Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » controllate il log grazie

controllate il log grazie Opzioni
Topic Precedente · Topic Sucessivo
giuseppe66
Inviato: Thursday, December 03, 2009 10:36:46 AM
Rank: AiutAmico

Iscritto dal : 3/22/2009
Posts: 160
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10.28.12, on 03/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe
C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe
C:\Programmi\Brother\ControlCenter3\brccMCtl.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\OpenOffice.org 3\program\soffice.exe
C:\Programmi\OpenOffice.org 3\program\soffice.bin
C:\Programmi\Brother\Brmfcmon\BrMfcmon.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Programmi\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Dati applicazioni\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Programmi\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [AVP] "C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Aggiungi ad Anti-Banner - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O9 - Extra button: &Tastiera Virtuale - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: C&ontrollo URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O24 - Desktop Component 0: (no name) - http://www.maritv.net/forumtv/immagini/icon_go_up.gif

--
End of file - 3676 bytes
Torna in alto
 
Sponsor
Inviato: Thursday, December 03, 2009 10:36:46 AM

 
Torna in alto
 
r16
Inviato: Thursday, December 03, 2009 2:39:16 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Il log è a posto.
Problemi?
Torna in alto
 
giuseppe66
Inviato: Thursday, December 03, 2009 4:10:46 PM
Rank: AiutAmico

Iscritto dal : 3/22/2009
Posts: 160
blocchi spesso e volentieri improvvisi rallentamenti e sento spesso hard disk rimuginare
Torna in alto
 
r16
Inviato: Thursday, December 03, 2009 4:17:11 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Scarica Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe


Salvalo sul desktop.

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (comparirà una videata.)
Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.
E' probabile che ti siano inviati messaggi dall'antivirus, tu ignorali.
Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.
Torna in alto
 
giuseppe66
Inviato: Thursday, December 03, 2009 5:22:57 PM
Rank: AiutAmico

Iscritto dal : 3/22/2009
Posts: 160
ComboFix 09-12-02.08 - Giuseppe 03/12/2009 17.05.39.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.511.223 [GMT 1:00]
Eseguito da: c:\documents and settings\Giuseppe\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((( Files Creati Da 2009-11-03 al 2009-12-03 )))))))))))))))))))))))))))))))))))
.

2009-12-03 16:02 . 2009-12-03 16:02 398336 ----a-w- c:\windows\system32\CF30076.exe
2009-12-01 15:07 . 2009-12-01 15:08 -------- d-----w- c:\programmi\QuickTime
2009-12-01 15:07 . 2009-12-01 15:07 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2009-12-01 15:06 . 2009-12-01 15:06 -------- d-----w- c:\programmi\File comuni\Apple
2009-12-01 15:06 . 2009-12-01 15:06 -------- d-----w- c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\Apple
2009-12-01 15:06 . 2009-12-01 15:06 -------- d-----w- c:\programmi\Apple Software Update
2009-12-01 15:06 . 2009-12-01 15:06 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple
2009-12-01 15:06 . 2009-12-01 15:06 -------- d-----w- c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\Apple Computer
2009-11-23 14:30 . 2009-11-23 14:30 -------- d-----w- c:\documents and settings\Giuseppe\Dati applicazioni\ScanSoft
2009-11-20 14:01 . 2009-11-20 14:01 -------- d-----w- c:\documents and settings\Giuseppe\Dati applicazioni\ArcSoft
2009-11-20 13:54 . 2009-11-20 13:54 -------- d-----w- c:\programmi\File comuni\ArcSoft
2009-11-20 13:53 . 2003-09-19 14:45 21248 ----a-w- c:\windows\system32\drivers\pfc.sys
2009-11-20 13:53 . 1995-08-01 03:44 212480 ----a-w- c:\windows\PCDLIB32.DLL
2009-11-20 13:53 . 2009-11-20 13:53 -------- d-----w- c:\programmi\ArcSoft
2009-11-20 13:52 . 2008-04-13 10:39 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2009-11-20 13:52 . 2008-04-13 10:39 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2009-11-20 13:52 . 2008-04-13 10:46 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2009-11-20 13:52 . 2008-04-13 10:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2009-11-20 13:52 . 2008-04-13 10:46 15232 -c--a-w- c:\windows\system32\dllcache\streamip.sys
2009-11-20 13:52 . 2008-04-13 10:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2009-11-20 13:52 . 2008-04-13 10:46 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys
2009-11-20 13:52 . 2008-04-13 10:46 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2009-11-20 13:52 . 2008-04-13 10:46 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
2009-11-20 13:52 . 2008-04-13 10:46 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2009-11-20 13:51 . 2008-04-13 10:46 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2009-11-20 13:51 . 2008-04-13 10:46 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2009-11-20 13:51 . 2008-04-13 10:46 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2009-11-20 13:51 . 2008-04-13 10:46 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2009-11-20 13:51 . 2005-01-14 08:32 53248 ----a-w- c:\windows\system32\PAStiSvc.exe
2009-11-20 13:51 . 2008-04-13 18:13 54784 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-11-20 13:51 . 2008-04-13 18:13 54784 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-11-20 13:49 . 2009-11-20 13:49 -------- d-----w- c:\windows\PixArt
2009-11-20 13:49 . 2009-11-20 13:49 -------- d-----w- c:\programmi\File comuni\PCCamera
2009-11-20 13:49 . 2009-11-20 13:49 -------- d-----w- c:\programmi\Trust
2009-11-20 07:32 . 2009-03-10 21:26 1437568 ----a-w- c:\windows\system32\KB905474\wganotifypackageinner.exe
2009-11-20 07:32 . 2009-03-10 21:18 454016 ----a-w- c:\windows\system32\KB905474\wgasetup.exe
2009-11-20 07:32 . 2009-11-20 07:32 -------- d-----w- c:\windows\system32\KB905474
2009-11-19 16:50 . 2009-11-19 16:50 -------- d-----w- c:\programmi\CCleaner
2009-11-19 07:38 . 2009-11-19 07:38 152576 ----a-w- c:\documents and settings\Giuseppe\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-19 07:37 . 2009-11-19 07:37 79488 ----a-w- c:\documents and settings\Giuseppe\Dati applicazioni\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-18 16:55 . 2009-11-18 16:55 -------- d-----w- c:\windows\system32\wbem\Repository
2009-11-17 09:13 . 2009-11-17 09:13 -------- d-sh--w- c:\documents and settings\Giuseppe\IECompatCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-03 16:14 . 2009-10-21 15:03 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2009-12-03 15:09 . 2009-09-13 08:48 1636 ----a-w- c:\windows\system32\d3d9caps.dat
2009-12-03 07:59 . 2009-09-09 17:14 1 ----a-w- c:\documents and settings\Giuseppe\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-11-20 13:53 . 2009-09-10 15:08 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-11-20 13:53 . 2009-09-10 15:04 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-11-19 07:41 . 2009-09-09 17:08 -------- d-----w- c:\programmi\Java
2009-11-18 16:58 . 2009-09-10 16:10 17936 ----a-w- c:\documents and settings\Giuseppe\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-11-18 16:54 . 2009-11-03 08:46 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2009-11-14 13:04 . 2001-08-31 08:00 61558 ----a-w- c:\windows\system32\perfc010.dat
2009-11-14 13:04 . 2001-08-31 08:00 373684 ----a-w- c:\windows\system32\perfh010.dat
2009-11-03 07:45 . 2009-09-09 15:30 -------- d-----w- c:\programmi\File comuni\Adobe
2009-10-30 13:25 . 2009-10-30 13:25 -------- d-----w- c:\programmi\Catalogo Visa 2008
2009-10-27 17:00 . 2009-10-27 14:44 -------- d-----w- c:\programmi\STBLink 2
2009-10-27 16:56 . 2009-10-27 14:44 65536 ----a-w- c:\windows\IFinst27.exe
2009-10-21 15:18 . 2009-10-21 15:18 932368 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2009-10-21 15:18 . 2009-10-21 15:18 678416 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2009-10-21 15:18 . 2009-10-21 15:18 604688 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2009-10-21 15:18 . 2009-10-21 15:18 1096208 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2009-10-21 15:18 . 2009-10-21 15:18 522768 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2009-10-21 15:15 . 2009-10-21 15:05 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-21 15:15 . 2009-10-21 15:05 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-21 15:15 . 2009-10-21 15:15 109072 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd3.dll
2009-10-21 15:15 . 2009-10-21 15:15 59920 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd.dll
2009-10-21 15:15 . 2009-10-21 15:15 264720 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\klwtbbho.dll
2009-10-21 15:07 . 2009-10-21 15:07 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-10-21 15:03 . 2009-10-21 15:03 -------- d-----w- c:\programmi\Kaspersky Lab
2009-10-21 14:59 . 2009-10-16 06:39 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2009-10-16 07:09 . 2009-10-16 07:09 -------- d-----w- c:\documents and settings\Giuseppe\Dati applicazioni\Malwarebytes
2009-10-16 07:09 . 2009-10-16 07:09 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-10-16 07:09 . 2009-10-16 07:09 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-10-11 03:17 . 2009-09-09 17:08 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-11 14:17 . 2008-04-13 15:13 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 15:09 . 2009-09-10 15:09 50 ----a-w- c:\windows\system32\bridf07a.dat
2009-09-10 12:54 . 2009-10-16 07:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-10-16 07:09 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-09 16:00 . 2009-09-09 16:00 0 ----a-w- c:\windows\nsreg.dat
2009-09-08 18:42 . 2009-09-08 18:08 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-09-08 18:04 . 2009-09-08 18:04 21840 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-04 21:03 . 2008-04-13 15:13 58880 ----a-w- c:\windows\system32\msasn1.dll
.

------- Sigcheck -------

[-] 2009-01-29 . 3316C8A8EC07A9D4C0BE10310809A9E5 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-10-15_14.27.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 00:19 . 2007-11-07 00:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 04:07 . 2008-07-29 04:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 04:07 . 2008-07-29 04:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2009-12-03 16:14 . 2009-12-03 16:14 16384 c:\windows\temp\Perflib_Perfdata_6d4.dat
+ 2008-04-13 15:14 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe
- 2008-04-13 15:14 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2001-08-31 08:00 . 2009-11-14 13:04 51396 c:\windows\system32\perfc009.dat
+ 2005-01-25 14:15 . 2005-01-25 14:15 10240 c:\windows\system32\PA207USD.DLL
+ 2009-03-08 02:31 . 2009-08-29 07:56 55296 c:\windows\system32\msfeedsbs.dll
- 2009-03-08 02:31 . 2009-07-03 16:55 55296 c:\windows\system32\msfeedsbs.dll
+ 2008-04-13 15:13 . 2009-08-29 07:56 25600 c:\windows\system32\jsproxy.dll
- 2008-04-13 15:13 . 2009-07-03 16:55 25600 c:\windows\system32\jsproxy.dll
+ 2009-07-03 13:45 . 2009-07-03 13:45 27507 c:\windows\system32\drivers\klopp.dat
+ 2009-05-16 18:59 . 2009-05-16 18:59 19472 c:\windows\system32\drivers\klmouflt.sys
+ 2009-05-13 15:46 . 2009-05-13 15:46 31760 c:\windows\system32\drivers\klim5.sys
+ 2008-12-15 18:41 . 2008-12-15 18:41 33808 c:\windows\system32\drivers\klbg.sys
+ 2009-10-15 15:48 . 2009-07-28 14:34 55656 c:\windows\system32\drivers\avgntflt.sys
+ 2009-09-09 15:41 . 2009-08-29 07:56 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-09-09 15:41 . 2009-07-03 16:55 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-09-09 15:41 . 2009-08-29 07:56 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2009-09-09 15:41 . 2009-07-03 16:55 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-04-13 15:13 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
- 2008-04-13 15:13 . 2009-07-03 16:55 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-13 15:13 . 2009-08-29 07:56 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-09-08 18:19 . 2009-11-18 17:03 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat
- 2009-09-08 18:19 . 2009-09-08 18:19 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat
+ 2009-09-08 18:19 . 2009-11-18 17:03 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat
- 2009-09-08 18:19 . 2009-09-08 18:19 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat
- 2009-09-08 18:19 . 2009-09-08 18:19 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-11-18 16:57 . 2009-11-18 17:03 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2005-01-14 08:32 . 2005-01-14 08:32 53248 c:\windows\PixArt\PAC207\PAStiSvc.exe
+ 2001-11-05 15:50 . 2001-11-05 15:50 69632 c:\windows\PixArt\PAC207\AMCap.exe
+ 2009-11-20 13:49 . 2009-11-20 13:49 40960 c:\windows\Installer\{F6CE1230-A694-4B86-B21C-A11A112689DA}\NewShortcut3_B9724615DC4C49C6B74144CFE412CDAF.exe
+ 2009-11-20 13:49 . 2009-11-20 13:49 10134 c:\windows\Installer\{F6CE1230-A694-4B86-B21C-A11A112689DA}\ARPPRODUCTICON.exe
+ 2009-11-25 07:37 . 2009-11-25 07:37 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2009-12-01 15:06 . 2009-12-01 15:06 27136 c:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
+ 2009-10-16 06:17 . 2009-07-03 16:55 12800 c:\windows\ie8updates\KB974455-IE8\xpshims.dll
+ 2009-10-16 06:17 . 2009-07-03 16:55 55296 c:\windows\ie8updates\KB974455-IE8\msfeedsbs.dll
+ 2009-10-16 06:17 . 2009-07-03 16:55 25600 c:\windows\ie8updates\KB974455-IE8\jsproxy.dll
+ 2004-11-22 12:48 . 2004-11-22 12:48 40960 c:\windows\98Setup.exe
+ 2009-10-16 06:16 . 2008-04-13 15:13 57344 c:\windows\$NtUninstallKB974571$\msasn1.dll
+ 2009-11-19 07:34 . 2008-07-08 13:06 26488 c:\windows\$hf_mig$\KB976749-IE8\update\spcustom.dll
+ 2009-11-19 07:34 . 2008-07-08 13:06 18808 c:\windows\$hf_mig$\KB976749-IE8\spmsg.dll
+ 2009-10-16 06:16 . 2008-07-08 13:06 26488 c:\windows\$hf_mig$\KB975467\update\spcustom.dll
+ 2009-10-16 06:16 . 2008-07-08 13:06 18808 c:\windows\$hf_mig$\KB975467\spmsg.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB975025\update\spcustom.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB975025\spmsg.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB974571\update\spcustom.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB974571\spmsg.dll
+ 2009-09-04 20:57 . 2009-09-04 20:57 58880 c:\windows\$hf_mig$\KB974571\SP3QFE\msasn1.dll
+ 2009-10-16 06:17 . 2008-07-08 13:06 26488 c:\windows\$hf_mig$\KB974455-IE8\update\spcustom.dll
+ 2009-10-16 06:17 . 2008-07-08 13:06 18808 c:\windows\$hf_mig$\KB974455-IE8\spmsg.dll
+ 2009-10-15 17:00 . 2009-08-29 07:49 12800 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\xpshims.dll
+ 2009-10-15 17:00 . 2009-08-29 07:49 55296 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\msfeedsbs.dll
+ 2009-10-15 17:00 . 2009-08-29 07:49 25600 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\jsproxy.dll
+ 2009-10-16 06:17 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB974112\update\spcustom.dll
+ 2009-10-16 06:17 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB974112\spmsg.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB973525\update\spcustom.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB973525\spmsg.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB971486\update\spcustom.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB971486\spmsg.dll
+ 2009-10-16 06:17 . 2008-07-08 13:06 26488 c:\windows\$hf_mig$\KB969059\update\spcustom.dll
+ 2009-10-16 06:17 . 2008-07-08 13:06 18808 c:\windows\$hf_mig$\KB969059\spmsg.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 01:54 . 2008-07-29 01:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2009-07-12 00:12 . 2009-07-12 00:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 00:09 . 2009-07-12 00:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 00:08 . 2009-07-12 00:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2008-04-13 15:13 . 2009-04-09 23:01 530280 c:\windows\system32\wmspdmod.dll
+ 2008-04-13 15:13 . 2009-08-29 07:56 916480 c:\windows\system32\wininet.dll
- 2008-04-13 15:13 . 2008-10-03 10:02 247326 c:\windows\system32\strmdll.dll
+ 2008-04-13 15:13 . 2009-08-26 08:00 247326 c:\windows\system32\strmdll.dll
+ 2001-08-31 08:00 . 2009-11-14 13:04 337052 c:\windows\system32\perfh009.dat
- 2008-04-13 15:13 . 2009-07-03 16:55 206848 c:\windows\system32\occache.dll
+ 2008-04-13 15:13 . 2009-08-29 07:56 206848 c:\windows\system32\occache.dll
- 2009-03-08 02:32 . 2009-07-03 16:55 594432 c:\windows\system32\msfeeds.dll
+ 2009-03-08 02:32 . 2009-08-29 07:56 594432 c:\windows\system32\msfeeds.dll
+ 2009-07-03 13:48 . 2009-07-03 13:48 219664 c:\windows\system32\klogon.dll
+ 2009-11-19 07:41 . 2009-10-11 03:17 149280 c:\windows\system32\javaws.exe
- 2009-09-09 17:08 . 2009-09-09 17:08 149280 c:\windows\system32\javaws.exe
- 2009-09-09 17:08 . 2009-09-09 17:08 145184 c:\windows\system32\javaw.exe
+ 2009-11-19 07:41 . 2009-10-11 03:17 145184 c:\windows\system32\javaw.exe
- 2009-09-09 17:08 . 2009-09-09 17:08 145184 c:\windows\system32\java.exe
+ 2009-11-19 07:41 . 2009-10-11 03:17 145184 c:\windows\system32\java.exe
+ 2008-04-13 15:13 . 2009-08-29 07:56 184320 c:\windows\system32\iepeers.dll
- 2008-04-13 15:13 . 2009-07-03 16:55 184320 c:\windows\system32\iepeers.dll
+ 2008-04-13 15:13 . 2009-08-29 07:56 387584 c:\windows\system32\iedkcs32.dll
- 2008-04-13 15:14 . 2009-07-03 11:01 173056 c:\windows\system32\ie4uinit.exe
+ 2008-04-13 15:14 . 2009-08-28 10:37 173056 c:\windows\system32\ie4uinit.exe
+ 2009-09-08 19:33 . 2009-11-19 09:16 113376 c:\windows\system32\FNTCACHE.DAT
+ 2005-02-24 11:29 . 2005-02-24 11:29 162176 c:\windows\system32\drivers\PFC027.sys
+ 2009-10-21 15:03 . 2009-10-21 15:03 296976 c:\windows\system32\drivers\klif.sys
+ 2009-06-15 12:01 . 2009-06-15 12:01 128016 c:\windows\system32\drivers\kl1.sys
+ 2008-04-13 15:13 . 2009-04-09 23:01 530280 c:\windows\system32\dllcache\wmspdmod.dll
+ 2008-04-13 15:13 . 2009-08-29 07:56 916480 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-13 15:13 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
- 2008-04-13 15:13 . 2008-10-03 10:02 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2008-04-13 15:13 . 2009-08-29 07:56 206848 c:\windows\system32\dllcache\occache.dll
- 2008-04-13 15:13 . 2009-07-03 16:55 206848 c:\windows\system32\dllcache\occache.dll
+ 2008-04-13 15:13 . 2009-09-11 14:17 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2008-04-13 15:13 . 2009-06-25 08:25 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2009-09-09 15:41 . 2009-07-03 16:55 594432 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-09-09 15:41 . 2009-08-29 07:56 594432 c:\windows\system32\dllcache\msfeeds.dll
- 2009-09-09 15:41 . 2009-07-03 16:55 246272 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-09-09 15:41 . 2009-08-29 07:56 246272 c:\windows\system32\dllcache\ieproxy.dll
+ 2008-04-13 15:13 . 2009-08-29 07:56 184320 c:\windows\system32\dllcache\iepeers.dll
- 2008-04-13 15:13 . 2009-07-03 16:55 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2008-04-13 15:13 . 2009-08-29 07:56 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2008-04-13 15:14 . 2009-07-03 11:01 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-04-13 15:14 . 2009-08-28 10:37 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-11-03 07:47 . 2009-11-03 07:47 274432 c:\windows\system32\config\systemprofile\ntuser.dat
+ 2005-02-21 13:07 . 2005-02-21 13:07 413696 c:\windows\PixArt\PAC207\PASnap.exe
+ 2009-11-25 07:37 . 2009-11-25 07:37 429568 c:\windows\Installer\b5304.msi
+ 2009-12-01 15:07 . 2009-12-01 15:07 796672 c:\windows\Installer\7c665b.msi
+ 2009-10-31 07:14 . 2009-10-31 07:14 195584 c:\windows\Installer\45ecb.msi
+ 2009-10-16 13:11 . 2009-10-16 13:11 659456 c:\windows\Installer\2fe158.msi
+ 2009-10-15 15:47 . 2009-10-15 15:47 228352 c:\windows\Installer\11d8a.msi
+ 2009-10-16 13:11 . 2009-10-16 13:11 295606 c:\windows\Installer\{AC76BA86-7AD7-5670-0000-900000000003}\ARPPRODUCTICON.exe
+ 2009-11-19 07:34 . 2008-07-08 13:06 402296 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll
+ 2009-11-19 07:34 . 2008-07-08 13:06 233848 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe
+ 2009-10-16 06:17 . 2009-07-03 16:55 915456 c:\windows\ie8updates\KB974455-IE8\wininet.dll
+ 2009-10-16 06:17 . 2009-05-26 11:41 402296 c:\windows\ie8updates\KB974455-IE8\spuninst\updspapi.dll
+ 2009-10-16 06:17 . 2008-07-08 13:06 233848 c:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe
+ 2009-10-16 06:17 . 2009-07-03 16:55 206848 c:\windows\ie8updates\KB974455-IE8\occache.dll
+ 2009-10-16 06:17 . 2009-07-03 16:55 594432 c:\windows\ie8updates\KB974455-IE8\msfeeds.dll
+ 2009-10-16 06:17 . 2009-07-03 16:55 246272 c:\windows\ie8updates\KB974455-IE8\ieproxy.dll
+ 2009-10-16 06:17 . 2009-07-03 16:55 184320 c:\windows\ie8updates\KB974455-IE8\iepeers.dll
+ 2009-10-16 06:17 . 2009-07-03 16:55 386048 c:\windows\ie8updates\KB974455-IE8\iedkcs32.dll
+ 2009-10-16 06:17 . 2009-07-03 11:01 173056 c:\windows\ie8updates\KB974455-IE8\ie4uinit.exe
+ 2009-10-16 06:16 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB975467$\spuninst\updspapi.dll
+ 2009-10-16 06:16 . 2008-07-08 13:06 233848 c:\windows\$NtUninstallKB975467$\spuninst\spuninst.exe
+ 2009-10-16 06:16 . 2009-06-25 08:25 136192 c:\windows\$NtUninstallKB975467$\msv1_0.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB975025$\spuninst\updspapi.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 233848 c:\windows\$NtUninstallKB975025$\spuninst\spuninst.exe
+ 2009-10-16 06:16 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB974571$\spuninst\updspapi.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 233848 c:\windows\$NtUninstallKB974571$\spuninst\spuninst.exe
+ 2009-10-16 06:17 . 2008-10-03 10:02 247326 c:\windows\$NtUninstallKB974112$\strmdll.dll
+ 2009-10-16 06:17 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB974112$\spuninst\updspapi.dll
+ 2009-10-16 06:17 . 2009-05-26 11:41 233848 c:\windows\$NtUninstallKB974112$\spuninst\spuninst.exe
+ 2009-10-16 06:16 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB973525$\spuninst\updspapi.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 233848 c:\windows\$NtUninstallKB973525$\spuninst\spuninst.exe
+ 2009-10-16 06:16 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB971486$\spuninst\updspapi.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 233848 c:\windows\$NtUninstallKB971486$\spuninst\spuninst.exe
+ 2009-10-16 06:17 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB969059$\spuninst\updspapi.dll
+ 2009-10-16 06:17 . 2008-07-08 13:06 233848 c:\windows\$NtUninstallKB969059$\spuninst\spuninst.exe
+ 2009-10-16 06:17 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB958869$\spuninst\updspapi.dll
+ 2009-10-16 06:17 . 2009-05-26 11:41 233848 c:\windows\$NtUninstallKB958869$\spuninst\spuninst.exe
+ 2009-10-16 06:17 . 2004-08-10 23:45 531192 c:\windows\$NtUninstallKB954155_WM9$\wmspdmod.dll
+ 2009-10-16 06:17 . 2007-07-27 08:41 382840 c:\windows\$NtUninstallKB954155_WM9$\spuninst\updspapi.dll
+ 2009-10-16 06:17 . 2007-07-27 06:35 233848 c:\windows\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe
+ 2009-11-19 07:34 . 2008-07-08 13:06 402296 c:\windows\$hf_mig$\KB976749-IE8\update\updspapi.dll
+ 2009-11-19 07:34 . 2008-07-08 13:06 763768 c:\windows\$hf_mig$\KB976749-IE8\update\update.exe
+ 2009-11-19 07:34 . 2008-07-08 13:06 233848 c:\windows\$hf_mig$\KB976749-IE8\spuninst.exe
+ 2009-10-16 06:16 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB975467\update\updspapi.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB975467\update\update.exe
+ 2009-10-16 06:16 . 2008-07-08 13:06 233848 c:\windows\$hf_mig$\KB975467\spuninst.exe
+ 2009-09-11 14:14 . 2009-09-11 14:14 136704 c:\windows\$hf_mig$\KB975467\SP3QFE\msv1_0.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB975025\update\updspapi.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB975025\update\update.exe
+ 2009-10-16 06:16 . 2009-05-26 11:41 233848 c:\windows\$hf_mig$\KB975025\spuninst.exe
+ 2009-10-16 06:16 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB974571\update\updspapi.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB974571\update\update.exe
+ 2009-10-16 06:16 . 2009-05-26 11:41 233848 c:\windows\$hf_mig$\KB974571\spuninst.exe
+ 2009-10-16 06:17 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB974455-IE8\update\updspapi.dll
+ 2009-10-16 06:17 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB974455-IE8\update\update.exe
+ 2009-10-16 06:17 . 2008-07-08 13:06 233848 c:\windows\$hf_mig$\KB974455-IE8\spuninst.exe
+ 2009-10-15 17:00 . 2009-08-29 07:49 916480 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
+ 2009-10-15 17:00 . 2009-08-29 07:49 206848 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\occache.dll
+ 2009-10-15 17:00 . 2009-08-29 07:49 594432 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\msfeeds.dll
+ 2009-10-15 17:00 . 2009-08-29 07:49 246272 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ieproxy.dll
+ 2009-10-15 17:00 . 2009-08-29 07:49 184320 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iepeers.dll
+ 2009-10-15 17:00 . 2009-08-29 07:49 387584 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iedkcs32.dll
+ 2009-10-15 17:00 . 2009-08-28 10:07 173056 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ie4uinit.exe
+ 2009-10-16 06:17 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB974112\update\updspapi.dll
+ 2009-10-16 06:17 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB974112\update\update.exe
+ 2009-10-16 06:17 . 2009-05-26 11:41 233848 c:\windows\$hf_mig$\KB974112\spuninst.exe
+ 2009-08-26 08:02 . 2009-08-26 08:02 247326 c:\windows\$hf_mig$\KB974112\SP3QFE\strmdll.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB973525\update\updspapi.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB973525\update\update.exe
+ 2009-10-16 06:16 . 2009-05-26 11:41 233848 c:\windows\$hf_mig$\KB973525\spuninst.exe
+ 2009-10-16 06:16 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB971486\update\updspapi.dll
+ 2009-10-16 06:16 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB971486\update\update.exe
+ 2009-10-16 06:16 . 2009-05-26 11:41 233848 c:\windows\$hf_mig$\KB971486\spuninst.exe
+ 2009-10-16 06:17 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB969059\update\updspapi.dll
+ 2009-10-16 06:17 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB969059\update\update.exe
+ 2009-10-16 06:17 . 2008-07-08 13:06 233848 c:\windows\$hf_mig$\KB969059\spuninst.exe
+ 2009-10-15 16:53 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2009-07-20 23:03 . 2009-07-20 23:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2008-04-13 14:50 . 2009-08-14 15:12 1850624 c:\windows\system32\win32k.sys
+ 2008-04-13 15:13 . 2009-08-29 07:56 1208832 c:\windows\system32\urlmon.dll
- 2008-04-13 15:13 . 2009-07-03 16:55 1208832 c:\windows\system32\urlmon.dll
+ 2009-11-18 16:52 . 2009-11-18 16:55 2493736 c:\windows\system32\Restore\rstrlog.dat
- 2008-04-13 15:13 . 2008-04-13 15:13 1439232 c:\windows\system32\query.dll
+ 2008-04-13 15:13 . 2009-07-17 16:15 1439232 c:\windows\system32\query.dll
+ 2008-04-13 14:55 . 2009-08-04 20:56 2192896 c:\windows\system32\ntoskrnl.exe
+ 2008-04-13 18:55 . 2009-08-04 17:26 2069760 c:\windows\system32\ntkrnlpa.exe
- 2008-04-13 18:55 . 2009-02-10 17:02 2069760 c:\windows\system32\ntkrnlpa.exe
+ 2008-04-13 15:13 . 2009-07-31 09:02 1372672 c:\windows\system32\msxml6.dll
+ 2009-07-20 23:05 . 2009-07-20 23:05 1348432 c:\windows\system32\msxml4.dll
+ 2008-04-13 15:13 . 2009-07-31 04:32 1172480 c:\windows\system32\msxml3.dll
+ 2008-04-13 15:13 . 2009-10-22 09:16 5939712 c:\windows\system32\mshtml.dll
+ 2009-03-08 02:32 . 2009-08-29 07:56 1985536 c:\windows\system32\iertutil.dll
- 2009-03-08 02:32 . 2009-07-03 16:55 1985536 c:\windows\system32\iertutil.dll
+ 2008-04-13 14:50 . 2009-08-14 15:12 1850624 c:\windows\system32\dllcache\win32k.sys
- 2008-04-13 15:13 . 2009-07-03 16:55 1208832 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-13 15:13 . 2009-08-29 07:56 1208832 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-13 15:13 . 2009-07-17 16:15 1439232 c:\windows\system32\dllcache\query.dll
- 2008-04-13 15:13 . 2008-04-13 15:13 1439232 c:\windows\system32\dllcache\query.dll
+ 2009-09-25 09:27 . 2009-08-04 20:56 2192896 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-09-25 09:27 . 2009-08-04 17:26 2027520 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-09-25 09:27 . 2009-02-09 11:23 2027520 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-02-10 17:02 . 2009-02-10 17:02 2069760 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-02-10 17:02 . 2009-08-04 17:26 2069760 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-09-25 09:27 . 2009-08-04 17:26 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2009-09-25 09:27 . 2009-02-09 11:22 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-04-13 15:13 . 2009-07-31 09:02 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2008-04-13 15:13 . 2009-07-31 04:32 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2008-04-13 15:13 . 2009-10-22 09:16 5939712 c:\windows\system32\dllcache\mshtml.dll
- 2009-09-09 15:41 . 2009-07-03 16:55 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2009-09-09 15:41 . 2009-08-29 07:56 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2009-12-01 15:08 . 2009-12-01 15:08 9473024 c:\windows\Installer\7c665f.msi
+ 2009-12-01 15:06 . 2009-12-01 15:06 1549312 c:\windows\Installer\7c6655.msi
+ 2009-11-20 13:49 . 2009-11-20 13:49 4260352 c:\windows\Installer\4adc28.msi
+ 2009-10-21 15:05 . 2009-10-21 15:05 3401216 c:\windows\Installer\200e3.msi
+ 2009-11-03 07:46 . 2009-11-03 07:46 3965440 c:\windows\Installer\168d10.msi
+ 2009-11-19 07:34 . 2009-08-29 07:56 5940224 c:\windows\ie8updates\KB976749-IE8\mshtml.dll
+ 2009-10-16 06:17 . 2009-07-03 16:55 1208832 c:\windows\ie8updates\KB974455-IE8\urlmon.dll
+ 2009-10-16 06:17 . 2009-07-19 13:12 5937152 c:\windows\ie8updates\KB974455-IE8\mshtml.dll
+ 2009-10-16 06:17 . 2009-07-03 16:55 1985536 c:\windows\ie8updates\KB974455-IE8\iertutil.dll
+ 2009-09-25 09:27 . 2009-08-04 20:56 2192896 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-09-25 09:27 . 2009-08-04 17:26 2027520 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-09-25 09:27 . 2009-02-09 11:23 2027520 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-02-10 17:02 . 2009-02-10 17:02 2069760 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-02-10 17:02 . 2009-08-04 17:26 2069760 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-09-25 09:27 . 2009-02-09 11:22 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-09-25 09:27 . 2009-08-04 17:26 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-07-17 19:12 . 2009-07-17 19:12 1962160 c:\windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
+ 2009-07-17 19:12 . 2009-07-17 19:12 1962160 c:\windows\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe
+ 2009-10-27 10:37 . 2009-10-27 14:51 4056064 c:\windows\Downloaded Installations\{E859DEDF-F049-4CBE-8CB6-B9D164B86B10}\GI-Toolbox.msi
+ 2009-11-20 13:49 . 2009-11-20 13:49 5919744 c:\windows\Downloaded Installations\{523D1AB7-1C5C-4699-A2EC-3D62EBBE1C5D}\Trust WB-1400T Webcam.msi
+ 2009-10-16 06:16 . 2009-02-09 11:23 2192768 c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
+ 2009-10-16 06:16 . 2009-02-09 11:23 2027520 c:\windows\$NtUninstallKB971486$\ntkrpamp.exe
+ 2009-10-16 06:16 . 2009-02-10 17:02 2069760 c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
+ 2009-10-16 06:16 . 2009-02-09 11:22 2148864 c:\windows\$NtUninstallKB971486$\ntkrnlmp.exe
+ 2009-10-16 06:17 . 2008-04-13 15:13 1439232 c:\windows\$NtUninstallKB969059$\query.dll
+ 2009-11-18 17:07 . 2009-10-22 09:13 5943296 c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
+ 2009-10-15 17:00 . 2009-08-29 07:49 1209344 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\urlmon.dll
+ 2009-10-15 17:00 . 2009-08-29 07:49 5942272 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
+ 2009-10-15 17:00 . 2009-08-29 07:49 1986048 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iertutil.dll
+ 2009-10-15 16:49 . 2009-08-04 17:21 2193024 c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
+ 2009-10-15 16:49 . 2009-08-04 17:21 2027520 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrpamp.exe
+ 2009-08-04 20:51 . 2009-08-04 20:51 2069888 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
+ 2009-10-15 16:49 . 2009-08-04 17:21 2148864 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlmp.exe
+ 2009-07-17 16:01 . 2009-07-17 16:01 1439232 c:\windows\$hf_mig$\KB969059\SP3QFE\query.dll
+ 2009-09-09 15:45 . 2009-11-05 17:36 26768832 c:\windows\system32\MRT.exe
+ 2009-03-08 02:39 . 2009-08-29 07:56 11069440 c:\windows\system32\ieframe.dll
+ 2009-07-19 16:42 . 2009-08-29 07:56 11069440 c:\windows\system32\dllcache\ieframe.dll
+ 2009-10-16 06:17 . 2009-07-19 16:42 11067392 c:\windows\ie8updates\KB974455-IE8\ieframe.dll
+ 2009-08-29 11:19 . 2009-08-29 11:19 11069952 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ieframe.dll
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\programmi\File comuni\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"SSBkgdUpdate"="c:\programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\programmi\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248]
"IndexSearch"="c:\programmi\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632]
"PPort11reminder"="c:\programmi\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528]
"BrMfcWnd"="c:\programmi\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552]
"ControlCenter3"="c:\programmi\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2009-11-10 417792]
"avp"="c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-07-03 303376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\Giuseppe\Menu Avvio\Programmi\Esecuzione automatica\
OpenOffice.org 3.1.lnk - c:\programmi\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15/12/2008 19.41.32 33808]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/05/2009 16.46.52 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16/05/2009 19.59.44 19472]
R3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.sys [24/02/2005 12.29.14 162176]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1A43B51D-2671-4bcc-89F0-9BC42DB29016}]
rundll32 fos64.dll,InitO
.
Contenuto della cartella 'Scheduled Tasks'

2009-12-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-12-03 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-11-20 21:18]
.
.
------- Scansione supplementare -------
.
IE: Aggiungi ad Anti-Banner - c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
FF - ProfilePath - c:\documents and settings\Giuseppe\Dati applicazioni\Mozilla\Firefox\Profiles\4rykw1yo.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/ig?hl=it
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - component: c:\programmi\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-03 17:15
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(2412)
c:\windows\system32\WININET.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Java\jre6\bin\jqs.exe
c:\windows\System32\PAStiSvc.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programmi\Brother\ControlCenter3\brccMCtl.exe
c:\programmi\File comuni\Nero\Lib\NMIndexingService.exe
c:\programmi\Brother\Brmfcmon\BrMfcmon.exe
c:\programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe
c:\programmi\OpenOffice.org 3\program\soffice.exe
c:\programmi\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Ora fine scansione: 2009-12-03 17:19 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-12-03 16:19
ComboFix2.txt 2009-10-15 15:23
ComboFix3.txt 2009-10-15 14:29

Pre-Run: 21.152.272.384 byte disponibili
Post-Run: 21.076.987.904 byte disponibili

- - End Of File - - 05B1DAE375F0276D2DAC30F0698F7914
Torna in alto
 
r16
Inviato: Thursday, December 03, 2009 5:39:07 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Non ci sono virus.
Fai queste pulizie:
Disattiva il ripristino configurazione di sistema, e tienilo disattivato, fino alla soluzione del problema http://guide.aiutamici.com/guide?C1=7&C2=68&ID=80121

Dai una pulita (registro compreso)con CCleaner http://www.aiutaamici.com/software?ID=11223
Nella schermata iniziale di CCleaner, clicca su Opzioni e poi Avanzate, togli il segno di spunta a: Cancella i file in Windows Temp solo se più vecchi di 48 ore. (poi esegui le pulizie)

Poi:
Start\Esegui\copia e incolla la stringa %temp% clicca su Ok, svuota la cartella temp. (non eliminare la cartella)
Poi:
Provvedi a svuotare del suo contenuto la cartella Prefetch :
clicca su Risorse del Computer
clicca su Disco locale C:
cerca, all’interno delle cartelle che saranno visualizzate la cartella Windows, aprila ed, al suo interno, cerca la cartella Prefetch, la apri ed elimina tutte le voci conservate al suo interno ( non eliminare la cartella)
SVUOTA IL CESTINO
Poi:
Lancia Hijackthis e pulisci gli ADS in questo modo:
clicca sulla voce Open the misc tool section
clicca su Open ads spy
togli la spunta alla voce Quick scan (windows base folder only)
clicca su Scan.
Aspetta pazientemente la fine della scansione.
se venissero rilevati ADS, spunta tutte (senza paura) le caselline e clicca su Remove selected

Fai uno ScanDisk approfondito, e una deframmentazione del HD.

Riattiva il ripristino configurazione di sistema e, se tutto è a posto, creane uno nuovo.
Torna in alto
 
giuseppe66
Inviato: Friday, December 04, 2009 8:34:33 AM
Rank: AiutAmico

Iscritto dal : 3/22/2009
Posts: 160
ok grazie tuto a posto e ritornato bello stabile e silenzioso, grazie.
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » controllate il log grazie


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.