www.MegaLab.it

da **Wanderers** » gio nov 20, 2008 5:06 pm

Come nel titolo: ho un virus Bloodhound.Beagle, che Norton rileva nella scansione ma non riesce a rimuovere nè mettere in quarantena.
Da più parti ho letto di usare The Avenger per risolvere il problema, io scarico Avenger, ma quando lo apro non mi compare l'interfaccia con lente, semaforo ecc.., ma un interfaccia molto più schematica.
Cosa devo fare?

da **ste_95** » gio nov 20, 2008 5:13 pm

Scarica HijackThis
Salvalo in una cartella (non aprirlo direttamente, sennò non farà i backup!)
Apri l'eseguibile
Clicca quindi su "Do a System Scan and Save a Logfile"
Attendi che finisca la scansione
Posta sul forum il risultato facendo attenzione a queste regole.

da **Wanderers** » ven nov 21, 2008 9:41 am

Ecco il risultato della scansione:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9.36.46, on 21/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccProxy.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\Norton Internet Security\ISSVC.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Toshiba\Windows Utilities\Hotkey.exe
C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
C:\Programmi\TOSHIBA\ConfigFree\NDSTray.exe
C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Lexmark 1200 Series\lxczbmgr.exe
C:\WINDOWS\system32\igfxext.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmi\Lexmark 1200 Series\lxczbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\PROGRA~1\MICROS~3\wcescomm.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Programmi\MSN Toolbar Suite\DS\02.05.0001.1119\it-it\bin\WindowsSearch.exe
C:\Programmi\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Programmi\OpenOffice.org 3\program\soffice.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\MSN Toolbar Suite\DS\02.05.0001.1119\it-it\bin\WindowsSearchIndexer.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Programmi\OpenOffice.org 3\program\soffice.bin
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\File comuni\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Documents and Settings\FARFALLA\Impostazioni locali\Temporary Internet Files\Content.IE5\F2E3GCQR\HiJackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://virgilio.alice.it/indexbb.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Toolbar Suite\TB\02.05.0000.1082\it-it\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\MSN Toolbar Suite\TB\02.05.0000.1082\it-it\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Programmi\Toshiba\Windows Utilities\Hotkey.exe" /lang IT
O4 - HKLM\..\Run: [PadTouch] C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Programmi\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe"
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Programmi\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Programmi\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LG SyncManager.lnk = C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Programmi\MSN Toolbar Suite\DS\02.05.0001.1119\it-it\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Programmi\MSN Toolbar Suite\TB\02.05.0000.1082\it-it\msntb.dll/search.htm
O9 - Extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferito portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [java_sun] Java (Sun)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F590696E-F9C0-46C6-8BDF-B24BC4209E8E}: NameServer = 85.37.17.12 85.38.28.79
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programmi\Norton Internet Security\ISSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Symantec RemoteAssist (symantec remoteassist) - Symantec, Inc. - C:\Programmi\File comuni\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O24 - Desktop Component 0: (no name) - http://www.cucinaericette.it/images/lay ... icetta.gif
O24 - Desktop Component 1: (no name) - http://style-srv.leonardo.it/headerleo/ ... angediv.js
O24 - Desktop Component 2: (no name) - http://www.paginebimbo.it/immagini/Navigazione_01.gif

--
End of file - 11455 bytes

da **Wanderers** » ven nov 21, 2008 9:43 am

E ora che devo fare????

da **ste_95** » ven nov 21, 2008 2:49 pm

Il log è pulito.
Il trojan viene segnalato ancora? Dove?

da **Amantide** » ven nov 21, 2008 2:56 pm

Scarica FindyKill (by Chiquitine29)ed installalo (è in francese però è di facile comprensione).
Una volta installato chiudi tutte le applicazioni attive e disconnettiti dal internet, poi clicca sull'icona di FindyKill e nella finestra dos che si aprirà scrivi 1 e premi Invio. Attendi il termine della scansione e posta qui il log che trovi in C:\FindyKill.txt

da **Wanderers** » ven nov 21, 2008 6:11 pm

ste_95 ha scritto:Il log è pulito.
Il trojan viene segnalato ancora? Dove?

Io ho 2 account sul computer, quello in cui mi trovavo quando ho beccato il virus non lo sto aprendo più.
La scansione l'ho fatto dall'altro account. E' per questo che il log è pulito?

da **ste_95** » ven nov 21, 2008 6:37 pm

Prova a seguire i consigli di Amantide, ma secondo me Norton ha già fatto piazza pulita.

da **Wanderers** » ven nov 21, 2008 6:38 pm

Amantide ha scritto:Scarica FindyKill (by Chiquitine29)ed installalo (è in francese però è di facile comprensione).
Una volta installato chiudi tutte le applicazioni attive e disconnettiti dal internet, poi clicca sull'icona di FindyKill e nella finestra dos che si aprirà scrivi 1 e premi Invio. Attendi il termine della scansione e posta qui il log che trovi in C:\FindyKill.txt

Ecco il log trovato da FindyKill sull'account infetto:

--------------- [ Active Processes ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Toshiba\Windows Utilities\Hotkey.exe
C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
C:\Programmi\TOSHIBA\ConfigFree\NDSTray.exe
C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxext.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSServ.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\Lexmark 1200 Series\lxczbmgr.exe
C:\Programmi\Lexmark 1200 Series\lxczbmon.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Microsoft ActiveSync\wcescomm.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\drivers\winfilse.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmi\LG PC Suite\LG PC Sync\LGSyncManager.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Programmi\MSN Toolbar Suite\DS\02.05.0001.1119\it-it\bin\WindowsSearch.exe
C:\Programmi\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Programmi\OpenOffice.org 3\program\soffice.exe
C:\Programmi\MSN Toolbar Suite\DS\02.05.0001.1119\it-it\bin\WindowsSearchIndexer.exe
C:\Programmi\OpenOffice.org 3\program\soffice.bin

--------------- [ Infected processes stopped ] ----------------

"C:\WINDOWS\system32\drivers\winfilse.exe" (2672)

--------------- [ Infected files / folders ] ----------------

»»»» Presence Files in C:

»»»» Presence Files in C:\WINDOWS

»»»» Presence Files in C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\534234.EXE-1CE97ED1.pf
Found ! - C:\WINDOWS\prefetch\WINFILSE.EXE-17C2CF68.pf
Found ! - C:\WINDOWS\Prefetch\HOTKEY.EXE-10C75A93.pf

»»»» Presence Files in C:\WINDOWS\system32

»»»» Presence Files in C:\WINDOWS\system32\drivers

Found ! [21/11/2008 18.16] - C:\WINDOWS\system32\drivers\srosa2.sys
Found ! [15/09/2004 05.07] - C:\WINDOWS\system32\drivers\winfilse.exe
Found ! [21/11/2008 18.24] - "C:\WINDOWS\system32\drivers\downld"
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\1033953.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\1062765.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\1067000.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\1073718.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15319234.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15322062.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15338218.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15340750.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15373718.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15377531.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15387921.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15451875.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15452609.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15496828.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15503125.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15517640.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15535234.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15545046.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15548171.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15661765.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15687156.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15785609.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15806812.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15916828.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15948296.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\15950937.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\16183796.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\16323515.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\16358359.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\16380375.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\1659031.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\1673812.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\1859343.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\1898187.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\1929078.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\1949312.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\290578.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\294562.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\299281.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\301078.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\304046.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\304125.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\304984.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\307687.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\309578.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\310328.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\311812.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\312265.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\313734.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\314468.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\316437.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\322812.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\324453.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\324968.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\329828.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\331171.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\331187.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\341609.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\347406.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\347921.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\350000.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\352406.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\352687.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\353390.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\355265.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\357109.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\357750.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\358031.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\358421.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\360640.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\361312.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\362734.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\363640.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\363687.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\364890.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\365093.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\365265.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\367359.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\367625.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\368015.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\368625.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\370250.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\371843.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\372578.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\373406.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\375984.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\377656.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\378250.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\378484.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\378656.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\378718.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\379390.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\381390.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\382484.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\383937.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\384343.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\385328.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\385531.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\386531.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\388375.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\389671.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\389937.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\394140.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\395750.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\396109.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\397796.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\398546.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\402171.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\402500.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\404562.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\405484.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\406390.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\407656.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\407718.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\409125.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\410546.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\412031.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\416500.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\416890.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\418468.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\420296.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\420953.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\422359.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\423515.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\424546.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\427828.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\428593.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\429203.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\431500.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\431531.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\436218.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\437843.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\438000.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\439625.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\440500.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\442687.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\447265.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\449015.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\449781.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\450875.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\455125.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\455593.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\460328.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\461781.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\463453.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\464593.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\464765.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\471578.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\471781.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\473625.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\473828.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\475218.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\476765.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\482265.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\484828.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\487875.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\488468.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\489437.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\495968.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\497609.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\498140.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\499515.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\501328.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\501718.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\510359.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\515750.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\516609.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\517843.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\518625.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\518875.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\522859.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\523140.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\524390.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\524812.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\525750.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\530390.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\533296.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\534234.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\535781.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\537500.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\538671.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\539703.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\541609.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\545093.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\545937.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\546390.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\547625.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\548875.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\549000.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\554750.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\557156.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\559921.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\560234.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\562687.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\563421.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\566203.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\568250.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\568359.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\568718.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\569015.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\570546.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\572421.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\580437.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\580562.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\584468.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\586609.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\590125.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\608453.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\610359.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\614203.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\616656.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\617531.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\619875.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\623890.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\625140.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\625625.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\627468.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\629156.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\630250.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\630796.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\631578.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\633515.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\643468.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\643828.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\645187.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\645937.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\647468.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\648203.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\652046.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\652875.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\653125.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\653406.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\653500.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\653953.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\657953.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\658140.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\666921.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\679625.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\681671.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\686593.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\687578.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\690187.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\695140.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\696703.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\697796.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\701984.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\703187.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\703578.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\706968.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\714296.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\722593.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\730703.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\749406.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\754281.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\759546.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\763375.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\765968.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\774296.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\775062.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\776406.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\794812.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\805375.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\814500.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\841109.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\843625.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\844437.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\846109.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\849703.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\854578.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\856312.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\856593.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\856906.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\863765.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\863859.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\888109.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\909343.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\916312.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\929796.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\958890.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\987375.exe
Found ! [21/11/2008 18.24] - C:\WINDOWS\system32\drivers\downld\988671.exe

»»»» Presence Files in C:\Documents and Settings\FRANCESCO\Dati applicazioni

»»»» Presence Files in C:\DOCUME~1\FRANCE~1\IMPOST~1\Temp

Found ! - C:\DOCUME~1\FRANCE~1\IMPOST~1\Temp\Directory temporanea 2 per Microsoft Office 2007.zip\serial.exe

»»»» Presence Files in C:\Documents and Settings\FRANCESCO\Local Settings\Temporary Internet Files\Content.IE5

Found ! [20/11/2008 17.49] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\2QEW86UU\b64_1[1].jpg
Found ! [20/11/2008 17.50] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\2QEW86UU\b64_1[2].jpg
Found ! [21/11/2008 18.18] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\31ZS911N\b64_1[1].jpg
Found ! [21/11/2008 18.21] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\31ZS911N\b64_2[1].jpg
Found ! [18/11/2008 09.49] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\4MJ8OKTT\b64[1].jpg
Found ! [17/11/2008 13.45] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\4MJ8OKTT\b64_1[1].jpg
Found ! [19/11/2008 15.29] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\4MJ8OKTT\b64_1[2].jpg
Found ! [20/11/2008 08.30] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\4MJ8OKTT\b64_2[1].jpg
Found ! [20/11/2008 08.31] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\4MJ8OKTT\b64_3[1].jpg
Found ! [06/11/2008 14.39] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7OGXIAQF\b64[1].jpg
Found ! [20/11/2008 11.22] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7OGXIAQF\b64[2].jpg
Found ! [05/11/2008 12.38] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7OGXIAQF\b64_3[1].jpg
Found ! [10/11/2008 16.53] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7OGXIAQF\b64_3[2].jpg
Found ! [12/11/2008 10.55] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7ZLG327B\b64_2[1].jpg
Found ! [16/11/2008 08.47] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7ZLG327B\b64_2[2].jpg
Found ! [11/11/2008 09.05] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7ZLG327B\b64_3[1].jpg
Found ! [14/11/2008 19.13] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7ZLG327B\b64_3[2].jpg
Found ! [11/11/2008 09.05] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64[1].jpg
Found ! [16/11/2008 08.46] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64[2].jpg
Found ! [12/11/2008 10.56] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64_1[1].jpg
Found ! [17/11/2008 09.38] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64_2[1].jpg
Found ! [11/11/2008 13.11] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64_3[1].jpg
Found ! [13/11/2008 14.50] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64_3[2].jpg
Found ! [16/11/2008 08.46] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64_3[3].jpg
Found ! [17/11/2008 09.36] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64_3[4].jpg
Found ! [10/11/2008 16.55] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\CL171RDH\b64[1].jpg
Found ! [05/11/2008 20.45] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\CL171RDH\b64_3[1].jpg
Found ! [20/11/2008 11.22] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\CL171RDH\b64_3[2].jpg
Found ! [05/11/2008 20.46] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\DPMN9G9G\b64[1].jpg
Found ! [06/11/2008 14.35] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\DPMN9G9G\b64_1[1].jpg
Found ! [05/11/2008 12.38] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\DPMN9G9G\b64_3[1].jpg
Found ! [14/11/2008 19.13] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\H61NYPL0\b64[1].jpg
Found ! [16/11/2008 09.23] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\H61NYPL0\b64_1[1].jpg
Found ! [17/11/2008 09.35] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\H61NYPL0\b64_1[2].jpg
Found ! [14/11/2008 19.14] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\H61NYPL0\b64_2[1].jpg
Found ! [16/11/2008 09.24] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\H61NYPL0\b64_2[2].jpg
Found ! [16/11/2008 08.46] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\H61NYPL0\b64_3[1].jpg
Found ! [21/11/2008 18.20] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\J7YOPCYZ\b64[1].jpg
Found ! [21/11/2008 18.18] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\J7YOPCYZ\b64_2[1].jpg
Found ! [19/11/2008 15.30] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\KAA31TAD\b64[1].jpg
Found ! [17/11/2008 14.32] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\KAA31TAD\b64_3[1].jpg
Found ! [17/11/2008 14.32] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64[1].jpg
Found ! [19/11/2008 22.07] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64[2].jpg
Found ! [18/11/2008 09.48] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64_1[1].jpg
Found ! [19/11/2008 22.04] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64_1[2].jpg
Found ! [18/11/2008 09.50] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64_2[1].jpg
Found ! [19/11/2008 15.30] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64_2[2].jpg
Found ! [17/11/2008 13.46] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64_3[1].jpg
Found ! [20/11/2008 11.21] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64_3[2].jpg
Found ! [20/11/2008 08.32] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\ONMTVVSD\b64_2[1].jpg
Found ! [17/11/2008 13.46] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\ONMTVVSD\b64_3[1].jpg
Found ! [18/11/2008 09.48] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\ONMTVVSD\b64_3[2].jpg
Found ! [20/11/2008 15.20] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\UQIN1D21\b64_2[1].jpg
Found ! [21/11/2008 18.20] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\UQIN1D21\b64_3[1].jpg
Found ! [11/11/2008 13.12] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64[1].jpg
Found ! [17/11/2008 09.36] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64[2].jpg
Found ! [11/11/2008 13.09] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64_1[1].jpg
Found ! [13/11/2008 14.49] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64_1[2].jpg
Found ! [13/11/2008 14.51] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64_2[1].jpg
Found ! [12/11/2008 10.57] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64_3[1].jpg
Found ! [17/11/2008 09.36] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64_3[2].jpg
Found ! [13/11/2008 14.50] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64_3[3].jpg
Found ! [14/11/2008 19.13] - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64_3[4].jpg

--------------- [ Registry / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
TOSCDSPD=C:\Programmi\TOSHIBA\TOSCDSPD\toscdspd.exe
MSMSGS="C:\Programmi\Messenger\msmsgs.exe" /background
H/PC Connection Agent="C:\Programmi\Microsoft ActiveSync\wcescomm.exe"
swg=C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
drvsyskit=C:\WINDOWS\system32\drivers\winfilse.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

IgfxTray=C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds=C:\WINDOWS\system32\hkcmd.exe
Persistence=C:\WINDOWS\system32\igfxpers.exe
SynTPLpr=C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
SynTPEnh=C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Toshiba Hotkey Utility="C:\Programmi\Toshiba\Windows Utilities\Hotkey.exe" /lang IT
PadTouch=C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
NDSTray.exe=NDSTray.exe
SmoothView=C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
dla=C:\WINDOWS\system32\dla\tfswctrl.exe
ccApp="C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
CFSServ.exe=CFSServ.exe -NoClient
QuickTime Task="C:\Programmi\QuickTime\qttask.exe" -atboottime
iTunesHelper="C:\Programmi\iTunes\iTunesHelper.exe"
Symantec NetDriver Monitor=C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
Lexmark 1200 Series="C:\Programmi\Lexmark 1200 Series\lxczbmgr.exe"
SunJavaUpdateSched="C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1

--------------- [ Registry / Infected keys ] ----------------

Found ! - HKEY_USERS\S-1-5-21-1322133019-1337150514-3548716090-1007\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_USERS\S-1-5-21-1322133019-1337150514-3548716090-1007\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-1322133019-1337150514-3548716090-1007\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-1322133019-1337150514-3548716090-1007\Software\CHKPTR
Found ! - HKEY_USERS\S-1-5-21-1322133019-1337150514-3548716090-1007\Software\ffc
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] | drvsyskit

--------------- [ States / Services ] ----------------

Missing key : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

- boot mode not available !!

Missing key : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

- boot mode not available !!

Missing key : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

- boot mode not available !!

+- Services : [ Auto=2 / Request=3 / Disable=4 ]

/!\ Ndisuio - Type of startup = 4

/!\ Ip6Fw - Type of startup = 4

/!\ SharedAccess - Type of startup = 4

/!\ wuauserv - Type of startup = 4

/!\ wscsvc - Type of startup = 4

da **Wanderers** » ven nov 21, 2008 6:40 pm

ste_95 ha scritto:Prova a seguire i consigli di Amantide, ma secondo me Norton ha già fatto piazza pulita.

Non può avere fatto piazza pulita perché quando faccio la scansione con Norton sull'account sano mi segnala 14 virus non rimuovibili ed impossibili da mettere in quarantena.
Spero in Amantide, altrimenti l'esoricista!

da **Amantide** » ven nov 21, 2008 10:08 pm

Ok, ora riesegui altra volta FindyKill, però questa volta scegli opzione 2.

da **Wanderers** » sab nov 22, 2008 4:46 am

Amantide ha scritto:Ok, ora riesegui altra volta FindyKill, però questa volta scegli opzione 2.

Fatto.
FindyKill ha svolto il lavoro, quando il computer si è riavviato mi sono spuntati vari aggiornamenti, solo che Norton ancora non funziona, dice che non è un'applicazione di Win32 valida.
Questo è il resoconto di FindyKill

((((((((((((((( *** deleting *** ))))))))))))))))))

--------------- [ Active Processes ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\svchost.exe

--------------- [ Infected files / folders ] ----------------

»»»» Supression files in C:

»»»» Supression files in C:\WINDOWS

»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\534234.EXE-1CE97ED1.pf
Deleted ! - C:\WINDOWS\prefetch\HOTKEY.EXE-10C75A93.pf
Deleted ! - C:\WINDOWS\prefetch\WINFILSE.EXE-17C2CF68.pf

»»»» Supression files in C:\WINDOWS\system32

Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe

»»»» Supression files in C:\WINDOWS\system32\drivers

Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys
Deleted ! - C:\WINDOWS\system32\drivers\winfilse.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1033953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1062765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1067000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1073718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15319234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15322062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15338218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15340750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15373718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15377531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15387921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15451875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15452609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15496828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15503125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15517640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15535234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15545046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15548171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15661765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15687156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15785609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15806812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15916828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15948296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15950937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\16183796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\16323515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\16358359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\16380375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1659031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1673812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1859343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1898187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1929078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1949312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\290578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\294562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\299281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\301078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\304046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\304125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\304984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\307687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\309578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\310328.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\311812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\312265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\313734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\314468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\316437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\322812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\324453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\324968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\329828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\331171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\331187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\341609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\347406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\347921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\350000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\352406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\352687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\353390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\355265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\357109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\357750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\358031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\358421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\360640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\361312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\362734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\363640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\363687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\364890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\365093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\365265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\367359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\367625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\368015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\368625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\370250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\371843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\372578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\373406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\375984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\377656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\378250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\378484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\378656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\378718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\379390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\381390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\382484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\383937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\384343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\385328.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\385531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\386531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\388375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\389671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\389937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\394140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\395750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\396109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\397796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\398546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\402171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\402500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\404562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\405484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\406390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\407656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\407718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\409125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\410546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\412031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\416500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\416890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\418468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\420296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\420953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\422359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\423515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\424546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\427828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\428593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\429203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\431500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\431531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\436218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\437843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\438000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\439625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\440500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\442453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\442687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\447265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\449015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\449781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\450875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\455125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\455593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\456156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\458218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\460328.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\461781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\463453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\464593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\464765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\467359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\471578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\471781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\473625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\473828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\475218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\476765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\482265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\484828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\487875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\488468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\488843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\489437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\495968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\497609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\498140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\499515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\501328.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\501718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\510359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\515750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\516609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\517843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\518625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\518875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\522859.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\523140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\524390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\524812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\525750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\525953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\530390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\533296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\534234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\535781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\537500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\538671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\539703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\541609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\545093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\545937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\546390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\547625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\548875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\549000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\554750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\557156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\557578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\559921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\560234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\562687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\563421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\566203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\568250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\568359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\568718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\569015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\570546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\572421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\574500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\579656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\580437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\580562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\584468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\586609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\590125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\608453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\610359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\614203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\616656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\617531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\619875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\623890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\625140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\625625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\627468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\629156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\630250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\630796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\631578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\633515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\636046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\638015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\643468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\643828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\645187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\645937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\647468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\648203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\652046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\652875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\653125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\653406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\653500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\653953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\657953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\658140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\666921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\679625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\681671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\686593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\687578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\690187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\695140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\696703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\697796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\701984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\702718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\703187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\703578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\706968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\714296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\721000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\722593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\730703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\737203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\749406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\754281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\759546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\763375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\765968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\774296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\775062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\776406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\794812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\805375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\814500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\841109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\843625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\844437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\846109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\849703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\854578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\856312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\856593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\856906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\863765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\863859.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\888109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\909343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\916312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\929796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\958890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\987375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\988671.exe
Deleted ! - "C:\WINDOWS\system32\drivers\downld"

»»»» Supression files in C:\Documents and Settings\FRANCESCO\Dati applicazioni

»»»» Supression files in C:\DOCUME~1\FRANCE~1\IMPOST~1\Temp

Deleted ! - C:\DOCUME~1\FRANCE~1\IMPOST~1\Temp\Directory temporanea 2 per Microsoft Office 2007.zip\serial.exe

»»»» Supression files in C:\Documents and Settings\FRANCESCO\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\2QEW86UU\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\2QEW86UU\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\31ZS911N\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\31ZS911N\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\31ZS911N\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\4MJ8OKTT\b64[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\4MJ8OKTT\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\4MJ8OKTT\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\4MJ8OKTT\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\4MJ8OKTT\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7OGXIAQF\b64[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7OGXIAQF\b64[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7OGXIAQF\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7OGXIAQF\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7ZLG327B\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7ZLG327B\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7ZLG327B\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\7ZLG327B\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\8H6G4DV1\b64_3[4].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\CL171RDH\b64[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\CL171RDH\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\CL171RDH\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\DPMN9G9G\b64[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\DPMN9G9G\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\DPMN9G9G\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\H61NYPL0\b64[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\H61NYPL0\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\H61NYPL0\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\H61NYPL0\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\H61NYPL0\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\H61NYPL0\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\J7YOPCYZ\b64[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\J7YOPCYZ\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\J7YOPCYZ\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\KAA31TAD\b64[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\KAA31TAD\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\MR9YN99F\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\ONMTVVSD\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\ONMTVVSD\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\ONMTVVSD\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\UQIN1D21\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\UQIN1D21\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\UQIN1D21\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\FRANCESCO\Impostazioni locali\Temporary Internet Files\Content.IE5\WHQ78CI3\b64_3[4].jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_USERS\S-1-5-21-1322133019-1337150514-3548716090-1007\Software\Local AppWizard-Generated Applications\serial
Deleted ! - HKEY_USERS\S-1-5-21-1322133019-1337150514-3548716090-1007\Software\Local AppWizard-Generated Applications\winfilse

--------------- [ States / Restarting of services ] ----------------

+- Safe boot mode restored !

+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2

--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Unit… fissa

D: - Unit… CD-ROM

+- deleting files :

Not deleted !! - D:\autorun.inf

--------------- [ Registry / Mountpoint2 ] ----------------

-> Not found !

--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\FRANCESCO\Cookies\francesco@crackle[2].txt
C:\Documents and Settings\FRANCESCO\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\file\BouncyFirecracker.gif-3d4f4fb6-7679cc7a.gif
C:\Documents and Settings\FRANCESCO\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\file\BouncyFirecracker.gif-3d4f4fb6-7679cc7a.idx

---------------- ! End of report ! ------------------

da **Wanderers** » sab nov 22, 2008 8:10 am

Un'ulteriore aggiornamento: ho fatto una scansione on-line sul sito della Symantec e sono stati rilevati 3 virus.
Ecco il resoconto:

86834 file scansionati, 3 file infettati sulle unità disco.
C:\Programmi\Norton Internet Security\Norton AntiVirus\Quarantine\Incoming\AP2.sys è infettato con Hacktool.Rootkit
C:\Programmi\Norton Internet Security\Norton AntiVirus\Quarantine\Incoming\AP3.sys è infettato con Hacktool.Rootkit
C:\Programmi\Norton Internet Security\Norton AntiVirus\Quarantine\Incoming\AP4.sys è infettato con Hacktool.Rootkit

da **crazy.cat** » sab nov 22, 2008 8:22 am

Norton dovrai reinstallarlo perché è stato danneggiato dal virus.
gli altri file sono nella Quarantine di norton e sono dei virus già rimossi, puoi cancellarli senza problemi.

da **Wanderers** » sab nov 22, 2008 8:42 am

crazy.cat ha scritto:Norton dovrai reinstallarlo perché è stato danneggiato dal virus.
gli altri file sono nella Quarantine di norton e sono dei virus già rimossi, puoi cancellarli senza problemi.

Grazie mille.
Il problema è che io ho sempre preso Norton dallo store on-line, dunque non ho il cd per poterlo reinstallare.
Come posso fare?
O mi conviene installare un antivirus diverso, di quelli gratuiti?
Ancora grazie mille per la disponibilità e la grandissima utilità di questo sito.

da **ste_95** » sab nov 22, 2008 8:45 am

Antivir Premium - attualmente in promozione - è sicuramente più efficace.

da **crazy.cat** » sab nov 22, 2008 8:50 am

Wanderers ha scritto:Il problema è che io ho sempre preso Norton dallo store on-line, dunque non ho il cd per poterlo reinstallare.

Se sei un utente registrato dovrebbero (in teoria) darti la possibilità di riscaricarlo.
Come si faccia però non saprei dirtelo.
Ci sono antivirus gratuiti molto migliori, dipende da quanto hai pagato la licenza di norton e per quanto tempo ti durava ancora.

da **Wanderers** » sab nov 22, 2008 9:06 am

crazy.cat ha scritto:
Wanderers ha scritto:Il problema è che io ho sempre preso Norton dallo store on-line, dunque non ho il cd per poterlo reinstallare.

Se sei un utente registrato dovrebbero (in teoria) darti la possibilità di riscaricarlo.
Come si faccia però non saprei dirtelo.
Ci sono antivirus gratuiti molto migliori, dipende da quanto hai pagato la licenza di norton e per quanto tempo ti durava ancora.

L'ho pagata poco meno di 50 euro(il rinnovo) e mi dura fino a luglio 2009.
Il fatto è che sul sito della Symantec non vedo la possibilità di poterlo riscaricare.
Eventualmente quale antivirus (gratuito) mi consiglieresti?

da **crazy.cat** » sab nov 22, 2008 9:24 am

Wanderers ha scritto:Eventualmente quale antivirus (gratuito) mi consiglieresti?

Assolutamente avira
http://www.free-av.com/

da **Wanderers** » sab nov 22, 2008 5:07 pm

Ok ragazzi, è tutto risolto.
Finalmente il Beagle è stato eliminato e ho potuto scaticare Avira, che ha risolto tutti gli altri problemi.
Unico cruccio è capire se e come posso riattivare Norton (ammesso che ne valga la pena).
Grazie a tutti coloro che mi hanno aiutato ed in generale a tutti coloro che lavoro per questo splendido sito.

[grazie]

www.MegaLab.it

Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Re: Ho un virus Bloodhound.Beagle, ma Avenger non mi parte.

Chi c’è in linea