Ciao invio il log di combofix
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.659 [GMT 2:00]
Eseguito da: C:\Documents and Settings\gin\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((( Files Creati Da 2008-04-24 al 2008-05-24 )))))))))))))))))))))))))))))))))))
.
2008-05-24 12:58 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2008-05-24 12:58 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2008-05-24 12:58 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2008-05-24 12:58 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2008-05-24 12:58 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2008-05-24 12:58 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2008-05-24 12:58 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2008-05-24 12:58 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2008-05-24 01:33 . 2008-05-24 02:36 <DIR> d-------- C:\VEXPLITE
2008-05-24 01:33 . 2008-03-17 19:23 39,808 --a------ C:\WINDOWS\system32\drivers\VIRAGTLT.SYS
2008-05-23 19:56 . 2008-05-23 19:56 <DIR> d-------- C:\Documents and Settings\gin\Dati applicazioni\IObit
2008-05-23 12:52 . 2008-04-13 19:13 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-05-23 12:44 . 2008-05-23 12:46 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-05-23 12:42 . 2007-08-10 08:20 26,488 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-05-23 12:42 . 2006-12-28 12:01 19,569 --a------ C:\WINDOWS\
002508_.tmp
2008-05-22 23:09 . 2008-05-22 23:09 <DIR> d-------- C:\VundoFix Backups
2008-05-22 11:01 . 2008-05-22 11:01 32,397 --a------ C:\WINDOWS\SGTBox.INI
2008-05-22 10:53 . 2008-05-22 10:53 <DIR> d-------- C:\Documents and Settings\gin\Dati applicazioni\VSRevoGroup
2008-05-22 10:47 . 2008-05-22 10:47 <DIR> d-------- C:\Programmi\VS Revo Group
2008-05-22 00:38 . 2008-05-22 00:38 58,368 --a------ C:\WINDOWS\system32\hgGvuVpp.dll.vir
2008-05-22 00:05 . 2008-05-22 00:05 <DIR> d-------- C:\Documents and Settings\gin\Dati applicazioni\Convivea
2008-05-21 23:48 . 2008-05-22 00:00 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft
2008-05-21 23:47 . 2008-05-21 23:47 <DIR> d-------- C:\Programmi\File comuni\Wise Installation Wizard
2008-05-21 22:24 . 2008-05-22 00:31 <DIR> d-------- C:\Programmi\LimeWire
2008-05-21 22:24 . 2008-05-24 10:20 <DIR> d-------- C:\Documents and Settings\gin\Dati applicazioni\LimeWire
2008-05-16 11:58 . 2008-05-16 11:58 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe
2008-05-13 12:47 . 2008-05-24 10:18 <DIR> d-------- C:\Programmi\eMule
2008-05-13 11:32 . 2008-05-13 11:32 <DIR> d-------- C:\Programmi\Microsoft Visual Studio 8
2008-05-13 10:46 . 2008-05-13 10:46 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Elaborate Bytes
2008-05-13 01:44 . 2008-05-13 01:44 <DIR> d-------- C:\WINDOWS\Sun
2008-05-13 01:25 . 2003-06-19 01:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-05-12 17:25 . 2008-05-12 17:25 0 --a------ C:\WINDOWS\nsreg.dat
2008-05-12 13:32 . 2008-05-12 13:32 <DIR> d-------- C:\Documents and Settings\gin\Dati applicazioni\DICOMedReview
2008-05-12 13:32 . 2008-05-12 13:32 0 --a------ C:\WINDOWS\DVLite.INI
2008-05-12 00:49 . 2008-05-22 00:14 <DIR> d-------- C:\Documents and Settings\gin\Dati applicazioni\AdobeUM
2008-05-12 00:09 . 2008-05-20 09:56 <DIR> d-------- C:\Programmi\IObit
2008-05-12 00:07 . 2008-05-12 00:07 <DIR> d-------- C:\Programmi\Auslogics
2008-05-12 00:07 . 2008-05-12 00:07 <DIR> d-------- C:\Documents and Settings\gin\Dati applicazioni\Auslogics
2008-05-11 17:18 . 2008-05-11 17:18 <DIR> d-------- C:\Programmi\File comuni\Ahead
2008-05-11 17:18 . 2008-05-11 17:18 <DIR> d-------- C:\Programmi\Ahead
2008-05-11 17:18 . 2004-07-26 17:16 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2008-05-11 17:18 . 2004-07-26 17:16 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2008-05-11 17:18 . 2004-07-26 17:16 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2008-05-11 17:18 . 2004-07-26 17:16 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2008-05-11 17:18 . 2001-07-09 11:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2008-05-11 17:18 . 2004-03-02 17:37 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
2008-05-11 17:18 . 2000-06-26 11:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2008-05-11 17:18 . 2004-03-02 17:37 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
2008-05-11 17:10 . 2007-07-05 08:22 3,073,320 --a------ C:\WINDOWS\system32\AdvrCntr2D6E0B790.dll
2008-05-11 16:58 . 2005-11-10 13:03 49,265 --a------ C:\WINDOWS\system32\jpicpl32.cpl
2008-05-11 16:57 . 2008-05-11 16:58 <DIR> d-------- C:\Programmi\Java
2008-05-11 16:57 . 2008-05-11 16:57 <DIR> d-------- C:\Programmi\File comuni\Java
2008-05-11 14:33 . 2008-05-11 14:33 <DIR> d-------- C:\Documents and Settings\gin\Contacts
2008-05-11 13:37 . 2008-05-23 01:37 <DIR> d-------- C:\Programmi\QuickTime
2008-05-11 13:24 . 2008-05-11 17:17 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-05-11 13:17 . 2008-05-11 13:17 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Windows Live Toolbar
2008-05-11 13:17 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-05-11 13:17 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-05-11 13:17 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-05-11 13:17 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-05-11 13:17 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-05-11 13:17 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-05-11 13:17 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-05-11 13:17 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-05-11 13:15 . 2008-05-11 13:15 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-05-11 13:15 . 2008-05-11 13:15 <DIR> d-------- C:\Programmi\MSN Messenger
2008-05-11 12:36 . 2004-05-04 11:53 1,645,320 --a------ C:\WINDOWS\gdiplus.dll
2008-05-11 12:36 . 2006-05-20 16:16 1,184,984 --a------ C:\WINDOWS\system32\wvc1dmod.dll
2008-05-11 12:36 . 2006-05-11 19:21 626,688 --a------ C:\WINDOWS\system32\vp7vfw.dll
2008-05-11 12:36 . 2006-09-29 12:24 217,127 --a------ C:\WINDOWS\system32\drv43260.dll
2008-05-11 12:36 . 2006-09-29 12:25 208,935 --a------ C:\WINDOWS\system32\drv33260.dll
2008-05-11 12:36 . 2006-09-29 12:26 176,165 --a------ C:\WINDOWS\system32\drv23260.dll
2008-05-11 12:36 . 2007-03-18 20:37 65,602 --a------ C:\WINDOWS\system32\cook3260.dll
2008-05-11 12:36 . 2008-05-11 12:36 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-05-11 12:36 . 2008-05-11 12:36 47,360 --a------ C:\Documents and Settings\gin\Dati applicazioni\pcouffin.sys
2008-05-11 12:27 . 2008-05-11 12:37 <DIR> d-------- C:\Documents and Settings\gin\Dati applicazioni\Vso
2008-05-11 12:26 . 2008-05-11 12:36 <DIR> d-------- C:\Programmi\vso
2008-05-11 10:48 . 2008-05-23 01:39 <DIR> d-------- C:\Programmi\WashAndGo
2008-05-11 10:25 . 2008-05-11 10:25 <DIR> d-------- C:\Programmi\Trend Micro
2008-05-11 02:01 . 2008-05-11 02:01 <DIR> d-------- C:\Programmi\uTorrent
2008-05-11 02:01 . 2008-05-24 12:12 <DIR> d-------- C:\Documents and Settings\gin\Dati applicazioni\uTorrent
2008-05-11 01:36 . 2008-05-22 00:05 <DIR> d-------- C:\Programmi\Bit Che
2008-05-11 01:36 . 2004-03-09 00:00 124,688 --a------ C:\WINDOWS\system32\mswinsck.ocx
2008-05-11 01:20 . 2008-05-11 01:20 <DIR> d-------- C:\Programmi\Google
2008-05-11 00:57 . 2008-05-24 12:21 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-05-10 19:32 . 2008-05-15 10:51 <DIR> d-------- C:\Programmi\Unlocker
2008-05-10 19:29 . 2008-05-10 19:29 <DIR> d-------- C:\Programmi\CCleaner
2008-05-10 19:28 . 2008-05-10 19:28 <DIR> d-------- C:\Programmi\Spybot - Search & Destroy
2008-05-10 19:28 . 2008-05-10 19:30 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-05-10 19:18 . 2008-05-11 01:27 <DIR> d-------- C:\Programmi\SpywareBlaster
2008-05-10 19:18 . 2008-05-10 19:18 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2008-05-10 19:18 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-05-10 19:06 . 2008-05-11 01:28 <DIR> d-------- C:\Programmi\vanBasco's Karaoke Player
2008-05-10 19:05 . 2008-05-11 13:10 <DIR> d-------- C:\Programmi\RegCleaner
2008-05-10 18:57 . 2008-05-10 18:57 <DIR> d---s---- C:\Documents and Settings\gin\UserData
2008-05-10 18:48 . 2008-05-10 18:48 <DIR> d-------- C:\Programmi\Alwil Software
2008-05-10 18:45 . 2008-05-10 18:45 <DIR> d-------- C:\WINDOWS\Motive
2008-05-10 18:45 . 2008-05-10 18:45 <DIR> d-------- C:\Programmi\Motive
2008-05-10 18:45 . 2008-05-10 18:45 <DIR> d-------- C:\Programmi\File comuni\Motive
2008-05-10 18:45 . 2008-05-10 18:45 <DIR> d-------- C:\Programmi\Common Files
2008-05-10 18:45 . 2008-05-10 18:45 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Motive
2008-05-10 18:44 . 2008-05-10 18:45 <DIR> d-------- C:\Programmi\Alice ti aiuta
2008-05-10 18:43 . 2008-05-10 18:43 <DIR> d-------- C:\Programmi\Telecom Italia
2008-05-10 16:57 . 2008-05-10 16:59 <DIR> d-------- C:\Programmi\micla-multimedia
2008-05-10 16:57 . 2008-05-11 01:27 <DIR> d-------- C:\Programmi\CodFisc
2008-05-10 16:57 . 2008-05-10 16:57 738,304 --a------ C:\WINDOWS\GPInstall.exe
2008-05-10 16:57 . 2000-09-19 12:50 8,377 --a------ C:\WINDOWS\ITAL_IT.gpl
2008-05-10 16:54 . 2008-05-10 16:54 48 ---hs---- C:\WINDOWS\S5E957C26.tmp
2008-05-10 16:51 . 2008-05-10 16:51 <DIR> d-------- C:\Programmi\Elaborate Bytes
2008-05-10 16:50 . 2008-05-13 10:47 <DIR> d-------- C:\Programmi\SlySoft
2008-05-10 16:48 . 2008-05-10 16:48 <DIR> d-------- C:\Programmi\Finson Live Update
2008-05-10 16:48 . 1999-11-18 14:42 874,224 --a------ C:\WINDOWS\system32\ssdw3b32.ocx
2008-05-10 16:48 . 1996-08-30 02:05 465,920 --a------ C:\WINDOWS\system32\sstabs32.ocx
2008-05-10 16:48 . 1995-07-26 01:00 200,704 --a------ C:\WINDOWS\system32\threed32.ocx
2008-05-10 16:48 . 2004-05-20 18:00 80,384 --a------ C:\WINDOWS\system32\FinsonLU.dll
2008-05-10 16:48 . 1998-05-06 17:59 72,192 --a------ C:\WINDOWS\system32\ssprn32.dll
2008-05-10 16:48 . 1998-09-01 14:17 71,680 --a------ C:\WINDOWS\system32\ssmedt32.dll
2008-05-10 16:48 . 2008-05-10 16:48 129 --a------ C:\WINDOWS\FinsonLiveUpdate.ini
2008-05-10 16:47 . 2008-05-14 20:48 <DIR> d-------- C:\Programmi\Codice Fiscale
2008-05-10 16:47 . 2000-10-02 01:00 122,128 --a------ C:\WINDOWS\system32\Vb6it.dll
2008-05-10 16:47 . 1999-06-03 01:00 101,888 --a------ C:\WINDOWS\system32\Vb6stkit.dll
2008-05-10 16:45 . 2008-05-10 16:45 <DIR> d-------- C:\Documents and Settings\gin\Dati applicazioni\Apple Computer
2008-05-10 16:44 . 2008-05-11 12:56 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer
2008-05-10 16:44 . 2008-05-11 13:38 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-10 16:44 . 2008-05-11 13:38 1,409 --a------ C:\WINDOWS\QTFont.for
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-21 21:48 --------- d-----w C:\Programmi\Lavasoft
2008-05-11 07:42 --------- d-----w C:\Documents and Settings\gin\Dati applicazioni\Ahead
2008-05-10 23:02 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-05-10 16:44 155,995 ----a-w C:\WINDOWS\java\Packages\ZD75BRVN.ZIP
2008-05-10 15:59 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\LightScribe
2008-05-10 15:15 --------- d-----w C:\Programmi\File comuni\LightScribe
2008-05-10 15:12 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Ahead
2008-05-10 15:07 --------- d-----w C:\Documents and Settings\gin\Dati applicazioni\Lavasoft
2008-05-10 14:44 --------- d-----w C:\Programmi\File comuni\InstallShield
2008-05-10 13:59 --------- d-----w C:\Programmi\Canon
2008-05-10 13:59 --------- d-----w C:\Programmi\ArcSoft
2008-05-10 13:58 --------- d-----w C:\Programmi\File comuni\Caere
2008-05-10 13:57 --------- d-----w C:\Programmi\Caere
2008-05-10 13:52 --------- d-----w C:\Programmi\ATI Technologies
2008-05-10 13:49 --------- d-----w C:\Programmi\SiSLan
2008-05-10 13:48 --------- d-----w C:\Programmi\Analog Devices
2008-05-10 13:46 --------- d-----w C:\Programmi\Silicon Integrated Systems
2008-05-10 13:38 --------- d-----w C:\Programmi\microsoft frontpage
2008-05-10 13:35 --------- d-----w C:\Programmi\Servizi in linea
2008-04-13 17:27 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-13 17:16 331,776 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-13 17:13 99,840 ----a-w C:\WINDOWS\system32\loadperf.dll
2008-04-13 17:12 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
2008-04-13 17:11 539,648 ----a-w C:\WINDOWS\system32\comuid.dll
2008-04-13 17:11 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
2008-04-13 17:11 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
2008-04-13 16:56 73,472 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-13 16:56 68,736 ----a-w C:\WINDOWS\system32\drivers\pci.sys
2008-04-13 16:56 120,448 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-13 16:55 80,256 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-13 16:55 46,720 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-13 16:55 2,192,768 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-13 16:55 2,069,632 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-13 16:54 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-13 16:54 154,240 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-13 16:53 92,672 ------w C:\WINDOWS\system32\msxml6r.dll
2008-04-13 16:53 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-13 16:53 25,088 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-13 16:52 80,896 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-13 16:52 40,704 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-13 16:52 40,448 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-13 16:52 37,504 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
2008-04-13 16:52 2,973,696 ----a-w C:\WINDOWS\system32\wmploc.dll
2008-04-13 16:51 65,792 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-13 16:51 566,272 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-13 16:51 53,248 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-13 16:51 51,200 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-13 16:51 186,880 ----a-w C:\WINDOWS\system32\wmerror.dll
2008-04-13 16:50 25,728 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-13 16:50 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-13 16:49 68,608 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-13 16:49 58,368 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
2008-04-13 16:49 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll
2008-04-13 16:49 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-13 16:49 273,664 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-13 16:49 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-13 16:48 8,704 ----a-w C:\WINDOWS\system32\asferror.dll
2008-04-13 16:48 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-13 16:48 41,728 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-13 16:48 41,344 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-13 16:48 39,936 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-13 16:48 327,168 ------w C:\WINDOWS\system32\drivers\ati2mtaa.sys
2008-04-13 16:47 30,208 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-13 16:47 23,552 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-13 16:47 188,416 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 10:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 10:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 10:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 10:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 10:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 10:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 10:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 10:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 10:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 10:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 10:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 10:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 10:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 10:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 10:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 10:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 10:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 10:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 10:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 10:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 10:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 10:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 09:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 09:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 09:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 09:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 09:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 09:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 09:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 09:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 09:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 09:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 09:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 09:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 09:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
.
Code:<pre>
----a-w 143,360 2003-05-05 06:57:30 C:\Programmi\Analog Devices\SoundMAX\smtray .exe
----a-w 344,064 2004-09-29 05:15:00 C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx .exe
----a-w 29,696 2006-09-18 09:08:56 C:\Programmi\CyberLink\PowerDVD\pdvdserv .exe
-c--a-w 36,975 2005-11-10 11:03:52 C:\Programmi\Java\jre1.5.0_06\bin\jusched .exe
----a-w 106,496 2002-07-12 10:15:12 C:\WINDOWS\sisusbrg .exe
----a-w 15,360 2004-08-19 13:39:36 C:\WINDOWS\system32\ctfmon .exe
</pre>
((((((((((((((((((((((((((((( snapshot@2008-05-24_ 1.08.31,04 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-23 20:34:18 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-24 12:14:41 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2006-06-20 13:44:04 379,704 ----a-w C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll
+ 2006-06-20 13:44:02 117,560 ----a-w C:\WINDOWS\Downloaded Program Files\PURen-us.dll
+ 2007-01-09 06:17:48 110,592 ----a-w C:\WINDOWS\Downloaded Program Files\PURit-it.dll
- 2008-05-23 10:53:53 62,480 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-05-24 12:28:15 63,324 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-05-23 10:53:53 74,432 ----a-w C:\WINDOWS\system32\perfc010.dat
+ 2008-05-24 12:28:15 75,408 ----a-w C:\WINDOWS\system32\perfc010.dat
- 2008-05-23 10:53:53 401,200 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-05-24 12:28:15 404,104 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-05-23 10:53:53 447,874 ----a-w C:\WINDOWS\system32\perfh010.dat
+ 2008-05-24 12:28:15 450,730 ----a-w C:\WINDOWS\system32\perfh010.dat
+ 2008-05-24 12:14:56 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_534.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:14 15360]
"MSMSGS"="C:\Programmi\Messenger\msmsgs.exe" [2008-04-13 19:14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"SmartRAM"="C:\Programmi\IObit\Advanced WindowsCare V2 Pro\MemCleaner.exe" [2007-10-29 16:43 662016]
"VIRIT LITE MONITOR"="C:\VEXPLITE\MONLITE.EXE" [2008-05-24 01:35 245760]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 19:14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Alice ti aiuta.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio veloce di Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Reader.lnk
backup=C:\WINDOWS\pss\Avvio veloce di Adobe Reader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
--a------ 2005-05-19 15:47 57344 C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--a------ 2006-09-29 21:58 49152 C:\Programmi\CyberLink\PowerDVD\Language\Language.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
--a------ 2007-08-23 17:36 455968 C:\Programmi\File comuni\LightScribe\LightScribeControlPanel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a------ 2006-04-21 15:41 438359 C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-13 19:14 1695232 C:\Programmi\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
--a------ 2008-05-02 06:15 15872 C:\Programmi\Unlocker\UnlockerAssistant.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
-ra------ 2004-11-22 08:18 307200 C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Programmi\\uTorrent\\uTorrent.exe"=
"C:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"C:\\Programmi\\MSN Messenger\\livecall.exe"=
"C:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Programmi\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
R0 VIRAGTLT;VIRAGTLT;C:\WINDOWS\system32\drivers\VIRAGTLT.SYS [2008-03-17 19:23]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 viritsvclite;Virit eXplorer Lite;C:\VEXPLITE\viritsvc.exe [2008-05-24 01:35]
R3 usbscan;Driver scanner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 11:45]
R3 USBSTOR;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 11:45]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Programmi\File comuni\LightScribe\LSRunOnce.exe"
.
Contenuto della cartella 'Scheduled Tasks'
"2008-05-23 14:30:01 C:\WINDOWS\Tasks\Advanced WindowsCare V2 Pro.job"
- C:\Programmi\IObit\Advanced WindowsCare V2 Pro\AutoCare.exe
"2008-05-22 09:25:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programmi\Apple Software Update\SoftwareUpdate.exe
"2008-05-23 18:00:28 C:\WINDOWS\Tasks\AwcProUpdate.job"
- C:\Programmi\IObit\Advanced WindowsCare V2 Pro\AutoUpdate.ex
- C:\Programmi\IObit\Advanced WindowsCare V2 Pro\
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-05-24 14:43:47
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
Ora fine scansione: 2008-05-24 14.44.55
ComboFix-quarantined-files.txt 2008-05-24 12:44:50
ComboFix2.txt 2008-05-23 23:08:44
7 Directory 88,975,917,056 byte disponibili
10 Directory 89,016,176,640 byte disponibili
347
ciao fammi sapere
