[ah24]

Ciao ragazzi,

Posted on qui un po 'indietro con problemi di virus sul mio computer portatile - Evil aiutato in maniera massiccia e il computer portatile è in esecuzione perfetta!

Però .... ora il mio desktop sanguinosa ha qualcosa

La settimana scorsa ho ricevuto una email con Bebo da uno dei miei compagni dicendo di controllo di questo video di me e la sua signora dal Venerdì (e sapevo che era uscito sul Venerdì quindi pensato che fosse davvero lui) Comunque, apro, hanno per installare un nuovo giocatore .... e thats dove penso che il virus di provenienza. Una finestra di venire con un carico di roba che non ha ancora capito poi è andato in discesa da lì ..

Ora I cant get su determinati siti, uno che o mi ci vuole per colpire aggiornare circa un centinaio di volte! A volte una parte del sito carichi ..... e la gente continua a ricevere messaggi strani da me su facebook

Qualche idea di cosa diavolo si tratta e come è sorta? Inoltre, non sono sicuro se si potesse essere correlato, ma poiché tutto questo, il mio lavoro wont Sky + box?! Al momento non sarà neppure accendere ... dubito che i suoi correlati, ma ho pensato di controllare ..

Aiuto per favore!

[Hybr! D]

Segui la guida e dopo il file di log come prima per favore.

[ah24]

Logfile di Trend Micro HijackThis v2.0.2
Scan saved at 22:18:20, il 06/11/2008
Piattaforma: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Processi in esecuzione:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ WinZip \ WZQKPICK.EXE
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgam.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgnsx.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
C: \ Program Files \ AVG \ AVG8 \ avgtray.exe
C: \ Program Files \ AVG \ AVG8 \ avgui.exe
C: \ Program Files \ AVG \ AVG8 \ avgscanx.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/ig?hl=en
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / r
O4 - HKLM \ .. \ Run: [Realtime Monitor] C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe-s
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Sony Ericsson PC Suite] "C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe" / systray / nologon
O4 - HKUS \ S-1-5-18 \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C: \ Program Files \ WinZip \ WZQKPICK.EXE
O8 - Extra contesto voce di menu: E & sporta in Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ micros ~ 2 \ Office11 \ EXCEL.EXE/3000
O9 - Extra pulsante: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra pulsante: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ micros ~ 2 \ Office11 \ REFIEBAR.DLL
O9 - Extra pulsante: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra pulsante: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Class) -- http://support.euro.dell.com/systemprofiler/SysPro.CAB
Ø16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab
Ø16 - DPF: (138E6DC9-4F4B-722B-B09D-95D191869696) (Bebo Uploader Control) -- http://www.bebo.com/files/BeboUploader.5.1.4.cab
Ø16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
Ø16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
Ø16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
Ø18 - Protocollo: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp.dll
Ø20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Sconosciuto proprietario - C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
O23 - Service: AVG8 Watchdog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
--
End of file - 7142 bytes

[evilfantasy]

Si esegue due antivirus nello stesso momento.

I (così come Microsoft, McAfee e Symantec) Ha raccomandato che si NON hanno più di un prodotto antivirus installato e in esecuzione sul vostro computer in un momento.

La protezione in tempo reale dei due programmi antivirus possono essere in conflitto gli uni con gli altri e far sì che il seguente:

1) Falsi allarmi: Quando il software antivirus vi dice che il PC ha un virus, quando in realtà non è così.
2) Conflitti: Il sistema potrebbe bloccare fino a causa di entrambi i prodotti che tentano di accedere allo stesso file allo stesso tempo.
3) Performance: Più che un antivirus provocherà il vostro PC a diventare lento e può anche crash o schermata blu.

Vi consiglio caldamente sia configurare solo un programma antivirus per consentire automatico scansione in tempo reale, e lasciare gli altri portatori di handicap, che li utilizza per scanner on-demand o andare a Inizio > Pannello di controllo > Aggiungi / Rimuovi Programmi e disinstallare tutti, ma un programma antivirus.

Si prega di disinstallare uno ora per evitare problemi con le scansioni e le correzioni che abbiamo bisogno di fare.

----------

Scaricare Malwarebytes' Anti-Malware (MBAM)

• Fare doppio clic su mbam-setup.exe e seguire le istruzioni per installare il programma.
• Alla fine, essere sicuro è un segno di spunta accanto al seguente:
  • Aggiorna Malwarebytes' Anti-Malware
  • Lancio Malwarebytes' Anti-Malware
• Quindi, fare clic su Fine.
• Se viene trovato un aggiornamento, si scarica e installa l'ultima versione.
• Una volta che il programma ha caricato, selezionare Eseguire la scansione rapida, Quindi fare clic su Scan.
• Quando la scansione è completata, fare clic OK, Quindi Mostra i risultati per visualizzare i risultati.
• Essere sicuri che tutto è controllato, e fare clic su Rimuovi selezionati.
• Quando la disinfezione sarà completata, verrà aperto un registro nel Blocco note e può essere richiesto di riavviare. (Vedi Nota Extra)
• Il log viene salvato automaticamente dal MBAM e possono essere visualizzati cliccando i log nella scheda MBAM.
• Copia e incolla l'intero rapporto con il prossimo risposta.

Ulteriori Note: Se MBAM incontra un file che è difficile da rimuovere, verrà presentato con 1 di 2 istruzioni, fare clic su OK per lasciare che sia MBAM e procedere con il processo di disinfezione, se richiesto di riavviare il computer, si prega di farlo immediatamente.

----------

Scaricare casuale il sistema di strumento di informazione (RSIT) dal casuale / random da e salvarlo sul desktop.

• Fare doppio clic su RSIT.exe per l'esecuzione.
• Fare clic sul pulsante Continua alla clausola di esclusione della responsabilità schermo.
• Una volta che ha finito, si aprirà due tronchi.
• log.txt <sarà massimizzata e info.txt <sarà minimizzato
• Si prega di pubblicare il contenuto di entrambi log nella prossima risposta.

[ah24]

I'll disattivare e sbarazzarsi di AVG adesso ...

Solo per farvi sapere, thats soltanto qui circa un'ora o così mi pare - qualcuno consiglia così ho subito DL'd e non sono sbarazzati di ancora ...

Will post log in un paio di minuti

[evilfantasy]

CA e AVG sono circa la stessa cosa a mio parere. Quindi non credo che l'installazione farebbe bene.

[ah24]

Log casuale di RST;

"Log.txt":

Logfile casuale del sistema di strumento di informazione 1,04 (scritto da casuale / random)
Gestito da Adam at 2008-11-06 22:43:21
Microsoft Windows XP Professional Service Pack 2
System drive C: dispone di 42 GB (57%) esente da 73 GB
Totali di RAM: 510 MB (36% libero)
Logfile di Trend Micro HijackThis v2.0.2
Scan saved at 22:43:38, il 06/11/2008
Piattaforma: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Processi in esecuzione:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ WinZip \ WZQKPICK.EXE
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ Program Files \ Malwarebytes' Anti-Malware \ mbam.exe
C: \ Documents and Settings \ Adam \ Desktop \ RSIT.exe
C: \ Program Files \ Trend Micro \ HijackThis \ Adam.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/ig?hl=en
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll (file mancanti)
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / r
O4 - HKLM \ .. \ Run: [Realtime Monitor] C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe-s
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ apdproxy.exe"
O4 - HKLM \ .. \ RunOnce: [Malwarebytes' Anti-Malware] C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamgui.exe / install / silent
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Sony Ericsson PC Suite] "C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe" / systray / nologon
O4 - HKUS \ S-1-5-18 \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C: \ Program Files \ WinZip \ WZQKPICK.EXE
O8 - Extra contesto voce di menu: E & sporta in Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ micros ~ 2 \ Office11 \ EXCEL.EXE/3000
O9 - Extra pulsante: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra pulsante: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ micros ~ 2 \ Office11 \ REFIEBAR.DLL
O9 - Extra pulsante: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra pulsante: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Class) -- http://support.euro.dell.com/systemprofiler/SysPro.CAB
Ø16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab
Ø16 - DPF: (138E6DC9-4F4B-722B-B09D-95D191869696) (Bebo Uploader Control) -- http://www.bebo.com/files/BeboUploader.5.1.4.cab
Ø16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
Ø16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
Ø16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Sconosciuto proprietario - C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
--
End of file - 6709 bytes
====== ====== Cartella Operazioni pianificate
C: \ WINDOWS \ compiti \ AppleSoftwareUpdate.job
====== ====== Registro discarica
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3)]
Adobe PDF Reader Link Helper - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0)]
AVG Safe Search - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll []
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (5CA3D70E-1895-11CF-8E15-001234567890)]
DriveLetterAccess - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll [2004-08-13 118842]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)]
SSVHelper Class - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (7E853D72-626A-48EC-A868-BA8D5E23E045)]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (9030D464-4C02-4ABF-8ECC-5164760863C6)]
Windows Live Sign-in Helper - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll [2006-07-07 324416]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Run]
"CcApp" = C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe [2004-10-14 1404928]
"dla" = C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe [2004-08-13 122939]
"SunJavaUpdateSched" = C: \ Programmi \ File comuni \ Sonic \ Update Manager \ sgtray.exe [2004-01-07 110592]
"Realtime Monitor" = C: \ PROGRA ~ 1 \ CA \ ETrust ~ 1 \ realmon.exe [2004-04-06 504080]
"" = []
"CTFMON.EXE" = C: \ WINDOWS \ system32 \ igfxtray.exe [2005-09-20 94208]
"iTunesHelper" = C: \ WINDOWS \ system32 \ hkcmd.exe [2005-09-20 77824]
"SunJavaUpdateSched" = C: \ WINDOWS \ system32 \ hkcmd.exe [2005-09-20 114688]
"QuickTime Task" = C: \ Program Files \ QuickTime \ qttask.exe [2006-10-25 282624]
"Software Update" = C: \ Program Files \ iTunes \ iTunesHelper.exe [2006-10-30 256576]
"SunJavaUpdateSched" = C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe [2008-06-10 144784]
"Adobe Photo Downloader" = C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ apdproxy.exe [2006-09-14 61440]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ RunOnce]
"Malwarebytes 'Anti-Malware" = C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamgui.exe [2008-10-22 399504]
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"ctfmon.exe" = C: \ WINDOWS \ system32 \ ctfmon.exe [2004-08-04 15360]
"Sony Ericsson PC Suite" = C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe [2007-10-18 356352]
C: \ Documents and Settings \ All Users \ Menu Avvio \ Programmi \ Startup
Adobe Gamma - C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe
Adobe Reader Synchronizer.lnk - C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
WinZip Quick Pick.lnk - C: \ Program Files \ WinZip \ WZQKPICK.EXE
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \ igfxcui]
C: \ WINDOWS \ system32 \ igfxdev.dll [2005-09-20 135168]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ System]
"dontdisplaylastusername" = 0
"LegalNoticeCaption" =
"LegalNoticeText" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Policies \ Explorer]
"NoDriveTypeAutoRun" = 145
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servizi es \ sharedaccess \ parameters \ firewallpolicy \ profilo standard \ authorizedapplications \ list]
"% windir% \ system32 \ sessmgr.exe" = "% windir% \ system32 \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ Program Files \ Messenger \ msmsgs.exe" = "C: \ Program Files \ Messenger \ msmsgs.exe: *: Enabled: Windows Messenger"
"C: \ Program Files \ iTunes \ iTunes.exe" = "C: \ Program Files \ iTunes \ iTunes.exe: *: Enabled: iTunes"
"C: \ Program Files \ MSN Messenger \ msncall.exe" = "C: \ Program Files \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Phone)"
"C: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "C: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"C: \ Program Files \ MSN Messenger \ livecall.exe" = "C: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Phone)"
"% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000"
"C: \ Program Files \ uTorrent \ uTorrent.exe" = "C: \ Program Files \ uTorrent \ uTorrent.exe: *: Enabled: μTorrent"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servizi es \ sharedaccess \ parameters \ firewallpolicy \ domainpr ofilo \ authorizedapplications \ list]
"% windir% \ system32 \ sessmgr.exe" = "% windir% \ system32 \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ Program Files \ MSN Messenger \ msncall.exe" = "C: \ Program Files \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Phone)"
"C: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "C: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"C: \ Program Files \ MSN Messenger \ livecall.exe" = "C: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Phone)"
"% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000"
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 \ (069b2f09-8c7d-11dc-871C-0013205c16a9)]
shell \ Auto \ command - Start.exe
shell \ AutoRun \ command - C: \ WINDOWS \ system32 \ rundll32.exe shell32.dll, ShellExec_RunDLL Start.exe

File associazioni ====== ======
. js - modifica - "C: \ Program Files \ Macromedia \ Dreamweaver 8 \ dreamweaver.exe" "% 1"
====== Elenco dei file e le cartelle create negli ultimi mesi 1 ======
2008-11-06 22:43:21 ---- D ---- C: \ rsit
2008-11-06 22:42:18 ---- D ---- C: \ Documents and Settings \ Adam \ Dati applicazioni \ Malwarebytes
2008-11-06 22:42:13 ---- D ---- C: \ Program Files \ Malwarebytes 'Anti-Malware
2008-11-06 22:42:13 ---- D ---- C: \ Documents and Settings \ All Users \ Dati applicazioni \ Malwarebytes
2008-11-06 22:36:21 ---- D ---- C: \ Documents and Settings \ All Users \ Dati applicazioni \ AVG8
2008-11-06 22:17:46 ---- D ---- C: \ Program Files \ Trend Micro
2008-11-06 21:25:12 ---- D ---- C: \ WINDOWS \ system32 \ AppMgmt
2008-11-06 21:22:34 ---- D ---- C: \ Documents and Settings \ Adam \ Dati applicazioni \ VersionTracker Pro
2008-11-06 21:22:08 ---- D ---- C: \ Program Files \ TechTracker
2008-11-06 19:31:45 ---- D ---- C: \ Program Files \ uTorrent
2008-11-06 19:31:45 ---- D ---- C: \ Documents and Settings \ Adam \ Dati applicazioni \ uTorrent
2008-11-06 19:31:43 ---- D ---- C: \ Programmi \ Avanquest update
2008-11-06 19:31:43 ---- D ---- C: \ Documents and Settings \ All Users \ Dati applicazioni \ BVRP Software
2008-11-06 19:31:40 ---- D ---- C: \ Program Files \ Free Audio Pack
2008-11-06 19:30:51 ---- D ---- C: \ Program Files \ Common Files \ SureThing Shared
2008-11-06 19:30:44 ---- D ---- C: \ Program Files \ Common Files \ Sonic
2008-11-05 13:26:28 ---- D ---- C: \ Documents and Settings \ All Users \ Dati applicazioni \ BVRP Software (2)
2008-11-04 23:51:31 ---- D ---- C: \ Program Files \ tinyproxy
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ javaws.exe
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ javaw.exe
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ java.exe
2008-10-26 11:00:26 ---- A ---- C: \ WINDOWS \ system32 \ PerfStringBackup.TMP
2008-10-25 22:30:23 ---- D ---- C: \ Program Files \ DSA Theory Test
2008-10-25 22:29:24 ---- D ---- C: \ Config.Msi
2008-10-25 22:29:23 ---- D ---- C: \ WINDOWS \ VirtualEar
2008-10-25 19:02:44 ---- D ---- C: \ WINDOWS \ assembly
2008-10-25 19:01:55 ---- D ---- C: \ WINDOWS \ Microsoft.NET
2008-10-25 19:01:06 ---- D ---- C: \ Program Files \ Navman
2008-10-25 01:28:29 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB958644 $
2008-10-15 22:04:03 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB956803 $
2008-10-15 22:03:57 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB956391 $
2008-10-15 22:03:49 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB957095 $
2008-10-15 22:03:06 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB954211 $
2008-10-15 22:02:48 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB956841 $
====== Elenco dei file e le cartelle modificate negli ultimi mesi 1 ======
2008-11-06 22:42:16 ---- D ---- C: \ WINDOWS \ system32 \ drivers
2008-11-06 22:42:13 RD ---- ---- C: \ Program Files
2008-11-06 22:37:58 ---- D ---- C: \ WINDOWS \ Temp
2008-11-06 22:37:33 ---- D ---- C: \ WINDOWS \ system32
2008-11-06 22:36:49 ---- A ---- C: \ WINDOWS \ SchedLgU.Txt
2008-11-06 22:36:16 ---- D ---- C: \ WINDOWS
2008-11-06 22:30:43 ---- ---- RSHDC C: \ WINDOWS \ system32 \ dllcache
2008-11-06 21:46:09 ---- D ---- C: \ WINDOWS \ Prefetch
2008-11-06 21:45:09 SHD ---- ---- C: \ WINDOWS \ Installer
2008-11-06 21:45:08 ---- D ---- C: \ WINDOWS \ WinSxS
2008-11-06 21:45:08 ---- D ---- C: \ Program Files \ Common Files \ Microsoft Shared
2008-11-06 21:24:57 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot
2008-11-06 21:24:56 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot2
2008-11-06 19:32:25 ---- D ---- C: \ WINDOWS \ system32 \ config
2008-11-06 19:32:11 ---- D ---- C: \ WINDOWS \ system32 \ wbem
2008-11-06 19:32:10 ---- D ---- C: \ WINDOWS \ Registration
2008-11-06 19:30:52 HD ---- ---- C: \ WINDOWS \ inf
2008-11-04 23:57:39 ---- D ---- C: \ Program Files \ Common Files
2008-11-04 23:57:26 ---- D ---- C: \ Program Files \ Sonic
2008-11-04 23:56:21 ---- D ---- C: \ Program Files \ Common Files \ Macromedia
2008-11-04 23:56:20 ---- D ---- C: \ WINDOWS \ Downloaded Installations
2008-11-04 23:56:20 ---- D ---- C: \ Program Files \ Macromedia
2008-11-04 23:54:45 HD ---- ---- C: \ Program Files \ InstallShield Installation Information
2008-10-26 11:13:15 ---- D ---- C: \ Program Files \ Java
2008-10-25 22:29:27 ---- D ---- C: \ WINDOWS \ system32 \ dla
2008-10-25 22:29:26 ---- D ---- C: \ WINDOWS \ security
2008-10-25 22:28:47 ---- D ---- C: \ WINDOWS \ system32 \ Restore
2008-10-25 19:25:27 ---- D ---- C: \ Program Files \ Common Files \ InstallShield
2008-10-25 19:25:13 ---- D ---- C: \ WINDOWS \ system
2008-10-25 19:23:42 ---- D ---- C: \ Program Files \ MSN
2008-10-25 19:16:19 SD ---- ---- C: \ Documents and Settings \ Adam \ Application Data \ Microsoft
2008-10-25 19:01:59 ---- D ---- C: \ Program Files \ Internet Explorer
2008-10-25 01:28:39 ---- A ---- C: \ WINDOWS \ imsins.BAK
2008-10-25 01:27:53 HD ---- ---- C: \ WINDOWS \ $ $ hf_mig
2008-10-25 00:58:29 ---- A ---- C: \ WINDOWS \ win.ini
2008-10-16 15:35:17 ---- A ---- C: \ WINDOWS \ system32 \ PerfStringBackup.INI
2008-10-15 16:57:55 ---- A ---- C: \ WINDOWS \ system32 \ netapi32.dll
2008-10-15 16:57:55 ---- A ---- C: \ WINDOWS \ system32 \ netapi32 (2). Dll
====== Elenco dei conducenti (R = Corsa S = Arrestato, boot = 0, 1 = sistema, 2 = Auto, 3 = domanda, 4 = disabili )======
R1 intelppm; driver Intel Processor; C: \ WINDOWS \ system32 \ DRIVERS \ intelppm.sys [2004-08-04 36096]
R1 kbdhid; Tastiera HID driver; C: \ WINDOWS \ system32 \ drivers \ kbdhid.sys [2004-08-04 14848]
R1 sscdbhk5; sscdbhk5; C: \ WINDOWS \ system32 \ drivers \ sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln; ssrtln; C: \ WINDOWS \ system32 \ drivers \ ssrtln.sys [2004-07-14 23545]
R2 drvnddm; drvnddm; C: \ WINDOWS \ system32 \ drivers \ drvnddm.sys [2004-08-13 40544]
R2 INO_FLTR; INO_FLTR; \? \ C: \ WINDOWS \ system32 \ drivers \ ino_fltr.sys []
R2 tfsnboio; tfsnboio; C: \ WINDOWS \ system32 \ dla \ tfsnboio.sys [2004-08-13 25723]
R2 tfsncofs; tfsncofs; C: \ WINDOWS \ system32 \ dla \ tfsncofs.sys [2004-08-13 34843]
R2 tfsndrct; tfsndrct; C: \ WINDOWS \ system32 \ dla \ tfsndrct.sys [2004-08-13 4123]
R2 tfsndres; tfsndres; C: \ WINDOWS \ system32 \ dla \ tfsndres.sys [2004-08-13 2239]
R2 tfsnifs; tfsnifs; C: \ WINDOWS \ system32 \ dla \ tfsnifs.sys [2004-08-13 86202]
R2 tfsnopio; tfsnopio; C: \ WINDOWS \ system32 \ dla \ tfsnopio.sys [2004-08-13 14715]
R2 tfsnpool; tfsnpool; C: \ WINDOWS \ system32 \ dla \ tfsnpool.sys [2004-08-13 6363]
Tfsnudf R2; tfsnudf; C: \ WINDOWS \ system32 \ dla \ tfsnudf.sys [2004-08-13 98714]
R2 tfsnudfa; tfsnudfa; C: \ WINDOWS \ system32 \ dla \ tfsnudfa.sys [2004-08-13 100603]
R3 E100B; Intel (R) PRO Adapter Driver; C: \ WINDOWS \ system32 \ DRIVERS \ e100b325.sys [2004-02-10 154112]
R3 GEARAspiWDM; GEARAspiWDM C: \ WINDOWS \ system32 \ drivers \ GEARAspiWDM.sys [2006-09-19 15664]
R3 hidusb; Microsoft HID Driver Classe C: \ WINDOWS \ system32 \ drivers \ hidusb.sys [2004-08-04 9600]
R3 ialm; ialm; C: \ WINDOWS \ system32 \ DRIVERS \ ialmnt5.sys [2005-09-20 1302332]
R3 MBAMSwissArmy; MBAMSwissArmy; \? \ C: \ WINDOWS \ system32 \ drivers \ mbamswissarmy.sys []
R3 mouhid; HID Mouse Driver; C: \ WINDOWS \ system32 \ drivers \ mouhid.sys [2001-08-17 12160]
R3 senfilt; senfilt; C: \ WINDOWS \ system32 \ drivers \ senfilt.sys [2004-09-17 732928]
R3 smwdm; smwdm; C: \ WINDOWS \ system32 \ drivers \ smwdm.sys [2005-01-27 260352]
R3 usbehci; Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ drivers \ Usbehci.sys [2004-08-04 26624]
R3 usbhub; USB2 Enabled Hub; C: \ WINDOWS \ system32 \ drivers \ Usbhub.sys [2004-08-04 57600]
R3 usbuhci; Microsoft USB Universal Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ drivers \ usbuhci.sys [2004-08-04 20480]
S3 usbccgp; Microsoft USB Generic Parent Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Usbccgp.sys [2004-08-03 31616]
S3 usbprint; Microsoft stampante USB Classe C: \ WINDOWS \ system32 \ drivers \ usbprint.sys [2004-08-03 25856]
S3 USBSTOR; USB Mass Storage Driver; C: \ WINDOWS \ system32 \ drivers \ Usbstor.sys [2004-08-03 26496]
====== Elenco dei servizi (R = Corsa S = Arrestato, boot = 0, 1 = sistema, 2 = Auto, 3 = domanda, 4 = disabili )======
R2 AdobeActiveFileMonitor5.0; Adobe Active File Monitor V5; C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe [2006-09-14 102400]
R2 InoRPC; eTrust Antivirus RPC Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe [2004-04-06 139536]
R2 InoRT; eTrust Antivirus Realtime Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe [2004-04-06 241936]
R2 InoTask; eTrust Antivirus Job Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe [2004-04-06 254224]
R2 UMWdf; Framework driver modalità utente Windows, C: \ WINDOWS \ system32 \ wdfmgr.exe [2005-01-28 38912]
R3 Servizio iPod, iPod Service C: \ Program Files \ iPod \ bin \ iPodService.exe [2006-10-30 492608]
S3 OSE; Office Source Engine; C: \ Program Files \ Common Files \ Microsoft Shared \ Source Engine \ OSE.EXE [2003-07-28 89136]
S3 usnjsvc; Messenger Sharing Folders USN Journal Reader servizio; C: \ Program Files \ MSN Messenger \ usnsvc.exe [2007-01-19 97136]
EOF ----------------- -----------------



"Info.txt":

info.txt logfile di Random's strumento di informazione di sistema 1,04 2008-11-06 22:43:42
Disinstallare elenco ====== ======
-> C: \ Program Files \ DivX \ DivXConverterUninstall.exe / CONVERTITORE
-> C: \ WINDOWS \ system32 \ \ msiexec.exe / i (09DA4F91-2A09-4232-AB8C-6BC740096DE3) REMOVE = UpdateMgrFeature
-> C: \ WINDOWS \ system32 \ \ msiexec.exe / x (1206EF92-2E83-4859-ACCB-2048C3CB7DA6)
-> C: \ WINDOWS \ system32 \ \ msiexec.exe / x (9541FED0-327F-4df0-8B96-EF57EF622F19)
-> Msiexec.exe / i (C4CBAD7E-DF4A-4fec-AC17-8BC709AFB844)
-> rundll32.exe setupapi.dll, DefaultUninstall InstallHinfSection 132 C: \ WINDOWS \ INF \ PCHealth.inf
Adobe Flash Player ActiveX -> C: \ WINDOWS \ system32 \ Macromed \ Flash \ uninstall_acti veX.exe
Adobe Help Center 2.1 -> msiexec.exe / i (25569723-DC5A-4467-A639-79535BF01B71)
Adobe Photoshop Elements 5.0 -> msiexec / I (A7B609FB-83D8-4FC3-8477-1BC65ECFE85B)
Adobe Reader 8 -> msiexec.exe / i (AC76BA86-7AD7-1033-7B44-A80000000002)
Apple Software Update -> msiexec.exe / i (B74F042E-E1B9-4A5B-8D46-387BB172F0A4)
Avanquest update -> C: \ Program Files \ InstallShield Installation Information \ (76E41F43-4F30-59D2-BA42-9A762EE1E8DE) \ Setup.exe-runfromtemp-l0x0009-removeonly
Antivirus eTrust CA -> MsiExec.exe / X (99747F0D-D4F8-4877-9CA0-4AE96D963633)
Canon iP4200 -> C: \ WINDOWS \ system32 \ CNMCP78.exe "PRINTERNAMECanon iP4200" "-HELPERDLLC: \ Documents and Settings \ All Users \ Dati applicazioni \ CanonBJ \ IJPrinter \ CNMWINDOWS \ Canon iP4200 Installer \ inst2 \ cnmis.dll ""-RCDLLcnmi0409.dll "
DivX Codec -> C: \ Program Files \ DivX \ DivXCodecUninstall.exe / CODEC
DivX Content Uploader -> C: \ Program Files \ DivX \ DivXContentUploaderUninstall.exe / CUPLOADER
DivX Converter -> C: \ Program Files \ DivX \ DivXConverterUninstall.exe / CONVERTITORE
DivX Player -> C: \ Program Files \ DivX \ DivXPlayerUninstall.exe / PLAYER
DivX Web Player -> C: \ Program Files \ DivX \ DivXWebPlayerUninstall.exe / PLUGIN
DSA Theory Test -> C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ Driver \ 7 \ INTEL3 ~ 1 \ I driver.exe / M (79D1BA4A-BEB4-4357-A431-C3EF58E72E6C)
Free Mp3 Wma Converter V 1.7.2 -> "C: \ Program Files \ Free Audio Pack \ unins000.exe"
HijackThis 2.0.2 -> "C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe" / uninstall
Hotfix per Windows Internet Explorer 7 (KB947864 )-->" C: \ WINDOWS \ ie7updates \ KB947864-IE7 \ spuninst \ spuninst.exe "
Hotfix per Windows XP (KB914440 )-->" C: \ WINDOWS \ $ NtUninstallKB914440 $ \ spuninst \ spunin st.exe "
Hotfix per Windows XP (KB915865 )-->" C: \ WINDOWS \ $ NtUninstallKB915865 $ \ spuninst \ spunin st.exe "
Hotfix per Windows XP (KB952287 )-->" C: \ WINDOWS \ $ NtUninstallKB952287 $ \ spuninst \ spunin st.exe "
Intel (R) Extreme Graphics 2 Driver -> RUNDLL32.EXE C: \ WINDOWS \ system32 \ ialmrem.dll, UninstallW2KIGfx PCI \ VEN_8086 & DEV_2572
Intel (R) PRO Schede di rete e driver -> Prounstl.exe
iTunes -> msiexec.exe / i (446DBFFA-4088-48E3-8932-74316BA4CAE4)
Java (TM) 6 Update 6 -> msiexec.exe / i (3248F0A8-6813-11D6-A77B-00B0D0160060)
Java (TM) 6 Update 7 -> msiexec.exe / i (3248F0A8-6813-11D6-A77B-00B0D0160070)
Macromedia Dreamweaver 8 -> msiexec.exe / i (0837A661-FEC3-48B3-876C-91E7D32048A9)
Macromedia Extension Manager -> msiexec.exe / i (5546CDB5-2CE2-498B-B059-5B3BF81FC41F)
Malwarebytes' Anti-Malware -> "C: \ Program Files \ Malwarebytes' Anti-Malware \ unins000.exe"
Nomi di dominio di Microsoft internazionalizzato mitigazione API -> "C: \ WINDOWS \ $ NtServicePackUninstallIDNMitigationA PIs $ \ spuninst \ spuninst.exe"
Microsoft National Language Support inferiore API -> "C: \ WINDOWS \ $ NtServicePackUninstallNLSDownlevelMa pping $ \ spuninst \ spuninst.exe"
Microsoft Office Professional Edition 2003 -> msiexec.exe / i (90110409-6000-11D3-8CFE-0150048383C9)
Microsoft Visual C + + 2005 Redistributable -> msiexec.exe / x (7299052b-02a4-4627-81f2-1818da5d550d)
MSN -> C: \ Program Files \ MSN \ MsnInstaller \ msninst.exe / Azione: ARP
MSXML 4.0 SP2 (KB936181) -> msiexec.exe / i (C04E32E0-0416-434D-AFB9-6969D703A9EF)
PowerDVD -> Rundll32 C: \ PROGRA ~ 1 \ COMUNE ~ 1 \ strutture ~ 1 \ motore \ 6 \ INTEL3 ~ 1 \ Ct or.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (6811CAA0-BF12 - 11D4-9EA1-0050BAE317E1) \ setup.exe "-uninstall
QuickTime -> msiexec.exe / i (50D8FFDD-90CD-4859-841F-AA1961C7767A)
Real Alternative 1.7.5 -> "C: \ Program Files \ Real Alternative \ unins000.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB938127 )-->" C: \ WINDOWS \ ie7updates \ KB938127-IE7 \ spuninst \ spuninst.exe "
Aggiornamento della protezione per Windows Internet Explorer 7 (KB939653 )-->" C: \ WINDOWS \ ie7updates \ KB939653-IE7 \ spuninst \ spuninst.exe "
Aggiornamento della protezione per Windows Internet Explorer 7 (KB942615 )-->" C: \ WINDOWS \ ie7updates \ KB942615-IE7 \ spuninst \ spuninst.exe "
Aggiornamento della protezione per Windows Internet Explorer 7 (KB944533 )-->" C: \ WINDOWS \ ie7updates \ KB944533-IE7 \ spuninst \ spuninst.exe "
Aggiornamento della protezione per Windows Internet Explorer 7 (KB950759 )-->" C: \ WINDOWS \ ie7updates \ KB950759-IE7 \ spuninst \ spuninst.exe "
Aggiornamento della protezione per Windows Internet Explorer 7 (KB953838 )-->" C: \ WINDOWS \ ie7updates \ KB953838-IE7 \ spuninst \ spuninst.exe "
Aggiornamento della protezione per Windows Internet Explorer 7 (KB956390 )-->" C: \ WINDOWS \ ie7updates \ KB956390-IE7 \ spuninst \ spuninst.exe "
Aggiornamento della protezione per Windows Media Player (KB911564 )-->" C: \ WINDOWS \ $ NtUninstallKB911564 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows Media Player 6.4 (KB925398 )-->" C: \ WINDOWS \ $ NtUninstallKB925398_WMP64 $ \ spuninst \ spuninst.exe "
Aggiornamento della protezione per Windows Media Player 9 (KB936782 )-->" C: \ WINDOWS \ $ NtUninstallKB936782_WMP9 $ \ spuninst \ s puninst.exe "
Aggiornamento della protezione per Windows XP (KB890046 )-->" C: \ WINDOWS \ $ NtUninstallKB890046 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB893756 )-->" C: \ WINDOWS \ $ NtUninstallKB893756 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB896358 )-->" C: \ WINDOWS \ $ NtUninstallKB896358 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB896423 )-->" C: \ WINDOWS \ $ NtUninstallKB896423 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB896428 )-->" C: \ WINDOWS \ $ NtUninstallKB896428 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB899587 )-->" C: \ WINDOWS \ $ NtUninstallKB899587 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB899591 )-->" C: \ WINDOWS \ $ NtUninstallKB899591 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB900725 )-->" C: \ WINDOWS \ $ NtUninstallKB900725 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB901017 )-->" C: \ WINDOWS \ $ NtUninstallKB901017 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB901190 )-->" C: \ WINDOWS \ $ NtUninstallKB901190 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB901214 )-->" C: \ WINDOWS \ $ NtUninstallKB901214 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB902400 )-->" C: \ WINDOWS \ $ NtUninstallKB902400 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB904706 )-->" C: \ WINDOWS \ $ NtUninstallKB904706 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB905414 )-->" C: \ WINDOWS \ $ NtUninstallKB905414 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB905749 )-->" C: \ WINDOWS \ $ NtUninstallKB905749 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB908519 )-->" C: \ WINDOWS \ $ NtUninstallKB908519 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB911562 )-->" C: \ WINDOWS \ $ NtUninstallKB911562 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB911927 )-->" C: \ WINDOWS \ $ NtUninstallKB911927 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB913580 )-->" C: \ WINDOWS \ $ NtUninstallKB913580 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB914388 )-->" C: \ WINDOWS \ $ NtUninstallKB914388 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB914389 )-->" C: \ WINDOWS \ $ NtUninstallKB914389 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB917344 )-->" C: \ WINDOWS \ $ NtUninstallKB917344 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB917953 )-->" C: \ WINDOWS \ $ NtUninstallKB917953 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB918118 )-->" C: \ WINDOWS \ $ NtUninstallKB918118 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB918439 )-->" C: \ WINDOWS \ $ NtUninstallKB918439 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB919007 )-->" C: \ WINDOWS \ $ NtUninstallKB919007 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB920213 )-->" C: \ WINDOWS \ $ NtUninstallKB920213 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB920670 )-->" C: \ WINDOWS \ $ NtUninstallKB920670 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB920683 )-->" C: \ WINDOWS \ $ NtUninstallKB920683 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB920685 )-->" C: \ WINDOWS \ $ NtUninstallKB920685 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB921503 )-->" C: \ WINDOWS \ $ NtUninstallKB921503 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB922819 )-->" C: \ WINDOWS \ $ NtUninstallKB922819 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB923191 )-->" C: \ WINDOWS \ $ NtUninstallKB923191 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB923414 )-->" C: \ WINDOWS \ $ NtUninstallKB923414 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB923689 )-->" C: \ WINDOWS \ $ NtUninstallKB923689 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB923789) -> C: \ WINDOWS \ system32 \ Macromed \ Flash \ genuinst.exe C: \ WINDOWS \ system32 \ Macromed \ Flash \ KB923789.inf
Aggiornamento della protezione per Windows XP (KB923980 )-->" C: \ WINDOWS \ $ NtUninstallKB923980 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB924270 )-->" C: \ WINDOWS \ $ NtUninstallKB924270 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB924496 )-->" C: \ WINDOWS \ $ NtUninstallKB924496 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB924667 )-->" C: \ WINDOWS \ $ NtUninstallKB924667 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB925902 )-->" C: \ WINDOWS \ $ NtUninstallKB925902 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB926255 )-->" C: \ WINDOWS \ $ NtUninstallKB926255 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB926436 )-->" C: \ WINDOWS \ $ NtUninstallKB926436 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (927779 )-->" C: \ WINDOWS \ $ NtUninstallKB927779 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB927802 )-->" C: \ WINDOWS \ $ NtUninstallKB927802 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB928255 )-->" C: \ WINDOWS \ $ NtUninstallKB928255 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB928843 )-->" C: \ WINDOWS \ $ NtUninstallKB928843 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB929123 )-->" C: \ WINDOWS \ $ NtUninstallKB929123 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB930178 )-->" C: \ WINDOWS \ $ NtUninstallKB930178 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB931261 )-->" C: \ WINDOWS \ $ NtUninstallKB931261 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB931784 )-->" C: \ WINDOWS \ $ NtUninstallKB931784 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB932168 )-->" C: \ WINDOWS \ $ NtUninstallKB932168 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB933729 )-->" C: \ WINDOWS \ $ NtUninstallKB933729 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB935839 )-->" C: \ WINDOWS \ $ NtUninstallKB935839 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB935840 )-->" C: \ WINDOWS \ $ NtUninstallKB935840 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB936021 )-->" C: \ WINDOWS \ $ NtUninstallKB936021 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB937894 )-->" C: \ WINDOWS \ $ NtUninstallKB937894 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB938127 )-->" C: \ WINDOWS \ $ NtUninstallKB938127 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB938464 )-->" C: \ WINDOWS \ $ NtUninstallKB938464 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB938829 )-->" C: \ WINDOWS \ $ NtUninstallKB938829 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB939653 )-->" C: \ WINDOWS \ $ NtUninstallKB939653 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB941202 )-->" C: \ WINDOWS \ $ NtUninstallKB941202 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB941568 )-->" C: \ WINDOWS \ $ NtUninstallKB941568 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB941569 )-->" C: \ WINDOWS \ $ NtUninstallKB941569 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB941644 )-->" C: \ WINDOWS \ $ NtUninstallKB941644 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB941693 )-->" C: \ WINDOWS \ $ NtUninstallKB941693 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB943055 )-->" C: \ WINDOWS \ $ NtUninstallKB943055 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB943460 )-->" C: \ WINDOWS \ $ NtUninstallKB943460 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB943485 )-->" C: \ WINDOWS \ $ NtUninstallKB943485 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB944653 )-->" C: \ WINDOWS \ $ NtUninstallKB944653 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB945553 )-->" C: \ WINDOWS \ $ NtUninstallKB945553 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB946026 )-->" C: \ WINDOWS \ $ NtUninstallKB946026 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB946648 )-->" C: \ WINDOWS \ $ NtUninstallKB946648 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB948590 )-->" C: \ WINDOWS \ $ NtUninstallKB948590 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB948881 )-->" C: \ WINDOWS \ $ NtUninstallKB948881 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB950749 )-->" C: \ WINDOWS \ $ NtUninstallKB950749 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB950760 )-->" C: \ WINDOWS \ $ NtUninstallKB950760 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB950762 )-->" C: \ WINDOWS \ $ NtUninstallKB950762 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB950974 )-->" C: \ WINDOWS \ $ NtUninstallKB950974 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB951066 )-->" C: \ WINDOWS \ $ NtUninstallKB951066 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB951376 )-->" C: \ WINDOWS \ $ NtUninstallKB951376 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB951376-v2 )-->" C: \ WINDOWS \ $ NtUninstallKB951376-v2 $ \ spuninst \ spuninst.exe "
Aggiornamento della protezione per Windows XP (KB951698 )-->" C: \ WINDOWS \ $ NtUninstallKB951698 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB951748 )-->" C: \ WINDOWS \ $ NtUninstallKB951748 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB952954 )-->" C: \ WINDOWS \ $ NtUninstallKB952954 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB953839 )-->" C: \ WINDOWS \ $ NtUninstallKB953839 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB954211 )-->" C: \ WINDOWS \ $ NtUninstallKB954211 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB956391 )-->" C: \ WINDOWS \ $ NtUninstallKB956391 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB956803 )-->" C: \ WINDOWS \ $ NtUninstallKB956803 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB956841 )-->" C: \ WINDOWS \ $ NtUninstallKB956841 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB957095 )-->" C: \ WINDOWS \ $ NtUninstallKB957095 $ \ spuninst \ spunin st.exe "
Aggiornamento della protezione per Windows XP (KB958644 )-->" C: \ WINDOWS \ $ NtUninstallKB958644 $ \ spuninst \ spunin st.exe "
Sonic DLA -> msiexec.exe / i (1206EF92-2E83-4859-ACCB-2048C3CB7DA6)
Sonic RecordNow! Plus -> msiexec.exe / i (9541FED0-327s-4DF0-8B96-EF57EF622F19)
Sonic Update Manager -> msiexec.exe / i (09DA4F91-2A09-4232-AB8C-6BC740096DE3)
Sony Ericsson PC Suite 3.102.00 -> C: \ Program Files \ InstallShield Installation Information \ (2FFE93F0-BB72-4E52-8761-354D1AAA9387) \ setup.exe-runfromtemp-l0x0009-removeonly
SoundMAX -> RunDll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ PROFES ~ 1 \ RunTime \ 10 \ 00 \ Intel32 \ Ctor.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (F0A37341 -D692-11D4-A984-009027EC0A9C) \ SETUP.EXE "-l0x9-removeonly
Aggiornamento per Windows XP (KB894391 )-->" C: \ WINDOWS \ $ NtUninstallKB894391 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB898461 )-->" C: \ WINDOWS \ $ NtUninstallKB898461 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB900485 )-->" C: \ WINDOWS \ $ NtUninstallKB900485 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB904942 )-->" C: \ WINDOWS \ $ NtUninstallKB904942 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB908531 )-->" C: \ WINDOWS \ $ NtUninstallKB908531 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB910437 )-->" C: \ WINDOWS \ $ NtUninstallKB910437 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB911280 )-->" C: \ WINDOWS \ $ NtUninstallKB911280 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB916595 )-->" C: \ WINDOWS \ $ NtUninstallKB916595 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB920872 )-->" C: \ WINDOWS \ $ NtUninstallKB920872 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB922582 )-->" C: \ WINDOWS \ $ NtUninstallKB922582 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB927891 )-->" C: \ WINDOWS \ $ NtUninstallKB927891 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB930916 )-->" C: \ WINDOWS \ $ NtUninstallKB930916 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB932823-v3 )-->" C: \ WINDOWS \ $ NtUninstallKB932823-v3 $ \ spuninst \ spuninst.exe "
Aggiornamento per Windows XP (KB933360 )-->" C: \ WINDOWS \ $ NtUninstallKB933360 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB936357 )-->" C: \ WINDOWS \ $ NtUninstallKB936357 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB938828 )-->" C: \ WINDOWS \ $ NtUninstallKB938828 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB942763 )-->" C: \ WINDOWS \ $ NtUninstallKB942763 $ \ spuninst \ spunin st.exe "
Aggiornamento per Windows XP (KB951072-v2 )-->" C: \ WINDOWS \ $ NtUninstallKB951072-v2 $ \ spuninst \ spuninst.exe "
Windows Installer 3.1 (KB893803 )-->" C: \ WINDOWS \ $ MSI31Uninstall_KB893803v2 $ \ spuninst \ spuninst.exe "
Windows Internet Explorer 7 -> "C: \ WINDOWS \ IE7 \ spuninst \ spuninst.exe"
Windows Live Messenger -> msiexec.exe / i (571700F0-DB9D-4B3A-B03D-35A14BB5939F)
Windows Live Sign-in Assistant -> msiexec.exe / i (22B3CC30-77B8-419C-AA4B-F571FDF5D66D)
Windows Media Format Runtime -> "C: \ Program Files \ Windows Media Player \ wmsetsdk.exe" / UninstallAll
Windows XP Hotfix - KB873339 -> C: \ WINDOWS \ $ NtUninstallKB873339 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB885835 -> C: \ WINDOWS \ $ NtUninstallKB885835 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB885836 -> C: \ WINDOWS \ $ NtUninstallKB885836 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB886185 -> C: \ WINDOWS \ $ NtUninstallKB886185 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB887472 -> C: \ WINDOWS \ $ NtUninstallKB887472 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB888302 -> C: \ WINDOWS \ $ NtUninstallKB888302 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB890859 -> "C: \ WINDOWS \ $ NtUninstallKB890859 $ \ spuninst \ spunin st.exe"
Windows XP Hotfix - KB891781 -> C: \ WINDOWS \ $ NtUninstallKB891781 $ \ spuninst \ spunins t.exe
WinRAR archiver -> C: \ Program Files \ WinRAR \ uninstall.exe
WinZip -> "C: \ Program Files \ WinZip \ WINZIP32.EXE" / uninstall
Variabili d'ambiente ====== ======
"ComSpec" =% SystemRoot% \ system32 \ cmd.exe
"Path" =% SystemRoot% \ system32;% SystemRoot%;% SystemR oot% \ System32 \ Wbem; C: \ PROGRA ~ 1 \ CA \ SHARED ~ 1 \ SCANEN ~ 1 C: \ PROGRA ~ 1 \ CA \ ETrust ~ 1 C: \ Program Files \ QuickTime \ QTSystem \
"windir" =% SystemRoot%
"FP_NO_HOST_CHECK" = NO
"OS" = Windows_NT
"PROCESSOR_ARCHITECTURE" = x86
"PROCESSOR_LEVEL" = 15
"PROCESSOR_IDENTIFIER" = x86 Family 15 Model 4 Stepping 1, GenuineIntel
"PROCESSOR_REVISION" = 0401
"NUMBER_OF_PROCESSORS" = 1
"PATHEXT" =. COM;. EXE;. BAT;. CMD;. VBS;. VBE;. JS;. Jse;. WSF;. WSH
"TEMP" =% SystemRoot% \ TEMP
"TMP" =% SystemRoot% \ TEMP
"AVENGINE" = C: \ PROGRA ~ 1 \ CA \ SHARED ~ 1 \ SCANEN ~ 1
"Inoculan" = C: \ PROGRA ~ 1 \ CA \ ETrust ~ 1
"CLASSPATH" =.; C: \ Program Files \ QuickTime \ QTSystem \ QTJava.zip
"QTJAVA" = C: \ Program Files \ QuickTime \ QTSystem \ QTJava.zip
EOF ----------------- -----------------


In attesa di malwarebytes per finire:)

[ah24]

Malwarebytes' Anti-Malware 1,30
Versione del database: 1370
5/1/2600 Windows Service Pack 2
06/11/2008 22:51:35
mbam-log-2008-11-06 (22-51-35). txt
Tipo di scansione: Quick Scan
Scansione di oggetti: 52.152
Tempo trascorso: 8 minuti (s), 22 secondi (s)
Processi di memoria infetti: 0
Moduli di memoria infetti: 0
Chiavi di registro infetti: 1
Valori del registro infetti: 0
I dati del Registro di oggetti infetti: 0
Cartelle infette: 1
File infetti: 2
Processi di memoria infetti:
(N. oggetti dannosi individuati)
Moduli di memoria infetti:
(N. oggetti dannosi individuati)
Chiavi di registro infette:
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0) (Adware.VideoEgg) -> quarantena ed eliminato con successo.
Valori del registro infetti:
(N. oggetti dannosi individuati)
I dati del Registro di oggetti infetti:
(N. oggetti dannosi individuati)
Cartelle infette:
C: \ Program Files \ TinyProxy (Trojan.Proxy) -> No action taken.
I file infetti:
C: \ Program Files \ TinyProxy \ tinyproxy (2). Exe (Trojan.Proxy) -> No action taken.
C: \ WINDOWS \ fmark2.dat (Malware.Trace) -> No action taken.

[evilfantasy]

Avevo bisogno di Malwarebytes log prima. Dopo che è finito RSIT quindi eseguire una nuova scansione e posta il log. Sarà solo per creare un log la seconda volta.

Ora RSIT eseguire una nuova scansione e posta il log.

[ah24]

There you go dude ..

Logfile casuale del sistema di strumento di informazione 1,04 (scritto da casuale / random)
Gestito da Adam at 2008-11-06 23:00:19
Microsoft Windows XP Professional Service Pack 2
System drive C: dispone di 42 GB (57%) esente da 73 GB
Totali di RAM: 510 MB (40% libero)
Logfile di Trend Micro HijackThis v2.0.2
Scan saved at 23:00:23, il 06/11/2008
Piattaforma: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Processi in esecuzione:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ WinZip \ WZQKPICK.EXE
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ Documents and Settings \ Adam \ Desktop \ RSIT.exe
C: \ Program Files \ Trend Micro \ HijackThis \ Adam.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/ig?hl=en
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll (file mancanti)
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / r
O4 - HKLM \ .. \ Run: [Realtime Monitor] C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe-s
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ apdproxy.exe"
O4 - HKLM \ .. \ RunOnce: [Malwarebytes' Anti-Malware] C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamgui.exe / install / silent
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Sony Ericsson PC Suite] "C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe" / systray / nologon
O4 - HKUS \ S-1-5-18 \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C: \ Program Files \ WinZip \ WZQKPICK.EXE
O8 - Extra contesto voce di menu: E & sporta in Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ micros ~ 2 \ Office11 \ EXCEL.EXE/3000
O9 - Extra pulsante: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra pulsante: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ micros ~ 2 \ Office11 \ REFIEBAR.DLL
O9 - Extra pulsante: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra pulsante: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Class) -- http://support.euro.dell.com/systemprofiler/SysPro.CAB
Ø16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab
Ø16 - DPF: (138E6DC9-4F4B-722B-B09D-95D191869696) (Bebo Uploader Control) -- http://www.bebo.com/files/BeboUploader.5.1.4.cab
Ø16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
Ø16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
Ø16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Sconosciuto proprietario - C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
--
End of file - 6622 bytes
====== ====== Cartella Operazioni pianificate
C: \ WINDOWS \ compiti \ AppleSoftwareUpdate.job
====== ====== Registro discarica
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3)]
Adobe PDF Reader Link Helper - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0)]
AVG Safe Search - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll []
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (5CA3D70E-1895-11CF-8E15-001234567890)]
DriveLetterAccess - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll [2004-08-13 118842]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)]
SSVHelper Class - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (7E853D72-626A-48EC-A868-BA8D5E23E045)]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (9030D464-4C02-4ABF-8ECC-5164760863C6)]
Windows Live Sign-in Helper - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll [2006-07-07 324416]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Run]
"CcApp" = C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe [2004-10-14 1404928]
"dla" = C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe [2004-08-13 122939]
"SunJavaUpdateSched" = C: \ Programmi \ File comuni \ Sonic \ Update Manager \ sgtray.exe [2004-01-07 110592]
"Realtime Monitor" = C: \ PROGRA ~ 1 \ CA \ ETrust ~ 1 \ realmon.exe [2004-04-06 504080]
"" = []
"CTFMON.EXE" = C: \ WINDOWS \ system32 \ igfxtray.exe [2005-09-20 94208]
"iTunesHelper" = C: \ WINDOWS \ system32 \ hkcmd.exe [2005-09-20 77824]
"SunJavaUpdateSched" = C: \ WINDOWS \ system32 \ hkcmd.exe [2005-09-20 114688]
"QuickTime Task" = C: \ Program Files \ QuickTime \ qttask.exe [2006-10-25 282624]
"Software Update" = C: \ Program Files \ iTunes \ iTunesHelper.exe [2006-10-30 256576]
"SunJavaUpdateSched" = C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe [2008-06-10 144784]
"Adobe Photo Downloader" = C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ apdproxy.exe [2006-09-14 61440]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ RunOnce]
"Malwarebytes 'Anti-Malware" = C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamgui.exe [2008-10-22 399504]
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"ctfmon.exe" = C: \ WINDOWS \ system32 \ ctfmon.exe [2004-08-04 15360]
"Sony Ericsson PC Suite" = C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe [2007-10-18 356352]
C: \ Documents and Settings \ All Users \ Menu Avvio \ Programmi \ Startup
Adobe Gamma - C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe
Adobe Reader Synchronizer.lnk - C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
WinZip Quick Pick.lnk - C: \ Program Files \ WinZip \ WZQKPICK.EXE
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \ igfxcui]
C: \ WINDOWS \ system32 \ igfxdev.dll [2005-09-20 135168]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ System]
"dontdisplaylastusername" = 0
"LegalNoticeCaption" =
"LegalNoticeText" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Policies \ Explorer]
"NoDriveTypeAutoRun" = 145
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servizi es \ sharedaccess \ parameters \ firewallpolicy \ profilo standard \ authorizedapplications \ list]
"% windir% \ system32 \ sessmgr.exe" = "% windir% \ system32 \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ Program Files \ Messenger \ msmsgs.exe" = "C: \ Program Files \ Messenger \ msmsgs.exe: *: Enabled: Windows Messenger"
"C: \ Program Files \ iTunes \ iTunes.exe" = "C: \ Program Files \ iTunes \ iTunes.exe: *: Enabled: iTunes"
"C: \ Program Files \ MSN Messenger \ msncall.exe" = "C: \ Program Files \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Phone)"
"C: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "C: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"C: \ Program Files \ MSN Messenger \ livecall.exe" = "C: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Phone)"
"% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000"
"C: \ Program Files \ uTorrent \ uTorrent.exe" = "C: \ Program Files \ uTorrent \ uTorrent.exe: *: Enabled: μTorrent"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servizi es \ sharedaccess \ parameters \ firewallpolicy \ domainpr ofilo \ authorizedapplications \ list]
"% windir% \ system32 \ sessmgr.exe" = "% windir% \ system32 \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ Program Files \ MSN Messenger \ msncall.exe" = "C: \ Program Files \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Phone)"
"C: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "C: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"C: \ Program Files \ MSN Messenger \ livecall.exe" = "C: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Phone)"
"% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000"
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 \ (069b2f09-8c7d-11dc-871C-0013205c16a9)]
shell \ Auto \ command - Start.exe
shell \ AutoRun \ command - C: \ WINDOWS \ system32 \ rundll32.exe shell32.dll, ShellExec_RunDLL Start.exe

File associazioni ====== ======
. js - modifica - "C: \ Program Files \ Macromedia \ Dreamweaver 8 \ dreamweaver.exe" "% 1"
====== Elenco dei file e le cartelle create negli ultimi mesi 1 ======
2008-11-06 22:43:21 ---- D ---- C: \ rsit
2008-11-06 22:42:18 ---- D ---- C: \ Documents and Settings \ Adam \ Dati applicazioni \ Malwarebytes
2008-11-06 22:42:13 ---- D ---- C: \ Program Files \ Malwarebytes 'Anti-Malware
2008-11-06 22:42:13 ---- D ---- C: \ Documents and Settings \ All Users \ Dati applicazioni \ Malwarebytes
2008-11-06 22:36:21 ---- D ---- C: \ Documents and Settings \ All Users \ Dati applicazioni \ AVG8
2008-11-06 22:17:46 ---- D ---- C: \ Program Files \ Trend Micro
2008-11-06 21:25:12 ---- D ---- C: \ WINDOWS \ system32 \ AppMgmt
2008-11-06 21:22:34 ---- D ---- C: \ Documents and Settings \ Adam \ Dati applicazioni \ VersionTracker Pro
2008-11-06 21:22:08 ---- D ---- C: \ Program Files \ TechTracker
2008-11-06 19:31:45 ---- D ---- C: \ Program Files \ uTorrent
2008-11-06 19:31:45 ---- D ---- C: \ Documents and Settings \ Adam \ Dati applicazioni \ uTorrent
2008-11-06 19:31:43 ---- D ---- C: \ Programmi \ Avanquest update
2008-11-06 19:31:43 ---- D ---- C: \ Documents and Settings \ All Users \ Dati applicazioni \ BVRP Software
2008-11-06 19:31:40 ---- D ---- C: \ Program Files \ Free Audio Pack
2008-11-06 19:30:51 ---- D ---- C: \ Program Files \ Common Files \ SureThing Shared
2008-11-06 19:30:44 ---- D ---- C: \ Program Files \ Common Files \ Sonic
2008-11-05 13:26:28 ---- D ---- C: \ Documents and Settings \ All Users \ Dati applicazioni \ BVRP Software (2)
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ javaws.exe
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ javaw.exe
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ java.exe
2008-10-26 11:00:26 ---- A ---- C: \ WINDOWS \ system32 \ PerfStringBackup.TMP
2008-10-25 22:30:23 ---- D ---- C: \ Program Files \ DSA Theory Test
2008-10-25 22:29:24 ---- D ---- C: \ Config.Msi
2008-10-25 22:29:23 ---- D ---- C: \ WINDOWS \ VirtualEar
2008-10-25 19:02:44 ---- D ---- C: \ WINDOWS \ assembly
2008-10-25 19:01:55 ---- D ---- C: \ WINDOWS \ Microsoft.NET
2008-10-25 19:01:06 ---- D ---- C: \ Program Files \ Navman
2008-10-25 01:28:29 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB958644 $
2008-10-15 22:04:03 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB956803 $
2008-10-15 22:03:57 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB956391 $
2008-10-15 22:03:49 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB957095 $
2008-10-15 22:03:06 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB954211 $
2008-10-15 22:02:48 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB956841 $
====== Elenco dei file e le cartelle modificate negli ultimi mesi 1 ======
2008-11-06 22:51:35 RD ---- ---- C: \ Program Files
2008-11-06 22:51:35 ---- D ---- C: \ WINDOWS
2008-11-06 22:42:16 ---- D ---- C: \ WINDOWS \ system32 \ drivers
2008-11-06 22:37:58 ---- D ---- C: \ WINDOWS \ Temp
2008-11-06 22:37:33 ---- D ---- C: \ WINDOWS \ system32
2008-11-06 22:36:49 ---- A ---- C: \ WINDOWS \ SchedLgU.Txt
2008-11-06 22:30:43 ---- ---- RSHDC C: \ WINDOWS \ system32 \ dllcache
2008-11-06 21:46:09 ---- D ---- C: \ WINDOWS \ Prefetch
2008-11-06 21:45:09 SHD ---- ---- C: \ WINDOWS \ Installer
2008-11-06 21:45:08 ---- D ---- C: \ WINDOWS \ WinSxS
2008-11-06 21:45:08 ---- D ---- C: \ Program Files \ Common Files \ Microsoft Shared
2008-11-06 21:24:57 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot
2008-11-06 21:24:56 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot2
2008-11-06 19:32:25 ---- D ---- C: \ WINDOWS \ system32 \ config
2008-11-06 19:32:11 ---- D ---- C: \ WINDOWS \ system32 \ wbem
2008-11-06 19:32:10 ---- D ---- C: \ WINDOWS \ Registration
2008-11-06 19:30:53 ---- D ---- C: \ Program Files \ Common Files \ Macromedia
2008-11-06 19:30:52 HD ---- ---- C: \ WINDOWS \ inf
2008-11-04 23:57:39 ---- D ---- C: \ Program Files \ Common Files
2008-11-04 23:57:26 ---- D ---- C: \ Program Files \ Sonic
2008-11-04 23:56:20 ---- D ---- C: \ WINDOWS \ Downloaded Installations
2008-11-04 23:56:20 ---- D ---- C: \ Program Files \ Macromedia
2008-11-04 23:54:45 HD ---- ---- C: \ Program Files \ InstallShield Installation Information
2008-10-26 11:13:15 ---- D ---- C: \ Program Files \ Java
2008-10-25 22:29:27 ---- D ---- C: \ WINDOWS \ system32 \ dla
2008-10-25 22:29:26 ---- D ---- C: \ WINDOWS \ security
2008-10-25 22:28:47 ---- D ---- C: \ WINDOWS \ system32 \ Restore
2008-10-25 19:25:27 ---- D ---- C: \ Program Files \ Common Files \ InstallShield
2008-10-25 19:25:13 ---- D ---- C: \ WINDOWS \ system
2008-10-25 19:23:42 ---- D ---- C: \ Program Files \ MSN
2008-10-25 19:16:19 SD ---- ---- C: \ Documents and Settings \ Adam \ Application Data \ Microsoft
2008-10-25 19:01:59 ---- D ---- C: \ Program Files \ Internet Explorer
2008-10-25 01:28:39 ---- A ---- C: \ WINDOWS \ imsins.BAK
2008-10-25 01:27:53 HD ---- ---- C: \ WINDOWS \ $ $ hf_mig
2008-10-25 00:58:29 ---- A ---- C: \ WINDOWS \ win.ini
2008-10-16 15:35:17 ---- A ---- C: \ WINDOWS \ system32 \ PerfStringBackup.INI
2008-10-15 16:57:55 ---- A ---- C: \ WINDOWS \ system32 \ netapi32.dll
2008-10-15 16:57:55 ---- A ---- C: \ WINDOWS \ system32 \ netapi32 (2). Dll
====== Elenco dei conducenti (R = Corsa S = Arrestato, boot = 0, 1 = sistema, 2 = Auto, 3 = domanda, 4 = disabili )======
R1 intelppm; driver Intel Processor; C: \ WINDOWS \ system32 \ DRIVERS \ intelppm.sys [2004-08-04 36096]
R1 kbdhid; Tastiera HID driver; C: \ WINDOWS \ system32 \ drivers \ kbdhid.sys [2004-08-04 14848]
R1 sscdbhk5; sscdbhk5; C: \ WINDOWS \ system32 \ drivers \ sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln; ssrtln; C: \ WINDOWS \ system32 \ drivers \ ssrtln.sys [2004-07-14 23545]
R2 drvnddm; drvnddm; C: \ WINDOWS \ system32 \ drivers \ drvnddm.sys [2004-08-13 40544]
R2 INO_FLTR; INO_FLTR; \? \ C: \ WINDOWS \ system32 \ drivers \ ino_fltr.sys []
R2 tfsnboio; tfsnboio; C: \ WINDOWS \ system32 \ dla \ tfsnboio.sys [2004-08-13 25723]
R2 tfsncofs; tfsncofs; C: \ WINDOWS \ system32 \ dla \ tfsncofs.sys [2004-08-13 34843]
R2 tfsndrct; tfsndrct; C: \ WINDOWS \ system32 \ dla \ tfsndrct.sys [2004-08-13 4123]
R2 tfsndres; tfsndres; C: \ WINDOWS \ system32 \ dla \ tfsndres.sys [2004-08-13 2239]
R2 tfsnifs; tfsnifs; C: \ WINDOWS \ system32 \ dla \ tfsnifs.sys [2004-08-13 86202]
R2 tfsnopio; tfsnopio; C: \ WINDOWS \ system32 \ dla \ tfsnopio.sys [2004-08-13 14715]
R2 tfsnpool; tfsnpool; C: \ WINDOWS \ system32 \ dla \ tfsnpool.sys [2004-08-13 6363]
Tfsnudf R2; tfsnudf; C: \ WINDOWS \ system32 \ dla \ tfsnudf.sys [2004-08-13 98714]
R2 tfsnudfa; tfsnudfa; C: \ WINDOWS \ system32 \ dla \ tfsnudfa.sys [2004-08-13 100603]
R3 E100B; Intel (R) PRO Adapter Driver; C: \ WINDOWS \ system32 \ DRIVERS \ e100b325.sys [2004-02-10 154112]
R3 GEARAspiWDM; GEARAspiWDM C: \ WINDOWS \ system32 \ drivers \ GEARAspiWDM.sys [2006-09-19 15664]
R3 hidusb; Microsoft HID Driver Classe C: \ WINDOWS \ system32 \ drivers \ hidusb.sys [2004-08-04 9600]
R3 ialm; ialm; C: \ WINDOWS \ system32 \ DRIVERS \ ialmnt5.sys [2005-09-20 1302332]
R3 mouhid; HID Mouse Driver; C: \ WINDOWS \ system32 \ drivers \ mouhid.sys [2001-08-17 12160]
R3 senfilt; senfilt; C: \ WINDOWS \ system32 \ drivers \ senfilt.sys [2004-09-17 732928]
R3 smwdm; smwdm; C: \ WINDOWS \ system32 \ drivers \ smwdm.sys [2005-01-27 260352]
R3 usbehci; Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ drivers \ Usbehci.sys [2004-08-04 26624]
R3 usbhub; USB2 Enabled Hub; C: \ WINDOWS \ system32 \ drivers \ Usbhub.sys [2004-08-04 57600]
R3 usbuhci; Microsoft USB Universal Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ drivers \ usbuhci.sys [2004-08-04 20480]
S3 usbccgp; Microsoft USB Generic Parent Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Usbccgp.sys [2004-08-03 31616]
S3 usbprint; Microsoft stampante USB Classe C: \ WINDOWS \ system32 \ drivers \ usbprint.sys [2004-08-03 25856]
S3 USBSTOR; USB Mass Storage Driver; C: \ WINDOWS \ system32 \ drivers \ Usbstor.sys [2004-08-03 26496]
====== Elenco dei servizi (R = Corsa S = Arrestato, boot = 0, 1 = sistema, 2 = Auto, 3 = domanda, 4 = disabili )======
R2 AdobeActiveFileMonitor5.0; Adobe Active File Monitor V5; C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe [2006-09-14 102400]
R2 InoRPC; eTrust Antivirus RPC Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe [2004-04-06 139536]
R2 InoRT; eTrust Antivirus Realtime Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe [2004-04-06 241936]
R2 InoTask; eTrust Antivirus Job Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe [2004-04-06 254224]
R2 UMWdf; Framework driver modalità utente Windows, C: \ WINDOWS \ system32 \ wdfmgr.exe [2005-01-28 38912]
R3 Servizio iPod, iPod Service C: \ Program Files \ iPod \ bin \ iPodService.exe [2006-10-30 492608]
S3 OSE; Office Source Engine; C: \ Program Files \ Common Files \ Microsoft Shared \ Source Engine \ OSE.EXE [2003-07-28 89136]
S3 usnjsvc; Messenger Sharing Folders USN Journal Reader servizio; C: \ Program Files \ MSN Messenger \ usnsvc.exe [2007-01-19 97136]
EOF ----------------- -----------------