ComboFix 09-09-10.01 - Giuly 11/09/2009 10.52.28.10.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.255.100 [GMT 2:00]
Eseguito da: c:\qoobox\eddaje.exe
AV: avast! antivirus 4.8.1351 [VPS 090910-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((( Files Creati Da 2009-08-11 al 2009-09-11 )))))))))))))))))))))))))))))))))))
.
2009-09-11 00:20 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\33200207.sys
2009-09-10 23:57 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\40482505.sys
2009-09-10 23:57 . 2009-09-11 00:07 -------- d-----w- C:\Virus Removal Tool
2009-09-10 23:17 . 2009-09-10 23:17 -------- d-----w- c:\programmi\ESET
2009-09-10 23:12 . 2009-09-11 08:49 -------- d-----w- C:\ComboFix
2009-09-10 23:08 . 2009-09-10 23:08 -------- d-----w- C:\Nuova cartella
2009-09-10 16:27 . 2009-09-11 00:39 1069088 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-09-10 16:18 . 2008-07-09 07:05 42384 ----a-w- c:\windows\zllsputility_loc0410.dll
2009-09-10 16:15 . 2009-09-10 16:15 -------- d-----w- c:\programmi\Zone Labs
2009-09-10 15:40 . 2009-06-21 21:47 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2009-09-10 15:18 . 2009-09-10 15:18 -------- d-----w- c:\documents and settings\Giuly\Impostazioni locali\Dati applicazioni\Runscanner.net
2009-09-10 12:12 . 2009-08-17 16:04 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-09-10 12:12 . 2009-08-17 16:04 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-09-10 12:12 . 2009-08-17 16:03 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-09-10 12:12 . 2009-08-17 16:02 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-09-10 12:12 . 2009-08-17 16:05 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-09-10 12:12 . 2009-08-17 16:05 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-09-10 12:12 . 2009-08-17 16:06 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-09-10 12:12 . 2009-08-17 16:06 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-09-10 12:11 . 2009-08-17 16:10 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-09-10 12:11 . 2009-09-10 12:11 -------- d-----w- c:\programmi\Alwil Software
2009-09-09 15:30 . 2009-09-10 10:59 -------- d-----w- c:\documents and settings\Giuly\Dati applicazioni\CheckPoint
2009-09-09 15:05 . 2009-09-09 15:05 144 ----a-w- c:\windows\system32\lkfl.dat
2009-09-09 15:04 . 2009-09-10 10:58 96 ----a-w- c:\windows\system32\pdfl.dat
2009-09-09 15:04 . 2009-09-09 15:04 80 ----a-w- c:\windows\system32\ibfl.dat
2009-09-09 15:04 . 2009-09-09 15:04 -------- d-----w- c:\programmi\CheckPoint
2009-09-09 14:27 . 2009-09-09 14:27 -------- d-----w- C:\Risorse del Computer
2009-09-07 00:43 . 2009-09-07 00:43 -------- d-----w- c:\documents and settings\Giuly\Dati applicazioni\Malwarebytes
2009-09-07 00:43 . 2009-09-07 00:43 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-09-07 00:43 . 2009-09-11 08:24 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-09-06 17:10 . 2009-09-06 17:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2009-09-06 17:08 . 2009-09-06 17:09 -------- d-----w- c:\programmi\SUPERAntiSpyware
2009-09-06 17:08 . 2009-09-06 17:08 -------- d-----w- c:\documents and settings\Giuly\Dati applicazioni\SUPERAntiSpyware.com
2009-09-06 17:03 . 2009-09-06 17:03 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2009-09-06 09:54 . 2009-09-10 23:53 -------- d-----w- C:\butterfly
2009-09-05 21:16 . 2009-09-09 09:26 -------- d-----w- c:\programmi\Lavasoft
2009-09-05 21:16 . 2009-09-09 09:26 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft
2009-09-05 18:23 . 2009-09-05 18:23 -------- d-----w- c:\programmi\Trend Micro
2009-09-05 16:14 . 2009-09-05 16:32 -------- d-----w- c:\windows\BDOSCAN8
2009-09-05 15:18 . 2009-09-06 01:42 -------- d-----w- c:\programmi\Wise Registry Cleaner
2009-09-05 14:49 . 2009-09-10 21:09 -------- d-----w- c:\programmi\Wise Disk Cleaner
2009-09-05 13:06 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-09-05 01:25 . 2009-09-08 20:04 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2009-09-05 01:20 . 2009-09-05 01:20 -------- d--h--w- c:\windows\PIF
2009-09-05 00:42 . 2009-09-05 00:42 119764 ----a-w- C:\cc_20090905_024156 bkp notturno.reg
2009-09-05 00:27 . 2009-09-05 03:36 -------- d-----w- c:\windows\SxsCaPendDel
2009-09-04 22:08 . 2009-07-28 14:34 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-09-04 20:01 . 2009-09-04 20:01 -------- dc----w- c:\documents and settings\All Users\Dati applicazioni\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-09-04 20:00 . 2009-09-10 23:48 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-09-04 17:54 . 2009-09-05 00:39 -------- d-----w- c:\programmi\Prevx
2009-09-02 12:08 . 2009-09-02 12:08 -------- d-----w- c:\documents and settings\Giuly\Dati applicazioni\Foxit
2009-09-02 11:53 . 2009-09-02 12:17 -------- d-----w- c:\programmi\Foxit Software
2009-09-02 10:19 . 2009-09-02 10:19 4828 ----a-w- C:\cc_20090902_121848.reg
2009-09-02 06:20 . 2009-09-02 06:20 552 ----a-w- c:\windows\system32\d3d8caps.dat
2009-09-01 15:15 . 2002-09-10 07:00 82501 ----a-w- c:\windows\system32\dllcache\bckg.dll
2009-09-01 15:15 . 2002-09-10 07:00 1817687 ----a-w- c:\windows\system32\dllcache\bckgres.dll
2009-09-01 15:15 . 2002-09-10 07:00 13894 ----a-w- c:\windows\system32\dllcache\zonelibm.dll
2009-09-01 15:15 . 2002-09-10 07:00 29760 ----a-w- c:\windows\system32\dllcache\znetm.dll
2009-09-01 15:15 . 2002-09-10 07:00 113222 ----a-w- c:\windows\system32\dllcache\zoneclim.dll
2009-08-28 17:10 . 2009-08-28 17:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\GARMIN
2009-08-28 16:35 . 2009-08-28 16:35 -------- d-----w- c:\programmi\Garmin GPS Plugin
2009-08-28 16:35 . 2009-08-28 16:35 -------- d-----w- c:\programmi\Garmin
2009-08-12 10:02 . 2009-07-10 13:26 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-11 00:39 . 2009-09-10 16:27 1460 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-09-10 16:22 . 2005-09-28 15:01 4212 ---h--w- c:\windows\system32\zllictbl.dat
2009-09-07 19:04 . 2008-12-13 14:26 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-09-05 09:56 . 2005-01-03 19:00 -------- d-----w- c:\programmi\File comuni\Nokia
2009-09-05 09:56 . 2005-01-03 19:00 -------- d-----w- c:\programmi\Nokia
2009-09-01 15:09 . 2003-10-04 01:17 -------- d-----w- c:\documents and settings\Giuly\Dati applicazioni\MSN6
2009-08-31 19:29 . 2003-07-21 11:40 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-08-30 08:48 . 2004-12-25 12:34 28024 ----a-w- c:\documents and settings\Giuly\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-08-28 17:10 . 2008-08-22 10:08 -------- d-----w- c:\documents and settings\Giuly\Dati applicazioni\GARMIN
2009-08-28 16:35 . 2007-01-21 13:45 -------- d-----w- c:\programmi\DIFX
2009-08-09 12:58 . 2002-09-23 08:18 79626 ----a-w- c:\windows\system32\perfc010.dat
2009-08-09 12:58 . 2002-09-23 08:18 479874 ----a-w- c:\windows\system32\perfh010.dat
2009-08-09 12:33 . 2009-08-09 12:33 -------- d-----w- c:\programmi\MSBuild
2009-08-09 12:32 . 2009-08-09 12:32 -------- d-----w- c:\programmi\Reference Assemblies
2009-08-09 08:18 . 2007-10-13 11:04 -------- d-----w- c:\programmi\File comuni\Apple
2009-08-08 10:28 . 2003-07-21 12:00 -------- d-----w- c:\programmi\Microsoft Works
2009-08-08 10:08 . 2009-08-08 10:04 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-08-08 10:08 . 2009-08-08 10:04 -------- d-----w- c:\programmi\iTunes
2009-08-08 10:07 . 2006-02-26 18:42 -------- d-----w- c:\programmi\iPod
2009-08-08 09:55 . 2009-08-08 09:50 -------- d-----w- c:\programmi\QuickTime
2009-08-05 08:59 . 2002-12-11 22:14 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-17 19:01 . 2002-09-10 02:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2003-07-21 12:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-06-29 15:55 . 2004-08-23 19:35 827392 ------w- c:\windows\system32\wininet.dll
2009-06-29 15:55 . 2004-08-19 22:39 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-29 15:54 . 2002-09-10 02:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-06-25 08:25 . 2002-09-10 02:00 735744 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25 . 2002-09-10 02:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2002-09-10 02:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25 . 2002-09-10 02:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:25 . 2002-09-10 02:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:25 . 2002-09-10 02:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-24 11:18 . 2002-09-10 02:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:36 . 2002-09-10 02:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2002-09-10 02:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 12:28 . 2009-06-15 12:28 144976 ----a-w- c:\documents and settings\All Users\Dati applicazioni\pswi_pcuui.exe
2009-06-15 12:08 . 2009-06-15 12:08 5018 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-06-15 12:08 . 2009-06-15 12:08 8 --sh--r- c:\windows\system32\D90E9B2181.sys
2009-06-15 11:22 . 2009-06-15 11:22 1402448 ----a-w- c:\documents and settings\All Users\Dati applicazioni\pswi_preloaded.exe
2009-06-15 10:43 . 2002-09-10 02:00 78336 ----a-w- c:\windows\system32\telnet.exe
.
((((((((((((((((((((((((((((( SnapShot_2009-09-09_21.10.05 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-10 16:17 . 2008-07-09 07:05 75248 c:\windows\zllsputility.exe
+ 2009-07-11 17:41 . 2009-07-11 17:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2009-09-11 08:05 . 2009-09-11 08:05 16384 c:\windows\temp\Perflib_Perfdata_610.dat
+ 2009-09-10 16:18 . 2008-07-09 07:05 21904 c:\windows\system32\ZoneLabs\zlsre_loc0410.dll
+ 2009-09-10 16:18 . 2008-07-09 07:05 17808 c:\windows\system32\ZoneLabs\zlquarantine_loc0410.dll
+ 2009-09-10 16:16 . 2008-07-09 07:05 79344 c:\windows\system32\ZoneLabs\zlquarantine.dll
+ 2009-09-10 16:18 . 2008-07-09 07:05 17808 c:\windows\system32\ZoneLabs\vsvault_loc0410.dll
+ 2009-09-10 16:17 . 2008-07-09 07:05 50576 c:\windows\system32\ZoneLabs\vsmon_loc0410.dll
+ 2009-09-10 16:15 . 2008-07-09 07:05 75304 c:\windows\system32\ZoneLabs\vsmon.exe
+ 2009-09-10 16:17 . 2008-07-09 07:05 17808 c:\windows\system32\ZoneLabs\vsdb_loc0410.dll
+ 2009-09-10 16:14 . 2008-07-09 07:05 83432 c:\windows\system32\ZoneLabs\vsdb.dll
+ 2009-09-10 16:18 . 2008-07-09 07:05 75152 c:\windows\system32\ZoneLabs\updClient_loc0410.dll
+ 2009-09-10 16:18 . 2008-07-09 07:05 26000 c:\windows\system32\ZoneLabs\streamapi\imslsp\imslsp_loc0410.dll
+ 2009-09-10 16:17 . 2008-02-27 01:10 51176 c:\windows\system32\ZoneLabs\srescan.sys
+ 2009-09-10 16:17 . 2008-07-09 07:05 17808 c:\windows\system32\ZoneLabs\scheduler_loc0410.dll
+ 2009-09-10 16:15 . 2008-07-09 07:06 30216 c:\windows\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll
+ 2009-09-10 16:15 . 2008-07-09 07:06 30184 c:\windows\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll
+ 2009-09-10 16:15 . 2008-07-09 07:05 71056 c:\windows\system32\ZoneLabs\lib\zui.zip.dll
+ 2009-09-10 16:15 . 2008-07-09 07:05 26000 c:\windows\system32\ZoneLabs\lib\zlsvc.zip.dll
+ 2009-09-10 16:18 . 2008-07-09 07:05 26000 c:\windows\system32\ZoneLabs\imsecure_loc0410.dll
+ 2009-09-10 16:16 . 2008-07-09 07:05 38376 c:\windows\system32\ZoneLabs\featuremap.dll
+ 2009-09-10 16:18 . 2008-07-09 07:05 17808 c:\windows\system32\ZoneLabs\camupd_loc0410.dll
+ 2009-09-10 16:17 . 2008-07-09 07:05 99816 c:\windows\system32\ZoneLabs\camupd.dll
+ 2009-09-10 16:16 . 2007-05-30 22:03 90112 c:\windows\system32\ZoneLabs\avsys\prremote.dll
- 2009-09-09 15:02 . 2009-03-31 15:18 90112 c:\windows\system32\ZoneLabs\avsys\prremote.dll
+ 2009-09-10 16:16 . 2007-05-30 22:03 38400 c:\windows\system32\ZoneLabs\avsys\FSSync.dll
- 2009-09-09 15:02 . 2009-03-31 15:18 38400 c:\windows\system32\ZoneLabs\avsys\FSSync.dll
- 2009-09-09 15:03 . 2009-03-31 15:18 77824 c:\windows\system32\ZoneLabs\avsys\CKAHComm.dll
+ 2009-09-10 16:17 . 2007-05-30 22:03 77824 c:\windows\system32\ZoneLabs\avsys\CKAHComm.dll
+ 2009-09-10 16:16 . 2006-06-30 12:47 21568 c:\windows\system32\ZoneLabs\avsys\bases\avcmhk4.dll
- 2009-09-09 15:02 . 2006-06-30 12:47 21568 c:\windows\system32\ZoneLabs\avsys\bases\avcmhk4.dll
+ 2009-09-10 16:16 . 2007-05-30 22:03 65248 c:\windows\system32\ZoneLabs\avsys\bases\aphish.dat
- 2009-09-09 15:02 . 2007-06-19 18:39 65248 c:\windows\system32\ZoneLabs\avsys\bases\aphish.dat
+ 2009-09-10 16:18 . 2008-07-09 07:05 21904 c:\windows\system32\ZoneLabs\av_loc0410.dll
+ 2009-09-10 16:16 . 2008-07-09 07:05 71144 c:\windows\system32\zlcommdb.dll
+ 2009-09-10 16:16 . 2008-07-09 07:05 83432 c:\windows\system32\zlcomm.dll
+ 2009-09-10 16:15 . 2008-07-09 07:05 99816 c:\windows\system32\vsxml.dll
+ 2009-09-10 16:15 . 2008-07-09 07:05 46568 c:\windows\system32\vswmi.dll
+ 2009-09-10 16:18 . 2008-07-09 07:05 54672 c:\windows\system32\vsutil_loc0410.dll
+ 2009-09-10 16:16 . 2008-07-09 07:05 71144 c:\windows\system32\vsregexp.dll
+ 2009-09-10 16:14 . 2008-07-09 07:05 83432 c:\windows\system32\vsdata.dll
+ 2006-12-15 17:09 . 2007-07-27 08:41 16760 c:\windows\system32\spmsg.dll
+ 2009-09-10 16:18 . 2008-07-09 07:05 17808 c:\windows\system32\imslsp_install_loc0410.dll
+ 2009-09-10 16:18 . 2008-07-09 07:05 21904 c:\windows\system32\imsinstall_loc0410.dll
+ 2009-09-10 19:22 . 2009-09-10 19:22 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll
- 2009-08-09 13:31 . 2009-08-09 13:31 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll
- 2009-09-09 15:02 . 2007-06-19 18:39 1628 c:\windows\system32\ZoneLabs\avsys\bases\pdmkl.dat
+ 2009-09-10 16:16 . 2007-05-30 22:03 1628 c:\windows\system32\ZoneLabs\avsys\bases\pdmkl.dat
+ 2009-07-11 22:02 . 2009-07-11 22:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2009-09-10 16:16 . 2008-07-09 07:05 120296 c:\windows\system32\ZoneLabs\zlupdate.dll
+ 2009-09-10 16:17 . 2008-07-09 07:05 382440 c:\windows\system32\ZoneLabs\zlsre.dll
+ 2009-09-10 16:16 . 2008-07-09 07:05 177640 c:\windows\system32\ZoneLabs\zlparser.dll
+ 2009-09-10 16:16 . 2008-07-09 07:05 239080 c:\windows\system32\ZoneLabs\vsvault.dll
+ 2009-09-10 16:17 . 2008-07-09 07:05 198032 c:\windows\system32\ZoneLabs\vsruledb_loc0410.dll
+ 2009-09-10 16:14 . 2008-07-09 07:05 108008 c:\windows\system32\ZoneLabs\vsavpro.dll
- 2009-09-09 15:03 . 2007-01-11 15:48 286787 c:\windows\system32\ZoneLabs\updtrsdk.dll
+ 2009-09-10 16:17 . 2007-01-11 15:31 286787 c:\windows\system32\ZoneLabs\updtrsdk.dll
+ 2009-09-10 16:17 . 2008-07-09 07:05 144936 c:\windows\system32\ZoneLabs\updclient.exe
+ 2009-09-10 16:16 . 2007-10-11 14:50 832984 c:\windows\system32\ZoneLabs\updating.dll
- 2009-09-09 15:01 . 2007-10-11 14:51 832984 c:\windows\system32\ZoneLabs\updating.dll
- 2009-09-09 15:03 . 2006-09-04 18:59 503875 c:\windows\system32\ZoneLabs\upd_core.dll
+ 2009-09-10 16:17 . 2006-09-04 18:59 503875 c:\windows\system32\ZoneLabs\upd_core.dll
+ 2009-09-10 16:17 . 2008-07-09 07:06 214528 c:\windows\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll
+ 2009-09-10 16:15 . 2008-07-09 07:05 456168 c:\windows\system32\ZoneLabs\ssleay32.dll
+ 2009-09-10 16:16 . 2008-07-09 07:05 173544 c:\windows\system32\ZoneLabs\scheduler.dll
+ 2009-09-10 16:17 . 2008-02-27 01:10 792032 c:\windows\system32\ZoneLabs\qrsrecl.dll
+ 2009-09-10 16:16 . 2008-02-27 01:10 714208 c:\windows\system32\ZoneLabs\qrbase.dll
+ 2009-09-10 16:18 . 2008-07-09 07:05 152976 c:\windows\system32\ZoneLabs\lib\LicenseUI_loc0410.zip.dll
+ 2009-09-10 16:18 . 2008-07-09 07:05 288144 c:\windows\system32\ZoneLabs\lib\ConfigWizard_loc0410.zip.dll
+ 2009-09-10 16:17 . 2008-07-09 07:05 321016 c:\windows\system32\ZoneLabs\imsecure.dll
+ 2009-09-10 16:16 . 2008-07-09 07:05 128480 c:\windows\system32\ZoneLabs\fbl.dll
- 2009-09-09 15:04 . 2008-03-17 14:52 813568 c:\windows\system32\ZoneLabs\dbghelp.dll
+ 2009-09-10 16:18 . 2004-01-30 10:35 813568 c:\windows\system32\ZoneLabs\dbghelp.dll
+ 2009-09-10 16:17 . 2006-12-19 16:13 200704 c:\windows\system32\ZoneLabs\avsys\ssleay32.dll
+ 2009-09-10 16:16 . 2007-12-03 12:53 139264 c:\windows\system32\ZoneLabs\avsys\ScanningProcess.exe
+ 2009-09-10 16:16 . 2007-05-30 22:03 184320 c:\windows\system32\ZoneLabs\avsys\prloader.dll
- 2009-09-09 15:02 . 2009-03-31 15:18 184320 c:\windows\system32\ZoneLabs\avsys\prloader.dll
+ 2009-09-10 16:16 . 2007-05-30 22:03 626688 c:\windows\system32\ZoneLabs\avsys\msvcr80.dll
- 2009-09-09 15:02 . 2009-03-31 15:18 626688 c:\windows\system32\ZoneLabs\avsys\msvcr80.dll
- 2009-09-09 15:02 . 2009-03-31 15:18 548864 c:\windows\system32\ZoneLabs\avsys\msvcp80.dll
+ 2009-09-10 16:16 . 2007-05-30 22:03 548864 c:\windows\system32\ZoneLabs\avsys\msvcp80.dll
+ 2009-09-10 16:16 . 2007-12-03 12:53 282624 c:\windows\system32\ZoneLabs\avsys\kave.dll
- 2009-09-09 15:02 . 2006-09-19 21:12 208960 c:\windows\system32\ZoneLabs\avsys\inv.dll
+ 2009-09-10 16:16 . 2006-09-19 21:12 208960 c:\windows\system32\ZoneLabs\avsys\inv.dll
- 2009-09-09 15:03 . 2009-03-31 15:18 331776 c:\windows\system32\ZoneLabs\avsys\CKAHUM.dll
+ 2009-09-10 16:17 . 2007-05-30 22:03 331776 c:\windows\system32\ZoneLabs\avsys\CKAHUM.dll
+ 2009-09-10 16:17 . 2007-05-30 22:03 110592 c:\windows\system32\ZoneLabs\avsys\CKAHrule.dll
- 2009-09-09 15:03 . 2009-03-31 15:18 110592 c:\windows\system32\ZoneLabs\avsys\CKAHrule.dll
+ 2009-09-10 16:17 . 2008-07-09 07:05 370208 c:\windows\system32\ZoneLabs\av.dll
+ 2009-09-10 16:14 . 2008-07-09 07:05 472552 c:\windows\system32\vsutil.dll
+ 2009-09-10 16:15 . 2008-07-09 07:05 275944 c:\windows\system32\vspubapi.dll
+ 2009-09-10 16:15 . 2008-07-09 07:05 103912 c:\windows\system32\vsmonapi.dll
+ 2009-09-10 16:14 . 2008-07-09 07:05 157160 c:\windows\system32\vsinit.dll
+ 2009-09-10 16:15 . 2008-07-09 07:05 394952 c:\windows\system32\vsdatant.sys
+ 2009-09-10 16:16 . 2008-07-09 07:05 796048 c:\windows\system32\libeay32_0.9.6l.dll
+ 2003-01-13 13:57 . 2009-08-13 15:15 512000 c:\windows\system32\jscript.dll
- 2003-01-13 13:57 . 2008-05-09 10:53 512000 c:\windows\system32\jscript.dll
+ 2002-09-23 08:11 . 2009-09-10 09:45 150792 c:\windows\system32\FNTCACHE.DAT
+ 2009-09-10 16:16 . 2007-07-19 13:10 127768 c:\windows\system32\drivers\klif.sys
+ 2008-05-09 10:53 . 2009-08-13 15:15 512000 c:\windows\system32\dllcache\jscript.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 512000 c:\windows\system32\dllcache\jscript.dll
+ 2009-09-10 15:51 . 2009-09-10 15:51 195584 c:\windows\Installer\bc679e.msi
+ 2009-09-10 15:51 . 2009-09-10 15:51 248832 c:\windows\Installer\bc6799.msi
+ 2009-03-20 09:48 . 2009-03-20 09:48 183808 c:\windows\Installer\bc6793.msp
+ 2008-12-13 07:58 . 2008-12-13 07:58 754688 c:\windows\Installer\bc6789.msp
- 2009-08-09 13:31 . 2009-08-09 13:31 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll
+ 2009-09-10 19:22 . 2009-09-10 19:22 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll
+ 2009-09-10 19:22 . 2009-09-10 19:22 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll
- 2009-08-09 13:31 . 2009-08-09 13:31 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll
- 2009-08-09 13:31 . 2009-08-09 13:31 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll
+ 2009-09-10 19:22 . 2009-09-10 19:22 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll
- 2009-08-09 13:31 . 2009-08-09 13:31 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll
+ 2009-09-10 19:22 . 2009-09-10 19:22 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll
- 2009-08-09 13:29 . 2009-08-09 13:29 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll
+ 2009-09-10 19:13 . 2009-09-10 19:13 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll
- 2009-08-09 13:29 . 2009-08-09 13:29 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll
+ 2009-09-10 19:15 . 2009-09-10 19:15 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll
+ 2009-09-10 15:42 . 2009-09-10 15:42 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
- 2009-09-05 00:46 . 2009-09-05 00:46 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-09-10 15:43 . 2009-09-10 15:43 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-09-10 15:42 . 2009-09-10 15:42 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
- 2009-09-05 00:46 . 2009-09-05 00:46 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
- 2009-09-05 00:46 . 2009-09-05 00:46 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-09-10 15:42 . 2009-09-10 15:42 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-09-10 16:15 . 2008-07-09 07:05 1086952 c:\windows\system32\zpeng24.dll
+ 2009-09-10 16:17 . 2008-01-21 06:34 7603688 c:\windows\system32\ZoneLabs\zlasdbup.dat
+ 2009-09-10 16:15 . 2008-07-09 07:05 1361384 c:\windows\system32\ZoneLabs\vsruledb.dll
+ 2009-09-10 16:15 . 2008-07-09 07:05 2029032 c:\windows\system32\ZoneLabs\vsmondll.dll
+ 2009-09-10 16:17 . 2008-07-09 07:06 3266040 c:\windows\system32\ZoneLabs\streamapi\imslsp\imslsp.dll
+ 2009-09-10 16:17 . 2008-02-27 01:10 1504736 c:\windows\system32\ZoneLabs\srescan.dll
+ 2009-09-10 16:17 . 2008-01-21 06:34 7603688 c:\windows\system32\ZoneLabs\spyware.dat
+ 2009-09-10 16:15 . 2008-07-09 07:05 1361296 c:\windows\system32\ZoneLabs\lib\zpy.zip.dll
+ 2009-09-10 16:17 . 2006-12-19 16:13 1093632 c:\windows\system32\ZoneLabs\avsys\libeay32.dll
- 2003-07-21 11:55 . 2008-06-18 04:03 2458112 c:\windows\system32\WMVCore.dll
+ 2003-07-21 11:55 . 2009-05-20 02:56 2458112 c:\windows\system32\WMVCore.dll
- 2003-07-21 11:55 . 2008-06-18 04:03 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2003-07-21 11:55 . 2009-05-20 02:56 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2009-09-10 19:21 . 2009-09-10 19:22 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll
- 2009-08-09 13:30 . 2009-08-09 13:30 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll
+ 2009-09-10 19:20 . 2009-09-10 19:20 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll
- 2009-08-09 13:30 . 2009-08-09 13:30 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll
- 2009-08-09 13:29 . 2009-08-09 13:29 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll
+ 2009-09-10 19:13 . 2009-09-10 19:13 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll
- 2009-09-05 00:46 . 2009-09-05 00:46 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2009-09-10 15:43 . 2009-09-10 15:43 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2005-05-11 16:43 . 2009-08-28 21:38 24689600 c:\windows\system32\MRT.exe
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"srmclean"="c:\cpqs\Scom\srmclean.exe" [2001-07-24 36864]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-04-24 327680]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"ZoneAlarm Client"="c:\programmi\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2003-05-06 88267]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office\OSA9.EXE [1999-1-20 65588]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
2003-03-24 10:26 110592 ----a-w- c:\windows\system32\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ATIModeChange"=Ati2mdxx.exe
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" -atboottime
"Ad-Watch"=c:\programmi\Lavasoft\Ad-Aware\AAWTray.exe
"HPDJ Taskbar Utility"=c:\windows\System32\spool\drivers\w32x86\3\hpztsb07.exe
"PreloadApp"=c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
"PRONoMgr.exe"=c:\programmi\Intel\NCS\PROSet\PRONoMgr.exe
"AdaptecDirectCD"="c:\programmi\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
"Cpqset"=c:\programmi\HPQ\Default Settings\cpqset.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [10/09/2009 14.12.12 114768]
R1 is-AGF28drv;is-AGF28drv;c:\windows\system32\drivers\40482505.sys [11/09/2009 1.57.46 148496]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [04/09/2009 14.50.00 9968]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [04/09/2009 14.49.58 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/09/2009 14.12.12 20560]
R2 MLPTDR_N;MLPTDR_N;c:\windows\system32\MLPTDR_N.SYS [17/07/2003 8.44.24 18848]
R3 WBSD;Winbond Secure Digital Storage (SD/MMC) Device Driver;c:\windows\system32\drivers\wbsd.sys [04/10/2003 8.20.14 26240]
S3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [04/09/2009 14.50.02 7408]
S3 uteznja4;AVZ Kernel Driver;\??\c:\windows\system32\Drivers\uteznja4.sys
c:\windows\system32\Drivers\uteznja4.sys
.
Contenuto della cartella 'Scheduled Tasks'
2009-09-05 c:\windows\Tasks\Wise Disk Cleaner 4.job
- c:\programmi\Wise Disk Cleaner\WiseDiskCleaner.exe [2009-09-05 13:35]
2009-09-05 c:\windows\Tasks\Wise Registry Cleaner 4.job
- c:\programmi\Wise Registry Cleaner\WiseRegistryCleaner.exe [2009-09-05 10:55]
.
.
------- Scansione supplementare -------
.
uStart Page =
hxxp://www.google.it/uInternet Connection Wizard,ShellNext =
hxxp://service4.symantec.com/SUPPORT/na ... 1209131106uInternet Settings,ProxyServer = 172.16.0.70:80
uInternet Settings,ProxyOverride = *.iet;<local>;*.local
DPF: DirectAnimation Java Classes -
file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} -
hxxp://download.eset.com/special/eos/OnlineScanner.cab.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-09-11 11:04
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_USERS\S-1-5-21-3453765963-252631013-1518390747-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(788)
c:\windows\System32\LgNotify.dll
- - - - - - - > 'explorer.exe'(2432)
c:\windows\system32\WININET.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Ora fine scansione: 2009-09-11 11.12.15
ComboFix-quarantined-files.txt 2009-09-11 09:12
ComboFix2.txt 2009-09-10 14:01
ComboFix3.txt 2009-09-10 11:31
ComboFix4.txt 2009-09-09 23:22
ComboFix5.txt 2009-09-11 08:49
Pre-Run: 16.950.259.712 byte disponibili
Post-Run: 17.011.638.272 byte disponibili
Current=4 Default=4 Failed=2 LastKnownGood=3 Sets=1,2,3,4
366 --- E O F --- 2009-08-28 22:22