Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Bagle: un worm che attacca gli antivirus..AIUTO!

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Rispondi al messaggio

Re: Bagle: un worm che attacca gli antivirus..AIUTO!

Messaggioda ARIETE72 » dom ott 11, 2009 7:16 pm

Ciao caro Crazy,
come al solito va a finire sempre cosi'....
CHE TI RINGRAZIO ANCORA IMMENSAMENTEEE!!!!
[grazie]
Dopo scanner di boot ho reinstallato avira e il pc è ritornato ( sembra..) come prima
Ti posto il log che ho fatto ora con combo..non ti sembra che abbia cancellato troppe cose però?
vabbe', l'importante è il risultato finale.
Volevo solo rubarti ancora del tuo tempo prezioso e approfittare della tua gentilezza.

Il programma RescueCd ossia la immagine iso partita di boot è uno strumento uguale ad avira o qualcosa di diverso o piu' potente?
Il programma Findykill posso usarlo ogni tanto per fare una scansione dell'intero pc senza creare danni al sistema? Sembra molto veloce e efficace.

cosa ne pensi di Baglegui per la rimozione? Mi è stato consigliato ma non mi fido.
Quindi grazie ancora Crazy e se passi da Milano ti offro una pizza e due birre!
matteo


ComboFix 09-10-10.02 - Happy Family 11/10/2009 19.57.42.4.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.3066.2011 [GMT 2:00]
Eseguito da: c:\users\Happy Family\Desktop\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Happy Family\AppData\Roaming\drivers\downld
c:\users\Happy Family\AppData\Roaming\drivers\downld\162787.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\171507.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\172115.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\174393.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\175610.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\179198.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\181319.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\182131.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\182240.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\183098.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\192926.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\197824.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\213768.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\219212.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\231661.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\260662.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\263173.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\288445.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\294233.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\320831.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\321502.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\321954.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\321970.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\326884.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\327648.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\327680.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\332313.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\332734.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\332999.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\335370.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\335714.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\335823.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\348303.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\351158.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\354387.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\355885.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\356103.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\357101.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\357211.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\357476.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\357710.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\359301.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\363263.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\367070.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\367382.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\367397.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\368926.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\369753.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\369909.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\370252.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\370845.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\370907.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\370985.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\371235.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\371329.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\374246.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\375385.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\375556.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\375572.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\380876.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\381001.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\381219.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\381250.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\384916.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\385837.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\386383.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\389394.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\389550.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\392326.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\395821.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\396024.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\397100.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\397412.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\397740.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\400641.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\401452.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\404338.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\405399.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\405664.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\406039.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\409315.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\409908.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\410095.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\414276.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\414697.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\414962.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\415212.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\415274.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\415290.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\416179.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\416709.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\417318.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\417505.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\417536.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\417989.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\418160.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\418176.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\422091.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\422325.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\425009.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\428019.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\428285.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\428394.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\432044.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\432216.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\432497.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\432543.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\432762.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\432793.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\432855.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\432933.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\433011.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\433401.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\436256.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\437021.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\439470.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\440000.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\440375.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\441935.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\442684.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\442699.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\443448.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\443588.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\444056.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\445632.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\445897.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\446272.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\447161.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\448331.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\448518.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\448565.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\448658.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\448768.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\448830.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\448846.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\452496.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\455351.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\455600.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\456474.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\456880.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\457129.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\457363.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\458440.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\459625.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\459688.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\460156.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\461435.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\463042.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\464087.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\464633.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\466630.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\467051.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\469469.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\469594.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\469984.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\470124.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\470140.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\470374.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\470733.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\472589.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\473884.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\475085.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\475600.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\475662.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\476286.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\476614.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\476863.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\477285.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\478080.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\478579.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\479781.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\480108.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\480139.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\483556.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\486832.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\487440.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\488080.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\488829.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\488969.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\492385.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\493290.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\497643.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\500201.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\500903.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\501028.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\501324.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\501480.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\501699.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\502198.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\503274.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\503306.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\508469.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\509530.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\510294.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\512322.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\513945.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\514740.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\515177.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\515832.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\515988.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\517517.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\518375.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\518687.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\519717.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\519795.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\520044.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\520419.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\520996.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\521230.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\522587.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\523320.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\524990.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\526269.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\526628.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\530481.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\531261.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\531511.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\534428.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\541869.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\542540.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\544240.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\545098.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\546393.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\546533.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\548187.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\548265.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\549731.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\550886.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\551198.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\563943.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\577796.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\578997.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\585331.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\586860.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\590526.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\594270.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\594566.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\613021.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\614051.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\620431.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\623801.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\625798.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\626796.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\635906.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\649744.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\652021.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\652364.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\659697.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\664720.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\675687.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\682972.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\684048.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\690928.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\693112.exe
c:\users\Happy Family\AppData\Roaming\drivers\downld\693596.exe
c:\users\Happy Family\AppData\Roaming\drivers\srosa2.sys

.
((((((((((((((((((((((((( Files Creati Da 2009-09-11 al 2009-10-11 )))))))))))))))))))))))))))))))))))
.

2009-10-11 18:05 . 2009-10-11 18:05 -------- d-----w- c:\users\Happy Family\AppData\Local\temp
2009-10-11 18:05 . 2009-10-11 18:05 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-10-11 18:05 . 2009-10-11 18:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-11 17:55 . 2009-10-11 17:55 -------- d-----w- C:\32788R22FWJFW
2009-10-09 20:42 . 2009-10-10 21:09 -------- d-----w- c:\program files\FindyKill
2009-10-09 19:42 . 2009-10-09 19:42 -------- d-----w- c:\programdata\eMule
2009-10-09 19:30 . 2009-10-11 18:04 -------- d--h--w- c:\users\Happy Family\AppData\Roaming\drivers
2009-10-08 13:22 . 2009-10-09 17:48 -------- d-----w- c:\program files\Microsoft SQL Server
2009-10-06 19:31 . 2009-10-06 19:31 0 ----a-w- c:\windows\nsreg.dat
2009-10-06 19:31 . 2009-10-06 19:31 -------- d-----w- c:\users\Happy Family\AppData\Local\Thunderbird
2009-10-06 19:31 . 2009-10-06 19:31 -------- d-----w- c:\users\Happy Family\AppData\Roaming\Thunderbird
2009-10-06 19:31 . 2009-10-06 19:31 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-10-06 17:19 . 2009-10-06 17:19 -------- d-----w- c:\users\Happy Family\AppData\Roaming\Malwarebytes
2009-10-06 17:18 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-06 17:18 . 2009-10-06 17:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-06 17:18 . 2009-10-06 17:18 -------- d-----w- c:\programdata\Malwarebytes
2009-10-06 17:18 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-06 16:23 . 2009-10-06 16:23 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2009-10-06 16:22 . 2009-10-10 20:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-10-04 19:12 . 2009-10-04 19:12 -------- d-----w- c:\users\Happy Family\AppData\Local\TVU Networks
2009-10-04 19:12 . 2009-10-04 19:12 -------- d-----w- c:\programdata\TVU Networks
2009-10-04 13:35 . 2009-10-05 16:20 98 ----a-w- c:\users\Happy Family\AppData\Local\docresgm.bat
2009-10-03 06:15 . 2009-10-03 06:15 -------- d-----w- C:\WisTools
2009-10-03 06:14 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-03 06:11 . 2007-12-16 15:57 75776 ----a-w- c:\windows\system32\drivers\WSVD.sys
2009-10-02 19:07 . 2009-10-02 19:17 -------- d-----w- c:\program files\Ufasoft
2009-10-02 16:50 . 2009-10-02 16:50 604416 ----a-w- c:\windows\system32\TUProgSt.exe
2009-10-02 16:50 . 2009-04-27 12:21 17152 ----a-w- c:\windows\system32\authuitu.dll
2009-10-02 16:50 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll
2009-10-02 16:50 . 2009-10-02 16:50 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-10-02 16:47 . 2009-10-02 16:47 -------- d-----w- c:\users\Happy Family\AppData\Roaming\TuneUp Software
2009-10-02 16:47 . 2009-10-02 16:49 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-10-02 16:47 . 2009-10-02 16:47 -------- d-----w- c:\programdata\TuneUp Software
2009-10-02 16:46 . 2009-10-02 16:46 -------- d-sh--w- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-09-30 13:24 . 2009-09-30 14:28 -------- d-----r- C:\keygen
2009-09-29 20:26 . 2009-09-29 20:27 -------- d-----w- c:\users\Happy Family\AppData\Roaming\U3
2009-09-28 22:26 . 2009-09-28 22:26 -------- d-----w- C:\unzipped
2009-09-28 13:52 . 2009-09-28 13:52 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2009-09-28 13:52 . 2009-09-28 13:52 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2009-09-14 12:58 . 2009-09-25 23:13 -------- d-----w- c:\users\Happy Family\AppData\Roaming\HpUpdate
2009-09-14 12:58 . 2009-09-14 12:58 -------- d-----w- c:\windows\Hewlett-Packard

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-11 18:05 . 2009-06-25 20:24 110166048 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-11 17:58 . 2008-05-08 06:57 771126 ----a-w- c:\windows\system32\perfh010.dat
2009-10-11 17:58 . 2008-05-08 06:57 162418 ----a-w- c:\windows\system32\perfc010.dat
2009-10-11 11:35 . 2009-06-25 20:24 1288400 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-10 20:08 . 2009-07-29 14:00 53912 ----a-w- c:\programdata\nvModes.dat
2009-10-09 16:06 . 2008-05-07 21:02 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-08 13:27 . 2008-05-07 21:11 -------- d-----w- c:\program files\Microsoft.NET
2009-10-06 18:50 . 2009-06-25 19:07 -------- d-----w- c:\programdata\Partner
2009-10-06 16:25 . 2009-06-27 07:12 -------- d-----w- c:\users\Happy Family\AppData\Roaming\TeraCopy
2009-10-04 19:12 . 2009-07-26 20:59 -------- d-----w- c:\program files\TVUPlayer
2009-10-02 17:04 . 2009-07-22 12:51 7592 ----a-w- c:\users\Happy Family\AppData\Local\d3d9caps.dat
2009-09-30 20:17 . 2009-07-13 19:45 -------- d-----w- c:\program files\SopCast
2009-09-30 06:39 . 2009-06-25 21:58 -------- d-----w- c:\users\Happy Family\AppData\Roaming\vlc
2009-09-30 06:39 . 2009-08-25 17:10 -------- d-----w- c:\programdata\HP Product Assistant
2009-09-25 23:18 . 2009-06-26 21:13 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-09-16 13:54 . 2008-05-07 21:29 -------- d-----w- c:\programdata\CyberLink
2009-09-09 19:58 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-07 20:28 . 2009-06-27 10:22 -------- d-----w- c:\users\Happy Family\AppData\Roaming\dvdcss
2009-09-07 20:27 . 2009-09-07 20:27 -------- d-----w- c:\users\Happy Family\AppData\Roaming\CyberLink
2009-08-29 00:27 . 2009-09-03 07:05 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-03 07:05 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-27 12:53 . 2009-06-25 20:26 -------- d-----w- c:\programdata\is-OHA4F
2009-08-27 08:59 . 2009-08-26 15:56 -------- d-----w- c:\programdata\iolo
2009-08-27 08:12 . 2009-08-26 15:56 -------- d-----w- c:\users\Happy Family\AppData\Roaming\iolo
2009-08-26 15:57 . 2009-08-26 15:57 74703 ----a-w- c:\windows\system32\mfc45.dll
2009-08-18 18:01 . 2009-08-18 18:01 -------- d-----w- c:\program files\YouTube Downloader
2009-08-18 14:13 . 2009-07-26 21:58 97 ----a-w- c:\users\Happy Family\AppData\Local\cfvspeb.bat
2009-08-18 13:57 . 2009-06-25 17:57 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-16 17:55 . 2009-08-16 17:34 -------- d-----w- c:\programdata\Skype
2009-08-16 17:37 . 2009-08-16 17:37 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-08-16 17:37 . 2009-08-16 17:37 -------- d-----w- c:\users\Happy Family\AppData\Roaming\skypePM
2009-08-16 12:25 . 2009-06-27 07:19 -------- d-----w- c:\program files\Java
2009-08-14 16:27 . 2009-09-09 19:46 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-09 19:46 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-09 19:46 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-09 19:46 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-09 19:46 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-09 19:46 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-09 19:46 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-09 19:46 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-09 19:46 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-09 19:46 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-09 19:46 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll
2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll
2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe
2009-07-25 03:23 . 2009-06-27 07:19 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-21 21:52 . 2009-07-29 14:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 14:00 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 14:00 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 14:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 13:54 . 2009-08-16 12:10 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-15 13:27 . 2009-06-25 17:18 75456 ----a-w- c:\users\Happy Family\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-15 12:40 . 2009-08-16 12:10 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-07-15 12:39 . 2009-08-16 12:10 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-15 12:39 . 2009-08-16 12:10 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-15 12:39 . 2009-08-16 12:10 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-15 06:24 . 2009-07-13 19:34 97 ----a-w- c:\users\Happy Family\AppData\Local\cciigmi.bat
2009-06-25 19:07 . 2009-06-25 19:07 123392 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2009-06-26 02:41 . 2009-06-26 02:40 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((( SnapShot_2009-10-05_16.52.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-08 13:27 . 2009-10-08 13:27 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80KOR.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80JPN.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ITA.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80FRA.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ESP.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 57344 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ENU.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 65536 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80DEU.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 45056 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80CHT.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 40960 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80CHS.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 57344 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfcm80u.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 69632 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfcm80.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 95744 c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1\ATL80.dll
+ 2008-01-21 01:58 . 2009-10-11 17:53 63504 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-10-11 17:53 91364 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2005-10-14 00:51 . 2005-10-14 00:51 66264 c:\windows\System32\sqlctr90.dll
- 2009-06-25 17:06 . 2009-10-05 08:33 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-06-25 17:06 . 2009-10-11 11:19 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-06-25 17:06 . 2009-10-11 11:19 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-06-25 17:06 . 2009-10-05 08:33 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-06-25 17:06 . 2009-10-11 11:19 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-06-25 17:06 . 2009-10-05 08:33 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-10-08 13:27 . 2009-10-08 13:27 84696 c:\windows\assembly\GAC_MSIL\MSClusterLib\1.0.0.0__89845dcd8080cc91\MSClusterLib.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 43736 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.WmiEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.WmiEnum.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 10968 c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.wmienum.resources\9.0.242.0_it_89845dcd8080cc91\Microsoft.SqlServer.WmiEnum.Resources.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 20184 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.SString\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SString.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 43736 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.SqlTDiagM\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SqlTDiagM.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 96984 c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.smoenum.resources\9.0.242.0_it_89845dcd8080cc91\Microsoft.SqlServer.SmoEnum.Resources.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 72408 c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.smo.resources\9.0.242.0_it_89845dcd8080cc91\Microsoft.SqlServer.Smo.Resources.dll
+ 2009-10-08 13:22 . 2009-10-08 13:22 64216 c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.setup.resources\9.0.242.0_it_89845dcd8080cc91\Microsoft.SqlServer.Setup.Resources.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 39640 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.ServiceBrokerEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.ServiceBrokerEnum.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 35544 c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.servicebrokerenum.resources\9.0.242.0_it_89845dcd8080cc91\Microsoft.SqlServer.ServiceBrokerEnum.Resources.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 43736 c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.rmo.resources\9.0.242.0_it_89845dcd8080cc91\Microsoft.SqlServer.Rmo.Resources.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 68312 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.RegSvrEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.RegSvrEnum.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 13016 c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.regsvrenum.resources\9.0.242.0_it_89845dcd8080cc91\Microsoft.SqlServer.RegSvrEnum.resources.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 16600 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.Instapi\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.InstApi.dll
+ 2009-10-08 13:22 . 2009-10-08 13:22 27352 c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.gridcontrol.resources\9.0.242.0_it_89845dcd8080cc91\Microsoft.SqlServer.GridControl.Resources.dll
+ 2009-10-08 13:22 . 2009-10-08 13:22 43736 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.CustomControls\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.CustomControls.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 15576 c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.connectioninfo.resources\9.0.242.0_it_89845dcd8080cc91\Microsoft.SqlServer.ConnectionInfo.Resources.dll
+ 2009-10-08 13:22 . 2009-10-08 13:22 80600 c:\windows\assembly\GAC_MSIL\microsoft.netenterpriseservers.exceptionmessagebox.resources\9.0.242.0_it_89845dcd8080cc91\Microsoft.NetEnterpriseServers.ExceptionMessageBox.Resources.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 35544 c:\windows\assembly\GAC_MSIL\Microsoft.DataWarehouse.Interfaces\9.0.242.0__89845dcd8080cc91\Microsoft.DataWarehouse.Interfaces.DLL
+ 2009-10-08 13:27 . 2009-10-08 13:27 10456 c:\windows\assembly\GAC_MSIL\microsoft.datawarehouse.interfaces.resources\9.0.242.0_it_89845dcd8080cc91\Microsoft.DataWarehouse.Interfaces.resources.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 20184 c:\windows\assembly\GAC_MSIL\microsoft.analysisservices.deploymentengine.resources\9.0.242.0_it_89845dcd8080cc91\microsoft.analysisservices.deploymentengine.resources.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 47832 c:\windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.AdomdClient.resources\9.0.242.0_it_89845dcd8080cc91\Microsoft.AnalysisServices.AdomdClient.resources.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 75480 c:\windows\assembly\GAC_32\Microsoft.SqlServer.MgdSqlDumper\9.0.242.0__89845dcd8080cc91\microsoft.sqlserver.mgdsqldumper.dll
+ 2009-06-25 18:52 . 2009-10-09 19:40 7728 c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2009-06-25 17:18 . 2009-10-11 17:53 9814 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3792130533-4105100560-3462664888-1000_UserData.bin
+ 2009-10-11 17:50 . 2009-10-11 17:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-10-05 16:18 . 2009-10-05 16:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-10-05 16:18 . 2009-10-05 16:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-10-11 17:50 . 2009-10-11 17:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-06-27 10:04 . 2009-10-09 18:32 299446 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 10:33 . 2009-10-11 17:58 680594 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-10-11 17:58 136114 c:\windows\System32\perfc009.dat
+ 2006-11-02 12:47 . 2009-10-10 19:54 315608 c:\windows\System32\FNTCACHE.DAT
- 2006-11-02 12:47 . 2009-07-22 15:34 315608 c:\windows\System32\FNTCACHE.DAT
- 2009-06-25 20:47 . 2009-09-30 20:09 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-06-25 20:47 . 2009-10-10 12:28 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-10-08 13:27 . 2009-10-08 13:27 887296 c:\windows\Installer\195e39f.msi
+ 2009-10-08 13:22 . 2009-10-08 13:22 818176 c:\windows\Installer\195e379.msi
+ 2009-10-09 17:44 . 2009-10-09 17:44 828416 c:\windows\Installer\124f40.msi
+ 2009-10-08 13:22 . 2009-10-08 13:22 592600 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.WizardFrameworkLite\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.WizardFrameworkLite.dll
+ 2009-10-08 13:22 . 2009-10-08 13:22 346840 c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.wizardframeworklite.resources\9.0.242.0_it_89845dcd8080cc91\Microsoft.SqlServer.WizardFrameworkLite.resources.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 895704 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.SqlEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SqlEnum.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 604888 c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.sqlenum.resources\9.0.242.0_it_89845dcd8080cc91\Microsoft.SqlServer.SqlEnum.Resources.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 223960 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.SmoEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SmoEnum.dll
+ 2009-10-08 13:22 . 2009-10-08 13:22 289496 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.Setup\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Setup.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 555736 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.Rmo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Rmo.dll
+ 2009-10-08 13:22 . 2009-10-08 13:22 199384 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.GridControl\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.GridControl.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 150232 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.ConnectionInfo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.ConnectionInfo.dll
+ 2009-10-08 13:22 . 2009-10-08 13:22 133848 c:\windows\assembly\GAC_MSIL\Microsoft.NetEnterpriseServers.ExceptionMessageBox\9.0.242.0__89845dcd8080cc91\Microsoft.NetEnterpriseServers.ExceptionMessageBox.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 154328 c:\windows\assembly\GAC_MSIL\microsoft.analysisservices.resources\9.0.242.0_it_89845dcd8080cc91\microsoft.analysisservices.resources.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 137944 c:\windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.DeploymentEngine\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.DeploymentEngine.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 539352 c:\windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.AdomdClient\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.AdomdClient.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 387800 c:\windows\assembly\GAC_32\Microsoft.SqlServer.BatchParser\9.0.242.0__89845dcd8080cc91\microsoft.sqlserver.batchparser.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 1079808 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80u.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 1093632 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80.dll
+ 2005-10-14 01:51 . 2005-10-14 01:51 2208016 c:\windows\System32\sqlncli.dll
+ 2006-11-02 10:22 . 2009-10-08 17:31 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat
- 2006-11-02 10:22 . 2009-09-10 14:10 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-10-08 13:29 . 2009-10-08 13:29 6577152 c:\windows\Installer\195e3a7.msi
+ 2009-10-09 17:50 . 2009-10-09 17:50 6577152 c:\windows\Installer\124f60.msi
+ 2009-10-08 13:27 . 2009-10-08 13:27 1559256 c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.Smo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Smo.dll
+ 2009-10-08 13:27 . 2009-10-08 13:27 1211096 c:\windows\assembly\GAC_MSIL\Microsoft.AnalysisServices\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.DLL
+ 2009-06-25 19:07 . 2009-10-08 13:27 147294566 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 21:38 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-19 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-19 92704]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2009-06-25 3667968]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 809480]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-30 397312]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-04-25 6111232]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-05 08:09 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2009-06-25 17:53 3110912 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
"WarReg_PopUp"=c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(b):d6,5d,fb,86,e2,0a,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3792130533-4105100560-3462664888-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{EDD33C57-C9CF-452D-AF8F-BF917549F62B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{DF21046C-0A25-4FAF-A1BF-517BEF5405D8}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{DC808DF1-C040-4E29-A5B1-73952534C8BA}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{0D51BA99-356E-4B7A-9E65-987ED78BA285}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{E7396943-4CE5-42E3-A7EA-71FF51C54DCF}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{8D0247B6-B148-4E39-870B-8FF98EEBC8C8}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{A38B6703-8CFB-464A-BA28-0C7599718CD6}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{F0599F67-0601-4D3D-A86A-E4681DE023BA}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{8CE8F528-1E9F-4430-AD9B-10259617BCBD}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{0ACCB565-A618-48A6-8B31-A3F25F2A0B2A}"= c:\program files\Acer\Acer VCM\VC.exe:Acer VCM
"{3035819F-412F-4151-A50B-15575108C9AD}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{9AFD42F4-BB88-4A78-ABD0-0007FB0B1972}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie
"{2B1F9693-6F70-48AC-BAD1-629DA4289A40}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program
"{D645AA5E-4285-4DDB-ADD6-EE5B6DE96ABE}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia
"TCP Query User{CD474E74-ABC5-4B94-802B-9ADDBF38F36D}c:\\program files\\emule adunanza\\emule_adnza.exe"= UDP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"UDP Query User{0E5E1D55-E396-4517-95C8-CBB0D39FFC56}c:\\program files\\emule adunanza\\emule_adnza.exe"= TCP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"{5FCABD74-A0A9-4365-97C5-3CB255695903}"= UDP:c:\program files\eMule AdunanzA\LinkCreator.exe:LinkCreator
"{751C7890-959A-4BCD-8BE3-66F99F4ACAFF}"= TCP:c:\program files\eMule AdunanzA\LinkCreator.exe:LinkCreator
"{2D604E5E-4AE4-4FCD-9646-7705B5E2FBBC}"= UDP:c:\program files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"{8F4C24F0-0E12-4F00-86C3-F1087F6138AB}"= TCP:c:\program files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"{3E8F9250-B26D-4D3C-9AE0-199443405350}"= UDP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{B6555C4B-20A6-4656-B63E-F69068B386B2}"= TCP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{4AEFA42F-1BCA-4C63-B02C-BE57D262D70A}"= UDP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{17D913B0-D8D2-4920-867E-E04801FBF08F}"= TCP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{8E926176-1E91-4AFD-8247-7CB958459B28}"= UDP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{4408BBBB-ED23-4C61-B183-45943F656673}"= TCP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{890E0B18-0CFF-4AD1-AF2B-7F9FC7F66687}"= UDP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{5115C74B-C79C-4E0D-92FB-5B54D28FA4A1}"= TCP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{1DF7D62D-FB8F-48C3-8A1A-C3AD67B3ABAD}"= UDP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{1CA1354C-7FA1-4955-B11A-4FEFE90F8210}"= TCP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{5C944F2D-DCCD-4FE6-9F3C-D1D0D3360F3F}"= UDP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{FE1F5331-0792-4ED9-A30B-E2FF380A6505}"= TCP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"TCP Query User{E4E02B91-7D19-43D3-9480-42E80DC3D4BE}f:\\internettv.exe"= UDP:F:\internettv.exe:Readon TV Movie Radio Player
"UDP Query User{496B4180-6447-44AF-9144-3E8CB9F438CA}f:\\internettv.exe"= TCP:F:\internettv.exe:Readon TV Movie Radio Player
"TCP Query User{E7EBFC4F-0A1F-4DBA-B67F-FE8F6C88DDF8}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"UDP Query User{9628F199-A709-43B4-A095-AC57D9925AF0}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"TCP Query User{997C0E8B-42A8-4F62-A28C-5F255BED05A3}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{F53C8B34-BA0C-43C3-8618-4C280C200628}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{4A4DDBF8-0A52-4215-80D7-4348B4A893A9}c:\\program files\\tvants\\tvants.exe"= UDP:c:\program files\tvants\tvants.exe:TVAnts
"UDP Query User{C32B2A82-0C06-4C85-9266-8AFD0395C958}c:\\program files\\tvants\\tvants.exe"= TCP:c:\program files\tvants\tvants.exe:TVAnts
"TCP Query User{055F9810-A12A-4A1F-AF1A-CB61AE081917}c:\\users\\happy family\\appdata\\roaming\\macromedia\\flash player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"= UDP:c:\users\happy family\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe:octoshape.exe
"UDP Query User{443ADC31-930D-43D1-9140-5C6D249BB20C}c:\\users\\happy family\\appdata\\roaming\\macromedia\\flash player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"= TCP:c:\users\happy family\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe:octoshape.exe
"TCP Query User{8A282DDE-3761-4B8B-9143-6DE77F675E7B}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{B59DBF39-AF06-40E4-9481-14760432E6A5}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{78F7BB0B-8886-4CAB-A766-740B65EE8368}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{C57D64CA-3A1E-4430-B652-34740AD59132}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver

R0 AlfaFF;AlfaFF File System mini-filter;c:\windows\System32\drivers\AlfaFF.sys [25/06/2009 19.53.10 43184]
R1 ElRawDisk;ElRawDisk;c:\windows\System32\drivers\elrawdsk.sys [27/08/2009 9.53.23 12800]
R1 is-OHA4Fdrv;is-OHA4Fdrv;c:\windows\System32\drivers\10565681.sys [25/06/2009 22.24.52 148496]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23/06/2009 11.01.40 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23/06/2009 11.01.40 74480]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [25/06/2009 20.13.07 61424]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [03/03/2008 13.11.14 16384]
R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [25/06/2009 20.14.54 81504]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [07/05/2008 23.28.16 24576]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [06/04/2008 22.42.24 50424]
R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [25/06/2009 20.14.59 122368]
R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [25/06/2009 19.51.15 233472]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [02/10/2009 18.50.12 604416]
R3 NETw5v32;Driver scheda Intel(R) Wireless WiFi Link per Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [26/06/2009 4.39.50 3658752]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [26/06/2009 4.39.04 44064]
S2 IGBASVC;iGroupTec Service;c:\program files\Acer\Acer Bio Protection\BASVC.exe [25/06/2009 19.53.17 3517440]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [04/04/2008 3.03.14 131072]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [21/01/2008 4.23.20 179712]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [25/06/2009 21.06.39 24064]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23/06/2009 11.01.42 7408]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [03/10/2009 8.11.19 75776]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'

2009-10-11 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:37]

2009-10-11 c:\windows\Tasks\User_Feed_Synchronization-{0DBE58FD-B487-4991-9EBA-16B4398246B8}.job
- c:\windows\system32\msfeedssync.exe [2009-07-29 20:13]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... spire_5930
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... spire_5930
uInternet Settings,ProxyOverride = local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Happy Family\AppData\Roaming\Mozilla\Firefox\Profiles\60xn85yq.default\
FF - prefs.js: browser.startup.homepage - www.sportmediaset.it
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\users\Happy Family\AppData\Roaming\Mozilla\Firefox\Profiles\60xn85yq.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: f:\picasa3\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKLM-Run-SynTPEnh - c:\program files\Synaptics\SynTP\SynTPEnh.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-11 20:05
Windows 6.0.6002 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'Explorer.exe'(4960)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\System32\SysHook.dll
.
Ora fine scansione: 2009-10-11 20.07.42
ComboFix-quarantined-files.txt 2009-10-11 18:07
ComboFix2.txt 2009-10-05 16:54
ComboFix3.txt 2009-08-18 14:38
ComboFix4.txt 2009-08-18 14:15

Pre-Run: 122.303.000.576 byte disponibili
Post-Run: 122.205.990.912 byte disponibili

656 --- E O F --- 2009-10-10 20:13
Mai contraddire una donna..Prima o poi lo farà da sola..
Avatar utente
ARIETE72
Senior Member
Senior Member
 
Messaggi: 449
Iscritto il: mar mar 07, 2006 4:24 pm
Località: milano
Top

Re: Bagle: un worm che attacca gli antivirus..AIUTO!

Messaggioda crazy.cat » lun ott 12, 2009 7:15 am

ARIETE72 ha scritto:non ti sembra che abbia cancellato troppe cose però?

Bagle crea una marea di exe fasulli e infetti, quindi ha tolto quello che doveva eliminare.

Il programma RescueCd ossia la immagine iso partita di boot è uno strumento uguale ad avira o qualcosa di diverso o piu' potente?

Diciamo che è diverso, facendo il boot lo puoi usare per casi specifici.

Il programma Findykill posso usarlo ogni tanto per fare una scansione dell'intero pc senza creare danni al sistema? Sembra molto veloce e efficace.

E' un antibagle. va bene solo per questo tipo di virus.

cosa ne pensi di Baglegui per la rimozione? Mi è stato consigliato ma non mi fido.

Mai usato.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre
Top
Precedente
Rispondi al messaggio

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 27 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising