vai nella cartella system 32 e controlla che siano presenti i due file mancanti
wscntfy.exe
xmlprov.dll
se non li trovi prova ad eseguire quello che ti ho descritto nell'altro post
Moderatori: m.paolo, kadosh, Luke57
file::
c:\programmi\Symantec\LiveUpdate\NDETECT.EXE
c:\windows\Tasks\Symantec NetDetect.job
Folder::
c:\programmi\Symantec
c:\programmi\Symantec\LiveUpdate
ComboFix 10-02-10.05 - Roberto 11/02/2010 18.40.05.5.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.495.214 [GMT 1:00]
Eseguito da: c:\documents and settings\Roberto\Desktop\combofix.exe
Opzioni usate :: c:\documents and settings\Roberto\Desktop\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00000002-0002-0000-6C25-9E7C08000A00}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
FILE ::
"c:\programmi\Symantec\LiveUpdate\NDETECT.EXE"
"c:\windows\Tasks\Symantec NetDetect.job"
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programmi\Symantec
c:\programmi\Symantec\LiveUpdate\1.Settings.Default.LiveUpdate
c:\programmi\Symantec\LiveUpdate\ALUNOTIFY.EXE
c:\programmi\Symantec\LiveUpdate\AUPDATE.EXE
c:\programmi\Symantec\LiveUpdate\LSETUP.EXE
c:\programmi\Symantec\LiveUpdate\LuAll.cnt
c:\programmi\Symantec\LiveUpdate\LUALL.EXE
c:\programmi\Symantec\LiveUpdate\LUALL.HLP
c:\programmi\Symantec\LiveUpdate\LuComServer.EXE
c:\programmi\Symantec\LiveUpdate\LuComServerPS.DLL
c:\programmi\Symantec\LiveUpdate\ludirloc.dat
c:\programmi\Symantec\LiveUpdate\LUINFO.INF
c:\programmi\Symantec\LiveUpdate\LUInit.exe
c:\programmi\Symantec\LiveUpdate\LUInit.ini
c:\programmi\Symantec\LiveUpdate\LUINSDLL.DLL
c:\programmi\Symantec\LiveUpdate\LuResult.txt
c:\programmi\Symantec\LiveUpdate\NDETECT.EXE
c:\programmi\Symantec\LiveUpdate\NetDetectController.DLL
c:\programmi\Symantec\LiveUpdate\ProductRegCom.DLL
c:\programmi\Symantec\LiveUpdate\ProductRegComPS.DLL
c:\programmi\Symantec\LiveUpdate\S32LIVE1.DLL
c:\programmi\Symantec\LiveUpdate\S32LUCP1.CPL
c:\programmi\Symantec\LiveUpdate\S32LUIS1.DLL
c:\programmi\Symantec\LiveUpdate\S32LUWI1.DLL
c:\programmi\Symantec\LiveUpdate\SymantecRootInstaller.exe
c:\windows\Tasks\Symantec NetDetect.job
.
((((((((((((((((((((((((( Files Creati Da 2010-01-11 al 2010-02-11 )))))))))))))))))))))))))))))))))))
.
2010-02-11 15:44 . 2010-02-11 15:44 -------- d-sh--w- c:\documents and settings\Roberto\PrivacIE
2010-02-11 15:37 . 2010-02-11 15:37 -------- d-sh--w- c:\documents and settings\Roberto\IETldCache
2010-02-11 15:34 . 2010-02-11 15:34 -------- d-----w- c:\windows\system32\NtmsData
2010-02-11 15:30 . 2010-02-11 15:30 -------- d-----w- c:\windows\ie8updates
2010-02-11 15:28 . 2010-02-11 15:28 -------- d--h--w- c:\windows\ie8
2010-02-10 17:29 . 2009-12-11 08:38 69120 ------w- c:\windows\system32\dllcache\iecompat.dll
2010-02-10 17:29 . 2009-12-21 19:06 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-10 17:29 . 2009-12-21 19:06 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-10 17:29 . 2009-12-21 19:06 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-10 17:29 . 2009-12-21 19:06 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll
2010-02-10 17:29 . 2009-12-21 19:06 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-02-10 17:29 . 2009-12-21 19:06 11070464 ------w- c:\windows\system32\dllcache\ieframe.dll
2010-02-10 14:11 . 2010-02-10 14:11 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2010-02-10 14:01 . 2010-02-10 14:01 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2010-02-10 10:52 . 2010-02-10 10:52 -------- d-----w- c:\windows\ServicePackFiles
2010-02-10 10:40 . 2010-02-10 10:41 -------- d-----w- c:\windows\EHome
2010-02-09 16:50 . 2010-02-09 16:50 -------- d-----w- c:\documents and settings\Roberto\Dati applicazioni\Malwarebytes
2010-02-09 16:50 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-09 16:50 . 2010-02-09 16:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-02-09 16:50 . 2010-01-07 15:07 18520 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-09 16:50 . 2010-02-09 16:50 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-02-09 14:50 . 2010-02-09 14:50 -------- d-----w- C:\FOUND.001
2010-02-09 11:49 . 2010-02-09 11:49 388096 ----a-r- c:\documents and settings\Roberto\Dati applicazioni\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-02-09 11:49 . 2010-02-09 11:49 -------- d-----w- c:\programmi\TrendMicro
2010-01-31 23:15 . 2010-01-06 11:08 57856 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\o51ze5ma.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
2010-01-31 23:15 . 2010-01-06 11:08 545280 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\o51ze5ma.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe
2010-01-31 23:15 . 2010-01-06 11:08 4726272 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\o51ze5ma.default\extensions\piclens@cooliris.com\libs\cooliris190.dll
2010-01-31 23:15 . 2010-01-06 11:08 4725760 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\o51ze5ma.default\extensions\piclens@cooliris.com\libs\cooliris192.dll
2010-01-31 23:15 . 2010-01-06 11:08 344064 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\o51ze5ma.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe
2010-01-31 23:15 . 2010-01-06 11:08 153600 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\o51ze5ma.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
2010-01-31 23:15 . 2010-01-06 11:08 103424 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\o51ze5ma.default\extensions\piclens@cooliris.com\libs\pixomatic.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-10 14:12 . 2005-02-18 16:45 21176 ----a-w- c:\documents and settings\Roberto\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-02-10 14:04 . 1979-12-31 23:00 48728 ----a-w- c:\windows\system32\perfc010.dat
2010-02-10 14:04 . 1979-12-31 23:00 346870 ----a-w- c:\windows\system32\perfh010.dat
2010-02-10 10:59 . 2003-06-23 17:18 83975 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-12-21 19:06 . 2006-04-28 14:09 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-16 13:42 . 2009-12-23 19:42 872960 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\o51ze5ma.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2009-12-16 13:42 . 2009-12-23 19:42 43008 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\o51ze5ma.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-12-16 13:42 . 2009-12-23 19:42 340480 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\o51ze5ma.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-12-16 13:41 . 2009-12-23 19:42 346624 ----a-w- c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\o51ze5ma.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2003-10-27 19:08 . 2003-10-27 19:08 770048 ----a-w- c:\programmi\winmx331.exe
2003-10-27 19:03 . 2003-10-27 19:03 3468472 ----a-w- c:\programmi\winamp3_0-full.exe
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2008-04-13 1695232]
"Packard Bell Data Secure"="c:\programmi\Packard Bell Data Secure\PBDataSecure.exe" [2006-06-20 2361856]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-30 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2003-06-23 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-06-23 114688]
"SoundMan"="SOUNDMAN.EXE" [2003-06-20 55296]
"AGRSMMSG"="AGRSMMSG.exe" [2003-06-23 88267]
"Apoint"="c:\programmi\Apoint2K\Apoint.exe" [2002-07-25 151552]
"LManager"="c:\progra~1\LAUNCH~1\CPLBCL53.EXE" [2003-06-27 155648]
"WinampAgent"="c:\programmi\Winamp\winampa.exe" [2008-01-15 37376]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2005-11-05 77824]
"SunJavaUpdateSched"="c:\programmi\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 36975]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2007-11-11 185632]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"UnlockerAssistant"="c:\programmi\Unlocker\UnlockerAssistant.exe" [2009-10-26 15872]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
WinZip Quick Pick.lnk - c:\programmi\WinZip\WZQKPICK.EXE [2003-11-28 106560]
BTTray.lnk - c:\programmi\WIDCOMM\Software Bluetooth\BTTray.exe [2006-5-12 581693]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2005-10-18 10:58 278528 ----a-w- c:\programmi\iTunes\iTunesHelper.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Programmi\\BitTorrent\\bittorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R0 avgntmgr;avgntmgr;c:\windows\system32\drivers\avgntmgr.sys [29/04/2009 11.46.44 22360]
R0 VIRAGTLT;VIRAGTLT;c:\windows\system32\drivers\VIRAGTLT.SYS [06/09/2006 15.06.28 41728]
R1 avgntdd;avgntdd;c:\windows\system32\drivers\avgntdd.sys [29/04/2009 11.46.44 45416]
R2 CachemanXPService;CachemanXP;c:\progra~1\CACHEM~1\CachemanXP.exe [21/02/2008 20.43.26 245248]
R2 viritsvclite;Virit eXplorer Lite;c:\vexplite\VIRITSVC.EXE [04/09/2009 23.41.15 65536]
S2 gupdate1c9bac9b1d2c2b0;Google Update Service (gupdate1c9bac9b1d2c2b0);c:\programmi\Google\Update\GoogleUpdate.exe [11/04/2009 19.19.26 133104]
.
Contenuto della cartella 'Scheduled Tasks'
2010-02-11 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-24 20:57]
2010-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-04-11 18:19]
2010-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-04-11 18:19]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://liberomail.libero.it/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Invia a &Bluetooth - c:\programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
IE: Save Flash - c:\programmi\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
FF - ProfilePath - c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\o51ze5ma.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\o51ze5ma.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\documents and settings\Roberto\Dati applicazioni\Mozilla\Firefox\Profiles\o51ze5ma.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\programmi\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programmi\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Java\jre1.5.0_04\bin\NPJava11.dll
FF - plugin: c:\programmi\Java\jre1.5.0_04\bin\NPJava12.dll
FF - plugin: c:\programmi\Java\jre1.5.0_04\bin\NPJava13.dll
FF - plugin: c:\programmi\Java\jre1.5.0_04\bin\NPJava14.dll
FF - plugin: c:\programmi\Java\jre1.5.0_04\bin\NPJava32.dll
FF - plugin: c:\programmi\Java\jre1.5.0_04\bin\NPJPI150_04.dll
FF - plugin: c:\programmi\Java\jre1.5.0_04\bin\NPOJI610.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: c:\programmi\Real\RealOne Player\Netscape6\nppl3260.dll
FF - plugin: c:\programmi\Real\RealOne Player\Netscape6\nprjplug.dll
FF - plugin: c:\programmi\Real\RealOne Player\Netscape6\nprpjplug.dll
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
AddRemove-LiveUpdate - c:\programmi\Symantec\LiveUpdate\LSETUP.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-11 18:44
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_USERS\S-1-5-21-1685927933-2690133624-1694720459-1005\Identities\{F717E46F-20F7-4DB9-BA46-92292829952B}\Software\Microsoft\Outlook Express\5.0\Recent Stationery List]
@DACL=(02 0000)
@SACL=
"File0"="Cielo blu.htm"
"File1"="Natura.htm"
"File2"="Giallo.htm"
"File3"="Girasole.htm"
"File4"="Agrumi.htm"
"File5"="Quadretti bianchi.htm"
"File6"="Foglie.htm"
[HKEY_USERS\S-1-5-21-1685927933-2690133624-1694720459-1005\Identities\{F717E46F-20F7-4DB9-BA46-92292829952B}\Software\Microsoft\Outlook Express\5.0\Shared Settings]
@DACL=(02 0000)
@SACL=
[HKEY_USERS\S-1-5-21-1685927933-2690133624-1694720459-1005\Software\Local AppWizard-Generated Applications\Launch Tool]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\CyberLink\PowerDVD\BuildInfo]
@DACL=(02 0000)
@SACL=
"SR_No"="DVD030423-04"
"Skin"="2420"
"iPower"="030407"
"UG"="1510"
"Setup"="030421"
"Help"="2416"
"RC"="030414"
"Readme"="2416"
"Kernel"="v2834_DS(Acer)"
"UI"="v2824_DDVS_DS(Acer)"
"Filter"="v2834_DS(Acer)"
[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\NodeCLSIDs\{13A7995E-7D8F-45B4-9C77-819265225763}]
@DACL=(02 0000)
"Priority"=dword:00000001
"AutoInsert"=dword:00000001
"Name"="WMPlayer Spectrum Analyzer DMO"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\NodeCLSIDs\{95037DA1-6ED9-4B27-8CFF-9AD3DFB0B2F2}]
@DACL=(02 0000)
"Priority"=dword:fffffffb
"AutoInsert"=dword:00000001
"Name"="WMPlayer SRSWow DMO"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\NodeCLSIDs\{974BF3BF-C9AE-4476-8003-5FE544DF458C}]
@DACL=(02 0000)
"Priority"=dword:fffffffe
"AutoInsert"=dword:00000001
"Name"="WMPlayer Video Processing DMO"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\NodeCLSIDs\{B2DBA270-9F49-4513-AC13-76496D6EBA3A}]
@DACL=(02 0000)
"Priority"=dword:00000002
"AutoInsert"=dword:00000000
"Name"="Speaker Enhancement DMO"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\NodeCLSIDs\{D01BC8E2-70AD-4976-9612-21B37ED5C8E8}]
@DACL=(02 0000)
"Priority"=dword:00000003
"AutoInsert"=dword:00000001
"Name"="WMPlayer Equalizer DMO"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Publish\{1AC8AC62-67E9-4676-BA08-194A6916B145}]
@DACL=(02 0000)
@="WMPlayer CD Burn Publish Provider"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Publish\{F6402585-08FB-498E-877D-2D8EDF05219F}]
@DACL=(02 0000)
@="WMPlayer WMDM Publish Provider"
[HKEY_LOCAL_MACHINE\software\NewTech Infosystems\NTI CD-Maker\6]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\NewTech Infosystems\NTI CD-Maker\OEMUrl]
@DACL=(02 0000)
@SACL=
"Home"="http://global.acer.com"
[HKEY_LOCAL_MACHINE\software\Realtek Semiconductor Corp.\Realtek AC'97 Audio]
@DACL=(02 0000)
@SACL=
.
Ora fine scansione: 2010-02-11 18:46:03
ComboFix-quarantined-files.txt 2010-02-11 17:46
Pre-Run: 1.416.232.960 byte disponibili
Post-Run: 1.373.700.096 byte disponibili
- - End Of File - - 0509CEC062547CFAA392E8B4A38BD3B3
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21.11.00, on 11/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\PROGRA~1\CACHEM~1\CachemanXP.exe
C:\VEXPLITE\viritsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\PROGRA~1\LAUNCH~1\CPLBCL53.EXE
C:\Programmi\Winamp\winampa.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\Java\jre1.5.0_04\bin\jusched.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Unlocker\UnlockerAssistant.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\Java\jre1.5.0_04\bin\jucheck.exe
C:\Programmi\Apoint2K\Apntex.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Packard Bell Data Secure\PBDataSecure.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\PROGRA~1\WIDCOMM\SOFTWA~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\mshta.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://liberomail.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\CPLBCL53.EXE
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Programmi\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Save Flash - res://C:\Programmi\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Programmi\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: CachemanXP (CachemanXPService) - Outertech - C:\PROGRA~1\CACHEM~1\CachemanXP.exe
O23 - Service: Google Update Service (gupdate1c9bac9b1d2c2b0) (gupdate1c9bac9b1d2c2b0) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
--
End of file - 7470 bytes
Concatenamento apertura files che non funziona Autore: systemcrack |
Forum: Applicazioni Office Windows Risposte: 3 |
Visitano il forum: Nessuno e 32 ospiti