Olimpo Informatico

ananas · Eroe in grazia degli dei Registrato: 28/09/07 14:29 Messaggi: 154

Ciao a tutti!!!

Bdoriano mi ha gentilmente consigliato di fare un controllino al mio pc, perché è da un pò che riscontro qualche problema.

Il problema è con Avast.
Quando accendo il computer mi compare sulla barra delle applicazioni la solita icona di Avast! con un simbolino rosso di errore. Cliccandoci sopra appare il messaggio: AVAST! IL SOTTOSISTEMA AAVM HA TROVATO UN ERRORE RPC.
Non riesco a fare nessuna operazione con il pc fino a quando, dopo alcuni minuti, avast riparte e finalmente posso usare il computer.

Comunque...... ho Windows XP come sistema operativo, Avast! versione 4.8 e ho armor firewall.

Il log è il seguente:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21.31.12, on 04/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Tall Emu\Online Armor\oasrv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Lexmark 1200 Series\lxczbmgr.exe
C:\Programmi\Tall Emu\Online Armor\oaui.exe
C:\Programmi\SyncroSoft\Pos\H2O\cledx.exe
C:\Programmi\Lexmark 1200 Series\lxczbmon.exe
C:\Programmi\Apoint2K\Apntex.exe
C:\Programmi\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cpqset] C:\Programmi\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Programmi\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Programmi\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [H2O] C:\Programmi\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2E26DB84-00D3-41D5-B5EF-2BFE1F2721FE}: NameServer = 195.110.128.1,213.234.128.211
O17 - HKLM\System\CS1\Services\Tcpip\..\{2E26DB84-00D3-41D5-B5EF-2BFE1F2721FE}: NameServer = 195.110.128.1,213.234.128.211
O17 - HKLM\System\CS2\Services\Tcpip\..\{2E26DB84-00D3-41D5-B5EF-2BFE1F2721FE}: NameServer = 195.110.128.1,213.234.128.211
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Programmi\Tall Emu\Online Armor\oasrv.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Annalisa/IMPOST~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 6880 bytes

Sante62 · Dio maturo Registrato: 27/06/07 17:55 Messaggi: 3477 Residenza: Floridia

Ciao ananas Ciao

Il log è pulito;

Intanto pulisci con CCleaner;
Vai su Pannello di Controllo->Installazione applicazioni e clicca su Rimuovi come se volessi disinstallare Avast; dovrebbe apparire la schermata con tre opzioni tra cui la funzione di riparazione di Avast;

Utilizzala e vedi come va;

comunque vadano le cose puoi fare anche queste scansioni:
Combofix;
Virit;

ananas · Eroe in grazia degli dei Registrato: 28/09/07 14:29 Messaggi: 154

Ciao Sante62, innanzitutto grazie per l'aiuto che mi stai dando.

Ho scaricato e avviato CCleaner, però ho qualche problema con il passo 4 del link: non mi compare l'esempio di finestra di CCleaner che Bdoriano dovrebbe aver messo nel forum, quindi non so dove mettere/togliere i segni di spunta (da me tutte le voci hanno la spunta). Rolling Eyes

bdoriano

Eh si, oggi il sito è in manutenzione... quindi le immagini non si vedono. Sad

Se non ricordo male, avevo lasciato tutto spuntato (per ripulire dappertutto). Razz

Al limite, attendi fino a domani prima di continuare con le operazioni. Wink

ananas · Eroe in grazia degli dei Registrato: 28/09/07 14:29 Messaggi: 154

ok, bdoriano!!! Attendo fino a domani tanto non c'è fretta!!!!

Grazie Very Happy

ananas · Eroe in grazia degli dei Registrato: 28/09/07 14:29 Messaggi: 154

Ok, ho fatto tutto.

Qui c'è il log di Hijackthis dopo scansione con combofix:

ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 14.38.33, on 06/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Tall Emu\Online Armor\oasrv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe
C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Lexmark 1200 Series\lxczbmgr.exe
C:\Programmi\Tall Emu\Online Armor\oaui.exe
C:\Programmi\SyncroSoft\Pos\H2O\cledx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Lexmark 1200 Series\lxczbmon.exe
C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmi\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Programmi\Apoint2K\Apntex.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cpqset] C:\Programmi\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Programmi\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Programmi\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [H2O] C:\Programmi\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2E26DB84-00D3-41D5-B5EF-2BFE1F2721FE}: NameServer = 195.110.128.1,213.234.128.211
O17 - HKLM\System\CS1\Services\Tcpip\..\{2E26DB84-00D3-41D5-B5EF-2BFE1F2721FE}: NameServer = 195.110.128.1,213.234.128.211
O17 - HKLM\System\CS2\Services\Tcpip\..\{2E26DB84-00D3-41D5-B5EF-2BFE1F2721FE}: NameServer = 195.110.128.1,213.234.128.211
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Programmi\Tall Emu\Online Armor\oasrv.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Annalisa/IMPOST~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 7245 bytes

E qui il log di VirIT:

VirIT eXplorer Lite Log

[SCANSIONE DELLA MEMORIA]
OK
[SCANSIONE DELLA MEMORIA]
OK
[SCANSIONE DELLA MEMORIA]
OK
--------------------------------------------------------
06/07/2008 - 14:49:14

[SCANSIONE DEL REGISTRO]
OK

[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK

[SCANSIONE DELLA MEMORIA]
OK
--------------------------------------------------------
06/07/2008 - 14:54:47

[SCANSIONE DEL REGISTRO]
OK

[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK

[SCANSIONE DELLA MEMORIA]
OK
--------------------------------------------------------
06/07/2008 - 14:56:43

[SCANSIONE DEL REGISTRO]
OK

[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK

Chiavi Registro infette: 0.
Files Infetti: 0.
Files Sospetti: 0.
Files Analizzati: 41006.
Files Totali: 41006.
Chiavi Registro rimosse: 0.
Virus Rimossi: 0.

Spero che almeno questi vadano bene, visto che per quanto riguarda il discorso avast sono ancora al punto di partenza. Crying or Very sad

Grazie comunque per l'aiuto che mi state dando.
Vedrò per cambiare l'antivirus.

bdoriano

Posta anche il log di combofix. Wink

ananas · Eroe in grazia degli dei Registrato: 28/09/07 14:29 Messaggi: 154

è un pò lunghino Rolling Eyes

, è normale?? Comunque eccolo:

ComboFix 08-07-05.1 - Annalisa 2008-07-06 12.50.03.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1040.18.200 [GMT 2:00]
Eseguito da: C:\Documents and Settings\Annalisa\Desktop\Combo-Fix.exe
* Creato nuovo punto di ripristino

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Creati Da 2008-06-06 al 2008-07-06 )))))))))))))))))))))))))))))))))))
.

2008-07-05 16:28 . 2008-07-05 16:28 <DIR> d-------- C:\Programmi\CCleaner
2008-06-30 12:48 . 2008-06-30 12:48 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Office Genuine Advantage
2008-06-18 21:31 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-06-18 21:31 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-06-18 21:31 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-06-18 15:10 . 2008-06-18 15:20 <DIR> d--hsc--- C:\Programmi\File comuni\WindowsLiveInstaller
2008-06-18 15:09 . 2008-06-18 15:09 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2008-06-18 15:09 . 2008-06-18 15:09 2,402,320 --a------ C:\Programmi\WLinstaller.exe
2008-06-17 21:13 . 2008-06-17 21:13 1,746 -rahs---- C:\WINDOWS\system32\drivers\HP_Pavilion zv5000 (PJ837EA ABZ)_YN_Pavi_QCND442_E_4_I08A0_SCompal_V32.42_BF.35_T050428_WXH2_L410_M512_J60_7AMD_8Athlon XP 3000+_91,6_1104C8026_N10EC8139_P104CAC54_Z10DE00D9_K_A10DE00DA_U10DE00D7_G10DE0179.MRK
2008-06-17 21:08 . 2002-10-15 09:13 32,356 --------- C:\WINDOWS\system32\pusbfd1.sys
2008-06-17 21:08 . 2002-10-15 09:13 26,629 --------- C:\WINDOWS\system32\pusbfd2.vxd
2008-06-17 21:07 . 2008-06-17 21:07 <DIR> d-------- C:\swsetup
2008-06-17 20:54 . 2003-09-10 23:36 21,060 --------- C:\WINDOWS\system32\drivers\iviaspi.sys
2008-06-17 20:54 . 2003-09-19 01:47 10,368 --------- C:\WINDOWS\system32\drivers\pfc.sys
2008-06-17 20:53 . 2004-09-09 17:34 204,800 --a------ C:\WINDOWS\system32\IVIresizeW7.dll
2008-06-17 20:53 . 2004-09-09 17:34 200,704 --a------ C:\WINDOWS\system32\IVIresizeA6.dll
2008-06-17 20:53 . 2004-09-09 17:34 192,512 --a------ C:\WINDOWS\system32\IVIresizeP6.dll
2008-06-17 20:53 . 2004-09-09 17:34 192,512 --a------ C:\WINDOWS\system32\IVIresizeM6.dll
2008-06-17 20:53 . 2004-09-09 17:34 188,416 --a------ C:\WINDOWS\system32\IVIresizePX.dll
2008-06-17 20:53 . 2004-09-09 17:34 20,480 --a------ C:\WINDOWS\system32\IVIresize.dll
2008-06-11 14:48 . 2008-06-11 14:48 <DIR> d-------- C:\Documents and Settings\Annalisa\Dati applicazioni\Template
2008-06-10 22:00 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-10 22:00 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-06 10:21 --------- d-----w C:\Documents and Settings\Annalisa\Dati applicazioni\OnlineArmor
2008-07-04 19:31 6,881 ----a-w C:\Programmi\hijackthis.log
2008-07-03 16:58 --------- d-----w C:\Programmi\eMule
2008-06-17 19:07 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-06-17 19:07 --------- d-----w C:\Programmi\HPQ
2008-06-17 18:52 --------- d-----w C:\Programmi\InterVideo
2008-06-11 12:27 --------- d-----w C:\Programmi\Microsoft Works
2008-06-05 18:01 --------- d-----w C:\Programmi\Ahead
2008-06-03 13:04 --------- d-----w C:\Programmi\File comuni\Autodesk Shared
2008-06-03 13:04 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Autodesk
2008-05-21 16:22 --------- d-----w C:\Programmi\MSXML 4.0
2008-05-21 16:19 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Bluetooth
2008-05-20 19:58 --------- d-----w C:\Documents and Settings\Annalisa\Dati applicazioni\Autodesk
2008-05-20 19:55 --------- d-----w C:\Programmi\Autodesk
2008-05-20 19:34 --------- d-----w C:\Documents and Settings\Annalisa\Dati applicazioni\Steinberg
2008-05-20 19:29 --------- d-----w C:\Programmi\Steinberg
2008-05-20 19:26 --------- d-----w C:\Programmi\Syncrosoft
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:14 1,292,800 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-23 15:17 693,792 ----a-w C:\WINDOWS\system32\OGACheckControl.dll
2008-04-23 15:17 504,864 ----a-w C:\WINDOWS\system32\OGAVerify.exe
2008-04-23 15:17 504,352 ----a-w C:\WINDOWS\system32\OGAAddin.dll
2008-04-21 06:56 669,184 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-05 22:06 10,383,072 ----a-w C:\Programmi\OnlineArmor_Setup_Free.exe
2008-02-25 21:08 28,979,464 ----a-w C:\Programmi\FileFormatConverters.exe
2007-12-26 16:01 8,518,384 ----a-w C:\Programmi\cureit.exe
2007-12-26 13:12 50,688 ----a-w C:\Programmi\ATF-Cleaner.exe
2007-09-28 14:43 401,720 ----a-w C:\Programmi\HiJackThis.exe
2007-06-29 07:38 581,632 ----a-w C:\Programmi\gmer.exe
2007-03-22 08:35 21,822,168 ----a-w C:\Programmi\AdbeRdr80_en_US.exe
2006-12-01 10:43 19,159,974 ----a-w C:\Programmi\JawsPDFCreatorIt.exe
2006-11-23 15:21 39,465,120 ----a-w C:\Programmi\NVE-3.1.0.25.exe
2006-11-21 13:54 81,920 -c--a-w C:\Documents and Settings\Annalisa\Dati applicazioni\ezpinst.exe
2006-11-21 13:54 47,360 -c--a-w C:\Documents and Settings\Annalisa\Dati applicazioni\pcouffin.sys
2006-11-14 21:57 18,715,215 ----a-w C:\Programmi\klcodec277f.exe
2006-11-13 22:55 13,670,960 ----a-w C:\Programmi\PDFCreator-0_9_0_AFPLGhostscript_32bit.msi
2006-11-12 20:47 3,534,076 ----a-w C:\Programmi\eMule0.47c-Installer.exe
.

((((((((((((((((((((((((((((( snapshot@2007-12-22_15.46.23,17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-10-30 16:53:32 360,832 ----a-w C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
+ 2007-03-06 01:48:10 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spmsg.dll
+ 2007-03-06 01:48:15 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spuninst.exe
+ 2007-03-06 01:48:08 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\spcustom.dll
+ 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
+ 2007-03-06 01:49:24 390,880 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\updspapi.dll
+ 2008-03-20 07:57:45 1,845,888 ----a-w C:\WINDOWS\$hf_mig$\KB941693\SP2QFE\win32k.sys
+ 2007-03-06 01:48:10 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spmsg.dll
+ 2007-03-06 01:48:15 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spuninst.exe
+ 2007-03-06 01:48:08 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\spcustom.dll
+ 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\update.exe
+ 2007-03-06 01:49:24 390,880 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\updspapi.dll
+ 2007-12-04 18:29:32 551,936 ----a-w C:\WINDOWS\$hf_mig$\KB943055\SP2QFE\oleaut32.dll
+ 2007-03-06 01:48:10 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spmsg.dll
+ 2007-03-06 01:48:15 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spuninst.exe
+ 2007-03-06 01:48:08 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\spcustom.dll
+ 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
+ 2007-03-06 01:49:24 390,880 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\updspapi.dll
+ 2007-11-07 09:49:53 732,672 ----a-w C:\WINDOWS\$hf_mig$\KB943485\SP2QFE\lsasrv.dll
+ 2007-03-06 01:48:10 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spmsg.dll
+ 2007-03-06 01:48:15 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spuninst.exe
+ 2007-03-06 01:48:08 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\spcustom.dll
+ 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\update.exe
+ 2007-03-06 01:49:24 390,880 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\updspapi.dll
+ 2007-12-18 14:32:47 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\jscript.dll
+ 2007-12-18 14:32:47 417,792 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\vbscript.dll
+ 2007-03-06 01:48:10 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spmsg.dll
+ 2007-03-06 01:48:15 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spuninst.exe
+ 2007-03-06 01:48:08 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\spcustom.dll
+ 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\update.exe
+ 2007-03-06 01:49:24 390,880 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\updspapi.dll
+ 2008-02-20 05:19:51 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
+ 2008-02-20 18:49:52 45,568 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
+ 2007-03-06 01:48:10 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spmsg.dll
+ 2007-03-06 01:48:15 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spuninst.exe
+ 2007-03-06 01:48:08 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\spcustom.dll
+ 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\update.exe
+ 2007-03-06 01:49:24 390,880 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\updspapi.dll
+ 2007-12-18 09:38:59 179,712 ----a-w C:\WINDOWS\$hf_mig$\KB946026\SP2QFE\mrxdav.sys
+ 2007-03-06 01:48:10 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spmsg.dll
+ 2007-03-06 01:48:15 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spuninst.exe
+ 2007-03-06 01:48:08 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\spcustom.dll
+ 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
+ 2007-03-06 01:49:24 390,880 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\updspapi.dll
+ 2008-02-20 06:52:28 282,624 ----a-w C:\WINDOWS\$hf_mig$\KB948590\SP2QFE\gdi32.dll
+ 2007-03-06 01:48:10 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spmsg.dll
+ 2007-03-06 01:48:15 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spuninst.exe
+ 2007-03-06 01:48:08 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\spcustom.dll
+ 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\update.exe
+ 2007-03-06 01:49:24 390,880 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\updspapi.dll
+ 2007-03-06 01:48:09 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spmsg.dll
+ 2007-03-06 01:48:14 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spuninst.exe
+ 2007-03-06 01:48:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\spcustom.dll
+ 2007-03-06 01:48:32 724,192 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\update.exe
+ 2007-03-06 01:49:24 390,880 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2007-11-01 05:15:52 183,072 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:15:53 621,344 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:48:10 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:48:15 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:48:08 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:49:24 390,880 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2007-03-06 01:48:15 215,776 -c----w C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\$NtUninstallKB941644$\spuninst\updspapi.dll
+ 2006-04-20 11:51:50 359,808 -c----w C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
+ 2007-03-06 01:48:15 215,776 -c----w C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\$NtUninstallKB941693$\spuninst\updspapi.dll
+ 2007-03-08 15:33:54 1,843,584 -c----w C:\WINDOWS\$NtUninstallKB941693$\win32k.sys
+ 2007-05-17 11:29:12 549,376 -c----w C:\WINDOWS\$NtUninstallKB943055$\oleaut32.dll
+ 2007-03-06 01:48:15 215,776 -c----w C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\$NtUninstallKB943055$\spuninst\updspapi.dll
+ 2006-08-17 12:29:46 727,552 -c----w C:\WINDOWS\$NtUninstallKB943485$\lsasrv.dll
+ 2007-03-06 01:48:15 215,776 -c----w C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\$NtUninstallKB943485$\spuninst\updspapi.dll
+ 2007-11-14 07:27:20 450,560 -c----w C:\WINDOWS\$NtUninstallKB944338$\jscript.dll
+ 2007-03-06 01:48:15 215,776 -c----w C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\$NtUninstallKB944338$\spuninst\updspapi.dll
+ 2004-08-19 12:00:00 417,792 -c----w C:\WINDOWS\$NtUninstallKB944338$\vbscript.dll
+ 2007-10-11 06:11:02 1,024,000 -c----w C:\WINDOWS\$NtUninstallKB944533$\browseui.dll
+ 2007-10-11 06:11:02 151,552 -c----w C:\WINDOWS\$NtUninstallKB944533$\cdfview.dll
+ 2007-10-11 06:11:03 1,056,256 -c----w C:\WINDOWS\$NtUninstallKB944533$\danim.dll
+ 2007-10-11 06:11:03 357,888 -c----w C:\WINDOWS\$NtUninstallKB944533$\dxtmsft.dll
+ 2007-10-11 06:11:03 205,824 -c----w C:\WINDOWS\$NtUninstallKB944533$\dxtrans.dll
+ 2007-10-11 06:11:03 55,808 -c----w C:\WINDOWS\$NtUninstallKB944533$\extmgr.dll
+ 2007-10-10 10:48:23 18,432 -c----w C:\WINDOWS\$NtUninstallKB944533$\iedw.exe
+ 2007-10-11 06:11:03 251,904 -c----w C:\WINDOWS\$NtUninstallKB944533$\iepeers.dll
+ 2007-10-11 06:11:03 96,768 -c----w C:\WINDOWS\$NtUninstallKB944533$\inseng.dll
+ 2007-10-11 06:11:03 16,384 -c----w C:\WINDOWS\$NtUninstallKB944533$\jsproxy.dll
+ 2007-10-30 09:56:55 3,086,848 -c----w C:\WINDOWS\$NtUninstallKB944533$\mshtml.dll
+ 2007-10-11 06:11:05 449,024 -c----w C:\WINDOWS\$NtUninstallKB944533$\mshtmled.dll
+ 2007-10-11 06:11:05 146,432 -c----w C:\WINDOWS\$NtUninstallKB944533$\msrating.dll
+ 2007-10-11 06:11:05 532,480 -c----w C:\WINDOWS\$NtUninstallKB944533$\mstime.dll
+ 2007-10-11 06:11:05 39,424 -c----w C:\WINDOWS\$NtUninstallKB944533$\pngfilt.dll
+ 2007-10-11 06:11:06 1,498,624 -c----w C:\WINDOWS\$NtUninstallKB944533$\shdocvw.dll
+ 2007-10-11 06:11:06 474,624 -c----w C:\WINDOWS\$NtUninstallKB944533$\shlwapi.dll
+ 2007-03-06 01:48:15 215,776 -c----w C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\$NtUninstallKB944533$\spuninst\updspapi.dll
+ 2007-10-11 06:11:07 619,008 -c----w C:\WINDOWS\$NtUninstallKB944533$\urlmon.dll
+ 2007-10-11 06:11:07 668,672 -c----w C:\WINDOWS\$NtUninstallKB944533$\wininet.dll
+ 2007-10-29 15:07:18 366,592 -c----w C:\WINDOWS\$NtUninstallKB944533$\xpsp3res.dll
+ 2006-06-26 17:41:31 148,480 -c----w C:\WINDOWS\$NtUninstallKB945553$\dnsapi.dll
+ 2004-08-19 12:00:00 45,568 -c----w C:\WINDOWS\$NtUninstallKB945553$\dnsrslvr.dll
+ 2007-03-06 01:48:15 215,776 -c----w C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\$NtUninstallKB945553$\spuninst\updspapi.dll
+ 2004-08-19 12:00:00 181,248 -c----w C:\WINDOWS\$NtUninstallKB946026$\mrxdav.sys
+ 2007-03-06 01:48:15 215,776 -c----w C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\$NtUninstallKB946026$\spuninst\updspapi.dll
+ 2007-12-07 00:44:55 1,024,000 -c----w C:\WINDOWS\$NtUninstallKB947864$\browseui.dll
+ 2007-12-07 00:44:55 151,552 -c----w C:\WINDOWS\$NtUninstallKB947864$\cdfview.dll
+ 2007-12-07 00:44:57 1,056,256 -c----w C:\WINDOWS\$NtUninstallKB947864$\danim.dll
+ 2007-12-07 00:44:57 357,888 -c----w C:\WINDOWS\$NtUninstallKB947864$\dxtmsft.dll
+ 2007-12-07 00:44:58 205,824 -c----w C:\WINDOWS\$NtUninstallKB947864$\dxtrans.dll
+ 2007-12-07 00:44:58 55,808 -c----w C:\WINDOWS\$NtUninstallKB947864$\extmgr.dll
+ 2007-12-06 10:05:52 18,432 -c----w C:\WINDOWS\$NtUninstallKB947864$\iedw.exe
+ 2007-12-07 00:44:58 251,904 -c----w C:\WINDOWS\$NtUninstallKB947864$\iepeers.dll
+ 2007-12-07 00:44:58 96,768 -c----w C:\WINDOWS\$NtUninstallKB947864$\inseng.dll
+ 2007-12-07 00:44:58 16,384 -c----w C:\WINDOWS\$NtUninstallKB947864$\jsproxy.dll
+ 2007-12-07 00:45:01 3,087,360 -c----w C:\WINDOWS\$NtUninstallKB947864$\mshtml.dll
+ 2007-12-07 00:45:02 449,024 -c----w C:\WINDOWS\$NtUninstallKB947864$\mshtmled.dll
+ 2007-12-07 00:45:02 146,432 -c----w C:\WINDOWS\$NtUninstallKB947864$\msrating.dll
+ 2007-12-07 00:45:03 532,480 -c----w C:\WINDOWS\$NtUninstallKB947864$\mstime.dll
+ 2007-12-07 00:45:03 39,424 -c----w C:\WINDOWS\$NtUninstallKB947864$\pngfilt.dll
+ 2007-12-07 00:45:06 1,499,648 -c----w C:\WINDOWS\$NtUninstallKB947864$\shdocvw.dll
+ 2007-12-07 00:45:06 474,624 -c----w C:\WINDOWS\$NtUninstallKB947864$\shlwapi.dll
+ 2007-03-06 01:48:15 215,776 -c----w C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\$NtUninstallKB947864$\spuninst\updspapi.dll
+ 2007-12-07 00:45:07 619,008 -c----w C:\WINDOWS\$NtUninstallKB947864$\urlmon.dll
+ 2007-12-07 00:45:09 668,672 -c----w C:\WINDOWS\$NtUninstallKB947864$\wininet.dll
+ 2007-12-06 23:40:32 366,592 -c----w C:\WINDOWS\$NtUninstallKB947864$\xpsp3res.dll
+ 2007-06-19 13:30:47 282,112 -c----w C:\WINDOWS\$NtUninstallKB948590$\gdi32.dll
+ 2007-03-06 01:48:15 215,776 -c----w C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\$NtUninstallKB948590$\spuninst\updspapi.dll
+ 2007-03-06 01:48:14 215,776 -c----w C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\$NtUninstallKB948881$\spuninst\updspapi.dll
+ 2004-08-19 12:00:00 561,179 -c----w C:\WINDOWS\$NtUninstallKB950749$\dao360.dll
+ 2004-08-19 12:00:00 512,029 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-19 12:00:00 319,517 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-19 12:00:00 1,507,356 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll
+ 2004-08-19 12:00:00 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetol1.dll
+ 2004-08-19 12:00:00 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-19 12:00:00 176,159 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-19 12:00:00 53,279 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-19 12:00:00 241,693 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-19 12:00:00 213,023 -c----w C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-19 12:00:00 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-19 12:00:00 421,919 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-19 12:00:00 315,423 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-19 12:00:00 552,989 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-19 12:00:00 258,077 -c----w C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-19 12:00:00 831,519 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-19 12:00:00 614,429 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-19 12:00:00 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 01:48:15 215,776 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\updspapi.dll
+ 2005-02-01 17:18:38 17,992 ----a-w C:\WINDOWS\bcm42rly.sys
+ 2008-07-06 10:21:37 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2005-03-05 09:57:30 113,784 ----a-w C:\WINDOWS\Downloaded Program Files\IDropENU.dll
+ 2005-03-21 17:02:46 114,256 ----a-w C:\WINDOWS\Downloaded Program Files\IDropITA.dll
+ 2008-06-14 17:59:10 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2000-08-31 06:00:00 89,504 ----a-w C:\WINDOWS\fdsv.exe
+ 2000-08-31 06:00:00 80,412 ----a-w C:\WINDOWS\grep.exe
+ 2007-03-21 17:58:40 4,145,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020001400000000000F01FEC\12.0.6021\WRD12CNV.DLL
+ 2007-03-21 17:58:46 24,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020001400000000000F01FEC\12.0.6021\WRD12EXE.EXE
+ 2007-05-10 09:25:40 14,677,368 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020001400000000000F01FEC\12.0.6021\XL12CNV.EXE
+ 2003-07-07 19:36:00 2,058,343 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\0140110900063D11C8EF10054038389C\11.0.5614\OUTLFLTR.DAT
+ 2003-07-08 17:48:00 115,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\0140110900063D11C8EF10054038389C\11.0.5614\OUTLFLTR.DLL
- 2007-10-05 19:49:26 26,694 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\ARPPRODUCTICON.exe
+ 2008-02-06 20:05:41 26,694 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\ARPPRODUCTICON.exe
- 2007-10-05 19:49:27 26,694 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-02-06 20:05:41 26,694 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
- 2007-10-05 19:49:27 26,694 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-02-06 20:05:42 26,694 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
- 2007-10-05 19:49:27 65,536 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\NewShortcut1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-02-06 20:05:42 65,536 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\NewShortcut1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
- 2007-10-05 19:49:27 65,536 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\NewShortcut2_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-02-06 20:05:42 65,536 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\NewShortcut2_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
- 2007-10-05 19:49:27 26,694 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\UNINST_Uninstall_G_3DE5E7D47B88403CA3FD2017A8240C5B.exe
+ 2008-02-06 20:05:41 26,694 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\UNINST_Uninstall_G_3DE5E7D47B88403CA3FD2017A8240C5B.exe
- 2006-10-17 21:20:54 593,920 -c--a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-06-24 12:30:29 593,920 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2006-10-17 21:20:54 12,288 -c--a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-06-24 12:30:29 12,288 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2006-10-17 21:20:55 86,016 -c--a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-06-24 12:30:29 86,016 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2006-10-17 21:20:54 135,168 -c--a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-06-24 12:30:29 135,168 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2006-10-17 21:20:55 11,264 -c--a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-06-24 12:30:29 11,264 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2006-10-17 21:20:55 27,136 -c--a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-06-24 12:30:29 27,136 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2006-10-17 21:20:55 4,096 -c--a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-06-24 12:30:29 4,096 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2006-10-17 21:20:55 794,624 -c--a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-06-24 12:30:29 794,624 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2006-10-17 21:20:54 249,856 -c--a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-06-24 12:30:29 249,856 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2006-10-17 21:20:54 61,440 -c--a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-06-24 12:30:29 61,440 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2006-10-17 21:20:55 23,040 -c--a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-06-24 12:30:29 23,040 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2006-10-17 21:20:54 286,720 -c--a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-06-24 12:30:29 286,720 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2006-10-17 21:20:54 409,600 -c--a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-06-24 12:30:29 409,600 ----a-r C:\WINDOWS\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-06-18 20:03:13 38,240 ----a-r C:\WINDOWS\Installer\{90120000-0020-0410-0000-0000000FF1CE}\O12ConvIcon.exe
- 2007-12-03 13:38:05 57,344 ----a-r C:\WINDOWS\Installer\{A4D7B764-4140-11D4-88EB-0050DA3579C0}\_FFEBFD905377_4A76_B074_9649467347AD.exe
+ 2008-06-05 18:01:57 57,344 ----a-r C:\WINDOWS\Installer\{A4D7B764-4140-11D4-88EB-0050DA3579C0}\_FFEBFD905377_4A76_B074_9649467347AD.exe
+ 2008-06-11 12:29:01 167,936 ----a-r C:\WINDOWS\Installer\{BF915BB7-8675-40B3-835B-44A3304ECB7B}\_107A16FD42C0_4829_B758_E3735174CC2C.exe
+ 2008-06-11 12:29:01 65,536 ----a-r C:\WINDOWS\Installer\{BF915BB7-8675-40B3-835B-44A3304ECB7B}\_779DB4083281_4811_9AF0_5DCFE7A847A1.exe
+ 2008-06-11 12:29:01 65,536 ----a-r C:\WINDOWS\Installer\{BF915BB7-8675-40B3-835B-44A3304ECB7B}\_8AF3CE833619_43B2_AAB4_C07577EF678D.exe
+ 2008-06-11 12:29:01 17,534 ----a-r C:\WINDOWS\Installer\{BF915BB7-8675-40B3-835B-44A3304ECB7B}\gtngstrtd.exe
+ 2008-06-11 12:29:01 4,710 ----a-r C:\WINDOWS\Installer\{BF915BB7-8675-40B3-835B-44A3304ECB7B}\Win2Kico.exe
+ 2008-06-11 12:29:01 4,710 ----a-r C:\WINDOWS\Installer\{BF915BB7-8675-40B3-835B-44A3304ECB7B}\WSBico.exe
+ 2008-05-21 16:22:30 32,768 ----a-r C:\WINDOWS\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe
+ 2006-11-08 15:26:52 2,678 -c--a-w C:\WINDOWS\java\Packages\Data\4VTNVZNZ.DAT
+ 2006-11-08 15:26:52 2,678 -c--a-w C:\WINDOWS\java\Packages\Data\5BBNBZH7.DAT
+ 2006-11-08 15:26:51 2,678 -c--a-w C:\WINDOWS\java\Packages\Data\GOJ975FP.DAT
+ 2006-11-08 15:26:53 2,678 -c--a-w C:\WINDOWS\java\Packages\Data\TRD3XJZF.DAT
+ 2006-11-02 11:04:45 2,232 -c--a-w C:\WINDOWS\java\Packages\Data\VN1BRXB9.DAT
+ 2006-11-08 15:26:57 2,678 -c--a-w C:\WINDOWS\java\Packages\Data\WOH773R5.DAT
+ 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 98,816 ----a-w C:\WINDOWS\sed.exe
+ 2000-08-31 06:00:00 161,792 ----a-w C:\WINDOWS\swreg.exe
+ 2000-08-31 06:00:00 136,704 ----a-w C:\WINDOWS\swsc.exe
+ 2000-08-31 06:00:00 212,480 ----a-w C:\WINDOWS\swxcacls.exe
+ 2004-08-19 12:00:00 2,000 -c--a-w C:\WINDOWS\system\KEYBOARD.DRV
+ 2004-08-19 12:00:00 73,664 -c--a-w C:\WINDOWS\system\MCIAVI.DRV
+ 2004-08-19 12:00:00 25,296 -c--a-w C:\WINDOWS\system\MCISEQ.DRV
+ 2004-08-19 12:00:00 28,160 -c--a-w C:\WINDOWS\system\MCIWAVE.DRV
+ 2004-08-19 12:00:00 2,032 -c--a-w C:\WINDOWS\system\MOUSE.DRV
+ 2004-08-19 12:00:00 1,744 -c--a-w C:\WINDOWS\system\SOUND.DRV
+ 2004-08-19 12:00:00 3,360 -c--a-w C:\WINDOWS\system\SYSTEM.DRV
+ 2004-08-19 12:00:00 4,080 -c--a-w C:\WINDOWS\system\TIMER.DRV
+ 2004-08-19 12:00:00 2,176 -c--a-w C:\WINDOWS\system\VGA.DRV
+ 2004-08-19 12:00:00 13,600 -c--a-w C:\WINDOWS\system\WFWNET.DRV
+ 2004-08-19 12:00:00 146,944 -c--a-w C:\WINDOWS\system\WINSPOOL.DRV
- 2007-12-04 13:04:28 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
+ 2008-05-15 23:24:43 1,152,888 ----a-w C:\WINDOWS\system32\aswBoot.exe
- 2007-12-04 12:54:04 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
+ 2008-05-15 23:12:36 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
+ 2005-02-01 17:18:38 17,992 ----a-w C:\WINDOWS\system32\bcm42rly.sys
- 2007-10-11 06:11:02 1,024,000 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2008-04-21 06:55:59 1,024,000 ----a-w C:\WINDOWS\system32\browseui.dll
- 2007-10-11 06:11:02 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2008-04-21 06:55:59 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2004-08-19 12:00:00 10,544 -c--a-w C:\WINDOWS\system32\comm.drv
- 2007-10-11 06:11:03 1,056,256 ----a-w C:\WINDOWS\system32\danim.dll
+ 2008-04-21 06:55:59 1,056,256 ----a-w C:\WINDOWS\system32\danim.dll
+ 2004-08-19 12:00:00 1,788 -c--a-w C:\WINDOWS\system32\Dcache.bin
+ 2005-06-04 07:09:52 61,952 ----a-w C:\WINDOWS\system32\decdnet.dll
- 2007-10-11 06:11:02 1,024,000 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2008-04-21 06:55:59 1,024,000 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
- 2007-10-11 06:11:02 151,552 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2008-04-21 06:55:59 151,552 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
- 2007-10-11 06:11:03 1,056,256 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
+ 2008-04-21 06:55:59 1,056,256 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
- 2004-08-19 12:00:00 561,179 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
+ 2008-03-25 04:50:25 554,008 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
- 2006-06-26 17:41:31 148,480 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-02-20 05:33:54 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2004-08-19 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
+ 2008-02-20 05:33:54 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
+ 2004-08-03 21:07:58 2,944 -c--a-w C:\WINDOWS\system32\dllcache\drmkaud.sys
- 2007-10-11 06:11:03 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-21 06:56:00 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-10-11 06:11:03 205,824 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-21 06:56:00 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-10-11 06:11:03 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-21 06:56:00 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2007-06-19 13:30:47 282,112 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2008-02-20 06:50:40 282,624 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
- 2007-10-10 10:48:23 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2008-04-17 10:46:59 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2007-10-11 06:11:03 251,904 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2008-04-21 06:56:00 251,904 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2007-10-11 06:11:03 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2008-04-21 06:56:00 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2007-11-14 07:27:20 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-12-18 14:40:58 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2007-10-11 06:11:03 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-21 06:56:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2004-08-19 12:00:00 2,000 -c--a-w C:\WINDOWS\system32\dllcache\keyboard.drv
- 2006-08-17 12:29:46 727,552 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2007-11-07 09:27:27 727,552 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2004-08-19 12:00:00 2,560 -c--a-w C:\WINDOWS\system32\dllcache\lz32.dll
+ 2004-08-19 12:00:00 73,664 -c--a-w C:\WINDOWS\system32\dllcache\mciavi.drv
+ 2004-08-19 12:00:00 25,296 -c--a-w C:\WINDOWS\system32\dllcache\mciseq.drv
+ 2004-08-19 12:00:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\mciwave.drv
+ 2004-08-19 12:00:00 2,032 -c--a-w C:\WINDOWS\system32\dllcache\mouse.drv
- 2004-08-19 12:00:00 181,248 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
- 2004-08-19 12:00:00 512,029 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:28 518,944 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
- 2004-08-19 12:00:00 319,517 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
- 2007-10-30 09:56:55 3,086,848 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-04-21 06:56:01 3,087,872 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-10-11 06:11:05 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-21 06:56:02 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2004-08-19 12:00:00 1,507,356 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
- 2004-08-19 12:00:00 358,976 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40 355,112 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
- 2004-08-19 12:00:00 176,159 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
+ 2008-03-25 04:51:31 183,072 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
- 2004-08-19 12:00:00 53,279 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 60,192 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
- 2004-08-19 12:00:00 241,693 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
- 2004-08-19 12:00:00 213,023 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:44 219,936 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
- 2004-08-19 12:00:00 348,189 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
- 2007-10-11 06:11:05 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-21 06:56:02 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2004-08-19 12:00:00 421,919 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
- 2004-08-19 12:00:00 315,423 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
- 2004-08-19 12:00:00 552,989 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
- 2004-08-19 12:00:00 258,077 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:55 264,992 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
- 2007-10-11 06:11:05 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-21 06:56:02 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-19 12:00:00 831,519 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
- 2004-08-19 12:00:00 614,429 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:51:32 621,344 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
- 2004-08-19 12:00:00 348,189 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2004-08-19 12:00:00 2,944 -c--a-w C:\WINDOWS\system32\dllcache\null.sys
- 2007-05-17 11:29:12 549,376 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
+ 2007-12-04 18:40:54 550,912 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
- 2007-10-11 06:11:05 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-21 06:56:02 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-29 22:42:50 1,292,800 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:14:42 1,292,800 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2007-10-11 06:11:06 1,498,624 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2008-04-21 06:56:04 1,499,648 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2007-10-11 06:11:06 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2008-04-21 06:56:04 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2004-08-19 12:00:00 1,744 -c--a-w C:\WINDOWS\system32\dllcache\sound.drv
+ 2004-08-19 12:00:00 3,360 -c--a-w C:\WINDOWS\system32\dllcache\system.drv
- 2006-04-20 11:51:50 359,808 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2004-08-19 12:00:00 4,080 -c--a-w C:\WINDOWS\system32\dllcache\timer.drv
- 2007-10-11 06:11:07 619,008 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-21 06:56:05 619,520 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2004-08-03 21:08:48 31,616 -c--a-w C:\WINDOWS\system32\dllcache\usbccgp.sys
- 2004-08-19 12:00:00 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2007-12-18 14:40:58 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2004-08-19 12:00:00 2,176 -c--a-w C:\WINDOWS\system32\dllcache\vga.drv
+ 2004-08-19 13:39:50 23,552 -c--a-w C:\WINDOWS\system32\dllcache\wdmaud.drv
+ 2004-08-19 12:00:00 13,600 -c--a-w C:\WINDOWS\system32\dllcache\wfwnet.drv
- 2007-03-08 15:33:54 1,843,584 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2008-03-20 08:06:49 1,845,248 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
- 2007-10-11 06:11:07 668,672 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-21 06:56:05 669,184 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2004-08-19 12:00:00 2,864 -c--a-w C:\WINDOWS\system32\dllcache\winsock.dll
+ 2004-08-19 12:00:00 146,944 -c--a-w C:\WINDOWS\system32\dllcache\winspool.drv
+ 2004-08-19 12:00:00 2,112 -c--a-w C:\WINDOWS\system32\dllcache\winspool.exe
+ 2004-08-19 12:00:00 2,736 -c--a-w C:\WINDOWS\system32\dllcache\wowdeb.exe
- 2006-06-26 17:41:31 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-02-20 05:33:54 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-08-19 12:00:00 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
+ 2008-02-20 05:33:54 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
- 2007-12-04 14:49:02 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
+ 2008-05-15 23:13:26 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
+ 2008-05-15 23:16:06 20,560 ----a-w C:\WINDOWS\system32\drivers\aswFsBlk.sys
- 2007-12-04 14:56:02 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
+ 2008-01-17 15:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
- 2007-12-04 14:55:46 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
+ 2008-05-15 23:18:33 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
- 2007-12-04 14:53:39 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
+ 2008-05-15 23:15:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
+ 2008-05-15 23:20:32 78,416 ----a-w C:\WINDOWS\system32\drivers\aswSP.sys
- 2007-12-04 14:51:52 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
+ 2008-05-15 23:14:11 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
+ 2005-02-01 17:18:38 17,992 ----a-w C:\WINDOWS\system32\drivers\bcm42rly.sys
+ 2005-05-09 18:08:40 33,792 ----a-w C:\WINDOWS\system32\drivers\cledx.sys
+ 2004-08-03 21:07:58 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
- 2004-08-19 12:00:00 181,248 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2001-04-09 12:03:56 17,784 ----a-w C:\WINDOWS\system32\drivers\NSynas32.sys
+ 2004-08-19 12:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\null.sys
+ 2008-03-23 08:21:12 80,072 ----a-w C:\WINDOWS\system32\drivers\OADriver.sys
+ 2008-03-23 08:21:22 32,456 ----a-w C:\WINDOWS\system32\drivers\OAmon.sys
+ 2008-03-23 08:21:16 28,872 ----a-w C:\WINDOWS\system32\drivers\oanet.sys
+ 2005-11-24 18:51:38 245,248 ----a-w C:\WINDOWS\system32\drivers\rt73.sys
+ 2002-11-25 12:46:16 16,896 ----a-w C:\WINDOWS\system32\drivers\synasUSB.sys
- 2006-04-20 11:51:50 359,808 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2004-08-03 21:08:48 31,616 ----a-w C:\WINDOWS\system32\drivers\usbccgp.sys
- 2007-10-11 06:11:03 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-21 06:56:00 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2007-10-11 06:11:03 205,824 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-21 06:56:00 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2005-06-04 07:11:50 85,504 ----a-w C:\WINDOWS\system32\encdnet.dll
- 2007-10-11 06:11:03 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-21 06:56:00 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2007-04-04 07:46:59 240,736 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-06-11 16:08:13 271,784 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2007-06-19 13:30:47 282,112 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2008-02-20 06:50:40 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2005-11-03 16:41:18 32,768 ----a-w C:\WINDOWS\system32\GTGina.dll
+ 2003-09-25 21:15:32 15,872 ----a-w C:\WINDOWS\system32\GTNDIS5.sys
+ 2003-10-13 14:30:58 94,208 ----a-w C:\WINDOWS\system32\GTW32N50.dll
+ 2002-07-11 18:27:12 31,744 ----a-w C:\WINDOWS\system32\hlp95en.dll
- 2007-10-11 06:11:03 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2008-04-21 06:56:00 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2007-10-11 06:11:03 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2008-04-21 06:56:00 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
- 2007-11-14 07:27:20 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-12-18 14:40:58 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
- 2007-10-11 06:11:03 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-21 06:56:00 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2005-05-24 11:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 14:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 14:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2004-08-19 12:00:00 2,000 -c--a-w C:\WINDOWS\system32\keyboard.drv
+ 2004-08-19 12:00:00 222,731 -c--a-w C:\WINDOWS\system32\lanman.drv
- 2007-02-15 17:01:04 1,476,992 ------w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2008-03-20 16:06:36 1,480,232 ------w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2002-06-07 03:02:00 36,864 ----a-r C:\WINDOWS\system32\lfbmp11n.dll
+ 2002-06-07 03:02:00 285,184 ----a-r C:\WINDOWS\system32\LFCMP11n.DLL
+ 2002-06-07 03:02:00 31,232 ----a-r C:\WINDOWS\system32\lfeps11n.dll
+ 2002-06-07 03:02:00 81,408 ----a-r C:\WINDOWS\system32\lffax11n.dll
+ 2002-06-07 03:02:00 41,472 ----a-r C:\WINDOWS\system32\lfgif11n.dll
+ 2002-06-07 03:02:00 26,112 ----a-r C:\WINDOWS\system32\lfpcd11n.dll
+ 2002-06-07 03:02:00 33,280 ----a-r C:\WINDOWS\system32\lfpcx11n.dll
+ 2002-06-07 03:02:00 172,032 ----a-r C:\WINDOWS\system32\Lfpng11n.dll
+ 2002-06-07 03:02:00 56,320 ----a-r C:\WINDOWS\system32\lfpsd11n.dll
+ 2002-06-07 03:02:00 27,648 ----a-r C:\WINDOWS\system32\lftga11n.dll
+ 2002-06-07 03:02:00 152,064 ----a-r C:\WINDOWS\system32\lftif11n.dll
+ 2002-06-07 03:02:00 59,392 ----a-r C:\WINDOWS\system32\lfwmf11n.dll
- 2006-08-17 12:29:46 727,552 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2007-11-07 09:27:27 727,552 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2002-06-07 03:02:00 262,656 ----a-r C:\WINDOWS\system32\LTDIS11n.dll
+ 2002-06-07 03:02:00 118,784 ----a-r C:\WINDOWS\system32\ltfil11n.DLL
+ 2002-06-07 03:02:02 127,488 ----a-r C:\WINDOWS\system32\ltimg11n.dll
+ 2002-06-07 03:02:02 392,192 ----a-r C:\WINDOWS\system32\ltkrn11n.dll
+ 2002-06-07 03:02:02 716,288 ----a-r C:\WINDOWS\system32\Ltwvc11n.dll
+ 2004-08-19 12:00:00 2,560 ----a-w C:\WINDOWS\system32\lz32.dll
+ 2008-03-25 02:32:44 218,496 ----a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
+ 2008-06-17 19:36:28 74,649 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2004-08-19 12:00:00 73,664 -c--a-w C:\WINDOWS\system32\mciavi.drv
+ 2004-08-19 12:00:00 25,296 -c--a-w C:\WINDOWS\system32\mciseq.drv
+ 2004-08-19 12:00:00 28,160 -c--a-w C:\WINDOWS\system32\mciwave.drv
+ 2002-06-26 12:22:04 133,904 ----a-w C:\WINDOWS\system32\mfcans32.dll
+ 2002-06-26 12:22:04 5,632 ----a-w C:\WINDOWS\system32\mfcuia32.dll
+ 2004-08-19 12:00:00 2,032 -c--a-w C:\WINDOWS\system32\mouse.drv
- 2007-12-02 23:00:05 18,684,536 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2004-08-19 12:00:00 20,992 ----a-w C:\WINDOWS\system32\msacm32.drv
- 2004-08-19 12:00:00 512,029 -c--a-w C:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll
- 2004-08-19 12:00:00 319,517 -c--a-w C:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll
+ 2004-08-19 12:00:00 192,512 ----a-w C:\WINDOWS\system32\msh261.drv
+ 2004-08-19 14:39:50 299,008 ----a-w C:\WINDOWS\system32\msh263.drv
- 2007-10-30 09:56:55 3,086,848 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-21 06:56:01 3,087,872 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-10-11 06:11:05 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-21 06:56:02 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-19 12:00:00 1,507,356 -c--a-w C:\WINDOWS\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll
- 2004-08-19 12:00:00 358,976 -c--a-w C:\WINDOWS\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
- 2004-08-19 12:00:00 176,159 -c--a-w C:\WINDOWS\system32\msjint40.dll
+ 2008-03-25 04:51:31 183,072 ----a-w C:\WINDOWS\system32\msjint40.dll
- 2004-08-19 12:00:00 53,279 -c--a-w C:\WINDOWS\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll
- 2004-08-19 12:00:00 241,693 -c--a-w C:\WINDOWS\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll
+ 2002-06-20 03:19:12 91,136 ----a-r C:\WINDOWS\system32\msls2.dll
- 2004-08-19 12:00:00 213,023 -c--a-w C:\WINDOWS\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
- 2004-08-19 12:00:00 348,189 -c--a-w C:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll
- 2007-10-11 06:11:05 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-04-21 06:56:02 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
- 2004-08-19 12:00:00 421,919 -c--a-w C:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll
- 2004-08-19 12:00:00 315,423 -c--a-w C:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll
- 2004-08-19 12:00:00 552,989 -c--a-w C:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll
- 2000-05-24 04:45:58 118,784 -c--a-w C:\WINDOWS\system32\MSSTDFMT.DLL
+ 2000-04-04 01:05:58 118,784 ----a-w C:\WINDOWS\system32\msstdfmt.dll
- 2004-08-19 12:00:00 258,077 -c--a-w C:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll
- 2007-10-11 06:11:05 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-04-21 06:56:02 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2001-12-17 04:13:52 54,784 ----a-r C:\WINDOWS\system32\msvci70.dll
+ 2005-06-04 07:08:46 487,424 ----a-w C:\WINDOWS\system32\msvcp70.dll
+ 2005-06-04 07:08:40 344,064 ----a-w C:\WINDOWS\system32\msvcr70.dll
- 2004-08-19 12:00:00 831,519 -c--a-w C:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll
- 2004-08-19 12:00:00 614,429 -c--a-w C:\WINDOWS\system32\mswstr10.dll
+ 2008-03-25 04:51:32 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
- 2004-08-19 12:00:00 348,189 -c--a-w C:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2007-05-08 13:03:04 1,275,392 ----a-w C:\WINDOWS\system32\msxml4.dll
+ 2003-04-18 21:29:26 82,432 ----a-w C:\WINDOWS\system32\msxml4r.dll
+ 2002-05-30 16:56:08 37,888 ----a-w C:\WINDOWS\system32\ochlp30e.dll
- 2007-05-17 11:29:12 549,376 ----a-w C:\WINDOWS\system32\oleaut32.dll
+ 2007-12-04 18:40:54 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
+ 2002-06-07 03:02:02 212,480 ----a-r C:\WINDOWS\system32\PCDLIB32.DLL
- 2007-12-22 14:28:26 53,942 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-03-30 10:17:55 53,942 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-12-22 14:28:26 64,576 ----a-w C:\WINDOWS\system32\perfc010.dat
+ 2008-03-30 10:17:55 64,576 ----a-w C:\WINDOWS\system32\perfc010.dat
- 2007-12-22 14:28:26 383,588 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-03-30 10:17:55 383,588 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2007-12-22 14:28:26 428,898 ----a-w C:\WINDOWS\system32\perfh010.dat
+ 2008-03-30 10:17:55 428,898 ----a-w C:\WINDOWS\system32\perfh010.dat
+ 2005-06-04 07:09:46 130,560 ----a-w C:\WINDOWS\system32\pnc3250.dll
+ 2005-06-04 07:09:36 273,408 ----a-w C:\WINDOWS\system32\pncrt.dll
+ 2005-06-04 07:09:32 131,072 ----a-w C:\WINDOWS\system32\pneng50.dll
- 2007-10-11 06:11:05 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-21 06:56:02 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2005-06-04 07:09:28 352,768 ----a-w C:\WINDOWS\system32\pngu3263.dll
+ 2002-06-26 17:40:40 76,288 ----a-w C:\WINDOWS\system32\Pubole32.dll
+ 2005-06-04 07:09:22 81,920 ----a-w C:\WINDOWS\system32\ra3214_4.dll
+ 2005-06-04 07:09:12 72,704 ----a-w C:\WINDOWS\system32\ra3228_8.dll
+ 2005-06-04 07:09:06 21,504 ----a-w C:\WINDOWS\system32\ra32dnet.dll
+ 2005-06-04 07:08:56 87,040 ----a-w C:\WINDOWS\system32\ra32sipr.dll
+ 2005-06-04 07:08:52 487,936 ----a-w C:\WINDOWS\system32\rmbe3260.dll
- 2007-10-11 06:11:06 1,498,624 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2008-04-21 06:56:04 1,499,648 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2007-10-11 06:11:06 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2008-04-21 06:56:04 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2004-08-19 12:00:00 1,744 -c--a-w C:\WINDOWS\system32\sound.drv
- 2006-11-17 14:14:32 16,176 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:19:29 18,808 ------w C:\WINDOWS\system32\spmsg.dll
+ 2002-03-11 15:32:16 2,560 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\BVRPWF2000.DLL
+ 2002-03-11 15:32:16 2,560 -c----w C:\WINDOWS\system32\spool\drivers\w32x86\bvrpwf2000.dll
+ 1999-05-24 01:07:52 6,656 ----a-w C:\WINDOWS\system32\stdftit.dll
+ 2005-02-01 02:34:12 700,416 ----a-w C:\WINDOWS\system32\SYNSOACC.dll
+ 2004-05-10 22:58:34 147,456 ----a-w C:\WINDOWS\system32\SynsoLChk.dll
+ 2002-11-25 15:36:18 45,056 ----a-w C:\WINDOWS\system32\Synsopos.exe
+ 2004-08-19 12:00:00 3,360 -c--a-w C:\WINDOWS\system32\system.drv
+ 2004-08-19 12:00:00 4,080 -c--a-w C:\WINDOWS\system32\timer.drv
- 2007-10-11 06:11:07 619,008 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-21 06:56:05 619,520 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 1999-05-24 01:07:52 122,128 ----a-w C:\WINDOWS\system32\vb6it.dll
- 2004-08-19 12:00:00 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2007-12-18 14:40:58 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2004-08-19 12:00:00 2,176 -c--a-w C:\WINDOWS\system32\vga.drv
+ 2004-08-19 13:39:50 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
+ 2004-08-19 12:00:00 13,600 -c--a-w C:\WINDOWS\system32\wfwnet.drv
- 2007-02-15 17:01:36 337,280 ------w C:\WINDOWS\system32\WgaTray.exe
+ 2008-04-23 15:17:42 909,864 ----a-w C:\WINDOWS\system32\WGATray.exe
- 2007-03-08 15:33:54 1,843,584 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2008-03-20 08:06:49 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2004-08-19 12:00:00 2,864 -c--a-w C:\WINDOWS\system32\winsock.dll
+ 2004-08-19 12:00:00 146,944 ----a-w C:\WINDOWS\system32\winspool.drv
+ 2004-08-19 12:00:00 2,112 -c--a-w C:\WINDOWS\system32\winspool.exe
+ 2004-08-19 12:00:00 2,736 -c--a-w C:\WINDOWS\system32\wowdeb.exe
- 2007-10-29 15:07:18 366,592 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-04-17 11:03:49 367,104 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-06-23 08:29:51 16,384 ------w C:\WINDOWS\Temp\Perflib_Perfdata_680.dat
+ 2000-08-31 06:00:00 49,152 ----a-w C:\WINDOWS\VFind.exe
+ 2007-05-08 13:06:44 1,275,392 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
+ 2005-09-22 22:48:08 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
+ 2005-09-22 22:48:08 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2005-09-22 22:48:06 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
+ 2000-08-31 06:00:00 68,096 ----a-w C:\WINDOWS\zip.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 14:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Programmi\Apoint2K\Apoint.exe" [2003-10-07 21:40 159744]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-04-07 13:22 4730880]
"Cpqset"="C:\Programmi\HPQ\Default Settings\cpqset.exe" [2004-03-01 13:05 200766]
"eabconfg.cpl"="C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe" [2004-01-13 09:21 245760]
"UpdateManager"="C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" [2003-08-19 01:01 110592]
"SunJavaUpdateSched"="C:\Programmi\Java\j2re1.4.2_03\bin\jusched.exe" [2006-10-16 18:06 32881]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"Lexmark 1200 Series"="C:\Programmi\Lexmark 1200 Series\lxczbmgr.exe" [2006-07-13 13:30 57344]
"OnlineArmor GUI"="C:\Programmi\Tall Emu\Online Armor\oaui.exe" [2008-03-23 10:21 5519424]
"H2O"="C:\Programmi\SyncroSoft\Pos\H2O\cledx.exe" [2005-05-11 02:46 200069]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"AGRSMMSG"="AGRSMMSG.exe" [2004-01-30 10:01 88363 C:\WINDOWS\AGRSMMSG.exe]
"nwiz"="nwiz.exe" [2004-04-07 13:22 323584 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 14:00 15360]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.exe.lnk - C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2006-10-18 00:30:28 113664]
Alice ti aiuta.lnk - C:\Programmi\Alice ti aiuta\bin\matcli.exe [2006-11-02 13:05:01 212992]
Avvio veloce di Adobe Reader.lnk - C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
LUMIX Simple Viewer.lnk - C:\Programmi\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2007-01-29 23:47:38 57344]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll" [2008-03-23 10:21 671432]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Programmi\\eMule\\emule.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R1 OADevice;OADriver;C:\WINDOWS\system32\drivers\OADriver.sys [2008-03-23 10:21]
R1 OAmon;OAmon;C:\WINDOWS\system32\drivers\OAmon.sys [2008-03-23 10:21]
R1 OAnet;OAnet;C:\WINDOWS\system32\drivers\OAnet.sys [2008-03-23 10:21]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 SvcOnlineArmor;Online Armor;C:\Programmi\Tall Emu\Online Armor\oasrv.exe [2008-03-23 10:21]
R3 CLEDX;Team H2O CLEDX service;C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 20:08]
S3 ONDAusbmdm6k;ONDA Proprietary USB Driver;C:\WINDOWS\system32\DRIVERS\ONDAusbmdm6k.sys []
S3 ONDAusbnet;ONDA USB-NDIS miniport;C:\WINDOWS\system32\DRIVERS\ONDAusbnet.sys []
S3 ONDAusbnmea;ONDA NMEA Port;C:\WINDOWS\system32\DRIVERS\ONDAusbnmea.sys []
S3 ONDAusbser6k;ONDA Diagnostic Port;C:\WINDOWS\system32\DRIVERS\ONDAusbser6k.sys []
S3 usbscan;Driver scanner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 USBSTOR;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82626e04-270c-11dd-8a53-00904b9734ab}]
\Shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82626e11-270c-11dd-8a53-00a0c6000000}]
\Shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f83a2dce-d0a0-11db-84e0-0016d4051483}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-RecordNow! - (no file)

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-06 12:57:37
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Programmi\HPQ\Default Settings\cpqset.exe??????????????????a??????? ???B???????????????B????????

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\C:\WINDOWS\TEMP\mc21.tmp"
.
Ora fine scansione: 2008-07-06 13.00.44
ComboFix-quarantined-files.txt 2008-07-06 11:00:31

11 Directory 32,650,809,344 byte disponibili
14 Directory 32,653,049,856 byte disponibili

741 --- E O F --- 2008-06-28 13:41:48

ananas · Eroe in grazia degli dei Registrato: 28/09/07 14:29 Messaggi: 154

Ciao!!

C'è qualche problema nel log di combofix??

Tipo quella scritta rossa che non mi dice nulla di buono?? Shocked

ananas · Eroe in grazia degli dei Registrato: 28/09/07 14:29 Messaggi: 154

Ragazzi?? Scusate se rompo ma...potreste rispondermi??

bdoriano

Ciao ananas, Ciao

scusa per il disguido. Razz

La scritta rossa che vedi nel log di combofix indica solo la mancanza della Console di ripristino.

Per il resto, non vedo voci strane nei logs che hai postato.

A questo punto, presumo che sia un problema di Avast! (magari è incompatibile con qualche altro programma che hai installato). Think