|
| Precedente :: Successivo |
| Autore |
Messaggio |
clagmail
Mortale pio
Registrato: 28/05/08 23:31
Messaggi: 28
|
|
| Top |
|
 |
clagmail
Mortale pio
Registrato: 28/05/08 23:31
Messaggi: 28
|
 Inviato: 10 Set 2008 04:34 Oggetto: combofix |
 |
|
log di combofix:
ComboFix 08-09-05.12 - Casa 2008-09-10 4.12.35.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.532 [GMT -4:00]
Eseguito da: C:\Documents and Settings\Casa\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\InfoSat.txt
C:\Programmi\3
C:\Programmi\3\FastMobileModem\configMMM.ini
C:\Programmi\3\FastMobileModem\DefaultMMM.ini
C:\Programmi\3\FastMobileModem\Driver.ini
C:\Programmi\3\FastMobileModem\eventMMM.log
C:\Programmi\3\FastMobileModem\MMMODEM.CNT
C:\Programmi\3\FastMobileModem\MMModem.exe
C:\Programmi\3\FastMobileModem\MMMODEM.HLP
C:\Programmi\3\FastMobileModem\MMModemcnt.0
C:\Programmi\3\FastMobileModem\MMModemcnt.1
C:\Programmi\3\FastMobileModem\MMModemhlp.0
C:\Programmi\3\FastMobileModem\MMModemhlp.1
C:\Programmi\3\FastMobileModem\traceMMM.log
C:\Programmi\FunWebProducts
.
((((((((((((((((((((((((( Files Creati Da 2008-08-10 al 2008-09-10 )))))))))))))))))))))))))))))))))))
.
2008-09-10 00:59 . 2008-09-10 00:59 <DIR> d-------- C:\Documents and Settings\francy\Dati applicazioni\Verizon
2008-09-07 07:16 . 2008-09-07 07:44 <DIR> dr------- C:\Documents and Settings\LocalService\Documenti
2008-09-06 09:06 . 2008-09-06 09:06 <DIR> d--h----- C:\WINDOWS\PIF
2008-09-06 07:42 . 2008-09-06 07:42 <DIR> dr------- C:\Documents and Settings\NetworkService\Documenti
2008-09-06 07:37 . 2008-09-06 07:51 <DIR> d-------- C:\Programmi\File comuni\Scanner
2008-09-06 07:37 . 2008-09-06 07:37 <DIR> d-------- C:\Programmi\File comuni\Authentium
2008-09-06 07:27 . 2008-09-06 07:27 <DIR> d-------- C:\Documents and Settings\Casa\Dati applicazioni\Verizon
2008-09-06 07:26 . 2008-09-06 07:37 <DIR> d-------- C:\Programmi\Verizon
2008-09-06 07:26 . 2008-09-06 07:36 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Verizon
2008-08-31 14:42 . 2008-08-31 14:42 <DIR> d-------- C:\Programmi\Delete Settings Eggs
2008-08-31 14:42 . 2008-09-10 02:00 <DIR> d-------- C:\Documents and Settings\Casa\Dati applicazioni\Delete Settings Eggs
2008-08-21 10:16 . 2008-08-21 10:16 <DIR> d-------- C:\Programmi\TomTom HOME 2
2008-08-21 10:16 . 2008-08-21 10:16 <DIR> d-------- C:\Documents and Settings\Casa\Dati applicazioni\TomTom
2008-08-21 10:16 . 2008-08-21 10:16 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\TomTom
2008-08-21 04:10 . 2008-08-21 04:10 <DIR> d-------- C:\Programmi\TomTom DesktopSuite
2008-08-18 04:20 . 2008-08-18 04:20 <DIR> d-------- C:\WINDOWS\system32\it
2008-08-18 04:20 . 2008-08-18 04:20 <DIR> d-------- C:\WINDOWS\system32\bits
2008-08-18 04:20 . 2008-08-18 04:20 <DIR> d-------- C:\WINDOWS\l2schemas
2008-08-18 04:17 . 2008-08-18 04:21 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-08-18 04:05 . 2008-08-18 04:05 <DIR> d-------- C:\WINDOWS\EHome
2008-08-16 18:26 . 2004-08-19 09:23 327,168 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2008-08-16 06:49 . 2008-08-17 02:53 <DIR> d-------- C:\Programmi\ilcorsaronero
2008-08-16 06:49 . 2008-08-17 02:53 <DIR> d-------- C:\Programmi\Conduit
2008-08-14 17:55 . 2008-04-11 15:04 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-10 07:56 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-09-10 07:48 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Dati applicazioni\SolidDocuments
2008-09-10 05:38 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Google Updater
2008-09-10 05:02 --------- d-----w C:\Documents and Settings\Casa\Dati applicazioni\OpenOffice.org2
2008-09-10 04:50 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Microsoft Help
2008-09-10 02:53 --------- d-----w C:\Documents and Settings\Casa\Dati applicazioni\Skype
2008-09-09 10:02 --------- d-----w C:\Documents and Settings\Casa\Dati applicazioni\SolidDocuments
2008-09-07 11:51 --------- d-----w C:\Programmi\Spybot - Search & Destroy
2008-09-06 11:37 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-09-01 18:57 --------- d-----w C:\Programmi\File comuni\Filseclab
2008-09-01 15:02 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\file joy proc deaf
2008-08-31 21:22 --------- d-----w C:\Documents and Settings\Casa\Dati applicazioni\Azureus
2008-08-31 18:42 --------- d-----w C:\Programmi\Messenger Plus! Live
2008-08-31 18:42 --------- d-----w C:\Programmi\Circle Developement
2008-08-09 22:24 --------- d-----w C:\Programmi\Apple Software Update
2008-08-07 07:04 --------- d-----w C:\Programmi\Google
2008-08-02 09:24 --------- d-----w C:\Programmi\Lavasoft
2008-08-02 09:24 --------- d-----w C:\Programmi\File comuni\Wise Installation Wizard
2008-08-02 09:19 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft
2008-08-01 08:12 --------- d-----w C:\Programmi\iTunes
2008-08-01 08:11 --------- d-----w C:\Programmi\iPod
2008-08-01 07:52 --------- d-----w C:\Programmi\Azureus
2008-08-01 07:47 --------- d-----w C:\Programmi\Safari
2008-07-27 10:35 --------- d-----w C:\Documents and Settings\Casa\Dati applicazioni\dvdcss
2008-07-23 22:52 --------- d-----w C:\Programmi\Java
2008-07-21 21:35 --------- d-----w C:\Documents and Settings\LocalService\Dati applicazioni\SolidDocuments
2008-07-21 19:48 --------- d-----w C:\Programmi\NOS
2008-07-21 19:48 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\NOS
2008-07-21 19:45 --------- d-----w C:\Programmi\File comuni\Adobe
2008-07-21 11:24 --------- d-----w C:\Documents and Settings\francy\Dati applicazioni\SolidDocuments
2008-07-20 15:57 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Messenger Plus!
2008-07-19 02:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-19 02:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-19 02:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-19 02:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-19 02:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-19 02:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-19 02:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-19 02:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-19 02:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-19 02:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-17 22:22 --------- d-----w C:\Programmi\Bonjour
2008-07-17 22:21 --------- d-----w C:\Programmi\QuickTime
2008-07-17 17:24 --------- d-----w C:\Documents and Settings\FREE\Dati applicazioni\SolidDocuments
2008-07-17 17:07 --------- d-----w C:\Documents and Settings\FREE\Dati applicazioni\CyberLink
2008-07-10 07:35 32,000 ----a-w C:\WINDOWS\system32\drivers\usbaapl.sys
2008-07-07 20:27 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 22:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-24 16:42 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:15 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:46 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll
.
((((((((((((((((((((((((((((( snapshot@2008-05-29_22.53.48.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-26 11:48:50 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:48:10 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:48:15 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:48:08 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:49:24 390,880 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2008-04-23 04:19:55 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 04:19:55 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 04:19:55 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 04:19:55 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 04:19:55 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:19 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 04:19:55 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 04:19:55 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 04:19:55 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 04:19:55 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 04:19:55 6,068,224 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 04:19:55 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 04:19:55 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:19 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 04:19:56 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 04:19:56 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 04:19:56 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 04:19:56 3,593,728 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 04:19:56 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 04:19:56 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 04:19:56 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 04:19:56 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 04:19:56 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 04:19:56 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 04:19:56 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 04:19:56 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 04:19:56 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:48:09 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:48:14 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:48:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:48:33 724,192 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:49:24 390,880 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:40 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:40 233,848 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:38 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:40 763,768 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:40 402,296 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:40 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:40 233,848 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:38 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:40 763,768 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:40 402,296 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:17:59 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:27:44 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:24:01 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:40 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:40 233,848 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:38 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:38 763,768 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:38 402,296 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:29 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:19:29 233,848 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:19:25 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:40 763,768 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:40 402,296 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-14 18:02:56 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:32:08 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:37:31 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:19:29 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:19:29 233,848 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:19:25 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:19:30 763,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:19:30 402,296 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 16:16:13 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 15:58:37 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 16:21:32 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:19:29 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:19:29 233,848 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:19:25 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:19:30 763,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:19:30 402,296 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:31 1,293,312 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:10:16 1,293,312 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:21 1,293,312 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:19:29 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:19:29 233,848 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:19:25 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:40 763,768 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:40 402,296 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:13:54 100,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:36:11 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:36:11 247,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:46:57 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:46:57 247,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:43:18 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:43:18 247,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:40 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:40 233,848 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:38 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:38 763,768 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:38 402,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-05-07 09:07:23 135,168 ----a-w C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\cscript.exe
+ 2008-05-09 10:51:07 512,000 ----a-w C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\jscript.dll
+ 2008-05-09 10:51:08 180,224 ----a-w C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\scrobj.dll
+ 2008-05-09 10:51:08 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\scrrun.dll
+ 2008-05-09 10:51:08 430,080 ----a-w C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\vbscript.dll
+ 2008-05-08 11:24:44 155,648 ----a-w C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\wscript.exe
+ 2008-05-09 10:51:08 90,112 ----a-w C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\wshext.dll
+ 2007-11-30 12:39:40 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951978\spmsg.dll
+ 2007-11-30 12:39:40 233,848 ----a-w C:\WINDOWS\$hf_mig$\KB951978\spuninst.exe
+ 2007-11-30 12:39:38 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951978\update\spcustom.dll
+ 2007-11-30 12:39:38 763,768 ----a-w C:\WINDOWS\$hf_mig$\KB951978\update\update.exe
+ 2007-11-30 12:39:38 402,296 ----a-w C:\WINDOWS\$hf_mig$\KB951978\update\updspapi.dll
+ 2008-06-24 16:30:06 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:42:56 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:25 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:40 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:40 233,848 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:38 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:40 763,768 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:40 402,296 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\updspapi.dll
+ 2004-08-19 12:00:00 294,400 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\msctf.dll
+ 2007-03-06 01:48:15 215,776 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\updspapi.dll
+ 2007-11-30 12:39:40 233,848 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:39:40 402,296 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2006-07-13 08:48:58 202,240 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\rmcast.sys
+ 2007-11-30 12:39:40 233,848 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:40 402,296 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spuninst\updspapi.dll
+ 2008-04-14 15:51:57 272,768 -c----w C:\WINDOWS\$NtUninstallKB951376-v2_0$\bthport.sys
+ 2007-11-30 11:19:29 233,848 -c----w C:\WINDOWS\$NtUninstallKB951376-v2_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:30 402,296 -c----w C:\WINDOWS\$NtUninstallKB951376-v2_0$\spuninst\updspapi.dll
+ 2007-11-30 11:19:29 233,848 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:30 402,296 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spuninst\updspapi.dll
+ 2007-10-29 22:42:50 1,292,800 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\quartz.dll
+ 2007-11-30 11:19:29 233,848 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:40 402,296 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spuninst\updspapi.dll
+ 2004-08-19 12:00:00 138,496 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\afd.sys
+ 2008-02-20 05:33:54 148,992 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\dnsapi.dll
+ 2004-08-19 12:00:00 247,296 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\mswsock.dll
+ 2007-11-30 12:39:40 233,848 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:38 402,296 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\tcpip6.sys
- 2006-10-04 14:05:26 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll
+ 2008-04-14 02:13:36 39,424 ----a-w C:\WINDOWS\AppPatch\acadproc.dll
- 2004-08-19 12:00:00 1,852,416 ----a-w C:\WINDOWS\AppPatch\AcGenral.dll
+ 2008-04-14 02:13:36 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll
- 2004-08-19 12:00:00 450,048 -c--a-w C:\WINDOWS\AppPatch\AcLayers.dll
+ 2008-04-14 02:13:36 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll
- 2004-08-19 12:00:00 137,728 ----a-w C:\WINDOWS\AppPatch\AcLua.dll
+ 2008-04-14 02:13:36 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll
- 2004-08-19 12:00:00 244,736 ----a-w C:\WINDOWS\AppPatch\AcSpecfc.dll
+ 2008-04-14 02:13:36 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll
- 2004-08-19 12:00:00 116,224 ----a-w C:\WINDOWS\AppPatch\AcXtrnal.dll
+ 2008-04-14 02:13:36 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll
+ 2008-06-16 09:18:04 12,288 ----a-w C:\WINDOWS\assembly\GAC\cli_basetypes\1.0.10.0__ce2cb7e279207b9e\cli_basetypes.dll
+ 2008-06-16 09:18:04 32,256 ----a-w C:\WINDOWS\assembly\GAC\cli_cppuhelper\1.0.13.0__ce2cb7e279207b9e\cli_cppuhelper.dll
+ 2008-06-16 09:18:04 847,872 ----a-w C:\WINDOWS\assembly\GAC\cli_types\1.1.13.0__ce2cb7e279207b9e\cli_types.dll
+ 2008-06-16 09:18:05 8,192 ----a-w C:\WINDOWS\assembly\GAC\cli_ure\1.0.13.0__ce2cb7e279207b9e\cli_ure.dll
- 2007-08-21 13:14:57 248,632 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-08-15 22:14:13 250,928 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
- 2007-08-21 13:14:57 781,104 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2008-07-25 22:45:39 783,744 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2008-06-16 09:17:24 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.0.cli_basetypes\9.1.0.0__ce2cb7e279207b9e\policy.1.0.cli_basetypes.dll
+ 2008-06-16 09:17:24 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.0.cli_cppuhelper\13.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_cppuhelper.dll
+ 2008-06-16 09:17:25 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.0.cli_ure\13.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_ure.dll
+ 2008-06-16 09:18:17 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.1.cli_types\13.0.0.0__ce2cb7e279207b9e\policy.1.1.cli_types.dll
+ 2008-05-29 14:52:30 3,200,272 ----a-w C:\WINDOWS\Downloaded Program Files\EPUWALcontrol.dll
+ 2006-06-20 13:44:04 379,704 ----a-w C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll
+ 2006-06-20 13:44:02 117,560 ----a-w C:\WINDOWS\Downloaded Program Files\PURen-us.dll
+ 2007-01-09 06:17:48 110,592 ----a-w C:\WINDOWS\Downloaded Program Files\PURit-it.dll
+ 2007-12-11 23:18:02 172,032 ----a-w C:\WINDOWS\Downloaded Program Files\vzTCPConfig.dll
+ 2008-06-14 17:32:08 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
- 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-21 00:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
- 2007-06-13 13:22:28 1,035,776 ----a-w C:\WINDOWS\explorer.exe
+ 2008-04-14 02:14:07 1,036,288 ----a-w C:\WINDOWS\explorer.exe
- 2000-08-31 06:00:00 89,504 ----a-w C:\WINDOWS\fdsv.exe
+ 2000-08-31 12:00:00 89,504 ----a-w C:\WINDOWS\fdsv.exe
- 2000-08-31 06:00:00 80,412 ----a-w C:\WINDOWS\grep.exe
+ 2000-08-31 12:00:00 80,412 ----a-w C:\WINDOWS\grep.exe
- 2004-08-19 12:00:00 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
+ 2008-04-14 02:13:51 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
- 2004-08-19 12:00:00 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
+ 2008-04-14 02:13:55 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
- 2004-08-19 12:00:00 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
+ 2008-04-14 02:13:55 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
- 2005-05-26 23:22:01 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2008-04-14 02:14:09 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2008-03-01 12:58:24 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 12:58:25 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 12:58:25 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 12:58:25 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 12:58:25 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:57:16 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 12:58:25 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 12:58:26 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 12:58:26 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 12:58:26 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 12:58:28 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 12:58:28 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 12:58:28 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:57:30 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 12:58:29 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 12:58:30 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 12:58:30 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 16:28:32 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 12:58:32 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 12:58:32 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 12:58:32 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 12:58:32 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 12:58:32 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:48:14 215,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 12:58:32 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 12:58:32 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 12:58:33 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 12:58:33 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
+ 2008-04-23 04:16:29 124,928 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\advpack.dll
+ 2008-04-23 04:16:29 347,136 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2008-04-23 04:16:29 214,528 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtrans.dll
+ 2008-04-23 04:16:29 133,120 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-04-23 04:16:29 63,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\icardie.dll
+ 2008-04-22 07:42:21 70,656 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2008-04-23 04:16:29 153,088 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakeng.dll
+ 2008-04-23 04:16:29 230,400 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieaksie.dll
+ 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-04-23 04:16:29 383,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2008-04-23 04:16:29 384,512 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-04-23 04:16:30 6,066,176 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieframe.dll
+ 2008-04-23 04:16:30 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-04-23 04:16:30 267,776 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll
+ 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe
+ 2008-04-22 07:42:39 625,664 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
+ 2008-04-23 04:16:30 27,648 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-04-23 04:16:30 459,264 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-04-23 04:16:30 52,224 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2008-04-23 20:16:32 3,591,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtml.dll
+ 2008-04-23 04:16:31 478,208 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtmled.dll
+ 2008-04-23 04:16:31 193,024 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msrating.dll
+ 2008-04-23 04:16:31 671,232 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mstime.dll
+ 2008-04-23 04:16:31 102,912 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\occache.dll
+ 2008-04-23 04:16:31 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:48:14 215,776 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2008-04-23 04:16:31 105,984 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\url.dll
+ 2008-04-23 04:16:31 1,159,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\urlmon.dll
+ 2008-04-23 04:16:31 233,472 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\webcheck.dll
+ 2008-04-23 04:16:31 826,368 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
- 2004-08-19 12:00:00 175,104 ----a-w C:\WINDOWS\ime\CHSIME\APPLETS\PINTLCSA.DLL
+ 2008-04-14 02:12:47 175,104 ----a-w C:\WINDOWS\ime\CHSIME\APPLETS\pintlcsa.dll
- 2004-08-19 12:00:00 53,760 ----a-w C:\WINDOWS\ime\CHSIME\APPLETS\PINTLCSD.DLL
+ 2008-04-14 02:12:47 53,760 ----a-w C:\WINDOWS\ime\CHSIME\APPLETS\pintlcsd.dll
- 2004-08-19 12:00:00 97,792 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTMBX.DLL
+ 2008-04-14 02:11:54 97,792 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtmbx.dll
- 2004-08-19 12:00:00 56,320 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTSKDIC.DLL
+ 2008-04-14 02:11:54 56,320 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtskdic.dll
- 2004-08-19 12:00:00 173,568 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTSKF.DLL
+ 2008-04-14 02:11:54 173,568 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtskf.dll
- 2004-08-19 12:00:00 13,463,552 -c--a-w C:\WINDOWS\ime\IMJP8_1\APPLETS\hwxjpn.dll
+ 2008-04-14 02:12:14 13,463,552 ----a-w C:\WINDOWS\ime\IMJP8_1\APPLETS\hwxjpn.dll
- 2004-08-19 12:00:00 315,452 -c--a-w C:\WINDOWS\ime\IMJP8_1\APPLETS\imskf.dll
+ 2008-04-14 02:12:17 315,455 ----a-w C:\WINDOWS\ime\IMJP8_1\APPLETS\imskf.dll
- 2004-08-19 12:00:00 426,041 -c--a-w C:\WINDOWS\ime\IMJP8_1\APPLETS\voicepad.dll
+ 2008-04-14 02:13:09 426,041 ----a-w C:\WINDOWS\ime\IMJP8_1\APPLETS\voicepad.dll
- 2004-08-19 12:00:00 86,073 ----a-w C:\WINDOWS\ime\IMJP8_1\APPLETS\voicesub.dll
+ 2008-04-14 02:13:09 86,073 ----a-w C:\WINDOWS\ime\IMJP8_1\APPLETS\voicesub.dll
- 2004-08-19 12:00:00 368,696 -c--a-w C:\WINDOWS\ime\IMJP8_1\imjpcic.dll
+ 2008-04-14 02:12:17 368,696 ----a-w C:\WINDOWS\ime\IMJP8_1\imjpcic.dll
- 2004-08-19 12:00:00 716,856 -c--a-w C:\WINDOWS\ime\IMJP8_1\imjpcus.dll
+ 2008-04-14 02:12:17 716,856 ----a-w C:\WINDOWS\ime\IMJP8_1\imjpcus.dll
- 2004-08-19 12:00:00 81,976 -c--a-w C:\WINDOWS\ime\IMJP8_1\imjpdct.dll
+ 2008-04-14 02:12:17 81,976 ----a-w C:\WINDOWS\ime\IMJP8_1\imjpdct.dll
- 2004-08-19 12:00:00 274,489 -c--a-w C:\WINDOWS\ime\IMJP8_1\imjputyc.dll
+ 2008-04-14 02:12:17 274,489 ----a-w C:\WINDOWS\ime\IMJP8_1\imjputyc.dll
- 2004-08-19 12:00:00 86,016 ----a-w C:\WINDOWS\ime\IMKR6_1\Applets\imekrmbx.dll
+ 2008-04-14 02:12:17 86,016 ----a-w C:\WINDOWS\ime\IMKR6_1\Applets\imekrmbx.dll
- 2004-08-19 12:00:00 106,496 ----a-w C:\WINDOWS\ime\IMKR6_1\imekrcic.dll
+ 2008-04-14 02:12:17 106,496 ----a-w C:\WINDOWS\ime\IMKR6_1\imekrcic.dll
- 2004-08-19 12:00:00 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
+ 2008-04-14 02:13:43 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
- 2004-08-19 12:00:00 102,456 -c--a-w C:\WINDOWS\ime\SHARED\imlang.dll
+ 2008-04-14 02:12:17 102,456 ----a-w C:\WINDOWS\ime\SHARED\imlang.dll
- 2004-08-19 12:00:00 15,872 ----a-w C:\WINDOWS\ime\SHARED\RES\PADRS404.DLL
+ 2008-04-14 02:12:47 15,872 ----a-w C:\WINDOWS\ime\SHARED\RES\padrs404.dll
- 2004-08-19 12:00:00 15,360 ----a-w C:\WINDOWS\ime\SHARED\RES\padrs804.dll
+ 2008-04-14 02:12:47 15,360 ----a-w C:\WINDOWS\ime\SHARED\RES\padrs804.dll
- 2004-08-19 12:00:00 130,048 ----a-w C:\WINDOWS\ime\SOFTKBD.DLL
+ 2008-04-14 02:13:51 130,048 ----a-w C:\WINDOWS\ime\softkbd.dll
- 2004-08-19 12:00:00 62,976 ----a-w C:\WINDOWS\ime\SPGRMR.dll
+ 2008-04-13 16:43:18 62,976 ----a-w C:\WINDOWS\ime\spgrmr.dll
- 2004-08-19 12:00:00 272,384 ----a-w C:\WINDOWS\ime\SPTIP.dll
+ 2008-04-14 02:13:55 272,384 ----a-w C:\WINDOWS\ime\sptip.dll
+ 2006-10-26 16:49:48 1,011,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109010001400000000000F01FEC\12.0.4518\MSDAIPP.DLL
+ 2006-10-26 16:49:46 970,528 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109010001400000000000F01FEC\12.0.4518\MSONSEXT.DLL
+ 2006-10-27 13:00:10 576,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACACEDAO.DLL
+ 2006-10-26 19:18:12 162,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACCWIZ.DLL
+ 2006-10-27 13:00:12 1,751,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACECORE.DLL
+ 2006-10-27 13:00:10 576,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEDAO.DLL
+ 2006-10-27 13:00:06 47,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEERR.DLL
+ 2006-10-27 13:00:08 191,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEES.DLL
+ 2006-10-26 18:13:34 338,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEEXCH.DLL
+ 2006-10-26 18:13:44 629,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEEXCL.DLL
+ 2006-10-26 18:13:28 207,736 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACELTS.DLL
+ 2006-10-26 18:13:32 279,352 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODBC.DLL
+ 2006-10-26 18:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODDBS.DLL
+ 2006-10-26 18:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODEXL.DLL
+ 2006-10-26 18:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODPDX.DLL
+ 2006-10-26 18:13:12 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODTXT.DLL
+ 2006-10-27 13:00:06 387,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEOLEDB.DLL
+ 2006-10-26 18:13:38 392,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEPDE.DLL
+ 2006-10-26 18:13:30 260,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACER2X.DLL
+ 2006-10-26 18:13:32 289,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACER3X.DLL
+ 2006-10-26 18:13:20 56,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACERCLR.DLL
+ 2006-10-26 18:13:38 551,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEREP.DLL
+ 2006-10-26 18:13:30 224,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACETXT.DLL
+ 2006-10-27 13:40:34 208,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEWSS.DLL
+ 2006-10-26 18:13:34 371,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEXBE.DLL
+ 2006-10-27 13:41:04 399,640 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CDLMSO.DLL
+ 2006-10-26 17:59:24 205,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CLVIEW.EXE
+ 2006-10-26 19:30:42 65,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\COLLIMP.DLL
+ 2006-10-26 18:12:52 189,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CONTACTPICKER.DLL
+ 2006-10-26 22:48:08 234,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DRAT.EXE
+ 2006-10-26 17:48:14 439,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DWDCW20.DLL
+ 2006-10-26 12:10:08 1,190,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FM20.DLL
+ 2006-10-26 12:04:58 75,576 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FORM.DLL
+ 2006-10-26 17:21:24 1,682,232 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FPSRVUTL.DLL
+ 2006-10-27 13:09:36 983,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FPWEC.DLL
+ 2006-10-26 18:02:12 2,526,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GRAPH.EXE
+ 2006-10-27 13:37:44 338,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVE.EXE
+ 2006-10-27 13:38:02 6,191,400 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEACCOUNTMGR.DLL
+ 2006-10-27 13:37:44 284,448 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEAUDIO.DLL
+ 2006-10-26 22:47:54 65,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEAUDITSERVICE.EXE
+ 2006-10-27 13:37:40 34,088 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEAUTOPROXY.DLL
+ 2006-10-27 13:37:44 300,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECALENDARTOOL.DLL
+ 2006-10-26 22:47:44 33,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECLEAN.EXE
+ 2006-10-27 13:37:56 2,689,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMONCOMPONENTS.DLL
+ 2006-10-27 13:38:00 3,508,544 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMUNICATIONSSERVICES.DLL
+ 2006-10-27 13:37:40 117,584 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMUNICATIONSSTATUSANDCONTROL.DLL
+ 2006-10-27 13:37:50 768,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECOMPONENTMGR.DLL
+ 2006-10-27 13:37:52 1,359,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECRYPTO.DLL
+ 2006-10-26 22:48:24 377,136 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEDATAVIEWERTOOL.DLL
+ 2006-10-27 13:37:58 3,071,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEDOCUMENTSHARETOOL.DLL
+ 2006-10-27 13:37:44 284,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEFETCHSERVICES.DLL
+ 2006-10-26 22:48:00 197,920 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEGAMES.DLL
+ 2006-10-26 22:48:18 317,736 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEMIGRATOR.EXE
+ 2006-10-26 22:48:40 1,555,232 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEMISC.DLL
+ 2006-10-26 22:47:42 31,016 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEMONITOR.EXE
+ 2006-10-26 22:47:40 22,808 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVENEW.DLL
+ 2006-10-26 22:48:02 224,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEPROJECTTOOLSET.DLL
+ 2006-10-27 13:38:04 7,053,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVERESOURCE.DLL
+ 2006-10-26 22:48:42 2,210,608 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESHELLEXTENSIONS.DLL
+ 2006-10-26 22:48:18 363,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESKETCHTOOL.DLL
+ 2006-10-26 22:47:40 16,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESTDURLLAUNCHER.EXE
+ 2006-10-27 13:37:56 2,738,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESTORAGEMGR.DLL
+ 2006-10-27 13:37:38 35,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESYSTEMMODE.DLL
+ 2006-10-26 22:48:02 222,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESYSTEMSERVICES.DLL
+ 2006-10-27 13:37:50 1,163,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVETEXTTOOLS.DLL
+ 2006-10-27 13:38:00 4,746,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVETRANSCEIVER.DLL
+ 2006-10-27 13:37:54 1,396,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEUIFRAMEWORK.DLL
+ 2006-10-26 22:48:34 955,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEUTIL.DLL
+ 2006-10-27 13:37:40 268,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBBROWSERTOOL2.DLL
+ 2006-10-26 22:48:26 572,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBPLATFORMSERVICES.DLL
+ 2006-10-27 13:37:48 631,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBSERVICES.DLL
+ 2006-10-26 18:12:52 173,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IEAWSDC.DLL
+ 2006-10-26 18:55:38 138,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IMPMAIL.DLL
+ 2006-10-27 13:10:08 1,439,032 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\INFOPATH.EXE
+ 2006-10-27 13:10:10 5,456,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IPDESIGN.DLL
+ 2006-10-27 13:10:10 5,281,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IPEDITOR.DLL
+ 2006-10-26 19:42:00 176,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IPOLK.DLL
+ 2006-10-26 17:55:10 828,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MEDCAT.DLL
+ 2006-10-27 13:01:34 10,371,880 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSACCESS.EXE
+ 2006-10-26 19:18:06 66,880 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSAEXP30.DLL
+ 2006-10-26 11:58:14 117,552 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSCONV97.DLL
+ 2006-10-27 12:59:06 161,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOCF.DLL
+ 2006-10-26 17:48:12 14,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOCFU.DLL
+ 2006-10-26 18:12:58 428,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSODCW.DLL
+ 2006-10-26 19:13:36 26,936 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOEURO.DLL
+ 2006-10-26 18:00:08 6,635,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSORES.DLL
+ 2006-10-26 11:56:36 436,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSORUN.DLL
+ 2006-10-26 17:50:04 672,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSQRY32.EXE
+ 2006-10-26 11:56:40 505,136 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSSOAP30.DLL
+ 2006-10-26 17:55:12 832,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTORDB.EXE
+ 2006-10-26 17:55:06 538,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTORES.DLL
+ 2006-10-26 18:12:30 65,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\NAME.DLL
+ 2006-10-27 13:14:34 14,151,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OART.DLL
+ 2006-10-26 18:42:36 8,423,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OARTCONV.DLL
+ 2006-10-26 18:06:54 232,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ODEPLOY.EXE
+ 2006-10-26 18:14:06 7,033,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OFFOWC.DLL
+ 2006-10-27 13:18:36 1,658,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OGL.DLL
+ 2006-10-26 18:00:08 274,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OIS.EXE
+ 2006-10-26 18:00:12 998,208 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OISAPP.DLL
+ 2006-10-26 18:00:10 285,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OISGRAPH.DLL
+ 2006-10-26 18:32:42 604,000 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONBTTNIE.DLL
+ 2006-10-27 13:39:36 687,432 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONBTTNOL.DLL
+ 2006-10-27 13:03:04 1,018,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONENOTE.EXE
+ 2006-10-26 18:24:54 98,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONENOTEM.EXE
+ 2006-10-26 18:24:50 72,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONFILTER.DLL
+ 2006-10-26 18:24:58 1,165,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONLIBS.DLL
+ 2006-10-27 13:03:06 6,579,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONMAIN.DLL
+ 2006-10-26 18:23:00 782,720 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONSYNCPC.DLL
+ 2006-10-26 18:07:04 6,536,992 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OSETUP.DLL
+ 2006-07-26 16:53:56 459,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL
+ 2006-10-27 13:16:36 46,864 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLRPC.DLL
+ 2006-10-26 19:30:44 482,088 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PORTCONN.DLL
+ 2006-10-27 13:04:06 465,200 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\POWERPNT.EXE
+ 2006-10-27 13:04:06 7,980,848 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PPCORE.DLL
+ 2007-08-21 13:14:57 248,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PPTPIA.DLL
+ 2006-10-26 17:52:10 2,012,480 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PPTVIEW.EXE
+ 2006-10-26 12:05:00 77,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PSOM.DLL
+ 2006-10-26 19:13:38 38,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\REFEDIT.DLL
+ 2006-10-26 19:42:12 744,808 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\REGFORM.EXE
+ 2006-10-26 12:04:44 19,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\REVERSE.DLL
+ 2006-10-26 18:13:00 503,624 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SELFCERT.EXE
+ 2006-10-26 18:06:58 439,600 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SETUP.EXE
+ 2006-10-26 19:18:16 502,608 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SOA.DLL
+ 2006-07-28 13:21:58 277,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SSGEN.DLL
+ 2006-10-27 12:57:08 2,330,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\STSLIST.DLL
+ 2006-10-26 12:04:48 29,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\THOCRAPI.DLL
+ 2006-10-26 12:05:04 126,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWCUTCHR.DLL
+ 2006-10-26 12:05:02 86,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWCUTLIN.DLL
+ 2006-10-26 12:04:56 58,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWLAY32.DLL
+ 2006-10-26 12:04:48 27,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWORIENT.DLL
+ 2006-10-26 12:04:54 51,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWRECE.DLL
+ 2006-10-26 12:04:44 19,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWRECS.DLL
+ 2006-10-26 12:04:58 76,624 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWSTRUCT.DLL
+ 2006-09-29 22:42:56 2,583,344 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VBE6.DLL
+ 2006-10-26 20:58:38 3,732,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VVIEWER.DLL
+ 2007-08-21 13:14:57 781,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\WORDPIA.DLL
+ 2006-10-26 12:05:08 1,181,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XIMAGE3B.DLL
+ 2006-10-26 12:05:08 530,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XPAGE3C.DLL
+ 2007-09-14 19:45:58 16,901,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\MSO.DLL
+ 2007-08-28 22:19:24 1,654,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\OGL.DLL
+ 2007-08-28 22:49:28 606,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\ONBTTNIE.DLL
+ 2007-08-28 21:43:30 1,022,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\ONENOTE.EXE
+ 2007-08-24 02:45:42 101,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\ONENOTEM.EXE
+ 2007-08-24 02:45:42 75,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\ONFILTER.DLL
+ 2007-08-24 02:45:46 1,167,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\ONLIBS.DLL
+ 2007-10-12 19:08:52 6,588,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\ONMAIN.DLL
+ 2007-08-28 21:06:16 467,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\POWERPNT.EXE
+ 2007-08-28 21:06:44 7,990,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\PPCORE.DLL
+ 2008-07-25 22:46:27 251,272 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\PPTPIA.DLL
+ 2008-08-07 07:05:10 26,694 ----a-r C:\WINDOWS\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ARPPRODUCTICON.exe
+ 2008-08-07 07:05:10 26,694 ----a-r C:\WINDOWS\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-08-07 07:05:10 26,694 ----a-r C:\WINDOWS\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-08-07 07:05:10 26,694 ----a-r C:\WINDOWS\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2008-08-07 07:05:10 26,694 ----a-r C:\WINDOWS\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2008-08-07 07:05:10 26,694 ----a-r C:\WINDOWS\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe
- 2008-03-01 21:50:33 123,008 ----a-r C:\WINDOWS\Installer\{257D6090-2EAC-4FFE-A1B5-1DE7B65275FD}\WLXPhotoGalleryIcon.exe
+ 2008-08-07 09:49:39 123,008 ----a-r C:\WINDOWS\Installer\{257D6090-2EAC-4FFE-A1B5-1DE7B65275FD}\WLXPhotoGalleryIcon.exe
+ 2008-08-01 08:13:08 102,400 ----a-r C:\WINDOWS\Installer\{3DE0053C-FD9A-483E-B7C9-B06E4392206E}\iTunesIco.exe
+ 2008-07-17 22:22:23 86,016 ----a-r C:\WINDOWS\Installer\{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}\PrntWzrdIco.exe
- 2007-10-10 07:29:56 29,926 ----a-r C:\WINDOWS\Installer\{518B3E76-4C05-4F30-A802-D87FB2086B67}\MsblIco.Exe
+ 2008-08-19 02:31:19 29,926 ----a-r C:\WINDOWS\Installer\{518B3E76-4C05-4F30-A802-D87FB2086B67}\MsblIco.Exe
- 2007-07-09 08:58:14 4,286 -c--a-r C:\WINDOWS\Installer\{547403EA-BC01-4824-86FB-8DAB59B1C2DE}\NewShortcut1_547403EABC01482486FB8DAB59B1C2DE.exe
+ 2008-06-05 06:33:23 4,286 ----a-r C:\WINDOWS\Installer\{547403EA-BC01-4824-86FB-8DAB59B1C2DE}\NewShortcut1_547403EABC01482486FB8DAB59B1C2DE.exe
- 2007-07-09 08:58:14 4,286 -c--a-r C:\WINDOWS\Installer\{547403EA-BC01-4824-86FB-8DAB59B1C2DE}\NewShortcut2_547403EABC01482486FB8DAB59B1C2DE.exe
+ 2008-06-05 06:33:23 4,286 ----a-r C:\WINDOWS\Installer\{547403EA-BC01-4824-86FB-8DAB59B1C2DE}\NewShortcut2_547403EABC01482486FB8DAB59B1C2DE.exe
+ 2008-08-09 22:25:02 27,136 ----a-r C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
- 2008-05-14 18:36:00 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-09-10 04:50:09 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2008-05-14 18:36:01 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-09-10 04:50:09 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-05-14 18:36:01 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-09-10 04:50:09 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-05-14 18:36:01 184,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-09-10 04:50:09 184,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-05-14 18:36:01 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-09-10 04:50:09 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-05-14 18:36:01 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-09-10 04:50:09 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-05-14 18:36:02 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-09-10 04:50:10 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-05-14 18:36:01 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-09-10 04:50:09 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-05-14 18:36:01 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-09-10 04:50:09 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-05-14 18:36:01 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-09-10 04:50:09 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-05-14 18:36:01 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-09-10 04:50:10 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-05-14 18:36:00 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-09-10 04:50:09 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2007-08-21 13:39:54 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-0410-0000-0000000FF1CE}\misc.exe
+ 2008-07-25 22:48:18 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-0410-0000-0000000FF1CE}\misc.exe
+ 2008-05-30 08:32:22 26,694 ----a-r C:\WINDOWS\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
- 2008-04-30 15:20:24 21,462 ----a-r C:\WINDOWS\Installer\{9BC76CCE-A9EC-4A3A-9B51-D823805E1D1F}\_Voyagersoft.SolidConverterPDF.1.exe
+ 2008-07-21 11:34:14 21,462 ----a-r C:\WINDOWS\Installer\{9BC76CCE-A9EC-4A3A-9B51-D823805E1D1F}\_Voyagersoft.SolidConverterPDF.1.exe
- 2008-04-30 15:20:24 22,486 ----a-r C:\WINDOWS\Installer\{9BC76CCE-A9EC-4A3A-9B51-D823805E1D1F}\_Voyagersoft.SolidConverterPDF.2.exe
+ 2008-07-21 11:34:14 22,486 ----a-r C:\WINDOWS\Installer\{9BC76CCE-A9EC-4A3A-9B51-D823805E1D1F}\_Voyagersoft.SolidConverterPDF.2.exe
- 2008-04-30 15:20:24 21,462 ----a-r C:\WINDOWS\Installer\{9BC76CCE-A9EC-4A3A-9B51-D823805E1D1F}\_Voyagersoft.SolidConverterPDF.3.exe
+ 2008-07-21 11:34:14 21,462 ----a-r C:\WINDOWS\Installer\{9BC76CCE-A9EC-4A3A-9B51-D823805E1D1F}\_Voyagersoft.SolidConverterPDF.3.exe
+ 2008-06-16 09:19:30 2,363,392 ----a-r C:\WINDOWS\Installer\{9C68CD57-4E45-4230-A743-44D2CA9BF714}\soffice.exe
+ 2008-07-21 19:46:13 295, |
|
| Top |
|
|
clagmail
Mortale pio
Registrato: 28/05/08 23:31
Messaggi: 28
|
| Inviato: 10 Set 2008 04:51 Oggetto: hijackthis log |
|
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:41, on 10/09/08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\Programmi\File comuni\Authentium\AntiVirus\dvpapi.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programmi\CyberLink\Shared Files\RichVideo.exe
C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\Programmi\Seagate\Sync\SeaSyncServices.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\HPQ\shared\hpqwmi.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\QuickTime\QTTask.exe
C:\Programmi\Verizon\VSP\VerizonServicepoint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\TomTom HOME 2\HOMERunner.exe |
|
| Top |
|
|
Riverside
Ban a tempo indeterminato
Registrato: 29/02/08 22:32
Messaggi: 4396
Residenza: Riverside House
|
| Inviato: 10 Set 2008 09:41 Oggetto: |
|
|
Procedi in questa maniera:
1) Disattiva il Ripristino configurazione di sistema, procedendo in questa maniera:
● Start
● tasto destro del mouse sull'icona Risorse del Computer
● seleziona la voce Proprietà
● apri la scheda Ripristino configurazione di sistema
● spunta la voce Disattiva Ripristino configurazione di sistema
● conferma, la modifica, con Applica e, poi OK
Il Ripristino configurazione di sistema deve essere tenuto disabilitato fino al completamento della procedura
2) Provvedi a svuotare del suo contenuto la cartella Prefetch procedendo in questa maniera:
● Start
● clicca su Risorse del Computer
● clicca su Disco locale C:
● cerca, all?interno delle cartelle che saranno visualizzate la cartella Windows, aprila ed, al suo interno, cerca la cartella Prefetch, la apri ed elimina tutte le voci conservate al suo interno (mi raccomando, non eliminare la cartella)
3) rilancia Hthis e, intanto, pulisci gli ADS in questo modo:
● clicca sulla voce Open the misc tool section
● clicca su Open ads spy
● togli la spunta alla voce Quick scan (windows base folder only)
● clicca su Scan
● se venissero rilevati ADS, spunta tutte le caselline e clicca su Remove selected
4) scarica ed installa SuperAntispyware:
http://www.superantispyware.com/
devi scaricare la versione free - e lo configuri come ho spiegato ad una altra utente in questo post: http://forum.zeusnews.com/viewtopic.php?t=35216
esegui una scansione completa del sistema e, una volta terminata la scansione, allega il log che verrà rilasciato
5) scarica ed installa MalwareBytes:
http://www.malwarebytes.org/
esegui una scansione completa del sistema e, una volta terminata la scansione, allega il log che verrà rilasciato
6) eseguiti i passaggi da 1) a 5), scarica ed installa CCleaner:
http://www.ccleaner.com/download
Una volta installato configuralo in questo modo:
lancia il programma, nel menu di sinistra portati alla voce Opzioni e nella finestra successiva clicca su:
● Impostazioni, e spunta la voce Cancellazione sicura (lenta)
poi clicca su:
● Avanzate, togli la spunta alla voce Cancella solo file più vecchi di 48 ore
● alla voce Pulizia, nella sezione Avanzate spunta le voci Vecchi dati Prefetch e Disinstallatori aggiornamenti di WinUpdate
● nel menu a sinistra, clicca sulla voce Pulizia
● clicca su tasto Avvia pulizia per eseguire la scansione
● finita la scansione, sempre nel menu a sinistra, clicca sulla voce Registro e spunta tutte le voci comprese nella sezione meno la voce estensioni file non usate
● clicca sul tasto Trova problemi ed avvia una scansione
● al termine della scansione clicca sulla voce Ripara selezionati e prosegui con la riparazione (questo ultimo passaggio ripetilo più volte, fino a quando non verranno rilevati più problemi da correggere)
Infine, pubblica anche un nuovo log Hthis. |
|
| Top |
|
|
clagmail
Mortale pio
Registrato: 28/05/08 23:31
Messaggi: 28
|
| Inviato: 13 Set 2008 16:29 Oggetto: niente da fare... |
|
|
IL PROBLEMA PERSISTE....
QUESTO E' IL LOG DI H.T.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:23, on 13/09/08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\Programmi\File comuni\Authentium\AntiVirus\dvpapi.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programmi\CyberLink\Shared Files\RichVideo.exe
C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\Programmi\Seagate\Sync\SeaSyncServices.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\Apoint2K\Apntex.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\QuickTime\QTTask.exe
C:\Programmi\HPQ\shared\hpqwmi.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Verizon\VSP\VerizonServicepoint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\TomTom HOME 2\HOMERunner.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\Programmi\OpenOffice.org 2.4\program\soffice.exe
C:\PROGRA~1\WIDCOMM\SOFTWA~1\BTSTAC~1.EXE
C:\Programmi\OpenOffice.org 2.4\program\soffice.BIN
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.corriere.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\3.0.914.9778\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Cpqset] C:\Programmi\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [Automatico EPSON Stylus CX3600 Series su FISSO] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P46 "Automatico EPSON Stylus CX3600 Series su FISSO" /O18 "\\FISSO\Stampante2" /M "Stylus CX3600"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Proc Deaf Delete Peak] C:\Documents and Settings\All Users\Dati applicazioni\file joy proc deaf\Readme tool.exe
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Programmi\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Programmi\TomTom HOME 2\HOMERunner.exe"
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Programmi\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: OpenOffice.org 2.4.lnk.disabled
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk.disabled
O4 - Global Startup: Adobe Gamma Loader.exe.lnk.disabled
O4 - Global Startup: Adobe Gamma Loader.lnk.disabled
O4 - Global Startup: Alice ti aiuta.lnk.disabled
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: vzTCPConfig - https://www.verizon.net/WhatsNext/CheckMyPc/vzTCPConfig.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {4819DFDF-ABC4-488C-A323-919848C51175} (Rinera Streaming Control) - http://portal3.rinera.com/download/RineraProxy-1.4.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1183741656986
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://www.coolstreaming.us/consolle/plug-in/SOPCORE.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Programmi\File comuni\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmi\HPQ\shared\hpqwmi.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: MaxBackServiceInt - Unknown owner - C:\Programmi\Maxtor\Maxtor Backup\MaxBackServiceInt.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Radialpoint Unicorn Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Programmi\Verizon\PC Security Checkup\rpsupdaterR.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: Seagate Sync Service - Seagate Technology LLC - C:\Programmi\Seagate\Sync\SeaSyncServices.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 14258 bytes |
|
| Top |
|
|
Riverside
Ban a tempo indeterminato
Registrato: 29/02/08 22:32
Messaggi: 4396
Residenza: Riverside House
|
| Inviato: 14 Set 2008 00:43 Oggetto: |
|
|
Se non alleghi i log che ti avevo richiesto, possiamo stare qui e fare notte.
I log mi servono per capire, proma di tutto quale è il problema (che tu affermi perststa).
Torno a ripetere (e non vale solo per te) che un log di Hthis, sebbene "sporco" non serve a nulla, qunidi, per favore, allega quelli che ti ho chiesto. |
|
| Top |
|
|
clagmail
Mortale pio
Registrato: 28/05/08 23:31
Messaggi: 28
|
| Inviato: 14 Set 2008 15:53 Oggetto: malwarebytes log |
|
|
Malwarebytes' Anti-Malware 1.28
Versione del database: 1147
Windows 5.1.2600 Service Pack 3
14/09/08 3.46.44
mbam-log-2008-09-14 (15-46-44).txt
Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 159172
Tempo trascorso: 1 hour(s), 14 minute(s), 30 second(s)
Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0
Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)
Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)
Chiavi di registro infette:
(Nessun elemento malevolo rilevato)
Valori di registro infetti:
(Nessun elemento malevolo rilevato)
Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)
Cartelle infette:
(Nessun elemento malevolo rilevato)
File infetti:
(Nessun elemento malevolo rilevato) |
|
| Top |
|
|
Riverside
Ban a tempo indeterminato
Registrato: 29/02/08 22:32
Messaggi: 4396
Residenza: Riverside House
|
| Inviato: 15 Set 2008 11:40 Oggetto: |
|
|
| Ed il log di Superantispyware? |
|
| Top |
|
|
clagmail
Mortale pio
Registrato: 28/05/08 23:31
Messaggi: 28
|
| Inviato: 16 Set 2008 06:21 Oggetto: ecco superantispyware |
|
|
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 09/14/2008 at 06:01 PM
Application Version : 4.21.1004
Core Rules Database Version : 3563
Trace Rules Database Version: 1551
Scan type : Complete Scan
Total Scan Time : 01:53:36
Memory items scanned : 526
Memory threats detected : 0
Registry items scanned : 8363
Registry threats detected : 0
File items scanned : 111918
File threats detected : 32
Adware.Tracking Cookie
C:\Documents and Settings\Casa\Cookies\casa@ads.glispa[2].txt
C:\Documents and Settings\Casa\Cookies\casa@collective-media[1].txt
C:\Documents and Settings\Casa\Cookies\casa@atdmt[2].txt
C:\Documents and Settings\Casa\Cookies\casa@apmebf[2].txt
C:\Documents and Settings\Casa\Cookies\casa@mediaplex[1].txt
C:\Documents and Settings\Casa\Cookies\casa@azjmp[1].txt
C:\Documents and Settings\Casa\Cookies\casa@serving-sys[1].txt
C:\Documents and Settings\Casa\Cookies\casa@fastclick[2].txt
C:\Documents and Settings\Casa\Cookies\casa@revenue[2].txt
C:\Documents and Settings\Casa\Cookies\casa@ads.diet[2].txt
C:\Documents and Settings\Casa\Cookies\casa@thumbplay.112.2o7[1].txt
C:\Documents and Settings\Casa\Cookies\casa@ad.yieldmanager[1].txt
C:\Documents and Settings\Casa\Cookies\casa@revsci[2].txt
C:\Documents and Settings\Casa\Cookies\casa@login.tracking101[2].txt
C:\Documents and Settings\Casa\Cookies\casa@lynxtrack[1].txt
C:\Documents and Settings\Casa\Cookies\casa@iacas.adbureau[1].txt
C:\Documents and Settings\Casa\Cookies\casa@tribalfusion[2].txt
C:\Documents and Settings\Casa\Cookies\casa@oneeconomy.122.2o7[1].txt
C:\Documents and Settings\Casa\Cookies\casa@casalemedia[1].txt
C:\Documents and Settings\Casa\Cookies\casa@ad.zanox[2].txt
C:\Documents and Settings\Casa\Cookies\casa@s4.shinystat[1].txt
C:\Documents and Settings\Casa\Cookies\casa@zedo[1].txt
C:\Documents and Settings\Casa\Cookies\casa@realmedia[2].txt
C:\Documents and Settings\Casa\Cookies\casa@adopt.euroclick[2].txt
C:\Documents and Settings\Casa\Cookies\casa@ads.ads.netlog[1].txt
C:\Documents and Settings\Casa\Cookies\casa@bluestreak[1].txt
C:\Documents and Settings\Casa\Cookies\casa@advertising[2].txt
C:\Documents and Settings\Casa\Cookies\casa@interclick[2].txt
C:\Documents and Settings\Casa\Cookies\casa@bs.serving-sys[2].txt
C:\Documents and Settings\Casa\Cookies\casa@imrworldwide[2].txt
C:\Documents and Settings\Casa\Cookies\casa@eb.adbureau[2].txt
C:\Documents and Settings\Casa\Cookies\casa@statse.webtrendslive[2].txt |
|
| Top |
|
|
Riverside
Ban a tempo indeterminato
Registrato: 29/02/08 22:32
Messaggi: 4396
Residenza: Riverside House
|
| Inviato: 16 Set 2008 11:54 Oggetto: |
|
|
Bel casino: sempre con il Riprisitno Configurazione di Sistema disattivato:
1) disinstalla tutte le toolbar;
2) disinstalla, Avast;
3) disinstalla ADAware;
4) se è ancora presente, disinstalla anche SpyBot.
Una volta eseguite le disinstallazioni, esegui una pulizia con CCleaner (sia Pulizia che Registro problemi) con le modalità che ti ho indicato nel mio precedente reply.
Poi, Rilancia Hthis ed inizia a fixare queste voci:
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [Proc Deaf Delete Peak] C:\Documents and Settings\All Users\Dati applicazioni\file joy proc deaf\Readme tool.exe
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Programmi\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - Startup: OpenOffice.org 2.4.lnk.disabled
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk.disabled
O4 - Global Startup: Adobe Gamma Loader.exe.lnk.disabled
O4 - Global Startup: Adobe Gamma Loader.lnk.disabled
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {4819DFDF-ABC4-488C-A323-919848C51175} (Rinera Streaming Control) - http://portal3.rinera.com/download/RineraProxy-1.4.cab
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://www.coolstreaming.us/consolle/plug-in/SOPCORE.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
Evita di installare antivirus, per ora: dobbiamo rimuovere un rogue e sistemare un paio di altre cose.
Ma come fate a ridurvi in questo stato ......  per me resterà sempre un mistero   |
|
| Top |
|
|
clagmail
Mortale pio
Registrato: 28/05/08 23:31
Messaggi: 28
|
| Inviato: 17 Set 2008 02:50 Oggetto: non ho trovato tutti quelli da fixare |
|
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:47, on 17/09/08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\Programmi\CyberLink\Shared Files\RichVideo.exe
C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\Programmi\Seagate\Sync\SeaSyncServices.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\Programmi\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\TomTom HOME 2\HOMERunner.exe
C:\Programmi\Apoint2K\Apntex.exe
C:\Programmi\HPQ\shared\hpqwmi.exe
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\Programmi\OpenOffice.org 2.4\program\soffice.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\OpenOffice.org 2.4\program\soffice.BIN
C:\PROGRA~1\WIDCOMM\SOFTWA~1\BTSTAC~1.EXE
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
C:\Programmi\internet explorer\iexplore.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\System32\svchost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.corriere.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\3.0.914.9778\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Cpqset] C:\Programmi\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [Automatico EPSON Stylus CX3600 Series su FISSO] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P46 "Automatico EPSON Stylus CX3600 Series su FISSO" /O18 "\\FISSO\Stampante2" /M "Stylus CX3600"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Programmi\TomTom HOME 2\HOMERunner.exe"
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Programmi\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Alice ti aiuta.lnk.disabled
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: vzTCPConfig - https://www.verizon.net/WhatsNext/CheckMyPc/vzTCPConfig.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1183741656986
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Programmi\File comuni\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmi\HPQ\shared\hpqwmi.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: MaxBackServiceInt - Unknown owner - C:\Programmi\Maxtor\Maxtor Backup\MaxBackServiceInt.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Radialpoint Unicorn Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Programmi\Verizon\PC Security Checkup\rpsupdaterR.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: Seagate Sync Service - Seagate Technology LLC - C:\Programmi\Seagate\Sync\SeaSyncServices.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 11379 bytes |
|
| Top |
|
|
Riverside
Ban a tempo indeterminato
Registrato: 29/02/08 22:32
Messaggi: 4396
Residenza: Riverside House
|
| Inviato: 17 Set 2008 09:54 Oggetto: |
|
|
Torniamo alle cose serie.
@ Cla, intanto, continua a tenere il Ripristino Configurazione di Sistema disabilitato.
Poi, scarica ed installa Kaspersky Virus Removal Tool:
http://downloads1.kaspersky-labs.com/devbuilds/AVPTool/
- una volta installato, lancia il tool
- nella finestra principale seleziona le partizioni e/o i dischi da scansionare e premi il tasto Scan
- il tool eseguirà la scansione
- al termine della scansione in caso di rilevazione di infezioni clicca su Neutralize all
- si apriranno dei popup dove scegliere se Cancellare o Disinfettare l'oggetto, metti la spunta su Apply to all e clicca su Quarantine
Concluso questo passaggio, verrà rilasciato un Report: salvalo e lo alleghi qui, per favore.
Salvato il log, chiudi il programma che, verrà disinstallato automaticamente e riavvia il Computer. |
|
| Top |
|
|
clagmail
Mortale pio
Registrato: 28/05/08 23:31
Messaggi: 28
|
| Inviato: 17 Set 2008 23:46 Oggetto: kaspersky |
|
|
Scan
----
Scanned: 698917
Detected: 3
Untreated: 0
Start time: 17/09/08 12:36
Duration: 08.09.55
Finish time: 17/09/08 20:46
Detected
--------
Status Object
------ ------
deleted: Trojan program Trojan.Win32.Obfuscated.gen File: C:\Documents and Settings\Casa\Dati applicazioni\Delete Settings Eggs\Bold Data Bone Live.exe
deleted: Trojan program Trojan.Win32.Obfuscated.vdy File: C:\Documents and Settings\Casa\Dati applicazioni\Delete Settings Eggs\cqdpkytl.exe
deleted: Trojan program Trojan-Downloader.Win32.Bagle.hp File: C:\QooBox\Quarantine\Registry_backups\Legacy_SROSA.reg.dat
Events
------
Time Name Status Reason
---- ---- ------ ------
Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------
Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Prompt for action when the scan is complete
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes
Quarantine
----------
Status Object Size Added
------ ------ ---- -----
Backup
------
Status Object Size |
|
| Top |
|
|
clagmail
Mortale pio
Registrato: 28/05/08 23:31
Messaggi: 28
|
| Inviato: 17 Set 2008 23:54 Oggetto: hmmmm |
|
|
non vi voglio neanche dire in che condizioni sto affrontando questo problemino....
sono negli stati uniti per lavoro e sono costretto a fare le scansioni di notte (GMT-5 fuso or. USA-CANADA) e poi postarle quando torno a casa da lavoro con moglie e figlie che premono per collegarsi ad internet con questo unico computer per parlare (e chattare) con amici e parenti in italia... ABBIATE PAZIENZA
spero tanto che questo ultimo log sia esauriente... |
|
| Top |
|
|
Riverside
Ban a tempo indeterminato
Registrato: 29/02/08 22:32
Messaggi: 4396
Residenza: Riverside House
|
| Inviato: 18 Set 2008 02:26 Oggetto: Re: kaspersky |
|
|
| clagmail ha scritto: | Scan
----
Scanned: 698917
Detected: 3
Untreated: 0
Start time: 17/09/08 12:36
Duration: 08.09.55
Finish time: 17/09/08 20:46
Detected
--------
Status Object
------ ------
deleted: Trojan program Trojan.Win32.Obfuscated.gen File: C:\Documents and Settings\Casa\Dati applicazioni\Delete Settings Eggs\Bold Data Bone Live.exe
deleted: Trojan program Trojan.Win32.Obfuscated.vdy File: C:\Documents and Settings\Casa\Dati applicazioni\Delete Settings Eggs\cqdpkytl.exe
deleted: Trojan program Trojan-Downloader.Win32.Bagle.hp File: C:\QooBox\Quarantine\Registry_backups\Legacy_SROSA.reg.dat
|
Bene, si riesce a capire qualcosa di più: tracce di infezione da Bagle.
| Citazione: | | non vi voglio neanche dire in che condizioni sto affrontando questo problemino.... sono negli stati uniti per lavoro e sono costretto a fare le scansioni di notte (GMT-5 fuso or. USA-CANADA) e poi postarle quando torno a casa da lavoro con moglie e figlie che premono per collegarsi ad internet con questo unico computer per parlare (e chattare) con amici e parenti in italia... ABBIATE PAZIENZA |
Tranquillo, fai le scansioni quando puoi ed allega, sempre, i log che ti richiedo.
Una sola raccomandazione a moglie e figli: sei senza antivirus, quindi di loro di stare assolutamente, attenti, con la navigazione.
Fino a quando non avremo risolto la cosa, si limitino a chattare con messenger.
| Citazione: | | spero tanto che questo ultimo log sia esauriente... |
Lo è infatti.
Ora qui sono le 2,25 del mattino (ed io vado a dormire): in giornata di indico come proseguire.
Intanto, se puoi, allega un nuovo log di Hthis, per favore. |
|
| Top |
|
|
clagmail
Mortale pio
Registrato: 28/05/08 23:31
Messaggi: 28
|
| Inviato: 18 Set 2008 05:08 Oggetto: BAGLEEEEE |
|
|
Se puo esserti utile ho già avuto una ardua battaglia con un BAGLE su questo computer che ho risolto in questo modo:
http://forum.zeusnews.com/viewtopic.php?t=33289&highlight=
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:00, on 18/09/08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\Programmi\CyberLink\Shared Files\RichVideo.exe
C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\Programmi\Seagate\Sync\SeaSyncServices.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\Programmi\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Apoint2K\Apntex.exe
C:\Programmi\TomTom HOME 2\HOMERunner.exe
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\Programmi\OpenOffice.org 2.4\program\soffice.exe
C:\Programmi\OpenOffice.org 2.4\program\soffice.BIN
C:\PROGRA~1\WIDCOMM\SOFTWA~1\BTSTAC~1.EXE
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\HPQ\shared\hpqwmi.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.corriere.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\3.0.914.9778\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Cpqset] C:\Programmi\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [Automatico EPSON Stylus CX3600 Series su FISSO] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P46 "Automatico EPSON Stylus CX3600 Series su FISSO" /O18 "\\FISSO\Stampante2" /M "Stylus CX3600"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Programmi\TomTom HOME 2\HOMERunner.exe"
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Programmi\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Alice ti aiuta.lnk.disabled
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: vzTCPConfig - https://www.verizon.net/WhatsNext/CheckMyPc/vzTCPConfig.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1183741656986
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Programmi\File comuni\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmi\HPQ\shared\hpqwmi.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: MaxBackServiceInt - Unknown owner - C:\Programmi\Maxtor\Maxtor Backup\MaxBackServiceInt.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Radialpoint Unicorn Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Programmi\Verizon\PC Security Checkup\rpsupdaterR.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: Seagate Sync Service - Seagate Technology LLC - C:\Programmi\Seagate\Sync\SeaSyncServices.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 11297 bytes |
|
| Top |
|
|
Riverside
Ban a tempo indeterminato
Registrato: 29/02/08 22:32
Messaggi: 4396
Residenza: Riverside House
|
| Inviato: 18 Set 2008 08:33 Oggetto: Re: BAGLEEEEE |
|
|
| clagmail ha scritto: | | Se puo esserti utile ho già avuto una ardua battaglia con un BAGLE su questo computer che ho risolto in questo modo .... |
Non importa, andiamo avanti per gradi, per piacere.
Rilancia Hthis e fixa queste voci (metti la spunta a fianco della casellina che trovi a sinistra, per ogni voce, ed una volta spuntate tutte le voci clicca sul tasto FixChecked):
O4 - HKLM\..\Run: [Cpqset] C:\Programmi\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" ?atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Programmi\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Alice ti aiuta.lnk.disabled
O4 - Global Startup: BTTray.lnk = ?
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.F-Secure.com/ols/fscax.cab
O23 - Service: MaxBackServiceInt - Unknown owner - C:\Programmi\Maxtor\Maxtor Backup\MaxBackServiceInt.exe (file missing)
Dal log di Kaspersky ho visto che c'è un riferimento a ComboFix (che avrai installato in un'altra occasione): fammi sapere se il tool è ancora presente sul Computer per porterlo utilizzare.
Anzi, se fosse ancora presente sul P.C., riavvia il computer, accedi in modalità provvisoria ed esegui una scansione con Combofix (ed allega il relativo log). |
|
| Top |
|
|
clagmail
Mortale pio
Registrato: 28/05/08 23:31
Messaggi: 28
|
| Inviato: 19 Set 2008 03:34 Oggetto: FATTO |
|
|
ComboFix 08-09-16.05 - Casa 2008-09-19 2.43.06.4 - NTFSx86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.783 [GMT -4:00]
Eseguito da: C:\Documents and Settings\Casa\Desktop\ComboFix.exe
ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!
.
((((((((((((((((((((((((( Files Creati Da 2008-08-19 al 2008-09-19 )))))))))))))))))))))))))))))))))))
.
2008-09-17 12:36 . 2008-09-19 02:37 12,879,904 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-09-17 12:36 . 2008-09-19 02:37 152,012 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-09-17 12:35 . 2008-07-08 14:54 148,496 --a------ C:\WINDOWS\system32\drivers\54657969.sys
2008-09-16 00:36 . 2008-09-16 00:36 <DIR> d-------- C:\Programmi\Freeze.com
2008-09-14 05:43 . 2008-09-14 05:43 <DIR> d-------- C:\Documents and Settings\Casa\Dati applicazioni\Malwarebytes
2008-09-14 05:42 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-14 05:42 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-13 05:19 . 2008-09-14 05:43 <DIR> d-------- C:\Programmi\Malwarebytes' Anti-Malware
2008-09-13 05:19 . 2008-09-13 05:19 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
2008-09-11 04:59 . 2008-09-11 04:59 <DIR> d-------- C:\Programmi\SUPERAntiSpyware
2008-09-11 04:59 . 2008-09-11 04:59 <DIR> d-------- C:\Documents and Settings\Casa\Dati applicazioni\SUPERAntiSpyware.com
2008-09-11 04:59 . 2008-09-11 04:59 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2008-09-10 00:59 . 2008-09-10 00:59 <DIR> d-------- C:\Documents and Settings\francy\Dati applicazioni\Verizon
2008-09-07 07:16 . 2008-09-07 07:44 <DIR> dr------- C:\Documents and Settings\LocalService\Documenti
2008-09-06 09:06 . 2008-09-06 09:06 <DIR> d--h----- C:\WINDOWS\PIF
2008-09-06 07:42 . 2008-09-06 07:42 <DIR> dr------- C:\Documents and Settings\NetworkService\Documenti
2008-09-06 07:37 . 2008-09-06 07:51 <DIR> d-------- C:\Programmi\File comuni\Scanner
2008-09-06 07:37 . 2008-09-06 07:37 <DIR> d-------- C:\Programmi\File comuni\Authentium
2008-09-06 07:27 . 2008-09-06 07:27 <DIR> d-------- C:\Documents and Settings\Casa\Dati applicazioni\Verizon
2008-09-06 07:26 . 2008-09-06 07:37 <DIR> d-------- C:\Programmi\Verizon
2008-09-06 07:26 . 2008-09-06 07:36 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Verizon
2008-08-31 14:42 . 2008-08-31 14:42 <DIR> d-------- C:\Programmi\Delete Settings Eggs
2008-08-31 14:42 . 2008-09-17 20:46 <DIR> d-------- C:\Documents and Settings\Casa\Dati applicazioni\Delete Settings Eggs
2008-08-21 10:16 . 2008-08-21 10:16 <DIR> d-------- C:\Programmi\TomTom HOME 2
2008-08-21 10:16 . 2008-08-21 10:16 <DIR> d-------- C:\Documents and Settings\Casa\Dati applicazioni\TomTom
2008-08-21 10:16 . 2008-08-21 10:16 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\TomTom
2008-08-21 04:10 . 2008-08-21 04:10 <DIR> d-------- C:\Programmi\TomTom DesktopSuite
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-19 05:46 --------- d-----w C:\Documents and Settings\Casa\Dati applicazioni\Skype
2008-09-18 21:04 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Dati applicazioni\SolidDocuments
2008-09-18 18:59 --------- d-----w C:\Documents and Settings\Casa\Dati applicazioni\OpenOffice.org2
2008-09-17 16:36 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab
2008-09-17 05:51 --------- d-----w C:\Programmi\Spybot - Search & Destroy
2008-09-17 05:48 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-09-17 04:07 --------- d-----w C:\Programmi\File comuni\Wise Installation Wizard
2008-09-17 04:06 --------- d-----w C:\Programmi\Lavasoft
2008-09-17 04:03 --------- d-----w C:\Programmi\Google
2008-09-16 04:36 --------- d-----w C:\Programmi\Yahoo!
2008-09-13 19:27 --------- d---a-w C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2008-09-11 23:41 --------- d-----w C:\Documents and Settings\Casa\Dati applicazioni\SolidDocuments
2008-09-10 04:50 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Microsoft Help
2008-09-06 11:37 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-09-01 18:57 --------- d-----w C:\Programmi\File comuni\Filseclab
2008-09-01 15:02 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\file joy proc deaf
2008-08-31 21:22 --------- d-----w C:\Documents and Settings\Casa\Dati applicazioni\Azureus
2008-08-31 18:42 --------- d-----w C:\Programmi\Messenger Plus! Live
2008-08-31 18:42 --------- d-----w C:\Programmi\Circle Developement
2008-08-17 06:53 --------- d-----w C:\Programmi\ilcorsaronero
2008-08-17 06:53 --------- d-----w C:\Programmi\Conduit
2008-08-09 22:24 --------- d-----w C:\Programmi\Apple Software Update
2008-08-02 09:19 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft
2008-08-01 08:12 --------- d-----w C:\Programmi\iTunes
2008-08-01 08:11 --------- d-----w C:\Programmi\iPod
2008-08-01 07:52 --------- d-----w C:\Programmi\Azureus
2008-08-01 07:47 --------- d-----w C:\Programmi\Safari
2008-07-27 10:35 --------- d-----w C:\Documents and Settings\Casa\Dati applicazioni\dvdcss
2008-07-23 22:52 --------- d-----w C:\Programmi\Java
2008-07-21 19:48 --------- d-----w C:\Programmi\NOS
2008-07-21 19:48 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\NOS
2008-07-21 19:45 --------- d-----w C:\Programmi\File comuni\Adobe
2008-07-21 11:24 --------- d-----w C:\Documents and Settings\francy\Dati applicazioni\SolidDocuments
2008-07-20 15:57 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Messenger Plus!
2008-07-19 02:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-19 02:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-19 02:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-19 02:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-19 02:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-19 02:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-19 02:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-19 02:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-19 02:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-19 02:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-07 20:27 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 22:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-24 16:42 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:15 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:46 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll
.
------- Sigcheck -------
2004-08-19 08:00 14336 73955b04f209d8a1c633867841267a96 C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
2008-04-13 22:14 14336 bb8363abec09aa2f9b363484e282117c C:\WINDOWS\ServicePackFiles\i386\svchost.exe
2008-04-13 22:14 14336 bb8363abec09aa2f9b363484e282117c C:\WINDOWS\system32\svchost.exe
2005-03-02 14:20 578048 488019bfe2b0f9f8cd8394276d5b664a C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
2007-03-08 11:48 579072 bab4f995e526484a235a276e269aaf7f C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
2007-03-08 11:37 578560 9daa2190a18739b657b58f794acf2e47 C:\WINDOWS\$NtServicePackUninstall$\user32.dll
2008-04-13 22:13 579584 fa94696c0727bd59e517c674cd6e7c72 C:\WINDOWS\ServicePackFiles\i386\user32.dll
2008-04-13 22:13 579584 fa94696c0727bd59e517c674cd6e7c72 C:\WINDOWS\system32\user32.dll
2004-08-19 08:00 82944 12ead983c875ed9bcc8b90e3f77f2e4a C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
2008-04-13 22:13 82432 d34f635ff28f2aabedc95bfeb891864c C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
2008-04-13 22:13 82432 d34f635ff28f2aabedc95bfeb891864c C:\WINDOWS\system32\ws2_32.dll
2007-04-18 08:46 668160 0d15c2342bece77b21b71d229464abf2 C:\WINDOWS\$hf_mig$\KB933566\SP2QFE\wininet.dll
2007-06-26 10:39 668160 7ee33e13ec9b5edc0d0cf8865c529243 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\wininet.dll
2007-08-22 08:56 668160 2385e8caf1ed885caf1f480e3ab0eb05 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\wininet.dll
2007-08-20 05:48 825344 69d5497609b4fb0981f17074671e072b C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
2007-10-10 19:21 825344 714d8a2b05b2aaf0c6a39241a1ed914f C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
2007-12-06 21:40 825344 39ccda0e9b778792b06c1b9d794a9776 C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
2008-03-01 08:34 827392 93db90be4a10ec784ddc9c8601a28aa6 C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
2008-04-23 00:19 827392 fe184a2b736f216ccc22abeebb40787d C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
2008-06-23 11:39 827904 bf9d17259082632f03f3ff5759c6ae32 C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
2007-08-22 09:12 661504 c82a1185becd4b075e86e3c3b22e762c C:\WINDOWS\ie7\wininet.dll
2007-08-13 13:54 818688 a4a0fc92358f39538a6494c42ef99fe9 C:\WINDOWS\ie7updates\KB939653-IE7\wininet.dll
2007-08-20 05:57 824832 21aa12b75ce02358e0ad8c706680869f C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
2007-10-10 19:49 824832 419a6f3d56e469bcbe71128a78463da4 C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
2007-12-06 22:04 824832 ed2a73ab0eba3c4cb6794077cd09ec95 C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
2008-03-01 08:58 826368 61d4f43d26ec9d21beb6f38f22b396ab C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
2008-04-23 00:16 826368 c1089010bcc3fd01056d26e9a36bbb79 C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
2008-04-13 22:13 668672 663e74d98d2e67c1343d367388edd711 C:\WINDOWS\ServicePackFiles\i386\wininet.dll
2007-08-20 05:57 824832 21aa12b75ce02358e0ad8c706680869f C:\WINDOWS\SoftwareDistribution\Download\5a25e64fb9a0303bcaec81545677a1fb\SP2GDR\wininet.dll
2007-08-20 05:48 825344 69d5497609b4fb0981f17074671e072b C:\WINDOWS\SoftwareDistribution\Download\5a25e64fb9a0303bcaec81545677a1fb\SP2QFE\wininet.dll
2008-06-23 12:15 826368 4b54220877703198e55f61cb7b87979e C:\WINDOWS\system32\wininet.dll
2008-06-23 12:15 826368 4b54220877703198e55f61cb7b87979e C:\WINDOWS\system32\dllcache\wininet.dll
2006-04-20 08:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
2007-10-30 12:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
2008-06-20 06:44 360960 744e57c99232201ae98c49168b918f48 C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
2008-06-20 07:51 361600 9aefa14bd6b182d61e3119fa5f436d3d C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
2008-06-20 07:59 361600 ad978a1b783b5719720cff204b666c8e C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
2008-06-20 06:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
2008-04-13 15:20 361344 93ea8d04ec73a85db02eb8805988f733 C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
2008-06-20 07:51 361600 9aefa14bd6b182d61e3119fa5f436d3d C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 07:51 361600 9aefa14bd6b182d61e3119fa5f436d3d C:\WINDOWS\system32\drivers\tcpip.sys
2004-08-19 08:00 504832 4166454e2bcfcc20d1b8a5ac9feab243 C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
2008-04-13 22:14 510464 9259170d29b5a256735fcb8b80280857 C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
2008-04-13 22:14 510464 9259170d29b5a256735fcb8b80280857 C:\WINDOWS\system32\winlogon.exe
2004-08-19 08:00 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
2008-04-13 15:20 182656 1df7f42665c94b825322fae71721130d C:\WINDOWS\ServicePackFiles\i386\ndis.sys
2008-04-13 15:20 182656 1df7f42665c94b825322fae71721130d C:\WINDOWS\system32\drivers\ndis.sys
2004-08-19 08:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\$NtServicePackUninstall$\ip6fw.sys
2008-04-13 14:53 36608 3bb22519a194418d5fec05d800a19ad0 C:\WINDOWS\ServicePackFiles\i386\ip6fw.sys
2008-04-13 14:53 36608 3bb22519a194418d5fec05d800a19ad0 C:\WINDOWS\system32\drivers\ip6fw.sys
2005-03-02 14:12 2060672 de16030e8209fd96eeb06d9e3d8c84a8 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
2007-02-28 12:06 2063104 f89d8e24fbe047506d60b850d00bdee3 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
2007-02-28 12:02 2061312 49baea1d9379df8cd897aff9f49bc9de C:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe
2008-04-13 21:54 2069632 5e95f445b70adcf8876d1203852262a1 C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe
2008-04-13 21:54 2069632 5e95f445b70adcf8876d1203852262a1 C:\WINDOWS\system32\ntkrnlpa.exe
2005-03-02 14:12 2183296 c120a33c71e706545cf26d6276bc0344 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
2007-02-28 12:06 2185856 763ea08993b467a3af048ef185b1f805 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
2007-02-28 12:02 2184064 5ec517cc0865808df80d2184b0131d27 C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe
2008-04-13 21:55 2192768 7d804c28404e94f57967de3394201d55 C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe
2008-04-13 21:55 2192768 7d804c28404e94f57967de3394201d55 C:\WINDOWS\system32\ntoskrnl.exe
2008-04-13 22:14 1036288 70d7f99d95615c3c278367756287db71 C:\WINDOWS\explorer.exe
2007-06-13 09:10 1035776 b4e85805be6d23de697f7b3ba7492d0b C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2007-06-13 09:22 1035776 7e2817a623e16f830b660f81c0fd63da C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
2008-04-13 22:14 1036288 70d7f99d95615c3c278367756287db71 C:\WINDOWS\ServicePackFiles\i386\explorer.exe
2004-08-19 08:00 108544 e77f6fa2a15390f1727f4c1c55b69da6 C:\WINDOWS\$NtServicePackUninstall$\services.exe
2008-04-13 22:14 109056 dac0440c89b1ea4e35684896d5bf856e C:\WINDOWS\ServicePackFiles\i386\services.exe
2008-04-13 22:14 109056 dac0440c89b1ea4e35684896d5bf856e C:\WINDOWS\system32\services.exe
2004-08-19 08:00 13312 0815e8da286775fa432c7c9ee5e10ba1 C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
2008-04-13 22:14 13312 0fba335727905de8e4cb5a2cf438abf5 C:\WINDOWS\ServicePackFiles\i386\lsass.exe
2008-04-13 22:14 13312 0fba335727905de8e4cb5a2cf438abf5 C:\WINDOWS\system32\lsass.exe
2004-08-19 08:00 15360 5b33b4265966ee063c7fbea28958d9c2 C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe
2008-04-13 22:14 15360 f53cddef33a4c41336a782be3d170158 C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe
2008-04-13 22:14 15360 f53cddef33a4c41336a782be3d170158 C:\WINDOWS\system32\ctfmon.exe
2005-06-10 20:17 57856 ad3d9d191aea7b5445fe1d82ffbb4788 C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
2005-06-10 19:53 57856 da81ec57acd4cdc3d4c51cf3d409af9f C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
2008-04-13 22:14 57856 60977c9bae8f86f9075829325303d0c9 C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
2008-04-13 22:14 57856 60977c9bae8f86f9075829325303d0c9 C:\WINDOWS\system32\spoolsv.exe
2004-08-19 08:00 25088 c1e7fe19f98a877bf8f941bf48148695 C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
2008-04-13 22:14 26624 df69726907357c3add243f48902b0331 C:\WINDOWS\ServicePackFiles\i386\userinit.exe
2008-04-13 22:14 26624 df69726907357c3add243f48902b0331 C:\WINDOWS\system32\userinit.exe
.
((((((((((((((((((((((((((((( snapshot_2008-09-10_ 4.17.34.79 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-09-11 08:59:13 18,944 ----a-r C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
+ 2008-09-11 08:59:13 65,024 ----a-r C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
- 2008-08-19 08:19:58 64,706 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-09-11 09:57:27 64,706 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-08-19 08:19:58 77,946 ----a-w C:\WINDOWS\system32\perfc010.dat
+ 2008-09-11 09:57:27 77,946 ----a-w C:\WINDOWS\system32\perfc010.dat
- 2008-08-19 08:19:58 409,566 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-09-11 09:57:27 409,566 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-08-19 08:19:58 457,224 ----a-w C:\WINDOWS\system32\perfh010.dat
+ 2008-09-11 09:57:27 457,224 ----a-w C:\WINDOWS\system32\perfh010.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360]
"TomTomHOME.exe"="C:\Programmi\TomTom HOME 2\HOMERunner.exe" [2008-05-06 202088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"Apoint"="C:\Programmi\Apoint2K\Apoint.exe" [2005-02-08 159744]
"eabconfg.cpl"="C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816]
"hpWirelessAssistant"="C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-05-04 794624]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2004-03-10 406016]
"GrooveMonitor"="C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"EPSON Stylus CX3600 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE" [2004-03-03 98304]
"Automatico EPSON Stylus CX3600 Series su FISSO"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE" [2004-03-03 98304]
"AppleSyncNotifier"="C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"AGRSMMSG"="AGRSMMSG.exe" [2005-04-13 C:\WINDOWS\AGRSMMSG.exe]
C:\Documents and Settings\FREE\Menu Avvio\Programmi\Esecuzione automatica\
Ritaglio schermata e avvio di OneNote 2007.lnk.disabled [2008-02-27 965]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= Pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll
"msacm.dvacm"= C:\PROGRA~1\FILECO~1\ULEADS~1\Vio\Dvacm.acm
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"\\Fisso\EPSON Stylus CX3600 Series (Copia 1)"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P44 "\\Fisso\EPSON Stylus CX3600 Series (Copia 1)" /O6 "USB001" /M "Stylus CX3600"
"Automatico EPSON Stylus CX3600 Series (Copia 1) su Fisso"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P56 "Automatico EPSON Stylus CX3600 Series (Copia 1) su Fisso" /O16 "\\FISSO\EPSONSty" /M "Stylus CX3600"
"EverioService"="C:\Programmi\CyberLink\PCM4Everio\EverioService.exe"
"RegistryMechanic"=
"StxTrayMenu"="C:\Programmi\Seagate\SystemTray\StxMenuMgr.exe"
"QuickTime Task"="C:\Programmi\QuickTime\QTTask.exe" -atboottime
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
"NeroFilterCheck"=C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
"Motive SmartBridge"=C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
"ATIPTA"=C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Programmi\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Documents and Settings\\Casa\\Dati applicazioni\\SopCast\\adv\\SopAdver.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programmi\\CyberLink\\PCM4Everio\\PCM4Everio.exe"=
"C:\\Programmi\\CyberLink\\PCM4Everio\\EverioService.exe"=
"C:\\Programmi\\uTorrent\\uTorrent.exe"=
"C:\\Programmi\\Azureus\\Azureus.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=
"C:\\Programmi\\TVUPlayer\\TVUPlayer.exe"=
"C:\\Documents and Settings\\All Users\\Dati applicazioni\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\Italian\\setup.exe"=
"C:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"C:\\Programmi\\iTunes\\iTunes.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Programmi\\Messenger\\msmsgs.exe"=
"C:\\Programmi\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
S1 is-MB5PEdrv;is-MB5PEdrv;C:\WINDOWS\system32\DRIVERS\54657969.sys [2008-07-08 148496]
S2 Seagate Sync Service;Seagate Sync Service;C:\Programmi\Seagate\Sync\SeaSyncServices.exe [2007-01-18 24120]
S3 ovt530;Webcam Classic;C:\WINDOWS\system32\Drivers\ov530vid.sys [2005-03-15 161792]
S3 Radialpoint Security Services;Radialpoint Security Services;C:\WINDOWS\system32\dllhost.exe [2008-04-13 5120]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6221959a-6f58-11dd-a0ca-0010c6f8d470}]
\Shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e0d5f98-0c86-11dd-a552-001500496dd6}]
\Shell\AutoRun\command - setupSNK.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Casa\Dati applicazioni\Mozilla\Firefox\Profiles\xajguvcl.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.corriere.it/
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-19 02:48:22
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
Ora fine scansione: 2008-09-19 2:52:11
ComboFix-quarantined-files.txt 2008-09-19 06:51:11
ComboFix2.txt 2008-09-10 08:18:22
ComboFix3.txt 2008-05-31 09:24:20
ComboFix4.txt 2008-05-29 20:54:09
Pre-Run: 16,769,503,232 byte disponibili
Post-Run: 16,786,612,224 byte disponibili
292 --- E O F --- 2008-09-10 04:52:40 |
|
| Top |
|
|
Riverside
Ban a tempo indeterminato
Registrato: 29/02/08 22:32
Messaggi: 4396
Residenza: Riverside House
|
| Inviato: 19 Set 2008 04:28 Oggetto: |
|
|
Ciao Cla, scusa l'ampio ritardo nella risposta ma, purtroppo, ho avuto degli impegni e come vedi ti sto rispondendo ad un'ora quasi impossibile.
Posta un nuovo log di Hthis e vediamo come siamo messi ora.
Una domanda: hai dei programmi installati non regolarmente licenziati (insomma, sul P.C. girano programmi che funzionano con crack o keygen recuperate in rete?). |
|
| Top |
|
|
clagmail
Mortale pio
Registrato: 28/05/08 23:31
Messaggi: 28
|
| Inviato: 19 Set 2008 12:52 Oggetto: va gia meglio |
 |
|
No problem River.
Qualcosa c'è di non "licenziato"... tipo video e foto editing, ufficio ecc. Se c'è bisogno potrei pure disistallare che tanto li uso pochissimo... COMUNQUE PARE CHE VADA GIA' MOLTO MEGLIO, DOPO AVER DISINSTALLATO GLI ANTI SKY/VIRUS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:44, on 19/09/08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\Programmi\File comuni\Authentium\AntiVirus\dvpapi.exe
C:\Programmi\CyberLink\Shared Files\RichVideo.exe
C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\Programmi\Seagate\Sync\SeaSyncServices.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\TomTom HOME 2\HOMERunner.exe
C:\Programmi\Apoint2K\Apntex.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmi\HPQ\shared\hpqwmi.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Programmi\internet explorer\iexplore.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.corriere.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\3.0.914.9778\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [Automatico EPSON Stylus CX3600 Series su FISSO] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P46 "Automatico EPSON Stylus CX3600 Series su FISSO" /O18 "\\FISSO\Stampante2" /M "Stylus CX3600"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Programmi\TomTom HOME 2\HOMERunner.exe"
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: vzTCPConfig - https://www.verizon.net/WhatsNext/CheckMyPc/vzTCPConfig.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1183741656986
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Programmi\File comuni\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmi\HPQ\shared\hpqwmi.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Radialpoint Unicorn Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Programmi\Verizon\PC Security Checkup\rpsupdaterR.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: Seagate Sync Service - Seagate Technology LLC - C:\Programmi\Seagate\Sync\SeaSyncServices.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 10022 bytes |
|
| Top |
|
|
|
|
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi
|
|
FAQ
Cerca
Lista utenti
Gruppi
Registrati
Profilo
Messaggi privati
Log in
