|
| Precedente :: Successivo |
| Autore |
Messaggio |
mastro1972
Eroe
Registrato: 26/03/08 18:39
Messaggi: 51
|
 Inviato: 26 Mar 2008 19:00 Oggetto: chiedo aiuto per probabile virus |
 |
|
Credo di essere vittima di un virus, che quando compare fa uscire nella sezione "connessione di rete in pannello di controllo" una nuova connessione strana che per un po, non mi permette la riconnessione.Ma la cosa strana è che proprio quando cade la mia connessione il computer rimane comunque connesso, non so dove, ma rimane connesso. Norton e AVG non rilevano nessun virus come devo fare?????
AIUTO |
|
| Top |
|
 |
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 26 Mar 2008 19:02 Oggetto: |
|
|
Ciao mastro1972, 
Direi di cominciare con le operazioni di pulizia generale:
PS: se vuoi, puoi presentarti qui |
|
| Top |
|
|
mastro1972
Eroe
Registrato: 26/03/08 18:39
Messaggi: 51
|
| Inviato: 30 Mag 2008 16:35 Oggetto: risposta a scoppio ritardato |
|
|
| bdoriano ha scritto: | | Ciao mastro1972, :ciao:Direi di cominciare con le operazioni di pulizia generale:PS: se vuoi, puoi presentarti qui |
NFix_2008-05-30_15-20-13_1212157668128.log
ComboFix 08-05-29.1 - Stefano 2008-05-30 16.03.22.9 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.1429 [GMT 2:00]
Eseguito da: D:\Documents and Settings\Stefano\Desktop\ComboFix.exe
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Creati Da 2008-04-28 al 2008-05-30 )))))))))))))))))))))))))))))))))))
.
2008-05-30 16:01 . 2008-05-30 16:01 <DIR> d-------- D:\WINDOWS\LastGood
2008-05-30 15:40 . 2008-05-30 15:40 <DIR> d-------- D:\VundoFix Backups
2008-05-26 21:53 . 2008-05-26 21:53 30 --a------ D:\WINDOWS\iedit.INI
2008-05-23 21:33 . 2000-01-27 18:19 1,048,576 --a------ D:\WINDOWS\system32\Roboex32.dll
2008-05-23 21:33 . 2000-01-27 18:19 1,048,576 --a------ D:\WINDOWS\Roboex32.dll
2008-05-23 21:33 . 1999-01-28 15:44 49,152 --a------ D:\WINDOWS\system32\INETWH32.dll
2008-05-23 21:33 . 1999-01-28 15:44 49,152 --a------ D:\WINDOWS\INETWH32.dll
2008-05-23 21:33 . 1999-07-17 01:02 40,960 --a------ D:\WINDOWS\system32\wh2robo.dll
2008-05-23 21:32 . 2008-05-23 21:32 <DIR> d-------- D:\WINDOWS\Ulead.dat
2008-05-23 21:32 . 2008-05-29 17:39 4,604 --a------ D:\WINDOWS\ULEAD32.INI
2008-05-23 21:31 . 2008-05-23 21:37 <DIR> d-------- D:\Programmi\Ulead Systems
2008-05-21 20:17 . 2008-05-21 20:17 2,624 --a------ D:\WINDOWS\system32\feghubrx.exe
2008-05-21 16:23 . 2008-05-21 18:46 534 ---hs---- D:\WINDOWS\system32\yslqholn.ini
2008-05-20 22:39 . 2008-05-20 22:39 2,624 --a------ D:\WINDOWS\system32\kbablbvh.exe
2008-05-19 12:45 . 2008-05-19 12:45 124,992 --a------ D:\WINDOWS\system32\btvjkqkm.dll
2008-05-19 12:34 . 2008-05-19 12:34 294 ---hs---- D:\WINDOWS\system32\upnburkl.ini
2008-05-16 08:56 . 2008-05-16 08:57 354 ---hs---- D:\WINDOWS\system32\rfrjgjdm.ini
2008-05-14 12:18 . 2008-05-14 12:18 294 ---hs---- D:\WINDOWS\system32\vdgylopk.ini
2008-05-12 19:29 . 2008-05-12 19:29 57,856 --a------ D:\WINDOWS\system32\ljJDSIaA.dll.vir
2008-05-12 19:17 . 2006-03-17 11:45 1,757,184 --a------ D:\WINDOWS\system32\imagX7.dll
2008-05-12 19:17 . 2006-03-17 11:45 802,816 --a------ D:\WINDOWS\system32\imagXRA7.dll
2008-05-12 19:17 . 2006-03-17 11:45 497,296 --a------ D:\WINDOWS\system32\imagXpr7.dll
2008-05-12 19:17 . 2006-03-17 14:49 368,640 --a------ D:\WINDOWS\system32\TwnLib4.dll
2008-05-12 19:17 . 2006-03-17 11:45 258,048 --a------ D:\WINDOWS\system32\imagXR7.dll
2008-05-12 18:03 . 2008-04-02 13:40 <DIR> d--h----- D:\Documents and Settings\Administrator\Risorse di stampa
2008-05-12 18:03 . 2008-04-02 13:40 <DIR> d--h----- D:\Documents and Settings\Administrator\Risorse di rete
2008-05-12 18:03 . 2008-04-02 13:40 <DIR> d-------- D:\Documents and Settings\Administrator\Preferiti
2008-05-12 18:03 . 2008-04-02 11:45 <DIR> d--h----- D:\Documents and Settings\Administrator\Modelli
2008-05-12 18:03 . 2008-04-02 13:40 <DIR> dr------- D:\Documents and Settings\Administrator\Menu Avvio
2008-05-12 18:03 . 2008-05-30 16:05 <DIR> d--h----- D:\Documents and Settings\Administrator\Impostazioni locali
2008-05-12 18:03 . 2008-04-02 13:40 <DIR> d-------- D:\Documents and Settings\Administrator\Documenti
2008-05-12 18:03 . 2008-04-02 13:40 <DIR> dr-h----- D:\Documents and Settings\Administrator\Dati applicazioni
2008-05-12 18:03 . 2008-05-12 18:03 <DIR> d-------- D:\Documents and Settings\Administrator
2008-05-12 13:39 . 2008-02-28 13:26 1,414,440 --a------ D:\WINDOWS\system32\ShellManager310E2D762.dll
2008-05-12 13:39 . 2008-02-28 13:01 774,144 --a------ D:\WINDOWS\system32\NEROINSTAEC43759.DB
2008-05-10 14:39 . 2007-07-30 19:19 271,224 --a------ D:\WINDOWS\system32\mucltui.dll
2008-05-10 14:39 . 2007-07-30 19:19 207,736 --a------ D:\WINDOWS\system32\muweb.dll
2008-05-10 14:39 . 2007-07-30 19:18 30,072 --a------ D:\WINDOWS\system32\mucltui.dll.mui
2008-05-10 10:26 . 2008-05-10 10:26 <DIR> d-------- D:\Programmi\VideoLAN
2008-05-08 23:01 . 2008-05-08 23:01 <DIR> d--hsc--- D:\Programmi\File comuni\WindowsLiveInstaller
2008-05-08 23:00 . 2008-05-08 23:00 <DIR> d-------- D:\Programmi\Windows Live
2008-05-08 23:00 . 2008-05-08 23:00 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2008-04-25 18:41 . 2008-04-25 18:41 <DIR> d-------- D:\Programmi\Alcohol Soft
2008-04-23 14:50 . 2008-04-29 18:40 <DIR> d-------- D:\Programmi\free-downloads.net
2008-04-23 14:33 . 2008-05-12 18:25 <DIR> d-------- D:\Programmi\Save
2008-04-21 22:01 . 2008-04-23 14:48 716,272 --a------ D:\WINDOWS\system32\drivers\sptd.sys
2008-04-18 13:48 . 2008-04-18 13:48 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Trymedia
2008-04-18 13:43 . 2008-04-18 13:43 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\InstallShield
2008-04-18 00:53 . 2008-04-18 00:53 <DIR> d-------- D:\Programmi\Conduit
2008-04-18 00:53 . 2008-04-18 00:53 <DIR> d-------- D:\Programmi\Best_Security_Tips
2008-04-16 16:32 . 2008-05-30 15:10 <DIR> d-------- D:\Documents and Settings\Stefano\Dati applicazioni\Azureus
2008-04-16 16:32 . 2008-04-16 16:32 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Azureus
2008-04-16 16:31 . 2008-04-18 09:53 <DIR> d-------- D:\Programmi\Azureus
2008-04-12 20:48 . 2008-04-12 20:48 <DIR> d-------- D:\WINDOWS\Sun
2008-04-12 20:46 . 2008-04-12 20:46 <DIR> d-------- D:\Programmi\Java
2008-04-12 20:46 . 2008-02-22 02:33 69,632 --a------ D:\WINDOWS\system32\javacpl.cpl
2008-04-12 20:40 . 2008-04-12 20:40 <DIR> d-------- D:\Programmi\File comuni\Java
2008-04-12 20:24 . 2008-04-12 21:05 <DIR> d-------- D:\Programmi\Bittorrent Download Accelerator Pro
2008-04-12 20:24 . 2007-06-25 15:02 475,136 --a------ D:\WINDOWS\system32\SkinCrafter2.dll
2008-04-12 19:11 . 2008-04-18 09:26 <DIR> d-------- D:\Programmi\Azureus Turbo Accelerator
2008-04-11 19:40 . 2006-10-26 19:56 32,592 --a------ D:\WINDOWS\system32\msonpmon.dll
2008-04-11 19:39 . 2008-04-11 19:39 <DIR> d-------- D:\Programmi\MSBuild
2008-04-11 19:39 . 2008-04-11 19:39 <DIR> d-------- D:\Programmi\Microsoft Works
2008-04-11 19:35 . 2008-04-11 19:38 <DIR> d-------- D:\WINDOWS\SHELLNEW
2008-04-11 19:35 . 2008-04-11 19:35 <DIR> dr-h----- D:\MSOCache
2008-04-11 19:35 . 2008-05-30 16:03 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Microsoft Help
2008-04-08 14:54 . 2008-04-09 20:08 <DIR> d-------- D:\Programmi\FaxTalk Communicator
2008-04-07 23:46 . 2008-04-07 23:46 <DIR> d-------- D:\Programmi\NeroInstall.bak
2008-04-07 23:44 . 2008-05-12 19:18 <DIR> d-------- D:\Programmi\Nero
2008-04-07 23:44 . 2008-05-12 19:17 <DIR> d-------- D:\Programmi\File comuni\Nero
2008-04-07 23:44 . 2008-05-12 19:17 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Nero
2008-04-07 23:35 . 2008-04-07 23:35 32 --a------ D:\WINDOWS\CD_Start.INI
2008-04-07 22:09 . 2008-05-30 14:51 69 --a------ D:\WINDOWS\NeroDigital.ini
2008-04-07 22:05 . 2008-04-07 22:05 <DIR> d-------- D:\Documents and Settings\Stefano\Dati applicazioni\Nero
2008-04-07 10:14 . 2008-04-07 10:14 <DIR> d-------- D:\Documents and Settings\Stefano\Dati applicazioni\SlySoft
2008-04-07 10:10 . 2008-04-07 10:10 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\SlySoft
2008-04-06 13:00 . 2008-04-06 13:00 <DIR> d-------- D:\Programmi\SlySoft
2008-04-06 12:58 . 2008-04-06 12:58 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Elaborate Bytes
2008-04-06 12:55 . 2008-04-06 12:55 <DIR> d-------- D:\Programmi\Elaborate Bytes
2008-04-04 20:26 . 2008-04-04 20:27 98,838 --a------ D:\WINDOWS\hpqins16.dat
2008-04-04 20:16 . 2008-04-04 20:16 <DIR> d-------- D:\Programmi\MSXML 4.0
2008-04-03 19:15 . 2008-04-03 19:15 <DIR> d-------- D:\Documents and Settings\Stefano\Dati applicazioni\Motive
2008-04-02 18:49 . 2008-04-02 18:49 <DIR> d-------- D:\Documents and Settings\Stefano\WINDOWS
2008-04-02 18:49 . 1998-11-13 14:07 307,712 --a------ D:\WINDOWS\IsUn0410.exe
2008-04-02 15:20 . 2008-04-02 15:20 <DIR> d-------- D:\Documents and Settings\Stefano\Dati applicazioni\Ahead
2008-04-02 15:11 . 2008-04-02 19:07 <DIR> d-------- D:\Documents and Settings\Stefano\Dati applicazioni\HP
2008-04-02 15:06 . 2008-04-02 15:06 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\WEBREG
2008-04-02 15:04 . 2008-05-15 20:03 <DIR> d-------- D:\Documents and Settings\Stefano\Dati applicazioni\HPAppData
2008-04-02 15:03 . 2008-04-02 15:03 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\HP Product Assistant
2008-04-02 15:03 . 2008-04-02 19:07 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\HP
2008-04-02 15:02 . 2008-04-02 15:02 <DIR> d-------- D:\Programmi\Hewlett-Packard
2008-04-02 15:02 . 2008-04-02 15:02 <DIR> d-------- D:\Programmi\File comuni\HP
2008-04-02 15:02 . 2008-04-02 15:02 <DIR> d-------- D:\Programmi\File comuni\Hewlett-Packard
2008-04-02 15:01 . 2008-04-02 15:01 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Hewlett-Packard
2008-04-02 15:01 . 2007-03-30 17:07 267,864 -ra------ D:\WINDOWS\system32\hpzids01.dll
2008-04-02 15:01 . 2007-03-28 14:01 117,760 --a------ D:\WINDOWS\system32\hpzll5ha.dll
2008-04-02 15:01 . 2007-03-08 06:20 49,920 -ra------ D:\WINDOWS\system32\drivers\HPZid412.sys
2008-04-02 15:01 . 2007-03-08 06:20 21,568 -ra------ D:\WINDOWS\system32\drivers\HPZius12.sys
2008-04-02 15:01 . 2007-03-08 06:20 16,496 -ra------ D:\WINDOWS\system32\drivers\HPZipr12.sys
2008-04-02 15:00 . 2008-04-02 15:00 <DIR> d----c--- D:\WINDOWS\system32\DRVSTORE
2008-04-02 15:00 . 2008-04-04 20:27 <DIR> d-------- D:\Programmi\HP
2008-04-02 15:00 . 2007-03-17 18:11 675,840 -ra------ D:\WINDOWS\system32\hpowiax3.dll
2008-04-02 15:00 . 2007-03-17 18:11 569,344 -ra------ D:\WINDOWS\system32\hpotscl3.dll
2008-04-02 15:00 . 2007-03-08 06:20 364,544 -ra------ D:\WINDOWS\system32\hppldcoi.dll
2008-04-02 15:00 . 2007-03-08 06:20 309,760 -ra------ D:\WINDOWS\system32\difxapi.dll
2008-04-02 15:00 . 2007-03-17 18:11 303,104 -ra------ D:\WINDOWS\system32\hpovst10.dll
2008-04-02 15:00 . 2004-08-03 22:58 15,104 --a------ D:\WINDOWS\system32\drivers\usbscan.sys
2008-04-02 15:00 . 2004-08-03 22:58 15,104 --a--c--- D:\WINDOWS\system32\dllcache\usbscan.sys
2008-04-02 14:57 . 2008-04-02 15:06 153,139 --a------ D:\WINDOWS\hpoins14.dat
2008-04-02 14:57 . 2007-06-06 01:07 2,000 --------- D:\WINDOWS\hpomdl14.dat
2008-04-02 12:48 . 2008-04-02 12:48 <DIR> d-------- D:\Programmi\Motive
2008-04-02 12:47 . 2008-04-02 12:47 <DIR> d-------- D:\Programmi\Telecom Italia
2008-04-02 12:22 . 2008-04-02 12:48 <DIR> d-------- D:\WINDOWS\Motive
2008-04-02 12:22 . 2008-04-02 12:22 <DIR> d-------- D:\Programmi\Pirelli
2008-04-02 12:22 . 2008-04-02 12:22 <DIR> d-------- D:\Programmi\File comuni\Motive
2008-04-02 12:22 . 2008-04-02 12:22 <DIR> d-------- D:\Programmi\Common Files
2008-04-02 12:22 . 2008-04-02 12:48 <DIR> d-------- D:\Programmi\Alice ti aiuta
2008-04-02 12:22 . 2008-04-02 12:45 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Motive
2008-04-02 12:22 . 2002-10-17 19:07 313,856 --a------ D:\WINDOWS\system32\dx3j.dll
2008-04-02 12:22 . 2002-10-17 20:44 171,280 --a------ D:\WINDOWS\system32\jit.dll
2008-04-02 12:22 . 2002-10-17 20:44 139,536 --a------ D:\WINDOWS\system32\javaee.dll
2008-04-02 12:22 . 2002-10-17 20:44 46,352 --a------ D:\WINDOWS\setdebug.exe
2008-04-02 12:22 . 2002-10-17 19:28 7,315 --a------ D:\WINDOWS\system32\javasup.vxd
2008-04-02 12:22 . 2002-10-17 19:08 6,550 --a------ D:\WINDOWS\jautoexp.dat
2008-04-02 12:16 . 2008-04-04 20:17 <DIR> d-------- D:\WINDOWS\system32\it-it
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-30 13:55 --------- d-----w D:\Documents and Settings\Stefano\Dati applicazioni\DNA
2008-04-20 17:39 --------- d-----w D:\Documents and Settings\Stefano\Dati applicazioni\BitTorrent
2008-04-07 21:29 --------- d-----w D:\Programmi\File comuni\Ahead
2008-04-07 21:29 --------- d-----w D:\Programmi\Ahead
2008-04-02 15:22 --------- d-----w D:\Documents and Settings\Stefano\Dati applicazioni\NeroVision
2008-04-02 11:25 --------- d-----w D:\Programmi\File comuni\Adobe
2008-04-02 11:23 --------- d-----w D:\Programmi\Google
2008-04-02 11:15 --------- d-----w D:\Documents and Settings\Stefano\Dati applicazioni\vlc
2008-04-02 11:13 --------- d-----w D:\Programmi\Windows Media Connect 2
2008-04-02 11:11 --------- d-----w D:\Programmi\DNA
2008-04-02 11:11 --------- d-----w D:\Programmi\BitTorrent
2008-04-02 10:22 155,995 ----a-w D:\WINDOWS\java\Packages\W39FL7L7.ZIP
2008-04-02 10:00 315,392 ----a-w D:\WINDOWS\HideWin.exe
2008-04-02 09:48 --------- d-----w D:\Programmi\microsoft frontpage
2008-04-02 09:47 --------- d-----w D:\Programmi\Servizi in linea
2008-03-25 04:51 621,344 ----a-w D:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 183,072 ----a-w D:\WINDOWS\system32\msjint40.dll
2008-03-20 08:06 1,845,248 ----a-w D:\WINDOWS\system32\win32k.sys
2008-03-01 12:58 826,368 ----a-w D:\WINDOWS\system32\wininet.dll
2008-02-20 06:50 282,624 ----a-w D:\WINDOWS\system32\gdi32.dll
2008-02-20 05:33 45,568 ----a-w D:\WINDOWS\system32\dnsrslvr.dll
.
((((((((((((((((((((((((((((( snapshot_2008-05-30_15.58.13.84 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-23 04:56:21 554,008 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2007-11-01 05:15:52 183,072 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:15:53 621,344 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w D:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:48:10 15,584 ----a-w D:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:48:15 215,776 ----a-w D:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:48:08 22,752 ----a-w D:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:48:33 724,192 ----a-w D:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:49:24 390,880 ----a-w D:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2007-08-28 21:38:10 500,648 ----a-r D:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\MORPH9.DLL
+ 2007-08-28 21:38:46 9,584,512 ----a-r D:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\MSPUB.EXE
+ 2007-08-24 01:43:28 138,648 ----a-r D:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\PRTF9.DLL
+ 2007-08-28 21:39:14 625,560 ----a-r D:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\PTXT9.DLL
+ 2007-08-24 01:43:36 593,296 ----a-r D:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\PUBCONV.DLL
+ 2007-08-28 21:16:00 350,064 ----a-r D:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\WINWORD.EXE
+ 2007-09-06 16:03:02 4,280,176 ----a-r D:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\WRD12CNV.DLL
+ 2007-08-28 22:07:58 24,928 ----a-r D:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\WRD12EXE.EXE
+ 2007-09-06 15:56:32 17,490,800 ----a-r D:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\WWLIB.DLL
- 2008-05-16 07:00:43 1,165,584 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-05-30 14:03:17 1,165,584 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2008-05-16 07:00:44 20,240 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-05-30 14:03:18 20,240 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-05-16 07:00:44 159,504 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-05-30 14:03:17 159,504 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-05-16 07:00:44 184,080 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-05-30 14:03:18 184,080 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-05-16 07:00:44 217,864 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-05-30 14:03:18 217,864 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-05-16 07:00:44 18,704 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-05-30 14:03:18 18,704 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-05-16 07:00:44 35,088 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-05-30 14:03:18 35,088 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-05-16 07:00:44 845,584 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-05-30 14:03:18 845,584 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-05-16 07:00:44 922,384 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-05-30 14:03:18 922,384 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-05-16 07:00:44 272,648 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-05-30 14:03:18 272,648 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-05-16 07:00:44 888,080 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-05-30 14:03:18 888,080 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-05-16 07:00:44 1,172,240 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-05-30 14:03:17 1,172,240 ----a-r D:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2004-08-19 12:00:00 561,179 -c--a-w D:\WINDOWS\system32\dllcache\dao360.dll
+ 2008-03-25 04:50:25 554,008 -c--a-w D:\WINDOWS\system32\dllcache\dao360.dll
- 2004-08-19 12:00:00 512,029 -c--a-w D:\WINDOWS\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:28 518,944 -c--a-w D:\WINDOWS\system32\dllcache\msexch40.dll
- 2004-08-19 12:00:00 319,517 -c--a-w D:\WINDOWS\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 -c--a-w D:\WINDOWS\system32\dllcache\msexcl40.dll
- 2004-08-19 12:00:00 1,507,356 -c--a-w D:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 -c--a-w D:\WINDOWS\system32\dllcache\msjet40.dll
- 2004-08-19 12:00:00 358,976 -c--a-w D:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40 355,112 -c--a-w D:\WINDOWS\system32\dllcache\msjetol1.dll
- 2004-08-19 12:00:00 176,159 -c--a-w D:\WINDOWS\system32\dllcache\msjint40.dll
+ 2008-03-25 04:51:31 183,072 -c--a-w D:\WINDOWS\system32\dllcache\msjint40.dll
- 2004-08-19 12:00:00 53,279 -c--a-w D:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 60,192 -c--a-w D:\WINDOWS\system32\dllcache\msjter40.dll
- 2004-08-19 12:00:00 241,693 -c--a-w D:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 -c--a-w D:\WINDOWS\system32\dllcache\msjtes40.dll
- 2004-08-19 12:00:00 213,023 -c--a-w D:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:44 219,936 -c--a-w D:\WINDOWS\system32\dllcache\msltus40.dll
- 2004-08-19 12:00:00 348,189 -c--a-w D:\WINDOWS\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 -c--a-w D:\WINDOWS\system32\dllcache\mspbde40.dll
- 2004-08-19 12:00:00 421,919 -c--a-w D:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 -c--a-w D:\WINDOWS\system32\dllcache\msrd2x40.dll
- 2004-08-19 12:00:00 315,423 -c--a-w D:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 -c--a-w D:\WINDOWS\system32\dllcache\msrd3x40.dll
- 2004-08-19 12:00:00 552,989 -c--a-w D:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 -c--a-w D:\WINDOWS\system32\dllcache\msrepl40.dll
- 2004-08-19 12:00:00 258,077 -c--a-w D:\WINDOWS\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:55 264,992 -c--a-w D:\WINDOWS\system32\dllcache\mstext40.dll
- 2004-08-19 12:00:00 831,519 -c--a-w D:\WINDOWS\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 -c--a-w D:\WINDOWS\system32\dllcache\mswdat10.dll
- 2004-08-19 12:00:00 614,429 -c--a-w D:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:51:32 621,344 -c--a-w D:\WINDOWS\system32\dllcache\mswstr10.dll
- 2004-08-19 12:00:00 348,189 -c--a-w D:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 -c--a-w D:\WINDOWS\system32\dllcache\msxbde40.dll
- 2004-08-19 12:00:00 512,029 ----a-w D:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w D:\WINDOWS\system32\msexch40.dll
- 2004-08-19 12:00:00 319,517 ----a-w D:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w D:\WINDOWS\system32\msexcl40.dll
- 2004-08-19 12:00:00 1,507,356 ----a-w D:\WINDOWS\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w D:\WINDOWS\system32\msjet40.dll
- 2004-08-19 12:00:00 358,976 ----a-w D:\WINDOWS\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w D:\WINDOWS\system32\msjetoledb40.dll
- 2004-08-19 12:00:00 53,279 ----a-w D:\WINDOWS\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w D:\WINDOWS\system32\msjter40.dll
- 2004-08-19 12:00:00 241,693 ----a-w D:\WINDOWS\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w D:\WINDOWS\system32\msjtes40.dll
- 2004-08-19 12:00:00 213,023 ----a-w D:\WINDOWS\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w D:\WINDOWS\system32\msltus40.dll
- 2004-08-19 12:00:00 348,189 ----a-w D:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w D:\WINDOWS\system32\mspbde40.dll
- 2004-08-19 12:00:00 421,919 ----a-w D:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w D:\WINDOWS\system32\msrd2x40.dll
- 2004-08-19 12:00:00 315,423 ----a-w D:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w D:\WINDOWS\system32\msrd3x40.dll
- 2004-08-19 12:00:00 552,989 ----a-w D:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w D:\WINDOWS\system32\msrepl40.dll
- 2004-08-19 12:00:00 258,077 ----a-w D:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w D:\WINDOWS\system32\mstext40.dll
- 2004-08-19 12:00:00 831,519 ----a-w D:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w D:\WINDOWS\system32\mswdat10.dll
- 2004-08-19 12:00:00 348,189 ----a-w D:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w D:\WINDOWS\system32\msxbde40.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-19 14:00 15360]
"BitTorrent DNA"="D:\Programmi\DNA\btdna.exe" [2008-05-11 09:37 289088]
"swg"="D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-08 11:20 68856]
"AnyDVD"="D:\Programmi\SlySoft\AnyDVD\AnyDVD.exe" [2008-04-06 13:02 1379016]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="D:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe" [ ]
"MSMSGS"="D:\Programmi\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-08-10 15:21 16384000 D:\WINDOWS\RTHDCPL.exe]
"NvCplDaemon"="D:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 D:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="D:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"nod32kui"="D:\Programmi\Eset\nod32kui.exe" [2008-04-02 12:08 949376]
"Motive SmartBridge"="D:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 15:41 438359]
"Adobe Reader Speed Launcher"="D:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"HP Software Update"="D:\Programmi\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 21:34 49152]
"NBKeyScan"="D:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
"GrooveMonitor"="D:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"SunJavaUpdateSched"="D:\Programmi\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 14:00 15360]
D:\Documents and Settings\Stefano\Menu Avvio\Programmi\Esecuzione automatica\
Ritaglio schermata e avvio di OneNote 2007.lnk - D:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]
D:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Alice ti aiuta.lnk - D:\Programmi\Alice ti aiuta\bin\matcli.exe [2008-04-02 12:48:35 217088]
Avvio rapido di Album.lnk - D:\Programmi\Ulead Systems\Ulead PhotoImpact 6\ABMTSR.EXE [2008-05-23 21:32:02 36864]
HP Digital Imaging Monitor.lnk - D:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 21:26:24 210520]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\Programmi\\DNA\\btdna.exe"=
"D:\\Programmi\\BitTorrent\\bittorrent.exe"=
"D:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"D:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"D:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"D:\\Programmi\\Azureus\\Azureus.exe"=
"D:\\Programmi\\Internet Explorer\\iexplore.exe"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-30 16:05:17
Windows 5.1.2600 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: D:\WINDOWS\system32\lsass.exe
-> D:\Programmi\Eset\pr_imon.dll
.
Ora fine scansione: 2008-05-30 16.05.42
ComboFix-quarantined-files.txt 2008-05-30 14:05:35
ComboFix2.txt 2008-05-30 13:58:33
ComboFix3.txt 2008-05-21 16:45:53
ComboFix4.txt 2008-05-21 14:25:10
ComboFix5.txt 2008-05-19 10:34:35
6 Directory 39,627,829,248 byte disponibili
9 Directory 39,640,375,296 byte disponibili
348 --- E O F --- 2008-05-30 14:03:21 |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
|
| Top |
|
|
mastro1972
Eroe
Registrato: 26/03/08 18:39
Messaggi: 51
|
| Inviato: 30 Mag 2008 23:41 Oggetto: risposta |
|
|
posto tutto:
ComboFix 08-05-29.1 - Stefano 2008-05-30 23:09:26.11 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.1432 [GMT 2:00]
Eseguito da: D:\Documents and Settings\Stefano\Desktop\ComboFix.exe
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Creati Da 2008-04-28 al 2008-05-30 )))))))))))))))))))))))))))))))))))
.
2008-05-30 22:35 . 2008-03-17 19:23 39,808 --a------ D:\WINDOWS\system32\drivers\VIRAGTLT.SYS
2008-05-30 22:34 . 2008-05-30 22:35 <DIR> d-------- D:\VEXPLITE
2008-05-30 21:11 . 2008-05-30 22:32 38,944 --ahs---- D:\WINDOWS\system32\drivers\fidbox.dat
2008-05-30 21:11 . 2008-05-30 22:32 1,532 --ahs---- D:\WINDOWS\system32\drivers\fidbox.idx
2008-05-30 15:40 . 2008-05-30 15:40 <DIR> d-------- D:\VundoFix Backups
2008-05-26 21:53 . 2008-05-26 21:53 30 --a------ D:\WINDOWS\iedit.INI
2008-05-23 21:33 . 2000-01-27 18:19 1,048,576 --a------ D:\WINDOWS\system32\Roboex32.dll
2008-05-23 21:33 . 2000-01-27 18:19 1,048,576 --a------ D:\WINDOWS\Roboex32.dll
2008-05-23 21:33 . 1999-01-28 15:44 49,152 --a------ D:\WINDOWS\system32\INETWH32.dll
2008-05-23 21:33 . 1999-01-28 15:44 49,152 --a------ D:\WINDOWS\INETWH32.dll
2008-05-23 21:33 . 1999-07-17 01:02 40,960 --a------ D:\WINDOWS\system32\wh2robo.dll
2008-05-23 21:32 . 2008-05-23 21:32 <DIR> d-------- D:\WINDOWS\Ulead.dat
2008-05-23 21:32 . 2008-05-29 17:39 4,604 --a------ D:\WINDOWS\ULEAD32.INI
2008-05-23 21:31 . 2008-05-23 21:37 <DIR> d-------- D:\Programmi\Ulead Systems
2008-05-21 16:23 . 2008-05-21 18:46 534 ---hs---- D:\WINDOWS\system32\yslqholn.ini
2008-05-19 12:34 . 2008-05-19 12:34 294 ---hs---- D:\WINDOWS\system32\upnburkl.ini
2008-05-16 08:56 . 2008-05-16 08:57 354 ---hs---- D:\WINDOWS\system32\rfrjgjdm.ini
2008-05-14 12:18 . 2008-05-14 12:18 294 ---hs---- D:\WINDOWS\system32\vdgylopk.ini
2008-05-12 19:17 . 2006-03-17 11:45 1,757,184 --a------ D:\WINDOWS\system32\imagX7.dll
2008-05-12 19:17 . 2006-03-17 11:45 802,816 --a------ D:\WINDOWS\system32\imagXRA7.dll
2008-05-12 19:17 . 2006-03-17 11:45 497,296 --a------ D:\WINDOWS\system32\imagXpr7.dll
2008-05-12 19:17 . 2006-03-17 14:49 368,640 --a------ D:\WINDOWS\system32\TwnLib4.dll
2008-05-12 19:17 . 2006-03-17 11:45 258,048 --a------ D:\WINDOWS\system32\imagXR7.dll
2008-05-12 18:03 . 2008-04-02 13:40 <DIR> d--h----- D:\Documents and Settings\Administrator\Risorse di stampa
2008-05-12 18:03 . 2008-04-02 13:40 <DIR> d--h----- D:\Documents and Settings\Administrator\Risorse di rete
2008-05-12 18:03 . 2008-04-02 13:40 <DIR> d-------- D:\Documents and Settings\Administrator\Preferiti
2008-05-12 18:03 . 2008-04-02 11:45 <DIR> d--h----- D:\Documents and Settings\Administrator\Modelli
2008-05-12 18:03 . 2008-04-02 13:40 <DIR> dr------- D:\Documents and Settings\Administrator\Menu Avvio
2008-05-12 18:03 . 2008-05-30 23:10 <DIR> d--h----- D:\Documents and Settings\Administrator\Impostazioni locali
2008-05-12 18:03 . 2008-04-02 13:40 <DIR> d-------- D:\Documents and Settings\Administrator\Documenti
2008-05-12 18:03 . 2008-04-02 13:40 <DIR> dr-h----- D:\Documents and Settings\Administrator\Dati applicazioni
2008-05-12 18:03 . 2008-05-12 18:03 <DIR> d-------- D:\Documents and Settings\Administrator
2008-05-12 13:39 . 2008-02-28 13:26 1,414,440 --a------ D:\WINDOWS\system32\ShellManager310E2D762.dll
2008-05-12 13:39 . 2008-02-28 13:01 774,144 --a------ D:\WINDOWS\system32\NEROINSTAEC43759.DB
2008-05-10 14:39 . 2007-07-30 19:19 271,224 --a------ D:\WINDOWS\system32\mucltui.dll
2008-05-10 14:39 . 2007-07-30 19:19 207,736 --a------ D:\WINDOWS\system32\muweb.dll
2008-05-10 14:39 . 2007-07-30 19:18 30,072 --a------ D:\WINDOWS\system32\mucltui.dll.mui
2008-05-10 10:26 . 2008-05-10 10:26 <DIR> d-------- D:\Programmi\VideoLAN
2008-05-08 23:01 . 2008-05-08 23:01 <DIR> d--hsc--- D:\Programmi\File comuni\WindowsLiveInstaller
2008-05-08 23:00 . 2008-05-08 23:00 <DIR> d-------- D:\Programmi\Windows Live
2008-05-08 23:00 . 2008-05-08 23:00 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2008-04-25 18:41 . 2008-04-25 18:41 <DIR> d-------- D:\Programmi\Alcohol Soft
2008-04-23 14:50 . 2008-04-29 18:40 <DIR> d-------- D:\Programmi\free-downloads.net
2008-04-23 14:33 . 2008-05-12 18:25 <DIR> d-------- D:\Programmi\Save
2008-04-21 22:01 . 2008-04-23 14:48 716,272 --a------ D:\WINDOWS\system32\drivers\sptd.sys
2008-04-18 13:48 . 2008-04-18 13:48 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Trymedia
2008-04-18 13:43 . 2008-04-18 13:43 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\InstallShield
2008-04-18 00:53 . 2008-04-18 00:53 <DIR> d-------- D:\Programmi\Conduit
2008-04-18 00:53 . 2008-04-18 00:53 <DIR> d-------- D:\Programmi\Best_Security_Tips
2008-04-16 16:32 . 2008-05-30 23:09 <DIR> d-------- D:\Documents and Settings\Stefano\Dati applicazioni\Azureus
2008-04-16 16:32 . 2008-04-16 16:32 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Azureus
2008-04-16 16:31 . 2008-04-18 09:53 <DIR> d-------- D:\Programmi\Azureus
2008-04-12 20:48 . 2008-04-12 20:48 <DIR> d-------- D:\WINDOWS\Sun
2008-04-12 20:46 . 2008-04-12 20:46 <DIR> d-------- D:\Programmi\Java
2008-04-12 20:46 . 2008-02-22 02:33 69,632 --a------ D:\WINDOWS\system32\javacpl.cpl
2008-04-12 20:40 . 2008-04-12 20:40 <DIR> d-------- D:\Programmi\File comuni\Java
2008-04-12 20:24 . 2008-04-12 21:05 <DIR> d-------- D:\Programmi\Bittorrent Download Accelerator Pro
2008-04-12 20:24 . 2007-06-25 15:02 475,136 --a------ D:\WINDOWS\system32\SkinCrafter2.dll
2008-04-12 19:11 . 2008-04-18 09:26 <DIR> d-------- D:\Programmi\Azureus Turbo Accelerator
2008-04-11 19:40 . 2006-10-26 19:56 32,592 --a------ D:\WINDOWS\system32\msonpmon.dll
2008-04-11 19:39 . 2008-04-11 19:39 <DIR> d-------- D:\Programmi\MSBuild
2008-04-11 19:39 . 2008-04-11 19:39 <DIR> d-------- D:\Programmi\Microsoft Works
2008-04-11 19:35 . 2008-04-11 19:38 <DIR> d-------- D:\WINDOWS\SHELLNEW
2008-04-11 19:35 . 2008-04-11 19:35 <DIR> dr-h----- D:\MSOCache
2008-04-11 19:35 . 2008-05-30 16:03 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Microsoft Help
2008-04-08 14:54 . 2008-04-09 20:08 <DIR> d-------- D:\Programmi\FaxTalk Communicator
2008-04-07 23:46 . 2008-04-07 23:46 <DIR> d-------- D:\Programmi\NeroInstall.bak
2008-04-07 23:44 . 2008-05-12 19:18 <DIR> d-------- D:\Programmi\Nero
2008-04-07 23:44 . 2008-05-12 19:17 <DIR> d-------- D:\Programmi\File comuni\Nero
2008-04-07 23:44 . 2008-05-12 19:17 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Nero
2008-04-07 23:35 . 2008-04-07 23:35 32 --a------ D:\WINDOWS\CD_Start.INI
2008-04-07 22:09 . 2008-05-30 20:16 69 --a------ D:\WINDOWS\NeroDigital.ini
2008-04-07 22:05 . 2008-04-07 22:05 <DIR> d-------- D:\Documents and Settings\Stefano\Dati applicazioni\Nero
2008-04-07 10:14 . 2008-04-07 10:14 <DIR> d-------- D:\Documents and Settings\Stefano\Dati applicazioni\SlySoft
2008-04-07 10:10 . 2008-04-07 10:10 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\SlySoft
2008-04-06 13:00 . 2008-04-06 13:00 <DIR> d-------- D:\Programmi\SlySoft
2008-04-06 12:58 . 2008-04-06 12:58 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Elaborate Bytes
2008-04-06 12:55 . 2008-04-06 12:55 <DIR> d-------- D:\Programmi\Elaborate Bytes
2008-04-04 20:26 . 2008-04-04 20:27 98,838 --a------ D:\WINDOWS\hpqins16.dat
2008-04-04 20:16 . 2008-04-04 20:16 <DIR> d-------- D:\Programmi\MSXML 4.0
2008-04-03 19:15 . 2008-04-03 19:15 <DIR> d-------- D:\Documents and Settings\Stefano\Dati applicazioni\Motive
2008-04-02 18:49 . 2008-04-02 18:49 <DIR> d-------- D:\Documents and Settings\Stefano\WINDOWS
2008-04-02 18:49 . 1998-11-13 14:07 307,712 --a------ D:\WINDOWS\IsUn0410.exe
2008-04-02 15:20 . 2008-04-02 15:20 <DIR> d-------- D:\Documents and Settings\Stefano\Dati applicazioni\Ahead
2008-04-02 15:11 . 2008-04-02 19:07 <DIR> d-------- D:\Documents and Settings\Stefano\Dati applicazioni\HP
2008-04-02 15:06 . 2008-04-02 15:06 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\WEBREG
2008-04-02 15:04 . 2008-05-30 20:35 <DIR> d-------- D:\Documents and Settings\Stefano\Dati applicazioni\HPAppData
2008-04-02 15:03 . 2008-04-02 15:03 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\HP Product Assistant
2008-04-02 15:03 . 2008-04-02 19:07 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\HP
2008-04-02 15:02 . 2008-04-02 15:02 <DIR> d-------- D:\Programmi\Hewlett-Packard
2008-04-02 15:02 . 2008-04-02 15:02 <DIR> d-------- D:\Programmi\File comuni\HP
2008-04-02 15:02 . 2008-04-02 15:02 <DIR> d-------- D:\Programmi\File comuni\Hewlett-Packard
2008-04-02 15:01 . 2008-04-02 15:01 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Hewlett-Packard
2008-04-02 15:01 . 2007-03-30 17:07 267,864 -ra------ D:\WINDOWS\system32\hpzids01.dll
2008-04-02 15:01 . 2007-03-28 14:01 117,760 --a------ D:\WINDOWS\system32\hpzll5ha.dll
2008-04-02 15:01 . 2007-03-08 06:20 49,920 -ra------ D:\WINDOWS\system32\drivers\HPZid412.sys
2008-04-02 15:01 . 2007-03-08 06:20 21,568 -ra------ D:\WINDOWS\system32\drivers\HPZius12.sys
2008-04-02 15:01 . 2007-03-08 06:20 16,496 -ra------ D:\WINDOWS\system32\drivers\HPZipr12.sys
2008-04-02 15:00 . 2008-04-02 15:00 <DIR> d----c--- D:\WINDOWS\system32\DRVSTORE
2008-04-02 15:00 . 2008-04-04 20:27 <DIR> d-------- D:\Programmi\HP
2008-04-02 15:00 . 2007-03-17 18:11 675,840 -ra------ D:\WINDOWS\system32\hpowiax3.dll
2008-04-02 15:00 . 2007-03-17 18:11 569,344 -ra------ D:\WINDOWS\system32\hpotscl3.dll
2008-04-02 15:00 . 2007-03-08 06:20 364,544 -ra------ D:\WINDOWS\system32\hppldcoi.dll
2008-04-02 15:00 . 2007-03-08 06:20 309,760 -ra------ D:\WINDOWS\system32\difxapi.dll
2008-04-02 15:00 . 2007-03-17 18:11 303,104 -ra------ D:\WINDOWS\system32\hpovst10.dll
2008-04-02 15:00 . 2004-08-03 22:58 15,104 --a------ D:\WINDOWS\system32\drivers\usbscan.sys
2008-04-02 15:00 . 2004-08-03 22:58 15,104 --a--c--- D:\WINDOWS\system32\dllcache\usbscan.sys
2008-04-02 14:57 . 2008-04-02 15:06 153,139 --a------ D:\WINDOWS\hpoins14.dat
2008-04-02 14:57 . 2007-06-06 01:07 2,000 --------- D:\WINDOWS\hpomdl14.dat
2008-04-02 12:48 . 2008-04-02 12:48 <DIR> d-------- D:\Programmi\Motive
2008-04-02 12:47 . 2008-04-02 12:47 <DIR> d-------- D:\Programmi\Telecom Italia
2008-04-02 12:22 . 2008-04-02 12:48 <DIR> d-------- D:\WINDOWS\Motive
2008-04-02 12:22 . 2008-04-02 12:22 <DIR> d-------- D:\Programmi\Pirelli
2008-04-02 12:22 . 2008-04-02 12:22 <DIR> d-------- D:\Programmi\File comuni\Motive
2008-04-02 12:22 . 2008-04-02 12:22 <DIR> d-------- D:\Programmi\Common Files
2008-04-02 12:22 . 2008-04-02 12:48 <DIR> d-------- D:\Programmi\Alice ti aiuta
2008-04-02 12:22 . 2008-04-02 12:45 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Motive
2008-04-02 12:22 . 2002-10-17 19:07 313,856 --a------ D:\WINDOWS\system32\dx3j.dll
2008-04-02 12:22 . 2002-10-17 20:44 171,280 --a------ D:\WINDOWS\system32\jit.dll
2008-04-02 12:22 . 2002-10-17 20:44 139,536 --a------ D:\WINDOWS\system32\javaee.dll
2008-04-02 12:22 . 2002-10-17 20:44 46,352 --a------ D:\WINDOWS\setdebug.exe
2008-04-02 12:22 . 2002-10-17 19:28 7,315 --a------ D:\WINDOWS\system32\javasup.vxd
2008-04-02 12:22 . 2002-10-17 19:08 6,550 --a------ D:\WINDOWS\jautoexp.dat
2008-04-02 12:16 . 2008-04-04 20:17 <DIR> d-------- D:\WINDOWS\system32\it-it
2008-04-02 12:14 . 2008-05-19 12:45 <DIR> d--h----- D:\WINDOWS\$hf_mig$
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-30 21:10 --------- d-----w D:\Documents and Settings\Stefano\Dati applicazioni\DNA
2008-04-20 17:39 --------- d-----w D:\Documents and Settings\Stefano\Dati applicazioni\BitTorrent
2008-04-07 21:29 --------- d-----w D:\Programmi\File comuni\Ahead
2008-04-07 21:29 --------- d-----w D:\Programmi\Ahead
2008-04-02 15:22 --------- d-----w D:\Documents and Settings\Stefano\Dati applicazioni\NeroVision
2008-04-02 11:25 --------- d-----w D:\Programmi\File comuni\Adobe
2008-04-02 11:23 --------- d-----w D:\Programmi\Google
2008-04-02 11:15 --------- d-----w D:\Documents and Settings\Stefano\Dati applicazioni\vlc
2008-04-02 11:13 --------- d-----w D:\Programmi\Windows Media Connect 2
2008-04-02 11:11 --------- d-----w D:\Programmi\DNA
2008-04-02 11:11 --------- d-----w D:\Programmi\BitTorrent
2008-04-02 10:22 155,995 ----a-w D:\WINDOWS\java\Packages\W39FL7L7.ZIP
2008-04-02 10:00 315,392 ----a-w D:\WINDOWS\HideWin.exe
2008-04-02 09:48 --------- d-----w D:\Programmi\microsoft frontpage
2008-04-02 09:47 --------- d-----w D:\Programmi\Servizi in linea
2008-03-25 04:51 621,344 ----a-w D:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 183,072 ----a-w D:\WINDOWS\system32\msjint40.dll
2008-03-20 08:06 1,845,248 ----a-w D:\WINDOWS\system32\win32k.sys
2008-03-01 12:58 826,368 ----a-w D:\WINDOWS\system32\wininet.dll
2008-02-20 06:50 282,624 ----a-w D:\WINDOWS\system32\gdi32.dll
2008-02-20 05:33 45,568 ----a-w D:\WINDOWS\system32\dnsrslvr.dll
.
((((((((((((((((((((((((((((( snapshot_2008-05-30_16.05.30,06 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-30 13:56:36 2,048 --s-a-w D:\WINDOWS\bootstat.dat
+ 2008-05-30 20:50:38 2,048 --s-a-w D:\WINDOWS\bootstat.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-19 14:00 15360]
"BitTorrent DNA"="D:\Programmi\DNA\btdna.exe" [2008-05-11 09:37 289088]
"swg"="D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-08 11:20 68856]
"AnyDVD"="D:\Programmi\SlySoft\AnyDVD\AnyDVD.exe" [2008-04-06 13:02 1379016]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="D:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe" [ ]
"MSMSGS"="D:\Programmi\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-08-10 15:21 16384000 D:\WINDOWS\RTHDCPL.exe]
"NvCplDaemon"="D:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 D:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="D:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"nod32kui"="D:\Programmi\Eset\nod32kui.exe" [2008-04-02 12:08 949376]
"Motive SmartBridge"="D:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 15:41 438359]
"Adobe Reader Speed Launcher"="D:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"HP Software Update"="D:\Programmi\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 21:34 49152]
"NBKeyScan"="D:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
"GrooveMonitor"="D:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"SunJavaUpdateSched"="D:\Programmi\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 14:00 15360]
D:\Documents and Settings\Stefano\Menu Avvio\Programmi\Esecuzione automatica\
Ritaglio schermata e avvio di OneNote 2007.lnk - D:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]
D:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Alice ti aiuta.lnk - D:\Programmi\Alice ti aiuta\bin\matcli.exe [2008-04-02 12:48:35 217088]
Avvio rapido di Album.lnk - D:\Programmi\Ulead Systems\Ulead PhotoImpact 6\ABMTSR.EXE [2008-05-23 21:32:02 36864]
HP Digital Imaging Monitor.lnk - D:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 21:26:24 210520]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\Programmi\\DNA\\btdna.exe"=
"D:\\Programmi\\BitTorrent\\bittorrent.exe"=
"D:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"D:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"D:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"D:\\Programmi\\Azureus\\Azureus.exe"=
"D:\\Programmi\\Internet Explorer\\iexplore.exe"=
R0 VIRAGTLT;VIRAGTLT;D:\WINDOWS\system32\drivers\VIRAGTLT.SYS [2008-03-17 19:23]
R2 viritsvclite;Virit eXplorer Lite;D:\VEXPLITE\viritsvc.exe [2007-10-10 12:12]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
*Newly Created Service* - CATCHME
*Newly Created Service* - VIRAGTLT
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-30 23:10:46
Windows 5.1.2600 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: D:\WINDOWS\system32\lsass.exe
-> D:\Programmi\Eset\pr_imon.dll
.
Ora fine scansione: 2008-05-30 23:11:15
ComboFix-quarantined-files.txt 2008-05-30 21:11:12
ComboFix2.txt 2008-05-30 14:05:43
ComboFix3.txt 2008-05-30 13:58:33
ComboFix4.txt 2008-05-21 16:45:53
ComboFix5.txt 2008-05-21 14:25:10
7 Directory 38,849,011,712 byte disponibili
11 Directory 38,838,693,888 byte disponibili
235 --- E O F --- 2008-05-30 14:03:21 |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 31 Mag 2008 10:02 Oggetto: |
|
|
Mancano i logs di Kaspersky e VirIT.
Domandina: come mai posti sempre 2 volte lo stesso messaggio?  |
|
| Top |
|
|
mastro1972
Eroe
Registrato: 26/03/08 18:39
Messaggi: 51
|
| Inviato: 01 Giu 2008 18:53 Oggetto: |
|
|
| bdoriano ha scritto: | Mancano i logs di Kaspersky e VirIT.
Domandina: come mai posti sempre 2 volte lo stesso messaggio? |
Siccome ho qualche problemino di connessione mi capita che a volte dopo aver inviato il messaggio il computer mi dà l'impressione di essersi bloccato e allora..... |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 02 Giu 2008 23:03 Oggetto: |
|
|
| mastro1972 ha scritto: | | Siccome ho qualche problemino di connessione mi capita che a volte dopo aver inviato il messaggio il computer mi dà l'impressione di essersi bloccato e allora..... |
Ok, giusto per saperlo. 
Appena puoi, carica i logs di Kaspersky e VirIT su FreeFileHosting come indicato qui e posta i links che ti vengono assegnati.
Dopo, segui le istruzioni di questo topic per usare MBAM. |
|
| Top |
|
|
mastro1972
Eroe
Registrato: 26/03/08 18:39
Messaggi: 51
|
| Inviato: 08 Giu 2008 10:10 Oggetto: |
|
|
| bdoriano ha scritto: | | mastro1972 ha scritto: | | Siccome ho qualche problemino di connessione mi capita che a volte dopo aver inviato il messaggio il computer mi dà l'impressione di essersi bloccato e allora..... |
Ok, giusto per saperlo.
Appena puoi, carica i logs di Kaspersky e VirIT su FreeFileHosting come indicato qui e posta i links che ti vengono assegnati.
Dopo, segui le istruzioni di questo topic per usare MBAM. |
Dimenticavo di ringraziarti/vi per tutta la pazienza e per la vostra grande competenza.
il PC sembra tornato quello di prima. |
|
| Top |
|
|
Sante62
Dio maturo
Registrato: 27/06/07 17:55
Messaggi: 3477
Residenza: Floridia
|
| Inviato: 10 Giu 2008 01:12 Oggetto: |
 |
|
| Ciao, posta i log richiesti cortesemente... |
|
| Top |
|
|
|
|
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi
|
|
FAQ
Cerca
Lista utenti
Gruppi
Registrati
Profilo
Messaggi privati
Log in
