Condividi:        

AIUTATEMI A SCONFIGGERE TROJAN HORSE DOWNLOADER

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

AIUTATEMI A SCONFIGGERE TROJAN HORSE DOWNLOADER

Postdi vedaila » 02/07/07 13:26

...Ebbene si dopo avere sconfitto dialer trojan .....sul portatile di mia sorella l'antivirus ha riscontrato un trojan horse downloader. L'antivirus è AVG Free ma è completamente in lingua inglese e non riesco a capire che azione abbia intrapreso. Vi mando il log file di Hijackthis se può essere utile......spero qualcuno gli dia un'aocchiata! grazie sempre

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 14.19.50, on 02/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Programmi\Norton Ghost\Agent\VProSvc.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
C:\Programmi\Apoint\Apoint.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\system32\ICO.EXE
C:\Programmi\Sony\VAIO Power Management\SPMgr.exe
C:\Programmi\Apoint\Apntex.exe
C:\Programmi\Sony\ISB Utility\ISBMgr.exe
C:\Programmi\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Programmi\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Norton Ghost\Agent\GhostTray.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Programmi\Tuttogratis Alert\TgAlert.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programmi\MSN Messenger\livecall.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\hijackthis\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com/en/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Programmi\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Programmi\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Programmi\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Programmi\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Programmi\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [zzz_ImInstaller_IncrediMail] C:\DOCUME~1\Ila\IMPOST~1\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Tuttogratis Alert.lnk = C:\Programmi\Tuttogratis Alert\TgAlert.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Aggiungi sito di supporto RSS a VAIO Information FLOW - C:\Programmi\Sony\VAIO Information FLOW\aiesc.html
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?1b2bdead7b5144a2868aebf53dc5dbea
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?1b2bdead7b5144a2868aebf53dc5dbea
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Trasferimento tramite Image Converter 2 Plus - C:\Programmi\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{5A7B984D-FD54-49A6-A665-E734E00707A2}: NameServer = 193.70.152.25 193.70.192.25
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O21 - SSODL: system32 - {C7A40E96-53CD-465F-AF8E-BB2DF5022037} - sysprinters.dll (file missing)
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Programmi\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Programmi\Norton Ghost\Agent\VProSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Programmi\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O24 - Desktop Component 0: (no name) - http://www.undo.net/Pressrelease/mappe/'+eleme+'.gif

--
End of file - 13738 bytes


PS...luke....se ci sei batti un colpo!!
vedaila
Utente Junior
 
Post: 38
Iscritto il: 08/06/07 08:43

Sponsor
 

Postdi vedaila » 02/07/07 17:34

Luke ho visto che ci sei........ho sentito il tuo colpo...................
vedaila
Utente Junior
 
Post: 38
Iscritto il: 08/06/07 08:43

Postdi Luke57 » 02/07/07 17:54

Ciao, apri hijackthis, disconnessa da internet e con le applicazioni chiuse, premi do a system scan only", cerca e spunta la voce seguente:
O21 - SSODL: system32 - {C7A40E96-53CD-465F-AF8E-BB2DF5022037} - sysprinters.dll (file missing)
premi fix checked.

Verifica, se sono presenti questi file e cartelle:
c:\install (con 2 file)
c:\windows\myalbum.zip
c:\windows\system32\sysprinter.dll
se sì eliminali.
Fammi sapere.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi vedaila » 02/07/07 18:19

Allora con hijackthis ho spuntato ed eliminato la voce che mi ha detto.
La cartella C:install non l'ho trovata ho provato a cercarla con "cerca" dal menu start e ho trovato due file e quando provavo a cancellarli si apriva una finestra con scritto: " impossibile eliminare file: impossibile leggere dal file o dal disco di origine"
Ho trovato ed eliminto la cartella "my album zip" mentre l'altra cartella non l'ho trovata.
Grazie......
Ti aspetto
vedaila
Utente Junior
 
Post: 38
Iscritto il: 08/06/07 08:43

Postdi Luke57 » 03/07/07 08:36

Ciao, vai qui:
http://www.sendmefile.com/00550922
scarica il file .exe (systemscan)
Mettilo sul desktop con le applicazioni chiuse, lo apri, spunti fra tutte quelle disponibili, l'opzione "recent file, days old", lasciandolo o mettendolo impostato a 60, premi scan now
Al termine della scansione, copi e incolli il report generato in un post.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi vedaila » 03/07/07 17:36

Ecco qui il risultato:
SystemScan - http://www.suspectfile.com - ver. 3.2.0

Running on: Windows XP PROFESSIONAL Edition, Service Pack 2 (2600.5.1)
System directory: C:\WINDOWS

Date: 03/07/2007
Time: 18.30.31

Output limited to:
-Recent files

===================== Recent files (60 days old)=====================

----- recent files in C:\
03/06/2007 13.18.37 244 byte 30 days old -- sqmnoopt00.sqm
03/06/2007 13.18.37 232 byte 30 days old -- sqmdata00.sqm
06/06/2007 23.27.40 292 byte 27 days old -- sqmdata01.sqm
06/06/2007 23.27.40 244 byte 27 days old -- sqmnoopt01.sqm
06/06/2007 23.30.23 244 byte 27 days old -- sqmnoopt02.sqm
06/06/2007 23.30.23 292 byte 27 days old -- sqmdata02.sqm
21/06/2007 12.15.42 292 byte 12 days old -- sqmdata03.sqm
21/06/2007 12.15.42 244 byte 12 days old -- sqmnoopt03.sqm
25/06/2007 12.55.42 12327665 byte 8 days old -- AVG7QT.DAT
01/07/2007 19.13.03 (DIR) 0 byte 2 days old -- Config.Msi
01/07/2007 19.13.04 (DIR) 0 byte 2 days old -- Programmi
02/07/2007 12.42.10 (DIR) 0 byte 1 days old -- $VAULT$.AVG
02/07/2007 19.01.42 (DIR) 0 byte 1 days old -- hijackthis
03/07/2007 17.56.16 1598029824 byte 0 days old -- pagefile.sys
03/07/2007 17.56.17 (DIR)1063440384 byte 0 days old -- hiberfil.sys
03/07/2007 17.56.39 (DIR) 0 byte 0 days old -- WINDOWS
03/07/2007 18.30.31 (DIR) 0 byte 0 days old -- suspectfile

----- recent files in C:\WINDOWS\
08/05/2007 10.16.27 336441 byte 56 days old -- setupact.log
09/05/2007 00.21.22 13200 byte 55 days old -- DPINST.LOG
09/05/2007 00.28.37 (DIR) 0 byte 55 days old -- SoftwareDistribution
10/05/2007 12.15.13 (DIR) 0 byte 54 days old -- $NtUninstallKB898461$
10/05/2007 12.15.21 7110 byte 54 days old -- KB898461.log
10/05/2007 12.35.56 (DIR) 0 byte 54 days old -- Sun
11/05/2007 13.07.21 (DIR) 0 byte 53 days old -- security
11/05/2007 13.07.50 (DIR) 0 byte 53 days old -- $NtUninstallKB928843$
11/05/2007 13.07.56 13646 byte 53 days old -- KB928843.log
11/05/2007 13.08.30 (DIR) 0 byte 53 days old -- $NtUninstallKB920213$
11/05/2007 13.08.33 18655 byte 53 days old -- KB920213.log
11/05/2007 13.08.41 (DIR) 0 byte 53 days old -- $NtUninstallKB926255$
11/05/2007 13.08.45 14808 byte 53 days old -- KB926255.log
11/05/2007 13.08.51 (DIR) 0 byte 53 days old -- $NtUninstallKB918118$
11/05/2007 13.08.55 15525 byte 53 days old -- KB918118.log
11/05/2007 13.09.01 (DIR) 0 byte 53 days old -- $NtUninstallKB922582$
11/05/2007 13.09.05 11804 byte 53 days old -- KB922582.log
11/05/2007 13.09.12 (DIR) 0 byte 53 days old -- $NtUninstallKB917422$
11/05/2007 13.09.17 17348 byte 53 days old -- KB917422.log
11/05/2007 13.09.22 (DIR) 0 byte 53 days old -- $NtUninstallKB932168$
11/05/2007 13.09.25 23556 byte 53 days old -- KB932168.log
11/05/2007 13.10.00 (DIR) 0 byte 53 days old -- $NtUninstallKB926251$
11/05/2007 13.10.02 13124 byte 53 days old -- KB926251.log
11/05/2007 13.10.10 (DIR) 0 byte 53 days old -- $NtUninstallKB924496$
11/05/2007 13.10.12 21618 byte 53 days old -- KB924496.log
11/05/2007 13.10.32 (DIR) 0 byte 53 days old -- $NtUninstallKB931261$
11/05/2007 13.10.35 17477 byte 53 days old -- KB931261.log
11/05/2007 13.10.40 (DIR) 0 byte 53 days old -- $NtUninstallKB924270$
11/05/2007 13.10.44 19278 byte 53 days old -- KB924270.log
11/05/2007 13.11.04 (DIR) 0 byte 53 days old -- $NtUninstallKB925398_WMP64$
11/05/2007 13.11.07 15955 byte 53 days old -- KB925398.log
11/05/2007 13.11.11 (DIR) 0 byte 53 days old -- $NtUninstallKB935448$
11/05/2007 13.11.16 14088 byte 53 days old -- KB935448.log
11/05/2007 13.11.22 (DIR) 0 byte 53 days old -- $NtUninstallKB929969$
11/05/2007 13.11.31 19549 byte 53 days old -- KB929969.log
11/05/2007 13.11.37 (DIR) 0 byte 53 days old -- $NtUninstallKB931784$
11/05/2007 13.11.43 27464 byte 53 days old -- KB931784.log
11/05/2007 13.11.49 (DIR) 0 byte 53 days old -- $NtUninstallKB923414$
11/05/2007 13.11.53 19341 byte 53 days old -- KB923414.log
11/05/2007 15.14.24 (DIR) 0 byte 53 days old -- msagent
12/05/2007 14.06.40 (DIR) 0 byte 52 days old -- $NtUninstallKB920683$
12/05/2007 14.06.53 19476 byte 52 days old -- KB920683.log
12/05/2007 14.07.01 (DIR) 0 byte 52 days old -- $NtUninstallKB923694$
12/05/2007 14.07.17 18929 byte 52 days old -- KB923694.log
12/05/2007 14.07.23 (DIR) 0 byte 52 days old -- $NtUninstallKB916595$
12/05/2007 14.07.28 18044 byte 52 days old -- KB916595.log
12/05/2007 14.07.46 (DIR) 0 byte 52 days old -- $NtUninstallKB923191$
12/05/2007 14.07.52 15991 byte 52 days old -- KB923191.log
12/05/2007 14.07.59 (DIR) 0 byte 52 days old -- $NtUninstallKB914388$
12/05/2007 14.08.06 19640 byte 52 days old -- KB914388.log
12/05/2007 14.08.12 (DIR) 0 byte 52 days old -- $NtUninstallKB919007$
12/05/2007 14.08.18 19337 byte 52 days old -- KB919007.log
12/05/2007 14.08.23 (DIR) 0 byte 52 days old -- $NtUninstallKB930178$
12/05/2007 14.08.28 19823 byte 52 days old -- KB930178.log
12/05/2007 14.08.45 (DIR) 0 byte 52 days old -- $NtUninstallKB920872$
12/05/2007 14.08.52 21610 byte 52 days old -- KB920872.log
12/05/2007 14.08.58 (DIR) 0 byte 52 days old -- $NtUninstallKB920670$
12/05/2007 14.09.04 19505 byte 52 days old -- KB920670.log
12/05/2007 14.09.11 (DIR) 0 byte 52 days old -- $NtUninstallKB925902$
12/05/2007 14.09.18 21630 byte 52 days old -- KB925902.log
12/05/2007 14.10.01 (DIR) 0 byte 52 days old -- $NtUninstallKB923689$
12/05/2007 14.10.06 17181 byte 52 days old -- KB923689.log
12/05/2007 14.10.20 (DIR) 0 byte 52 days old -- $NtUninstallKB931768$
12/05/2007 14.10.31 20818 byte 52 days old -- KB931768.log
12/05/2007 14.10.35 (DIR) 0 byte 52 days old -- $NtUninstallKB924667$
12/05/2007 14.10.37 (DIR) 0 byte 52 days old -- WinSxS
12/05/2007 14.10.42 22641 byte 52 days old -- KB924667.log
12/05/2007 14.10.48 (DIR) 0 byte 52 days old -- $NtUninstallKB923980$
12/05/2007 14.10.53 25552 byte 52 days old -- KB923980.log
12/05/2007 14.10.59 (DIR) 0 byte 52 days old -- $NtUninstallKB928255$
12/05/2007 14.11.08 26270 byte 52 days old -- KB928255.log
12/05/2007 14.11.15 (DIR) 0 byte 52 days old -- $NtUninstallKB922819$
12/05/2007 14.11.21 26767 byte 52 days old -- KB922819.log
12/05/2007 14.11.27 (DIR) 0 byte 52 days old -- $NtUninstallKB927802$
12/05/2007 14.11.32 26133 byte 52 days old -- KB927802.log
12/05/2007 14.11.38 (DIR) 0 byte 52 days old -- $NtUninstallKB927779$
12/05/2007 14.11.43 29235 byte 52 days old -- KB927779.log
18/05/2007 10.41.22 (DIR) 0 byte 46 days old -- $NtUninstallKB930916$
18/05/2007 10.41.29 12435 byte 46 days old -- KB930916.log
18/05/2007 10.41.32 (DIR) 0 byte 46 days old -- $NtUninstallKB926436$
18/05/2007 10.41.36 12634 byte 46 days old -- KB926436.log
18/05/2007 10.41.39 (DIR) 0 byte 46 days old -- $NtUninstallKB931836$
18/05/2007 10.41.44 22933 byte 46 days old -- KB931836.log
18/05/2007 10.41.50 (DIR) 0 byte 46 days old -- $NtUninstallKB920685$
18/05/2007 10.41.56 12566 byte 46 days old -- KB920685.log
18/05/2007 10.42.01 (DIR) 0 byte 46 days old -- $NtUninstallKB924191$
18/05/2007 10.42.05 13196 byte 46 days old -- KB924191.log
20/05/2007 23.39.58 (DIR) 0 byte 44 days old -- Downloaded Program Files
23/05/2007 10.25.16 (DIR) 0 byte 41 days old -- $NtUninstallKB927891$
23/05/2007 10.25.39 8357 byte 41 days old -- KB927891.log
01/06/2007 15.51.50 (DIR) 0 byte 32 days old -- pchealth
04/06/2007 14.25.29 (DIR) 0 byte 29 days old -- Fonts
13/06/2007 23.41.00 (DIR) 0 byte 20 days old -- $hf_mig$
14/06/2007 03.02.02 (DIR) 0 byte 19 days old -- $NtUninstallKB935839$
14/06/2007 03.02.11 12617 byte 19 days old -- KB935839.log
14/06/2007 03.02.16 (DIR) 0 byte 19 days old -- $NtUninstallKB935840$
14/06/2007 03.02.20 12748 byte 19 days old -- KB935840.log
14/06/2007 03.02.25 (DIR) 0 byte 19 days old -- $NtUninstallKB929123$
14/06/2007 03.02.31 14247 byte 19 days old -- KB929123.log
14/06/2007 03.02.31 1374 byte 19 days old -- imsins.BAK
14/06/2007 03.02.59 (DIR) 0 byte 19 days old -- $NtUninstallKB933566$
14/06/2007 03.03.03 38589 byte 19 days old -- updspapi.log
14/06/2007 03.03.07 222814 byte 19 days old -- msmqinst.log
14/06/2007 03.03.08 35788 byte 19 days old -- msgsocm.log
14/06/2007 03.03.08 710220 byte 19 days old -- FaxSetup.log
14/06/2007 03.03.09 138211 byte 19 days old -- netfxocm.log
14/06/2007 03.03.09 36437 byte 19 days old -- tabletoc.log
14/06/2007 03.03.09 331498 byte 19 days old -- tsoc.log
14/06/2007 03.03.09 147838 byte 19 days old -- ntdtcsetup.log
14/06/2007 03.03.09 81895 byte 19 days old -- plusoc.log
14/06/2007 03.03.09 44503 byte 19 days old -- ocmsn.log
14/06/2007 03.03.09 344240 byte 19 days old -- ocgen.log
14/06/2007 03.03.09 245961 byte 19 days old -- comsetup.log
14/06/2007 03.03.09 90670 byte 19 days old -- MedCtrOC.log
14/06/2007 03.03.09 40423 byte 19 days old -- ehOCGen.log
14/06/2007 03.03.09 36355 byte 19 days old -- KB933566.log
14/06/2007 03.03.09 1374 byte 19 days old -- imsins.log
14/06/2007 03.03.09 803821 byte 19 days old -- iis6.log
14/06/2007 10.01.04 (DIR) 0 byte 19 days old -- inf
14/06/2007 10.04.56 325319 byte 19 days old -- setupapi.log
15/06/2007 13.31.53 2567 byte 18 days old -- IE4 Error Log.txt
18/06/2007 19.43.40 (DIR) 0 byte 15 days old -- Help
24/06/2007 13.55.20 (DIR) 0 byte 9 days old -- system
29/06/2007 23.54.28 25699 byte 4 days old -- wmsetup.log
01/07/2007 19.03.30 (DIR) 0 byte 2 days old -- Tasks
01/07/2007 19.13.02 (DIR) 0 byte 2 days old -- Installer
01/07/2007 23.00.09 (DIR) 0 byte 2 days old -- system32
02/07/2007 13.37.41 50 byte 1 days old -- wiaservc.log
02/07/2007 14.40.07 216 byte 1 days old -- wiadebug.log
03/07/2007 13.36.18 32458 byte 0 days old -- SchedLgU.Txt
03/07/2007 17.56.23 2048 byte 0 days old -- bootstat.dat
03/07/2007 17.57.26 0 byte 0 days old -- 0.log
03/07/2007 17.57.27 (DIR) 0 byte 0 days old -- Registration
03/07/2007 17.57.27 (DIR) 0 byte 0 days old -- Temp
03/07/2007 17.57.33 4604 byte 0 days old -- ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
03/07/2007 17.57.43 5380 byte 0 days old -- ModemLog_Bluetooth Fax Modem.txt
03/07/2007 17.58.33 1720590 byte 0 days old -- WindowsUpdate.log
03/07/2007 18.28.54 (DIR) 0 byte 0 days old -- Prefetch
03/07/2007 18.29.56 10778 byte 0 days old -- ModemLog_Bluetooth DUN Modem.txt

----- recent files in C:\WINDOWS\Downloaded Program Files\

----- recent files in C:\WINDOWS\system\

----- recent files in C:\WINDOWS\system32\
09/05/2007 00.21.20 (DIR) 0 byte 55 days old -- DRVSTORE
09/05/2007 00.28.34 (DIR) 0 byte 55 days old -- SoftwareDistribution
10/05/2007 12.15.15 (DIR) 0 byte 54 days old -- PreInstall
12/05/2007 15.35.42 398514 byte 52 days old -- perfh009.dat
12/05/2007 15.35.42 72982 byte 52 days old -- perfc010.dat
12/05/2007 15.35.42 988758 byte 52 days old -- PerfStringBackup.INI
12/05/2007 15.35.42 446926 byte 52 days old -- perfh010.dat
12/05/2007 15.35.42 60646 byte 52 days old -- perfc009.dat
16/05/2007 17.12.56 683520 byte 48 days old -- inetcomm.dll
18/05/2007 10.41.39 122268 byte 46 days old -- TZLog.log
04/06/2007 17.50.07 262232 byte 29 days old -- FNTCACHE.DAT
14/06/2007 03.03.05 (DIR) 0 byte 19 days old -- dllcache
14/06/2007 13.15.51 (DIR) 0 byte 19 days old -- CatRoot2
29/06/2007 15.10.28 1158 byte 4 days old -- wpa.dbl
01/07/2007 19.12.57 (DIR) 0 byte 2 days old -- drivers
01/07/2007 23.00.09 24040 byte 2 days old -- sysprinters.dll

----- recent files in C:\WINDOWS\system32\drivers\
24/06/2007 13.55.55 816672 byte 9 days old -- avg7core.sys
24/06/2007 13.55.57 28416 byte 9 days old -- avg7rsxp.sys
24/06/2007 13.55.57 4224 byte 9 days old -- avg7rsw.sys
24/06/2007 13.55.58 4960 byte 9 days old -- avgtdi.sys
24/06/2007 13.55.58 18240 byte 9 days old -- avgmfx86.sys
24/06/2007 13.55.59 3968 byte 9 days old -- avgclean.sys

----- recent files in C:\WINDOWS\temp\
08/05/2007 10.13.06 22777 byte 56 days old -- bluesoleilSetup.log
09/05/2007 00.56.47 10 byte 55 days old -- LUInit.ini
17/05/2007 15.29.47 4084 byte 47 days old -- sweet_ye.jpg
17/05/2007 15.30.21 237975 byte 47 days old -- Io.jpg
17/05/2007 15.30.32 73928 byte 47 days old -- Mimì.jpg
17/05/2007 15.30.39 18748 byte 47 days old -- Er meglio de tutti voi.jpg
17/05/2007 15.30.57 533616 byte 47 days old -- Amore.jpg
17/05/2007 15.31.04 27303 byte 47 days old -- Formula 3.jpg
17/05/2007 15.31.12 267774 byte 47 days old -- Colleghe!!.jpg
17/05/2007 15.31.21 332945 byte 47 days old -- Ila Giù Vero e Vale.jpg
17/05/2007 15.31.44 132752 byte 47 days old -- Immag002.jpg
17/05/2007 15.31.49 12262 byte 47 days old -- Mimiddra.jpg
17/05/2007 15.32.00 653814 byte 47 days old -- Immag004.jpg
17/05/2007 15.32.06 71762 byte 47 days old -- Immag001.jpg
17/05/2007 15.32.12 110919 byte 47 days old -- Io e Alf.jpg
17/05/2007 15.32.24 11083 byte 47 days old -- Immag003.jpg
17/05/2007 15.32.32 50791 byte 47 days old -- Immag000.jpg
17/05/2007 15.32.45 21976 byte 47 days old -- Carnevale 07.jpg
18/05/2007 21.54.46 16384 byte 46 days old -- Perflib_Perfdata_5f0.dat
18/05/2007 21.55.10 0 byte 46 days old -- JET2100.tmp
19/05/2007 13.08.29 16384 byte 45 days old -- Perflib_Perfdata_ec.dat
19/05/2007 13.08.31 16384 byte 45 days old -- Perflib_Perfdata_12c.dat
19/05/2007 13.09.04 0 byte 45 days old -- JET3EE8.tmp
20/05/2007 12.58.50 0 byte 44 days old -- JETBE7D.tmp
30/05/2007 12.58.07 16384 byte 34 days old -- Perflib_Perfdata_9a4.dat
31/05/2007 13.54.35 (DIR) 0 byte 33 days old -- Google Toolbar
31/05/2007 13.54.43 (DIR) 0 byte 33 days old -- WLTB Custom Button Feeds
03/06/2007 19.24.59 16384 byte 30 days old -- Perflib_Perfdata_378.dat
09/06/2007 19.31.31 16384 byte 24 days old -- Perflib_Perfdata_3b4.dat
12/06/2007 12.36.18 16384 byte 21 days old -- Perflib_Perfdata_79c.dat
14/06/2007 03.02.48 568 byte 19 days old -- MSIca24a.LOG
14/06/2007 09.51.47 16384 byte 19 days old -- Perflib_Perfdata_2e8.dat
17/06/2007 12.27.46 16384 byte 16 days old -- Perflib_Perfdata_7bc.dat
17/06/2007 12.27.55 0 byte 16 days old -- JETBF1A.tmp
25/06/2007 12.54.17 16384 byte 8 days old -- Perflib_Perfdata_6dc.dat
27/06/2007 12.03.42 16384 byte 6 days old -- Perflib_Perfdata_790.dat
29/06/2007 15.10.55 16384 byte 4 days old -- Perflib_Perfdata_128.dat
29/06/2007 21.37.37 16384 byte 4 days old -- Perflib_Perfdata_144.dat
29/06/2007 21.37.49 0 byte 4 days old -- JET1306.tmp
30/06/2007 10.30.38 16384 byte 3 days old -- Perflib_Perfdata_5f8.dat
02/07/2007 11.32.19 16384 byte 1 days old -- Perflib_Perfdata_720.dat
02/07/2007 11.32.20 16384 byte 1 days old -- Perflib_Perfdata_2bc.dat
02/07/2007 11.32.49 0 byte 1 days old -- JET3B8D.tmp
03/07/2007 17.56.42 16384 byte 0 days old -- Perflib_Perfdata_6cc.dat
03/07/2007 17.56.42 16384 byte 0 days old -- Perflib_Perfdata_764.dat
03/07/2007 17.57.03 0 byte 0 days old -- JET3B4.tmp

----- recent files in C:\Programmi\
08/05/2007 10.10.10 (DIR) 0 byte 56 days old -- IVT Corporation
09/05/2007 00.33.44 (DIR) 0 byte 55 days old -- Windows Live Favorites
09/05/2007 00.34.12 (DIR) 0 byte 55 days old -- Windows Live Toolbar
10/05/2007 13.45.24 (DIR) 0 byte 54 days old -- Google
11/05/2007 13.09.28 (DIR) 0 byte 53 days old -- Microsoft CAPICOM 2.1.0.2
11/05/2007 13.10.00 (DIR) 0 byte 53 days old -- Windows Media Player
12/05/2007 14.07.36 (DIR) 0 byte 52 days old -- MSXML 4.0
31/05/2007 13.54.46 (DIR) 0 byte 33 days old -- MSN Messenger
01/06/2007 13.56.34 (DIR) 0 byte 32 days old -- Tuttogratis Alert
14/06/2007 03.02.27 (DIR) 0 byte 19 days old -- Outlook Express
14/06/2007 03.03.03 (DIR) 0 byte 19 days old -- Internet Explorer
24/06/2007 13.55.50 (DIR) 0 byte 9 days old -- Grisoft
01/07/2007 19.12.20 (DIR) 0 byte 2 days old -- File comuni
01/07/2007 19.12.57 (DIR) 0 byte 2 days old -- Symantec
03/07/2007 13.11.10 (DIR) 0 byte 0 days old -- eMule

----- recent files in C:\Programmi\File comuni\
05/06/2007 03.03.57 (DIR) 0 byte 28 days old -- Microsoft Shared
14/06/2007 03.02.27 (DIR) 0 byte 19 days old -- System
01/07/2007 19.14.36 (DIR) 0 byte 2 days old -- Symantec Shared

----- recent files in C:\Documents and Settings\Ila\Dati applicazioni\
10/05/2007 12.31.58 (DIR) 0 byte 54 days old -- Google
10/05/2007 12.35.56 (DIR) 0 byte 54 days old -- Sun
24/06/2007 13.55.23 (DIR) 0 byte 9 days old -- Microsoft
01/07/2007 19.14.34 (DIR) 0 byte 2 days old -- Symantec
02/07/2007 13.26.07 (DIR) 0 byte 1 days old -- Help
03/07/2007 12.46.53 (DIR) 0 byte 0 days old -- AVG7

----- recent files in C:\DOCUME~1\Ila\IMPOST~1\Temp\
06/05/2007 01.28.25 6 byte 58 days old -- status.txt
06/05/2007 01.28.25 (DIR) 0 byte 58 days old -- AutoRun
06/05/2007 19.10.12 248 byte 58 days old -- AC51.tmp
06/05/2007 19.19.42 248 byte 58 days old -- AC52.tmp
06/05/2007 19.19.52 248 byte 58 days old -- AC53.tmp
08/05/2007 10.26.57 0 byte 56 days old -- gtb11.tmp
08/05/2007 10.27.16 65536 byte 56 days old -- gtb11.tmp.cab
08/05/2007 12.16.12 158 byte 56 days old -- AC54.tmp
08/05/2007 12.18.49 202 byte 56 days old -- AC55.tmp
08/05/2007 16.21.03 415 byte 56 days old -- POWERPNT.log
08/05/2007 16.21.37 121 byte 56 days old -- wecerr.txt
09/05/2007 00.22.03 9905 byte 55 days old -- wuredist.cab
09/05/2007 00.28.25 6139760 byte 55 days old -- WindowsUpdateAgent30-x86.exe
09/05/2007 00.28.42 10336 byte 55 days old -- MST4D.tmp
09/05/2007 00.28.46 49 byte 55 days old -- calog.txt
09/05/2007 00.36.31 (DIR) 0 byte 55 days old -- WLTB Custom Button Feeds
09/05/2007 12.15.29 40950 byte 55 days old -- TFR2C.tmp
09/05/2007 12.15.29 46660 byte 55 days old -- TFR13.tmp
09/05/2007 12.15.29 46021 byte 55 days old -- TFR12.tmp
09/05/2007 12.15.29 23427 byte 55 days old -- TFR27.tmp
09/05/2007 12.15.29 62753 byte 55 days old -- TFR24.tmp
10/05/2007 00.04.25 67994 byte 54 days old -- TFRC.tmp
10/05/2007 00.04.25 46660 byte 54 days old -- TFR2.tmp
10/05/2007 00.04.25 21122 byte 54 days old -- TFR8.tmp
10/05/2007 00.04.25 23427 byte 54 days old -- TFR18.tmp
10/05/2007 00.04.25 62753 byte 54 days old -- TFR14.tmp
10/05/2007 00.04.25 46021 byte 54 days old -- TFR1.tmp
10/05/2007 00.04.25 67560 byte 54 days old -- TFR3.tmp
10/05/2007 00.04.25 40950 byte 54 days old -- TFR1D.tmp
10/05/2007 12.14.28 0 byte 54 days old -- gtb1.tmp
10/05/2007 12.17.38 1223398 byte 54 days old -- gtb1.tmp.cab
10/05/2007 12.17.52 (DIR) 0 byte 54 days old -- Google Toolbar
10/05/2007 12.36.13 0 byte 54 days old -- jar_cache17744.tmp
12/05/2007 18.00.14 190 byte 52 days old -- AC56.tmp
12/05/2007 18.00.19 190 byte 52 days old -- AC57.tmp
15/05/2007 20.38.11 73276 byte 49 days old -- ~e5.0001
17/05/2007 21.35.07 40950 byte 47 days old -- TFR34.tmp
17/05/2007 21.35.07 62753 byte 47 days old -- TFR2D.tmp
17/05/2007 21.35.07 23427 byte 47 days old -- TFR30.tmp
17/05/2007 21.35.07 46660 byte 47 days old -- TFR1A.tmp
17/05/2007 21.35.07 46021 byte 47 days old -- TFR19.tmp
17/05/2007 21.35.07 67560 byte 47 days old -- TFR1E.tmp
17/05/2007 21.35.07 67994 byte 47 days old -- TFR29.tmp
18/05/2007 21.54.56 16384 byte 46 days old -- Perflib_Perfdata_9e8.dat
19/05/2007 13.28.57 21122 byte 45 days old -- TFR15.tmp
19/05/2007 13.28.57 67994 byte 45 days old -- TFR1B.tmp
19/05/2007 13.28.57 23427 byte 45 days old -- TFR23.tmp
19/05/2007 13.28.57 46660 byte 45 days old -- TFRB.tmp
19/05/2007 13.28.57 67560 byte 45 days old -- TFRF.tmp
19/05/2007 13.28.57 62753 byte 45 days old -- TFR1F.tmp
19/05/2007 13.28.57 46021 byte 45 days old -- TFRA.tmp
19/05/2007 13.28.57 40950 byte 45 days old -- TFR28.tmp
19/05/2007 19.53.01 46660 byte 45 days old -- TFRD.tmp
19/05/2007 19.53.01 46021 byte 45 days old -- TFR9.tmp
19/05/2007 19.53.02 21122 byte 45 days old -- TFR16.tmp
19/05/2007 19.53.02 23427 byte 45 days old -- TFR25.tmp
19/05/2007 19.53.02 40950 byte 45 days old -- TFR2A.tmp
19/05/2007 19.53.02 62753 byte 45 days old -- TFR20.tmp
20/05/2007 12.59.11 16384 byte 44 days old -- Perflib_Perfdata_dd0.dat
20/05/2007 14.18.18 53954 byte 44 days old -- 5bc1_appcompat.txt
20/05/2007 23.53.19 40950 byte 44 days old -- TFR82.tmp
20/05/2007 23.53.19 62753 byte 44 days old -- TFR8A.tmp
20/05/2007 23.53.19 84343 byte 44 days old -- TFR7A.tmp
20/05/2007 23.53.19 32204 byte 44 days old -- TFR7E.tmp
20/05/2007 23.53.19 46660 byte 44 days old -- TFR99.tmp
20/05/2007 23.53.19 46021 byte 44 days old -- TFR9D.tmp
20/05/2007 23.53.19 67560 byte 44 days old -- TFR95.tmp
20/05/2007 23.53.19 67994 byte 44 days old -- TFR8D.tmp
20/05/2007 23.53.19 21122 byte 44 days old -- TFR91.tmp
20/05/2007 23.53.19 35574 byte 44 days old -- TFR76.tmp
20/05/2007 23.53.19 71682 byte 44 days old -- TFR6E.tmp
20/05/2007 23.53.19 20560 byte 44 days old -- TFR6D.tmp
21/05/2007 11.18.23 46660 byte 43 days old -- TFR10.tmp
21/05/2007 12.36.55 62753 byte 43 days old -- TFR60.tmp
21/05/2007 12.36.55 67994 byte 43 days old -- TFR64.tmp
21/05/2007 12.36.55 21122 byte 43 days old -- TFR68.tmp
21/05/2007 12.36.55 23427 byte 43 days old -- TFR5C.tmp
21/05/2007 12.36.55 40950 byte 43 days old -- TFR5B.tmp
21/05/2007 12.36.56 67560 byte 43 days old -- TFR6C.tmp
21/05/2007 12.36.56 46021 byte 43 days old -- TFR70.tmp
21/05/2007 13.06.11 23608 byte 43 days old -- TFR77.tmp
21/05/2007 13.06.11 32204 byte 43 days old -- TFR78.tmp
21/05/2007 22.35.00 46021 byte 43 days old -- TFR5.tmp
21/05/2007 22.35.01 23427 byte 43 days old -- TFR26.tmp
21/05/2007 22.35.01 62753 byte 43 days old -- TFR21.tmp
21/05/2007 23.40.54 35574 byte 43 days old -- TFRA4.tmp
21/05/2007 23.40.54 20560 byte 43 days old -- TFRA0.tmp
21/05/2007 23.40.55 67994 byte 43 days old -- TFRB9.tmp
21/05/2007 23.40.55 84343 byte 43 days old -- TFRAD.tmp
21/05/2007 23.40.55 32204 byte 43 days old -- TFRB2.tmp
21/05/2007 23.40.55 40950 byte 43 days old -- TFRB6.tmp
21/05/2007 23.40.55 23608 byte 43 days old -- TFRA7.tmp
22/05/2007 00.10.43 71682 byte 42 days old -- TFRC4.tmp
22/05/2007 23.34.39 67560 byte 42 days old -- TFR22.tmp
22/05/2007 23.34.39 67994 byte 42 days old -- TFR2E.tmp
22/05/2007 23.34.39 21122 byte 42 days old -- TFR2B.tmp
22/05/2007 23.34.39 23427 byte 42 days old -- TFR35.tmp
22/05/2007 23.34.39 10225 byte 42 days old -- TFRE.tmp
22/05/2007 23.34.39 46660 byte 42 days old -- TFR1C.tmp
23/05/2007 16.03.08 46660 byte 41 days old -- TFR44.tmp
23/05/2007 16.05.12 16384 byte 41 days old -- ~WRF0000.tmp
23/05/2007 16.09.35 71682 byte 41 days old -- TFR71.tmp
23/05/2007 16.09.35 20560 byte 41 days old -- TFR6F.tmp
23/05/2007 16.09.36 35574 byte 41 days old -- TFR75.tmp
23/05/2007 16.09.36 23608 byte 41 days old -- TFR79.tmp
23/05/2007 16.09.36 32204 byte 41 days old -- TFR83.tmp
24/05/2007 14.27.24 84343 byte 40 days old -- TFR11.tmp
24/05/2007 14.27.25 67994 byte 40 days old -- TFR42.tmp
24/05/2007 14.27.25 10225 byte 40 days old -- TFR2F.tmp
24/05/2007 14.27.25 62753 byte 40 days old -- TFR46.tmp
24/05/2007 14.27.25 21122 byte 40 days old -- TFR3E.tmp
24/05/2007 14.27.25 46660 byte 40 days old -- TFR36.tmp
24/05/2007 14.27.25 67560 byte 40 days old -- TFR3A.tmp
24/05/2007 14.27.25 46021 byte 40 days old -- TFR31.tmp
24/05/2007 21.05.25 84343 byte 40 days old -- TFR17.tmp
24/05/2007 21.05.26 67560 byte 40 days old -- TFR3B.tmp
24/05/2007 21.05.26 62753 byte 40 days old -- TFR48.tmp
24/05/2007 21.05.26 46021 byte 40 days old -- TFR32.tmp
24/05/2007 21.05.26 46660 byte 40 days old -- TFR38.tmp
24/05/2007 21.10.12 20560 byte 40 days old -- TFR52.tmp
24/05/2007 21.10.12 71682 byte 40 days old -- TFR53.tmp
24/05/2007 21.10.13 32204 byte 40 days old -- TFR66.tmp
24/05/2007 21.10.13 23608 byte 40 days old -- TFR61.tmp
24/05/2007 21.10.13 67994 byte 40 days old -- TFR7B.tmp
24/05/2007 21.10.13 21122 byte 40 days old -- TFR7F.tmp
24/05/2007 21.10.13 40950 byte 40 days old -- TFR6A.tmp
24/05/2007 21.10.13 23427 byte 40 days old -- TFR72.tmp
24/05/2007 21.10.13 35574 byte 40 days old -- TFR5D.tmp
24/05/2007 21.41.57 46660 byte 40 days old -- TFR39.tmp
24/05/2007 21.41.57 46021 byte 40 days old -- TFR33.tmp
24/05/2007 21.41.57 67560 byte 40 days old -- TFR3C.tmp
24/05/2007 21.41.57 21122 byte 40 days old -- TFR41.tmp
24/05/2007 21.41.57 84343 byte 40 days old -- TFR4.tmp
24/05/2007 21.41.58 62753 byte 40 days old -- TFR49.tmp
25/05/2007 22.39.36 (DIR) 0 byte 39 days old -- OIS
25/05/2007 23.16.09 67560 byte 39 days old -- TFR4E.tmp
25/05/2007 23.16.09 21122 byte 39 days old -- TFR54.tmp
25/05/2007 23.16.09 62753 byte 39 days old -- TFR5E.tmp
25/05/2007 23.16.09 46021 byte 39 days old -- TFR45.tmp
25/05/2007 23.16.09 46660 byte 39 days old -- TFR4A.tmp
25/05/2007 23.22.12 32204 byte 39 days old -- TFR7C.tmp
25/05/2007 23.22.12 20560 byte 39 days old -- TFR65.tmp
25/05/2007 23.22.12 23608 byte 39 days old -- TFR73.tmp
25/05/2007 23.22.12 71682 byte 39 days old -- TFR67.tmp
25/05/2007 23.22.12 35574 byte 39 days old -- TFR6B.tmp
25/05/2007 23.22.12 40950 byte 39 days old -- TFR80.tmp
25/05/2007 23.54.04 67994 byte 39 days old -- TFRA9.tmp
25/05/2007 23.54.04 84343 byte 39 days old -- TFRA1.tmp
25/05/2007 23.54.04 23427 byte 39 days old -- TFRA5.tmp
26/05/2007 16.55.58 2050 byte 38 days old -- IMT1.xml
26/05/2007 16.55.58 798998 byte 38 days old -- IMT3.xml
26/05/2007 16.55.58 426 byte 38 days old -- IMT2.xml
27/05/2007 20.21.03 46660 byte 37 days old -- TFR4B.tmp
27/05/2007 20.21.03 84343 byte 37 days old -- TFR3F.tmp
27/05/2007 20.21.03 21122 byte 37 days old -- TFR55.tmp
27/05/2007 20.21.03 23427 byte 37 days old -- TFR37.tmp
27/05/2007 20.21.03 46021 byte 37 days old -- TFR47.tmp
27/05/2007 20.21.03 67560 byte 37 days old -- TFR4F.tmp
27/05/2007 22.24.47 23427 byte 37 days old -- TFR7.tmp
27/05/2007 22.24.48 21122 byte 37 days old -- TFR5A.tmp
27/05/2007 22.24.48 67560 byte 37 days old -- TFR56.tmp
27/05/2007 22.24.48 84343 byte 37 days old -- TFR3D.tmp
27/05/2007 22.24.48 46660 byte 37 days old -- TFR50.tmp
27/05/2007 22.24.48 46021 byte 37 days old -- TFR4C.tmp
28/05/2007 19.10.50 23427 byte 36 days old -- TFR6.tmp
28/05/2007 19.10.51 84343 byte 36 days old -- TFR40.tmp
28/05/2007 19.10.52 21122 byte 36 days old -- TFR5F.tmp
28/05/2007 19.10.52 46660 byte 36 days old -- TFR57.tmp
28/05/2007 19.10.52 67560 byte 36 days old -- TFR59.tmp
28/05/2007 19.10.52 46021 byte 36 days old -- TFR51.tmp
28/05/2007 19.25.47 10225 byte 36 days old -- TFR74.tmp
28/05/2007 22.17.32 67560 byte 36 days old -- TFR7D.tmp
28/05/2007 22.17.32 21122 byte 36 days old -- TFR81.tmp
28/05/2007 22.17.32 46660 byte 36 days old -- TFR69.tmp
28/05/2007 22.17.32 84343 byte 36 days old -- TFR4D.tmp
28/05/2007 22.17.32 46021 byte 36 days old -- TFR62.tmp
28/05/2007 22.17.32 23427 byte 36 days old -- TFR43.tmp
28/05/2007 23.47.30 62753 byte 36 days old -- TFRB7.tmp
28/05/2007 23.47.30 20560 byte 36 days old -- TFR9F.tmp
28/05/2007 23.47.30 71682 byte 36 days old -- TFRA2.tmp
28/05/2007 23.47.30 23608 byte 36 days old -- TFRAA.tmp
28/05/2007 23.47.30 32204 byte 36 days old -- TFRAF.tmp
28/05/2007 23.47.30 35574 byte 36 days old -- TFRA6.tmp
28/05/2007 23.47.30 40950 byte 36 days old -- TFRB3.tmp
29/05/2007 12.06.26 0 byte 35 days old -- VGX3C.tmp
29/05/2007 12.11.02 32398 byte 35 days old -- 75a7_appcompat.txt
29/05/2007 17.11.44 (DIR) 0 byte 35 days old -- PPT11.0
29/05/2007 21.08.49 84343 byte 35 days old -- TFR63.tmp
29/05/2007 21.08.49 23427 byte 35 days old -- TFR58.tmp
29/05/2007 21.08.50 67994 byte 35 days old -- TFR97.tmp
29/05/2007 21.08.50 10225 byte 35 days old -- TFR84.tmp
29/05/2007 21.08.50 67560 byte 35 days old -- TFR8F.tmp
29/05/2007 21.08.50 46660 byte 35 days old -- TFR8B.tmp
29/05/2007 21.08.50 21122 byte 35 days old -- TFR93.tmp
29/05/2007 21.08.50 46021 byte 35 days old -- TFR86.tmp
29/05/2007 21.34.03 35574 byte 35 days old -- TFRBF.tmp
29/05/2007 21.34.03 23608 byte 35 days old -- TFRC5.tmp
29/05/2007 21.34.03 20560 byte 35 days old -- TFRBA.tmp
29/05/2007 21.34.03 71682 byte 35 days old -- TFRBB.tmp
29/05/2007 21.34.03 32204 byte 35 days old -- TFRC9.tmp
29/05/2007 21.34.03 40950 byte 35 days old -- TFRCC.tmp
29/05/2007 21.34.03 62753 byte 35 days old -- TFRD0.tmp
30/05/2007 12.58.03 759971 byte 34 days old -- _myclubvaio.exe
30/05/2007 15.41.32 23427 byte 34 days old -- TFR85.tmp
30/05/2007 15.41.32 84343 byte 34 days old -- TFR87.tmp
30/05/2007 15.41.32 10225 byte 34 days old -- TFR89.tmp
30/05/2007 15.41.32 67994 byte 34 days old -- TFR9E.tmp
30/05/2007 15.41.32 46660 byte 34 days old -- TFR92.tmp
30/05/2007 15.41.32 46021 byte 34 days old -- TFR8E.tmp
30/05/2007 15.41.32 21122 byte 34 days old -- TFR9B.tmp
30/05/2007 15.41.32 67560 byte 34 days old -- TFR96.tmp
31/05/2007 13.39.00 (DIR) 0 byte 33 days old -- ImInstaller
31/05/2007 14.54.49 126 byte 33 days old -- AC58.tmp
31/05/2007 14.54.57 126 byte 33 days old -- AC59.tmp
31/05/2007 23.42.00 376 byte 33 days old -- AC98.tmp
31/05/2007 23.54.26 370 byte 33 days old -- AC99.tmp
01/06/2007 00.20.55 23427 byte 32 days old -- TFRA3.tmp
01/06/2007 00.20.56 67560 byte 32 days old -- TFRB5.tmp
01/06/2007 00.20.56 46660 byte 32 days old -- TFRB0.tmp
01/06/2007 00.20.56 84343 byte 32 days old -- TFRA8.tmp
01/06/2007 00.20.56 46021 byte 32 days old -- TFRAB.tmp
01/06/2007 00.20.56 67994 byte 32 days old -- TFRBD.tmp
01/06/2007 00.20.56 21122 byte 32 days old -- TFRB8.tmp
01/06/2007 14.07.29 23427 byte 32 days old -- TFR88.tmp
01/06/2007 14.07.29 46021 byte 32 days old -- TFR94.tmp
01/06/2007 14.07.29 84343 byte 32 days old -- TFR8C.tmp
01/06/2007 14.07.29 21122 byte 32 days old -- TFRAC.tmp
01/06/2007 14.07.29 67994 byte 32 days old -- TFRB1.tmp
01/06/2007 14.07.29 67560 byte 32 days old -- TFR9C.tmp
01/06/2007 14.07.29 46660 byte 32 days old -- TFR98.tmp
01/06/2007 15.43.35 154 byte 32 days old -- ACC5.tmp
01/06/2007 15.48.54 432 byte 32 days old -- ACC6.tmp
01/06/2007 17.33.26 168 byte 32 days old -- AC5A.tmp
01/06/2007 17.40.10 124 byte 32 days old -- AC5B.tmp
01/06/2007 17.40.13 124 byte 32 days old -- AC5C.tmp
01/06/2007 17.40.35 188 byte 32 days old -- AC5D.tmp
01/06/2007 17.40.40 188 byte 32 days old -- AC5E.tmp
01/06/2007 17.41.09 218 byte 32 days old -- AC5F.tmp
01/06/2007 17.41.26 198 byte 32 days old -- AC60.tmp
01/06/2007 17.41.34 184 byte 32 days old -- AC61.tmp
01/06/2007 17.41.40 158 byte 32 days old -- AC62.tmp
01/06/2007 17.41.46 188 byte 32 days old -- AC63.tmp
01/06/2007 17.41.53 180 byte 32 days old -- AC64.tmp
01/06/2007 17.42.00 218 byte 32 days old -- AC65.tmp
01/06/2007 17.42.07 202 byte 32 days old -- AC66.tmp
01/06/2007 17.42.13 206 byte 32 days old -- AC67.tmp
01/06/2007 17.55.36 846 byte 32 days old -- AC68.tmp
01/06/2007 17.58.46 1174 byte 32 days old -- AC69.tmp
01/06/2007 18.09.13 112 byte 32 days old -- AC6A.tmp
02/06/2007 00.36.44 67994 byte 31 days old -- TFRCA.tmp
02/06/2007 00.36.44 21122 byte 31 days old -- TFRC6.tmp
02/06/2007 00.36.44 46660 byte 31 days old -- TFRBC.tmp
02/06/2007 00.36.44 23427 byte 31 days old -- TFR9A.tmp
02/06/2007 00.36.44 67560 byte 31 days old -- TFRC0.tmp
02/06/2007 01.24.05 32204 byte 31 days old -- TFRE0.tmp
02/06/2007 01.24.05 40950 byte 31 days old -- TFRE4.tmp
02/06/2007 01.24.05 62753 byte 31 days old -- TFRE8.tmp
02/06/2007 01.24.05 20560 byte 31 days old -- TFRD2.tmp
02/06/2007 01.24.05 71682 byte 31 days old -- TFRD3.tmp
02/06/2007 01.24.05 23608 byte 31 days old -- TFRDC.tmp
02/06/2007 23.39.25 84343 byte 31 days old -- TFRB4.tmp
02/06/2007 23.39.25 23427 byte 31 days old -- TFR90.tmp
02/06/2007 23.39.25 46660 byte 31 days old -- TFRC7.tmp
02/06/2007 23.39.25 46021 byte 31 days old -- TFRC1.tmp
03/06/2007 02.08.27 67560 byte 30 days old -- TFREB.tmp
03/06/2007 02.08.27 67994 byte 30 days old -- TFRF0.tmp
03/06/2007 14.23.19 110 byte 30 days old -- AC6B.tmp
03/06/2007 15.04.26 156 byte 30 days old -- AC7B.tmp
03/06/2007 15.04.35 372 byte 30 days old -- AC7C.tmp
03/06/2007 15.05.02 186 byte 30 days old -- AC7D.tmp
03/06/2007 15.05.32 372 byte 30 days old -- AC7E.tmp
03/06/2007 15.05.36 372 byte 30 days old -- AC7F.tmp
04/06/2007 00.54.50 23427 byte 29 days old -- TFRAE.tmp
04/06/2007 00.54.51 67560 byte 29 days old -- TFRD4.tmp
04/06/2007 00.54.51 46660 byte 29 days old -- TFRCE.tmp
04/06/2007 00.54.51 46021 byte 29 days old -- TFRCB.tmp
04/06/2007 00.54.51 84343 byte 29 days old -- TFRBE.tmp
04/06/2007 00.54.52 67994 byte 29 days old -- TFRDE.tmp
04/06/2007 01.08.24 62753 byte 29 days old -- TFRFA.tmp
04/06/2007 01.08.24 40950 byte 29 days old -- TFRF8.tmp
04/06/2007 01.08.24 20560 byte 29 days old -- TFRE6.tmp
04/06/2007 01.08.24 71682 byte 29 days old -- TFRE7.tmp
04/06/2007 01.08.24 23608 byte 29 days old -- TFRF1.tmp
04/06/2007 01.08.24 32204 byte 29 days old -- TFRF4.tmp
04/06/2007 22.49.16 46660 byte 29 days old -- TFRD5.tmp
04/06/2007 22.49.16 46021 byte 29 days old -- TFRD1.tmp
04/06/2007 22.49.16 84343 byte 29 days old -- TFRC8.tmp
04/06/2007 22.49.16 23427 byte 29 days old -- TFRC3.tmp
04/06/2007 22.49.16 35574 byte 29 days old -- TFRC2.tmp
04/06/2007 22.49.17 21122 byte 29 days old -- TFRDD.tmp
04/06/2007 22.49.17 67560 byte 29 days old -- TFRD9.tmp
06/06/2007 00.23.35 23427 byte 27 days old -- TFRCF.tmp
06/06/2007 00.23.35 46021 byte 27 days old -- TFRDF.tmp
06/06/2007 00.23.35 84343 byte 27 days old -- TFRD6.tmp
06/06/2007 02.55.05 71682 byte 27 days old -- TFR114.tmp
06/06/2007 02.55.05 23608 byte 27 days old -- TFR115.tmp
06/06/2007 02.55.05 67994 byte 27 days old -- TFR11D.tmp
06/06/2007 02.55.05 40950 byte 27 days old -- TFR119.tmp
07/06/2007 00.03.16 84343 byte 26 days old -- TFRDA.tmp
07/06/2007 00.03.16 35574 byte 26 days old -- TFRCD.tmp
07/06/2007 00.03.17 67560 byte 26 days old -- TFREE.tmp
07/06/2007 00.03.17 21122 byte 26 days old -- TFRF2.tmp
07/06/2007 00.03.17 46660 byte 26 days old -- TFRE9.tmp
07/06/2007 00.03.17 46021 byte 26 days old -- TFRE5.tmp
12/06/2007 15.05.33 10225 byte 21 days old -- TFREA.tmp
12/06/2007 15.05.33 35574 byte 21 days old -- TFRDB.tmp
12/06/2007 15.05.33 23427 byte 21 days old -- TFRE1.tmp
12/06/2007 15.05.33 67560 byte 21 days old -- TFRF6.tmp
12/06/2007 15.05.33 46660 byte 21 days old -- TFRF3.tmp
12/06/2007 15.05.33 21122 byte 21 days old -- TFRFB.tmp
12/06/2007 21.41.39 84343 byte 21 days old -- TFREF.tmp
12/06/2007 21.41.39 35574 byte 21 days old -- TFRE2.tmp
12/06/2007 21.41.39 67560 byte 21 days old -- TFRFC.tmp
12/06/2007 21.41.39 46660 byte 21 days old -- TFRF7.tmp
12/06/2007 21.41.39 46021 byte 21 days old -- TFRF5.tmp
12/06/2007 22.35.54 23427 byte 21 days old -- TFR110.tmp
12/06/2007 22.42.48 178 byte 21 days old -- AC118.tmp
13/06/2007 14.23.49 23427 byte 20 days old -- TFRD8.tmp
13/06/2007 14.23.49 21122 byte 20 days old -- TFR104.tmp
13/06/2007 14.23.49 84343 byte 20 days old -- TFRE3.tmp
13/06/2007 14.23.49 35574 byte 20 days old -- TFRD7.tmp
13/06/2007 14.23.49 67560 byte 20 days old -- TFR102.tmp
13/06/2007 14.23.49 46660 byte 20 days old -- TFRFD.tmp
13/06/2007 14.23.49 46021 byte 20 days old -- TFRF9.tmp
13/06/2007 23.47.04 (DIR) 0 byte 20 days old -- hsperfdata_Ila
13/06/2007 23.52.30 84343 byte 20 days old -- TFR22B.tmp
13/06/2007 23.52.30 67560 byte 20 days old -- TFR23A.tmp
13/06/2007 23.52.30 23427 byte 20 days old -- TFR226.tmp
13/06/2007 23.52.30 46021 byte 20 days old -- TFR232.tmp
13/06/2007 23.52.30 46660 byte 20 days old -- TFR237.tmp
14/06/2007 00.49.59 40950 byte 19 days old -- TFR258.tmp
14/06/2007 00.49.59 71682 byte 19 days old -- TFR24B.tmp
14/06/2007 00.49.59 62753 byte 19 days old -- TFR25C.tmp
14/06/2007 00.49.59 32204 byte 19 days old -- TFR254.tmp
14/06/2007 00.49.59 23608 byte 19 days old -- TFR24F.tmp
14/06/2007 00.49.59 67994 byte 19 days old -- TFR260.tmp
14/06/2007 01.43.44 36870 byte 19 days old -- 31ae_appcompat.txt
15/06/2007 00.38.34 67560 byte 18 days old -- TFR117.tmp
15/06/2007 00.38.34 46021 byte 18 days old -- TFR10F.tmp
15/06/2007 00.38.34 35574 byte 18 days old -- TFRFF.tmp
15/06/2007 00.38.34 46660 byte 18 days old -- TFR113.tmp
15/06/2007 00.38.34 23427 byte 18 days old -- TFR103.tmp
15/06/2007 00.38.34 10225 byte 18 days old -- TFR10B.tmp
15/06/2007 00.38.34 20560 byte 18 days old -- TFRFE.tmp
15/06/2007 00.38.34 84343 byte 18 days old -- TFR108.tmp
15/06/2007 17.01.48 35574 byte 18 days old -- TFR106.tmp
15/06/2007 17.01.48 20560 byte 18 days old -- TFR105.tmp
15/06/2007 17.01.49 46660 byte 18 days old -- TFR11C.tmp
15/06/2007 17.01.49 84343 byte 18 days old -- TFR111.tmp
15/06/2007 17.01.49 46021 byte 18 days old -- TFR118.tmp
15/06/2007 21.48.46 20560 byte 18 days old -- TFREC.tmp
15/06/2007 21.48.46 35574 byte 18 days old -- TFRED.tmp
15/06/2007 21.48.47 23427 byte 18 days old -- TFR100.tmp
15/06/2007 21.48.47 10225 byte 18 days old -- TFR109.tmp
15/06/2007 21.48.47 46660 byte 18 days old -- TFR112.tmp
15/06/2007 21.48.47 84343 byte 18 days old -- TFR107.tmp
15/06/2007 21.48.47 46021 byte 18 days old -- TFR10C.tmp
15/06/2007 21.48.47 67560 byte 18 days old -- TFR116.tmp
16/06/2007 12.20.15 126 byte 17 days old -- AC6C.tmp
16/06/2007 12.20.25 118 byte 17 days old -- AC6D.tmp
16/06/2007 12.20.36 92 byte 17 days old -- AC6E.tmp
16/06/2007 12.21.02 170 byte 17 days old -- AC6F.tmp
17/06/2007 12.29.26 16384 byte 16 days old -- Perflib_Perfdata_ff8.dat
17/06/2007 12.46.33 16384 byte 16 days old -- ~DFE12B.tmp
17/06/2007 12.46.33 16384 byte 16 days old -- ~DFEAC8.tmp
17/06/2007 12.46.49 114688 byte 16 days old -- ~DFEA94.tmp
17/06/2007 12.46.49 114688 byte 16 days old -- ~DFE104.tmp
17/06/2007 14.15.17 67560 byte 16 days old -- TFR128.tmp
17/06/2007 14.15.17 46660 byte 16 days old -- TFR126.tmp
17/06/2007 14.15.17 84343 byte 16 days old -- TFR11A.tmp
17/06/2007 14.15.17 46021 byte 16 days old -- TFR122.tmp
17/06/2007 14.15.17 23427 byte 16 days old -- TFR10D.tmp
17/06/2007 14.15.17 35574 byte 16 days old -- TFR10A.tmp
17/06/2007 14.54.15 10225 byte 16 days old -- TFR247.tmp
17/06/2007 14.54.18 40950 byte 16 days old -- TFR256.tmp
17/06/2007 14.54.18 32204 byte 16 days old -- TFR251.tmp
17/06/2007 14.54.18 71682 byte 16 days old -- TFR24C.tmp
17/06/2007 14.54.18 23608 byte 16 days old -- TFR24D.tmp
17/06/2007 14.54.18 62753 byte 16 days old -- TFR25A.tmp
17/06/2007 14.54.18 21122 byte 16 days old -- TFR262.tmp
17/06/2007 15.12.24 67994 byte 16 days old -- TFR2D5.tmp
17/06/2007 15.12.24 20560 byte 16 days old -- TFR2D9.tmp
17/06/2007 16.48.25 23427 byte 16 days old -- TFR123.tmp
17/06/2007 16.48.25 84343 byte 16 days old -- TFR127.tmp
17/06/2007 16.48.25 46021 byte 16 days old -- TFR12F.tmp
17/06/2007 16.48.25 20560 byte 16 days old -- TFR11B.tmp
17/06/2007 16.48.25 67994 byte 16 days old -- TFR10E.tmp
17/06/2007 16.48.25 35574 byte 16 days old -- TFR11E.tmp
18/06/2007 14.45.05 20560 byte 15 days old -- TFR121.tmp
18/06/2007 14.45.05 67994 byte 15 days old -- TFR11F.tmp
18/06/2007 14.45.05 35574 byte 15 days old -- TFR125.tmp
18/06/2007 14.45.05 84343 byte 15 days old -- TFR12D.tmp
18/06/2007 14.45.05 23427 byte 15 days old -- TFR129.tmp
18/06/2007 14.45.06 46021 byte 15 days old -- TFR135.tmp
18/06/2007 16.02.36 46021 byte 15 days old -- TFR13B.tmp
18/06/2007 16.02.36 23427 byte 15 days old -- TFR12E.tmp
18/06/2007 16.02.36 84343 byte 15 days old -- TFR133.tmp
18/06/2007 16.02.36 10225 byte 15 days old -- TFR136.tmp
18/06/2007 16.02.36 20560 byte 15 days old -- TFR124.tmp
18/06/2007 16.02.36 67994 byte 15 days old -- TFR120.tmp
18/06/2007 16.02.36 11385 byte 15 days old -- TFR101.tmp
18/06/2007 16.02.36 35574 byte 15 days old -- TFR12A.tmp
18/06/2007 19.41.48 186 byte 15 days old -- AC70.tmp
18/06/2007 19.43.53 200 byte 15 days old -- AC80.tmp
18/06/2007 19.45.23 208 byte 15 days old -- AC81.tmp
23/06/2007 15.11.40 84343 byte 10 days old -- TFR13C.tmp
23/06/2007 15.11.40 20560 byte 10 days old -- TFR130.tmp
23/06/2007 15.11.40 46021 byte 10 days old -- TFR142.tmp
23/06/2007 15.11.40 10225 byte 10 days old -- TFR13E.tmp
23/06/2007 15.11.40 23427 byte 10 days old -- TFR137.tmp
23/06/2007 15.11.40 35574 byte 10 days old -- TFR134.tmp
23/06/2007 15.11.40 67994 byte 10 days old -- TFR12C.tmp
24/06/2007 13.56.05 423566 byte 9 days old -- avg7inst.log
24/06/2007 13.56.11 (DIR) 0 byte 9 days old -- RarSFX1
24/06/2007 14.58.50 10225 byte 9 days old -- TFR145.tmp
24/06/2007 14.58.50 11385 byte 9 days old -- TFR12B.tmp
24/06/2007 14.58.50 46021 byte 9 days old -- TFR149.tmp
24/06/2007 14.58.50 35574 byte 9 days old -- TFR13A.tmp
24/06/2007 14.58.50 23427 byte 9 days old -- TFR13D.tmp
24/06/2007 14.58.50 20560 byte 9 days old -- TFR138.tmp
24/06/2007 14.58.50 67994 byte 9 days old -- TFR132.tmp
24/06/2007 14.58.50 84343 byte 9 days old -- TFR141.tmp
28/06/2007 13.25.38 11385 byte 5 days old -- TFR140.tmp
28/06/2007 13.25.38 20560 byte 5 days old -- TFR146.tmp
28/06/2007 13.25.39 46021 byte 5 days old -- TFR155.tmp
28/06/2007 13.25.39 10225 byte 5 days old -- TFR152.tmp
28/06/2007 13.25.39 23427 byte 5 days old -- TFR14B.tmp
28/06/2007 13.25.39 35574 byte 5 days old -- TFR14A.tmp
28/06/2007 13.25.39 84343 byte 5 days old -- TFR14D.tmp
29/06/2007 22.18.49 512 byte 4 days old -- ~DF5B2F.tmp
29/06/2007 22.18.49 114688 byte 4 days old -- ~DF5B1D.tmp
29/06/2007 22.19.07 114688 byte 4 days old -- ~DFDB07.tmp
29/06/2007 22.19.07 512 byte 4 days old -- ~DFDB2E.tmp
29/06/2007 23.37.15 12818 byte 4 days old -- control.xml
30/06/2007 12.35.20 124 byte 3 days old -- AC164.tmp
30/06/2007 12.38.38 128 byte 3 days old -- AC165.tmp
30/06/2007 12.40.56 124 byte 3 days old -- AC166.tmp
30/06/2007 12.45.27 132 byte 3 days old -- AC167.tmp
30/06/2007 14.17.55 140 byte 3 days old -- AC169.tmp
30/06/2007 14.18.26 124 byte 3 days old -- AC16A.tmp
30/06/2007 14.18.41 156 byte 3 days old -- AC16B.tmp
30/06/2007 14.28.45 198 byte 3 days old -- AC16E.tmp
30/06/2007 14.28.50 326 byte 3 days old -- AC16F.tmp
30/06/2007 14.39.32 286 byte 3 days old -- AC170.tmp
30/06/2007 14.45.52 144 byte 3 days old -- AC171.tmp
30/06/2007 14.45.59 242 byte 3 days old -- AC172.tmp
30/06/2007 14.55.53 122 byte 3 days old -- AC173.tmp
30/06/2007 15.28.40 128 byte 3 days old -- AC18B.tmp
30/06/2007 15.31.25 546 byte 3 days old -- dw.log
30/06/2007 15.39.28 114 byte 3 days old -- AC193.tmp
30/06/2007 15.39.56 130 byte 3 days old -- AC194.tmp
30/06/2007 20.02.19 160 byte 3 days old -- AC71.tmp
30/06/2007 20.30.30 134 byte 3 days old -- AC86.tmp
01/07/2007 00.21.24 100 byte 2 days old -- AC72.tmp
01/07/2007 00.22.00 154 byte 2 days old -- AC73.tmp
01/07/2007 00.22.12 104 byte 2 days old -- AC74.tmp
01/07/2007 00.22.26 110 byte 2 days old -- AC75.tmp
01/07/2007 00.22.39 112 byte 2 days old -- AC76.tmp
01/07/2007 00.22.52 120 byte 2 days old -- AC77.tmp
01/07/2007 00.23.05 100 byte 2 days old -- AC78.tmp
01/07/2007 00.26.10 100 byte 2 days old -- AC79.tmp
01/07/2007 00.26.22 112 byte 2 days old -- AC7A.tmp
01/07/2007 00.26.29 154 byte 2 days old -- AC82.tmp
01/07/2007 00.26.41 120 byte 2 days old -- AC83.tmp
01/07/2007 00.26.47 104 byte 2 days old -- AC84.tmp
01/07/2007 00.26.55 100 byte 2 days old -- AC85.tmp
01/07/2007 00.27.06 110 byte 2 days old -- AC87.tmp
01/07/2007 18.17.57 212 byte 2 days old -- AC88.tmp
01/07/2007 18.28.19 2282 byte 2 days old -- AC89.tmp
01/07/2007 18.29.06 184 byte 2 days old -- AC8A.tmp
01/07/2007 18.29.20 190 byte 2 days old -- AC8B.tmp
01/07/2007 18.29.32 152 byte 2 days old -- AC8C.tmp
01/07/2007 18.30.25 1488 byte 2 days old -- AC8D.tmp
01/07/2007 18.31.10 158 byte 2 days old -- AC8E.tmp
01/07/2007 18.55.21 212 byte 2 days old -- AC9B.tmp
01/07/2007 19.03.36 124 byte 2 days old -- AVRES_OPTRF_LiveUpdate.dat
01/07/2007 19.07.34 1685 byte 2 days old -- CLTDIST.log
01/07/2007 19.12.35 1864 byte 2 days old -- IDSinst.LOG
01/07/2007 19.12.43 2563 byte 2 days old -- SNDunin.log
01/07/2007 19.12.59 5877 byte 2 days old -- SYMEVENT.LOG
01/07/2007 19.13.04 8136194 byte 2 days old -- Norton Internet Security 2006 7-1-2007 19h1m31s.log
01/07/2007 22.46.36 12574 byte 2 days old -- java_install_reg.log
01/07/2007 23.50.04 96 byte 2 days old -- AC13A.tmp
01/07/2007 23.50.41 96 byte 2 days old -- AC13B.tmp
02/07/2007 11.32.24 16384 byte 1 days old -- Perflib_Perfdata_83c.dat
02/07/2007 11.34.05 65536 byte 1 days old -- ~DFB623.tmp
02/07/2007 11.34.05 16384 byte 1 days old -- ~DFB640.tmp
02/07/2007 11.34.05 65536 byte 1 days old -- ~DF7769.tmp
02/07/2007 11.34.05 16384 byte 1 days old -- ~DF777A.tmp
02/07/2007 12.58.40 172 byte 1 days old -- AC8F.tmp
02/07/2007 12.58.48 170 byte 1 days old -- AC90.tmp
02/07/2007 12.58.52 350 byte 1 days old -- AC91.tmp
02/07/2007 12.59.05 422 byte 1 days old -- AC92.tmp
02/07/2007 19.12.36 (DIR) 0 byte 1 days old -- msohtml1
03/07/2007 13.14.50 (DIR) 0 byte 0 days old -- MessengerCache
03/07/2007 17.57.05 16384 byte 0 days old -- Perflib_Perfdata_bfc.dat
03/07/2007 18.23.25 512 byte 0 days old -- ~DFD37A.tmp
03/07/2007 18.23.25 512 byte 0 days old -- ~DFCA8F.tmp
03/07/2007 18.23.25 16384 byte 0 days old -- ~WRF0001.tmp
03/07/2007 18.28.45 16384 byte 0 days old -- ~DF9A47.tmp
03/07/2007 18.28.45 (DIR) 0 byte 0 days old -- nsq9.tmp

==========================================
Scan completed in 0,1 minutes
End of report


Volevo chiederti posso continuare ad utlizzare msn ? perchè quando lo apro e parlo con un contatto mi arrivano ancora sti album di foto e chiudo subito.
E poi dato che mi connetto con il cellulare può essere infetto anche il telefonino??
Grazie sempre......
aspetto tuoi ordini
Vera
vedaila
Utente Junior
 
Post: 38
Iscritto il: 08/06/07 08:43

Postdi Luke57 » 03/07/07 17:59

Ciao, scarica
http://swandog46.geekstogo.com/avenger.zip
decomprimilo sul desktop

Scarica http://www.ccleaner.com/download/
(per eliminare i file temporanei)
quando lo installerai fai attenzione a non installare la toolbar di Yahoo..

Finita l'installazione, avvia CCleaner
da
Opzioni>Avanzate togli la spunta dalla casella "Cancella file in windows temp solo se più vecchi di 48 ore"

Ora portati nella finestra principale del programma e clicca su "Avvia CClenear"
Finita la scansione chiudi CCleaner.

Apri The Avenger (chiudi programmi e applicazioni, disattiva l'antovirus momentaneamente)

Seleziona l'opzione "Input Script Manually"
Clicca sulla lente d'ingrandimento

Ti si apre lafinestra "View/edit script"
All'interno del box bianco, copia e incolla (ctrl+v)il seguente script indicato in neretto:

files to delete:
C:\WINDOWS\system32\sysprinters.dll


Clicca sul pulsante Done
Clicca sull'icona del semaforo verde
Rispondi Yes
Il pc dovrebbe riavviarsi da solo, diversamente riavvialo manualmente-
Posta il report che trovi nella cartella C:\avenger.
E' possibile che sia infetto il telefonino, non ci capisco molto il quel settore però ;)
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi vedaila » 04/07/07 17:12

Allora Luke ho fatto ciò che mi hai detto, ecco il risultato di avenger:

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\brosvvdk

*******************

Script file located at: \??\C:\lsgvxixv.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\system32\sysprinters.dll deleted successfully.

Completed script processing.

*******************

Finished! Terminate.


PS per il messanger ivece che mi dici??Perchè invio e ricevo questi virus solo con un contatto. Devo eliminare il contatto?

Aspetto....
Baci
vedaila
Utente Junior
 
Post: 38
Iscritto il: 08/06/07 08:43

Postdi vedaila » 08/07/07 21:44

Luke....ti sei scordato di me?????Sicuramente avrai avuto da fare io aspetto una tua risposta .....baci
vedaila
Utente Junior
 
Post: 38
Iscritto il: 08/06/07 08:43

Postdi Luke57 » 08/07/07 22:42

vedaila ha scritto:Luke....ti sei scordato di me?????Sicuramente avrai avuto da fare io aspetto una tua risposta .....baci

Ciao, posta nuovo log di hijackthis per controllo, non sono esperto di messenger, puà darsi che tu debba eliminare il contatto.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi vedaila » 09/07/07 22:01

Ecco il log di Hijackthis:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 23.00.00, on 09/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Programmi\Norton Ghost\Agent\VProSvc.exe
C:\Programmi\Apoint\Apoint.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ICO.EXE
C:\Programmi\Sony\VAIO Power Management\SPMgr.exe
C:\Programmi\Sony\ISB Utility\ISBMgr.exe
C:\Programmi\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Programmi\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Programmi\Apoint\Apntex.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Norton Ghost\Agent\GhostTray.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programmi\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Programmi\Tuttogratis Alert\TgAlert.exe
C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\MSN Messenger\usnsvc.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\hijackthis\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com/en/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Programmi\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Programmi\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Programmi\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Programmi\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Programmi\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [zzz_ImInstaller_IncrediMail] C:\DOCUME~1\Ila\IMPOST~1\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [REGSHAVE] C:\Programmi\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Tuttogratis Alert.lnk = C:\Programmi\Tuttogratis Alert\TgAlert.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Aggiungi sito di supporto RSS a VAIO Information FLOW - C:\Programmi\Sony\VAIO Information FLOW\aiesc.html
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?1b2bdead7b5144a2868aebf53dc5dbea
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?1b2bdead7b5144a2868aebf53dc5dbea
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Trasferimento tramite Image Converter 2 Plus - C:\Programmi\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{5A7B984D-FD54-49A6-A665-E734E00707A2}: NameServer = 193.70.152.25 193.70.192.25
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Programmi\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Programmi\Norton Ghost\Agent\VProSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Programmi\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Programmi\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O24 - Desktop Component 0: (no name) - http://www.undo.net/Pressrelease/mappe/'+eleme+'.gif

--
End of file - 14200 bytes


Grazie ancora spetto tue notizie....Ciao
vedaila
Utente Junior
 
Post: 38
Iscritto il: 08/06/07 08:43

Postdi Luke57 » 10/07/07 07:32

Ciao, nel log non vedo niente, hai sempre segnalazioni dall'antivirus?
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi vedaila » 11/07/07 22:31

Ciao Luke.....allora ho ffettuato una nuova scansione e l'antivirus non ha riscontrato nessun file infetto. Però in quarentana che un file infetto: ptkdsf.exe....che faccio lo elimino???Grazie sempre
vedaila
Utente Junior
 
Post: 38
Iscritto il: 08/06/07 08:43

Postdi Luke57 » 11/07/07 22:46

Ciao, in quarantena è inoffensivo, puoi comunque eliminarlo definitivamente.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi vedaila » 12/07/07 11:46

ok allora lo elimino......quindi nn abbiamo più nessun virus??.....grazie sempre Luke!!!
vedaila
Utente Junior
 
Post: 38
Iscritto il: 08/06/07 08:43


Torna a Sicurezza e Privacy


Topic correlati a "AIUTATEMI A SCONFIGGERE TROJAN HORSE DOWNLOADER":

4K Video Downloader
Autore: valyfilm
Forum: Software Windows
Risposte: 2
4K Video Downloader
Autore: valyfilm
Forum: Discussioni
Risposte: 1

Chi c’è in linea

Visitano il forum: Nessuno e 24 ospiti