ComboFix 08-12-18.01 - SilviaS 2008-12-18 23.10.43.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.2046.1585 [GMT 1:00]
Eseguito da: c:\documents and settings\SilviaS\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!.
((((((((((((((((((((((((( Files Creati Da 2008-11-18 al 2008-12-18 )))))))))))))))))))))))))))))))))))
.
2008-12-11 18:30 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-11 18:29 . 2008-12-11 18:30 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2008-12-11 18:29 . 2008-12-11 18:29 <DIR> d-------- c:\documents and settings\SilviaS\Dati applicazioni\Malwarebytes
2008-12-11 18:29 . 2008-12-11 18:29 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2008-12-11 18:29 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-05 12:08 . 2008-12-18 23:13 2,204 --a------ c:\windows\gbaiqoag
2008-11-30 18:47 . 2008-12-03 13:10 69 --a------ c:\windows\NeroDigital.ini
2008-11-28 11:39 . 2001-08-30 20:41 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2008-11-28 11:39 . 2001-08-30 20:41 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys
2008-11-28 11:39 . 2008-04-13 11:45 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2008-11-28 11:39 . 2008-04-13 11:45 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2008-11-18 16:18 . 2008-04-13 19:13 221,184 --a------ c:\windows\system32\wmpns.dll
2008-11-18 16:06 . 2008-11-08 11:06 <DIR> d--h----- c:\documents and settings\Administrator\Risorse di stampa
2008-11-18 16:06 . 2008-11-08 11:06 <DIR> d--h----- c:\documents and settings\Administrator\Risorse di rete
2008-11-18 16:06 . 2008-11-08 11:06 <DIR> d-------- c:\documents and settings\Administrator\Preferiti
2008-11-18 16:06 . 2008-11-08 11:14 <DIR> d--h----- c:\documents and settings\Administrator\Modelli
2008-11-18 16:06 . 2008-11-08 11:06 <DIR> dr------- c:\documents and settings\Administrator\Menu Avvio
2008-11-18 16:06 . 2008-12-11 18:20 <DIR> d--h----- c:\documents and settings\Administrator\Impostazioni locali
2008-11-18 16:06 . 2008-11-08 11:06 <DIR> d-------- c:\documents and settings\Administrator\Documenti
2008-11-18 16:06 . 2008-11-08 11:06 <DIR> dr-h----- c:\documents and settings\Administrator\Dati applicazioni
2008-11-18 16:06 . 2008-11-18 16:06 <DIR> d-------- c:\documents and settings\Administrator
2008-11-18 16:03 . 2008-09-07 09:46 3,072 --a------ c:\windows\system32\CRYPT.DLL
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-11 18:01 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2008-12-11 17:26 --------- d-----w c:\programmi\Java
2008-12-11 12:03 --------- d-----w c:\programmi\eMule
2008-11-11 21:48 --------- d-----w c:\programmi\microsoft frontpage
2008-11-10 21:59 --------- d-----w c:\programmi\Windows Media Connect 2
2008-11-10 12:47 --------- d-----w c:\documents and settings\SilviaS\Dati applicazioni\AdobeUM
2008-11-09 21:51 --------- d--h--w c:\programmi\InstallShield Installation Information
2008-11-09 21:43 --------- d-----w c:\programmi\File comuni\InstallShield
2008-11-09 21:38 --------- d-----w c:\programmi\Lenovo Fingerprint Software
2008-11-09 19:45 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2008-11-09 19:33 --------- d-----w c:\programmi\Messenger Plus! Live
2008-11-09 19:31 --------- d-----w c:\programmi\Windows Live
2008-11-09 19:30 --------- dcsh--w c:\programmi\File comuni\WindowsLiveInstaller
2008-11-09 19:24 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\WLInstaller
2008-11-09 19:19 --------- d-----w c:\programmi\MSBuild
2008-11-09 19:19 --------- d-----w c:\programmi\Microsoft Works
2008-11-09 19:18 --------- d-----w c:\programmi\Microsoft.NET
2008-11-09 19:17 --------- d-----w c:\programmi\Microsoft Visual Studio 8
2008-11-09 19:14 --------- d-----w c:\programmi\DAEMON Tools Lite
2008-11-09 19:12 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2008-11-09 19:12 --------- d-----w c:\documents and settings\SilviaS\Dati applicazioni\DAEMON Tools
2008-11-09 19:11 --------- d-----w c:\programmi\File comuni\Adobe
2008-11-09 19:03 --------- d-----w c:\programmi\File comuni\Ahead
2008-11-09 19:03 --------- d-----w c:\programmi\Ahead
2008-11-09 19:00 --------- d-----w c:\programmi\directx
2008-11-09 18:48 97,928 ----a-w c:\windows\system32\drivers\avgldx86.sys
2008-11-09 18:43 315,392 ----a-w c:\windows\HideWin.exe
2008-11-09 18:43 --------- d-----w c:\programmi\Realtek
2008-11-09 18:22 --------- d-----w c:\programmi\Broadcom
2008-11-09 18:21 --------- d-----w c:\programmi\Lenovo
2008-11-08 23:08 --------- d-----w c:\programmi\Intel
2008-11-08 12:13 76,040 ----a-w c:\windows\system32\drivers\avgtdix.sys
2008-11-08 12:13 --------- d-----w c:\programmi\AVG
2008-11-08 12:13 --------- d-----w c:\documents and settings\SilviaS\Dati applicazioni\AVGTOOLBAR
2008-11-08 12:13 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\avg8
2008-11-08 12:12 --------- d-----w c:\programmi\DIFX
2008-11-08 10:15 --------- d-----w c:\programmi\Servizi in linea
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
.
------- Sigcheck -------
2004-08-19 15:39 504832 4166454e2bcfcc20d1b8a5ac9feab243 c:\windows\$NtServicePackUninstall$\winlogon.exe
2008-04-13 19:14 510464 9259170d29b5a256735fcb8b80280857 c:\windows\ServicePackFiles\i386\winlogon.exe
2004-08-19 15:39 504832 4166454e2bcfcc20d1b8a5ac9feab243 c:\windows\SoftwareDistribution\Download\3081fb24ce5c92103d622c497fb2b188\backup\winlogon.exe
2008-11-18 16:07 510464 90f406811ee1eee294792d00e21ca16c c:\windows\system32\winlogon.exe
.
((((((((((((((((((((((((((((( snapshot@2008-12-11_18.19.41.34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-08-26 07:57:14 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll
+ 2008-08-26 07:57:14 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll
+ 2008-08-26 07:57:14 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll
+ 2008-08-26 07:57:14 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll
+ 2008-08-26 07:57:14 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll
+ 2008-08-25 08:39:58 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2008-08-26 07:57:14 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll
+ 2008-08-26 07:57:15 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll
+ 2008-08-26 07:57:15 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll
+ 2008-08-26 07:57:15 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll
+ 2008-10-03 16:58:43 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll
+ 2008-08-26 07:57:17 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll
+ 2008-08-26 07:57:17 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe
+ 2008-08-26 07:57:18 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll
+ 2008-08-26 07:57:18 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll
+ 2008-08-26 07:57:18 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll
+ 2008-08-27 08:57:22 3,593,216 -c----w c:\windows\ie7updates\KB958215-IE7\mshtml.dll
+ 2008-08-26 07:57:20 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll
+ 2008-08-26 07:57:21 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll
+ 2008-08-26 07:57:21 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll
+ 2008-08-26 07:57:21 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll
+ 2008-08-26 07:57:21 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll
+ 2007-03-06 01:48:14 215,776 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll
+ 2008-08-26 07:57:21 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll
+ 2008-08-26 07:57:22 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll
+ 2008-08-26 07:57:22 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll
+ 2008-08-26 07:57:22 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll
+ 2008-10-17 00:34:26 3,593,216 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll
+ 2007-03-06 01:48:14 215,776 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll
- 2008-11-18 15:22:50 1,165,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-12-11 18:01:10 1,165,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2008-11-18 15:22:50 20,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-12-11 18:01:10 20,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-11-18 15:22:50 159,504 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-12-11 18:01:10 159,504 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-11-18 15:22:50 184,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-12-11 18:01:10 184,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-11-18 15:22:50 217,864 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-12-11 18:01:10 217,864 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-11-18 15:22:50 18,704 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-12-11 18:01:10 18,704 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-11-18 15:22:50 35,088 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-12-11 18:01:11 35,088 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-11-18 15:22:50 845,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-12-11 18:01:10 845,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-11-18 15:22:50 922,384 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-12-11 18:01:10 922,384 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-11-18 15:22:50 272,648 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-12-11 18:01:10 272,648 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-11-18 15:22:50 888,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-12-11 18:01:11 888,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-11-18 15:22:50 1,172,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-12-11 18:01:10 1,172,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-08-26 07:57:14 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-10-16 20:04:22 124,928 ----a-w c:\windows\system32\advpack.dll
- 2008-11-11 10:48:50 410,976 ----a-w c:\windows\system32\deploytk.dll
+ 2008-11-10 04:43:30 410,984 ----a-w c:\windows\system32\deploytk.dll
- 2008-08-26 07:57:14 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
+ 2008-10-16 20:04:22 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
- 2008-08-26 07:57:14 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 20:04:22 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-26 07:57:14 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 20:04:22 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-26 07:57:14 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 20:04:22 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-23 12:36:14 286,720 -c----w c:\windows\system32\dllcache\gdi32.dll
- 2008-08-26 07:57:14 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2008-10-16 20:04:22 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
- 2008-08-25 08:39:58 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-10-16 13:13:44 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-08-26 07:57:14 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-10-16 20:04:22 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
- 2008-08-26 07:57:15 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-10-16 20:04:22 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
- 2008-08-23 05:54:51 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
+ 2008-10-15 07:04:53 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
- 2008-08-26 07:57:15 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-10-16 20:04:22 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-08-26 07:57:15 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-10-16 20:04:22 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-03 16:58:43 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-16 20:04:23 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
- 2008-08-26 07:57:17 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
+ 2008-10-16 20:04:23 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
- 2008-08-26 07:57:17 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2008-10-16 20:04:23 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
- 2008-08-25 08:38:00 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
- 2008-08-23 05:56:15 635,848 -c----w c:\windows\system32\dllcache\iexplore.exe
+ 2008-10-15 07:06:26 633,632 -c----w c:\windows\system32\dllcache\iexplore.exe
- 2008-08-26 07:57:18 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 20:04:23 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
- 2006-10-18 19:03:58 100,864 -c----w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-18 00:09:22 100,864 -c----w c:\windows\system32\dllcache\logagent.exe
- 2008-08-26 07:57:18 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-10-16 20:04:23 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
- 2008-08-26 07:57:18 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-10-16 20:04:23 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-08-27 08:57:22 3,593,216 -c--a-w c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-13 06:36:24 3,593,216 -c--a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-08-26 07:57:20 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 20:04:24 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll
- 2008-08-26 07:57:21 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 20:04:24 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
- 2008-08-26 07:57:21 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 20:04:24 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
- 2008-08-26 07:57:21 102,912 -c----w c:\windows\system32\dllcache\occache.dll
+ 2008-10-16 20:04:24 102,912 -c----w c:\windows\system32\dllcache\occache.dll
- 2008-08-26 07:57:21 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 20:04:25 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
- 2008-04-13 18:13:56 246,814 -c----w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:02:46 247,326 -c----w c:\windows\system32\dllcache\strmdll.dll
- 2008-08-26 07:57:21 105,984 -c----w c:\windows\system32\dllcache\url.dll
+ 2008-10-16 20:04:25 105,984 -c----w c:\windows\system32\dllcache\url.dll
- 2008-08-26 07:57:22 1,159,680 -c--a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 20:04:25 1,160,192 -c--a-w c:\windows\system32\dllcache\urlmon.dll
- 2008-08-26 07:57:22 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
+ 2008-10-16 20:04:25 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
- 2008-08-26 07:57:22 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 20:04:25 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll
- 2006-10-18 20:47:20 937,984 -c----w c:\windows\system32\dllcache\WMNetMgr.dll
+ 2008-06-18 04:03:08 938,496 -c----w c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-18 20:47:22 2,450,944 -c----w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 04:03:14 2,458,112 -c----w c:\windows\system32\dllcache\WMVCore.dll
- 2008-08-26 07:57:14 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-10-16 20:04:22 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-08-26 07:57:14 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-10-16 20:04:22 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2008-08-26 07:57:14 133,120 ----a-w c:\windows\system32\extmgr.dll
+ 2008-10-16 20:04:22 133,120 ----a-w c:\windows\system32\extmgr.dll
- 2008-04-13 18:13:40 285,184 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 12:36:14 286,720 ----a-w c:\windows\system32\gdi32.dll
- 2008-08-26 07:57:14 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-10-16 20:04:22 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-08-25 08:39:58 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-10-16 13:13:44 70,656 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-08-26 07:57:14 153,088 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-10-16 20:04:22 153,088 ----a-w c:\windows\system32\ieakeng.dll
- 2008-08-26 07:57:15 230,400 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-10-16 20:04:22 230,400 ----a-w c:\windows\system32\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2008-10-15 07:04:53 161,792 ----a-w c:\windows\system32\ieakui.dll
- 2008-08-26 07:57:15 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-10-16 20:04:22 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-08-26 07:57:15 384,512 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-10-16 20:04:22 384,512 ----a-w c:\windows\system32\iedkcs32.dll
- 2008-10-03 16:58:43 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-10-16 20:04:23 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2008-08-26 07:57:17 44,544 ----a-w c:\windows\system32\iernonce.dll
+ 2008-10-16 20:04:23 44,544 ----a-w c:\windows\system32\iernonce.dll
- 2008-08-26 07:57:17 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-10-16 20:04:23 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2008-11-11 10:48:51 144,792 ----a-w c:\windows\system32\java.exe
+ 2008-11-10 04:43:37 144,792 ----a-w c:\windows\system32\java.exe
- 2008-11-11 10:48:51 144,792 ----a-w c:\windows\system32\javaw.exe
+ 2008-11-10 04:43:38 144,792 ----a-w c:\windows\system32\javaw.exe
- 2008-11-11 10:48:51 148,888 ----a-w c:\windows\system32\javaws.exe
+ 2008-11-10 04:43:39 148,888 ----a-w c:\windows\system32\javaws.exe
- 2008-08-26 07:57:18 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-10-16 20:04:23 27,648 ----a-w c:\windows\system32\jsproxy.dll
- 2006-10-18 19:03:58 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-18 00:09:22 100,864 ----a-w c:\windows\system32\logagent.exe
- 2008-11-04 00:10:25 17,318,336 ----a-w c:\windows\system32\MRT.exe
+ 2008-12-09 23:24:37 17,593,280 ----a-w c:\windows\system32\MRT.exe
- 2008-08-26 07:57:18 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-10-16 20:04:23 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-08-26 07:57:18 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-10-16 20:04:23 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-08-27 08:57:22 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-13 06:36:24 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-08-26 07:57:20 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-10-16 20:04:24 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2008-08-26 07:57:21 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2008-10-16 20:04:24 193,024 ----a-w c:\windows\system32\msrating.dll
- 2008-08-26 07:57:21 671,232 ----a-w c:\windows\system32\mstime.dll
+ 2008-10-16 20:04:24 671,232 ----a-w c:\windows\system32\mstime.dll
- 2008-08-26 07:57:21 102,912 ----a-w c:\windows\system32\occache.dll
+ 2008-10-16 20:04:24 102,912 ----a-w c:\windows\system32\occache.dll
- 2008-12-05 11:03:33 59,774 ----a-w c:\windows\system32\perfc009.dat
+ 2008-12-18 22:10:54 59,774 ----a-w c:\windows\system32\perfc009.dat
- 2008-12-05 11:03:33 70,964 ----a-w c:\windows\system32\perfc010.dat
+ 2008-12-18 22:10:54 70,964 ----a-w c:\windows\system32\perfc010.dat
- 2008-12-05 11:03:33 395,534 ----a-w c:\windows\system32\perfh009.dat
+ 2008-12-18 22:10:54 395,534 ----a-w c:\windows\system32\perfh009.dat
- 2008-12-05 11:03:33 440,738 ----a-w c:\windows\system32\perfh010.dat
+ 2008-12-18 22:10:54 440,738 ----a-w c:\windows\system32\perfh010.dat
- 2008-08-26 07:57:21 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 20:04:25 44,544 ----a-w c:\windows\system32\pngfilt.dll
- 2007-11-30 11:19:29 18,808 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 12:39:40 18,808 ------w c:\windows\system32\spmsg.dll
- 2008-04-13 18:13:56 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:02:46 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2008-04-13 18:14:24 60,416 ------w c:\windows\system32\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ------w c:\windows\system32\tzchange.exe
- 2008-08-26 07:57:21 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-10-16 20:04:25 105,984 ----a-w c:\windows\system32\url.dll
- 2008-08-26 07:57:22 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 20:04:25 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2008-08-26 07:57:22 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-10-16 20:04:25 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2008-08-26 07:57:22 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-16 20:04:25 826,368 ----a-w c:\windows\system32\wininet.dll
- 2006-10-18 20:47:20 937,984 ----a-w c:\windows\system32\WMNetMgr.dll
+ 2008-06-18 04:03:08 938,496 ----a-w c:\windows\system32\WMNetmgr.dll
- 2006-10-18 20:47:22 2,450,944 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-18 04:03:14 2,458,112 ----a-w c:\windows\system32\WMVCore.dll
- 2008-12-11 17:17:22 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_7d4.dat
+ 2008-12-18 22:14:07 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_7d4.dat
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-03-21 7585792]
"AzMixerSel"="c:\programmi\Realtek\InstallShield\AzMixerSel.exe" [2006-01-25 53248]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"GrooveMonitor"="c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"FingerPrintSoftware"="c:\programmi\Lenovo Fingerprint Software\fpapp.exe" [2007-03-02 933888]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"nwiz"="nwiz.exe" [2007-03-21 c:\windows\system32\nwiz.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2006-08-30 c:\windows\AGRSMMSG.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-01-30 c:\windows\RTHDCPL.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
BTTray.lnk - c:\programmi\Lenovo\Bluetooth Software\BTTray.exe [2006-11-13 561213]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ATFUS]
2007-02-27 17:26 131072 c:\windows\system32\FpWinlogonNp.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll ehqwib.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-11-08 97928]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-11-08 875288]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-11-08 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-11-08 76040]
S0 gbaiqoag;gbaiqoag;c:\windows\system32\drivers\oxugxjvi.sys []
S3 FingerprintServer;Fingerprint Server;c:\windows\system32\FpLogonServ.exe [2007-01-19 61440]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys [2008-12-11 38496]
S4 AutoExNT;AutoExNT;c:\windows\system32\AutoExNT.Exe []
.
.
------- Supplementare di scansione -------
.
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Invia a periferica &Bluetooth... - c:\programmi\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
TCP: {AB0D04C2-7EFA-45A5-894E-F2E1F539D250} = 192.168.0.1,208.67.222.222
FF - ProfilePath - c:\documents and settings\SilviaS\Dati applicazioni\Mozilla\Firefox\Profiles\iz5bqaon.default\
ATTENTION: FIREFOX POLICES IS IN FORCE FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-12-18 23:14:50
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
c:\windows\system32\drivers\oxugxjvi.sys 25088 bytes executable
Scansione completata con successo
Files nascosti: 1
**************************************************************************
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
- - - - - - - > 'winlogon.exe'(1120)
c:\windows\system32\ATGinaHook.dll
c:\programmi\Lenovo Fingerprint Software\ATCSSINT.DLL
c:\programmi\Lenovo Fingerprint Software\SharedResources.dll
c:\programmi\Lenovo Fingerprint Software\FPResource.dll
c:\windows\system32\FpWinLogonNp.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Lenovo\Bluetooth Software\bin\btwdins.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\programmi\AVG\AVG8\avgrsx.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\progra~1\Lenovo\BLUETO~1\BTSTAC~1.EXE
.
**************************************************************************
.
Ora fine scansione: 2008-12-18 23:16:59 - macchina è stato riavviato
ComboFix-quarantined-files.txt 2008-12-18 22:16:56
Pre-Run: 48.158.990.336 byte disponibili
Post-Run: 48,157,949,952 byte disponibili
386 --- E O F --- 2008-12-18 13:35:40