Home News Guide Hardware Download Forum Glossario

Condividi:        

virus

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Regole del forum
Rispondi al post

virus

Postdi palmike » 13/06/10 00:28

Ho aperto un file exe e mi si è aperta una finestra con termini strani... tipo quelle che si aprono prima di scaricare un programma... ho subito chiuso con la x in alto a destra... ma sembra che il virus abbia lo stesso attaccato.
Dopo pochi secondi si è chiuso il pc. Dopo averlo riaperto mi è saltata la connessione... dando un messaggio tipo "protocollo assente"... in seguito il pc continuava a dare strani segnali... tutti gli antivirus, antispyware e qaunt'altro sembra siano stati disinstallati. Il ripristino config di sistema non me lo permette.
CHE DEVO FARE?
palmike
Utente Junior
 
Post: 25
Iscritto il: 13/03/10 01:17
Top
Sponsor
 

Re: virus

Postdi shel » 13/06/10 09:34

ciao

scarica e avvia rkill

scarica combofix sul desktop
(non installare la recovery console)
esegui ComboFix.exe
- digita 1
- segui le instruzioni
- finita la scansione portati in C:\ e copia/incolla, nella tua prossima risposta, il contenuto del file di testo Combofix.txt
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56
Top

Re: virus

Postdi palmike » 13/06/10 14:47

sono riuscito a fare partire rkill... mi ha generato questo file di testo:

THIS LOG FILE IS LOCATED AT C:\RKILL.LOG
PLEASE POST THIS ONLY IF REQUESTED TO BY THE PERSON HELPING YOU
OTHERWISE YOU CAN CLOSE THIS LOG WHEN YOU WISH


Invece, combofix non parte.
Mi da un messaggio del tipo:
COMBOFIX.EXE NON E' UN'APPLICAZIONE DI WIN 32 VALIDA

Faccio presente che fra gli antivirus disabilitati in precedenza c'era anche combofix... e mi dava lo stesso messaggio... non me lo faceva partire.

Mi son reso conteo che altre periferiche, come audio etc non funzionano piu
palmike
Utente Junior
 
Post: 25
Iscritto il: 13/03/10 01:17
Top

Re: virus

Postdi shel » 13/06/10 14:51

....e certo che ti da' quell'errore, e' l'infezione che impedisce lo scaricamento di combofix (hai il worm bagle)

prova a rinominarlo durante il download con un nome di fantasia....se non ti riesce te lo invio rinominato
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56
Top

Re: virus

Postdi palmike » 13/06/10 23:20

cambiando nome sono riuscito...questo il log




ComboFix 10-06-12.04 - Utente 13/06/2010 21.46.19.7.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.511.312 [GMT 2:00]
Eseguito da: c:\documents and settings\Utente\Desktop\staminchia.exe
AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: AVG *On-access scanning disabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Utente\Dati applicazioni\drivers\downld
c:\documents and settings\Utente\Dati applicazioni\drivers\winupgro.exe
c:\documents and settings\Utente\Dati applicazioni\hidires
c:\documents and settings\Utente\Dati applicazioni\hidires\config\AC_BootstrapIPs.dat
c:\documents and settings\Utente\Dati applicazioni\hidires\config\AC_SearchStrings.dat
c:\documents and settings\Utente\Dati applicazioni\hidires\config\AC_ServerMetURLs.dat
c:\documents and settings\Utente\Dati applicazioni\hidires\config\cancelled.met
c:\documents and settings\Utente\Dati applicazioni\hidires\config\clients.met
c:\documents and settings\Utente\Dati applicazioni\hidires\config\clients.met.bak
c:\documents and settings\Utente\Dati applicazioni\hidires\config\cryptkey.dat
c:\documents and settings\Utente\Dati applicazioni\hidires\config\emfriends.met
c:\documents and settings\Utente\Dati applicazioni\hidires\config\key_index.dat
c:\documents and settings\Utente\Dati applicazioni\hidires\config\known.met
c:\documents and settings\Utente\Dati applicazioni\hidires\config\known2_64.met
c:\documents and settings\Utente\Dati applicazioni\hidires\config\load_index.dat
c:\documents and settings\Utente\Dati applicazioni\hidires\config\nodes.dat
c:\documents and settings\Utente\Dati applicazioni\hidires\config\preferences.dat
c:\documents and settings\Utente\Dati applicazioni\hidires\config\preferences.ini
c:\documents and settings\Utente\Dati applicazioni\hidires\config\preferencesKad.dat
c:\documents and settings\Utente\Dati applicazioni\hidires\config\server.met
c:\documents and settings\Utente\Dati applicazioni\hidires\config\server_met.old
c:\documents and settings\Utente\Dati applicazioni\hidires\config\shareddir.dat
c:\documents and settings\Utente\Dati applicazioni\hidires\config\src_index.dat
c:\documents and settings\Utente\Dati applicazioni\hidires\config\statistics.ini
c:\documents and settings\Utente\Dati applicazioni\hidires\config\StoredSearches.met
c:\documents and settings\Utente\Dati applicazioni\hidires\downloads.bak
c:\documents and settings\Utente\Dati applicazioni\hidires\downloads.txt
c:\documents and settings\Utente\Dati applicazioni\hidires\file.exe
c:\documents and settings\Utente\Dati applicazioni\hidires\flec003.exe
c:\documents and settings\Utente\Dati applicazioni\hidires\names.txt
c:\documents and settings\Utente\Dati applicazioni\hidires\server.txt
c:\documents and settings\Utente\lame_enc.dll
c:\documents and settings\Utente\lametritonus.dll
c:\windows\mdelk.exe
c:\windows\system32\srosa2.sys
c:\windows\system32\wfsintwq.sys
c:\windows\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SK9OU0S
-------\Service_sK9Ou0s


((((((((((((((((((((((((( Files Creati Da 2010-05-13 al 2010-06-13 )))))))))))))))))))))))))))))))))))
.

2010-06-12 16:57 . 2010-06-13 19:56 -------- d--h--w- c:\documents and settings\Utente\Dati applicazioni\drivers
2010-06-12 13:57 . 2010-05-19 17:09 892928 ----a-w- c:\windows\system32\iconv.dll
2010-06-12 13:49 . 2010-06-12 13:52 -------- d-----w- c:\programmi\YoutubeDownloader
2010-06-12 10:11 . 2010-06-12 10:11 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\Leawo
2010-06-12 10:10 . 2010-06-12 10:10 -------- d-----w- c:\programmi\Leawo
2010-06-11 05:09 . 2010-05-06 10:32 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-09 14:04 . 2010-06-09 14:04 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\Moyea
2010-05-19 11:52 . 2010-03-12 16:41 677232 ----a-w- c:\windows\system32\LCCoin32.dll
2010-05-19 11:49 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-05-19 11:49 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-05-19 11:49 . 2010-05-19 11:49 -------- d-----w- c:\windows\Logs
2010-05-19 11:34 . 2010-06-09 14:02 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\GetRightToGo

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-13 08:21 . 2008-11-25 11:31 -------- d-----w- c:\programmi\Rainlendar2
2010-06-13 08:11 . 2007-08-14 09:14 -------- d-----w- c:\programmi\Google
2010-06-13 08:09 . 2007-08-27 14:38 -------- d-----w- c:\programmi\Trust
2010-06-13 07:46 . 2007-08-14 09:13 -------- d-----w- c:\programmi\Java
2010-06-13 07:42 . 2007-08-06 14:46 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-06-13 07:31 . 2009-07-21 07:26 -------- d-----w- c:\programmi\Burraconline
2010-06-13 07:30 . 2008-04-18 15:05 -------- d-----w- c:\programmi\Virtual Earth 3D
2010-06-13 07:25 . 2007-08-06 15:02 -------- d-----w- c:\programmi\File comuni\Adobe
2010-06-12 18:20 . 2008-12-19 00:01 -------- d-----w- c:\programmi\E.M. PowerPoint Video Converter
2010-06-12 13:56 . 2008-12-19 08:15 -------- d-----w- c:\programmi\Wondershare
2010-06-11 08:22 . 2004-08-19 12:00 96482 ----a-w- c:\windows\system32\perfc010.dat
2010-06-11 08:22 . 2004-08-19 12:00 514662 ----a-w- c:\windows\system32\perfh010.dat
2010-06-10 17:31 . 2010-03-07 17:37 -------- d-----w- c:\programmi\Docfa4
2010-05-30 12:32 . 2010-03-26 19:44 443912 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Real\Update\setup3.10\setup.exe
2010-05-16 17:41 . 2010-03-19 09:37 400 ----a-w- c:\windows\system32\drivers\eaxext_302.set
2010-05-16 17:41 . 2010-03-19 09:37 400 ----a-w- c:\windows\system32\drivers\bcompbg979.dat
2010-05-13 14:45 . 2010-03-05 15:40 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Alice Mobile Olicard 100
2010-05-06 10:32 . 2004-08-19 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:06 . 2004-08-19 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-28 14:09 . 2010-04-28 14:09 -------- d-----w- c:\programmi\Alice Mobile Olicard 100
2010-04-28 14:08 . 2010-04-28 14:08 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\InstallShield
2010-04-24 16:40 . 2010-04-24 16:40 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\Avira
2010-04-24 16:34 . 2010-04-24 16:34 -------- d-----w- c:\programmi\Avira
2010-04-24 16:34 . 2008-10-13 09:01 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2010-04-23 23:35 . 2010-03-22 19:08 -------- d-----w- c:\programmi\Security Task Manager
2010-04-23 23:34 . 2007-11-28 08:42 -------- d-----w- c:\programmi\Corel
2010-04-23 23:33 . 2010-04-06 16:49 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Corel
2010-04-23 15:12 . 2008-05-27 11:10 -------- d-----w- c:\programmi\Macromedia
2010-04-23 14:46 . 2007-10-11 06:27 -------- d-----w- c:\programmi\TavoliVerdi
2010-04-23 14:46 . 2008-04-19 09:01 -------- d-----w- c:\programmi\Total Uninstall
2010-04-23 12:54 . 2010-04-02 07:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Alwil Software
2010-04-20 05:30 . 2004-08-19 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-15 18:42 . 2010-04-07 06:59 2828 --sha-w- c:\documents and settings\All Users\Dati applicazioni\Protexis\KGyGaAvL.sys
2010-04-15 17:44 . 2010-04-07 07:03 88 --sh--r- c:\documents and settings\All Users\Dati applicazioni\Protexis\C93D2E4574.sys
2010-04-14 20:34 . 2008-05-17 13:55 -------- d-----w- c:\programmi\MidiPlus 2.00
2010-04-14 20:33 . 2007-08-11 10:27 -------- d-----w- c:\programmi\Nokia
2010-04-14 20:32 . 2007-08-11 10:27 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Downloaded Installations
2010-04-12 17:30 . 2010-04-12 17:30 443912 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Real\Update\temp\~Upg1\setup.exe
2010-04-07 06:59 . 2007-08-12 09:39 112496 -c--a-w- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-04-06 17:00 . 2010-04-06 17:00 348256 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\1033\ResourceCache.dll
2010-04-06 16:57 . 2010-04-06 16:57 348256 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\VSTAHost\CorelDRAW\9.0\1033\ResourceCache.dll
2010-04-06 16:55 . 2010-04-06 16:55 416 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2010-03-17 14:56 . 2010-03-17 14:56 618 ----a-w- c:\programmi\Art-lantis 4.5.lnk
2008-04-28 17:46 . 2007-11-28 09:23 56 --sh--r- c:\windows\system32\5C34579C64.sys
2008-04-28 17:48 . 2007-11-28 08:47 3350 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

------- Sigcheck -------


[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 9425B72F40257B45D45D24773273DAD0 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9425B72F40257B45D45D24773273DAD0 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . 1CC09561E21A48A7F649A40F18235860 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . ACCF5A9A1FFAA490F33DBA1C632B95E1 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys
[7] 2004-08-19 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917953$\tcpip.sys

c:\windows\System32\drivers\beep.sys ... è mancante !!
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-05-18 5562368]
"nwiz"="nwiz.exe" [2005-05-18 1495040]
"ISUSPM Startup"="c:\programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2008-05-15 185896]
"hpqSRMon"="c:\programmi\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"VX3000"="c:\windows\vVX3000.exe" [2010-03-12 762736]
"RTHDCPL"="RTHDCPL.EXE" [2005-05-04 14396416]
"SoundMan"="SOUNDMAN.EXE" [2005-05-03 90112]
"AlcWzrd"="ALCWZRD.EXE" [2005-05-04 2805248]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"ConnMonitor"="c:\programmi\Alice Mobile Olicard 100\ConnMonitor.exe" [2009-06-18 401408]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Tasto di scelta rapida per l'avvio di AutoCAD.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Tasto di scelta rapida per l'avvio di AutoCAD.lnk
backup=c:\windows\pss\Tasto di scelta rapida per l'avvio di AutoCAD.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44 3883856 ----a-w- c:\programmi\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2005-03-10 16:43 688218 -c--a-w- c:\programmi\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
2005-03-10 16:44 98394 -c--a-w- c:\programmi\Synaptics\SynTP\SynTPLpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2008-05-15 10:28 185896 ----a-w- c:\programmi\File comuni\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2001-04-30 20:57 10752 -c--a-w- c:\programmi\Winamp\winampa.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"d:\\Documents and Settings\\michele\\Documenti\\palmike\\ftp\\WS_FTP95.exe"=
"c:\\Documents and Settings\\All Users\\Dati applicazioni\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\Italian\\setup.exe"=
"c:\\Programmi\\Metin2_Italiano\\metin2.bin"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\art-lantis 4.5\\Art-lantis.exe"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [11/03/2008 9.56.42 12424]
R2 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [11/03/2008 9.56.40 75272]
R3 CIR;Hid Device;c:\windows\system32\drivers\CIR.sys [20/05/2005 9.01.20 5120]
R3 kbd;Keyboard;c:\windows\system32\drivers\kbd.sys [20/05/2005 9.31.12 21504]
R3 Slazldrv;SmartLink AMR_PCI Driver;c:\windows\system32\drivers\SLDRV\slazldrv.sys [05/01/2005 2.48.42 226768]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;"c:\programmi\Avira\AntiVir Desktop\sched.exe" --> c:\programmi\Avira\AntiVir Desktop\sched.exe [?]
S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe --> c:\progra~1\AVG\AVG8\avgwdsvc.exe [?]
S3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [11/03/2008 9.53.40 22528]
S3 pmx3gmdm;Olivetti USB Device for Legacy Serial Communication;c:\windows\system32\drivers\pmx3gmdm.sys [13/05/2010 16.44.36 103552]
S3 pmx3gnet;Olivetti USB-NDIS miniport;c:\windows\system32\drivers\pmx3gnet.sys [13/05/2010 16.45.02 117120]
S3 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenuto della cartella 'Scheduled Tasks'

2010-06-13 c:\windows\Tasks\User_Feed_Synchronization-{C2E02079-801F-478B-AA25-291E05B4BAEA}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.michelepalamara.it/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uSearchAssistant = hxxp://www.google.com
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\6pc9wcar.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&ai=13054
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/home/?ai=13054
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - component: c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\6pc9wcar.default\extensions\{D02B1E87-A8C6-433f-9B5C-2CEC4A072736}\components\susfox3.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
.
------- Associazioni dei file -------
.
.scr=AutoCADScriptFile
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKCU-Run-Rainlendar2 - c:\programmi\Rainlendar2\Rainlendar2.exe
HKCU-Run-flec003.exe - c:\documents and settings\Utente\Dati applicazioni\hidires\flec003.exe
HKLM-Run-avgnt - c:\programmi\Avira\AntiVir Desktop\avgnt.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-QuickTime Task - c:\programmi\QuickTime\qttask.exe
MSConfigStartUp-SNPSTD2 - c:\windows\vsnpstd2.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-13 22:04
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(2512)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\slserv.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\SOUNDMAN.EXE
.
**************************************************************************
.
Ora fine scansione: 2010-06-13 22:14:47 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-06-13 20:14
ComboFix2.txt 2010-05-01 19:21
ComboFix3.txt 2010-04-24 17:09
ComboFix4.txt 2010-04-24 16:08
ComboFix5.txt 2010-06-13 19:38

Pre-Run: 3.017.576.448 byte disponibili
Post-Run: 3.529.932.800 byte disponibili

- - End Of File - - A772C170335EFBBDC6F1CF0B5868D472
palmike
Utente Junior
 
Post: 25
Iscritto il: 13/03/10 01:17
Top

Re: virus

Postdi shel » 14/06/10 07:19

una prima pulizia e' stata fatta, ora esegui i passaggi che ti indico

vai in C:\ ed elimina la cartella qoobox

controlla la societa' di questo file(tasto destro>>>proprieta') e analizzalo su virus total

c:\windows\system32\5C34579C64.sys

scarica ccleaner
installalo (deseleziona l'opzione che installa la barra di Yahoo) poi avvialo >Opzioni>Avanzate, togli la spunta a "cancella file windows più vecchi di 48 ore".
Poi premi "avvia pulizia".

clicca su Registro, nella pagina successiva clicca Trova problemi, poi al termine dello scan clicca su Ripara selezionati , risposndi di sì alla richiesta di salvare il backup (salvalo in una cartella a piacimento) poi ripara tutti gli elementi trovati. Riavvia il computer

scarica ATFCleaner

1) seleziona la casella Select All
2) clicca sul pulsante Empty selected
3) aspetta l'avviso Done Cleaning
(se usi opera o firefox,spunta anche le loro sezioni)



installa questo programma

chiudi tutte le applicazioni attive e disconnettiti dal internet, poi clicca sull'icona di FindyKill e nella finestra dos che si aprirà scrivi 2 e premi Invio. Attendi il termine della scansione e posta qui il log che trovi in C:\FindyKill.txt


vai in provvisoria se ti riesce altrimenti fai anche questa scansione da modalita' normale

scaricati elibagla
Ti sposti in fondo alla pagina e clicca sul bottone descarger elibagla

Salva il file sul desktop
Doppio click sull'icona per avviare il programma:

Metti il segno di spunta a eliminar ficheros automaticamente e clicca sul bottone Explorar.

Al termine della scansione, comunque sia andata, dovrai riavviare il pc.

Al riavvio, dovresti trovare il log C:\InfoSat.txt.
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56
Top

Re: virus

Postdi palmike » 15/06/10 13:09

Dato che lo dovevo fare da tempo... ho salvato i dati... e con f11 ho riportato la configurazione del sistema al momento dell'acquisto.
Sono rimasti però i software applicativi... per me meglio... ma è normale?
Ho installato l'antivirus daccapo ed è andata bene... ho rifatto il log con COMBOFIX... lo allego in due pezzi (troppi caratteri):

ComboFix 10-06-14.03 - Utente 15/06/2010 13.47.38.8.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.511.300 [GMT 2:00]
Eseguito da: c:\documents and settings\Utente\Desktop\staminchia.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00000002-0002-0000-7C25-9E7C08000A00}
AV: AVG *On-access scanning disabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}
.

((((((((((((((((((((((((( Files Creati Da 2010-05-15 al 2010-06-15 )))))))))))))))))))))))))))))))))))
.

2010-06-15 11:22 . 2010-06-15 11:22 -------- d-----w- c:\windows\LastGood
2010-06-15 11:22 . 2009-11-25 09:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-06-15 11:22 . 2009-03-30 07:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-06-15 11:22 . 2009-02-13 09:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-06-15 11:22 . 2009-02-13 09:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-06-15 11:22 . 2010-06-15 11:22 -------- d-----w- c:\programmi\Avira
2010-06-12 16:57 . 2010-06-13 19:56 -------- d--h--w- c:\documents and settings\Utente\Dati applicazioni\drivers
2010-06-12 13:57 . 2010-05-19 17:09 892928 ----a-w- c:\windows\system32\iconv.dll
2010-06-12 13:50 . 2010-01-20 10:13 52224 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\6pc9wcar.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
2010-06-12 13:50 . 2010-01-20 10:13 101376 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\6pc9wcar.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
2010-06-12 13:49 . 2010-06-12 13:52 -------- d-----w- c:\programmi\YoutubeDownloader
2010-06-12 10:11 . 2010-06-12 10:11 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\Leawo
2010-06-12 10:10 . 2010-06-12 10:10 -------- d-----w- c:\programmi\Leawo
2010-06-11 05:09 . 2010-05-06 10:32 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-09 14:04 . 2010-06-09 14:04 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\Moyea
2010-05-19 11:52 . 2010-03-12 16:41 677232 ----a-w- c:\windows\system32\LCCoin32.dll
2010-05-19 11:49 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-05-19 11:49 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-05-19 11:49 . 2010-05-19 11:49 -------- d-----w- c:\windows\Logs
2010-05-19 11:34 . 2010-06-09 14:02 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\GetRightToGo

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-15 11:22 . 2008-10-13 09:01 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2010-06-13 08:21 . 2008-11-25 11:31 -------- d-----w- c:\programmi\Rainlendar2
2010-06-13 08:11 . 2007-08-14 09:14 -------- d-----w- c:\programmi\Google
2010-06-13 08:09 . 2007-08-27 14:38 -------- d-----w- c:\programmi\Trust
2010-06-13 07:46 . 2007-08-14 09:13 -------- d-----w- c:\programmi\Java
2010-06-13 07:42 . 2007-08-06 14:46 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-06-13 07:31 . 2009-07-21 07:26 -------- d-----w- c:\programmi\Burraconline
2010-06-13 07:30 . 2008-04-18 15:05 -------- d-----w- c:\programmi\Virtual Earth 3D
2010-06-13 07:25 . 2007-08-06 15:02 -------- d-----w- c:\programmi\File comuni\Adobe
2010-06-12 18:20 . 2008-12-19 00:01 -------- d-----w- c:\programmi\E.M. PowerPoint Video Converter
2010-06-12 13:56 . 2008-12-19 08:15 -------- d-----w- c:\programmi\Wondershare
2010-06-11 08:22 . 2004-08-19 12:00 96482 ----a-w- c:\windows\system32\perfc010.dat
2010-06-11 08:22 . 2004-08-19 12:00 514662 ----a-w- c:\windows\system32\perfh010.dat
2010-06-10 17:31 . 2010-03-07 17:37 -------- d-----w- c:\programmi\Docfa4
2010-05-30 12:32 . 2010-03-26 19:44 443912 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Real\Update\setup3.10\setup.exe
2010-05-16 17:41 . 2010-03-19 09:37 400 ----a-w- c:\windows\system32\drivers\eaxext_302.set
2010-05-16 17:41 . 2010-03-19 09:37 400 ----a-w- c:\windows\system32\drivers\bcompbg979.dat
2010-05-13 14:45 . 2010-03-05 15:40 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Alice Mobile Olicard 100
2010-05-06 10:32 . 2004-08-19 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:06 . 2004-08-19 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-28 14:09 . 2010-04-28 14:09 -------- d-----w- c:\programmi\Alice Mobile Olicard 100
2010-04-28 14:08 . 2010-04-28 14:08 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\InstallShield
2010-04-23 23:35 . 2010-03-22 19:08 -------- d-----w- c:\programmi\Security Task Manager
2010-04-23 23:34 . 2007-11-28 08:42 -------- d-----w- c:\programmi\Corel
2010-04-23 23:33 . 2010-04-06 16:49 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Corel
2010-04-23 15:12 . 2008-05-27 11:10 -------- d-----w- c:\programmi\Macromedia
2010-04-23 14:46 . 2007-10-11 06:27 -------- d-----w- c:\programmi\TavoliVerdi
2010-04-23 14:46 . 2008-04-19 09:01 -------- d-----w- c:\programmi\Total Uninstall
2010-04-23 12:54 . 2010-04-02 07:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Alwil Software
2010-04-20 05:30 . 2004-08-19 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-15 18:42 . 2010-04-07 06:59 2828 --sha-w- c:\documents and settings\All Users\Dati applicazioni\Protexis\KGyGaAvL.sys
2010-04-15 17:44 . 2010-04-07 07:03 88 --sh--r- c:\documents and settings\All Users\Dati applicazioni\Protexis\C93D2E4574.sys
2010-04-12 17:30 . 2010-04-12 17:30 443912 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Real\Update\temp\~Upg1\setup.exe
2010-04-07 06:59 . 2007-08-12 09:39 112496 -c--a-w- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-04-06 17:00 . 2010-04-06 17:00 348256 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\1033\ResourceCache.dll
2010-04-06 16:57 . 2010-04-06 16:57 348256 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\VSTAHost\CorelDRAW\9.0\1033\ResourceCache.dll
2010-04-06 16:55 . 2010-04-06 16:55 416 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2010-03-17 14:56 . 2010-03-17 14:56 618 ----a-w- c:\programmi\Art-lantis 4.5.lnk
2008-04-28 17:46 . 2007-11-28 09:23 56 --sh--r- c:\windows\system32\5C34579C64.sys
2008-04-28 17:48 . 2007-11-28 08:47 3350 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

------- Sigcheck -------


[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 9425B72F40257B45D45D24773273DAD0 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9425B72F40257B45D45D24773273DAD0 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . 1CC09561E21A48A7F649A40F18235860 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . ACCF5A9A1FFAA490F33DBA1C632B95E1 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys
[7] 2004-08-19 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917953$\tcpip.sys

c:\windows\System32\drivers\beep.sys ... è mancante !!
.
((((((((((((((((((((((((((((( SnapShot@2010-04-24_16.04.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-09-22 23:35 . 2005-09-22 23:35 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll
- 2004-08-19 15:39 . 2008-04-14 02:14 23552 c:\windows\system32\wdmaud.drv
+ 2004-08-19 15:39 . 2004-08-19 12:00 23552 c:\windows\system32\wdmaud.drv
- 2007-01-29 08:58 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe
+ 2007-01-29 08:58 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
- 2010-03-31 22:23 . 2009-05-26 11:41 18808 c:\windows\system32\spmsg.dll
+ 2010-05-26 07:21 . 2009-05-26 11:41 18808 c:\windows\system32\spmsg.dll
- 2004-08-19 12:00 . 2010-03-28 08:18 80784 c:\windows\system32\perfc009.dat
+ 2004-08-19 12:00 . 2010-06-11 08:22 80784 c:\windows\system32\perfc009.dat
+ 2006-10-12 09:57 . 2006-10-12 09:57 14336 c:\windows\system32\P7311USD.dll
+ 2006-10-12 09:57 . 2006-10-12 09:57 14336 c:\windows\system32\P207USD.dll
+ 2007-08-13 16:54 . 2010-05-06 10:32 55296 c:\windows\system32\msfeedsbs.dll
- 2007-08-13 16:54 . 2010-02-25 06:16 55296 c:\windows\system32\msfeedsbs.dll
+ 2007-08-06 14:49 . 2010-04-25 07:33 10246 c:\windows\system32\Lang\TradChin.bin
+ 2007-08-06 14:49 . 2010-04-25 07:33 12264 c:\windows\system32\Lang\Thai.bin
+ 2007-08-06 14:49 . 2010-04-25 07:33 13565 c:\windows\system32\Lang\SWEDISH.bin
+ 2007-08-06 14:49 . 2010-04-25 07:33 15521 c:\windows\system32\Lang\Spanish.bin
+ 2007-08-06 14:49 . 2010-04-25 07:33 15530 c:\windows\system32\Lang\Russian.bin
+ 2007-08-06 14:49 . 2010-04-25 07:33 14672 c:\windows\system32\Lang\Portuguese.bin
+ 2007-08-06 14:49 . 2010-04-25 07:33 11441 c:\windows\system32\Lang\Korean.bin
+ 2007-08-06 14:49 . 2010-04-25 07:33 13377 c:\windows\system32\Lang\Japanese.bin
+ 2007-08-06 14:49 . 2010-04-25 07:33 15739 c:\windows\system32\Lang\Italian.bin
+ 2007-08-06 14:49 . 2010-04-25 07:33 14920 c:\windows\system32\Lang\German.bin
+ 2007-08-06 14:49 . 2010-04-25 07:33 15407 c:\windows\system32\Lang\French.bin
+ 2007-08-06 14:49 . 2010-04-25 07:33 12220 c:\windows\system32\Lang\English.bin
+ 2007-08-06 14:49 . 2010-04-25 07:33 14502 c:\windows\system32\Lang\Dutch.bin
+ 2007-08-06 14:49 . 2010-04-25 07:33 13851 c:\windows\system32\Lang\Danish.bin
+ 2007-08-06 14:49 . 2010-04-25 07:33 11835 c:\windows\system32\Lang\Arabic.bin
- 2004-08-19 12:00 . 2010-02-25 06:16 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-19 12:00 . 2010-05-06 10:32 25600 c:\windows\system32\jsproxy.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 32752 c:\windows\system32\DRVSTORE\VX6000_9648EB73F22649513FDB41D9DBE93A30CFBB20BE\VX6KCamd.sys
+ 2010-05-19 11:52 . 2010-03-12 16:41 30576 c:\windows\system32\DRVSTORE\nx6000_10AD66443DAE2DB69559C3E8E9859F3D506972EC\nx6000.sys
+ 2010-05-19 11:52 . 2010-03-12 16:41 39280 c:\windows\system32\DRVSTORE\nx6000_10AD66443DAE2DB69559C3E8E9859F3D506972EC\1040\nx6000res.dll
+ 2004-08-03 23:08 . 2004-08-19 12:00 48640 c:\windows\system32\drivers\stream.sys
+ 2010-06-15 11:22 . 2009-05-11 07:12 28520 c:\windows\system32\drivers\ssmdrv.sys
+ 2007-08-06 14:40 . 2004-08-03 21:08 60288 c:\windows\system32\drivers\drmk.sys
+ 2009-12-25 23:28 . 2010-05-06 10:32 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-12-25 23:28 . 2010-02-25 06:16 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2004-08-03 23:08 . 2004-08-19 12:00 48640 c:\windows\system32\dllcache\stream.sys
+ 2008-09-08 10:30 . 2010-05-06 10:32 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-09-08 10:30 . 2010-02-25 06:16 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2004-08-19 12:00 . 2010-02-25 06:16 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-19 12:00 . 2010-05-06 10:32 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-08-06 14:40 . 2004-08-03 21:08 60288 c:\windows\system32\dllcache\drmk.sys
+ 2010-03-05 14:38 . 2010-03-05 14:38 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2007-08-06 11:00 . 2010-05-01 18:18 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat
- 2007-08-06 11:00 . 2010-04-23 13:11 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat
+ 2004-08-19 12:00 . 2010-03-05 14:38 65536 c:\windows\system32\asycfilt.dll
- 2008-07-29 17:16 . 2008-07-29 17:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-03-23 03:31 . 2010-03-23 03:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2010-05-19 11:47 . 2010-05-19 11:47 79360 c:\windows\Installer\1f9710.msi
+ 2010-06-09 14:04 . 2010-06-09 14:04 99328 c:\windows\Installer\1d96d29.msi
+ 2010-05-16 20:32 . 2010-05-16 20:32 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
- 2008-03-08 18:43 . 2010-04-14 23:03 90112 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2008-03-08 18:43 . 2010-06-11 08:04 90112 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2008-03-08 18:43 . 2010-06-11 08:04 45056 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2008-03-08 18:43 . 2010-04-14 23:03 45056 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2008-03-08 18:43 . 2010-04-14 23:03 22528 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2008-03-08 18:43 . 2010-06-11 08:04 22528 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2008-03-08 18:43 . 2010-04-14 23:03 30720 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2008-03-08 18:43 . 2010-06-11 08:04 30720 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2008-03-08 18:43 . 2010-04-14 23:03 16384 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2008-03-08 18:43 . 2010-06-11 08:04 16384 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2008-03-08 18:43 . 2010-06-11 08:04 34304 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2008-03-08 18:43 . 2010-04-14 23:03 34304 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2008-03-08 18:43 . 2010-06-11 08:04 81920 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
- 2008-03-08 18:43 . 2010-04-14 23:03 81920 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
- 2010-04-14 23:08 . 2010-04-14 23:08 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2010-06-11 08:43 . 2010-06-11 08:43 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2007-08-06 11:09 . 2010-04-14 23:04 23040 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2007-08-06 11:09 . 2010-06-11 08:48 23040 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2007-08-06 11:09 . 2010-06-11 08:48 61440 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2007-08-06 11:09 . 2010-04-14 23:04 61440 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2007-08-06 11:09 . 2010-06-11 08:48 27136 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2007-08-06 11:09 . 2010-04-14 23:04 27136 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2007-08-06 11:09 . 2010-04-14 23:04 11264 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2007-08-06 11:09 . 2010-06-11 08:48 11264 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2007-08-06 11:09 . 2010-04-14 23:04 86016 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2007-08-06 11:09 . 2010-06-11 08:48 86016 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2007-08-06 11:09 . 2010-06-11 08:48 12288 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2007-08-06 11:09 . 2010-04-14 23:04 12288 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2010-06-11 08:36 . 2010-02-25 06:16 12800 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2010-06-11 08:36 . 2010-02-25 06:16 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2010-06-11 08:36 . 2010-02-25 06:16 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2010-06-11 08:38 . 2010-06-11 08:38 80384 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\c24584545bacf4c51d77c82900707d43\WindowsFormsIntegration.Package.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\1c1629f536fa9874ef08d09fb19ab0f0\System.Windows.Presentation.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\1464c662c302ea6372a885161b983732\System.Web.DynamicData.Design.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\5d535ecadf77ac2d9278a1661beb2855\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-06-11 08:26 . 2010-06-11 08:26 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\e67992626a30603458b0df22841c2423\PresentationFontCache.ni.exe
+ 2010-06-11 08:24 . 2010-06-11 08:24 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\6be27d744e6e2bfc4b0e25bd2998ef7c\PresentationCFFRasterizer.ni.dll
+ 2010-06-11 09:46 . 2010-06-11 09:46 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\4a52287444c36c89310856b38ff52fe0\Microsoft.Vsa.ni.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-08-17 00:53 . 2009-08-17 00:53 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-06-11 08:24 . 2010-06-11 08:24 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-05-12 20:46 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB978542\update\spcustom.dll
+ 2010-05-12 20:46 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB978542\spmsg.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2007-08-06 14:49 . 2010-04-25 07:33 9522 c:\windows\system32\Lang\SimChin.bin
- 2007-08-06 14:40 . 2008-04-14 02:13 4096 c:\windows\system32\ksuser.dll
+ 2007-08-06 14:40 . 2004-08-19 13:39 4096 c:\windows\system32\ksuser.dll
+ 2007-08-06 14:40 . 2004-08-19 13:39 4096 c:\windows\system32\dllcache\ksuser.dll
- 2008-03-08 18:43 . 2010-04-14 23:03 3584 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2008-03-08 18:43 . 2010-06-11 08:04 3584 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2008-03-08 18:43 . 2010-06-11 08:04 8192 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2008-03-08 18:43 . 2010-04-14 23:03 8192 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2008-03-08 18:43 . 2010-04-14 23:03 2560 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2008-03-08 18:43 . 2010-06-11 08:04 2560 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2007-08-06 11:09 . 2010-06-11 08:48 4096 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2007-08-06 11:09 . 2010-04-14 23:04 4096 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2009-10-14 21:59 . 2009-10-14 21:59 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-10-14 21:59 . 2009-10-14 21:59 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-10-14 21:59 . 2009-10-14 21:59 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2010-03-12 10:15 . 2010-03-12 16:41 101744 c:\windows\VX3000.dll
+ 2010-03-12 10:15 . 2010-03-12 16:41 762736 c:\windows\vVX3000.exe
+ 2010-03-12 10:15 . 2010-03-12 16:41 227696 c:\windows\vVX3000.dll
+ 2010-03-12 10:15 . 2010-03-12 16:41 621424 c:\windows\twain_32\VX3000\TwainUI.dll
+ 2007-07-25 08:24 . 2008-10-08 07:25 606208 c:\windows\system32\xvidcore.dll
+ 2008-04-19 07:15 . 2010-06-12 18:21 238660 c:\windows\system32\Restore\rstrlog.dat
+ 2004-08-19 12:00 . 2010-06-11 08:22 463952 c:\windows\system32\perfh009.dat
- 2004-08-19 12:00 . 2010-03-28 08:18 463952 c:\windows\system32\perfh009.dat
- 2004-08-19 12:00 . 2010-02-25 06:16 206848 c:\windows\system32\occache.dll
+ 2004-08-19 12:00 . 2010-05-06 10:32 206848 c:\windows\system32\occache.dll
+ 2004-08-19 12:00 . 2010-05-06 10:32 611840 c:\windows\system32\mstime.dll
- 2004-08-19 12:00 . 2010-02-25 06:16 611840 c:\windows\system32\mstime.dll
+ 2007-08-13 16:54 . 2010-05-06 10:32 599040 c:\windows\system32\msfeeds.dll
+ 2007-08-06 10:46 . 2010-01-29 14:59 691712 c:\windows\system32\inetcomm.dll
- 2007-08-06 10:46 . 2008-04-11 19:04 691712 c:\windows\system32\inetcomm.dll
- 2004-08-19 12:00 . 2010-02-25 06:16 184320 c:\windows\system32\iepeers.dll
+ 2004-08-19 12:00 . 2010-05-06 10:32 184320 c:\windows\system32\iepeers.dll
- 2004-08-19 12:00 . 2010-02-25 06:16 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-19 12:00 . 2010-05-06 10:32 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-19 12:00 . 2010-02-24 09:56 173056 c:\windows\system32\ie4uinit.exe
+ 2004-08-19 12:00 . 2010-05-05 13:30 173056 c:\windows\system32\ie4uinit.exe
- 2007-08-06 12:32 . 2010-04-06 21:13 382424 c:\windows\system32\FNTCACHE.DAT
+ 2007-08-06 12:32 . 2010-06-11 08:54 382424 c:\windows\system32\FNTCACHE.DAT
+ 2010-05-19 11:52 . 2010-03-12 16:41 623984 c:\windows\system32\DRVSTORE\VX6000_9648EB73F22649513FDB41D9DBE93A30CFBB20BE\VX6KTUI.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 764784 c:\windows\system32\DRVSTORE\VX6000_9648EB73F22649513FDB41D9DBE93A30CFBB20BE\vVX6000.exe
+ 2010-05-19 11:52 . 2010-03-12 16:41 577392 c:\windows\system32\DRVSTORE\VX6000_9648EB73F22649513FDB41D9DBE93A30CFBB20BE\vVX6000.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 677232 c:\windows\system32\DRVSTORE\VX6000_9648EB73F22649513FDB41D9DBE93A30CFBB20BE\LCCoin32.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 175472 c:\windows\system32\DRVSTORE\VX6000_9648EB73F22649513FDB41D9DBE93A30CFBB20BE\cVX6000.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 102256 c:\windows\system32\DRVSTORE\VX6000_9648EB73F22649513FDB41D9DBE93A30CFBB20BE\1040\VX6000.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 762736 c:\windows\system32\DRVSTORE\VX3000_A17A82730C7D038541072034CDAF4B2504049C63\vVX3000.exe
+ 2010-05-19 11:52 . 2010-03-12 16:41 227696 c:\windows\system32\DRVSTORE\VX3000_A17A82730C7D038541072034CDAF4B2504049C63\vVX3000.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 621424 c:\windows\system32\DRVSTORE\VX3000_A17A82730C7D038541072034CDAF4B2504049C63\TwainUI.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 677232 c:\windows\system32\DRVSTORE\VX3000_A17A82730C7D038541072034CDAF4B2504049C63\LCCoin32.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 175472 c:\windows\system32\DRVSTORE\VX3000_A17A82730C7D038541072034CDAF4B2504049C63\cVX3000.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 101744 c:\windows\system32\DRVSTORE\VX3000_A17A82730C7D038541072034CDAF4B2504049C63\1040\VX3000.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 762736 c:\windows\system32\DRVSTORE\VX1000_BCE047AC83D5D72E7E25B0A5BCCBA21F4DB8D4F4\vVX1000.exe
+ 2010-05-19 11:52 . 2010-03-12 16:41 227696 c:\windows\system32\DRVSTORE\VX1000_BCE047AC83D5D72E7E25B0A5BCCBA21F4DB8D4F4\vVX1000.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 621424 c:\windows\system32\DRVSTORE\VX1000_BCE047AC83D5D72E7E25B0A5BCCBA21F4DB8D4F4\TwainUI.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 677232 c:\windows\system32\DRVSTORE\VX1000_BCE047AC83D5D72E7E25B0A5BCCBA21F4DB8D4F4\LCCoin32.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 175472 c:\windows\system32\DRVSTORE\VX1000_BCE047AC83D5D72E7E25B0A5BCCBA21F4DB8D4F4\cVX1000.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 101744 c:\windows\system32\DRVSTORE\VX1000_BCE047AC83D5D72E7E25B0A5BCCBA21F4DB8D4F4\1040\VX1000.dll
+ 2010-04-28 14:09 . 2009-03-26 06:14 103552 c:\windows\system32\DRVSTORE\pmxser_309BA07ACAED9B7145D43886A1B20FE93AB6920C\pmx3gmdm.sys
+ 2010-04-28 14:09 . 2009-03-26 06:14 117120 c:\windows\system32\DRVSTORE\pmxnet_21A2A52C65058CC6C2791C3A6C8DCFE4A2BB28A2\pmx3gnet.sys
+ 2010-04-28 14:09 . 2009-03-26 06:14 103552 c:\windows\system32\DRVSTORE\pmxmdm_309BA07ACAED9B7145D43886A1B20FE93AB6920C\pmx3gmdm.sys
+ 2010-05-19 11:52 . 2010-03-12 16:41 677232 c:\windows\system32\DRVSTORE\nx6000_10AD66443DAE2DB69559C3E8E9859F3D506972EC\LCCoin32.dll
+ 2004-03-16 08:58 . 2004-03-16 08:58 136960 c:\windows\system32\drivers\portcls.sys
+ 2010-05-13 14:45 . 2009-03-26 06:14 117120 c:\windows\system32\drivers\pmx3gnet.sys
+ 2010-05-13 14:44 . 2009-03-26 06:14 103552 c:\windows\system32\drivers\pmx3gmdm.sys
+ 2004-08-03 23:15 . 2004-08-19 12:00 140928 c:\windows\system32\drivers\ks.sys
- 2004-08-19 12:00 . 2010-02-25 06:16 916480 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-19 12:00 . 2010-05-06 10:32 916480 c:\windows\system32\dllcache\wininet.dll
+ 2004-03-16 08:58 . 2004-03-16 08:58 136960 c:\windows\system32\dllcache\portcls.sys
+ 2004-08-19 12:00 . 2010-05-06 10:32 206848 c:\windows\system32\dllcache\occache.dll
- 2004-08-19 12:00 . 2010-02-25 06:16 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-19 12:00 . 2010-05-06 10:32 611840 c:\windows\system32\dllcache\mstime.dll
- 2004-08-19 12:00 . 2010-02-25 06:16 611840 c:\windows\system32\dllcache\mstime.dll
+ 2008-09-08 10:30 . 2010-05-06 10:32 599040 c:\windows\system32\dllcache\msfeeds.dll
+ 2004-08-03 23:15 . 2004-08-19 12:00 140928 c:\windows\system32\dllcache\ks.sys
+ 2008-08-28 14:41 . 2010-01-29 14:59 691712 c:\windows\system32\dllcache\inetcomm.dll
- 2008-08-28 14:41 . 2008-04-11 19:04 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-12-25 23:28 . 2010-05-06 10:32 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-12-25 23:28 . 2010-02-25 06:16 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2004-08-19 12:00 . 2010-05-06 10:32 184320 c:\windows\system32\dllcache\iepeers.dll
- 2004-08-19 12:00 . 2010-02-25 06:16 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-19 12:00 . 2010-05-06 10:32 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-19 12:00 . 2010-02-25 06:16 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-19 12:00 . 2010-05-05 13:30 173056 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-19 12:00 . 2010-02-24 09:56 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2010-04-20 05:30 . 2010-04-20 05:30 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2010-03-12 10:15 . 2010-03-12 16:41 175472 c:\windows\system32\cVX3000.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
- 2008-07-29 17:16 . 2008-07-29 17:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-03-23 03:31 . 2010-03-23 03:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2008-07-25 09:17 . 2008-07-25 09:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-02-09 10:22 . 2010-02-09 10:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-02-24 22:14 . 2010-02-24 22:14 543232 c:\windows\Installer\a9a259.msp
- 2008-03-08 18:43 . 2010-04-14 23:03 114688 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2008-03-08 18:43 . 2010-06-11 08:04 114688 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2008-03-08 18:43 . 2010-06-11 08:04 167936 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2008-03-08 18:43 . 2010-04-14 23:03 167936 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2007-08-06 11:09 . 2010-04-14 23:04 409600 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-08-06 11:09 . 2010-06-11 08:48 409600 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-08-06 11:09 . 2010-06-11 08:48 286720 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-08-06 11:09 . 2010-04-14 23:04 286720 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-08-06 11:09 . 2010-04-14 23:04 249856 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2007-08-06 11:09 . 2010-06-11 08:48 249856 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2007-08-06 11:09 . 2010-04-14 23:04 794624 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2007-08-06 11:09 . 2010-06-11 08:48 794624 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2007-08-06 11:09 . 2010-04-14 23:04 135168 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2007-08-06 11:09 . 2010-06-11 08:48 135168 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2007-08-06 11:09 . 2010-06-11 08:48 593920 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2007-08-06 11:09 . 2010-04-14 23:04 593920 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2010-06-11 08:36 . 2010-02-25 06:16 916480 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2010-06-11 08:36 . 2010-02-22 14:27 402296 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2010-06-11 08:36 . 2008-07-08 13:06 233848 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2010-06-11 08:36 . 2010-02-25 06:16 206848 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2010-06-11 08:36 . 2010-02-25 06:16 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2010-06-11 08:36 . 2010-02-25 06:16 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2010-06-11 08:36 . 2010-02-25 06:16 247808 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2010-06-11 08:36 . 2010-02-25 06:16 184320 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2010-06-11 08:36 . 2009-03-08 03:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2010-06-11 08:36 . 2010-02-25 06:16 387584 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2010-06-11 08:36 . 2010-02-24 09:56 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2010-06-11 08:37 . 2010-06-11 08:37 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\4d07b1ccecca66f320c1a0971dd614d1\WsatConfig.ni.exe
+ 2010-06-11 08:38 . 2010-06-11 08:38 198656 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\b5462bbbc218d158e6f2555b9aa6be1c\WindowsFormsIntegration.Design.ni.dll
+ 2010-06-11 08:31 . 2010-06-11 08:31 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a7c702f75d47bf841b9587e582c2d0b2\WindowsFormsIntegration.ni.dll
+ 2010-06-11 08:31 . 2010-06-11 08:31 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\3a78043c85333d5af49a0d958912ae4a\UIAutomationClient.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\747e84d81d1de2041661f0f71b04734a\System.Xml.Linq.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d51dfbd8d5431eb89181baaa24863e15\System.Web.Routing.ni.dll
+ 2010-06-11 08:45 . 2010-06-11 08:45 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\436dde9611932489da3dc8a1be170843\System.Web.RegularExpressions.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e8ef769b3e899e62b26daadee50b97ed\System.Web.Extensions.Design.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\ce3b446b7bee5c47949c994ec89b1649\System.Web.Entity.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\ad04fe1182e55e7c01066b62a4bee6b5\System.Web.Entity.Design.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\20ba0d4d182a1a9c1f54c00d3bc29a68\System.Web.DynamicData.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c97ecf9250c2f0794262534f27f98b72\System.Web.Abstractions.ni.dll
+ 2010-06-11 08:45 . 2010-06-11 08:45 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9c56656c88979cf18de6cbcb6587ba8f\System.Transactions.ni.dll
+ 2010-06-11 08:45 . 2010-06-11 08:45 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll
+ 2010-06-11 08:39 . 2010-06-11 08:39 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\42b2ffb594dbd5652a576a0dce28722c\System.Security.ni.dll
+ 2010-06-11 08:39 . 2010-06-11 08:39 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3231473e2ec4451c8f218930fda80d19\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-06-11 09:46 . 2010-06-11 09:46 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\f90965b9d9a6a6604c9a66f57c37c026\System.Net.ni.dll
+ 2010-06-11 09:20 . 2010-06-11 09:20 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\16670b6870746e5a8dc4a73a76a90bed\System.Management.ni.dll
+ 2010-06-11 09:20 . 2010-06-11 09:20 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e6bd59fec415e273c173170c6508180a\System.Management.Instrumentation.ni.dll
+ 2010-06-11 08:33 . 2010-06-11 08:33 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\e3eb86170cba4c80e6e22ca33c63c218\System.IO.Log.ni.dll
+ 2010-06-11 08:38 . 2010-06-11 08:38 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cfa48936affc9a5fb89f0bf66cc52a47\System.IdentityModel.Selectors.ni.dll
+ 2010-06-11 08:45 . 2010-06-11 08:45 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.Wrapper.dll
+ 2010-06-11 08:45 . 2010-06-11 08:45 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.ni.dll
+ 2010-06-11 08:30 . 2010-06-11 08:30 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\aeba6820f20655dec7fe0fe05aaeb818\System.Drawing.Design.ni.dll
+ 2010-06-11 08:45 . 2010-06-11 08:45 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\9ef70079beca3a9982a3aa76ebc0ddd8\System.DirectoryServices.Protocols.ni.dll
+ 2010-06-11 09:20 . 2010-06-11 09:20 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\277619716d9136216065bea970365c65\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-06-11 09:20 . 2010-06-11 09:20 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\90b67e13866b176ae6cbdb23144f724d\System.Data.Services.Client.ni.dll
+ 2010-06-11 09:20 . 2010-06-11 09:20 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\131a477d41a8669b15696128b94c2636\System.Data.Services.Design.ni.dll
+ 2010-06-11 09:20 . 2010-06-11 09:20 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\d4990681ce373d81a52b231ee4c4afea\System.Data.Entity.Design.ni.dll
+ 2010-06-11 09:19 . 2010-06-11 09:19 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\9e9d66a3a0e16fceead505c25af569eb\System.Data.DataSetExtensions.ni.dll
+ 2010-06-11 08:39 . 2010-06-11 08:39 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
+ 2010-06-11 08:45 . 2010-06-11 08:45 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\39e4f9a276fb12125d8a1444d8b65a84\System.Configuration.Install.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\849916c5cb3ff7763d15a3976766c2f6\System.AddIn.ni.dll
+ 2010-06-11 08:37 . 2010-06-11 08:37 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\f38a426b90e6c526dcb2c435c7380450\SMSvcHost.ni.exe
+ 2010-06-11 08:36 . 2010-06-11 08:36 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6cabc7d1700c224e8b41ff2f96a3087c\SMDiagnostics.ni.dll
+ 2010-06-11 08:36 . 2010-06-11 08:36 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5c8f5ca36498f43980d64820d8186c8a\ServiceModelReg.ni.exe
+ 2010-06-11 08:27 . 2010-06-11 08:27 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ae733e4062edba3a33bb0a632bef66bf\PresentationFramework.Royale.ni.dll
+ 2010-06-11 08:27 . 2010-06-11 08:27 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3ffad524016f0aba7b11a8aa33301a65\PresentationFramework.Aero.ni.dll
+ 2010-06-11 08:27 . 2010-06-11 08:27 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\201968d038a23a4688310fed1eeaddaa\PresentationFramework.Classic.ni.dll
+ 2010-06-11 08:27 . 2010-06-11 08:27 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ead87ca8eb84c595c77c70e3b2df88d\PresentationFramework.Luna.ni.dll
+ 2010-06-11 08:45 . 2010-06-11 08:45 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7700963610c1af364aa934c3c824b7b4\MSBuild.ni.exe
+ 2010-06-11 09:18 . 2010-06-11 09:18 438272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\b12606096b32f042feb2c076a2deaaa3\Microsoft.Windows.Design.Extensibility.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 503296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\9195c5f8179f94bd8efdce1580e06a35\Microsoft.Windows.Design.Interaction.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 353792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\471440ecc78e7afb57a74f413704c5c2\Microsoft.Windows.Design.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 802304 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e1fea710af94d884288b5536f0a43257\Microsoft.VisualStudio.Tools.Applications.Project.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 861696 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\df171bcb8505fef0fe5eea6a4f29c865\Microsoft.VisualStudio.Modeling.Sdk.Shell.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 173568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d4d1464207acada6997c654f5221d21c\Microsoft.VisualStudio.TextTemplating.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 513024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\945311d6eae298d7da376db12e204f47\Microsoft.VisualStudio.Shell.Design.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 640512 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\7681af2f814486a56382b02e463f3861\Microsoft.VisualStudio.Xaml.LanguageService.ni.dll
+ 2010-06-11 08:49 . 2010-06-11 08:49 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\741b42ca38c9ea3d0be155fc23e58926\Microsoft.VisualStudio.Configuration.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 198656 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\71964d6393c93187a293b7f0bc8fcdab\Microsoft.VisualStudio.Tools.Applications.DesignTime.v9.0.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 300032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\62dd0080828f0765e51486773e7aa10f\Microsoft.VisualStudio.Tools.Applications.ProgrammingModel.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\532438adfab74cfabb2c79ce726bbced\Microsoft.VisualStudio.TextTemplating.VSHost.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 822272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\4fe9f4a0758625608052fd3045ba4a08\Microsoft.VisualStudio.Shell.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 876032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3d1c49100664ef591f5440e71381784d\Microsoft.VisualStudio.Shell.9.0.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 159744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0b4baf85ced3da8f194ddcbe2813c331\Microsoft.VisualStudio.WizardFramework.ni.dll
+ 2010-06-11 08:36 . 2010-06-11 08:36 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\c74d4c69c49992dfb23ba512081dc3de\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-06-11 08:47 . 2010-06-11 08:47 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\a6a9f24b1a8984eaafbabb1ee968e359\Microsoft.Build.Utilities.ni.dll
+ 2010-06-11 08:47 . 2010-06-11 08:47 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\2fa81d363cb1496be2427d848a867409\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-06-11 08:46 . 2010-06-11 08:46 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\c4c360df9c1024ebc3f0de77f5cf8b1c\Microsoft.Build.Engine.ni.dll
+ 2010-06-11 08:46 . 2010-06-11 08:46 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\c9386dcd89c2518a74115f3bfd861830\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-06-11 08:36 . 2010-06-11 08:36 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\abb62e3ed74c974f0282bc7ea5d3f1c1\ComSvcConfig.ni.exe
+ 2010-06-11 08:37 . 2010-06-11 08:37 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\6d34f00b6a782d15bec70d6cdb00b5e8\AspNetMMCExt.ni.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
palmike
Utente Junior
 
Post: 25
Iscritto il: 13/03/10 01:17
Top

Re: virus

Postdi palmike » 15/06/10 13:11

segue log combofix




+ 2010-06-11 08:19 . 2010-06-11 08:19 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-11 08:24 . 2010-06-11 08:24 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-06-11 08:24 . 2010-06-11 08:24 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-06-11 08:24 . 2010-06-11 08:24 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-08-17 00:53 . 2009-08-17 00:53 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-05-12 20:46 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB978542$\spuninst\updspapi.dll
+ 2010-05-12 20:46 . 2009-05-26 11:41 233848 c:\windows\$NtUninstallKB978542$\spuninst\spuninst.exe
+ 2010-05-12 20:46 . 2008-04-11 19:04 691712 c:\windows\$NtUninstallKB978542$\inetcomm.dll
+ 2010-05-12 20:46 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB978542\update\updspapi.dll
+ 2010-05-12 20:46 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB978542\update\update.exe
+ 2010-05-12 20:46 . 2009-05-26 11:41 233848 c:\windows\$hf_mig$\KB978542\spuninst.exe
+ 2010-01-29 14:54 . 2010-01-29 14:54 691712 c:\windows\$hf_mig$\KB978542\SP3QFE\inetcomm.dll
- 2007-08-10 06:14 . 2005-02-24 17:35 726240 c:\windows\$hf_mig$\KB890859\update\update.exe
+ 2007-08-10 06:14 . 2010-06-13 07:56 726240 c:\windows\$hf_mig$\KB890859\update\update.exe
- 2007-08-12 09:40 . 2005-02-24 18:35 726240 c:\windows\$hf_mig$\KB890046\update\update.exe
+ 2007-08-12 09:40 . 2010-06-13 07:56 726240 c:\windows\$hf_mig$\KB890046\update\update.exe
+ 2007-08-10 06:18 . 2010-06-13 07:56 662528 c:\windows\$hf_mig$\KB888302\update\update.exe
- 2007-08-10 06:18 . 2004-11-30 12:47 662528 c:\windows\$hf_mig$\KB888302\update\update.exe
- 2007-08-12 09:44 . 2004-10-14 09:35 662528 c:\windows\$hf_mig$\KB887472\update\update.exe
+ 2007-08-12 09:44 . 2010-06-13 07:56 662528 c:\windows\$hf_mig$\KB887472\update\update.exe
+ 2007-08-10 06:17 . 2010-06-13 07:56 662528 c:\windows\$hf_mig$\KB886185\update\update.exe
- 2007-08-10 06:17 . 2004-10-14 18:35 662528 c:\windows\$hf_mig$\KB886185\update\update.exe
+ 2007-08-12 09:47 . 2010-06-13 07:56 662528 c:\windows\$hf_mig$\KB885836\update\update.exe
- 2007-08-12 09:47 . 2004-10-14 09:35 662528 c:\windows\$hf_mig$\KB885836\update\update.exe
+ 2007-08-12 09:47 . 2010-06-13 07:56 662528 c:\windows\$hf_mig$\KB885835\update\update.exe
- 2007-08-12 09:47 . 2004-10-14 09:35 662528 c:\windows\$hf_mig$\KB885835\update\update.exe
+ 2007-08-13 05:55 . 2010-06-13 07:56 662528 c:\windows\$hf_mig$\KB873339\update\update.exe
- 2007-08-13 05:55 . 2004-10-14 08:35 662528 c:\windows\$hf_mig$\KB873339\update\update.exe
+ 2004-08-19 12:00 . 2010-04-06 02:52 2462720 c:\windows\system32\WMVCore.dll
+ 2004-08-19 12:00 . 2010-05-06 10:32 1209344 c:\windows\system32\urlmon.dll
- 2004-08-19 12:00 . 2010-02-25 06:16 1209344 c:\windows\system32\urlmon.dll
- 2004-08-19 12:00 . 2009-11-27 17:12 1296896 c:\windows\system32\quartz.dll
+ 2004-08-19 12:00 . 2010-02-05 18:25 1296896 c:\windows\system32\quartz.dll
+ 2004-08-19 12:00 . 2010-05-06 10:32 5950976 c:\windows\system32\mshtml.dll
- 2007-08-13 16:34 . 2010-02-25 06:16 1985536 c:\windows\system32\iertutil.dll
+ 2007-08-13 16:34 . 2010-05-06 10:32 1985536 c:\windows\system32\iertutil.dll
+ 2010-05-19 11:52 . 2010-03-12 16:41 2074480 c:\windows\system32\DRVSTORE\VX6000_9648EB73F22649513FDB41D9DBE93A30CFBB20BE\VX6000Xp.sys
+ 2010-05-19 11:52 . 2010-03-12 16:41 1961328 c:\windows\system32\DRVSTORE\VX3000_A17A82730C7D038541072034CDAF4B2504049C63\VX3000.sys
+ 2010-05-19 11:52 . 2010-03-12 16:41 1961072 c:\windows\system32\DRVSTORE\VX1000_BCE047AC83D5D72E7E25B0A5BCCBA21F4DB8D4F4\VX1000.sys
+ 2010-03-12 10:15 . 2010-03-12 16:41 1961328 c:\windows\system32\drivers\VX3000.sys
+ 2004-08-19 12:00 . 2010-04-06 02:52 2462720 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-10-16 08:26 . 2010-05-02 08:06 1851264 c:\windows\system32\dllcache\win32k.sys
- 2004-08-19 12:00 . 2010-02-25 06:16 1209344 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-19 12:00 . 2010-05-06 10:32 1209344 c:\windows\system32\dllcache\urlmon.dll
+ 2008-05-07 05:10 . 2010-02-05 18:25 1296896 c:\windows\system32\dllcache\quartz.dll
- 2008-05-07 05:10 . 2009-11-27 17:12 1296896 c:\windows\system32\dllcache\quartz.dll
+ 2009-08-12 07:23 . 2010-01-29 14:59 1315328 c:\windows\system32\dllcache\msoe.dll
- 2009-08-12 07:23 . 2009-07-10 13:26 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2004-08-19 12:00 . 2010-05-06 10:32 5950976 c:\windows\system32\dllcache\mshtml.dll
+ 2008-09-08 10:30 . 2010-05-06 10:32 1985536 c:\windows\system32\dllcache\iertutil.dll
- 2008-09-08 10:30 . 2010-02-25 06:16 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2010-03-23 03:32 . 2010-03-23 03:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2008-11-25 02:59 . 2008-11-25 02:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 03:32 . 2010-03-23 03:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2010-05-03 14:27 . 2010-05-03 14:27 6825472 c:\windows\Installer\cb75e0.msp
+ 2010-05-03 14:11 . 2010-05-03 14:11 4149760 c:\windows\Installer\cb75c1.msp
+ 2010-05-04 20:25 . 2010-05-04 20:25 7681024 c:\windows\Installer\cb75ab.msp
+ 2010-05-10 15:17 . 2010-05-10 15:17 5520896 c:\windows\Installer\cb7595.msp
+ 2010-04-11 20:17 . 2010-04-11 20:17 2607104 c:\windows\Installer\a9a266.msp
+ 2010-04-11 20:17 . 2010-04-11 20:17 4210688 c:\windows\Installer\a9a265.msp
+ 2010-04-24 15:10 . 2010-04-24 15:10 8486400 c:\windows\Installer\a9a24c.msp
+ 2010-05-03 14:06 . 2010-05-03 14:06 5053952 c:\windows\Installer\a9a243.msp
+ 2010-03-30 10:34 . 2010-03-30 10:34 3826688 c:\windows\Installer\a9a219.msp
+ 2009-10-16 16:07 . 2009-10-16 16:07 6115328 c:\windows\Installer\317f8ed.msp
+ 2010-04-21 15:46 . 2010-04-21 15:46 5522432 c:\windows\Installer\317f8d8.msp
+ 2010-01-11 14:35 . 2010-01-11 14:35 4480000 c:\windows\Installer\317f8c3.msp
+ 2010-06-11 08:36 . 2010-02-25 06:16 1209344 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
+ 2010-06-11 08:36 . 2010-02-25 06:16 5944832 c:\windows\ie8updates\KB982381-IE8\mshtml.dll
+ 2010-06-11 08:36 . 2010-02-25 06:16 1985536 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2010-05-19 11:21 . 2010-05-19 11:21 9119744 c:\windows\Downloaded Installations\{E03ED1B9-D31F-45DA-9AFE-37FE4F66818C}\Trust WB-3400T Webcam .msi
+ 2010-05-19 10:56 . 2010-05-19 11:08 9002496 c:\windows\Downloaded Installations\{DBCF2F52-0F1D-4B7E-B44B-614EB4584E11}\Trust WB-1400T Webcam.msi
+ 2010-03-08 22:02 . 2010-05-19 10:30 5919744 c:\windows\Downloaded Installations\{523D1AB7-1C5C-4699-A2EC-3D62EBBE1C5D}\Trust WB-1400T Webcam.msi
- 2010-03-08 22:02 . 2010-03-08 22:02 5919744 c:\windows\Downloaded Installations\{523D1AB7-1C5C-4699-A2EC-3D62EBBE1C5D}\Trust WB-1400T Webcam.msi
+ 2010-06-11 08:25 . 2010-06-11 08:25 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\f231461883859922a040002dddfb7b12\WindowsBase.ni.dll
+ 2010-06-11 08:31 . 2010-06-11 08:31 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\48b66876f72f472db62de48ae4369406\UIAutomationClientsideProviders.ni.dll
+ 2010-06-11 08:24 . 2010-06-11 08:24 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
+ 2010-06-11 08:31 . 2010-06-11 08:31 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\016b75f60a18535c8d6b3e5d861ab559\System.WorkflowServices.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6dacae37d337004345518976fb57099e\System.Workflow.Runtime.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c7b832bbc5bb11c6c7f128c801ce90d7\System.Workflow.ComponentModel.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\b9ea6ea910293cd6f13f765775867ebd\System.Workflow.Activities.ni.dll
+ 2010-06-11 08:45 . 2010-06-11 08:45 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8ef8d556899a4a10b7f288a80925489f\System.Web.Services.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\5dfda43f1991ee6ba345d62b2be4801c\System.Web.Mobile.ni.dll
+ 2010-06-11 10:09 . 2010-06-11 10:09 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f08b3b8cdf548e3dfe61f342536175eb\System.Web.Extensions.ni.dll
+ 2010-06-11 08:30 . 2010-06-11 08:30 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2d6a5dbee4506bf643b853e41668afa3\System.Speech.ni.dll
+ 2010-06-11 10:08 . 2010-06-11 10:08 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\169fe0ad9d59982a2a6b89779c09885b\System.ServiceModel.Web.ni.dll
+ 2010-06-11 08:33 . 2010-06-11 08:33 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8b2710a63ecd363315ef16b257588b95\System.Runtime.Serialization.ni.dll
+ 2010-06-11 08:30 . 2010-06-11 08:30 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\161b423dc4e86e569af019e838d39de5\System.Printing.ni.dll
+ 2010-06-11 08:33 . 2010-06-11 08:33 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\ad4fb86064d7a1ebcb9ee997e7208ac1\System.IdentityModel.ni.dll
+ 2010-06-11 08:29 . 2010-06-11 08:29 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
+ 2010-06-11 08:45 . 2010-06-11 08:45 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7deab2494d53763cd83c567e71e0d8e0\System.DirectoryServices.ni.dll
+ 2010-06-11 08:40 . 2010-06-11 08:40 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\b81efadfee7702624b713c6d86f7e369\System.Deployment.ni.dll
+ 2010-06-11 08:28 . 2010-06-11 08:28 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\50130ef751b98a4a11bd4ab73af7cab5\System.Data.ni.dll
+ 2010-06-11 08:39 . 2010-06-11 08:39 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f71abf392c5ca05a4e46a5d1c4c72856\System.Data.SqlXml.ni.dll
+ 2010-06-11 09:20 . 2010-06-11 09:20 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\5e6311aff5ada83d0f854922fa62faf6\System.Data.Services.ni.dll
+ 2010-06-11 08:28 . 2010-06-11 08:28 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3ba3367d03779ad6e76c5d4cdfe572a\System.Data.Linq.ni.dll
+ 2010-06-11 09:20 . 2010-06-11 09:20 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6abf820d8ec57a0561c3367727d274df\System.Data.Entity.ni.dll
+ 2010-06-11 08:28 . 2010-06-11 08:28 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e98726349766935ec0e9b980f19a046a\System.Core.ni.dll
+ 2010-06-11 08:28 . 2010-06-11 08:28 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\fc373f0a8dbd173c63b6b95551b1c673\ReachFramework.ni.dll
+ 2010-06-11 08:27 . 2010-06-11 08:28 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\ead93b6a4f0101cb99d09f3e3fc6491c\PresentationUI.ni.dll
+ 2010-06-11 08:24 . 2010-06-11 08:24 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\20ef773b20f6ce721ae60e5c2c2e8f80\PresentationBuildTasks.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 3152384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\a28e232a40e060a7bc93b771aa63974a\Microsoft.Windows.Design.Markup.ni.dll
+ 2010-06-11 09:18 . 2010-06-11 09:18 2855424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\6a4843f089d5fa2bc1c99f2d6749e1a7\Microsoft.Windows.Design.Developer.ni.dll
+ 2010-06-11 08:50 . 2010-06-11 08:50 2383360 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e56be6c9d9a709c552beb85ba9fd0cd3\Microsoft.VisualStudio.Modeling.Sdk.Diagrams.ni.dll
+ 2010-06-11 08:49 . 2010-06-11 08:49 1873920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\cc6ef7803f17d585ae9409520c14bb29\Microsoft.VisualStudio.CommonIDE.ni.dll
+ 2010-06-11 08:49 . 2010-06-11 08:49 1515008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\57b4974d90892019ad4684002bb71aae\Microsoft.VisualStudio.Modeling.Sdk.ni.dll
+ 2010-06-11 08:49 . 2010-06-11 08:49 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\935b855860088a86bb65d37a19f059cc\Microsoft.VisualBasic.ni.dll
+ 2010-06-11 08:36 . 2010-06-11 08:36 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\7a266de493d30eed21cb60ebe300be53\Microsoft.Transactions.Bridge.ni.dll
+ 2010-06-11 09:46 . 2010-06-11 09:46 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\9db8f9f7fe63ca4451bb5316a3ebb009\Microsoft.JScript.ni.dll
+ 2010-06-11 08:47 . 2010-06-11 08:47 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\c96be82d6cb00367db4e3553272165ef\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-06-11 08:47 . 2010-06-11 08:47 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3815de5b052187b5d9375681a6784255\Microsoft.Build.Tasks.ni.dll
+ 2010-06-11 08:46 . 2010-06-11 08:46 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\43fc6723d08e9ce88701c29653efd224\Microsoft.Build.Engine.ni.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-06-11 08:21 . 2010-06-11 08:21 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-10-14 22:00 . 2009-10-14 22:00 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-06-11 08:24 . 2010-06-11 08:24 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-06-11 08:19 . 2010-06-11 08:19 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-06-11 08:20 . 2010-06-11 08:20 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-10-14 21:59 . 2009-10-14 21:59 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-05-12 20:46 . 2009-07-10 13:26 1315328 c:\windows\$NtUninstallKB978542$\msoe.dll
+ 2010-01-29 14:54 . 2010-01-29 14:54 1315328 c:\windows\$hf_mig$\KB978542\SP3QFE\msoe.dll
+ 2008-01-17 21:29 . 2010-05-28 19:37 32472008 c:\windows\system32\MRT.exe
+ 2007-08-13 16:54 . 2010-05-06 10:32 11076096 c:\windows\system32\ieframe.dll
+ 2008-09-08 10:30 . 2010-05-06 10:32 11076096 c:\windows\system32\dllcache\ieframe.dll
+ 2010-05-11 09:30 . 2010-05-11 09:30 11194880 c:\windows\Installer\cb75f6.msp
+ 2010-04-24 15:09 . 2010-04-24 15:09 11750912 c:\windows\Installer\cb75ca.msp
+ 2010-04-11 20:17 . 2010-04-11 20:17 14599680 c:\windows\Installer\a9a275.msp
+ 2010-04-15 19:34 . 2010-04-15 19:34 17510912 c:\windows\Installer\a9a22d.msp
+ 2010-06-11 08:36 . 2010-02-25 09:46 11070976 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
+ 2010-06-11 08:30 . 2010-06-11 08:30 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
+ 2010-06-11 08:44 . 2010-06-11 08:44 11797504 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll
+ 2010-06-11 08:35 . 2010-06-11 08:36 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8b74f2fe3f3632f95ff4ddb8c4839a1e\System.ServiceModel.ni.dll
+ 2010-06-11 08:29 . 2010-06-11 08:29 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\f352c5cb50bee105e4c873ca050f9f46\System.Design.ni.dll
+ 2010-06-11 08:27 . 2010-06-11 08:27 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ca898d942e4d85af4c3d5f14a77c359a\PresentationFramework.ni.dll
+ 2010-06-11 08:26 . 2010-06-11 08:26 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ba8f917fd89d7afa8885c2a326379f03\PresentationCore.ni.dll
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-05-18 5562368]
"nwiz"="nwiz.exe" [2005-05-18 1495040]
"ISUSPM Startup"="c:\programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2008-05-15 185896]
"hpqSRMon"="c:\programmi\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"VX3000"="c:\windows\vVX3000.exe" [2010-03-12 762736]
"RTHDCPL"="RTHDCPL.EXE" [2005-05-04 14396416]
"SoundMan"="SOUNDMAN.EXE" [2005-05-03 90112]
"AlcWzrd"="ALCWZRD.EXE" [2005-05-04 2805248]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"ConnMonitor"="c:\programmi\Alice Mobile Olicard 100\ConnMonitor.exe" [2009-06-18 401408]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Tasto di scelta rapida per l'avvio di AutoCAD.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Tasto di scelta rapida per l'avvio di AutoCAD.lnk
backup=c:\windows\pss\Tasto di scelta rapida per l'avvio di AutoCAD.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44 3883856 ----a-w- c:\programmi\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2005-03-10 16:43 688218 -c--a-w- c:\programmi\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
2005-03-10 16:44 98394 -c--a-w- c:\programmi\Synaptics\SynTP\SynTPLpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2008-05-15 10:28 185896 ----a-w- c:\programmi\File comuni\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2001-04-30 20:57 10752 -c--a-w- c:\programmi\Winamp\winampa.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Documents and Settings\\All Users\\Dati applicazioni\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\Italian\\setup.exe"=
"c:\\Programmi\\Metin2_Italiano\\metin2.bin"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\art-lantis 4.5\\Art-lantis.exe"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [11/03/2008 9.56.42 12424]
R2 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [11/03/2008 9.56.40 75272]
R3 CIR;Hid Device;c:\windows\system32\drivers\CIR.sys [20/05/2005 9.01.20 5120]
R3 kbd;Keyboard;c:\windows\system32\drivers\kbd.sys [20/05/2005 9.31.12 21504]
R3 Slazldrv;SmartLink AMR_PCI Driver;c:\windows\system32\drivers\SLDRV\slazldrv.sys [05/01/2005 2.48.42 226768]
S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe --> c:\progra~1\AVG\AVG8\avgwdsvc.exe [?]
S3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [11/03/2008 9.53.40 22528]
S3 pmx3gmdm;Olivetti USB Device for Legacy Serial Communication;c:\windows\system32\drivers\pmx3gmdm.sys [13/05/2010 16.44.36 103552]
S3 pmx3gnet;Olivetti USB-NDIS miniport;c:\windows\system32\drivers\pmx3gnet.sys [13/05/2010 16.45.02 117120]
S3 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]

--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - ANTIVIRSCHEDULER
*NewlyCreated* - ANTIVIRSERVICE
*NewlyCreated* - AVGIO
*NewlyCreated* - AVIPBB

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenuto della cartella 'Scheduled Tasks'

2010-06-15 c:\windows\Tasks\User_Feed_Synchronization-{C2E02079-801F-478B-AA25-291E05B4BAEA}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.michelepalamara.it/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uSearchAssistant = hxxp://www.google.com
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {0C5F37CF-C043-4D5F-AB56-D0FE58E124C6} = 85.37.17.50 85.38.28.76
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\6pc9wcar.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&ai=13054
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/home/?ai=13054
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - component: c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\6pc9wcar.default\extensions\{D02B1E87-A8C6-433f-9B5C-2CEC4A072736}\components\susfox3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
.
------- Associazioni dei file -------
.
.scr=AutoCADScriptFile
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-15 13:56
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(228)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Ora fine scansione: 2010-06-15 14:01:58
ComboFix-quarantined-files.txt 2010-06-15 12:01
ComboFix2.txt 2010-06-13 20:14
ComboFix3.txt 2010-05-01 19:21
ComboFix4.txt 2010-04-24 17:09
ComboFix5.txt 2010-06-15 11:43

Pre-Run: 3.433.566.208 byte disponibili
Post-Run: 3.453.112.320 byte disponibili

- - End Of File - - 70399B137C09386C296B86C5402241DF
palmike
Utente Junior
 
Post: 25
Iscritto il: 13/03/10 01:17
Top

Re: virus

Postdi shel » 15/06/10 13:31

palmike combofix lo hai gia' postato, a me servirebbero i rapporti delle altre scansioni, findikyll e elibagla
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56
Top

Re: virus

Postdi palmike » 15/06/10 19:05

Ho cancellato la cartella "qoobox"... mentre il file "5C34579C64.sys" non esiste più... può essere perchè ho riportato la configurazione del sistema alla data di acquisto...

come ti dicevo al precedente messaggio?
Fatto regolarmente il resto. Questo è il log di FindyKill:




############################## | FindyKill V5.044 |

# User : Utente (Administrators) # ROSSO-8C2160
# Update on 10/06/2010 by El Desaparecido
# Start at: 18.04.34 | 15/06/2010
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# Intel(R) Pentium(R) M processor 1.50GHz
# Microsoft Windows XP Home Edition (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# AV : AVG 0.0 [ (!) Disabled | (!) Outdated ]
# AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
# FW : AVG Firewall[ Enabled ]8.0

# C:\ # Disco rigido locale # 20,02 Go (3,24 Go free) # NTFS
# D:\ # Disco rigido locale # 31,86 Go (28,57 Go free) [HDD] # NTFS

################## | Archivos infectados |

Suprimido ! C:\Documents and Settings\Utente\Dati applicazioni\drivers

################## | MD5 ... |

Suprimido ! "C:\System Volume Information\_restore{156B46D5-7F28-40C8-B226-56098A60727C}\RP70\A0017065.exe"
-> Size : 1074176 | Crc32 : 28bec6f3 | Md5 : 81de7b1091975c19339bb80971953228


################## | CRC32 ... |


################## | Registro |

Suprimido ! [HKCU\Software\WS4001]
Suprimido ! [HKCR\ed2k]
Suprimido ! [HKCU\Software\Local AppWizard-Generated Applications\winupgro]

################## | Estado |

# Modo seguro : OK


# Mostrar archivos ocultos : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | Ficheros corompidos |

Corrupted : C:\Programmi\Leawo\PowerPoint to Video\Update.exe
[Offset = 00000104 - Value = 0x0001]

Corrupted : C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
[Offset = 000000EC - Value = 0x0001]

Attempt of repair...
Backup : update.exe.REN
[Offset = 000000EC - New value = 0x4C01]
File repaired successfully.


Corrupted : C:\WINDOWS\$hf_mig$\KB885835\update\update.exe
[Offset = 000000EC - Value = 0x0001]

Attempt of repair...
Backup : update.exe.REN
[Offset = 000000EC - New value = 0x4C01]
File repaired successfully.


Corrupted : C:\WINDOWS\$hf_mig$\KB885836\update\update.exe
[Offset = 000000EC - Value = 0x0001]

Attempt of repair...
Backup : update.exe.REN
[Offset = 000000EC - New value = 0x4C01]
File repaired successfully.


Corrupted : C:\WINDOWS\$hf_mig$\KB886185\update\update.exe
[Offset = 000000EC - Value = 0x0001]

Attempt of repair...
Backup : update.exe.REN
[Offset = 000000EC - New value = 0x4C01]
File repaired successfully.


Corrupted : C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
[Offset = 000000EC - Value = 0x0001]

Attempt of repair...
Backup : update.exe.REN
[Offset = 000000EC - New value = 0x4C01]
File repaired successfully.


Corrupted : C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
[Offset = 000000EC - Value = 0x0001]

Attempt of repair...
Backup : update.exe.REN
[Offset = 000000EC - New value = 0x4C01]
File repaired successfully.


Corrupted : C:\WINDOWS\$hf_mig$\KB890046\update\update.exe
[Offset = 000000E4 - Value = 0x0001]

Attempt of repair...
Backup : update.exe.REN
[Offset = 000000E4 - New value = 0x4C01]
File repaired successfully.


Corrupted : C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
[Offset = 000000E4 - Value = 0x0001]

Attempt of repair...
Backup : update.exe.REN
[Offset = 000000E4 - New value = 0x4C01]
File repaired successfully.


Corrupted : C:\WINDOWS\SoftwareDistribution\Download\02b22e8b5ca3d12502554581517bd16d\update\update.exe
[Offset = 000000EC - Value = 0x0001]

Attempt of repair...
Backup : update.exe.REN
[Offset = 000000EC - New value = 0x4C01]
File repaired successfully.


Corrupted : C:\WINDOWS\SoftwareDistribution\Download\5ed2df28f38a20aceca0bf7d9517f005\update\update.exe
[Offset = 000000EC - Value = 0x0001]

Attempt of repair...
Backup : update.exe.REN
[Offset = 000000EC - New value = 0x4C01]
File repaired successfully.


Corrupted : C:\WINDOWS\SoftwareDistribution\Download\922d57bc368f5476f1d1ea93aec1b2a2\update\update.exe
[Offset = 000000EC - Value = 0x0001]

Attempt of repair...
Backup : update.exe.REN
[Offset = 000000EC - New value = 0x4C01]
File repaired successfully.


Corrupted : C:\WINDOWS\SoftwareDistribution\Download\ca6204ddc27f2e222ba3450aded498b3\update\update.exe
[Offset = 000000EC - Value = 0x0001]

Attempt of repair...
Backup : update.exe.REN
[Offset = 000000EC - New value = 0x4C01]
File repaired successfully.


Corrupted : C:\WINDOWS\SoftwareDistribution\Download\ffff438f5e047c2314c117b1455f3a40\update\update.exe
[Offset = 000000EC - Value = 0x0001]

Attempt of repair...
Backup : update.exe.REN
[Offset = 000000EC - New value = 0x4C01]
File repaired successfully.



################## | Upload |

Por favor, envie el archivo : C:\FindyKill_Upload_Me_ROSSO-8C2160.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Gracias por su contribución .

################## | ! Fin del reporte # FindyKill V5.044 ! |




Questo è il log di Elibagla:










(15-6-2010 17:22:56 (GMT))
EliBagle v13.96 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 15 de Junio del 2010)
----------------------------------------------
Lista de Acciones (por Acción Directa):

(15-6-2010 17:40:41 (GMT))
EliBagle v13.96 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 15 de Junio del 2010)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\System Volume Information\_restore{156B46D5-7F28-40C8-B226-56098A60727C}\RP70\A0012669.EXE --> Eliminado Bagle dldr
C:\System Volume Information\_restore{156B46D5-7F28-40C8-B226-56098A60727C}\RP70\A0017061.EXE --> Eliminado Bagle dldr

Nº Total de Directorios: 8514
Nº Total de Ficheros: 76172
Nº de Ficheros Analizados: 17472
Nº de Ficheros Infectados: 2
Nº de Ficheros Limpiados: 2
palmike
Utente Junior
 
Post: 25
Iscritto il: 13/03/10 01:17
Top

Re: virus

Postdi shel » 16/06/10 08:03

fai un po' di pulizie

scarica CCleaner

durante l’installazione deseleziona l’opzione per la barra di Yahoo, lo apri, vai in Opzioni>Avanzate, togli la spunta a “Cancella file temp diwindows solo se più vecchi di 48 ore”, poi avvialo, seleziona "Analizza" ed alla fine dell'analisi premi "Avvia pulizia".

clicca su Registro, nella pagina successiva clicca Trova problemi, poi al termine dello scan clicca su Ripara selezionati , risposndi di sì alla richiesta di salvare il backup (salvalo in una cartella a piacimento) poi ripara tutti gli elementi trovati.


scarica ATFCleaner
1) seleziona la casella Select All
2) clicca sul pulsante Empty selected
3) aspetta l'avviso Done Cleaning
(se usi opera o firefox,spunta anche le loro sezioni)

scarica e installa malwarebytes

Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completata, posta il rapporto.

scarica KASPERSKY VIRUS REMOVAL TOOL

verrà creata una apposta cartella sul Desktop
Avvia il pc in modalità provvisoria
Vai alla cartella creata da Kaspersky
all’interno della cartella è presente la classica icona (una K) di Kaspersky
clicca sull’icona per lanciare il tool
imposta le aree che intendi scansionare (Startup Objects e Disk boot sector sono impostate di default)
al termine della scansione sarà possibile rimuovere e/o mettere in quarantena i file infetti rilevati
salva il log che verrà rilasciato
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56
Top

Re: virus

Postdi palmike » 17/06/10 13:26

Tutto fatto... questo è il log di malwarebytes:
La macchina sembra vada bene adesso

Malwarebytes' Anti-Malware 1.44
Versione del database: 3869
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

17/06/2010 13.47.58
mbam-log-2010-06-17 (13-47-58).txt

Tipo di scansione: Scansione completa (C:\|D:\|)
Elementi scansionati: 267500
Tempo trascorso: 2 hour(s), 36 minute(s), 42 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)
palmike
Utente Junior
 
Post: 25
Iscritto il: 13/03/10 01:17
Top

Re: virus

Postdi shel » 17/06/10 15:35

Palmike dovresti aggiornare malwarebytes prima di fare la scansione, la tua e' una versione obsoleta e potrebbero esserci infezioni che il programma non rileva non essendo aggiornato

Codice: Seleziona tutto
Malwarebytes' Anti-Malware 1.44
Versione del database: 3869
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702



la versione attuale e' la 1.46 e il database ad oggi e' 3869

ti consiglio di ripetere la scansione solo dopo averlo aggiornato

servirebbe anche quella con kaspersky removal che ti ho consigliato.....
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56
Top

Re: virus

Postdi shel » 17/06/10 15:37


errata corrige

la versione e' 4209 , nel post precedente ho copiato la tua :)
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56
Top
Rispondi al post

Torna a Sicurezza e Privacy


Topic correlati a "virus":

problema virus allo smart phone
Autore: terrybella 		Forum: Sicurezza e Privacy
Risposte: 8
Virus posta elettronica
Autore: libeccio20 		Forum: Sicurezza e Privacy
Risposte: 5
Problema tasto destro mouse, virus?
Autore: loyvaught 		Forum: Sicurezza e Privacy
Risposte: 1
virus ? spam? o cosa
Autore: loyvaught 		Forum: Sicurezza e Privacy
Risposte: 4
Virus o cosa?
Autore: danibi60 		Forum: Sicurezza e Privacy
Risposte: 26

Chi c’è in linea

Visitano il forum: Nessuno e 62 ospiti

cron