Log di Combofix

[la_nuvola_del_cielo]

salve a tutti, sono nuova e appena registrata. avrei proprio bisogno di aiuto. sono giorni ormai che cerco una soluzione al mio problema. sono ormai diversi mesi :shock: che non appena accendo il pc, mi compaiono questi errori :
C:WINDOWS\system32\zitosaba.dll impossibile trovare il file,
C:WINDOWS\system32\dadutiwo.dll impossibile trovare il file,
C:WINDOWS\system32\nakizeju.dll impossibile trovare il file.
credo che siano virus e leggendo in diversi forum, sono venuta a conoscenza di un programma chiamato "combofix". So che non dovrebbe essere usato da utenti inesperti, però ho voluto ugualmente provare. il problema ora è che non so leggere (ovviamente) il log, per questo speravo che qualche esperto potessi aiutarmi e dirmi se ho risolto il problema. grazie mille anticipatamente a tutti coloro che mi aiuteranno. :)

 

[la_nuvola_del_cielo]

ComboFix 11-10-24.05 - silvio 25/10/2011 14.28.05.1.2 - x86
Eseguito da: c:\documents and settings\silvio\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\silvio\Dati applicazioni\OfferBox
c:\documents and settings\silvio\Dati applicazioni\OfferBox\config.dat
c:\documents and settings\silvio\Dati applicazioni\OfferBox\config.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\1.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\a.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\b.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\c.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\d.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\e.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\f.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\g.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\h.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\hs_err_pid3964.log
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\i.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\J.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\k.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\l.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\m.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\mru.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\n.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\o.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\p.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\q.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\r.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\s.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\t.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\u.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\v.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\w.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\x.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\y.xml
c:\documents and settings\silvio\Dati applicazioni\PriceGong\Data\z.xml
c:\documents and settings\silvio\Dati applicazioni\Toolbar4
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\10b1a842b230637ced26bc349e830548
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\27c746d432b7a753a0af8d7c033b46fe
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\2b4ad282984708f7b89800e17a257476
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\2cc60d08b36af576b11419505050cc6e
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\36edbd9cd1d972f7b815c3c429d9e778
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\5d25dd004ed9512e16e1d76d6deb2a6c
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\757a20d7a75ae93435ac64a6095eab39
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\7de8d03c11171392f13556e99a778dd2
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9956734e872eec3ea3e17f52e84dc6cc
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9d810aab3f7bcbacb07c241f8d726714
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\a69230ed96e110ffbd3876fb9f0fcf09
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\c48c9e27c16419ab995d48b077a802ff
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\e43835bd9a7f5d8a9b492d6be3ec5a29
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\f3e2bcdb3bbb6a523369916ee0c81fc1
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\fb95fd1b987bd4ffbcb67783e51679ec
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\39abfaaf5a7604d26841f1e6964e0c45
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\7194c540cf64d1633b25197fb406d2aa
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\a3ebcb949679e33ee2dfd0bf099aab01
c:\documents and settings\silvio\Dati applicazioni\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\d6b92ca08d0da3d05283baa6bc6528bf
c:\documents and settings\silvio\Impostazioni locali\Dati applicazioni\qmwbugbl.dat
c:\documents and settings\silvio\Impostazioni locali\Dati applicazioni\qmwbugbl_nav.dat
c:\documents and settings\silvio\Impostazioni locali\Dati applicazioni\qmwbugbl_navps.dat
c:\documents and settings\silvio\WINDOWS
c:\programmi\Dynamic Toolbar
c:\programmi\Dynamic Toolbar\batch.bat
c:\programmi\Dynamic Toolbar\Cache\go.bmp
c:\programmi\Dynamic Toolbar\Cache\home.bmp
c:\programmi\Dynamic Toolbar\Cache\logo_pb.bmp
c:\programmi\Dynamic Toolbar\Cache\parent_off.bmp
c:\programmi\Dynamic Toolbar\Cache\parent_on.bmp
c:\programmi\Dynamic Toolbar\Cache\pbitv2tb0200.cfg
c:\programmi\Dynamic Toolbar\Cache\popup_off.bmp
c:\programmi\Dynamic Toolbar\Cache\popup_on.bmp
c:\programmi\Dynamic Toolbar\Cache\search.bmp
c:\programmi\Dynamic Toolbar\Cache\services.bmp
c:\programmi\Dynamic Toolbar\Cache\skin.bmp
c:\programmi\Dynamic Toolbar\Cache\skin1.bmp
c:\programmi\Dynamic Toolbar\Cache\skin2.bmp
c:\programmi\Dynamic Toolbar\Cache\skin3.bmp
c:\programmi\Dynamic Toolbar\Cache\skin4.bmp
c:\programmi\Dynamic Toolbar\Cache\skin5.bmp
c:\programmi\Dynamic Toolbar\Cache\store.bmp
c:\programmi\Dynamic Toolbar\Cache\style.css
c:\programmi\Dynamic Toolbar\Cache\support.bmp
c:\programmi\Dynamic Toolbar\Cache\ticker.xml
c:\programmi\Dynamic Toolbar\PBITV2\Cache\ErrorLog.txt
c:\programmi\Dynamic Toolbar\PBITV2\Cache\go.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\home.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\logo_pb.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\parent_off.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\parent_on.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\pbitv2tb0200.cfg
c:\programmi\Dynamic Toolbar\PBITV2\Cache\popup_off.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\popup_on.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\search.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\services.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\skin.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\skin1.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\skin2.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\skin3.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\skin4.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\skin5.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\store.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\style.css
c:\programmi\Dynamic Toolbar\PBITV2\Cache\support.bmp
c:\programmi\Dynamic Toolbar\PBITV2\Cache\ticker.xml
c:\programmi\Dynamic Toolbar\unins000.dat
c:\programmi\Dynamic Toolbar\unins000.exe
c:\programmi\OfferBox
c:\programmi\OfferBox\OfferBoxBHO.dll
c:\programmi\WebScout FileBulldog Toolbar\tbHElper.dll
c:\windows\DOWNLO~1\DOWNlo~1.ocx
c:\windows\IsUn0410.exe
.
.

 

[la_nuvola_del_cielo]

((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_RKHIT
.
.
((((((((((((((((((((((((( Files Creati Da 2011-09-25 al 2011-10-25 )))))))))))))))))))))))))))))))))))
.
.
2011-10-24 17:18 . 2011-10-24 17:18 -------- d-----w- C:\86285e24e03545e601764337a4ea31
2011-10-24 13:38 . 2011-10-24 13:38 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nero
2011-10-23 23:09 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-10-23 23:09 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-10-23 23:09 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2011-10-23 23:09 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2011-10-23 23:08 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2011-10-23 23:08 . 2011-10-23 23:08 -------- d-----w- c:\windows\Logs
2011-10-23 20:03 . 2001-08-30 21:07 421917 ----a-w- c:\windows\system32\dllcache\dgconfig.dll
2011-10-23 20:03 . 2001-08-30 19:13 29787 ----a-w- c:\windows\system32\dllcache\dgapci.sys
2011-10-23 20:03 . 2001-08-17 18:11 24649 ----a-w- c:\windows\system32\dllcache\dfe650d.sys
2011-10-23 20:03 . 2001-08-17 18:11 24648 ----a-w- c:\windows\system32\dllcache\dfe650.sys
2011-10-23 20:03 . 2001-08-30 21:08 24064 ----a-w- c:\windows\system32\dllcache\devldr32.exe
2011-10-23 20:03 . 2001-08-30 21:07 256512 ----a-w- c:\windows\system32\dllcache\devcon32.dll
2011-10-23 20:03 . 2001-08-17 18:11 20928 ----a-w- c:\windows\system32\dllcache\defpa.sys
2011-10-23 20:03 . 2001-08-17 19:52 7424 ----a-w- c:\windows\system32\dllcache\ddsmc.sys
2011-10-23 20:01 . 2001-08-17 18:11 39936 ----a-w- c:\windows\system32\dllcache\cnxt1803.sys
2011-10-23 20:01 . 2001-08-30 21:07 44032 ----a-w- c:\windows\system32\dllcache\cnusd.dll
2011-10-23 20:01 . 2001-08-30 18:37 20992 ----a-w- c:\windows\system32\dllcache\cmbp0wdm.sys
2011-10-23 20:01 . 2001-08-17 19:57 248064 ----a-w- c:\windows\system32\dllcache\cl546xm.sys
2011-10-23 20:01 . 2001-08-30 21:07 170880 ----a-w- c:\windows\system32\dllcache\cl546x.dll
2011-10-23 20:01 . 2001-08-30 21:07 111232 ----a-w- c:\windows\system32\dllcache\cl5465.dll
2011-10-23 20:01 . 2001-08-17 19:57 45696 ----a-w- c:\windows\system32\dllcache\cirrus.sys
2011-10-23 20:01 . 2001-08-30 21:07 91264 ----a-w- c:\windows\system32\dllcache\cirrus.dll
2011-10-23 20:01 . 2001-08-30 18:33 272640 ----a-w- c:\windows\system32\dllcache\cinemclc.sys
2011-10-23 19:59 . 2001-08-17 20:04 223232 ----a-w- c:\windows\system32\dllcache\camdrv21.sys
2011-10-23 19:59 . 2001-08-17 20:05 314752 ----a-w- c:\windows\system32\dllcache\camdro21.sys
2011-10-23 19:59 . 2001-08-30 18:19 13952 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
2011-10-23 19:58 . 2001-08-17 18:11 31529 ----a-w- c:\windows\system32\dllcache\brzwlan.sys
2011-10-23 19:58 . 2001-08-17 19:12 10368 ----a-w- c:\windows\system32\dllcache\brusbscn.sys
2011-10-23 19:58 . 2001-08-17 19:12 11008 ----a-w- c:\windows\system32\dllcache\brusbmdm.sys
2011-10-23 19:58 . 2001-08-17 19:12 60416 ----a-w- c:\windows\system32\dllcache\brserwdm.sys
2011-10-23 19:58 . 2001-08-30 21:07 9728 ----a-w- c:\windows\system32\dllcache\brserif.dll
2011-10-23 19:58 . 2001-08-30 21:07 5120 ----a-w- c:\windows\system32\dllcache\brscnrsm.dll
2011-10-23 19:58 . 2001-08-30 18:18 39680 ----a-w- c:\windows\system32\dllcache\brparwdm.sys
2011-10-23 19:58 . 2001-08-17 19:12 3168 ----a-w- c:\windows\system32\dllcache\brparimg.sys
2011-10-23 19:58 . 2001-08-30 21:07 41472 ----a-w- c:\windows\system32\dllcache\brmfusb.dll
2011-10-23 19:57 . 2001-08-30 21:08 32256 ----a-w- c:\windows\system32\dllcache\brmfrsmg.exe
2011-10-23 19:57 . 2001-08-30 21:07 29696 ----a-w- c:\windows\system32\dllcache\brmflpt.dll
2011-10-23 19:57 . 2001-08-30 21:07 81920 ----a-w- c:\windows\system32\dllcache\brmfcwia.dll
2011-10-23 19:57 . 2001-08-30 21:07 15360 ----a-w- c:\windows\system32\dllcache\brmfbidi.dll
2011-10-23 19:57 . 2001-08-17 19:12 3968 ----a-w- c:\windows\system32\dllcache\brfiltup.sys
2011-10-23 19:57 . 2001-08-17 19:12 12160 ----a-w- c:\windows\system32\dllcache\brfiltlo.sys
2011-10-23 19:57 . 2001-08-17 19:12 2944 ----a-w- c:\windows\system32\dllcache\brfilt.sys
2011-10-23 19:57 . 2001-08-30 21:07 12800 ----a-w- c:\windows\system32\dllcache\brevif.dll
2011-10-23 19:56 . 2001-08-30 21:07 9728 ----a-w- c:\windows\system32\dllcache\brcoinst.dll
2011-10-23 19:56 . 2001-08-30 21:07 19456 ----a-w- c:\windows\system32\dllcache\brbidiif.dll
2011-10-23 19:55 . 2001-08-30 21:07 102912 ----a-w- c:\windows\system32\dllcache\binlsvc.dll
2011-10-23 19:54 . 2008-04-13 18:46 11776 ----a-w- c:\windows\system32\dllcache\bdasup.sys
2011-10-23 19:54 . 2001-08-17 19:28 871388 ----a-w- c:\windows\system32\dllcache\bcmdm.sys
2011-10-23 19:53 . 2001-08-17 18:11 26568 ----a-w- c:\windows\system32\dllcache\bcm4e5.sys
2011-10-23 19:53 . 2001-08-17 18:11 54271 ----a-w- c:\windows\system32\dllcache\bcm42xx5.sys
2011-10-23 19:52 . 2001-08-17 18:11 66557 ----a-w- c:\windows\system32\dllcache\bcm42u.sys
2011-10-23 19:51 . 2001-08-17 18:48 36128 ----a-w- c:\windows\system32\dllcache\banshee.sys
2011-10-23 19:50 . 2001-08-30 21:07 342336 ----a-w- c:\windows\system32\dllcache\banshee.dll
2011-10-23 19:50 . 2001-08-30 18:02 97152 ----a-w- c:\windows\system32\dllcache\b57xp32.sys
2011-10-23 19:50 . 2001-08-17 18:13 89952 ----a-w- c:\windows\system32\dllcache\b1cbase.sys
2011-10-23 19:49 . 2001-08-17 18:19 36992 ----a-w- c:\windows\system32\dllcache\aztw2320.sys
2011-10-23 19:48 . 2001-08-17 18:13 37568 ----a-w- c:\windows\system32\dllcache\avmwan.sys
2011-10-23 19:47 . 2001-08-30 21:07 144384 ----a-w- c:\windows\system32\dllcache\avmenum.dll
2011-10-23 19:47 . 2001-08-30 21:07 87552 ----a-w- c:\windows\system32\dllcache\avmcoxp.dll
2011-10-23 19:45 . 2008-04-13 18:46 13696 ----a-w- c:\windows\system32\dllcache\avcstrm.sys
2011-10-23 19:45 . 2001-08-17 20:01 36096 ----a-w- c:\windows\system32\dllcache\avcaudio.sys
2011-10-23 19:44 . 2008-04-13 18:46 38912 ----a-w- c:\windows\system32\dllcache\avc.sys
2011-10-23 19:44 . 2001-08-17 18:49 23552 ----a-w- c:\windows\system32\dllcache\atixbar.sys
2011-10-23 19:44 . 2001-08-17 18:49 26624 ----a-w- c:\windows\system32\dllcache\ativxbar.sys
2011-10-23 19:44 . 2001-08-17 18:49 19456 ----a-w- c:\windows\system32\dllcache\ativttxx.sys
2011-10-23 19:42 . 2001-08-30 17:58 77824 ----a-w- c:\windows\system32\dllcache\ati.sys
2011-10-23 19:42 . 2001-08-30 21:07 96128 ----a-w- c:\windows\system32\dllcache\ati.dll
2011-10-23 19:42 . 2001-08-17 18:12 97354 ----a-w- c:\windows\system32\dllcache\aspndis3.sys
2011-10-23 19:42 . 2001-08-17 19:47 6272 ----a-w- c:\windows\system32\dllcache\apmbatt.sys
2011-10-23 19:42 . 2004-08-03 20:31 36224 ----a-w- c:\windows\system32\dllcache\an983.sys
2011-10-23 19:41 . 2001-08-17 18:11 16969 ----a-w- c:\windows\system32\dllcache\amb8002.sys
2011-10-23 19:41 . 2001-08-17 19:49 26624 ----a-w- c:\windows\system32\dllcache\alifir.sys
2011-10-23 19:41 . 2001-08-17 18:11 27678 ----a-w- c:\windows\system32\dllcache\ali5261.sys
2011-10-23 19:40 . 2001-08-17 18:11 46112 ----a-w- c:\windows\system32\dllcache\adptsf50.sys
2011-10-23 19:40 . 2004-08-03 20:32 10880 ----a-w- c:\windows\system32\dllcache\admjoy.sys
2011-10-23 19:40 . 2001-08-17 18:19 747392 ----a-w- c:\windows\system32\dllcache\adm8830.sys
2011-10-23 19:40 . 2001-08-17 18:19 553984 ----a-w- c:\windows\system32\dllcache\adm8820.sys
2011-10-23 19:40 . 2001-08-17 18:19 584448 ----a-w- c:\windows\system32\dllcache\adm8810.sys
2011-10-23 19:40 . 2001-08-17 18:11 20160 ----a-w- c:\windows\system32\dllcache\adm8511.sys
2011-10-23 19:40 . 2001-08-17 19:53 7424 ----a-w- c:\windows\system32\dllcache\adicvls.sys
2011-10-23 19:39 . 2001-08-30 21:07 61952 ----a-w- c:\windows\system32\dllcache\acerscad.dll
2011-10-23 19:39 . 2004-08-03 20:32 84480 ----a-w- c:\windows\system32\dllcache\ac97via.sys
2011-10-23 19:39 . 2001-08-17 18:20 297728 ----a-w- c:\windows\system32\dllcache\ac97sis.sys
2011-10-23 19:39 . 2001-08-17 18:20 96256 ----a-w- c:\windows\system32\dllcache\ac97intc.sys
2011-10-23 19:39 . 2004-08-03 20:32 231552 ----a-w- c:\windows\system32\dllcache\ac97ali.sys
2011-10-23 19:39 . 2001-08-30 21:07 462848 ----a-w- c:\windows\system32\dllcache\a3dapi.dll
2011-10-23 19:39 . 2001-08-30 21:07 98304 ----a-w- c:\windows\system32\dllcache\a3d.dll
2011-10-23 19:39 . 2001-08-30 21:07 38400 ----a-w- c:\windows\system32\dllcache\8514a.dll
2011-10-23 19:39 . 2008-04-13 18:46 48128 ----a-w- c:\windows\system32\dllcache\61883.sys
2011-10-23 19:39 . 2008-04-13 18:40 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys
2011-10-23 19:39 . 2001-08-17 18:48 148352 ----a-w- c:\windows\system32\dllcache\3dfxvsm.sys
2011-10-23 19:39 . 2001-08-30 21:07 689216 ----a-w- c:\windows\system32\dllcache\3dfxvs.dll
2011-10-23 19:38 . 2001-08-17 19:28 762780 ----a-w- c:\windows\system32\dllcache\3cwmcru.sys
2011-10-23 19:38 . 2001-08-17 20:06 11264 ----a-w- c:\windows\system32\dllcache\1394vdbg.sys
2011-10-23 13:21 . 2011-10-23 17:22 -------- d-----w- c:\programmi\WiseFixer
2011-10-20 15:50 . 2011-10-20 16:30 -------- d-----w- c:\programmi\WireBooster
2011-10-20 15:47 . 2011-10-20 15:47 -------- d-----w- c:\programmi\Complitly

 

[la_nuvola_del_cielo]

2011-10-20 15:47 . 2011-10-20 15:47 -------- d-----w- c:\documents and settings\silvio\Dati applicazioni\Complitly
2011-10-20 15:46 . 2011-10-20 15:46 -------- d-----w- c:\documents and settings\silvio\Impostazioni locali\Dati applicazioni\Somoto
2011-10-20 15:46 . 2011-10-25 12:42 -------- d-----w- c:\programmi\WebScout FileBulldog Toolbar
2011-10-15 11:33 . 2011-10-15 11:33 -------- d-----w- c:\documents and settings\silvio\Dati applicazioni\vlc
2011-10-15 09:18 . 2011-10-16 11:16 -------- d-----w- C:\xdccMule v02 ita-eng Compresso zip
2011-10-14 20:23 . 2011-10-14 20:44 -------- d-----w- c:\documents and settings\silvio\Dati applicazioni\mIRC
2011-10-09 17:42 . 2011-10-09 19:55 115369 ----a-w- c:\windows\system32\drivers\klin.dat
2011-10-09 17:42 . 2011-10-09 19:55 97961 ----a-w- c:\windows\system32\drivers\klick.dat
2011-10-09 17:42 . 2011-04-24 21:13 110992 ----a-w- c:\programmi\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2\components\abhelperxpcom.dll
2011-10-09 17:42 . 2011-04-24 21:13 147856 ----a-w- c:\programmi\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2\components\kavlinkfilter.dll
2011-10-09 17:37 . 2011-10-09 17:37 -------- d-----w- c:\programmi\Kaspersky Lab
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-19 10:50 . 2011-05-24 18:33 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41 . 2008-07-29 18:59 613888 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2004-09-03 09:36 23040 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2004-09-03 09:36 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2004-09-03 09:36 603136 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 14:10 . 2004-09-03 09:36 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-17 21:24 . 2004-09-03 09:36 832512 ----a-w- c:\windows\system32\wininet.dll
2011-08-17 21:24 . 2004-09-03 09:36 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-17 21:24 . 2004-09-03 09:36 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-08-17 21:24 . 2004-09-03 09:36 17408 ----a-w- c:\windows\system32\corpol.dll
2011-08-17 13:49 . 2004-09-03 09:36 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-17 12:22 . 2004-09-03 09:36 389120 ----a-w- c:\windows\system32\html.iec
2011-08-12 11:51 . 2006-09-15 16:05 26488 ----a-w- c:\windows\system32\spupdsvc.exe
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 17:17 1487240 ----a-w- c:\programmi\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-03-02 39408]
"SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-12-08 975360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-19 208952]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-12 7577600]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-06-12 86016]
"ISUSPM Startup"="c:\progra~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"EverioService"="c:\programmi\CyberLink\PCM4Everio\EverioService.exe" [2006-11-22 151552]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-02-23 106496]
"DetectorApp"="c:\programmi\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 102400]
"Collegamento alla pagina delle proprietà di High Definition Audio"="HDAShCut.exe" [2005-01-07 61952]
"ISUSScheduler"="c:\programmi\File comuni\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2006-05-12 774233]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"PCMService"="c:\apps\Powercinema\PCMService.exe" [2006-02-23 147456]
"nwiz"="nwiz.exe" [2006-06-12 1519616]
"BabylonToolbar"="c:\programmi\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\silvio\Menu Avvio\Programmi\Esecuzione automatica\
OpenOffice.org 3.1.lnk - c:\documents and settings\silvio\Desktop\OpenOffice.org 3\program\quickstart.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 EsetNod32Fix;Nod32 AV;c:\windows\Regedit.exe [2008-04-14 151552]
R2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [2011-03-02 136176]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-01-08 36608]
R3 gtermddo;gtermddo;c:\docume~1\silvio\IMPOST~1\Temp\gtermddo.sys [x]
R3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\Google\Update\GoogleUpdate.exe [2011-03-02 136176]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11352]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2011-03-10 34608]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19472]
.
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-10-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2011-03-02 21:25]
.
2011-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2011-03-02 21:25]
.
2011-10-25 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\programmi\Ask.com\UpdateTask.exe [2011-02-01 17:17]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = hxxp://www.bigseekpro.com/webscout/{425FE2BE-66B2-439D-AD05-74B16629CE34}
uSearchURL,(Default) = hxxp://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{3BBE32BD-4B03-4295-A33C-8B9423CDCA59}: NameServer = 192.168.1.1,8.8.4.4
TCP: Interfaces\{C1C87F5B-829D-49B2-A81F-DBB766DBDC0D}: NameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\silvio\Dati applicazioni\Mozilla\Firefox\Profiles\i6l204a4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/406
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=406&q=
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programmi\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Softonic-IT Toolbar: {e3393495-8103-46a0-8181-270273eddd60} - %profile%\extensions\{e3393495-8103-46a0-8181-270273eddd60}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\documents and settings\All Users\Dati applicazioni\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.

 

[la_nuvola_del_cielo]

- - - - CHIAVI ORFANE RIMOSSE - - - -
.
BHO-{c72938b5-d27f-4376-aefd-604664464f8b} - (no file)
Toolbar-10 - (no file)
HKCU-Run-fdvnfgw - c:\documents and settings\silvio\impostazioni locali\dati applicazioni\fdvnfgw.exe
HKCU-Run-SUPERAntiSpyware - c:\programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
HKCU-Run-SpybotSD TeaTimer - c:\programmi\Spybot - Search & Destroy\TeaTimer.exe
HKCU-Run-PeerGuardian - c:\programmi\PeerGuardian2\pg2.exe
HKCU-Run-MsnMsgr - c:\programmi\Windows Live\Messenger\MsnMsgr.Exe
HKCU-Run-batshow - c:\docume~1\silvio\DATIAP~1\BITSON~1\gpl stupid.exe
HKCU-Run-AliceMessenger - c:\programmi\Alice Messenger\alicemessenger.exe
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
HKLM-Run-EPSON Stylus C46 Series - c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
HKLM-Run-Automatico EPSON Stylus C46 Series su ACER-C7A2D63CB5 - c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
HKLM-Run-Automatico EPSON Stylus C46 Series su ACER-0CE7F6DC47 - c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
HKLM-Run-EPSON Stylus Photo R240 Series - c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE
HKLM-Run-CPMc7cedf78 - c:\windows\system32\nakizeju.dll
HKLM-Run-c4fdece4 - c:\windows\system32\dadutiwo.dll
HKLM-Run-zerapamoti - c:\windows\system32\zitosaba.dll
HKLM-Run-WinampAgent - c:\programmi\Winamp\winampa.exe
HKLM-Run-SunJavaUpdateSched - c:\programmi\Java\jre1.5.0_04\bin\jusched.exe
HKLM-Run-SMSERIAL - c:\programmi\Motorola\SMSERIAL\sm56hlpr.exe
HKLM-Run-Share-to-Web Namespace Daemon - c:\programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
HKU-Default-Run-msnmsgr - c:\programmi\MSN Messenger\msnmsgr.exe
Notify-WgaLogon - (no file)
AddRemove-Dynamic Toolbar_is1 - c:\programmi\Dynamic Toolbar\unins000.exe
AddRemove-fdvnfgw - c:\documents and settings\silvio\impostazioni locali\dati applicazioni\fdvnfgw.exe
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0410.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-10-25 14:47
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
"ImagePath"="\"c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe\"\00\00\00\00\02\00\00\00\00
[%\00«Ô’|\00\00\00\00\00\00\00\00\00\00\00\00(\00\00\00\00\00/\03pè\13\00pè\13\00\18î"
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-2064341827-335126699-2364305210-1006\Software\Skype\Phone\UI]
@DACL=(02 0000)
@SACL=
"Version"=dword:02000249
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{4E7BD74F-2B8D-469E-A0E8-EB65B685FA7D}\ProgID]
@DACL=(02 0000)
@SACL=
@="pbitv2.PBITV2"
.
[HKEY_LOCAL_MACHINE\software\Classes\ThumbnailObj\CLSID]
@DACL=(02 0000)
@SACL=
@="{6AA1F5E0-106A-11CE-B9DA-00001B003195}"
.
[HKEY_LOCAL_MACHINE\software\Classes\ThumbnailObj\DefaultIcon]
@DACL=(02 0000)
@SACL=
@="c:\\Programmi\\Ulead Systems\\Ulead PhotoImpact 10 SE\\ABMRES.DLL,1"
.
[HKEY_LOCAL_MACHINE\software\Classes\ThumbnailObj\Insertable]
@DACL=(02 0000)
@SACL=
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\ThumbnailObj\protocol]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Classes\ThumbnailObj\shell]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Classes\WMSServer.Server\CLSID]
@DACL=(02 0000)
@SACL=
@="{845FB959-4279-11D2-BF23-00805FBE84A6}"
.
[HKEY_LOCAL_MACHINE\software\Classes\WMSServer.Server\CurVer]
@DACL=(02 0000)
@SACL=
@="WMSServer.Server.9"
.
[HKEY_LOCAL_MACHINE\software\Classes\WMSServer.Server.9\CLSID]
@DACL=(02 0000)
@SACL=
@="{845FB959-4279-11D2-BF23-00805FBE84A6}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]
@DACL=(02 0000)
@SACL=
"WMPlayer.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]
@DACL=(02 0000)
@SACL=
"WMPlayer.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]
@DACL=(02 0000)
@SACL=
"WMPlayer.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]
@DACL=(02 0000)
@SACL=
"WMPlayer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"winmail.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]
@DACL=(02 0000)
@SACL=
"WMPlayer.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]
@DACL=(02 0000)
@SACL=
"WMPlayer.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]
@DACL=(02 0000)
@SACL=
"WMPlayer.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\10.0]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\services]
@DACL=(02 0000)
@SACL=
"NoServices"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Settings]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{077ACEC7-979C-40AB-9835-435BA1511E0D}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{077ACEC7-979C-40AB-9835-435BA1511E0D}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{077ACEC7-979C-40AB-9835-435BA1511E0D}\\MPPRE10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{077ACEC7-979C-40AB-9835-435BA1511E0D}\\mppre10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{30C7234B-6482-4A55-A11D-ECD9030313F2}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{30C7234B-6482-4A55-A11D-ECD9030313F2}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\WMDM10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\wmdm10.cat"
.

 

[la_nuvola_del_cielo]

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{3695EB93-6443-448D-8E2E-1F6F4FC79BC1}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Pacchetto di eccezioni AsfError di Windows Media"
"ComponentGUID"="{3695EB93-6443-448D-8E2E-1F6F4FC79BC1}"
"Version"=dword:00090000
"Sub-Version"=dword:00000ba4
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{3695EB93-6443-448D-8E2E-1F6F4FC79BC1}\\asferr.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{3695EB93-6443-448D-8E2E-1F6F4FC79BC1}\\asferr.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{3FDF25EE-E592-4495-8391-6E9C504DAC2B}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\\WMSET10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\\wmset10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60204BB3-7078-4F70-8F69-68297621941C}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{60204BB3-7078-4F70-8F69-68297621941C}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{60204BB3-7078-4F70-8F69-68297621941C}\\MPSTUB10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{60204BB3-7078-4F70-8F69-68297621941C}\\mpstub10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{89FDAB62-6F46-4C7E-A559-E00B9A0BACB6}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Services 9 Series SDK"
"ComponentGUID"="{89FDAB62-6F46-4C7E-A559-E00B9A0BACB6}"
"Version"=dword:00090000
"Sub-Version"=dword:00000cca
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{89FDAB62-6F46-4C7E-A559-E00B9A0BACB6}\\wmstypelib.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{89FDAB62-6F46-4C7E-A559-E00B9A0BACB6}\\wmstypelib.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{981FB688-E76B-4246-987B-92083185B90A}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{981FB688-E76B-4246-987B-92083185B90A}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\WPD10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wpd10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{A47B3654-48EE-48A5-B629-97D70175E58F}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{A47B3654-48EE-48A5-B629-97D70175E58F}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\codecs10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\codecs10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\WMFSDK10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\wmfsdk10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\DRM10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\drm10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}\\MPCD10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}\\mpcd10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{DD90D410-1823-43EB-9A16-A2331BF08799}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{DD90D410-1823-43EB-9A16-A2331BF08799}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000e3e
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{DD90D410-1823-43EB-9A16-A2331BF08799}\\WMP10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{DD90D410-1823-43EB-9A16-A2331BF08799}\\wmp10.cat"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\OptionalComponents\SwDir]
@DACL=(02 0000)
@SACL=
"Installed"="1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\OptionalComponents\SwFlash]
@DACL=(02 0000)
@SACL=
"Installed"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDeviceClasses]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDevices]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Symantec\CCPD-LC]
@DACL=(02 0000)
@SACL=
"AutoRenewSubs"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Symantec\Shared Technology]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Symantec\SharedUsage]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Ulead Systems\Ulead Video ToolBox\2.0\Installer]
@DACL=(02 0000)
@SACL=
"ProductName"="Ulead Video ToolBox %s SE"
"ProductVersion"="2.01.0100"
"Specially"=""
"Product Version"="2.01.0100"
"Product Build"=" SE"
"snLanguage"="28"
"szLanguage"="Italian"
"Serial Number"="783A7-22000-99919932"
"Path"="c:\\Programmi\\Ulead Systems\\Ulead Video ToolBox 2.0 SE"
"ProgramGroupName"="Ulead Video ToolBox 2.0 SE"
"ProjectNumber"="130007220.510400001"
"Ulead AC3 pack"="Ulead Video ToolBox 2"
"AC3 Language"="Italian"
.
[HKEY_LOCAL_MACHINE\software\Ulead Systems\Ulead Video ToolBox\2.0\Preference]
@DACL=(02 0000)
@SACL=
"TV System"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Ulead Systems\Ulead VideoStudio\8.0\Installer]
@DACL=(02 0000)
@SACL=
"ProductName"="Ulead VideoStudio %s"
"ProgramGroupName"="Ulead VideoStudio 8.0 SE DVD"
"Specially"="SE DVD"
"ProductVersion"="8.00.0100"
"Product Version"="8.00.0100"
"Product Build"="SE DVD"
"snLanguage"="28"
"szLanguage"="Italian"
"Serial Number"="781A2-98000-91739917"
"Path"="c:\\APPS\\UVS8_IT"
"ProjectNumber"="130202980.510100000"

 

[la_nuvola_del_cielo]

[HKEY_LOCAL_MACHINE\software\Ulead Systems\Ulead VideoStudio\8.0\Preference]
@DACL=(02 0000)
@SACL=
"TV System"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Ulead Systems\Ulead VideoStudio\8.0\Template]
@DACL=(02 0000)
@SACL=
"Path0"="c:\\APPS\\UVS8_IT\\Template\\Classic"
"Path1"="c:\\APPS\\UVS8_IT\\Template\\Nature"
"Path2"="c:\\APPS\\UVS8_IT\\Template\\Corporate"
"Path3"="c:\\APPS\\UVS8_IT\\Template\\Sports"
"Path4"="c:\\APPS\\UVS8_IT\\Template\\Home Movie"
"Path5"="c:\\APPS\\UVS8_IT\\Template\\Romantic"
"Path6"="c:\\APPS\\UVS8_IT\\Template\\Cool"
"ThemeName0"="Classico"
"ThemeName1"="Natura"
"ThemeName2"="Aziendale"
"ThemeName3"="Sportivo"
"ThemeName4"="Video amatoriale"
"ThemeName5"="Romantico"
"ThemeName6"="Formale"
"LayoutPath0"="c:\\APPS\\UVS8_IT\\Template\\Customize\\Layout"
"LayoutName0"="Layout"
"NavBtnPath0"="c:\\APPS\\UVS8_IT\\Template\\Customize\\Navigation Button"
"NavBtnName0"="Pulsante di esplorazione"
"FramePath0"="c:\\APPS\\UVS8_IT\\Template\\Customize\\Frame"
"FrameName0"="Frame"
"FavoritePath0"="PerUser\\My Documents\\Ulead VideoStudio\\8.0\\My Favorites"
"FavoriteName0"="Preferiti"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'explorer.exe'(3280)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
c:\apps\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
c:\programmi\CyberLink\Shared Files\RichVideo.exe
c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
c:\programmi\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
c:\apps\Powercinema\Kernel\TV\CLSched.exe
c:\windows\ATK0100\ATKOSD.exe
.
**************************************************************************
.
Ora fine scansione: 2011-10-25 15:01:41 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2011-10-25 13:01
.
Pre-Run: 22.092.103.680 byte disponibili
Post-Run: 26.868.441.088 byte disponibili
.
Current=5 Default=5 Failed=4 LastKnownGood=6 Sets=1,2,3,4,5,6
- - End Of File - - 7A0501749AC90BCC3BF2A52620A40D0D

 

[FDAC]

Disinstalla:
BabylonToolbar, WireBooster, WiseFixer, mIRC e Emule.

Script personalizzato di ComboFix

Avviso: non eseguire ComboFix di tua iniziativa; questo tool non è un giocattolo e non è adatto ad un uso quotidiano.

Apri il Block Note: Start> Tutti i programmi> Accessori> Blocco note
● all'interno del nuovo documento di testo, copia ed incolla le seguenti righe:

Folder::
c:\programmi\Ask.com
c:\programmi\WebScout FileBulldog Toolbar
C:\xdccMule v02 ita-eng Compresso zip

DDS::
mStart Page = hxxp://www.bigseekpro.com/webscout/{425FE2BE-66B2-439D-AD05-74B16629CE34}

File::
c:\docume~1\silvio\IMPOST~1\Temp\gtermddo.sys
c:\windows\system32\drivers\klin.dat
c:\windows\system32\drivers\klick.dat

Driver::
gtermddo

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
[-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

● chiama questo file CFScript.txt, e posizionalo sul Desktop

Molto importante! Disabilita temporaneamente il tuo antivirus e firewall prima di seguire la procedura indicata. Potrebbero infatti interferire con ComboFix o rimuovere alcuni dei suoi file incorporati che possono portare a risultati imprevedibili.
Facendo riferimento all'immagine presente qui sotto, trascina con il puntatore del mouse CFScript.txt sull'icona di ComboFix
ComboFix ora eseguirà una scansione del tuo sistema. Una volta terminata, potrebbe riavviare automaticamente il sistema: in caso contrario, procedi tu manualmente.
A questo punto, il programma produrrà un Report. Copia ed incolla il log nel tuo prossimo post.

http://img155.imageshack.us/img155/4837/cfscriptop0.gif

Nota - riguardo alla procedura:
● non toccare assolutamente il mouse e la tastiera durante la scansione: potrebbe interrompersi

D'ora in poi, per allegare i report, fai riferimento a questo specchiett: qui sul forum sono ingombranti e scomodi da leggere.

Carica un file su Wikisend: Wikisend: free file sharing service

● accedi al sito indicato sopra
● clicca sul bottone Sfoglia...
● individua il file: C:\ComboFix.txt
● clicca sul pulsante Apri
● clicca sul bottone blu Upload file
● copia il Forum link in un post sul forum

 

[la_nuvola_del_cielo]

grazie mille per la risposta e per le preziose informazioni. ho solo una domanda , perchè devo disinstallare mirc ed emule?

 

[FDAC]

Perchè sono portatori di infezioni. Tutto ciò che scarichi da programmi peer to peer costituiscono un serio pericolo persino per la tua privacy e i tuoi dati personali.