Condividi:        

VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi ignotum » 23/08/11 16:43

combofix:

Codice: Seleziona tutto
ComboFix 11-08-23.03 - Jeff 23/08/2011  16.41.31.2.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.39.1040.18.1014.298 [GMT 2:00]
Eseguito da: c:\documents and settings\Jeff\Documenti\Download\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {0012F714-0000-0000-E001-927CFFFFFFFF}
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
.
(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dati applicazioni\ffec39
c:\documents and settings\All Users\Dati applicazioni\ffec39\51.mof
c:\documents and settings\All Users\Dati applicazioni\ffec39\BackUp\Acer VCM.lnk
c:\documents and settings\All Users\Dati applicazioni\ffec39\BackUp\BTTray.lnk
c:\documents and settings\All Users\Dati applicazioni\ffec39\ffec39791e7f50498305cae0ad814c4f.ocx
c:\documents and settings\All Users\Dati applicazioni\ffec39\mozcrt19.dll
c:\documents and settings\All Users\Dati applicazioni\ffec39\SME.ico
c:\documents and settings\All Users\Dati applicazioni\ffec39\sqlite3.dll
c:\documents and settings\All Users\Dati applicazioni\ffec39\xkgl1u8z6awd5e7tm9gbsde7thnm9q01u8z6aw.dll
c:\documents and settings\All Users\Dati applicazioni\Toolbar4
c:\documents and settings\All Users\Documenti\Settings
c:\documents and settings\Guest\Dati applicazioni\facemoods.com
c:\documents and settings\Guest\Dati applicazioni\OfferBox
c:\documents and settings\Guest\Dati applicazioni\OfferBox\config.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\1.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\a.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\b.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\c.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\d.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\e.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\f.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\g.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\h.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\i.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\J.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\k.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\l.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\m.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\mru.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\n.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\o.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\p.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\q.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\r.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\s.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\t.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\u.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\v.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\w.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\x.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\y.xml
c:\documents and settings\Guest\Dati applicazioni\PriceGong\Data\z.xml
c:\documents and settings\Guest\Dati applicazioni\searchqutb
c:\documents and settings\Guest\Dati applicazioni\searchqutb\dtx.ini
c:\documents and settings\Guest\Dati applicazioni\searchqutb\games\00d2dfc64c07a4f32824abac1d6f735b
c:\documents and settings\Guest\Dati applicazioni\searchqutb\games\3e4265e00cbc4a9cf22a105046a46d8a
c:\documents and settings\Guest\Dati applicazioni\searchqutb\games\44a5d79f5451d3036ba3986425e234c8
c:\documents and settings\Guest\Dati applicazioni\searchqutb\games\GameCategories.xml
c:\documents and settings\Guest\Dati applicazioni\searchqutb\games\GameTypes.xml
c:\documents and settings\Guest\Dati applicazioni\searchqutb\guid.dat
c:\documents and settings\Guest\Dati applicazioni\searchqutb\preferences.dat
c:\documents and settings\Guest\Dati applicazioni\searchqutb\stats.dat
c:\documents and settings\Guest\Dati applicazioni\searchqutb\uninstallIE.dat
c:\documents and settings\Guest\Dati applicazioni\searchqutb\weather\27534ca4508c4e916bfd27e76ff67fcc
c:\documents and settings\Guest\Dati applicazioni\searchqutb\weather\8024d0775c60ea52ca65937eee969cd4
c:\documents and settings\Guest\Dati applicazioni\searchqutb\weather\forecasts_cache.xml
c:\documents and settings\Guest\Dati applicazioni\searchqutb\weather\observations_cache.xml
c:\documents and settings\Guest\Dati applicazioni\searchqutb\weatherbutton_prefs.xml
c:\documents and settings\Guest\Dati applicazioni\searchqutb\widgets_cache\84b70525cff6359fdeca553342c23e4c
c:\documents and settings\Guest\Dati applicazioni\searchqutb\widgets_cache\bf5b6317ae07da699882fc948f22eda4
c:\documents and settings\Guest\Dati applicazioni\searchqutb\widgets_cache\category_cache.xml
c:\documents and settings\Guest\Dati applicazioni\searchqutb\widgets_cache\widget_cache.xml
c:\documents and settings\J\Dati applicazioni\Dealio
c:\documents and settings\J\Dati applicazioni\Dealio\res\widgets.xml
c:\documents and settings\J\Dati applicazioni\Dealio\temp\http___www_dealio_com_rss_coupons-deals_dotd_.xml
c:\documents and settings\J\Dati applicazioni\facemoods.com
c:\documents and settings\J\Dati applicazioni\OfferBox
c:\documents and settings\J\Dati applicazioni\OfferBox\config.dat
c:\documents and settings\J\Dati applicazioni\OfferBox\config.xml
c:\documents and settings\J\Dati applicazioni\OfferBox\update.exe
c:\documents and settings\J\Dati applicazioni\PriceGong
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\1.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\a.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\b.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\c.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\d.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\e.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\f.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\g.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\h.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\i.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\J.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\k.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\l.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\m.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\mru.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\n.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\o.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\p.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\q.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\r.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\s.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\t.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\u.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\v.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\w.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\x.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\y.xml
c:\documents and settings\J\Dati applicazioni\PriceGong\Data\z.xml
c:\documents and settings\J\Dati applicazioni\searchqutb
c:\documents and settings\J\Dati applicazioni\searchqutb\dtx.ini
c:\documents and settings\J\Dati applicazioni\searchqutb\games\00d2dfc64c07a4f32824abac1d6f735b
c:\documents and settings\J\Dati applicazioni\searchqutb\games\3e4265e00cbc4a9cf22a105046a46d8a
c:\documents and settings\J\Dati applicazioni\searchqutb\games\44a5d79f5451d3036ba3986425e234c8
c:\documents and settings\J\Dati applicazioni\searchqutb\games\GameCategories.xml
c:\documents and settings\J\Dati applicazioni\searchqutb\games\GameTypes.xml
c:\documents and settings\J\Dati applicazioni\searchqutb\guid.dat
c:\documents and settings\J\Dati applicazioni\searchqutb\preferences.dat
c:\documents and settings\J\Dati applicazioni\searchqutb\stats.dat
c:\documents and settings\J\Dati applicazioni\searchqutb\uninstallIE.dat
c:\documents and settings\J\Dati applicazioni\searchqutb\version.xml
c:\documents and settings\J\Dati applicazioni\searchqutb\widgets_cache\84b70525cff6359fdeca553342c23e4c
c:\documents and settings\J\Dati applicazioni\searchqutb\widgets_cache\bf5b6317ae07da699882fc948f22eda4
c:\documents and settings\J\Dati applicazioni\searchqutb\widgets_cache\category_cache.xml
c:\documents and settings\J\Dati applicazioni\searchqutb\widgets_cache\widget_cache.xml
c:\documents and settings\Jeff\Dati applicazioni\PriceGong
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\1.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\a.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\b.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\c.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\d.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\e.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\f.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\g.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\h.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\i.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\j.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\k.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\l.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\m.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\mru.xml
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\n.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\o.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\p.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\q.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\r.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\s.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\t.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\u.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\v.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\w.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\wlu.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\x.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\y.txt
c:\documents and settings\Jeff\Dati applicazioni\PriceGong\Data\z.txt
c:\documents and settings\jm\Dati applicazioni\OfferBox
c:\documents and settings\jm\Dati applicazioni\OfferBox\config.dat
c:\documents and settings\jm\Dati applicazioni\OfferBox\config.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\1.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\a.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\b.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\c.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\d.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\e.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\f.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\g.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\h.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\i.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\J.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\k.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\l.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\m.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\mru.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\n.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\o.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\p.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\q.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\r.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\s.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\t.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\u.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\v.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\w.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\x.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\y.xml
c:\documents and settings\jm\Dati applicazioni\PriceGong\Data\z.xml
c:\documents and settings\jm\Dati applicazioni\searchqutb
c:\documents and settings\jm\Dati applicazioni\searchqutb\dtx.ini
c:\documents and settings\jm\Dati applicazioni\searchqutb\games\00d2dfc64c07a4f32824abac1d6f735b
c:\documents and settings\jm\Dati applicazioni\searchqutb\games\3e4265e00cbc4a9cf22a105046a46d8a
c:\documents and settings\jm\Dati applicazioni\searchqutb\games\44a5d79f5451d3036ba3986425e234c8
c:\documents and settings\jm\Dati applicazioni\searchqutb\games\GameCategories.xml
c:\documents and settings\jm\Dati applicazioni\searchqutb\games\GameTypes.xml
c:\documents and settings\jm\Dati applicazioni\searchqutb\guid.dat
c:\documents and settings\jm\Dati applicazioni\searchqutb\preferences.dat
c:\documents and settings\jm\Dati applicazioni\searchqutb\stats.dat
c:\documents and settings\jm\Dati applicazioni\searchqutb\uninstallIE.dat
c:\documents and settings\jm\Dati applicazioni\searchqutb\version.xml
c:\documents and settings\jm\Dati applicazioni\searchqutb\widgets_cache\84b70525cff6359fdeca553342c23e4c
c:\documents and settings\jm\Dati applicazioni\searchqutb\widgets_cache\bf5b6317ae07da699882fc948f22eda4
c:\documents and settings\jm\Dati applicazioni\searchqutb\widgets_cache\category_cache.xml
c:\documents and settings\jm\Dati applicazioni\searchqutb\widgets_cache\widget_cache.xml
c:\documents and settings\LocalService\Dati applicazioni\facemoods.com
c:\documents and settings\LocalService\Dati applicazioni\OfferBox
c:\documents and settings\LocalService\Dati applicazioni\OfferBox\config.dat
c:\documents and settings\LocalService\Dati applicazioni\OfferBox\config.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\1.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\a.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\b.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\c.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\d.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\e.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\f.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\g.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\h.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\i.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\J.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\k.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\l.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\m.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\mru.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\n.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\o.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\p.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\q.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\r.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\s.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\t.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\u.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\v.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\w.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\x.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\y.xml
c:\documents and settings\LocalService\Dati applicazioni\PriceGong\Data\z.xml
c:\documents and settings\LocalService\Dati applicazioni\searchqutb
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\dtx.ini
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\games\00d2dfc64c07a4f32824abac1d6f735b
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\games\3e4265e00cbc4a9cf22a105046a46d8a
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\games\44a5d79f5451d3036ba3986425e234c8
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\games\GameCategories.xml
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\games\GameTypes.xml
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\guid.dat
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\preferences.dat
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\stats.dat
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\uninstallIE.dat
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\weather\8024d0775c60ea52ca65937eee969cd4
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\weather\a54aec6c3ecdbd3f6d3fcc655134c913
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\weather\forecasts_cache.xml
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\weather\observations_cache.xml
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\weatherbutton_prefs.xml
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\widgets_cache\84b70525cff6359fdeca553342c23e4c
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\widgets_cache\bf5b6317ae07da699882fc948f22eda4
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\widgets_cache\category_cache.xml
c:\documents and settings\LocalService\Dati applicazioni\searchqutb\widgets_cache\widget_cache.xml
c:\programmi\AutocompletePro
c:\programmi\AutocompletePro\AutocompletePro.dll
c:\programmi\AutocompletePro\chrome\autocompleteprochrome.crx
c:\programmi\AutocompletePro\FireFoxExtension.exe
c:\programmi\AutocompletePro\InstTracker.exe
c:\programmi\AutocompletePro\support@predictad.com\chrome.manifest
c:\programmi\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul
c:\programmi\AutocompletePro\support@predictad.com\chrome\content\options.js
c:\programmi\AutocompletePro\support@predictad.com\chrome\content\options.xul
c:\programmi\AutocompletePro\support@predictad.com\chrome\content\utils.js
c:\programmi\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js
c:\programmi\AutocompletePro\support@predictad.com\install.rdf
c:\programmi\AutocompletePro\unins000.dat
c:\programmi\AutocompletePro\unins000.exe
c:\programmi\OfferBox
c:\programmi\Search Settings
c:\programmi\Search Settings\FF\chrome.manifest
c:\programmi\Search Settings\FF\chrome\content\plugin.js
c:\programmi\Search Settings\FF\chrome\content\plugin.xul
c:\programmi\Search Settings\FF\chrome\content\protection.js
c:\programmi\Search Settings\FF\chrome\content\utils.js
c:\programmi\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.dtd
c:\programmi\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.properties
c:\programmi\Search Settings\FF\components\IFBHOSearch.xpt
c:\programmi\Search Settings\FF\components\IFBHOSearchHelperEngine.xpt
c:\programmi\Search Settings\FF\components\IFHelperPreferences.xpt
c:\programmi\Search Settings\FF\install.rdf
c:\programmi\Search Settings\SearchSettings.exe
c:\programmi\Windows Searchqu Toolbar
c:\programmi\Windows Searchqu Toolbar\DataMngr\datamngr.dll
c:\programmi\Windows Searchqu Toolbar\DataMngr\DataMngrUI .exe
c:\programmi\Windows Searchqu Toolbar\INSTALL.LOG
c:\programmi\Windows Searchqu Toolbar\main.ico
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\.#searchqutb.js.1.3
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search\engines.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search\search.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\about.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxwin.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\external.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\neterror.xhtml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\wmpstreamer.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\modules\datastore.jsm
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\preferences.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\searchqutb.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.htm
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217.zip
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\bluelite.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\bluesky.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-search-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-settings-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-settings.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-widgets-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-widgets.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn_settings.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-back-ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-back-ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\ca.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\dictionary.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\divider.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\downloadcom.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\email.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\email_on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\games.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\graphred0.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\graphred0_5.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\grey.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\headsup.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\ico-shield.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\images.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\add.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\aol.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-right.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-up.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\blank.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnback-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnright-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\checkmark.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\chevron.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\collapse.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\comcast.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\dtx.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\edit-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\expand.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\found.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\gmail.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_blue.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_lime.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\hotmail.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\imap.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\loadingMid.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\lock.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\mailcom.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\move.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\movetarget.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\footer.htm
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gameData.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\pop.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\track.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\remove.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rename.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\resize-box.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rss.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rsschannelback.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\RSSLogo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\scroll-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\scroll-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\search-go.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\throbber.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_21.png
ignotum
Utente Junior
 
Post: 42
Iscritto il: 19/08/11 21:20

Sponsor
 

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi ignotum » 23/08/11 16:48

combofix non ci stava tutto


Codice: Seleziona tutto
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\template.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\template.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\weather.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\yahoo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lichen.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\logo-about.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\logo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\maps.bmp
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\menuseparatorback.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\modify-save.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\modify.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\modifyhot.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\music.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\news.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-main.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-weather.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-widgets.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\orange.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\pixsy.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\relatedlinks.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-collapse.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-delete.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-expand.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-feed.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder-remove.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder-rename.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-found.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-reload.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-subscribe.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rssback.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rsstopback.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\search-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchqutb.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\settings.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\shopping.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\siteinfo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-bluelite.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-bluesky.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-lichen.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-orange.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-yellow.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\technorati.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\throbber.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\toolbarsplitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\video.bmp
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\weather.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\web.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_allocine.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_bliptv.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_calcal.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_calculator.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_gservices.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_sudoku.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_todo.jpg
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_todo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_trio.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_uconverter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widgets-square-16px.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widgets.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\wikipedia.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\yahoosearch.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\yellow.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\youtube.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\zoom.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\components\windowmediator.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\manifest.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
c:\programmi\Windows Searchqu Toolbar\ToolBar\SearchquTb.dll
c:\programmi\Windows Searchqu Toolbar\ToolBar\uninstall.exe
c:\programmi\Windows Searchqu Toolbar\UNWISE.EXE
c:\programmi\Windows Searchqu Toolbar\UnwiseLauncher.exe
.
----- File Replicators -----
.
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\BG\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\CS\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\DA\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\DE\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\EL\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\EN\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\ES\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\FI\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\FR\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\HR\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\HU\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\ID\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\IT\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\JA\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\KO\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\NL\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\NO\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\PL\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\PT\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\RO\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\RU\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\SC\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\SK\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\SL\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\SV\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\TC\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\TR\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Generic Guide\XC\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\BG\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\CS\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\DA\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\DE\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\EL\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\EN\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\ES\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\FI\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\FR\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\HR\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\HU\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\ID\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\IT\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\JA\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\KO\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\NL\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\NO\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\PL\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\PT\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\RO\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\RU\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\SC\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\SK\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\SL\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\SV\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\TC\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\TR\CopyAcerLink.exe
c:\acer\Preload\Autorun\GUI\Acer Quick Guide\XC\CopyAcerLink.exe
c:\book\CopyAcerLink.exe
.
.
(((((((((((((((((((((((((   Files Creati Da 2011-07-23 al 2011-08-23  )))))))))))))))))))))))))))))))))))
.
.
2011-08-23 12:46 . 2011-08-23 12:47   --------   d-----w-   c:\documents and settings\Administrator
2011-08-22 14:40 . 2011-08-22 14:40   --------   d-----w-   c:\programmi\CCleaner
2011-08-22 09:54 . 2011-08-22 09:54   --------   d-----w-   c:\programmi\SUPERAntiSpyware
2011-08-22 09:20 . 2011-08-22 09:20   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2011-08-22 09:15 . 2011-08-23 09:55   23624   ----a-w-   c:\windows\system32\drivers\hitmanpro35.sys
2011-08-22 09:15 . 2011-08-22 09:37   --------   d-----w-   c:\programmi\Hitman Pro 3.5
2011-08-22 09:14 . 2011-08-22 09:44   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\Hitman Pro
2011-08-21 21:11 . 2011-08-22 14:45   --------   d-----w-   c:\documents and settings\Jeff
2011-08-20 09:28 . 2011-08-20 09:28   388096   ----a-r-   c:\documents and settings\J\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-20 09:28 . 2011-08-20 09:28   --------   d-----w-   c:\programmi\Trend Micro
2011-08-17 12:44 . 2011-08-17 12:45   --------   d-----w-   c:\programmi\McAfee VirusScan Home Edition 7.02 Demo 30
2011-08-16 12:12 . 2011-08-16 12:13   --------   d-----w-   c:\windows\system32\NtmsData
2011-08-16 11:02 . 2011-08-16 11:02   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-08-16 10:50 . 2011-08-16 10:50   --------   d-----w-   c:\programmi\Uniblue
2011-08-16 10:49 . 2011-08-16 10:49   --------   d-----w-   c:\documents and settings\J\Impostazioni locali\Dati applicazioni\PackageAware
2011-08-15 13:22 . 2009-04-29 04:33   81920   ----a-w-   c:\windows\system32\ieencode.dll
2011-08-15 13:22 . 2009-04-29 04:33   81920   ----a-w-   c:\windows\system32\dllcache\ieencode.dll
2011-07-31 13:19 . 2010-08-24 19:57   141792   ----a-w-   c:\windows\system32\mfevtps.exe
2011-07-31 13:07 . 2011-07-31 13:07   --------   d-s---w-   c:\documents and settings\J\UserData
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-18 11:31 . 2011-05-18 11:50   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-06 17:52 . 2011-04-21 11:26   41272   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 17:52 . 2011-04-21 11:26   22712   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-07-04 11:43 . 2010-08-10 10:30   40112   ----a-w-   c:\windows\avastSS.scr
2011-07-04 11:43 . 2010-08-10 10:30   199304   ----a-w-   c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-06-16 05:34   441176   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2010-08-10 10:31   309848   ----a-w-   c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2010-08-10 10:31   43608   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:35 . 2010-08-10 10:31   102616   ----a-w-   c:\windows\system32\drivers\aswmon2.sys
2011-07-04 11:35 . 2010-08-10 10:31   96344   ----a-w-   c:\windows\system32\drivers\aswmon.sys
2011-07-04 11:32 . 2010-08-10 10:31   25432   ----a-w-   c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2010-08-10 10:31   30808   ----a-w-   c:\windows\system32\drivers\aavmker4.sys
2011-07-04 11:32 . 2010-08-10 10:31   19544   ----a-w-   c:\windows\system32\drivers\aswFsBlk.sys
2010-07-22 21:40 . 2010-07-28 14:25   2944904   ----a-w-   c:\programmi\File comuni\AskToolbarInstaller.exe
2011-08-12 06:26 . 2011-08-17 19:03   134104   ----a-w-   c:\programmi\mozilla firefox\components\browsercomps.dll
.
[code]<pre>
c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl .exe
c:\programmi\AVG\AVG9\avgtray .exe
c:\programmi\CyberLink\PowerDVD8\PDVD8Serv .exe
c:\programmi\CyberLink\PowerDVD8\Language\Language .exe
c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM .exe
c:\programmi\File comuni\Java\Java Update\jusched .exe
c:\programmi\Iminent\SearchTheWeb\Iminent.Notifier .exe
c:\programmi\Launch Manager\LManager .exe
c:\programmi\Realtek\Audio\Drivers\AzMixerSel .exe
c:\programmi\Synaptics\SynTP\SynTPEnh .exe
c:\windows\ime\imjp8_1\IMJPMIG .exe
</pre>[/code]
.
(((((((((((((((((((((((((((((   SnapShot@2011-08-20_16.24.04   )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-08-23 14:14 . 2011-08-23 14:14   16384              c:\windows\Temp\Perflib_Perfdata_68c.dat
+ 2009-07-29 20:04 . 2011-08-21 12:04   85452              c:\windows\system32\perfc010.dat
+ 2009-07-29 20:04 . 2011-08-21 12:04   72346              c:\windows\system32\perfc009.dat
+ 2001-08-30 23:08 . 2008-04-14 12:00   14336              c:\windows\system32\dllcache\wowfaxui.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   49211              c:\windows\system32\dllcache\usrvpa.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   45116              c:\windows\system32\dllcache\usrvoica.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   49209              c:\windows\system32\dllcache\usrv80a.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   41019              c:\windows\system32\dllcache\usrsvpia.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   49211              c:\windows\system32\dllcache\usrsdpia.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   77883              c:\windows\system32\dllcache\usrrtosa.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   53305              c:\windows\system32\dllcache\usrlbva.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   86073              c:\windows\system32\dllcache\usrfaxa.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   77890              c:\windows\system32\dllcache\usrdpa.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   69699              c:\windows\system32\dllcache\usrcoina.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   61500              c:\windows\system32\dllcache\usrcntra.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   72192              c:\windows\system32\dllcache\sprio800.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   70656              c:\windows\system32\dllcache\sprio600.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   69632              c:\windows\system32\dllcache\spnike.dll
+ 2008-04-13 19:13 . 2008-04-14 12:00   35328              c:\windows\system32\dllcache\pid.dll
+ 2008-04-13 19:13 . 2008-04-14 12:00   54784              c:\windows\system32\dllcache\dmutil.dll
+ 2008-04-13 19:13 . 2008-04-14 12:00   30208              c:\windows\system32\dllcache\bthserv.dll
+ 2001-08-30 23:07 . 2008-04-14 12:00   3200              c:\windows\system32\dllcache\wowfax.dll
+ 2008-04-13 19:13 . 2008-04-14 12:00   7168              c:\windows\system32\dllcache\hccoin.dll
+ 2009-07-29 20:04 . 2011-08-21 12:04   491082              c:\windows\system32\perfh010.dat
+ 2009-07-29 20:04 . 2011-08-21 12:04   443368              c:\windows\system32\perfh009.dat
+ 2008-04-13 19:13 . 2008-04-14 12:00   108032              c:\windows\system32\dllcache\wshbth.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   102457              c:\windows\system32\dllcache\usrv42a.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00   323641              c:\windows\system32\dllcache\usrdtea.dll
+ 2001-08-30 23:07 . 2008-04-14 12:00   157696              c:\windows\system32\dllcache\paqsp.dll
+ 2001-08-30 23:07 . 2008-04-14 12:00   147968              c:\windows\system32\dllcache\mdwmdmsp.dll
+ 2011-08-22 14:54 . 2011-08-22 14:54   1094656              c:\windows\Installer\21e958.msi
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54   175912   ----a-w-   c:\programmi\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
2010-08-17 14:18   111608   ----a-w-   c:\programmi\Iminent\SearchTheWeb\Iminent.BHO.NavigationError.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e3393495-8103-46a0-8181-270273eddd60}]
2011-01-17 14:54   175912   ----a-w-   c:\programmi\Softonic-IT\prxtbSof0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e3393495-8103-46a0-8181-270273eddd60}"= "c:\programmi\Softonic-IT\prxtbSof0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\programmi\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{e3393495-8103-46a0-8181-270273eddd60}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E3393495-8103-46A0-8181-270273EDDD60}"= "c:\programmi\Softonic-IT\prxtbSof0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{e3393495-8103-46a0-8181-270273eddd60}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43   122512   ----a-w-   c:\programmi\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-22 39408]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"GM4IE"="c:\programmi\SocialPlus\gm4ie.exe" [2006-07-23 61440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Malwarebytes' Anti-Malware"="c:\programmi\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
"HitmanPro35"="c:\programmi\Hitman Pro 3.5\HitmanPro35(1).exe" [2011-08-23 6394688]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10e.exe" [N/A]
.
c:\documents and settings\Guest\Menu Avvio\Programmi\Esecuzione automatica\
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\programmi\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54   551296   ----a-w-   c:\programmi\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igdlogin]
2009-04-28 03:44   65536   ----a-w-   c:\windows\system32\igdlogin.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Acer VCM.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Acer VCM.lnk
backup=c:\windows\pss\Acer VCM.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^BTTray.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59   937920   ----a-r-   c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02   37296   ----a-w-   c:\programmi\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
c:\programmi\Realtek\Audio\Drivers\AzMixerSel.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 12:00   15360   ----a-w-   c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataMngr]
c:\progra~1\WI9130~1\DataMngr\DataMngrUI.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GM4IE]
2006-07-23 08:32   61440   ----a-w-   c:\programmi\SocialPlus\gm4ie.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-05-01 03:13   354840   ----a-w-   c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-05-01 03:13   137752   ----a-w-   c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMBooster]
c:\programmi\Iminent\IMBooster\IMBooster.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iminent.Notifier]
2010-08-17 14:18   536056   -c--a-w-   c:\programmi\Iminent\SearchTheWeb\Iminent.Notifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2008-04-14 12:00   208952   -c--a-w-   c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
c:\programmi\Launch Manager\LManager.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 20:11   3872080   ----a-w-   c:\programmi\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2008-04-14 12:00   59392   ----a-w-   c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pb_scheduler_agent]
c:\programmi\Premium Booster\scheduler.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
c:\programmi\CyberLink\PowerDVD8\Language\Language.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PersistenceThread]
2009-05-01 03:13   92696   ----a-w-   c:\windows\system32\PersistenceThread.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2008-04-14 12:00   455168   ----a-w-   c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2008-04-14 12:00   455168   ----a-w-   c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
c:\programmi\CyberLink\PowerDVD8\PDVD8Serv.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
c:\programmi\Search Settings\SearchSettings.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Service Nouts]
winservi.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44   248552   ----a-w-   c:\programmi\File comuni\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-05-22 21:55   39408   ----a-w-   c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
c:\programmi\Synaptics\SynTP\SynTPEnh.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
c:\programmi\TomTom HOME 2\TomTomHOMERunner.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UmxPol"=2 (0x2)
"UmxLU"=2 (0x2)
"TomTomHOMEService"=2 (0x2)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"idsvc"=3 (0x3)
"gusvc"=3 (0x3)
"gupdate"=2 (0x2)
"fsssvc"=3 (0x3)
"Application Updater"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [16/06/2011 7.34.17 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10/08/2010 12.31.26 309848]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 18.27.02 12880]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [12/07/2011 23.55.22 67664]
R2 !SASCORE;SAS Core Service;c:\programmi\SUPERAntiSpyware\SASCore.exe [12/08/2011 1.38.07 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/08/2010 12.31.26 19544]
R2 DCService.exe;DCService.exe;c:\documents and settings\All Users\Dati applicazioni\DatacardService\DCService.exe [08/05/2010 13.48.36 229376]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [17/03/2011 16.04.33 47616]
R2 MBAMService;MBAMService;c:\programmi\Malwarebytes' Anti-Malware\mbamservice.exe [21/04/2011 13.26.56 366640]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [31/07/2011 15.19.54 141792]
R2 RS_Service;Raw Socket Service;c:\programmi\Acer\Acer VCM\RS_Service.exe [29/07/2009 16.05.50 237568]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [11/06/2011 22.06.36 63616]
R3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [29/07/2009 14.49.22 5096544]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29/09/2009 9.11.22 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29/09/2009 9.11.20 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29/09/2009 9.11.20 12928]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [21/04/2011 13.26.50 22712]
R3 vodafone_K3805-z_dc_enum;Vodafone K3805-z DC Enumerator (ZTE);c:\windows\system32\drivers\vodafone_K3805-z_dc_enum.sys [01/09/2010 14.33.12 80000]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [22/05/2010 19.04.35 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29/07/2009 14.55.41 1684736]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [11/06/2011 22.06.30 101504]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [11/06/2011 22.06.33 117504]
S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\Google\Update\GoogleUpdate.exe [22/05/2010 19.04.35 135664]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [29/07/2009 14.41.21 164864]
S3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 vodafone_K3805-z_cdc_acm;Vodafone K3805-z CDC-ACM driver (ZTE);c:\windows\system32\drivers\vodafone_K3805-z_cdc_acm.sys [01/09/2010 14.33.10 85888]
S3 vodafone_K3805-z_cdc_ecm;vodafone_K3805-z_cdc_ecm;c:\windows\system32\drivers\vodafone_K3805-z_cdc_ecm.sys [01/09/2010 14.33.12 50304]
S3 vodafone_K3805-z_cpo;Vodafone K3805-z Install;c:\windows\system32\drivers\vodafone_K3805-z_cpo.sys [01/09/2010 14.33.12 9728]
S4 Application Updater;Application Updater;c:\programmi\Application Updater\ApplicationUpdater.exe [08/01/2010 1.51.02 380928]
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-08-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
.
2011-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-05-22 17:04]
.
2011-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-05-22 17:04]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://global.acer.com
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://downloads.phpnuke.org/it/index.php?rvs=google
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Invia a Bluetooth - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Invia a periferica &Bluetooth... - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{09E90109-A9AA-4980-BCEF-76F8D924E902}
FF - ProfilePath - c:\documents and settings\Jeff\Dati applicazioni\Mozilla\Firefox\Profiles\r6uj5nxj.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://it-it.facebook.com/
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
AddRemove-AutocompletePro3_is1 - c:\programmi\AutocompletePro\unins000.exe
AddRemove-OfferBox Browser - c:\programmi\OfferBox\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-23 17:30
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST9160310AS rev.0303 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x86D08EC5]<<
c:\docume~1\Jeff\IMPOST~1\Temp\catchme.sys 
_asm { PUSH EBP; MOV EBP, ESP; SUB ESP, 0x1c; PUSH EBX; PUSH ESI; MOV DWORD [EBP-0x4], 0x85415872; SUB DWORD [EBP-0x4], 0x8541512e; PUSH EDI; CALL 0xffffffffffffdf33;  }
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x86D71030]
3 CLASSPNP[0xF7547FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\000000a6[0x86DA49E8]
5 ACPI[0xF735E620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x86DA1940]
[0x86DA00C0] -> IRP_MJ_CREATE -> 0x86D08EC5
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0;  }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskST9160310AS_____________________________0303____#5&17e46ae0&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x86D08AEA
user & kernel MBR OK
sectors 312581806 (+255): user != kernel
Warning: possible TDL3 rootkit infection !
.
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(592)
c:\programmi\SUPERAntiSpyware\SASWINLO.DLL
.
Ora fine scansione: 2011-08-23  17:37:53
ComboFix-quarantined-files.txt  2011-08-23 15:37
ComboFix2.txt  2011-08-20 16:33
.
Pre-Run: 121.439.625.216 byte disponibili
Post-Run: 121.708.703.744 byte disponibili
.
- - End Of File - - 74C9950A7EB4CEDCB7A03C0F9C35260E
ignotum
Utente Junior
 
Post: 42
Iscritto il: 19/08/11 21:20

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi COCCOBELLO » 23/08/11 19:01

combofix dovevi salvarlo sul desktop

ora fai questa operazione

Fai un click destro in un punto vuoto in c:\documents and settings\Jeff\Documenti\Download
crea un Nuovo documento di testo
Ci copi e incolli il codice che vedi sotto, e lo salvi con il nome CFScript.txt
e trascinalo sull'icona di ComboFix.
partirà la scansione attendi la fine senza toccare niente
se chiede il riavvio del pc riavvia
Posta il log aggiornato di combofix

KillAll::

File::
c:\programmi\File comuni\AskToolbarInstaller.exe
c:\programmi\ConduitEngine\prxConduitEngine.dll
c:\programmi\Softonic-IT\prxtbSof0.dll
c:\programmi\SocialPlus\gm4ie.exe"
c:\programmi\Search Settings\SearchSettings.exe
c:\programmi\Application Updater\ApplicationUpdater.exe
c:\programmi\AutocompletePro\unins000.exe
c:\programmi\OfferBox\uninst.exe
c:\docume~1\Jeff\IMPOST~1\Temp\catchme.sys
c:\programmi\AVG\AVG9\avgtray .exe
c:\Windows\winservi.exe

Folder::
c:\programmi\ConduitEngine
c:\programmi\Softonic-IT
c:\programmi\SocialPlus
c:\programmi\Search Settings
c:\programmi\Application Updater
c:\programmi\AutocompletePro
c:\programmi\OfferBox
c:\programmi\AVG\AVG9

Driver::
Application Updater

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e3393495-8103-46a0-8181-270273eddd60}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e3393495-8103-46a0-8181-270273eddd60}"=-
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
[-HKEY_CLASSES_ROOT\clsid\{e3393495-8103-46a0-8181-270273eddd60}]
[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E3393495-8103-46A0-8181-270273EDDD60}"=-
[-HKEY_CLASSES_ROOT\clsid\{e3393495-8103-46a0-8181-270273eddd60}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GM4IE"=-



dopo
Scarica TDSSKiller e salvalo sul desktop. >>>http://support.kaspersky.com/downloads/utils/tdsskiller.zip
Estrai l'archivio in una cartella e fai doppio clik su TDSSKiller.exe
fare clic su Start Scan
e attendi la scansione

Se trova il file infetto viene rilevato, l'azione predefinita sarà Cure, fare clic su Continua.

Se un file sospetto è rilevato, l'azione predefinita sarà Skip , fare clic su Continua.

Se chiede di riavviare il pc acconsenti
Se non chiede di riavviare il pc clicca su report e salvalo sul desktop

Postalo qui.
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi COCCOBELLO » 23/08/11 20:17

se hai problemi nel creare il file per lo script
te lo creo io
lo scarichi e lo salvi
fammi sapere ;)
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi ignotum » 23/08/11 20:21

combofix

ComboFix 11-08-23.03 - Jeff 23/08/2011 20.30.16.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1014.175 [GMT 2:00]
Eseguito da: c:\documents and settings\Jeff\Documenti\Download\ComboFix.exe
Opzioni usate :: c:\documents and settings\Jeff\Documenti\Download\CFScript.txt.txt
AV: AntiVir Desktop *Disabled/Outdated* {0012F714-0000-0000-E001-927CFFFFFFFF}
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
FILE ::
"c:\docume~1\Jeff\IMPOST~1\Temp\catchme.sys"
"c:\programmi\Application Updater\ApplicationUpdater.exe"
"c:\programmi\AutocompletePro\unins000.exe"
"c:\programmi\AVG\AVG9\avgtray .exe"
"c:\programmi\ConduitEngine\prxConduitEngine.dll"
"c:\programmi\File comuni\AskToolbarInstaller.exe"
"c:\programmi\OfferBox\uninst.exe"
"c:\programmi\Search Settings\SearchSettings.exe"
"c:\programmi\SocialPlus\gm4ie.exe"
"c:\programmi\Softonic-IT\prxtbSof0.dll"
"c:\windows\winservi.exe"
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Jeff\Dati applicazioni\PriceGong
c:\programmi\Application Updater
c:\programmi\Application Updater\ApplicationUpdater.exe
c:\programmi\Application Updater\config.ini
c:\programmi\AVG\AVG9
c:\programmi\AVG\AVG9\avgtray .exe
c:\programmi\AVG\AVG9\setup.dat
c:\programmi\AVG\AVG9\setup.exe
c:\programmi\AVG\AVG9\setupit.lns
c:\programmi\AVG\AVG9\setupus.lns
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
c:\programmi\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
c:\programmi\ConduitEngine
c:\programmi\ConduitEngine\appContextMenu.xml
c:\programmi\ConduitEngine\ConduitEngin0.dll
c:\programmi\ConduitEngine\ConduitEngine.dll
c:\programmi\ConduitEngine\ConduitEngineHelper.exe
c:\programmi\ConduitEngine\ConduitEngineUninstall.exe
c:\programmi\ConduitEngine\engineContextMenu.xml
c:\programmi\ConduitEngine\EngineSettings.json
c:\programmi\ConduitEngine\prxConduitEngine.dll
c:\programmi\ConduitEngine\toolbar.cfg
c:\programmi\File comuni\AskToolbarInstaller.exe
c:\programmi\SocialPlus
c:\programmi\SocialPlus\gm4ie.exe
c:\programmi\Softonic-IT
c:\programmi\Softonic-IT\INSTALL.LOG
c:\programmi\Softonic-IT\ldrtbSof0.dll
c:\programmi\Softonic-IT\prxtbSof0.dll
c:\programmi\Softonic-IT\Softonic-ITToolbarHelper.exe
c:\programmi\Softonic-IT\Softonic-ITToolbarHelper1.exe
c:\programmi\Softonic-IT\tbSof0.dll
c:\programmi\Softonic-IT\tbSof1.dll
c:\programmi\Softonic-IT\tbSof2.dll
c:\programmi\Softonic-IT\tbSoft.dll
c:\programmi\Softonic-IT\toolbar.cfg
c:\programmi\Softonic-IT\uninstall.exe
c:\programmi\Softonic-IT\UNWISE.EXE
c:\programmi\Softonic-IT\UNWISE.INI
c:\windows\system32\drivers\etc\hosts.txt
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Application Updater
.
.
((((((((((((((((((((((((( Files Creati Da 2011-07-23 al 2011-08-23 )))))))))))))))))))))))))))))))))))
.
.
2011-08-23 12:46 . 2011-08-23 12:47 -------- d-----w- c:\documents and settings\Administrator
2011-08-22 14:40 . 2011-08-22 14:40 -------- d-----w- c:\programmi\CCleaner
2011-08-22 09:54 . 2011-08-22 09:54 -------- d-----w- c:\programmi\SUPERAntiSpyware
2011-08-22 09:20 . 2011-08-22 09:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2011-08-22 09:15 . 2011-08-23 09:55 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-08-22 09:15 . 2011-08-22 09:37 -------- d-----w- c:\programmi\Hitman Pro 3.5
2011-08-22 09:14 . 2011-08-22 09:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Hitman Pro
2011-08-21 21:11 . 2011-08-22 14:45 -------- d-----w- c:\documents and settings\Jeff
2011-08-20 09:28 . 2011-08-20 09:28 388096 ----a-r- c:\documents and settings\J\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-20 09:28 . 2011-08-20 09:28 -------- d-----w- c:\programmi\Trend Micro
2011-08-17 12:44 . 2011-08-17 12:45 -------- d-----w- c:\programmi\McAfee VirusScan Home Edition 7.02 Demo 30
2011-08-16 12:12 . 2011-08-16 12:13 -------- d-----w- c:\windows\system32\NtmsData
2011-08-16 11:02 . 2011-08-16 11:02 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-08-16 10:50 . 2011-08-16 10:50 -------- d-----w- c:\programmi\Uniblue
2011-08-16 10:49 . 2011-08-16 10:49 -------- d-----w- c:\documents and settings\J\Impostazioni locali\Dati applicazioni\PackageAware
2011-08-15 13:22 . 2009-04-29 04:33 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-08-15 13:22 . 2009-04-29 04:33 81920 ----a-w- c:\windows\system32\dllcache\ieencode.dll
2011-07-31 13:19 . 2010-08-24 19:57 141792 ----a-w- c:\windows\system32\mfevtps.exe
2011-07-31 13:07 . 2011-07-31 13:07 -------- d-s---w- c:\documents and settings\J\UserData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-18 11:31 . 2011-05-18 11:50 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-06 17:52 . 2011-04-21 11:26 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 17:52 . 2011-04-21 11:26 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-04 11:43 . 2010-08-10 10:30 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2010-08-10 10:30 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-06-16 05:34 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2010-08-10 10:31 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2010-08-10 10:31 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:35 . 2010-08-10 10:31 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-04 11:35 . 2010-08-10 10:31 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-04 11:32 . 2010-08-10 10:31 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2010-08-10 10:31 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-04 11:32 . 2010-08-10 10:31 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-12 06:26 . 2011-08-17 19:03 134104 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll
.
Codice: Seleziona tutto
<pre>
c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl .exe
c:\programmi\CyberLink\PowerDVD8\PDVD8Serv .exe
c:\programmi\CyberLink\PowerDVD8\Language\Language .exe
c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM .exe
c:\programmi\File comuni\Java\Java Update\jusched .exe
c:\programmi\Iminent\SearchTheWeb\Iminent.Notifier .exe
c:\programmi\Launch Manager\LManager .exe
c:\programmi\Realtek\Audio\Drivers\AzMixerSel .exe
c:\programmi\Synaptics\SynTP\SynTPEnh .exe
c:\windows\ime\imjp8_1\IMJPMIG .exe
</pre>

.
((((((((((((((((((((((((((((( SnapShot@2011-08-20_16.24.04 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-08-23 18:58 . 2011-08-23 18:58 16384 c:\windows\Temp\Perflib_Perfdata_758.dat
+ 2009-07-29 20:04 . 2011-08-21 12:04 85452 c:\windows\system32\perfc010.dat
+ 2009-07-29 20:04 . 2011-08-21 12:04 72346 c:\windows\system32\perfc009.dat
+ 2001-08-30 23:08 . 2008-04-14 12:00 14336 c:\windows\system32\dllcache\wowfaxui.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 49211 c:\windows\system32\dllcache\usrvpa.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 45116 c:\windows\system32\dllcache\usrvoica.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 49209 c:\windows\system32\dllcache\usrv80a.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 41019 c:\windows\system32\dllcache\usrsvpia.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 49211 c:\windows\system32\dllcache\usrsdpia.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 77883 c:\windows\system32\dllcache\usrrtosa.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 53305 c:\windows\system32\dllcache\usrlbva.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 86073 c:\windows\system32\dllcache\usrfaxa.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 77890 c:\windows\system32\dllcache\usrdpa.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 69699 c:\windows\system32\dllcache\usrcoina.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 61500 c:\windows\system32\dllcache\usrcntra.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 72192 c:\windows\system32\dllcache\sprio800.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 70656 c:\windows\system32\dllcache\sprio600.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 69632 c:\windows\system32\dllcache\spnike.dll
+ 2008-04-13 19:13 . 2008-04-14 12:00 35328 c:\windows\system32\dllcache\pid.dll
+ 2008-04-13 19:13 . 2008-04-14 12:00 54784 c:\windows\system32\dllcache\dmutil.dll
+ 2008-04-13 19:13 . 2008-04-14 12:00 30208 c:\windows\system32\dllcache\bthserv.dll
+ 2001-08-30 23:07 . 2008-04-14 12:00 3200 c:\windows\system32\dllcache\wowfax.dll
+ 2008-04-13 19:13 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\hccoin.dll
+ 2009-07-29 20:04 . 2011-08-21 12:04 491082 c:\windows\system32\perfh010.dat
+ 2009-07-29 20:04 . 2011-08-21 12:04 443368 c:\windows\system32\perfh009.dat
+ 2008-04-13 19:13 . 2008-04-14 12:00 108032 c:\windows\system32\dllcache\wshbth.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 102457 c:\windows\system32\dllcache\usrv42a.dll
+ 2001-08-30 23:08 . 2008-04-14 12:00 323641 c:\windows\system32\dllcache\usrdtea.dll
+ 2001-08-30 23:07 . 2008-04-14 12:00 157696 c:\windows\system32\dllcache\paqsp.dll
+ 2001-08-30 23:07 . 2008-04-14 12:00 147968 c:\windows\system32\dllcache\mdwmdmsp.dll
+ 2011-08-22 14:54 . 2011-08-22 14:54 1094656 c:\windows\Installer\21e958.msi
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\programmi\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-22 39408]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Malwarebytes' Anti-Malware"="c:\programmi\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
"HitmanPro35"="c:\programmi\Hitman Pro 3.5\HitmanPro35(1).exe" [2011-08-23 6394688]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10e.exe" [N/A]
.
c:\documents and settings\Guest\Menu Avvio\Programmi\Esecuzione automatica\
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\programmi\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igdlogin]
2009-04-28 03:44 65536 ----a-w- c:\windows\system32\igdlogin.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Acer VCM.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Acer VCM.lnk
backup=c:\windows\pss\Acer VCM.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^BTTray.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\programmi\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
c:\programmi\Realtek\Audio\Drivers\AzMixerSel.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataMngr]
c:\progra~1\WI9130~1\DataMngr\DataMngrUI.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GM4IE]
c:\programmi\SocialPlus\gm4ie.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-05-01 03:13 354840 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-05-01 03:13 137752 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMBooster]
c:\programmi\Iminent\IMBooster\IMBooster.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iminent.Notifier]
2010-08-17 14:18 536056 -c--a-w- c:\programmi\Iminent\SearchTheWeb\Iminent.Notifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2008-04-14 12:00 208952 -c--a-w- c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
c:\programmi\Launch Manager\LManager.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 20:11 3872080 ----a-w- c:\programmi\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2008-04-14 12:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pb_scheduler_agent]
c:\programmi\Premium Booster\scheduler.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
c:\programmi\CyberLink\PowerDVD8\Language\Language.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PersistenceThread]
2009-05-01 03:13 92696 ----a-w- c:\windows\system32\PersistenceThread.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2008-04-14 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2008-04-14 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
c:\programmi\CyberLink\PowerDVD8\PDVD8Serv.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
c:\programmi\Search Settings\SearchSettings.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Service Nouts]
winservi.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\programmi\File comuni\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-05-22 21:55 39408 ----a-w- c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
c:\programmi\Synaptics\SynTP\SynTPEnh.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
c:\programmi\TomTom HOME 2\TomTomHOMERunner.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UmxPol"=2 (0x2)
"UmxLU"=2 (0x2)
"TomTomHOMEService"=2 (0x2)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"idsvc"=3 (0x3)
"gusvc"=3 (0x3)
"gupdate"=2 (0x2)
"fsssvc"=3 (0x3)
"Application Updater"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [16/06/2011 7.34.17 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10/08/2010 12.31.26 309848]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 18.27.02 12880]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [12/07/2011 23.55.22 67664]
R2 !SASCORE;SAS Core Service;c:\programmi\SUPERAntiSpyware\SASCore.exe [12/08/2011 1.38.07 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/08/2010 12.31.26 19544]
R2 DCService.exe;DCService.exe;c:\documents and settings\All Users\Dati applicazioni\DatacardService\DCService.exe [08/05/2010 13.48.36 229376]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [17/03/2011 16.04.33 47616]
R2 MBAMService;MBAMService;c:\programmi\Malwarebytes' Anti-Malware\mbamservice.exe [21/04/2011 13.26.56 366640]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [31/07/2011 15.19.54 141792]
R2 RS_Service;Raw Socket Service;c:\programmi\Acer\Acer VCM\RS_Service.exe [29/07/2009 16.05.50 237568]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [11/06/2011 22.06.36 63616]
R3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [29/07/2009 14.49.22 5096544]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29/09/2009 9.11.22 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29/09/2009 9.11.20 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29/09/2009 9.11.20 12928]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [21/04/2011 13.26.50 22712]
R3 vodafone_K3805-z_dc_enum;Vodafone K3805-z DC Enumerator (ZTE);c:\windows\system32\drivers\vodafone_K3805-z_dc_enum.sys [01/09/2010 14.33.12 80000]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [22/05/2010 19.04.35 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29/07/2009 14.55.41 1684736]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [11/06/2011 22.06.30 101504]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [11/06/2011 22.06.33 117504]
S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\Google\Update\GoogleUpdate.exe [22/05/2010 19.04.35 135664]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [29/07/2009 14.41.21 164864]
S3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 vodafone_K3805-z_cdc_acm;Vodafone K3805-z CDC-ACM driver (ZTE);c:\windows\system32\drivers\vodafone_K3805-z_cdc_acm.sys [01/09/2010 14.33.10 85888]
S3 vodafone_K3805-z_cdc_ecm;vodafone_K3805-z_cdc_ecm;c:\windows\system32\drivers\vodafone_K3805-z_cdc_ecm.sys [01/09/2010 14.33.12 50304]
S3 vodafone_K3805-z_cpo;Vodafone K3805-z Install;c:\windows\system32\drivers\vodafone_K3805-z_cpo.sys [01/09/2010 14.33.12 9728]
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-08-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
.
2011-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-05-22 17:04]
.
2011-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-05-22 17:04]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://global.acer.com
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://downloads.phpnuke.org/it/index.php?rvs=google
uInternet Connection Wizard,ShellNext = hxxp://www.dilandau.eu/download_music/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Invia a Bluetooth - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Invia a periferica &Bluetooth... - c:\programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{09E90109-A9AA-4980-BCEF-76F8D924E902}
FF - ProfilePath - c:\documents and settings\Jeff\Dati applicazioni\Mozilla\Firefox\Profiles\r6uj5nxj.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://it-it.facebook.com/
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - c:\programmi\ConduitEngine\prxConduitEngine.dll
AddRemove-conduitEngine - c:\programmi\ConduitEngine\ConduitEngineUninstall.exe
AddRemove-Softonic-IT Toolbar - c:\programmi\Softonic-IT\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-23 21:00
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST9160310AS rev.0303 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x86CE1EC5]<<
_asm { PUSH EBP; MOV EBP, ESP; SUB ESP, 0x1c; PUSH EBX; PUSH ESI; MOV DWORD [EBP-0x4], 0x85415872; SUB DWORD [EBP-0x4], 0x8541512e; PUSH EDI; CALL 0xffffffffffffdf33; }
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x86D82228]
3 CLASSPNP[0xF7547FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\000000a7[0x86D869E8]
5 ACPI[0xF735E620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x86D86D98]
[0x86D48EB0] -> IRP_MJ_CREATE -> 0x86CE1EC5
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskST9160310AS_____________________________0303____#5&17e46ae0&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x86CE1AEA
user & kernel MBR OK
sectors 312581806 (+255): user != kernel
Warning: possible TDL3 rootkit infection !
.
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(596)
c:\programmi\SUPERAntiSpyware\SASWINLO.DLL
.
- - - - - - - > 'explorer.exe'(3224)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Alwil Software\Avast5\AvastSvc.exe
c:\programmi\Bonjour\mDNSResponder.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\programmi\WIDCOMM\Bluetooth Software\bin\btwdins.exe
.
**************************************************************************
.
Ora fine scansione: 2011-08-23 21:09:08 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2011-08-23 19:08
ComboFix2.txt 2011-08-23 15:37
ComboFix3.txt 2011-08-20 16:33
.
Pre-Run: 121.723.084.800 byte disponibili
Post-Run: 121.666.514.944 byte disponibili
.
- - End Of File - - 317A176DCA361A4E4C117E249F8FC43E
ignotum
Utente Junior
 
Post: 42
Iscritto il: 19/08/11 21:20

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi COCCOBELLO » 23/08/11 20:32

sono rimaste 2 chivi infette
dopo le eliminiamo

mi fai prima la scansione con tdsskiller come scritto sopra?
http://support.kaspersky.com/downloads/ ... killer.zip
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi ignotum » 23/08/11 20:36

l'ho fatta e mi ha chiesto di riavviare il computer ma non ho visto nessun log
ignotum
Utente Junior
 
Post: 42
Iscritto il: 19/08/11 21:20

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi COCCOBELLO » 23/08/11 20:40

vedi se lo trovi in disco locale c
tdsskiller_txt

combofix riporta
Warning: possible TDL3 rootkit infection
c'e' da preoccuparsi :eeh:
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi ignotum » 23/08/11 20:45

non c'è, provo a rifare la scansione????
ignotum
Utente Junior
 
Post: 42
Iscritto il: 19/08/11 21:20

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi COCCOBELLO » 23/08/11 20:50

prova a rifarla
segui attentamente come fare

doppio click su TDSSKILLER,exe
fare clic su Start Scan
e attendi la scansione

Se trova il file infetto viene rilevato, l'azione predefinita sarà Cure, fare clic su Continua.

Se un file sospetto è rilevato, l'azione predefinita sarà Skip , fare clic su Continua.

Se chiede di riavviare il pc acconsenti
Se non chiede di riavviare il pc clicca su report e salvalo sul desktop

Postalo qui.
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi ignotum » 23/08/11 20:55

dimmi che è giusto ti prego..


Codice: Seleziona tutto
2011/08/23 22:02:04.0296 2192   TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/23 22:02:05.0687 2192   ================================================================================
2011/08/23 22:02:05.0687 2192   SystemInfo:
2011/08/23 22:02:05.0703 2192   
2011/08/23 22:02:05.0703 2192   OS Version: 5.1.2600 ServicePack: 3.0
2011/08/23 22:02:05.0703 2192   Product type: Workstation
2011/08/23 22:02:05.0703 2192   ComputerName: JEFFERSON
2011/08/23 22:02:05.0703 2192   UserName: Jeff
2011/08/23 22:02:05.0703 2192   Windows directory: C:\WINDOWS
2011/08/23 22:02:05.0703 2192   System windows directory: C:\WINDOWS
2011/08/23 22:02:05.0703 2192   Processor architecture: Intel x86
2011/08/23 22:02:05.0703 2192   Number of processors: 2
2011/08/23 22:02:05.0703 2192   Page size: 0x1000
2011/08/23 22:02:05.0703 2192   Boot type: Normal boot
2011/08/23 22:02:05.0703 2192   ================================================================================
2011/08/23 22:02:07.0390 2192   Initialize success
2011/08/23 22:02:19.0781 0996   ================================================================================
2011/08/23 22:02:19.0781 0996   Scan started
2011/08/23 22:02:19.0781 0996   Mode: Manual;
2011/08/23 22:02:19.0781 0996   ================================================================================
2011/08/23 22:02:21.0265 0996   Aavmker4        (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/08/23 22:02:21.0390 0996   abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/08/23 22:02:21.0515 0996   ACPI            (d766e636187b8f240bbfbabcd51eb2c6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/23 22:02:21.0546 0996   ACPIEC          (49ac5cd87fbdda62f3e25190019e7627) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/08/23 22:02:21.0656 0996   adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/08/23 22:02:21.0718 0996   aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/23 22:02:21.0828 0996   AFD             (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/08/23 22:02:21.0906 0996   agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/08/23 22:02:22.0015 0996   agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/08/23 22:02:22.0171 0996   Aha154x         (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/08/23 22:02:22.0234 0996   aic78u2         (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/08/23 22:02:22.0312 0996   aic78xx         (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/08/23 22:02:22.0453 0996   AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/08/23 22:02:22.0562 0996   alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/08/23 22:02:22.0718 0996   Ambfilt         (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
2011/08/23 22:02:22.0828 0996   amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/08/23 22:02:22.0937 0996   amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/08/23 22:02:23.0078 0996   asc             (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/08/23 22:02:23.0125 0996   asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/08/23 22:02:23.0171 0996   asc3550         (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/08/23 22:02:23.0296 0996   aswFsBlk        (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/08/23 22:02:23.0359 0996   aswMon2         (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/08/23 22:02:23.0515 0996   aswRdr          (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/08/23 22:02:23.0703 0996   aswSnx          (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/08/23 22:02:23.0781 0996   aswSP           (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/08/23 22:02:23.0843 0996   aswTdi          (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/08/23 22:02:23.0921 0996   AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/23 22:02:24.0046 0996   atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/23 22:02:24.0203 0996   Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/23 22:02:24.0359 0996   audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/23 22:02:24.0609 0996   BCM43XX         (fe4ed785396eaa554c561992106a35fa) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/08/23 22:02:24.0796 0996   Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/23 22:02:24.0953 0996   btaudio         (d6407b9a012205e5754866e145165c29) C:\WINDOWS\system32\drivers\btaudio.sys
2011/08/23 22:02:25.0093 0996   BTDriver        (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
2011/08/23 22:02:25.0234 0996   BTKRNL          (75130181fa2fd6cbe83083c5311abe78) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2011/08/23 22:02:25.0500 0996   BTWDNDIS        (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2011/08/23 22:02:25.0625 0996   btwhid          (c51d50cf24da69a9c499e65b0edb3bb7) C:\WINDOWS\system32\DRIVERS\btwhid.sys
2011/08/23 22:02:25.0671 0996   btwmodem        (5922bae0cd84924b9cd7e6bb515ee070) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
2011/08/23 22:02:25.0812 0996   BTWUSB          (1166cb501e1c34750a91600579efeab3) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/08/23 22:02:25.0984 0996   cbidf           (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/08/23 22:02:26.0046 0996   cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/23 22:02:26.0156 0996   CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/08/23 22:02:26.0218 0996   cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/08/23 22:02:26.0312 0996   Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/23 22:02:26.0421 0996   Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/23 22:02:26.0531 0996   Cdrom           (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/23 22:02:26.0671 0996   CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/08/23 22:02:26.0750 0996   CmdIde          (03a71b880380d15a0f951612b0f52be8) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/08/23 22:02:26.0796 0996   Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/08/23 22:02:26.0906 0996   Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/08/23 22:02:27.0031 0996   dac2w2k         (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/08/23 22:02:27.0078 0996   dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/08/23 22:02:27.0187 0996   Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/23 22:02:27.0296 0996   DKbFltr         (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
2011/08/23 22:02:27.0468 0996   dmboot          (82bc125a8ed33f5f0e75f2aac1065323) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/23 22:02:27.0578 0996   dmio            (e959ddc0ea7ac11ee5e5602e2a364310) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/23 22:02:27.0656 0996   dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/23 22:02:27.0750 0996   DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/23 22:02:27.0890 0996   dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/08/23 22:02:27.0968 0996   drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/23 22:02:28.0140 0996   ewusbnet        (4fd02e31eac2cbc81eb08a1ce81e73a2) C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
2011/08/23 22:02:28.0312 0996   ew_hwusbdev     (e98a64c7f106740a38fb2b78197816f8) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
2011/08/23 22:02:28.0406 0996   Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/23 22:02:28.0546 0996   Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/08/23 22:02:28.0625 0996   Fips            (2cfea3326981a18c6baf2bd9be76225b) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/23 22:02:28.0671 0996   Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/08/23 22:02:28.0734 0996   FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/08/23 22:02:28.0859 0996   fssfltr         (e0087225b137e57239ff40f8ae82059b) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2011/08/23 22:02:28.0968 0996   Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/23 22:02:29.0109 0996   Ftdisk          (f3269a6ee547ea87b949a1cea4816b38) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/23 22:02:29.0281 0996   GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/08/23 22:02:29.0375 0996   Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/23 22:02:29.0468 0996   HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/08/23 22:02:29.0593 0996   HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/23 22:02:29.0703 0996   hpn             (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/08/23 22:02:29.0812 0996   HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/23 22:02:29.0937 0996   huawei_enumerator (22a4b14530194fc57c1c849fb5afee17) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
2011/08/23 22:02:30.0031 0996   hwdatacard      (3e3bfe85b9fe3720bf4c108f57c945fb) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
2011/08/23 22:02:30.0171 0996   i2omgmt         (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/08/23 22:02:30.0281 0996   i2omp           (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/08/23 22:02:30.0421 0996   i8042prt        (610726e28af55b95043c5c35a727e320) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/23 22:02:30.0765 0996   igd             (8b15d86eb89a7234522acf38de0ef1e7) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/08/23 22:02:31.0000 0996   Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/23 22:02:31.0156 0996   ini910u         (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/08/23 22:02:31.0546 0996   IntcAzAudAddService (7f33081e463863a38ff231f211a004a9) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/08/23 22:02:32.0828 0996   IntelIde        (027fe9b28fb0f861c181d25923b31e78) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/08/23 22:02:33.0000 0996   intelppm        (ebd830a0970c438047006a49c23e287f) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/08/23 22:02:33.0156 0996   Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/08/23 22:02:33.0312 0996   IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/23 22:02:33.0578 0996   IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/23 22:02:33.0734 0996   IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/23 22:02:33.0812 0996   IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/23 22:02:33.0921 0996   IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/23 22:02:34.0062 0996   isapnp          (0953594beb81cc72fcc62d37921b25a6) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/23 22:02:34.0203 0996   Kbdclass        (28b6eace513ca7eaba3b809ad4bc274d) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/23 22:02:34.0421 0996   kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/23 22:02:34.0578 0996   KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/23 22:02:34.0765 0996   LgBttPort       (4dd47b5af0b24871ebb9efc012a7474e) C:\WINDOWS\system32\DRIVERS\lgbtport.sys
2011/08/23 22:02:35.0406 0996   lgbusenum       (1d038ca6c529203087a990e5e97887b4) C:\WINDOWS\system32\DRIVERS\lgbtbus.sys
2011/08/23 22:02:35.0593 0996   LGVMODEM        (26f1976a330195d62a6224c76968cf0d) C:\WINDOWS\system32\DRIVERS\lgvmodem.sys
2011/08/23 22:02:35.0812 0996   MBAMProtector   (eca00eed9ab95489007b0ef84c7149de) C:\WINDOWS\system32\drivers\mbam.sys
2011/08/23 22:02:35.0921 0996   mfeapfk         (5bd0c401a8ee4a54f6176c0a10d595ae) C:\WINDOWS\system32\drivers\mfeapfk.sys
2011/08/23 22:02:36.0015 0996   mfehidk         (32f7298664874715ce469a79078853c4) C:\WINDOWS\system32\drivers\mfehidk.sys
2011/08/23 22:02:36.0187 0996   mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/23 22:02:36.0296 0996   Modem           (8cb6636806d76b85fafaee94d75f5129) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/23 22:02:36.0437 0996   Monfilt         (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
2011/08/23 22:02:36.0562 0996   Mouclass        (e904ebed608055a2bfb824c07f59766c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/23 22:02:36.0671 0996   mouhid          (d7662f0cf5b77bbbe3202716f5bd5318) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/23 22:02:36.0750 0996   MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/23 22:02:37.0031 0996   mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/08/23 22:02:37.0187 0996   MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/23 22:02:37.0328 0996   MRxSmb          (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/23 22:02:37.0484 0996   Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/23 22:02:37.0593 0996   MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/23 22:02:37.0687 0996   MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/23 22:02:37.0781 0996   MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/23 22:02:37.0937 0996   mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/23 22:02:38.0015 0996   MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/08/23 22:02:38.0109 0996   Mup             (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/23 22:02:38.0203 0996   NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/08/23 22:02:38.0390 0996   NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/23 22:02:38.0500 0996   NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/08/23 22:02:38.0578 0996   NdisTapi        (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/23 22:02:38.0734 0996   Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/23 22:02:39.0140 0996   NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/23 22:02:39.0328 0996   NDProxy         (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/23 22:02:39.0453 0996   NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/23 22:02:39.0562 0996   NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/23 22:02:39.0812 0996   nm              (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
2011/08/23 22:02:39.0906 0996   Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/23 22:02:40.0062 0996   Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/23 22:02:40.0296 0996   Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/23 22:02:40.0390 0996   NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/23 22:02:40.0500 0996   NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/23 22:02:40.0765 0996   Parport         (4e9408a178b2d955871c2cdd278de3c3) C:\WINDOWS\system32\drivers\Parport.sys
2011/08/23 22:02:40.0875 0996   PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/23 22:02:40.0953 0996   ParVdm          (0dabef655a444cb1e193626fb1d24b9f) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/23 22:02:41.0046 0996   PCI             (f40a46892afebb0314536b849d57c11e) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/23 22:02:41.0265 0996   PCIIde          (b2df00d650fd6c4ee781740ed3c8e67f) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/23 22:02:41.0343 0996   Pcmcia          (815c50f2b1d1562800bdce8be895000e) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/08/23 22:02:41.0609 0996   perc2           (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/08/23 22:02:41.0687 0996   perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/08/23 22:02:41.0937 0996   PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/23 22:02:42.0015 0996   PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/23 22:02:42.0062 0996   Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/23 22:02:42.0125 0996   ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/08/23 22:02:42.0328 0996   Ql10wnt         (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/08/23 22:02:42.0437 0996   ql12160         (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/08/23 22:02:42.0515 0996   ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/08/23 22:02:42.0593 0996   ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/08/23 22:02:42.0671 0996   RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/23 22:02:42.0781 0996   Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/23 22:02:42.0859 0996   RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/23 22:02:42.0937 0996   Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/23 22:02:43.0031 0996   Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/23 22:02:43.0125 0996   RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/23 22:02:43.0343 0996   rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/08/23 22:02:43.0453 0996   RDPWD           (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/23 22:02:43.0546 0996   redbook         (393fc252593323b624b230eca6b85e63) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/23 22:02:43.0625 0996   ROOTMODEM       (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/08/23 22:02:43.0765 0996   RSUSBSTOR       (2ab66b8ccd92d4d8e33c98fea874325b) C:\WINDOWS\system32\Drivers\RtsUStor.sys
2011/08/23 22:02:44.0000 0996   RTLE8023xp      (f42679371a71a94a451785e714ef2710) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/08/23 22:02:44.0296 0996   SASDIFSV        (39763504067962108505bff25f024345) C:\Programmi\SUPERAntiSpyware\SASDIFSV.SYS
2011/08/23 22:02:44.0375 0996   SASKUTIL        (77b9fc20084b48408ad3e87570eb4a85) C:\Programmi\SUPERAntiSpyware\SASKUTIL.SYS
2011/08/23 22:02:44.0484 0996   Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/23 22:02:44.0593 0996   Serial          (fdbd9d64e2e03270021d424f0dccf79d) C:\WINDOWS\system32\drivers\Serial.sys
2011/08/23 22:02:44.0703 0996   Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/23 22:02:44.0921 0996   sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/08/23 22:02:44.0984 0996   SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/08/23 22:02:45.0046 0996   Sparrow         (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/08/23 22:02:45.0125 0996   splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/23 22:02:45.0218 0996   sr              (618718cae288bf7cbd8fcbab2577d932) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/23 22:02:45.0453 0996   Srv             (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/23 22:02:45.0625 0996   streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/08/23 22:02:45.0734 0996   swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/23 22:02:45.0828 0996   swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/23 22:02:45.0937 0996   symc810         (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/08/23 22:02:46.0000 0996   symc8xx         (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/08/23 22:02:46.0062 0996   sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/08/23 22:02:46.0109 0996   sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/08/23 22:02:46.0218 0996   SynTP           (60cd166ae4261920b4008a1a114ae97c) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/08/23 22:02:46.0296 0996   sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/23 22:02:46.0453 0996   Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/23 22:02:46.0531 0996   TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/23 22:02:46.0578 0996   TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/23 22:02:46.0687 0996   TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/23 22:02:46.0859 0996   TosIde          (b5cee774da04340c6f4c0fd14286a50e) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/08/23 22:02:46.0984 0996   Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/23 22:02:47.0140 0996   ultra           (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/08/23 22:02:47.0359 0996   Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/23 22:02:47.0546 0996   usbbus          (f2dd4159715afa801c7916f85d2e2779) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
2011/08/23 22:02:47.0640 0996   usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/23 22:02:47.0765 0996   UsbDiag         (41c12f229cf403a2bb2c8f4a05993c8f) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
2011/08/23 22:02:47.0859 0996   usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/23 22:02:47.0906 0996   usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/23 22:02:47.0984 0996   USBModem        (f8e0b715ecdcc4d426d1dc8bead6e0b8) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
2011/08/23 22:02:48.0062 0996   usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/23 22:02:48.0140 0996   USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/23 22:02:48.0296 0996   usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/23 22:02:48.0343 0996   usbvideo        (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/08/23 22:02:48.0406 0996   VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/23 22:02:48.0468 0996   viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/08/23 22:02:48.0546 0996   ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/08/23 22:02:48.0640 0996   vodafone_K3805-z_cdc_acm (58b38d0d3944f9ea5e451e7ac94170f3) C:\WINDOWS\system32\DRIVERS\vodafone_K3805-z_cdc_acm.sys
2011/08/23 22:02:48.0750 0996   vodafone_K3805-z_cdc_ecm (af066b09e09dc27fcfdc9e0afe804945) C:\WINDOWS\system32\DRIVERS\vodafone_K3805-z_cdc_ecm.sys
2011/08/23 22:02:48.0875 0996   vodafone_K3805-z_cpo (ee5c3866842670440216d0724d348a72) C:\WINDOWS\system32\DRIVERS\vodafone_K3805-z_cpo.sys
2011/08/23 22:02:48.0984 0996   vodafone_K3805-z_dc_enum (381ba57c1ee2ab1bafcb4a6035cc305f) C:\WINDOWS\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys
2011/08/23 22:02:49.0093 0996   VolSnap         (e46c1b5a56da7da603d09dfcc79ec59e) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/23 22:02:49.0281 0996   Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/23 22:02:49.0406 0996   Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/08/23 22:02:49.0531 0996   wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/23 22:02:49.0718 0996   WmiAcpi         (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/08/23 22:02:49.0859 0996   WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/08/23 22:02:49.0953 0996   WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/08/23 22:02:50.0109 0996   WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/23 22:02:50.0218 0996   WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/23 22:02:51.0000 0996   MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/08/23 22:02:51.0062 0996   Boot (0x1200)   (5b0c3e5d21f4052bc0aeae81c4c82237) \Device\Harddisk0\DR0\Partition0
2011/08/23 22:02:51.0078 0996   ================================================================================
2011/08/23 22:02:51.0078 0996   Scan finished
2011/08/23 22:02:51.0078 0996   ================================================================================
2011/08/23 22:02:51.0109 2828   Detected object count: 0
2011/08/23 22:02:51.0109 2828   Actual detected object count: 0
ignotum
Utente Junior
 
Post: 42
Iscritto il: 19/08/11 21:20

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi COCCOBELLO » 23/08/11 21:08

e giusto
ok e pulito ;)

fai questa operazione manuale in modo da non farti eseguire di nuovo combofix

start-Esegui
scrivi regedit e dai ok

individua questa chiave
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings
alla tua destra troverai una voce SearchSettings selezionala ed eliminala

poi individua
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Service Nouts
alla tua destra troverai una voce winservi.exe selezionala ed eliminala

chiudi il registro
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi ignotum » 23/08/11 21:23

scusa ma trovo solo HKEY_LOCAL_MACHINE clicco e a destra c'è scritto ab (predefinito)
ignotum
Utente Junior
 
Post: 42
Iscritto il: 19/08/11 21:20

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi COCCOBELLO » 23/08/11 21:30

devi arrivare fino
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings((( la elimini
cancella tutta la cartella SearchSettings

poi individua
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Service Nouts
seleziona Service Nouts
alla tua destra troverai una voce winservi.exe selezionala ed eliminala
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi COCCOBELLO » 23/08/11 21:49

Trovate?
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi ignotum » 23/08/11 21:49

mi si apre questa finestra e poi non so cosa fare

regidit.bmp
ignotum
Utente Junior
 
Post: 42
Iscritto il: 19/08/11 21:20

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi COCCOBELLO » 23/08/11 21:56

ora devi cliccare su + software
poi microsoft\
poi shared tools\
poi msconfig\
poi startupreg\
troverai SearchSettings((( la elimini

stessa cosa per l'altra
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi ignotum » 23/08/11 22:00

a scusa adesso ho capito non avevo capito che dovevo farlo in quel modo adesso un attimo che lo faccio
ignotum
Utente Junior
 
Post: 42
Iscritto il: 19/08/11 21:20

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi COCCOBELLO » 23/08/11 22:04

ok
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!

Postdi ignotum » 23/08/11 22:06

fatto..
ignotum
Utente Junior
 
Post: 42
Iscritto il: 19/08/11 21:20

PrecedenteProssimo

Torna a Sicurezza e Privacy


Topic correlati a "VI PREGO DATEMI UNA MANO NON CE LA FACCIO PIU!!!!":


Chi c’è in linea

Visitano il forum: Nessuno e 38 ospiti

cron