Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

file non associato a nessun programma

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

file non associato a nessun programma

Postdi rebrado » 14/03/10 18:14

Ciao a tutti
ho avuto un problema con un virus, ma ho trovato il modo di disfarmene seguendo istruzioni su internet;
ora però ho un problema con tutti gli eseguibili(.exe); se provo ad aprirli(doppio clic) mi appare il messaggio
"Il file non è associato a nessun programma per l'esecuzione dell'operazione. Creare un'associazione in Opzioni cartella nel Pannello di controllo."
se invece ci clicco con il pulsante destro mi appare l'opzione start(oltre ad apri e apri con...), che fa partire normalmente il programma. Il problema più grande è che lo stesso messaggio appare se provo ad andare su Installazioni applicazioni.
Non so cosa fare. Sono nuovo sul forum e non so esattamente come funziona ma spero di trovare aiuto
Rebrado
rebrado
Newbie
 
Post: 4
Iscritto il: 14/03/10 18:01

Sponsor
 

Re: file non associato a nessun programma

Postdi antoo69 » 14/03/10 19:23

Segui le indicazioni riportate in questo topic viewtopic.php?f=25&t=85478

Intanto sposto il topic in Sicurezza e Privacy.
dai un pesce ad un uomo e lo sfamerai per un giorno.
insegna ad un uomo a pescare e lo sfamerai per tutta la vita.

Dell Alienware M17x
Avatar utente
antoo69
Moderatore
 
Post: 2106
Iscritto il: 28/04/09 16:40
Località: PARMA

Re: file non associato a nessun programma

Postdi rebrado » 14/03/10 21:45

ho fatto come c'era scritto nell'altro topic; ho installato HijackThis e mi ha generato il log file. solo che non ci capisco un granché. Che me ne faccio? Lo inserisco in questo topic?
rebrado
Newbie
 
Post: 4
Iscritto il: 14/03/10 18:01

Re: file non associato a nessun programma

Postdi antoo69 » 14/03/10 22:28

Sì. Copia ed incolla il listato in questo topic. Poi attendi che qualcuno lo analizzi e ti dica cosa tolgiere,con un po' di pazienza. ;)
dai un pesce ad un uomo e lo sfamerai per un giorno.
insegna ad un uomo a pescare e lo sfamerai per tutta la vita.

Dell Alienware M17x
Avatar utente
antoo69
Moderatore
 
Post: 2106
Iscritto il: 28/04/09 16:40
Località: PARMA

Re: file non associato a nessun programma

Postdi rebrado » 15/03/10 20:59

ok questo è il listato di HijackThis. Cmq ho risolto il problema degli eseguibili ma credo che il sistema sia ancora pieno di errori, visto che all'avvio mi appaiono un po di finestrelle. Intanto aspetto l'analisi.


Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 21.41.38, on 14/03/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
c:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
C:\Programmi\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
G:\Labview\MAX\nimxs.exe
G:\Labview\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
G:\Labview\Shared\Tagger\tagsrv.exe
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Programmi\Realtek\InstallShield\AzMixerSel.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\File comuni\Logitech\LComMgr\LVComSX.exe
C:\Programmi\Acer\OrbiCam\CameraAssistant.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\DAEMON Tools Lite\DTLite.exe
C:\documents and settings\f & b\impostazioni locali\dati applicazioni\bobpcpdq.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmi\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programmi\File comuni\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FILECO~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programmi\File comuni\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programmi\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Programmi\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ImageItEncrypt] C:\WINDOWS\system32\ImageItEncrypt.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programmi\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] "C:\Programmi\File comuni\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programmi\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programmi\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] c:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programmi\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [bobpcpdq] "c:\documents and settings\f & b\impostazioni locali\dati applicazioni\bobpcpdq.exe" bobpcpdq
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Programmi\PokerStars.IT\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Servizio di Google Update (gupdate1ca2ef05b14b856) (gupdate1ca2ef05b14b856) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSvcHst.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech - C:\Programmi\File comuni\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - G:\Labview\MAX\nimxs.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - G:\Labview\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - G:\Labview\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments Corporation - G:\Labview\Shared\Tagger\tagsrv.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OpcEnum.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FILECO~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 12734 bytes
rebrado
Newbie
 
Post: 4
Iscritto il: 14/03/10 18:01

Re: file non associato a nessun programma

Postdi shel » 15/03/10 22:06

ciao
Avvia Hijack e clicca su "do a system scan only"
Metti la spunta a queste voci e clicca su "fix checked"

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O4 - HKCU\..\Run: [bobpcpdq] "c:\documents and settings\f & b\impostazioni locali\dati applicazioni\bobpcpdq.exe" bobpcpdq


disattiva l'antivirus

scarica combofix

- esegui ComboFix.exe
- digita 1
- segui le instruzioni
- finita la scansione portati in C:\ e copia/incolla, nella tua prossima risposta, il contenuto del file di testo Combofix.txt
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: file non associato a nessun programma

Postdi rebrado » 16/03/10 21:25

ComboFix 10-03-16.01 - F & B 16/03/2010 21.03.00.1.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1022.508 [GMT 1:00]
Eseguito da: c:\downloads\ComboFix.exe
.
I seguenti file sono stati disabilitati durante la scansione:
c:\programmi\File comuni\Logitech\LVMVFM\LVPrcInj.dll


((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\F & B\Impostazioni locali\Dati applicazioni\av.exe
c:\documents and settings\F & B\Impostazioni locali\Dati applicazioni\bobpcpdq.dat
c:\documents and settings\F & B\Impostazioni locali\Dati applicazioni\bobpcpdq.exe
c:\documents and settings\F & B\Impostazioni locali\Dati applicazioni\bobpcpdq_nav.dat
c:\documents and settings\F & B\Impostazioni locali\Dati applicazioni\bobpcpdq_navps.dat
c:\documents and settings\F & B\Impostazioni locali\Temporary Internet Files\lA0XBYp.jpg
c:\documents and settings\F & B\Impostazioni locali\Temporary Internet Files\nba56o2.jpg
c:\documents and settings\F & B\Impostazioni locali\Temporary Internet Files\P71Y4.jpg
c:\documents and settings\F & B\Impostazioni locali\Temporary Internet Files\xMJY7Ny.jpg
c:\programmi\WinPCap
c:\programmi\WinPCap\daemon_mgm.exe
c:\programmi\WinPCap\npf_mgm.exe
c:\programmi\WinPCap\rpcapd.exe
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll

----- BITS: Possibili siti infetti -----

hxxp://liveupdate.symantec.com
hxxp://definitions.symantec.com
.
((((((((((((((((((((((((( Files Creati Da 2010-02-16 al 2010-03-16 )))))))))))))))))))))))))))))))))))
.

2010-03-16 19:45 . 2010-03-16 19:45 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-03-16 19:45 . 2010-03-16 19:45 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-03-16 19:45 . 2010-03-16 19:45 -------- d-----w- c:\programmi\Symantec
2010-03-16 19:44 . 2010-03-16 19:44 -------- d-----w- c:\windows\system32\drivers\N360
2010-03-15 20:38 . 2010-03-15 20:38 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PCSettings
2010-03-15 20:36 . 2010-03-15 20:36 -------- d-----w- c:\programmi\NortonInstaller
2010-03-15 20:36 . 2010-03-15 20:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NortonInstaller
2010-03-15 20:29 . 2010-03-15 20:29 -------- d-----w- c:\documents and settings\F & B\Dati applicazioni\ZipGenius
2010-03-15 20:27 . 2010-03-15 20:27 -------- d-----w- c:\programmi\ZipGenius 6
2010-03-15 20:27 . 2010-03-15 20:27 -------- d-----w- c:\programmi\Conduit
2010-03-15 20:27 . 2010-03-15 20:27 -------- d-----w- c:\documents and settings\F & B\Impostazioni locali\Dati applicazioni\Conduit
2010-03-15 20:20 . 2010-03-15 20:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Norton
2010-03-14 20:40 . 2010-03-14 20:40 -------- d-----w- c:\programmi\TrendMicro
2010-03-14 18:01 . 2010-03-14 18:01 -------- d-sh--w- c:\documents and settings\F & B\PrivacIE
2010-03-14 17:51 . 2010-03-14 17:51 -------- d-----w- c:\documents and settings\F & B\Dati applicazioni\Uniblue
2010-03-14 17:17 . 2010-03-14 17:17 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-03-14 17:02 . 2010-03-14 17:02 -------- d-sh--w- c:\documents and settings\F & B\IETldCache
2010-03-14 16:58 . 2010-03-14 16:58 -------- d-----w- c:\windows\ie8updates
2010-03-14 16:53 . 2010-03-14 16:53 -------- d--h--w- c:\windows\ie8
2010-03-14 16:47 . 2009-12-11 08:38 69120 ------w- c:\windows\system32\dllcache\iecompat.dll
2010-03-14 16:47 . 2009-12-21 19:06 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-03-14 16:47 . 2009-12-21 19:06 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-03-14 14:45 . 2010-03-14 14:45 -------- d-----w- c:\documents and settings\F & B\Dati applicazioni\Malwarebytes
2010-03-14 14:45 . 2010-03-14 14:45 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-03-14 14:45 . 2010-03-14 14:45 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-03-14 14:15 . 2010-03-14 15:04 2560 ----a-w- c:\windows\system32\drivers\mchInjDrv.sys
2010-03-14 14:14 . 2010-03-14 14:14 -------- d-----w- c:\programmi\Enigma Software Group
2010-03-14 11:20 . 2010-03-14 11:20 -------- d-----w- c:\documents and settings\F & B\Impostazioni locali\Dati applicazioni\Symantec
2010-03-13 20:42 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-10 13:31 . 2009-10-23 15:28 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-03-05 11:58 . 2010-03-05 11:58 -------- d-----w- c:\documents and settings\F & B\Dati applicazioni\vlc
2010-03-05 11:54 . 2010-03-05 11:54 -------- d-----w- c:\programmi\VideoLAN
2010-03-03 18:02 . 2010-03-03 18:02 -------- d-----w- C:\msorb3
2010-02-20 15:59 . 2010-02-20 15:59 -------- d-----w- C:\Buziol Games
2010-02-20 15:43 . 2010-02-20 15:43 -------- d-----w- c:\programmi\Mario bros
2010-02-20 10:27 . 2010-02-20 10:27 -------- d-----w- c:\documents and settings\F & B\Dati applicazioni\U3

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-16 19:45 . 2010-03-16 19:45 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-03-16 19:45 . 2010-03-16 19:45 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-03-15 00:00 . 2010-03-16 20:12 84912 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100316.003\NAVENG.SYS
2010-03-15 00:00 . 2010-03-16 20:12 177520 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100316.003\NAVENG32.DLL
2010-03-15 00:00 . 2010-03-16 20:12 1647984 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100316.003\NAVEX32A.DLL
2010-03-15 00:00 . 2010-03-16 20:12 1324720 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100316.003\NAVEX15.SYS
2010-03-15 00:00 . 2010-03-16 20:12 371248 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100316.003\EECTRL.SYS
2010-03-15 00:00 . 2010-03-16 20:12 2747440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100316.003\CCERASER.DLL
2010-03-15 00:00 . 2010-03-16 20:12 259440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100316.003\ECMSVR32.DLL
2010-03-15 00:00 . 2010-03-16 20:12 102448 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100316.003\ERASER.SYS
2010-03-14 20:40 . 2010-03-14 20:40 388096 ----a-r- c:\documents and settings\F & B\Dati applicazioni\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-03-05 13:13 . 2010-03-05 13:13 443912 ----a-w- c:\documents and settings\F & B\Dati applicazioni\Real\Update\setup3.10\setup.exe
2010-02-14 10:19 . 2008-05-21 21:43 104120 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-02-09 16:26 . 2010-03-15 20:26 52224 ----a-w- c:\documents and settings\F & B\Dati applicazioni\Mozilla\Firefox\Profiles\ltpwb7rg.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}\components\FFExternalAlert.dll
2010-02-09 16:26 . 2010-03-15 20:26 101376 ----a-w- c:\documents and settings\F & B\Dati applicazioni\Mozilla\Firefox\Profiles\ltpwb7rg.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}\components\RadioWMPCore.dll
2010-02-05 17:50 . 2010-02-05 17:50 -------- d-----w- c:\programmi\InterActual
2009-12-31 16:50 . 2004-08-19 04:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:06 . 2006-01-09 19:01 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 07:40 . 2004-08-19 04:00 346112 ----a-w- c:\windows\system32\mspaint.exe
2009-12-17 07:10 . 2010-03-16 19:45 893296 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CLT\cltLMSx.dll
2007-02-08 09:48 . 2007-02-08 09:48 133920 ----a-w- c:\programmi\internet explorer\plugins\LV82ActiveXControl.dll
2007-07-24 18:03 . 2007-07-24 18:03 118784 ----a-w- c:\programmi\internet explorer\plugins\LV85ActiveXControl.dll
2006-01-23 09:32 . 2006-01-23 09:32 131072 ----a-w- c:\programmi\internet explorer\plugins\LV80ActiveXControl.dll
2004-03-15 16:51 . 2004-03-15 16:51 114688 ----a-w- c:\programmi\internet explorer\plugins\LV71ActiveXControl.dll
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\programmi\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\programmi\mozilla firefox\plugins\ssldivx.dll
2009-09-08 19:57 . 2009-09-08 19:56 952 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-09-08 19:57 . 2009-09-08 19:57 56 --sh--r- c:\windows\system32\C6403AABD6.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\lib\NMBgMonitor.exe" [2005-09-16 94208]
"DAEMON Tools Lite"="c:\programmi\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"RTHDCPL"="RTHDCPL.EXE" [2006-02-27 16005120]
"AzMixerSel"="c:\programmi\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 53248]
"SynTPLpr"="c:\programmi\Synaptics\SynTP\SynTPLpr.exe" [2005-01-08 102491]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2005-01-08 692315]
"ntiMUI"="c:\programmi\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-19 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-19 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2006-03-30 471040]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-04-28 401408]
"ATICCC"="c:\programmi\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"ImageItEncrypt"="c:\windows\system32\ImageItEncrypt.exe" [2005-12-30 40960]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2008-06-21 185896]
"AGRSMMSG"="AGRSMMSG.exe" [2006-03-16 88204]
"PCSuiteTrayApplication"="c:\programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"GrooveMonitor"="c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"LVCOMSX"="c:\programmi\File comuni\Logitech\LComMgr\LVComSX.exe" [2006-07-20 237568]
"LogitechVideo[inspector]"="c:\programmi\Acer\OrbiCam\InstallHelper.exe" [2006-07-20 23:15 73728]
"LogitechCameraAssistant"="c:\programmi\Acer\OrbiCam\CameraAssistant.exe" [2006-07-20 331776]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-07-25 149280]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
"Nokia.PCSync"="c:\programmi\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Messenger\\MSMSGS.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\groove.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Firefly Studios\\Stronghold 2\\Stronghold2.exe"=
"c:\\Programmi\\Wolfram Research\\Mathematica\\7.0\\Mathematica.exe"=
"c:\\Programmi\\Wolfram Research\\Mathematica\\7.0\\MathKernel.exe"=
"c:\\Programmi\\Wolfram Research\\Mathematica\\7.0\\math.exe"=

R0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\system32\drivers\nipbcfk.sys [10/07/2007 20.08.14 15448]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0400000.07F\SymDS.sys [16/03/2010 20.45.12 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0400000.07F\SymEFA.sys [16/03/2010 20.45.12 172592]
R1 BHDrvx86;BHDrvx86;c:\docume~1\ALLUSE~1\DATIAP~1\Norton\{0C55C~1\N360_4~1.127\DEFINI~1\BASHDefs\20091205.001\BHDrvx86.sys [16/03/2010 20.45.11 529456]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0400000.07F\cchpx86.sys [16/03/2010 20.45.11 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0400000.07F\Ironx86.sys [16/03/2010 20.45.12 116272]
R2 N360;Norton 360;c:\programmi\Norton 360\Norton 360\Engine\4.0.0.127\ccSvcHst.exe [16/03/2010 20.45.00 126392]
R2 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiKl.sys [19/07/2007 11.56.44 11360]
R3 IDSxpx86;IDSxpx86;c:\docume~1\ALLUSE~1\DATIAP~1\Norton\{0C55C~1\N360_4~1.127\DEFINI~1\IPSDefs\20091105.001\IDSxpx86.sys [16/03/2010 20.45.12 329592]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [08/03/2009 17.59.56 691696]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\c:\windows\system32\eLock2BurnerLockDriver.sys --> c:\windows\system32\eLock2BurnerLockDriver.sys [?]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\c:\windows\system32\eLock2FSCTLDriver.sys --> c:\windows\system32\eLock2FSCTLDriver.sys [?]
S2 gupdate1ca2ef05b14b856;Servizio di Google Update (gupdate1ca2ef05b14b856);c:\programmi\Google\Update\GoogleUpdate.exe [06/09/2009 14.48.33 133104]
S3 HDJCtrl;Hercules DJ Control MP3 Service;c:\windows\system32\drivers\HDJCTRL.sys [19/06/2008 19.44.45 11008]
S3 HDJMidi;Hercules DJ Console MIDI;c:\windows\system32\drivers\hdjmidi.sys [19/06/2008 19.44.46 39424]
S3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [22/06/2009 11.28.39 1097728]
S3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys [12/07/2007 18.18.14 11360]
S3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys [18/07/2007 21.11.02 11904]
S3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys [18/07/2007 21.12.02 11896]
S3 NiViFWK;NI-VISA FireWire Driver;c:\windows\system32\drivers\NiViFWKl.sys [19/07/2007 11.48.36 11384]
S3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciKl.sys [19/07/2007 11.56.44 11360]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [12/03/2009 21.54.30 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [12/03/2009 21.54.34 8320]
.
Contenuto della cartella 'Scheduled Tasks'

2010-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-09-06 13:48]

2010-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-09-06 13:48]
.
.
------- Scansione supplementare -------
.
uStart Page = www.google.com
uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{C4046502-6524-4d87-896C-878F57D1FF07} - c:\programmi\PokerStars.IT\PokerStarsUpdate.exe
FF - ProfilePath - c:\documents and settings\F & B\Dati applicazioni\Mozilla\Firefox\Profiles\ltpwb7rg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Softonic-IT Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT25302 ... hSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... 2530241&q=
FF - component: c:\documents and settings\All Users\Dati applicazioni\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\F & B\Dati applicazioni\Mozilla\Firefox\Profiles\ltpwb7rg.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\F & B\Dati applicazioni\Mozilla\Firefox\Profiles\ltpwb7rg.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\F & B\Dati applicazioni\Mozilla\Firefox\Profiles\ltpwb7rg.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\F & B\Dati applicazioni\Mozilla\Firefox\Profiles\ltpwb7rg.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\NPLV80Win32.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\NPLV82Win32.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\nplv85win32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKCU-Run-updateMgr - c:\programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
HKLM-Run-NWEReboot - (no file)
AddRemove-bobpcpdq - c:\documents and settings\f & b\impostazioni locali\dati applicazioni\bobpcpdq.exe
AddRemove-NI Uninstaller - g:\labview\Shared\NIUninstaller\uninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-16 21:17
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\programmi\Norton 360\Norton 360\Engine\4.0.0.127\ccSvcHst.exe\" /s \"N360\" /m \"c:\programmi\Norton 360\Norton 360\Engine\4.0.0.127\diMaster.dll\" /prefetch:1"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(696)
c:\windows\system32\Ati2evxx.dll
.
Ora fine scansione: 2010-03-16 21:19:32
ComboFix-quarantined-files.txt 2010-03-16 20:19

Pre-Run: 15.210.938.368 byte disponibili
Post-Run: 15.217.229.824 byte disponibili

WindowsXP-KB310994-SP2-Home-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 5C17BE95284E9FABD93D4A8FEBD46F71
rebrado
Newbie
 
Post: 4
Iscritto il: 14/03/10 18:01


Torna a Sicurezza e Privacy


Topic correlati a "file non associato a nessun programma":


Chi c’è in linea

Visitano il forum: Nessuno e 9 ospiti