roaming\drivers\downld\197296.exe
c:\users\utente\AppData\Roaming\drivers\downld\198500.exe
c:\users\utente\AppData\Roaming\drivers\downld\198515.exe
c:\users\utente\AppData\Roaming\drivers\downld\199828.exe
c:\users\utente\AppData\Roaming\drivers\downld\200234.exe
c:\users\utente\AppData\Roaming\drivers\downld\208062.exe
c:\users\utente\AppData\Roaming\drivers\downld\209109.exe
c:\users\utente\AppData\Roaming\drivers\downld\209234.exe
c:\users\utente\AppData\Roaming\drivers\downld\209250.exe
c:\users\utente\AppData\Roaming\drivers\downld\209328.exe
c:\users\utente\AppData\Roaming\drivers\downld\209890.exe
c:\users\utente\AppData\Roaming\drivers\downld\210000.exe
c:\users\utente\AppData\Roaming\drivers\downld\210578.exe
c:\users\utente\AppData\Roaming\drivers\downld\214562.exe
c:\users\utente\AppData\Roaming\drivers\downld\215328.exe
c:\users\utente\AppData\Roaming\drivers\downld\215656.exe
c:\users\utente\AppData\Roaming\drivers\downld\216828.exe
c:\users\utente\AppData\Roaming\drivers\downld\217015.exe
c:\users\utente\AppData\Roaming\drivers\downld\217031.exe
c:\users\utente\AppData\Roaming\drivers\downld\219921.exe
c:\users\utente\AppData\Roaming\drivers\downld\221218.exe
c:\users\utente\AppData\Roaming\drivers\downld\221421.exe
c:\users\utente\AppData\Roaming\drivers\downld\221921.exe
c:\users\utente\AppData\Roaming\drivers\downld\223140.exe
c:\users\utente\AppData\Roaming\drivers\downld\223437.exe
c:\users\utente\AppData\Roaming\drivers\downld\224000.exe
c:\users\utente\AppData\Roaming\drivers\downld\224390.exe
c:\users\utente\AppData\Roaming\drivers\downld\224406.exe
c:\users\utente\AppData\Roaming\drivers\downld\226031.exe
c:\users\utente\AppData\Roaming\drivers\downld\238515.exe
c:\users\utente\AppData\Roaming\drivers\downld\241312.exe
c:\users\utente\AppData\Roaming\drivers\downld\242671.exe
c:\users\utente\AppData\Roaming\drivers\downld\243171.exe
c:\users\utente\AppData\Roaming\drivers\downld\246187.exe
c:\users\utente\AppData\Roaming\drivers\downld\248609.exe
c:\users\utente\AppData\Roaming\drivers\downld\248625.exe
c:\users\utente\AppData\Roaming\drivers\downld\251703.exe
c:\users\utente\AppData\Roaming\drivers\downld\251875.exe
c:\users\utente\AppData\Roaming\drivers\downld\251890.exe
c:\users\utente\AppData\Roaming\drivers\downld\255250.exe
c:\users\utente\AppData\Roaming\drivers\downld\261468.exe
c:\users\utente\AppData\Roaming\drivers\downld\262656.exe
c:\users\utente\AppData\Roaming\drivers\downld\264265.exe
c:\users\utente\AppData\Roaming\drivers\downld\265750.exe
c:\users\utente\AppData\Roaming\drivers\downld\265953.exe
c:\users\utente\AppData\Roaming\drivers\downld\266437.exe
c:\users\utente\AppData\Roaming\drivers\downld\267125.exe
c:\users\utente\AppData\Roaming\drivers\downld\267859.exe
c:\users\utente\AppData\Roaming\drivers\downld\270906.exe
c:\users\utente\AppData\Roaming\drivers\downld\271031.exe
c:\users\utente\AppData\Roaming\drivers\downld\272171.exe
c:\users\utente\AppData\Roaming\drivers\downld\272390.exe
c:\users\utente\AppData\Roaming\drivers\downld\272562.exe
c:\users\utente\AppData\Roaming\drivers\downld\273984.exe
c:\users\utente\AppData\Roaming\drivers\downld\274000.exe
c:\users\utente\AppData\Roaming\drivers\downld\275484.exe
c:\users\utente\AppData\Roaming\drivers\downld\276375.exe
c:\users\utente\AppData\Roaming\drivers\downld\276859.exe
c:\users\utente\AppData\Roaming\drivers\downld\277187.exe
c:\users\utente\AppData\Roaming\drivers\downld\277515.exe
c:\users\utente\AppData\Roaming\drivers\downld\283875.exe
c:\users\utente\AppData\Roaming\drivers\downld\286312.exe
c:\users\utente\AppData\Roaming\drivers\downld\286328.exe
c:\users\utente\AppData\Roaming\drivers\downld\286625.exe
c:\users\utente\AppData\Roaming\drivers\downld\286750.exe
c:\users\utente\AppData\Roaming\drivers\downld\286765.exe
c:\users\utente\AppData\Roaming\drivers\downld\290375.exe
c:\users\utente\AppData\Roaming\drivers\downld\290437.exe
c:\users\utente\AppData\Roaming\drivers\downld\290484.exe
c:\users\utente\AppData\Roaming\drivers\downld\290500.exe
c:\users\utente\AppData\Roaming\drivers\downld\291015.exe
c:\users\utente\AppData\Roaming\drivers\downld\291359.exe
c:\users\utente\AppData\Roaming\drivers\downld\291375.exe
c:\users\utente\AppData\Roaming\drivers\downld\291734.exe
c:\users\utente\AppData\Roaming\drivers\downld\291750.exe
c:\users\utente\AppData\Roaming\drivers\downld\292859.exe
c:\users\utente\AppData\Roaming\drivers\downld\293156.exe
c:\users\utente\AppData\Roaming\drivers\downld\293562.exe
c:\users\utente\AppData\Roaming\drivers\downld\293578.exe
c:\users\utente\AppData\Roaming\drivers\downld\293968.exe
c:\users\utente\AppData\Roaming\drivers\downld\294156.exe
c:\users\utente\AppData\Roaming\drivers\downld\294578.exe
c:\users\utente\AppData\Roaming\drivers\downld\295984.exe
c:\users\utente\AppData\Roaming\drivers\downld\29604296.exe
c:\users\utente\AppData\Roaming\drivers\downld\29604406.exe
c:\users\utente\AppData\Roaming\drivers\downld\29613046.exe
c:\users\utente\AppData\Roaming\drivers\downld\29614140.exe
c:\users\utente\AppData\Roaming\drivers\downld\29614500.exe
c:\users\utente\AppData\Roaming\drivers\downld\296296.exe
c:\users\utente\AppData\Roaming\drivers\downld\29635796.exe
c:\users\utente\AppData\Roaming\drivers\downld\29635921.exe
c:\users\utente\AppData\Roaming\drivers\downld\29635968.exe
c:\users\utente\AppData\Roaming\drivers\downld\296468.exe
c:\users\utente\AppData\Roaming\drivers\downld\29647953.exe
c:\users\utente\AppData\Roaming\drivers\downld\29648437.exe
c:\users\utente\AppData\Roaming\drivers\downld\29648906.exe
c:\users\utente\AppData\Roaming\drivers\downld\29660625.exe
c:\users\utente\AppData\Roaming\drivers\downld\296656.exe
c:\users\utente\AppData\Roaming\drivers\downld\296671.exe
c:\users\utente\AppData\Roaming\drivers\downld\29680921.exe
c:\users\utente\AppData\Roaming\drivers\downld\29681734.exe
c:\users\utente\AppData\Roaming\drivers\downld\29735593.exe
c:\users\utente\AppData\Roaming\drivers\downld\29735625.exe
c:\users\utente\AppData\Roaming\drivers\downld\29735640.exe
c:\users\utente\AppData\Roaming\drivers\downld\29740203.exe
c:\users\utente\AppData\Roaming\drivers\downld\29741140.exe
c:\users\utente\AppData\Roaming\drivers\downld\29741328.exe
c:\users\utente\AppData\Roaming\drivers\downld\29741828.exe
c:\users\utente\AppData\Roaming\drivers\downld\29742734.exe
c:\users\utente\AppData\Roaming\drivers\downld\29743515.exe
c:\users\utente\AppData\Roaming\drivers\downld\29765843.exe
c:\users\utente\AppData\Roaming\drivers\downld\29765890.exe
c:\users\utente\AppData\Roaming\drivers\downld\29765906.exe
c:\users\utente\AppData\Roaming\drivers\downld\29772109.exe
c:\users\utente\AppData\Roaming\drivers\downld\29772187.exe
c:\users\utente\AppData\Roaming\drivers\downld\29772203.exe
c:\users\utente\AppData\Roaming\drivers\downld\29774671.exe
c:\users\utente\AppData\Roaming\drivers\downld\29774750.exe
c:\users\utente\AppData\Roaming\drivers\downld\29774765.exe
c:\users\utente\AppData\Roaming\drivers\downld\29791062.exe
c:\users\utente\AppData\Roaming\drivers\downld\29792671.exe
c:\users\utente\AppData\Roaming\drivers\downld\29793156.exe
c:\users\utente\AppData\Roaming\drivers\downld\29800875.exe
c:\users\utente\AppData\Roaming\drivers\downld\29801109.exe
c:\users\utente\AppData\Roaming\drivers\downld\29801140.exe
c:\users\utente\AppData\Roaming\drivers\downld\298031.exe
c:\users\utente\AppData\Roaming\drivers\downld\298187.exe
c:\users\utente\AppData\Roaming\drivers\downld\29826046.exe
c:\users\utente\AppData\Roaming\drivers\downld\29826781.exe
c:\users\utente\AppData\Roaming\drivers\downld\29826875.exe
c:\users\utente\AppData\Roaming\drivers\downld\29827203.exe
c:\users\utente\AppData\Roaming\drivers\downld\29827828.exe
c:\users\utente\AppData\Roaming\drivers\downld\29828203.exe
c:\users\utente\AppData\Roaming\drivers\downld\29848078.exe
c:\users\utente\AppData\Roaming\drivers\downld\29848125.exe
c:\users\utente\AppData\Roaming\drivers\downld\29914406.exe
c:\users\utente\AppData\Roaming\drivers\downld\29914500.exe
c:\users\utente\AppData\Roaming\drivers\downld\29914515.exe
c:\users\utente\AppData\Roaming\drivers\downld\29916281.exe
c:\users\utente\AppData\Roaming\drivers\downld\29916687.exe
c:\users\utente\AppData\Roaming\drivers\downld\29916968.exe
c:\users\utente\AppData\Roaming\drivers\downld\29929375.exe
c:\users\utente\AppData\Roaming\drivers\downld\29930187.exe
c:\users\utente\AppData\Roaming\drivers\downld\29930968.exe
c:\users\utente\AppData\Roaming\drivers\downld\29931984.exe
c:\users\utente\AppData\Roaming\drivers\downld\29935171.exe
c:\users\utente\AppData\Roaming\drivers\downld\29936218.exe
c:\users\utente\AppData\Roaming\drivers\downld\29942109.exe
c:\users\utente\AppData\Roaming\drivers\downld\29942265.exe
c:\users\utente\AppData\Roaming\drivers\downld\29942406.exe
c:\users\utente\AppData\Roaming\drivers\downld\29993890.exe
c:\users\utente\AppData\Roaming\drivers\downld\29995281.exe
c:\users\utente\AppData\Roaming\drivers\downld\29995781.exe
c:\users\utente\AppData\Roaming\drivers\downld\29999312.exe
c:\users\utente\AppData\Roaming\drivers\downld\29999359.exe
c:\users\utente\AppData\Roaming\drivers\downld\29999375.exe
c:\users\utente\AppData\Roaming\drivers\downld\30043359.exe
c:\users\utente\AppData\Roaming\drivers\downld\30043390.exe
c:\users\utente\AppData\Roaming\drivers\downld\30043421.exe
c:\users\utente\AppData\Roaming\drivers\downld\30083843.exe
c:\users\utente\AppData\Roaming\drivers\downld\30088109.exe
c:\users\utente\AppData\Roaming\drivers\downld\30088546.exe
c:\users\utente\AppData\Roaming\drivers\downld\30097640.exe
c:\users\utente\AppData\Roaming\drivers\downld\30097703.exe
c:\users\utente\AppData\Roaming\drivers\downld\30097750.exe
c:\users\utente\AppData\Roaming\drivers\downld\30120796.exe
c:\users\utente\AppData\Roaming\drivers\downld\301218.exe
c:\users\utente\AppData\Roaming\drivers\downld\30123078.exe
c:\users\utente\AppData\Roaming\drivers\downld\30123703.exe
c:\users\utente\AppData\Roaming\drivers\downld\30124281.exe
c:\users\utente\AppData\Roaming\drivers\downld\30125031.exe
c:\users\utente\AppData\Roaming\drivers\downld\30125500.exe
c:\users\utente\AppData\Roaming\drivers\downld\30144000.exe
c:\users\utente\AppData\Roaming\drivers\downld\30144140.exe
c:\users\utente\AppData\Roaming\drivers\downld\30144250.exe
c:\users\utente\AppData\Roaming\drivers\downld\301625.exe
c:\users\utente\AppData\Roaming\drivers\downld\301828.exe
c:\users\utente\AppData\Roaming\drivers\downld\30218062.exe
c:\users\utente\AppData\Roaming\drivers\downld\30221796.exe
c:\users\utente\AppData\Roaming\drivers\downld\30222062.exe
c:\users\utente\AppData\Roaming\drivers\downld\302234.exe
c:\users\utente\AppData\Roaming\drivers\downld\302515.exe
c:\users\utente\AppData\Roaming\drivers\downld\30256515.exe
c:\users\utente\AppData\Roaming\drivers\downld\30256921.exe
c:\users\utente\AppData\Roaming\drivers\downld\30257093.exe
c:\users\utente\AppData\Roaming\drivers\downld\30257531.exe
c:\users\utente\AppData\Roaming\drivers\downld\30257640.exe
c:\users\utente\AppData\Roaming\drivers\downld\30257734.exe
c:\users\utente\AppData\Roaming\drivers\downld\302703.exe
c:\users\utente\AppData\Roaming\drivers\downld\302906.exe
c:\users\utente\AppData\Roaming\drivers\downld\303562.exe
c:\users\utente\AppData\Roaming\drivers\downld\303640.exe
c:\users\utente\AppData\Roaming\drivers\downld\304687.exe
c:\users\utente\AppData\Roaming\drivers\downld\305687.exe
c:\users\utente\AppData\Roaming\drivers\downld\305843.exe
c:\users\utente\AppData\Roaming\drivers\downld\306234.exe
c:\users\utente\AppData\Roaming\drivers\downld\306781.exe
c:\users\utente\AppData\Roaming\drivers\downld\307031.exe
c:\users\utente\AppData\Roaming\drivers\downld\307078.exe
c:\users\utente\AppData\Roaming\drivers\downld\308093.exe
c:\users\utente\AppData\Roaming\drivers\downld\308125.exe
c:\users\utente\AppData\Roaming\drivers\downld\308781.exe
c:\users\utente\AppData\Roaming\drivers\downld\308812.exe
c:\users\utente\AppData\Roaming\drivers\downld\310437.exe
c:\users\utente\AppData\Roaming\drivers\downld\310984.exe
c:\users\utente\AppData\Roaming\drivers\downld\311046.exe
c:\users\utente\AppData\Roaming\drivers\downld\311062.exe
c:\users\utente\AppData\Roaming\drivers\downld\311765.exe
c:\users\utente\AppData\Roaming\drivers\downld\315343.exe
c:\users\utente\AppData\Roaming\drivers\downld\315609.exe
c:\users\utente\AppData\Roaming\drivers\downld\316187.exe
c:\users\utente\AppData\Roaming\drivers\downld\316343.exe
c:\users\utente\AppData\Roaming\drivers\downld\316406.exe
c:\users\utente\AppData\Roaming\drivers\downld\316875.exe
c:\users\utente\AppData\Roaming\drivers\downld\318265.exe
c:\users\utente\AppData\Roaming\drivers\downld\318593.exe
c:\users\utente\AppData\Roaming\drivers\downld\319125.exe
c:\users\utente\AppData\Roaming\drivers\downld\319312.exe
c:\users\utente\AppData\Roaming\drivers\downld\319328.exe
c:\users\utente\AppData\Roaming\drivers\downld\319640.exe
c:\users\utente\AppData\Roaming\drivers\downld\320031.exe
c:\users\utente\AppData\Roaming\drivers\downld\320093.exe
c:\users\utente\AppData\Roaming\drivers\downld\320359.exe
c:\users\utente\AppData\Roaming\drivers\downld\320562.exe
c:\users\utente\AppData\Roaming\drivers\downld\322453.exe
c:\users\utente\AppData\Roaming\drivers\downld\323656.exe
c:\users\utente\AppData\Roaming\drivers\downld\325796.exe
c:\users\utente\AppData\Roaming\drivers\downld\325859.exe
c:\users\utente\AppData\Roaming\drivers\downld\325875.exe
c:\users\utente\AppData\Roaming\drivers\downld\325921.exe
c:\users\utente\AppData\Roaming\drivers\downld\326187.exe
c:\users\utente\AppData\Roaming\drivers\downld\326406.exe
c:\users\utente\AppData\Roaming\drivers\downld\326609.exe
c:\users\utente\AppData\Roaming\drivers\downld\326671.exe
c:\users\utente\AppData\Roaming\drivers\downld\326734.exe
c:\users\utente\AppData\Roaming\drivers\downld\326890.exe
c:\users\utente\AppData\Roaming\drivers\downld\326906.exe
c:\users\utente\AppData\Roaming\drivers\downld\326984.exe
c:\users\utente\AppData\Roaming\drivers\downld\327062.exe
c:\users\utente\AppData\Roaming\drivers\downld\327171.exe
c:\users\utente\AppData\Roaming\drivers\downld\327234.exe
c:\users\utente\AppData\Roaming\drivers\downld\327390.exe
c:\users\utente\AppData\Roaming\drivers\downld\327640.exe
c:\users\utente\AppData\Roaming\drivers\downld\327687.exe
c:\users\utente\AppData\Roaming\drivers\downld\327859.exe
c:\users\utente\AppData\Roaming\drivers\downld\328093.exe
c:\users\utente\AppData\Roaming\drivers\downld\328203.exe
c:\users\utente\AppData\Roaming\drivers\downld\328765.exe
c:\users\utente\AppData\Roaming\drivers\downld\328906.exe
c:\users\utente\AppData\Roaming\drivers\downld\329093.exe
c:\users\utente\AppData\Roaming\drivers\downld\329125.exe
c:\users\utente\AppData\Roaming\drivers\downld\329218.exe
c:\users\utente\AppData\Roaming\drivers\downld\329578.exe
c:\users\utente\AppData\Roaming\drivers\downld\329921.exe
c:\users\utente\AppData\Roaming\drivers\downld\329937.exe
c:\users\utente\AppData\Roaming\drivers\downld\330062.exe
c:\users\utente\AppData\Roaming\drivers\downld\330140.exe
c:\users\utente\AppData\Roaming\drivers\downld\330156.exe
c:\users\utente\AppData\Roaming\drivers\downld\331500.exe
c:\users\utente\AppData\Roaming\drivers\downld\331890.exe
c:\users\utente\AppData\Roaming\drivers\downld\331984.exe
c:\users\utente\AppData\Roaming\drivers\downld\332406.exe
c:\users\utente\AppData\Roaming\drivers\downld\332484.exe
c:\users\utente\AppData\Roaming\drivers\downld\333031.exe
c:\users\utente\AppData\Roaming\drivers\downld\333171.exe
c:\users\utente\AppData\Roaming\drivers\downld\333187.exe
c:\users\utente\AppData\Roaming\drivers\downld\333421.exe
c:\users\utente\AppData\Roaming\drivers\downld\335890.exe
c:\users\utente\AppData\Roaming\drivers\downld\336250.exe
c:\users\utente\AppData\Roaming\drivers\downld\336265.exe
c:\users\utente\AppData\Roaming\drivers\downld\339218.exe
c:\users\utente\AppData\Roaming\drivers\downld\339781.exe
c:\users\utente\AppData\Roaming\drivers\downld\339796.exe
c:\users\utente\AppData\Roaming\drivers\downld\339890.exe
c:\users\utente\AppData\Roaming\drivers\downld\342218.exe
c:\users\utente\AppData\Roaming\drivers\downld\342453.exe
c:\users\utente\AppData\Roaming\drivers\downld\342468.exe
c:\users\utente\AppData\Roaming\drivers\downld\342812.exe
c:\users\utente\AppData\Roaming\drivers\downld\342828.exe
c:\users\utente\AppData\Roaming\drivers\downld\344625.exe
c:\users\utente\AppData\Roaming\drivers\downld\345000.exe
c:\users\utente\AppData\Roaming\drivers\downld\345015.exe
c:\users\utente\AppData\Roaming\drivers\downld\347937.exe
c:\users\utente\AppData\Roaming\drivers\downld\348906.exe
c:\users\utente\AppData\Roaming\drivers\downld\349468.exe
c:\users\utente\AppData\Roaming\drivers\downld\349703.exe
c:\users\utente\AppData\Roaming\drivers\downld\349890.exe
c:\users\utente\AppData\Roaming\drivers\downld\349906.exe
c:\users\utente\AppData\Roaming\drivers\downld\350562.exe
c:\users\utente\AppData\Roaming\drivers\downld\350718.exe
c:\users\utente\AppData\Roaming\drivers\downld\351218.exe
c:\users\utente\AppData\Roaming\drivers\downld\351453.exe
c:\users\utente\AppData\Roaming\drivers\downld\352078.exe
c:\users\utente\AppData\Roaming\drivers\downld\352203.exe
c:\users\utente\AppData\Roaming\drivers\downld\352937.exe
c:\users\utente\AppData\Roaming\drivers\downld\353281.exe
c:\users\utente\AppData\Roaming\drivers\downld\353578.exe
c:\users\utente\AppData\Roaming\drivers\downld\353671.exe
c:\users\utente\AppData\Roaming\drivers\downld\354015.exe
c:\users\utente\AppData\Roaming\drivers\downld\354031.exe
c:\users\utente\AppData\Roaming\drivers\downld\356359.exe
c:\users\utente\AppData\Roaming\drivers\downld\356796.exe
c:\users\utente\AppData\Roaming\drivers\downld\356984.exe
c:\users\utente\AppData\Roaming\drivers\downld\357328.exe
c:\users\utente\AppData\Roaming\drivers\downld\359046.exe
c:\users\utente\AppData\Roaming\drivers\downld\360234.exe
c:\users\utente\AppData\Roaming\drivers\downld\361218.exe
c:\users\utente\AppData\Roaming\drivers\downld\366718.exe
c:\users\utente\AppData\Roaming\drivers\downld\366796.exe
c:\users\utente\AppData\Roaming\drivers\downld\367406.exe
c:\users\utente\AppData\Roaming\drivers\downld\367515.exe
c:\users\utente\AppData\Roaming\drivers\downld\367531.exe
c:\users\utente\AppData\Roaming\drivers\downld\367765.exe
c:\users\utente\AppData\Roaming\drivers\downld\368265.exe
c:\users\utente\AppData\Roaming\drivers\downld\368937.exe
c:\users\utente\AppData\Roaming\drivers\downld\369250.exe
c:\users\utente\AppData\Roaming\drivers\downld\369859.exe
c:\users\utente\AppData\Roaming\drivers\downld\370046.exe
c:\users\utente\AppData\Roaming\drivers\downld\370468.exe
c:\users\utente\AppData\Roaming\drivers\downld\373687.exe
c:\users\utente\AppData\Roaming\drivers\downld\373703.exe
c:\users\utente\AppData\Roaming\drivers\downld\374281.exe
c:\users\utente\AppData\Roaming\drivers\downld\374296.exe
c:\users\utente\AppData\Roaming\drivers\downld\374468.exe
c:\users\utente\AppData\Roaming\drivers\downld\374484.exe
c:\users\utente\AppData\Roaming\drivers\downld\374687.exe
c:\users\utente\AppData\Roaming\drivers\downld\375250.exe
c:\users\utente\AppData\Roaming\drivers\downld\375265.exe
c:\users\utente\AppData\Roaming\drivers\downld\376546.exe
c:\users\utente\AppData\Roaming\drivers\downld\377187.exe
c:\users\utente\AppData\Roaming\drivers\downld\379234.exe
c:\users\utente\AppData\Roaming\drivers\downld\379312.exe
c:\users\utente\AppData\Roaming\drivers\downld\379921.exe
c:\users\utente\AppData\Roaming\drivers\downld\381828.exe
c:\users\utente\AppData\Roaming\drivers\downld\382515.exe
c:\users\utente\AppData\Roaming\drivers\downld\383250.exe
c:\users\utente\AppData\Roaming\drivers\downld\383359.exe
c:\users\utente\AppData\Roaming\drivers\downld\383843.exe
c:\users\utente\AppData\Roaming\drivers\downld\383921.exe
c:\users\utente\AppData\Roaming\drivers\downld\384437.exe
c:\users\utente\AppData\Roaming\drivers\downld\384593.exe
c:\users\utente\AppData\Roaming\drivers\downld\384968.exe
c:\users\utente\AppData\Roaming\drivers\downld\385656.exe
c:\users\utente\AppData\Roaming\drivers\downld\386453.exe
c:\users\utente\AppData\Roaming\drivers\downld\386484.exe
c:\users\utente\AppData\Roaming\drivers\downld\386796.exe
c:\users\utente\AppData\Roaming\drivers\downld\387468.exe
c:\users\utente\AppData\Roaming\drivers\downld\387578.exe
c:\users\utente\AppData\Roaming\drivers\downld\387828.exe
c:\users\utente\AppData\Roaming\drivers\downld\387968.exe
c:\users\utente\AppData\Roaming\drivers\downld\388015.exe
c:\users\utente\AppData\Roaming\drivers\downld\388109.exe
c:\users\utente\AppData\Roaming\drivers\downld\388765.exe
c:\users\utente\AppData\Roaming\drivers\downld\388906.exe
c:\users\utente\AppData\Roaming\drivers\downld\388953.exe
c:\users\utente\AppData\Roaming\drivers\downld\389359.exe
c:\users\utente\AppData\Roaming\drivers\downld\389468.exe
c:\users\utente\AppData\Roaming\drivers\downld\389921.exe
c:\users\utente\AppData\Roaming\drivers\downld\389937.exe
c:\users\utente\AppData\Roaming\drivers\downld\390000.exe
c:\users\utente\AppData\Roaming\drivers\downld\390625.exe
c:\users\utente\AppData\Roaming\drivers\downld\395359.exe
c:\users\utente\AppData\Roaming\drivers\downld\395812.exe
c:\users\utente\AppData\Roaming\drivers\downld\395828.exe
c:\users\utente\AppData\Roaming\drivers\downld\406921.exe
c:\users\utente\AppData\Roaming\drivers\downld\407296.exe
c:\users\utente\AppData\Roaming\drivers\downld\407312.exe
c:\users\utente\AppData\Roaming\drivers\downld\409968.exe
c:\users\utente\AppData\Roaming\drivers\downld\410375.exe
c:\users\utente\AppData\Roaming\drivers\downld\410484.exe
c:\users\utente\AppData\Roaming\drivers\downld\410796.exe
c:\users\utente\AppData\Roaming\drivers\downld\411328.exe
c:\users\utente\AppData\Roaming\drivers\downld\412093.exe
c:\users\utente\AppData\Roaming\drivers\downld\412203.exe
c:\users\utente\AppData\Roaming\drivers\downld\412406.exe
c:\users\utente\AppData\Roaming\drivers\downld\412546.exe
c:\users\utente\AppData\Roaming\drivers\downld\412687.exe
c:\users\utente\AppData\Roaming\drivers\downld\412765.exe
c:\users\utente\AppData\Roaming\drivers\downld\412812.exe
c:\users\utente\AppData\Roaming\drivers\downld\412828.exe
c:\users\utente\AppData\Roaming\drivers\downld\412859.exe
c:\users\utente\AppData\Roaming\drivers\downld\412968.exe
c:\users\utente\AppData\Roaming\drivers\downld\413031.exe
c:\users\utente\AppData\Roaming\drivers\downld\413578.exe
c:\users\utente\AppData\Roaming\drivers\downld\414078.exe
c:\users\utente\AppData\Roaming\drivers\downld\416593.exe
c:\users\utente\AppData\Roaming\drivers\downld\417609.exe
c:\users\utente\AppData\Roaming\drivers\downld\417796.exe
c:\users\utente\AppData\Roaming\drivers\downld\418281.exe
c:\users\utente\AppData\Roaming\drivers\downld\421125.exe
c:\users\utente\AppData\Roaming\drivers\downld\421453.exe
c:\users\utente\AppData\Roaming\drivers\downld\421812.exe
c:\users\utente\AppData\Roaming\drivers\downld\422015.exe
c:\users\utente\AppData\Roaming\drivers\downld\423484.exe
c:\users\utente\AppData\Roaming\drivers\downld\428640.exe
c:\users\utente\AppData\Roaming\drivers\downld\428765.exe
c:\users\utente\AppData\Roaming\drivers\downld\432437.exe
c:\users\utente\AppData\Roaming\drivers\downld\433406.exe
c:\users\utente\AppData\Roaming\drivers\downld\435375.exe
c:\users\utente\AppData\Roaming\drivers\downld\436234.exe
c:\users\utente\AppData\Roaming\drivers\downld\436250.exe
c:\users\utente\AppData\Roaming\drivers\downld\439375.exe
c:\users\utente\AppData\Roaming\drivers\downld\439484.exe
c:\users\utente\AppData\Roaming\drivers\downld\439515.exe
c:\users\utente\AppData\Roaming\drivers\downld\439875.exe
c:\users\utente\AppData\Roaming\drivers\downld\440015.exe
c:\users\utente\AppData\Roaming\drivers\downld\440359.exe
c:\users\utente\AppData\Roaming\drivers\downld\441859.exe
c:\users\utente\AppData\Roaming\drivers\downld\442406.exe
c:\users\utente\AppData\Roaming\drivers\downld\442609.exe
c:\users\utente\AppData\Roaming\drivers\downld\443296.exe
c:\users\utente\AppData\Roaming\drivers\downld\443312.exe
c:\users\utente\AppData\Roaming\drivers\downld\44342703.exe
c:\users\utente\AppData\Roaming\drivers\downld\44343046.exe
c:\users\utente\AppData\Roaming\drivers\downld\44343062.exe
c:\users\utente\AppData\Roaming\drivers\downld\443593.exe
c:\users\utente\AppData\Roaming\drivers\downld\443718.exe
c:\users\utente\AppData\Roaming\drivers\downld\443953.exe
c:\users\utente\AppData\Roaming\drivers\downld\444171.exe
c:\users\utente\AppData\Roaming\drivers\downld\444484.exe
c:\users\utente\AppData\Roaming\drivers\downld\444953.exe
c:\users\utente\AppData\Roaming\drivers\downld\445093.exe
c:\users\utente\AppData\Roaming\drivers\downld\445296.exe
c:\users\utente\AppData\Roaming\drivers\downld\44545203.exe
c:\users\utente\AppData\Roaming\drivers\downld\44546750.exe
c:\users\utente\AppData\Roaming\drivers\downld\44547140.exe
c:\users\utente\AppData\Roaming\drivers\downld\445531.exe
c:\users\utente\AppData\Roaming\drivers\downld\44589593.exe
c:\users\utente\AppData\Roaming\drivers\downld\445906.exe
c:\users\utente\AppData\Roaming\drivers\downld\44594171.exe
c:\users\utente\AppData\Roaming\drivers\downld\44594687.exe
c:\users\utente\AppData\Roaming\drivers\downld\446140.exe
c:\users\utente\AppData\Roaming\drivers\downld\446265.exe
c:\users\utente\AppData\Roaming\drivers\downld\446703.exe
c:\users\utente\AppData\Roaming\drivers\downld\447406.exe
c:\users\utente\AppData\Roaming\drivers\downld\447875.exe
c:\users\utente\AppData\Roaming\drivers\downld\44807718.exe
c:\users\utente\AppData\Roaming\drivers\downld\44807890.exe
c:\users\utente\AppData\Roaming\drivers\downld\44816296.exe
c:\users\utente\AppData\Roaming\drivers\downld\44817171.exe
c:\users\utente\AppData\Roaming\drivers\downld\44817468.exe
c:\users\utente\AppData\Roaming\drivers\downld\44818000.exe
c:\users\utente\AppData\Roaming\drivers\downld\44819437.exe
c:\users\utente\AppData\Roaming\drivers\downld\44820546.exe
c:\users\utente\AppData\Roaming\drivers\downld\448328.exe
c:\users\utente\AppData\Roaming\drivers\downld\44854093.exe
c:\users\utente\AppData\Roaming\drivers\downld\44862765.exe
c:\users\utente\AppData\Roaming\drivers\downld\44862968.exe
c:\users\utente\AppData\Roaming\drivers\downld\44866171.exe
c:\users\utente\AppData\Roaming\drivers\downld\44867625.exe
c:\users\utente\AppData\Roaming\drivers\downld\44915593.exe
c:\users\utente\AppData\Roaming\drivers\downld\44916609.exe
c:\users\utente\AppData\Roaming\drivers\downld\449250.exe
c:\users\utente\AppData\Roaming\drivers\downld\44950343.exe
c:\users\utente\AppData\Roaming\drivers\downld\449515.exe
c:\users\utente\AppData\Roaming\drivers\downld\449531.exe
c:\users\utente\AppData\Roaming\drivers\downld\44956062.exe
c:\users\utente\AppData\Roaming\drivers\downld\44958531.exe
c:\users\utente\AppData\Roaming\drivers\downld\44965890.exe
c:\users\utente\AppData\Roaming\drivers\downld\44970843.exe
c:\users\utente\AppData\Roaming\drivers\downld\44970859.exe
c:\users\utente\AppData\Roaming\drivers\downld\44999156.exe
c:\users\utente\AppData\Roaming\drivers\downld\45002468.exe
c:\users\utente\AppData\Roaming\drivers\downld\45002562.exe
c:\users\utente\AppData\Roaming\drivers\downld\45002953.exe
c:\users\utente\AppData\Roaming\drivers\downld\45003625.exe
c:\users\utente\AppData\Roaming\drivers\downld\45004359.exe
c:\users\utente\AppData\Roaming\drivers\downld\450109.exe
c:\users\utente\AppData\Roaming\drivers\downld\450125.exe
c:\users\utente\AppData\Roaming\drivers\downld\450234.exe
c:\users\utente\AppData\Roaming\drivers\downld\45035718.exe
c:\users\utente\AppData\Roaming\drivers\downld\45035812.exe
c:\users\utente\AppData\Roaming\drivers\downld\45035828.exe
c:\users\utente\AppData\Roaming\drivers\downld\45102765.exe
c:\users\utente\AppData\Roaming\drivers\downld\45104828.exe
c:\users\utente\AppData\Roaming\drivers\downld\45105046.exe
c:\users\utente\AppData\Roaming\drivers\downld\45150484.exe
c:\users\utente\AppData\Roaming\drivers\downld\45151265.exe
c:\users\utente\AppData\Roaming\drivers\downld\45151281.exe
c:\users\utente\AppData\Roaming\drivers\downld\452765.exe
c:\users\utente\AppData\Roaming\drivers\downld\453109.exe
c:\users\utente\AppData\Roaming\drivers\downld\453687.exe
c:\users\utente\AppData\Roaming\drivers\downld\453750.exe
c:\users\utente\AppData\Roaming\drivers\downld\457125.exe
c:\users\utente\AppData\Roaming\drivers\downld\457218.exe
c:\users\utente\AppData\Roaming\drivers\downld\457234.exe
c:\users\utente\AppData\Roaming\drivers\downld\462625.exe
c:\users\utente\AppData\Roaming\drivers\downld\462734.exe
c:\users\utente\AppData\Roaming\drivers\downld\462750.exe
c:\users\utente\AppData\Roaming\drivers\downld\463000.exe
c:\users\utente\AppData\Roaming\drivers\downld\463140.exe
c:\users\utente\AppData\Roaming\drivers\downld\463156.exe
c:\users\utente\AppData\Roaming\drivers\downld\469890.exe
c:\users\utente\AppData\Roaming\drivers\downld\470281.exe
c:\users\utente\AppData\Roaming\drivers\downld\470296.exe
c:\users\utente\AppData\Roaming\drivers\downld\474375.exe
c:\users\utente\AppData\Roaming\drivers\downld\475609.exe
c:\users\utente\AppData\Roaming\drivers\downld\475796.exe
c:\users\utente\AppData\Roaming\drivers\downld\476718.exe
c:\users\utente\AppData\Roaming\drivers\downld\477468.exe
c:\users\utente\AppData\Roaming\drivers\downld\477703.exe
c:\users\utente\AppData\Roaming\drivers\downld\479375.exe
c:\users\utente\AppData\Roaming\drivers\downld\484265.exe
c:\users\utente\AppData\Roaming\drivers\downld\484281.exe
c:\users\utente\AppData\Roaming\drivers\downld\485000.exe
c:\users\utente\AppData\Roaming\drivers\downld\485640.exe
c:\users\utente\AppData\Roaming\drivers\downld\485656.exe
c:\users\utente\AppData\Roaming\drivers\downld\496468.exe
c:\users\utente\AppData\Roaming\drivers\downld\497187.exe
c:\users\utente\AppData\Roaming\drivers\downld\497437.exe
c:\users\utente\AppData\Roaming\drivers\downld\505843.exe
c:\users\utente\AppData\Roaming\drivers\downld\507484.exe
c:\users\utente\AppData\Roaming\drivers\downld\507687.exe
c:\users\utente\AppData\Roaming\drivers\downld\519625.exe
c:\users\utente\AppData\Roaming\drivers\downld\519937.exe
c:\users\utente\AppData\Roaming\drivers\downld\520000.exe
c:\users\utente\AppData\Roaming\drivers\downld\520343.exe
c:\users\utente\AppData\Roaming\drivers\downld\521156.exe
c:\users\utente\AppData\Roaming\drivers\downld\522609.exe
c:\users\utente\AppData\Roaming\drivers\downld\523531.exe
c:\users\utente\AppData\Roaming\drivers\downld\523718.exe
c:\users\utente\AppData\Roaming\drivers\downld\524421.exe
c:\users\utente\AppData\Roaming\drivers\downld\524625.exe
c:\users\utente\AppData\Roaming\drivers\downld\531906.exe
c:\users\utente\AppData\Roaming\drivers\downld\532937.exe
c:\users\utente\AppData\Roaming\drivers\downld\533140.exe
c:\users\utente\AppData\Roaming\drivers\downld\533187.exe
c:\users\utente\AppData\Roaming\drivers\downld\533203.exe
c:\users\utente\AppData\Roaming\drivers\downld\533843.exe
c:\users\utente\AppData\Roaming\drivers\downld\533859.exe
c:\users\utente\AppData\Roaming\drivers\downld\533875.exe
c:\users\utente\AppData\Roaming\drivers\downld\534078.exe
c:\users\utente\AppData\Roaming\drivers\downld\537796.exe
c:\users\utente\AppData\Roaming\drivers\downld\538640.exe
c:\users\utente\AppData\Roaming\drivers\downld\539140.exe
c:\users\utente\AppData\Roaming\drivers\downld\540421.exe
c:\users\utente\AppData\Roaming\drivers\downld\540984.exe
c:\users\utente\AppData\Roaming\drivers\downld\541265.exe
c:\users\utente\AppData\Roaming\drivers\downld\541406.exe
c:\users\utente\AppData\Roaming\drivers\downld\541609.exe
c:\users\utente\AppData\Roaming\drivers\downld\541843.exe
c:\users\utente\AppData\Roaming\drivers\downld\542734.exe
c:\users\utente\AppData\Roaming\drivers\downld\542750.exe
c:\users\utente\AppData\Roaming\drivers\downld\547531.exe
c:\users\utente\AppData\Roaming\drivers\downld\549984.exe
c:\users\utente\AppData\Roaming\drivers\downld\552203.exe
c:\users\utente\AppData\Roaming\drivers\downld\553250.exe
c:\users\utente\AppData\Roaming\drivers\downld\555312.exe
c:\users\utente\AppData\Roaming\drivers\downld\556312.exe
c:\users\utente\AppData\Roaming\drivers\downld\557781.exe
c:\users\utente\AppData\Roaming\drivers\downld\558515.exe
c:\users\utente\AppData\Roaming\drivers\downld\558640.exe
c:\users\utente\AppData\Roaming\drivers\downld\559156.exe
c:\users\utente\AppData\Roaming\drivers\downld\560171.exe
c:\users\utente\AppData\Roaming\drivers\downld\560281.exe
c:\users\utente\AppData\Roaming\drivers\downld\560296.exe
c:\users\utente\AppData\Roaming\drivers\downld\561093.exe
c:\users\utente\AppData\Roaming\drivers\downld\561359.exe
c:\users\utente\AppData\Roaming\drivers\downld\561500.exe
c:\users\utente\AppData\Roaming\drivers\downld\562234.exe
c:\users\utente\AppData\Roaming\drivers\downld\562343.exe
c:\users\utente\AppData\Roaming\drivers\downld\562359.exe
c:\users\utente\AppData\Roaming\drivers\downld\562859.exe
c:\users\utente\AppData\Roaming\drivers\downld\562875.exe
c:\users\utente\AppData\Roaming\drivers\downld\59551515.exe
c:\users\utente\AppData\Roaming\drivers\downld\59551609.exe
c:\users\utente\AppData\Roaming\drivers\downld\59551625.exe
c:\users\utente\AppData\Roaming\drivers\downld\59564500.exe
c:\users\utente\AppData\Roaming\drivers\downld\59565515.exe
c:\users\utente\AppData\Roaming\drivers\downld\59565937.exe
c:\users\utente\AppData\Roaming\drivers\downld\59574078.exe
c:\users\utente\AppData\Roaming\drivers\downld\59575890.exe
c:\users\utente\AppData\Roaming\drivers\downld\59579578.exe
c:\users\utente\AppData\Roaming\drivers\downld\59695984.exe
c:\users\utente\AppData\Roaming\drivers\downld\59696000.exe
c:\users\utente\AppData\Roaming\drivers\downld\59696015.exe
c:\users\utente\AppData\Roaming\drivers\downld\59704703.exe
c:\users\utente\AppData\Roaming\drivers\downld\59705281.exe
c:\users\utente\AppData\Roaming\drivers\downld\59705484.exe
c:\users\utente\AppData\Roaming\drivers\downld\59705953.exe
c:\users\utente\AppData\Roaming\drivers\downld\59707328.exe
c:\users\utente\AppData\Roaming\drivers\downld\59708015.exe
c:\users\utente\AppData\Roaming\drivers\downld\59765671.exe
c:\users\utente\AppData\Roaming\drivers\downld\59767234.exe
c:\users\utente\AppData\Roaming\drivers\downld\59767484.exe
c:\users\utente\AppData\Roaming\drivers\downld\59771234.exe
c:\users\utente\AppData\Roaming\drivers\downld\59771281.exe
c:\users\utente\AppData\Roaming\drivers\downld\59771296.exe
c:\users\utente\AppData\Roaming\drivers\downld\59822265.exe
c:\users\utente\AppData\Roaming\drivers\downld\59822296.exe
c:\users\utente\AppData\Roaming\drivers\downld\59822312.exe
c:\users\utente\AppData\Roaming\drivers\downld\59833984.exe
c:\users\utente\AppData\Roaming\drivers\downld\59834828.exe
c:\users\utente\AppData\Roaming\drivers\downld\59837078.exe
c:\users\utente\AppData\Roaming\drivers\downld\59848875.exe
c:\users\utente\AppData\Roaming\drivers\downld\59848984.exe
c:\users\utente\AppData\Roaming\drivers\downld\59849171.exe
c:\users\utente\AppData\Roaming\drivers\downld\59883234.exe
c:\users\utente\AppData\Roaming\drivers\downld\59883687.exe
c:\users\utente\AppData\Roaming\drivers\downld\59883843.exe
c:\users\utente\AppData\Roaming\drivers\downld\59884234.exe
c:\users\utente\AppData\Roaming\drivers\downld\59887734.exe
c:\users\utente\AppData\Roaming\drivers\downld\59891265.exe
c:\users\utente\AppData\Roaming\drivers\downld\59916750.exe
c:\users\utente\AppData\Roaming\drivers\downld\59916765.exe
c:\users\utente\AppData\Roaming\drivers\downld\59989953.exe
c:\users\utente\AppData\Roaming\drivers\downld\59990390.exe
c:\users\utente\AppData\Roaming\drivers\downld\59990593.exe
c:\users\utente\AppData\Roaming\drivers\downld\60040515.exe
c:\users\utente\AppData\Roaming\drivers\downld\60040531.exe
c:\users\utente\AppData\Roaming\drivers\downld\60040546.exe
c:\users\utente\AppData\Roaming\drivers\downld\603281.exe
c:\users\utente\AppData\Roaming\drivers\downld\603671.exe
c:\users\utente\AppData\Roaming\drivers\downld\603812.exe
c:\users\utente\AppData\Roaming\drivers\downld\604218.exe
c:\users\utente\AppData\Roaming\drivers\downld\605140.exe
c:\users\utente\AppData\Roaming\drivers\downld\608781.exe
c:\users\utente\AppData\Roaming\drivers\downld\624609.exe
c:\users\utente\AppData\Roaming\drivers\downld\624781.exe
c:\users\utente\AppData\Roaming\drivers\downld\624796.exe
c:\users\utente\AppData\Roaming\drivers\downld\680375.exe
c:\users\utente\AppData\Roaming\drivers\downld\682281.exe
c:\users\utente\AppData\Roaming\drivers\downld\682500.exe
c:\users\utente\AppData\Roaming\drivers\downld\682984.exe
c:\users\utente\AppData\Roaming\drivers\downld\685078.exe
c:\users\utente\AppData\Roaming\drivers\downld\685734.exe
c:\users\utente\AppData\Roaming\drivers\downld\691687.exe
c:\users\utente\AppData\Roaming\drivers\downld\692875.exe
c:\users\utente\AppData\Roaming\drivers\downld\693078.exe
c:\users\utente\AppData\Roaming\drivers\downld\703578.exe
c:\users\utente\AppData\Roaming\drivers\downld\703718.exe
c:\users\utente\AppData\Roaming\drivers\downld\703734.exe
c:\users\utente\AppData\Roaming\drivers\downld\718203.exe
c:\users\utente\AppData\Roaming\drivers\downld\7182750.exe
c:\users\utente\AppData\Roaming\drivers\downld\7183234.exe
c:\users\utente\AppData\Roaming\drivers\downld\7183250.exe
c:\users\utente\AppData\Roaming\drivers\downld\718828.exe
c:\users\utente\AppData\Roaming\drivers\downld\718843.exe
c:\users\utente\AppData\Roaming\drivers\downld\7191234.exe
ziotoby
Newbie
 
Post: 7
Iscritto il: 22/10/09 14:25

Re: pc infettato da spyware

Postdi ziotoby » 23/10/09 08:49

proseguo (ho dovuto mandare il log in due pezzi perché non ci stava)



c:\users\utente\AppData\Roaming\drivers\downld\7192109.exe
c:\users\utente\AppData\Roaming\drivers\downld\7192468.exe
c:\users\utente\AppData\Roaming\drivers\downld\719484.exe
c:\users\utente\AppData\Roaming\drivers\downld\719578.exe
c:\users\utente\AppData\Roaming\drivers\downld\719593.exe
c:\users\utente\AppData\Roaming\drivers\downld\7200187.exe
c:\users\utente\AppData\Roaming\drivers\downld\7208421.exe
c:\users\utente\AppData\Roaming\drivers\downld\7212421.exe
c:\users\utente\AppData\Roaming\drivers\downld\7297687.exe
c:\users\utente\AppData\Roaming\drivers\downld\7297828.exe
c:\users\utente\AppData\Roaming\drivers\downld\7297843.exe
c:\users\utente\AppData\Roaming\drivers\downld\7331093.exe
c:\users\utente\AppData\Roaming\drivers\downld\7331906.exe
c:\users\utente\AppData\Roaming\drivers\downld\7332125.exe
c:\users\utente\AppData\Roaming\drivers\downld\7332562.exe
c:\users\utente\AppData\Roaming\drivers\downld\7333390.exe
c:\users\utente\AppData\Roaming\drivers\downld\7334093.exe
c:\users\utente\AppData\Roaming\drivers\downld\7354843.exe
c:\users\utente\AppData\Roaming\drivers\downld\7355484.exe
c:\users\utente\AppData\Roaming\drivers\downld\7355781.exe
c:\users\utente\AppData\Roaming\drivers\downld\7359062.exe
c:\users\utente\AppData\Roaming\drivers\downld\7359656.exe
c:\users\utente\AppData\Roaming\drivers\downld\7403765.exe
c:\users\utente\AppData\Roaming\drivers\downld\7404515.exe
c:\users\utente\AppData\Roaming\drivers\downld\7412500.exe
c:\users\utente\AppData\Roaming\drivers\downld\7413843.exe
c:\users\utente\AppData\Roaming\drivers\downld\7414250.exe
c:\users\utente\AppData\Roaming\drivers\downld\7476671.exe
c:\users\utente\AppData\Roaming\drivers\downld\7479828.exe
c:\users\utente\AppData\Roaming\drivers\downld\7487718.exe
c:\users\utente\AppData\Roaming\drivers\downld\7510562.exe
c:\users\utente\AppData\Roaming\drivers\downld\7510875.exe
c:\users\utente\AppData\Roaming\drivers\downld\7510906.exe
c:\users\utente\AppData\Roaming\drivers\downld\775421.exe
c:\users\utente\AppData\Roaming\drivers\downld\776968.exe
c:\users\utente\AppData\Roaming\drivers\downld\777187.exe
c:\users\utente\AppData\Roaming\drivers\downld\785687.exe
c:\users\utente\AppData\Roaming\drivers\downld\786359.exe
c:\users\utente\AppData\Roaming\drivers\downld\786546.exe
c:\users\utente\AppData\Roaming\drivers\downld\804375.exe
c:\users\utente\AppData\Roaming\drivers\downld\805109.exe
c:\users\utente\AppData\Roaming\drivers\downld\805281.exe
c:\users\utente\AppData\Roaming\drivers\downld\805796.exe
c:\users\utente\AppData\Roaming\drivers\downld\806390.exe
c:\users\utente\AppData\Roaming\drivers\downld\806406.exe
c:\users\utente\AppData\Roaming\drivers\downld\84031.exe
c:\users\utente\AppData\Roaming\drivers\downld\848843.exe
c:\users\utente\AppData\Roaming\drivers\downld\849437.exe
c:\users\utente\AppData\Roaming\drivers\downld\849453.exe
c:\users\utente\AppData\Roaming\drivers\downld\85453.exe
c:\users\utente\AppData\Roaming\drivers\downld\88093.exe
c:\users\utente\AppData\Roaming\drivers\downld\88125.exe
c:\users\utente\AppData\Roaming\drivers\downld\88968.exe
c:\users\utente\AppData\Roaming\drivers\downld\94171.exe
c:\users\utente\AppData\Roaming\drivers\downld\95765.exe
c:\users\utente\AppData\Roaming\drivers\downld\95796.exe
c:\users\utente\AppData\Roaming\drivers\downld\96140.exe
c:\users\utente\AppData\Roaming\drivers\downld\96328.exe
c:\users\utente\AppData\Roaming\drivers\downld\96515.exe
c:\users\utente\AppData\Roaming\drivers\downld\96953.exe
c:\users\utente\AppData\Roaming\drivers\downld\97000.exe
c:\users\utente\AppData\Roaming\drivers\downld\97687.exe
c:\users\utente\AppData\Roaming\drivers\downld\97703.exe
c:\users\utente\AppData\Roaming\drivers\downld\99156.exe
c:\users\utente\AppData\Roaming\drivers\downld\99234.exe
c:\users\utente\AppData\Roaming\drivers\downld\99250.exe
c:\users\utente\AppData\Roaming\m
c:\users\utente\AppData\Roaming\m\list.oct
c:\users\utente\AppData\Roaming\m\shared\Age of Mythology - Manaheim map.zip
c:\users\utente\AppData\Roaming\m\shared\Alldj DVD To iPod Ripper 3.5.2.zip
c:\users\utente\AppData\Roaming\m\shared\AMI Font Wrangler 2.0d [With Crack].zip
c:\users\utente\AppData\Roaming\m\shared\Antechinus Web Effects 10.0.zip
c:\users\utente\AppData\Roaming\m\shared\Apowersoft Video Converter Studio 2.0.0.zip
c:\users\utente\AppData\Roaming\m\shared\Atomic Cannon Mac 2.6.zip
c:\users\utente\AppData\Roaming\m\shared\Call of Duty St. Petersburg Sea Port map.zip
c:\users\utente\AppData\Roaming\m\shared\DLL Export Viewer 1.zip
c:\users\utente\AppData\Roaming\m\shared\Ease Audio TO RM Converter 1.00.zip
c:\users\utente\AppData\Roaming\m\shared\Empty Folder Nuker 1.2.0.zip
c:\users\utente\AppData\Roaming\m\shared\Flickr Watchr 1.4.zip
c:\users\utente\AppData\Roaming\m\shared\HanWJ Chinese Input Engine 4.24.zip
c:\users\utente\AppData\Roaming\m\shared\In Fairyland 1.0.zip
c:\users\utente\AppData\Roaming\m\shared\Julia Shapes 1.1.zip
c:\users\utente\AppData\Roaming\m\shared\Kaspersky.Antivirus.v6.0.1.411.keys.zip
c:\users\utente\AppData\Roaming\m\shared\Kaspersky.Personal.Pro.-.Licence.26-10-2007.zip
c:\users\utente\AppData\Roaming\m\shared\LA Sleepy 0.2.4.zip
c:\users\utente\AppData\Roaming\m\shared\LingvoSoft English-Bulgarian Talking Dictionary 3.1.41.zip
c:\users\utente\AppData\Roaming\m\shared\LingvoSoft Picture Dictionary 2008 German - Italian 1.2.25.zip
c:\users\utente\AppData\Roaming\m\shared\M6.Net PR Quick Check 1.00.zip
c:\users\utente\AppData\Roaming\m\shared\Mortgage Calculator 1.2.zip
c:\users\utente\AppData\Roaming\m\shared\Mouse Master 2.1 (With Crack).zip
c:\users\utente\AppData\Roaming\m\shared\One-2-five Music Thoery E-tutor 2.1.zip
c:\users\utente\AppData\Roaming\m\shared\Opus Creator 6.4.zip
c:\users\utente\AppData\Roaming\m\shared\PADManager 1.0.26.zip
c:\users\utente\AppData\Roaming\m\shared\PictureGirdle 1.3.zip
c:\users\utente\AppData\Roaming\m\shared\Print Folder 1.01 [Key].zip
c:\users\utente\AppData\Roaming\m\shared\Senuti iPod Rip 5.2.0.0.zip
c:\users\utente\AppData\Roaming\m\shared\Smoke 1.06.zip
c:\users\utente\AppData\Roaming\m\shared\SnifMon 4.125.zip
c:\users\utente\AppData\Roaming\m\shared\Space Reader.zip
c:\users\utente\AppData\Roaming\m\shared\SpectraScope 2.8.zip
c:\users\utente\AppData\Roaming\m\shared\Spin & Play - Carnival Madness 1.zip
c:\users\utente\AppData\Roaming\m\shared\SQL Search 1.1.zip
c:\users\utente\AppData\Roaming\m\shared\Stock Explorer 2.7.zip
c:\users\utente\AppData\Roaming\m\shared\ToChar 1.0.1.zip
c:\users\utente\AppData\Roaming\m\shared\ToolbarCreator 1.2.0.08.zip
c:\users\utente\AppData\Roaming\m\shared\Web Designers Toolkit with Slideshows 1.0.61.01 [Cracked].zip
c:\users\utente\AppData\Roaming\m\shared\Winselect 5.0.zip
c:\users\utente\AppData\Roaming\m\srvlist.oct
c:\windows\system32\ban_list.txt
c:\windows\system32\drivers\down
c:\windows\system32\drivers\down\392421.exe
c:\windows\TEMP\logishrd\LVPrcInj01.dll

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SK9OU0S
-------\Service_srosa


((((((((((((((((((((((((( Files Creati Da 2009-09-23 al 2009-10-23 )))))))))))))))))))))))))))))))))))
.

2009-10-23 07:22 . 2009-10-23 07:26 -------- d-----w- c:\users\utente\AppData\Local\temp
2009-10-23 07:22 . 2009-10-23 07:22 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp
2009-10-23 07:22 . 2009-10-23 07:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-23 07:22 . 2009-10-23 07:22 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2009-10-22 11:58 . 2009-10-22 11:58 -------- d-----w- c:\program files\Trend Micro
2009-10-22 11:33 . 2009-10-22 11:33 -------- d-----w- c:\program files\Common Files\Skype
2009-10-22 11:33 . 2009-10-22 11:33 -------- d-----r- c:\program files\Skype
2009-10-22 11:29 . 2009-10-22 11:29 -------- d-----w- c:\program files\Common Files\Windows Live
2009-10-21 08:44 . 2009-10-21 08:44 -------- d-----w- c:\program files\Common Files\Logitech
2009-10-19 18:26 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-19 18:26 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-19 18:26 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-19 18:25 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-19 18:25 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-19 18:25 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-12 19:36 . 2009-10-12 19:36 -------- d-----w- c:\users\utente\AppData\Roaming\AVS4YOU
2009-10-12 19:36 . 2009-10-12 19:36 -------- d-----w- c:\programdata\AVS4YOU
2009-10-12 19:35 . 2009-10-13 07:59 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-10-12 19:35 . 2008-08-13 09:22 974848 ----a-w- c:\windows\system32\mfc70.dll
2009-10-12 19:35 . 2008-08-13 09:22 487424 ----a-w- c:\windows\system32\msvcp70.dll
2009-10-12 19:35 . 2009-10-13 08:00 -------- d-----w- c:\program files\AVS4YOU
2009-10-12 19:35 . 2008-08-13 09:22 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-10-12 19:35 . 2008-08-13 09:22 24576 ----a-w- c:\windows\system32\msxml3a.dll
2009-10-03 06:22 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-03 06:22 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-03 06:22 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-03 06:22 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-03 06:22 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-10-03 06:22 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-10-03 06:22 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-03 06:22 . 2009-08-06 17:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-03 06:22 . 2009-08-06 16:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-09-29 11:41 . 2009-09-29 11:42 -------- d-----w- c:\windows\system32\ca-ES
2009-09-29 11:41 . 2009-09-29 11:42 -------- d-----w- c:\windows\system32\eu-ES
2009-09-29 11:41 . 2009-09-29 11:42 -------- d-----w- c:\windows\system32\vi-VN
2009-09-29 09:10 . 2009-09-29 09:10 -------- d-----w- c:\windows\system32\EventProviders
2009-09-29 09:08 . 2009-09-29 09:08 -------- d-----w- c:\users\utente\Office Genuine Advantage
2009-09-29 08:47 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-09-29 08:47 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-09-29 08:47 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2009-09-29 08:47 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-09-29 08:47 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-09-29 08:47 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2009-09-29 08:47 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2009-09-27 19:50 . 2009-09-27 19:50 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-09-27 19:48 . 2009-09-27 19:48 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2009-09-27 07:59 . 2009-04-11 06:28 29184 ----a-w- c:\windows\system32\uxsms.dll
2009-09-27 07:58 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-09-27 07:58 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-09-27 07:58 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-09-25 20:10 . 2009-09-25 20:47 -------- d-----w- c:\program files\IKEA HomePlanner
2009-09-24 11:23 . 2009-08-26 07:48 676224 ----a-w- C:\OGACHECKCONTROL.DLL
2009-09-23 16:25 . 2009-09-23 16:25 -------- d-----w- c:\program files\iPod

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-23 07:25 . 2009-03-31 15:44 -------- d-----w- c:\programdata\Kaspersky Lab
2009-10-23 07:23 . 2009-03-31 15:44 9795104 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-23 07:23 . 2009-03-31 15:44 79700 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-23 07:23 . 2009-03-31 15:44 7056 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-10-23 07:23 . 2009-03-31 15:44 1441824 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-10-23 07:14 . 2008-10-17 13:16 -------- d-----w- c:\users\utente\AppData\Roaming\Skype
2009-10-23 06:49 . 2008-01-21 06:30 662608 ----a-w- c:\windows\system32\perfh010.dat
2009-10-23 06:49 . 2008-01-21 06:30 120120 ----a-w- c:\windows\system32\perfc010.dat
2009-10-23 06:44 . 2008-10-17 13:20 -------- d-----w- c:\users\utente\AppData\Roaming\skypePM
2009-10-22 22:48 . 2009-01-30 14:51 -------- d-----w- c:\program files\LogMeIn
2009-10-22 11:33 . 2008-10-17 13:15 -------- d-----w- c:\programdata\Skype
2009-10-22 11:26 . 2009-04-14 10:20 -------- d-----w- c:\program files\Common Files\LogiShrd
2009-10-22 09:20 . 2009-02-01 17:18 -------- d-----w- c:\program files\Easy Duplicate Finder
2009-10-21 18:55 . 2008-08-03 22:24 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-21 16:19 . 2008-10-02 22:09 -------- d-----w- c:\program files\DNA
2009-10-20 07:12 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-10-19 19:18 . 2008-08-07 23:04 -------- d-----w- c:\programdata\Microsoft Help
2009-10-19 18:19 . 2009-03-31 15:45 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-19 18:19 . 2009-03-31 15:45 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-01 17:36 . 2009-01-30 14:52 83288 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2009-10-01 17:36 . 2009-01-30 14:52 28984 ----a-w- c:\windows\system32\LMIport.dll
2009-10-01 17:36 . 2009-01-30 14:52 87352 ----a-w- c:\windows\system32\LMIinit.dll
2009-10-01 11:52 . 2008-12-01 16:37 131824 ----a-w- c:\users\utente\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-01 11:50 . 2009-04-17 09:53 -------- d-----w- c:\program files\iTunes
2009-09-29 11:42 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-09-29 11:42 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-09-29 11:42 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-09-29 11:42 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-09-29 11:42 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-09-29 11:42 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-09-29 08:55 . 2008-08-07 23:07 -------- d-----w- c:\program files\Microsoft Works
2009-09-27 07:18 . 2008-11-15 11:15 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-25 20:09 . 2008-08-04 12:42 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-09-23 16:25 . 2008-10-02 22:16 -------- d-----w- c:\program files\Common Files\Apple
2009-09-14 10:44 . 2008-10-02 22:23 -------- d-----w- c:\users\utente\AppData\Roaming\Apple Computer
2009-09-12 19:01 . 2009-09-12 19:01 -------- d-----w- c:\program files\Utility Configurazione iPhone
2009-09-12 18:59 . 2009-09-12 18:52 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-12 18:50 . 2009-09-12 18:49 -------- d-----w- c:\program files\QuickTime
2009-09-08 13:35 . 2008-10-16 19:35 11552 ----a-w- c:\windows\system32\lmimirr2.dll
2009-09-08 13:35 . 2008-10-16 19:35 25248 ----a-w- c:\windows\system32\lmimirr.dll
2009-08-29 00:27 . 2009-09-02 23:37 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-02 23:37 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-28 17:42 . 2009-08-28 17:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-28 17:42 . 2009-08-28 17:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-27 05:22 . 2009-10-22 07:22 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 05:17 . 2009-10-22 07:22 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-08-27 05:17 . 2009-10-22 07:22 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-08-27 03:42 . 2009-10-22 07:22 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-14 16:27 . 2009-09-09 09:36 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-09 09:36 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-09 09:36 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-09 09:36 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-09 09:36 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-09 09:36 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-09 09:36 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-09 09:36 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-09 09:36 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-09 09:36 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-09 09:36 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll
2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll
2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Google Update"="c:\users\utente\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-11-13 133104]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-11-13 611712]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-03-31 201992]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2008-05-07 591696]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Creative SB Monitoring Utility"="sbavmon.dll" - c:\windows\System32\SBAVMon.dll [2009-05-25 98816]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd.dll c:\progra~1\KASPER~1\KASPER~1\adialhk.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@=""

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Device Detector 3.lnk]
backup=c:\windows\pss\Device Detector 3.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 3.lnk

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QGet.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\QGet.lnk
backup=c:\windows\pss\QGet.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^utente^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dragon NaturallySpeaking 9 Recorder Edition.lnk]
path=c:\users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dragon NaturallySpeaking 9 Recorder Edition.lnk
backup=c:\windows\pss\Dragon NaturallySpeaking 9 Recorder Edition.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):d4,ee,4f,61,b2,53,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4215024181-1578375625-2128248647-1000]
"EnableNotificationsRef"=dword:00000001

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [29/01/2008 18.29.38 33808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [26/03/2008 13.10.16 20496]
R2 DVRMSFileWatcherService;DVRMSFileWatcherService;c:\program files\DVRMSToolbox\DVRMSFileWatcherService.exe [28/02/2008 21.45.10 20480]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [24/07/2008 19.46.12 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\System32\drivers\LMIRfsDriver.sys [30/01/2009 16.52.02 47640]
R2 SSPORT;SSPORT;c:\windows\System32\drivers\SSPORT.SYS [05/11/2008 16.37.04 5120]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [21/01/2008 4.23.20 179712]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\System32\drivers\klfltdev.sys [13/03/2008 19.02.46 26640]
R3 ksaud;Creative USB Audio Driver;c:\windows\System32\drivers\ksaud.sys [04/06/2009 9.49.02 806272]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\System32\drivers\Ph3xIB32.sys [01/12/2008 17.00.47 1131136]
S2 gupdate1c9e68b65846627;Servizio di Google Update (gupdate1c9e68b65846627);c:\program files\Google\Update\GoogleUpdate.exe [06/06/2009 11.44.31 133104]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\System32\regedt32.exe [02/11/2006 10.32.21 9216]
S3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i-MCE;c:\windows\System32\drivers\3xHybrid.sys [22/11/2006 10.53.02 1121536]

--- Altri Servizi/Drivers In Memoria ---

*Deregistered* - AMON
*Deregistered* - nod32drv

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenuto della cartella 'Scheduled Tasks'

2009-10-23 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-06 09:39]

2009-10-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-06 09:44]

2009-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-06 09:44]

2009-10-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4215024181-1578375625-2128248647-1000Core.job
- c:\users\utente\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-13 00:11]

2009-10-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4215024181-1578375625-2128248647-1000UA.job
- c:\users\utente\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-13 00:11]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: Aggiungi al banner Blocco pubblicità - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: Download tramite QGet - c:\program files\QNAP\QGet\QGetCatch.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {CCA0B877-CB5E-4ADC-AD30-457C379512DD} - hxxp://192.168.1.7/xplugLite.cab
FF - ProfilePath - c:\users\utente\AppData\Roaming\Mozilla\Firefox\Profiles\sbuull1j.default\
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - plugin: c:\program files\Google\Google Updater\2.4.1601.7122\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJPI150_03.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\utente\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\users\utente\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\utente\Program Files\DNA\plugins\npbtdna.dll
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

AddRemove-Nokia PC Suite - c:\programdata\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Nokia_PC_Suite_7_1_18_0_ita_web.exe
AddRemove-BitTorrent DNA - c:\users\utente\Program Files\DNA\btdna.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-23 09:25
Windows 6.0.6002 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-4215024181-1578375625-2128248647-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{50AB1F2B-6D51-6DD4-2064-45D1A7019078}*]
"bbkfockobdmlenpahiljhmjkjgcdncbinnop"=hex:61,62,62,61,6a,63,70,61,61,69,6e,65,
6c,6d,61,6d,6b,6f,6b,69,66,67,6c,6e,62,6d,6a,68,66,6a,6d,6c,68,65,00,69
"abkfockobdmlenpahikjeopjigannkkkio"=hex:64,62,65,6f,6a,6e,68,67,6a,69,70,70,
65,70,6b,6d,68,6d,6a,62,63,6d,66,68,6b,63,6e,66,6c,70,67,6e,6a,61,6d,69,66,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1352)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'Explorer.exe'(4240)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ita.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\combofix\CF9619.exe
c:\program files\Epson Software\Event Manager\EEventManager.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\System32\rundll32.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\windows\ehome\ehmsas.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehRecvr.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\combofix\PEV.cfxxe
.
**************************************************************************
.
Ora fine scansione: 2009-10-23 9.33.05 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-10-23 07:32
ComboFix2.txt 2009-02-03 23:29
ComboFix3.txt 2009-01-30 13:12
ComboFix4.txt 2009-01-20 16:08

Pre-Run: 30.690.471.936 byte disponibili
Post-Run: 30.620.086.272 byte disponibili

- - End Of File - - 44DCEE48B6DEE468D969DCF369FCC4A0
ziotoby
Newbie
 
Post: 7
Iscritto il: 22/10/09 14:25

Re: pc infettato da spyware

Postdi shel » 23/10/09 09:00

ciao

prticamente avevi il pc invaso da infezioni miste, tra cui anche il bagle

esegui queste due scansioni

scarica
http://dc108.4shared.com/download/75022 ... 1-de3379fb

Una volta installato chiudi tutte le applicazioni attive e disconnettiti dal internet, poi clicca sull'icona di FindyKill e nella finestra dos che si aprirà scrivi 2 e premi Invio. Attendi il termine della scansione e posta qui il log che trovi in C:\FindyKill.txt


Scarica e installa http://www.malwarebytes.org/mbam/program/mbam-setup.exe Aggiornalo e fai una scansione completa del computer. Posta il rapporto ottenuto. Per ora non rimuovere nessuna eventuale minaccia rilevata
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: pc infettato da spyware

Postdi ziotoby » 23/10/09 10:35

ciao, ho fatto come mi hai detto e qui di seguito ci sono i due report
ti ringrazio ancora moltissimo,
a presto

----------------- FindyKill V4.707 ------------------

* User : utente - PC-MARCO-SALA
* executed from : C:\Program Files\FindyKill
* Update on 06/12/08 par Chiquitine29
* Start at 10:16:51 the 23/10/2009
* Windows_NT - Internet Explorer 8.0.6001.18828


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\DVRMSToolbox\DVRMSFileWatcherService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\svchost.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\IoctlSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Windows\system32\runonce.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\taskeng.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:


»»»» Supression files in C:\Windows


»»»» Supression files in C:\Windows\Prefetch


»»»» Supression files in C:\Windows\system32


»»»» Supression files in C:\Windows\system32\drivers


»»»» Supression files in C:\Users\utente\AppData\Roaming


»»»» Supression files in C:\Users\utente\AppData\Local\Temp


»»»» Supression files in C:\Users\utente\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\ProgramData\Skype\Plugins\Local Cache\D3987B641C134048B815DB578D607F42_more.jpg
Deleted ! - C:\Users\All Users\Skype\Plugins\Local Cache\D3987B641C134048B815DB578D607F42_more.jpg
Deleted ! - C:\Users\utente\AppData\Local\Microsoft\Media Player\Cache copertina\LocalMLS\{27AB2AD1-78E9-4147-B64B-41235E7C34C7}.jpg
Deleted ! - C:\Users\utente\AppData\Local\Microsoft\Media Player\Cache copertina\LocalMLS\{B086E826-B640-41BD-9DCF-7BDA8F5C0B6D}.jpg
Deleted ! - C:\Users\utente\Desktop\backup intero hd 80gb\deposito\audio\THE KINKS - Discography (1964-2004)\The Kinks - Complete Discography 1964 - 2004 - By M@xwell_R@yn\1975 - Soap Opera\AlbumArt_{5D600BCA-7B42-47AF-AAA3-05B3CBCB648B}_Large.jpg
Deleted ! - C:\Users\utente\Desktop\backup intero hd 80gb\deposito\audio\THE KINKS - Discography (1964-2004)\The Kinks - Complete Discography 1964 - 2004 - By M@xwell_R@yn\1975 - Soap Opera\AlbumArt_{5D600BCA-7B42-47AF-AAA3-05B3CBCB648B}_Small.jpg
Deleted ! - C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\184SOL3Q\A862BCA038FDEDFD585A571DB6437F[1].jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\drvsyskit
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\german.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mule_st_key

--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Wlansvc - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2

WinDefend - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Unità fissa
E: - Unità fissa

+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Users\utente\Desktop\Crack
C:\Users\utente\Desktop\MGA_crack.exe
C:\Users\utente\Desktop\backup intero hd 80gb\deposito\apps\keygen.exe
C:\Users\utente\Desktop\backup intero hd 80gb\deposito\cartella di cartelle\keygen per Corel PhotoAlbum 6
C:\Users\utente\Desktop\backup intero hd 80gb\deposito\cartella di cartelle\Pantone ColorVision ProfilerPro v3.0.1 Final + keygen
C:\Users\utente\Desktop\backup intero hd 80gb\deposito\cartella di cartelle\keygen per Corel PhotoAlbum 6\Keygen.exe
C:\Users\utente\Desktop\backup intero hd 80gb\deposito\cartella di cartelle\Pantone ColorVision ProfilerPro v3.0.1 Final + keygen\keygen
C:\Users\utente\Desktop\backup intero hd 80gb\deposito\cartella di cartelle\Pantone ColorVision ProfilerPro v3.0.1 Final + keygen\profilerpro_3.0.1.exe
C:\Users\utente\Desktop\backup intero hd 80gb\deposito\cartella di cartelle\Pantone ColorVision ProfilerPro v3.0.1 Final + keygen\keygen\Keygen.exe
C:\Users\utente\Desktop\backup intero hd 80gb\deposito\cartella di cartelle\Pantone ColorVision ProfilerPro v3.0.1 Final + keygen\keygen\virility.nfo
C:\Users\utente\Desktop\backup intero hd 80gb\deposito\zip\Windows.Genuine.Advantage.Validation.v1.5.530.0.CRACKED-ETH0.rar
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\,bat wga patch 8-11-06 Windows.Genuine.Advantage.Validation.v1.5.716.0.Crack
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\BSPlayer Pro 2.11 Build 940+Keygen.by.Balloo888
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11_for_XP_sp2_+_WGA_Validation_v1.5.526.0.CRACKED
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\,bat wga patch 8-11-06 Windows.Genuine.Advantage.Validation.v1.5.716.0.Crack\installer.bat
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\,bat wga patch 8-11-06 Windows.Genuine.Advantage.Validation.v1.5.716.0.Crack\LegitCheckControl.DLL
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\,bat wga patch 8-11-06 Windows.Genuine.Advantage.Validation.v1.5.716.0.Crack\WgaLogon.dll
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\,bat wga patch 8-11-06 Windows.Genuine.Advantage.Validation.v1.5.716.0.Crack\WgaTray.exe
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\,bat wga patch 8-11-06 Windows.Genuine.Advantage.Validation.v1.5.716.0.Crack\www.9down.com.url
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\BSPlayer Pro 2.11 Build 940+Keygen.by.Balloo888\bsplayer_pro211.940.exe
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\x64
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\x86
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\manual
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\OEM.BIOS.Emulator.exe
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\OEM.BIOS.Emulator.txt
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\manual\CERTS
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\manual\DIFxAPI.dll
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\manual\OEMTool.exe
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\manual\pkeys.txt
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\manual\readme.txt
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\manual\royal.inf
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\manual\royal.sys
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\manual\Setup.txt
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\manual\CERTS\Acer.xrm-ms
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\manual\CERTS\ASUS.xrm-ms
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\manual\CERTS\Hewlett-Packard.xrm-ms
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\bios\manual\CERTS\Lenovo.xrm-ms
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\x64\VistaActivator.exe
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\x64\VistaActivator.txt
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Vista.Activation.Crack.PARADOX.COMPUTER_GENIUS.And.PEMBROS.Bios.X86.X64\x86\VistaActivator.txt
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED\Fluxiontech.com.url
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED\nfo.nfo
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED\screenshot.jpg
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED\Windows.Genuine.Advantage.Validation.v1.5.526.0.CRACKED-ETH0
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED\Windows.Genuine.Advantage.Validation.v1.5.526.0.CRACKED-ETH0\e-wga155260c
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED\Windows.Genuine.Advantage.Validation.v1.5.526.0.CRACKED-ETH0\e-wga155260c.rar
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED\Windows.Genuine.Advantage.Validation.v1.5.526.0.CRACKED-ETH0\eth0.nfo
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED\Windows.Genuine.Advantage.Validation.v1.5.526.0.CRACKED-ETH0\file_id.diz
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED\Windows.Genuine.Advantage.Validation.v1.5.526.0.CRACKED-ETH0\e-wga155260c\LegitCheckControl.dll
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11_for_XP_sp2_+_WGA_Validation_v1.5.526.0.CRACKED\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11_for_XP_sp2_+_WGA_Validation_v1.5.526.0.CRACKED\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED\Fluxiontech.com.url
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11_for_XP_sp2_+_WGA_Validation_v1.5.526.0.CRACKED\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED\mpsetup.exe
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11_for_XP_sp2_+_WGA_Validation_v1.5.526.0.CRACKED\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED\nfo.nfo
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Desktop\Windows_Media_Player_11_for_XP_sp2_+_WGA_Validation_v1.5.526.0.CRACKED\Windows Media Player 11 for XP sp2 + WGA Validation v1.5.526.0.CRACKED\screenshot.jpg
C:\Users\utente\Desktop\backup intero hd 80gb\Documenti_OLD\Preferiti\Microsoft Windows Genuine Advantage Crack.url
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\Christmas On Crack.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\Crack DEMO.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\Crack-Babies-Normal.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\CRACK.TTF
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\CRACKADD.TTF
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\Crackaddict.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\Crackdown O1 -BRK-.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\Crackdown O2 -BRK-.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\Crackdown R -BRK-.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\Cracked Dendrite.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\Cracked Johnnie.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\CRACKFD.TTF
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\CrackFir.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\Crackhead Wrestling Federation.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\CRACKHO.TTF
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\CRACKING.TTF
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\CRACKLIN.TTF
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\Crackling Plain.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\CracklingFire (2).ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\CracklingFire.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\CrackMan.TTF
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\Cracko Deco.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\C\Crackpot.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\G\Genius of Crack.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\L\Lnewcrack.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\L\Lots of Dead Crack Babies.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\N\newcrack.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\W\WhereCracksAppear.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\Fonts\f\W\Wisecrack.ttf
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\,bat wga patch 8-11-06 Windows.Genuine.Advantage.Validation.v1.5.716.0.Crack.rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Abby Finereader Pro 7 Keygen.zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Abbyy Finereader 8.0 Professional Edition Keygen.zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Ahead_Nero_v7.8.5.0.Keygen.Only-EMBRACE.rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Crackato Il Sistema Di Autenticazione Della Microsoft Wga (Windows Genuine Advantage) By Mighel.rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\CRACK_Google Earth Pro.exe
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Diginaut.PhotoSpy.v1.7.S60.SymbianOS7.Cracked-PWNPDA
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Easy CD-DA Extractor v8.1.KeyGen.rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN.rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Hex.Workshop.v4.23.Keygen.by.RiF.zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Keygen
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Keygen Abby Fine Reader 8.0.rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Keygen and Patch for ABBYY FineReader 8.0 Professional.zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\My Mix v1.0 Incl Keygen Ror.rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Nero 7 Premium Reloaded 7.8.5.0 KEYGEN+Mirrors [New 2007-03-20].rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Nero Premium Reloaded 7.5.9.0A keygenserials (27.11.06).rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Nero Premium Reloaded v7.8.5.0 Keygen.rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Norton AntiVirus 2005 crack-serial-keygen.zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Omnipage Professional v15 Keygen Activation.txt
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Omnipage Professional v15 Keygen Attivazione ed istruzioni [Ita Eng].zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Pdf Converter 3 Professional keygen.exe
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Photospy.v1.7.s60.symbianos7.cracked-pwnpda.rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\SpamBully + KeyGen.zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Spambully 2.08 (With Crack).zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Spambully Crack.zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\SpamBully KeyGen(1).zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\SpamBully KeyGen.zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Spambully_outlook express+ Keygen.zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Spyware Adaware Remover 8.2 Build 2 + keygen +multilanguage .rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\TMPGenc Xpress 3.0.4.24 + MPEG Editor v1.0.1.59 + DVD Author 1.6.26.73 + AC-3 plugin 1.10 + crack.zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\WGA Microsoft Windows Genuine Advantage crack [ITALIANO Giugno 2006 FUNZIONA!!!].rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\WGA Windows Genuine Advantage Validation 1.5.540.0 Hotfix KB905474 Crack Inst.rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\WGA.Windows.Genuine.Advantage.Validation.v1.5.540.0.Cracked.rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Windows Genuine Advantage Validation (WGA) FIX Full Cracked 30.05.2006.rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Windows.Vista.Fr.RTM.build.6000.All.Versions.Activation.Crack.All.In.One.29.01.2007.By.OxyD.rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\[Programmi PC - ITA]Adaware 7.10+crack(1).rar
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\[WGA VALIDATION Check Crack Windows Media Player 11 ITA] wmp11-windowsxp-x86-it-it.zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Adaware 7.10\Spyware Adware Remover v7.0 KeyGen.exe
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Adobe Photoshop Cs v.8.0.1 ITA (Grafica e ritocco foto)\Crack
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Adobe Photoshop Cs v.8.0.1 ITA (Grafica e ritocco foto)\Crack\image1.jpg
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Adobe Photoshop Cs v.8.0.1 ITA (Grafica e ritocco foto)\Crack\image2.jpg
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Adobe Photoshop Cs v.8.0.1 ITA (Grafica e ritocco foto)\Crack\image3.jpg
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Adobe Photoshop Cs v.8.0.1 ITA (Grafica e ritocco foto)\Crack\install.txt
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Diginaut.PhotoSpy.v1.7.S60.SymbianOS7.Cracked-PWNPDA\file_id.diz
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Diginaut.PhotoSpy.v1.7.S60.SymbianOS7.Cracked-PWNPDA\PWN-0013.zip
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Diginaut.PhotoSpy.v1.7.S60.SymbianOS7.Cracked-PWNPDA\pwnpda.nfo
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\GoldEsel - visit us for more brandnew stuff.url
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32 Update Viewer 2.06.2.0
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32.patch
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32_2.70.23_standard.exe
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\Read.txt
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\Wichtig - Lesen - readme - www.goldesel.6x.to.txt
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32.patch\NOD32.FiX.v2.1.exe
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\FIGURINESS\expackardbell\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\FIGURINESS\expackardbell\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\GoldEsel - visit us for more brandnew stuff.url
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\FIGURINESS\expackardbell\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32 Update Viewer 2.06.2.0
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\FIGURINESS\expackardbell\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32.patch
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\FIGURINESS\expackardbell\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\Read.txt
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\FIGURINESS\expackardbell\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\Wichtig - Lesen - readme - www.goldesel.6x.to.txt
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\FIGURINESS\expackardbell\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\FIGURINESS\expackardbell\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32.patch\NOD32.FiX.v2.1.exe
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Keygen\Keygen.exe
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\Omnipage 15 Professional\Attivazione\Pdf Converter 3 Professional_keygen.exe
C:\Users\utente\Desktop\backup intero hd 80gb\_Archivio files scaricati\tomtom\Nav.6_Fix_keygen-put.your.map.midi.file.in.this.folder.rar
C:\Users\utente\Desktop\backupvista f\desktop vista f\Lavasoft Ad-Aware 2007 Professional 7.0.2.3 + Cracks
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Nero.v8.2.8.0_Ultra.Edition.KeyGen
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\WinTools.NET.Professional.v9.3.0.WinAll.Incl.Keygen.REPACK-CRD
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)\Leeme.txt
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)\Vista Loader 2.2.0 OEM BIOS Crack Emulator
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)\Vista Loader 2.2.0 OEM BIOS Crack Emulator\!!_Read Me_!!.html
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)\Vista Loader 2.2.0 OEM BIOS Crack Emulator\data
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)\Vista Loader 2.2.0 OEM BIOS Crack Emulator\data\Acer.bin
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)\Vista Loader 2.2.0 OEM BIOS Crack Emulator\data\Asus.bin
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)\Vista Loader 2.2.0 OEM BIOS Crack Emulator\data\Dell.bin
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)\Vista Loader 2.2.0 OEM BIOS Crack Emulator\data\Gateway.bin
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)\Vista Loader 2.2.0 OEM BIOS Crack Emulator\data\HP.bin
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)\Vista Loader 2.2.0 OEM BIOS Crack Emulator\data\Lenovo.bin
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)\Vista Loader 2.2.0 OEM BIOS Crack Emulator\data\NEC.bin
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)\Vista Loader 2.2.0 OEM BIOS Crack Emulator\data\Sony.bin
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)\Vista Loader 2.2.0 OEM BIOS Crack Emulator\data\vstaldr1
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator)\Vista Loader 2.2.0 OEM BIOS Crack Emulator\data\vstaldr2
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\Nero.v8.2.8.0_Ultra.Edition.KeyGen\WinRar.zip
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\WinTools.NET.Professional.v9.3.0.WinAll.Incl.Keygen.REPACK-CRD\crude.jpg
C:\Users\utente\Desktop\backupvista f\desktop vista f\cart di cart\WinTools.NET.Professional.v9.3.0.WinAll.Incl.Keygen.REPACK-CRD\file_id.diz
C:\Users\utente\Desktop\backupvista f\desktop vista f\Lavasoft Ad-Aware 2007 Professional 7.0.2.3 + Cracks\Instrucciones.txt
C:\Users\utente\Desktop\backupvista f\dwnlds\keygen
C:\Users\utente\Desktop\backupvista f\dwnlds\[PC - APP] - Steinberg.wavelab.6.0.H2O.with.dongle.crack.and.keygen.exclusive.release.iso
C:\Users\utente\Desktop\backupvista f\dwnlds\keygen\file_id.diz
C:\Users\utente\Desktop\backupvista f\incoming vista f\! Microsoft Office 2007 Crack-Serial-Keygen.zip
C:\Users\utente\Desktop\backupvista f\incoming vista f\Activar Windsows Vista SP1 (Vista Loader 2.2.0 Oem Bios Crack Emulator).zip
C:\Users\utente\Desktop\backupvista f\incoming vista f\Easy Karaoke Recorder v1.62 + crack.zip
C:\Users\utente\Desktop\backupvista f\incoming vista f\Lavasoft Ad-Aware 2007 Professional 7.0.2.3 + Cracks.rar
C:\Users\utente\Desktop\backupvista f\incoming vista f\Lavasoft.Ad-Aware.2008.Pro.v7.1.0.8.Final.incl.crack-MKDEV.by.ChingLiu.rar
C:\Users\utente\Desktop\backupvista f\incoming vista f\Microsoft Office 2007 Italiano Crack Keygen Serial Avi Dvix Dvx Mpg Mpeg Ok 100 X 100 Funzionante(1).txt
C:\Users\utente\Desktop\backupvista f\incoming vista f\Microsoft Office 2007 Italiano Crack Keygen Serial Avi Dvix Dvx Mpg Mpeg Ok 100 X 100 Funzionante.txt
C:\Users\utente\Desktop\backupvista f\incoming vista f\Nero.v8.2.8.0_Ultra.Edition.KeyGen.zip
C:\Users\utente\Desktop\backupvista f\incoming vista f\Nod 32 Antivirus Ver 7 Ita Crack.zip
C:\Users\utente\Desktop\backupvista f\incoming vista f\Nod 32 Versione 2.70.32 in italiano con crack funzionante.rar
C:\Users\utente\Desktop\backupvista f\incoming vista f\Office 2003 & Xp Activation Code (By Phone) (Crack).rar
C:\Users\utente\Desktop\backupvista f\incoming vista f\Serial Activation Crack Microsoft Office System 2007 Pro Enterprise Corporate Plus Professional Attivazione Seriali Ita Eng De Fr Ru 32 64 Bit.txt
C:\Users\utente\Desktop\backupvista f\incoming vista f\Serial Keygen Crack Generator Microsoft Office Word 2007.rar
C:\Users\utente\Desktop\backupvista f\incoming vista f\Wavepad Masters Edition v3.05 Winall Incl Keygen-Arn.rar
C:\Users\utente\Desktop\backupvista f\incoming vista f\WinTools.NET.Professional.v9.3.0.WinAll.Incl.Keygen.REPACK-CRD.rar
C:\Users\utente\Desktop\cores\Moleskinsoft.Clone.Remover.Pro.v3.4.Multilingual.Cracked-F4CG
C:\Users\utente\Desktop\cores\Moleskinsoft.Clone.Remover.Pro.v3.4.Multilingual.Cracked-F4CG\cloneremover2_setup.exe
C:\Users\utente\Desktop\cores\Moleskinsoft.Clone.Remover.Pro.v3.4.Multilingual.Cracked-F4CG\f4cg.nfo
C:\Users\utente\Desktop\cores\Moleskinsoft.Clone.Remover.Pro.v3.4.Multilingual.Cracked-F4CG\GoldEsel_-_visit_us_for_more_brandnew_stuff.url
C:\Users\utente\Desktop\cores\Moleskinsoft.Clone.Remover.Pro.v3.4.Multilingual.Cracked-F4CG\patch.exe
C:\Users\utente\Desktop\cores\Moleskinsoft.Clone.Remover.Pro.v3.4.Multilingual.Cracked-F4CG\Wichtig_Lesen_Goldesel_Adressen.txt
C:\Users\utente\Desktop\cores\Nero\Keygens
C:\Users\utente\Desktop\cores\Nero\Keygens\keygen.exe
C:\Users\utente\Desktop\Crack\RMConverter.exe
C:\Users\utente\Desktop\Nuova musica\beach boys\1985 The beach boys\3 Crack at your love.MP3
C:\Users\utente\Downloads\Crack
C:\Users\utente\Downloads\Moleskinsoft.Clone.Remover.v2.8.Incl.Keygen-SnD
C:\Users\utente\Downloads\Office 2007-2003 Genuine Advantage (OGA) Cracked [kingbear]
C:\Users\utente\Downloads\Adaware 7.10\Spyware Adware Remover v7.0 KeyGen.exe
C:\Users\utente\Downloads\Crack\TemDono FiX v1.2.exe
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\ Adobe Photoshop CS4 Extended + Keygen + Fix (Full License)(Mulit.rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\- Microsoft Office 2007-2003 Genuine Advantage (Oga) Cracked Updated-Fixed 08-2008.rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\abbyy finereader 8 pro+ keygen ottimo OCR in ita
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\abbyy finereader 8 pro+ keygen ottimo OCR in ita.rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Adobe Photoshop Extended CS4 11 FULL Serial REAL WORKS Keygen Crack Activation Final 2009.txt
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Adobe.Photoshop.CS4.Extended.Crack.Only-ENGiNE.rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Adobe_Photoshop_CS4_Extended_x32_and_x64_with_Activation_crack_multilanguage_tested_ok.zip
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Crack + Serial adobe photoshop cs4_by_dricaarts.blogspot.com.txt
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\crack swirlymms 1.2.rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\crack.nfo
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Easy.PDF.to.Word.Converter.v2.0.3.Incl.Keygen-[Explosion].rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\ESET NOD32 Antivirus + ESET Smart Security v3.0.669 ! REALY Pre-Cracked for 67 YEARS ! FULL.rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Eset Nod32 Antivirus Smart Security 3.0.645 Official Business Retail Fix Activation Serial Password Username Crack Id Final(1).txt
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\ESET NOD32 Antivirus Smart Security 3.0.645 Official Business Retail Fix Activation Serial Password Username crack id final.txt
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Keygen
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\keygen attivazione mappe tomtom.zip
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\keygen.exe
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\keygen1.exe
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Lavasoft Ad-Aware 2008 Professional Edition v7.1.0.10 Incl-Crack[eMule-Box.com].rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Moleskinsoft.Clone.Remover.Pro.v3.4.Multilingual.Cracked-F4CG
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Moleskinsoft.Clone.Remover.Pro.v3.4.Multilingual.Cracked-F4CG.rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Moleskinsoft.Clone.Remover.v2.8.Incl.Keygen-SnD.rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\MS Office OGA v2.0.48.0 Crack (asm51).zip
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Nero.7.Premium.v7.11.10.0.Multilangages.Incl-Keygen.[emule-island.com]
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Nero.8.v8.3.13.0.Multilangages.Incl-Keygen.[emule-island.com].rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Nero8 Ultra Edition + Keygen.rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\NOD32.ESET.Smart.Security.v3.0.650.FR.Incl-Crack.[emule-island.com].rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Noki v1.6 Keygen.zip
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Office 2003-2007 Genuine Advantage (OGA) Crack May08.zip
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\real player 11 plus gold + crack + vista skin.rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\RealPlayer 11 Plus for XP-VISTA keygenerator.rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\SpyHunter 3.4.9 Cracked-MKDEV [MAR-06-08].rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Spyhunter Installer Password Crack.txt
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\SpyHunter.Security.Suite. 3.5.11 Cracked by MKDEV [JUL-23-08].rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Spyware.Doctor.v5.0.0.169.Multilangages.Incl-Crack ..rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Tansee Iphone Copy Pack 3.0.0.0 Crack.zip
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Tansee.iPod.Transfer.3.0_KEYGEN-FFF(1).zip
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Total Video Converter 3.12 full cracked (3gp,mp4,psp,iPod,iPhone,flv,dvd,vcd,).rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Windows.Genuine.Advantage.Validation.Crack.Win.XP.&.Office.2007 [wga-oga 2008] updated-fixed 06-2008.zip
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\[KEYGEN]Nero 7 Ultra Edition Keygen.exe
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\[PC Program - ITA] - Procedura convalida Office 20032007 TESTATA [Genuine Advantage (OGA) Cracked](1).rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\[PC Program - ITA] - Procedura convalida Office 20032007 TESTATA [Genuine Advantage (OGA) Cracked](2).rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\[PC Program - ITA] - Procedura convalida Office 20032007 TESTATA [Genuine Advantage (OGA) Cracked](3).rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\[PC Program - ITA] - Procedura convalida Office 20032007 TESTATA [Genuine Advantage (OGA) Cracked].rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\_Office.Genuine.Advantage.Validation.v1.7.102.0 Cracked-Squiccio(Chicchedicala) PER DISINSTALLERE STELLINA SPIA SOFTWARE OFFICE ORIGINALE.zip
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\_Office.Genuine.Advantage.Validation.v1.7.102.0-VISTA-Cracked-Squiccio(Chicchedicala).zip.rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\abbyy finereader 8 pro+ keygen ottimo OCR in ita\abbyy finereader 8 pro.rar
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\abbyy finereader 8 pro+ keygen ottimo OCR in ita\Crack
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\abbyy finereader 8 pro+ keygen ottimo OCR in ita\cygnus.nfo
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\abbyy finereader 8 pro+ keygen ottimo OCR in ita\FR80PE_TB_EFSIP.exe
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\abbyy finereader 8 pro+ keygen ottimo OCR in ita\Crack\Keygen.exe
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\abbyy finereader 8 pro+ keygen ottimo OCR in ita\Crack\Serial.txt
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Adaware 7.10\Spyware Adware Remover v7.0 KeyGen.exe
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Adobe Photoshop CS3 Extended Italiano\Serial + Crack
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Adobe Photoshop CS3 Extended Italiano\Serial + Crack\Photoshop.exe
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Adobe Photoshop CS3 Extended Italiano\Serial + Crack\Serial.txt
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Keygen\keygen_update3.exe
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Moleskinsoft.Clone.Remover.Pro.v3.4.Multilingual.Cracked-F4CG\cloneremover2_setup.exe
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Moleskinsoft.Clone.Remover.Pro.v3.4.Multilingual.Cracked-F4CG\f4cg.nfo
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Moleskinsoft.Clone.Remover.Pro.v3.4.Multilingual.Cracked-F4CG\GoldEsel_-_visit_us_for_more_brandnew_stuff.url
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Moleskinsoft.Clone.Remover.Pro.v3.4.Multilingual.Cracked-F4CG\patch.exe
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Moleskinsoft.Clone.Remover.Pro.v3.4.Multilingual.Cracked-F4CG\Wichtig_Lesen_Goldesel_Adressen.txt
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Nero.7.Premium.v7.11.10.0.Multilangages.Incl-Keygen.[emule-island.com]\Bienvenue sur eMule-Island !.url
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Nero.7.Premium.v7.11.10.0.Multilangages.Incl-Keygen.[emule-island.com]\Keygen
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Nero.7.Premium.v7.11.10.0.Multilangages.Incl-Keygen.[emule-island.com]\Nero-7.11.10.0_all_update.exe
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Nero.7.Premium.v7.11.10.0.Multilangages.Incl-Keygen.[emule-island.com]\Keygen\keygen_update3.exe
C:\Users\utente\Downloads\eMule AdunanzA\Incoming\Nero8.3.6.0.Incl.Keymaker\Nero_8_Ultra_Edition_KeyGen.zip
C:\Users\utente\Downloads\Moleskinsoft.Clone.Remover.v2.8.Incl.Keygen-SnD\SnD
C:\Users\utente\Downloads\Moleskinsoft.Clone.Remover.v2.8.Incl.Keygen-SnD\SnD\CloneRemover2_setup.exe
C:\Users\utente\Downloads\Moleskinsoft.Clone.Remover.v2.8.Incl.Keygen-SnD\SnD\CloneRemoverKeygen.exe
C:\Users\utente\Downloads\Moleskinsoft.Clone.Remover.v2.8.Incl.Keygen-SnD\SnD\Serial.txt
C:\Users\utente\Downloads\Moleskinsoft.Clone.Remover.v2.8.Incl.Keygen-SnD\SnD\snd.nfo
C:\Users\utente\Downloads\Office 2007-2003 Genuine Advantage (OGA) Cracked [kingbear]\install.bat
C:\Users\utente\Downloads\Office 2007-2003 Genuine Advantage (OGA) Cracked [kingbear]\OGA Office 2003.txt
C:\Users\utente\Downloads\Office 2007-2003 Genuine Advantage (OGA) Cracked [kingbear]\OGACheckControl.dll
C:\Users\utente\Downloads\Office 2007-2003 Genuine Advantage (OGA) Cracked [kingbear]\OGA_2003_1.6.21.exe
C:\Users\utente\Downloads\Office 2007-2003 Genuine Advantage (OGA) Cracked [kingbear]\Readme.txt
C:\Users\utente\Downloads\Office 2007-2003 Genuine Advantage (OGA) Cracked [kingbear]\uninstall.bat
C:\Users\utente\Downloads\OFFICE ETC\OGA NOTIFICATION v1.7.102.0 Crack Vista
C:\Users\utente\Downloads\OFFICE ETC\OGA NOTIFICATION v1.7.102.0 Crack Vista\installer.bat
C:\Users\utente\Downloads\OFFICE ETC\OGA NOTIFICATION v1.7.102.0 Crack Vista\OGACheckControl.dll


---------------- ! End of report ! ------------------


Malwarebytes' Anti-Malware 1.41
Versione del database: 3016
Windows 6.0.6002 Service Pack 2

23/10/2009 11.31.26
mbam-log-2009-10-23 (11-31-16).txt

Tipo di scansione: Scansione completa (C:\|D:\|E:\|G:\|)
Elementi scansionati: 370024
Tempo trascorso: 59 minute(s), 35 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 13
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 6

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
C:\Users\utente\Downloads\Adaware 7.10\BPS Spyware Adware Remover v7.10\setup.exe (Rogue.BulletProofSpyware) -> No action taken.
C:\Users\utente\Downloads\Moleskinsoft.Clone.Remover.v2.8.Incl.Keygen-SnD\SnD\CloneRemoverKeygen.exe (Trojan.Downloader) -> No action taken.
C:\Windows\System32\rar.exe (Trojan.Backdoor) -> No action taken.
C:\Program Files\Adobe\Adobe Photoshop CS4\PhotoShopCS4_X32_Crk.exe (Trojan.Agent) -> No action taken.
C:\Qoobox\Quarantine\C\Windows\System32\drivers\down\392421.exe.vir (Malware.Packer.T) -> No action taken.
C:\System Volume Information\SystemRestore\FRStaging{84CFF66A-C376-4746-9144-74186F494428}\Windows\System32\rar.exe (Trojan.Backdoor) -> No action taken.
ziotoby
Newbie
 
Post: 7
Iscritto il: 22/10/09 14:25

Re: pc infettato da spyware

Postdi shel » 23/10/09 10:46

ciao

finche' non toglierai quella montagna di crack il tuo pc sara' sempre a rischio, fino a quando non verra' a bussare alla tua porta il virus virut

elimina quello che ha trovato malwarebytes


scarica http://www.filehippo.com/download_ccleaner/

1) per il download dell'ultima versione clicca a destra in alto sotto la freccia verde
2) installalo (senza la toolbar aggiuntiva)
3) clicca su "avvia pulizia", ripeti il procedimento 2 volte

poi


scarica http://www.atribune.org/ccount/click.php?id=1


Avvia ATFCleaner.exe con un doppio click

1.1) seleziona la casella Select All
2.1) clicca sul pulsante Empty selected
3.1) aspetta l'avviso Done Cleaning
(se usi opera o firefox,spunta anche le loro sezioni)


Posta un log di hijackthis
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: pc infettato da spyware

Postdi ziotoby » 23/10/09 14:44

ecco il log di hijackthis dopo tutti i passaggi che mi hai detto di fare.
ciao, grazie
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15.32.40, on 23/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\utente\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: Aggiungi al banner Blocco pubblicità - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Download tramite QGet - C:\Program Files\QNAP\QGet\QGetCatch.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Statistiche sulla protezione del traffico Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DVRMSFileWatcherService - http://babgvant.com - C:\Program Files\DVRMSToolbox\DVRMSFileWatcherService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servizio di Google Update (gupdate1c9e68b65846627) (gupdate1c9e68b65846627) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9901 bytes
ziotoby
Newbie
 
Post: 7
Iscritto il: 22/10/09 14:25

Re: pc infettato da spyware

Postdi shel » 23/10/09 14:58

Installa KASPERSKY VIRUS REMOVAL TOOL:

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

verrà creata una apposta cartella sul Desktop
Avvia il pc in modalità provvisoria
Vai alla cartella creata da Kaspersky
all’interno della cartella è presente la classica icona (una K) di Kaspersky
clicca sull’icona per lanciare il tool
imposta le aree che intendi scansionare (Startup Objects e Disk boot sector sono impostate di default)
al termine della scansione sarà possibile rimuovere e/o mettere in quarantena i file infetti rilevati
salva il log che verrà rilasciato copiando solo le parti trovate infette, tenuto conto delle dimensioni enormi del report
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: pc infettato da spyware

Postdi ziotoby » 23/10/09 15:02

ho già kaspersky come antivirus. il file che mi segnali lo posso trovare anche nell'applicazione "ufficiale", oppure devo scaricarlo dal link che mi hai postato?
ci sentiamo dopo e ancora grazie
ziotoby
Newbie
 
Post: 7
Iscritto il: 22/10/09 14:25

Re: pc infettato da spyware

Postdi shel » 23/10/09 15:16

ciao

non ho fatto caso al tuo antivirus- fai allora una scansione con il tuo e controlla se rileva qualcosa

come va ora il pc?
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: pc infettato da spyware

Postdi ziotoby » 24/10/09 14:21

ciao,
ho fatto una scansione con kaspersky e non sembra ci siano più minacce serie (per quanto io mi destreggi poco in quell'applicazione e nei suoi intricatissimi report... perlomeno non vedo cose rosse); l'unico fatto un po' strano è che ad ogni riavvio del pc, sulla barra in basso a destra, windows defender mi blocca alcuni programmi in esecuzione automatica; tra l'altro, aprendo la finestra 'gestione software' e scorrendo la lista di tali programmi, tra i vari nomi, me ne compare uno che si chiama 'hp digital imaging', e che si riferisce probabilmente ad una vecchia stampante o a un vecchio scanner di quella marca che non possiedo più, ma quando lo seleziono (mostra la classificazione "consentito") - le tre opzioni in basso a destra: rimuovi ,disabilita e abilita, non sono cliccabili...
per il resto direi tutto bene; forse col tuo aiuto sono riuscito a fare un po' di pulizia.
grazie ancora
ziotoby
Newbie
 
Post: 7
Iscritto il: 22/10/09 14:25

Re: pc infettato da spyware

Postdi shel » 24/10/09 19:05

ciao

comincia a dare una pulita come si deve al pc delle vecchie istallazioni e dei file temp

Scarica ed installa CCleaner: clicca qui per il download
http://www.filehippo.com/download_ccleaner/
Una volta installato configuralo in questo modo:
lancia il programma, nel menu di sinistra portati alla voce Opzioni e nella finestra successiva clicca su:
Impostazioni, e spunta la voce Cancellazione sicura (lenta)
poi clicca su:
Avanzate, togli la spunta alla voce Cancella solo file più vecchi di 48 ore
alla voce Pulizia, nella sezione Avanzate spunta le voci Vecchi dati Prefetch e Disinstallatori aggiornamenti di WinUpdate
nel menu a sinistra, clicca sulla voce Pulizia
clicca su tasto Avvia pulizia per eseguire la scansione
finita la scansione, sempre nel menu a sinistra, clicca sulla voce Registro e spunta tutte le voci comprese nella sezione meno la voce estensioni file non usate
clicca sul tasto Trova problemi ed avvia una scansione
al termine della scansione clicca sulla voce Ripara selezionati e prosegui con la riparazione (questo ultimo passaggio ripetilo più volte, fino a quando non verranno rilevati più problemi da correggere)


Per cio' che riuarda windows defender( che eliminerei instalandone uno piu' serio, puoi fare cosi'


vai in strumenti > opzioni , giù fino ad "opzioni avanzate" , trovi
un link "aggiungi" .
Cliccando ti mostra la finestra per cercare l'eseguibile del programma da
autorizzare.
Lo trovi , dai ok.
Rimarrà inserito per avviarsi senza ulteriori richieste.

Prova in questo modo e dommi come va
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56


Torna a Sicurezza e Privacy


Topic correlati a "pc infettato da spyware":

Pc infettato?
Autore: franco11
Forum: Sicurezza e Privacy
Risposte: 2
spyware
Autore: babart
Forum: Sicurezza e Privacy
Risposte: 1

Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti