ComboFix 09-05-09.05 - Dami 11/05/2009 0.53.03.2 - NTFSx86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2046.1777 [GMT 2:00]
Eseguito da: c:\documents and settings\Dami\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated)
FW: COMODO Firewall *enabled*
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\IMPLODE.DLL
.
((((((((((((((((((((((((( Files Creati Da 2009-04-10 al 2009-05-10 )))))))))))))))))))))))))))))))))))
.
2009-04-22 10:04 . 2009-04-22 10:04 -------- d-----w c:\programmi\Turbo Squid Tentacles
2009-04-22 10:03 . 2009-04-22 10:03 -------- d-----w c:\programmi\Microsoft WSE
2009-04-21 09:26 . 1997-06-06 12:52 11264 ----a-w c:\windows\system32\SPORDER.DLL
2009-04-18 10:03 . 2004-08-19 13:39 221184 ----a-w c:\windows\system32\wmpns.dll
2009-04-16 08:59 . 2008-12-16 12:30 354304 ------w c:\windows\system32\dllcache\winhttp.dll
2009-04-16 08:59 . 2009-02-03 19:57 56832 ------w c:\windows\system32\dllcache\secur32.dll
2009-04-16 08:59 . 2009-03-21 14:06 1033728 ------w c:\windows\system32\dllcache\kernel32.dll
2009-04-16 08:59 . 2009-02-20 17:08 78336 ------w c:\windows\system32\dllcache\ieencode.dll
2009-04-16 08:57 . 2008-12-05 06:55 144896 ------w c:\windows\system32\dllcache\schannel.dll
2009-04-16 08:57 . 2008-06-12 14:21 956928 ------w c:\windows\system32\dllcache\msdtctm.dll
2009-04-16 08:57 . 2008-06-12 14:21 66560 ------w c:\windows\system32\dllcache\mtxclu.dll
2009-04-16 08:57 . 2008-06-12 14:21 161792 ------w c:\windows\system32\dllcache\msdtcuiu.dll
2009-04-16 08:57 . 2008-06-12 14:21 91648 ------w c:\windows\system32\dllcache\mtxoci.dll
2009-04-16 08:57 . 2008-06-12 14:21 58880 ------w c:\windows\system32\dllcache\msdtclog.dll
2009-04-16 08:50 . 2009-02-06 10:10 227840 ------w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 08:50 . 2009-03-06 14:19 286208 ------w c:\windows\system32\dllcache\pdh.dll
2009-04-16 08:50 . 2009-02-09 11:22 111104 ------w c:\windows\system32\dllcache\services.exe
2009-04-16 08:50 . 2009-02-09 10:51 401408 ------w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 08:50 . 2009-02-09 10:51 473600 ------w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 08:50 . 2009-02-06 10:39 35328 ------w c:\windows\system32\dllcache\sc.exe
2009-04-16 08:50 . 2009-02-09 10:51 683520 ------w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 08:50 . 2009-02-09 10:51 734720 ------w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 08:50 . 2009-02-09 10:51 453120 ------w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 08:50 . 2009-02-09 10:51 736256 ------w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 08:31 . 2008-04-21 21:14 219136 ------w c:\windows\system32\dllcache\wordpad.exe
2009-04-15 10:14 . 2009-04-15 13:56 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\Comodo
2009-04-15 10:14 . 2009-04-15 10:14 24336 ----a-w c:\windows\system32\drivers\cmdhlp.sys
2009-04-15 10:14 . 2009-04-15 10:14 155384 ----a-w c:\windows\system32\guard32.dll
2009-04-15 10:14 . 2009-04-15 10:14 110992 ----a-w c:\windows\system32\drivers\cmdguard.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-10 22:51 . 2001-08-31 11:00 84416 ----a-w c:\windows\system32\perfc010.dat
2009-05-10 22:51 . 2001-08-31 11:00 489142 ----a-w c:\windows\system32\perfh010.dat
2009-04-30 13:31 . 2008-11-02 13:17 60 ----a-w c:\windows\wpd99.drv
2009-04-28 20:42 . 2008-11-01 14:58 60464 ----a-w c:\documents and settings\Dami\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-04-28 09:51 . 2008-11-01 14:48 -------- d--h--w c:\programmi\InstallShield Installation Information
2009-04-22 10:00 . 2008-11-19 14:23 -------- d-----w c:\programmi\Autodesk
2009-04-22 10:00 . 2008-11-07 10:38 -------- d-----w c:\programmi\File comuni\Autodesk Shared
2009-04-09 12:50 . 2009-02-14 12:14 -------- d-----w c:\programmi\Microsoft Silverlight
2009-04-07 22:23 . 2009-04-07 22:23 253952 ------w c:\windows\Setup1.exe
2009-04-07 22:23 . 2009-04-07 22:23 74752 ----a-w c:\windows\ST6UNST.EXE
2009-04-07 12:45 . 2009-04-07 12:45 -------- d-----w c:\programmi\File comuni\ESRI
2009-04-06 17:47 . 2008-11-01 19:01 -------- d-----w c:\programmi\File comuni\Adobe
2009-03-06 14:19 . 2004-08-19 13:39 286208 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:03 . 2007-01-03 10:56 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-20 17:08 . 2007-01-03 10:56 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-11 21:36 . 2009-02-11 21:33 19554 ----a-w c:\windows\hpoins01.dat
.
((((((((((((((((((((((((((((( SnapShot@2009-04-15_09.50.59 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-12-01 23:46 . 2006-12-01 23:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2006-12-01 22:46 . 2006-12-01 22:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2008-11-01 18:51 . 2008-07-09 07:42 26488 c:\windows\system32\spupdsvc.exe
- 2008-11-01 18:51 . 2007-08-10 07:20 26488 c:\windows\system32\spupdsvc.exe
+ 2008-11-01 18:51 . 2007-11-30 12:39 18808 c:\windows\system32\spmsg.dll
- 2008-11-01 18:51 . 2008-07-09 07:42 18808 c:\windows\system32\spmsg.dll
+ 2004-08-19 13:39 . 2009-02-03 19:57 56832 c:\windows\system32\secur32.dll
+ 2001-08-31 11:00 . 2009-02-06 10:39 35328 c:\windows\system32\sc.exe
- 2007-01-03 10:56 . 2008-12-20 22:31 44544 c:\windows\system32\pngfilt.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 44544 c:\windows\system32\pngfilt.dll
+ 2001-08-31 11:00 . 2009-05-10 22:51 71250 c:\windows\system32\perfc009.dat
+ 2008-11-01 14:09 . 2008-06-12 14:21 91648 c:\windows\system32\mtxoci.dll
- 2008-11-01 14:09 . 2008-04-14 02:13 91648 c:\windows\system32\mtxoci.dll
- 2007-01-03 10:50 . 2008-04-14 02:13 66560 c:\windows\system32\mtxclu.dll
+ 2007-01-03 10:50 . 2008-06-12 14:21 66560 c:\windows\system32\mtxclu.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 52224 c:\windows\system32\msfeedsbs.dll
- 2007-01-03 10:56 . 2008-12-20 22:30 52224 c:\windows\system32\msfeedsbs.dll
+ 2008-11-01 14:09 . 2008-06-12 14:21 58880 c:\windows\system32\msdtclog.dll
- 2008-11-01 14:09 . 2008-04-14 02:13 58880 c:\windows\system32\msdtclog.dll
+ 2008-11-01 14:10 . 2001-08-31 11:00 19429 c:\windows\system32\MsDtc\Trace\msdtcvtr.bat
+ 2007-01-03 10:56 . 2009-02-20 17:08 27648 c:\windows\system32\jsproxy.dll
- 2007-01-03 10:56 . 2008-12-20 22:30 27648 c:\windows\system32\jsproxy.dll
- 2007-01-03 10:56 . 2008-12-19 09:10 13824 c:\windows\system32\ieudinit.exe
+ 2007-01-03 10:56 . 2009-02-20 10:20 13824 c:\windows\system32\ieudinit.exe
+ 2004-08-19 13:39 . 2009-02-20 17:08 44544 c:\windows\system32\iernonce.dll
- 2004-08-19 13:39 . 2008-12-20 22:30 44544 c:\windows\system32\iernonce.dll
- 2007-01-03 10:55 . 2008-12-19 09:12 70656 c:\windows\system32\ie4uinit.exe
+ 2007-01-03 10:55 . 2009-02-20 10:20 70656 c:\windows\system32\ie4uinit.exe
- 2007-01-03 10:55 . 2008-12-20 22:30 63488 c:\windows\system32\icardie.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 63488 c:\windows\system32\icardie.dll
+ 2009-04-15 10:14 . 2009-04-15 10:14 80400 c:\windows\system32\drivers\inspect.sys
- 2008-11-01 15:15 . 2008-12-20 22:31 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2008-11-01 15:15 . 2008-12-19 09:10 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2008-11-01 15:15 . 2009-02-20 10:20 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2008-11-01 15:15 . 2009-02-20 17:08 44544 c:\windows\system32\dllcache\iernonce.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 44544 c:\windows\system32\dllcache\iernonce.dll
- 2008-11-01 15:15 . 2008-12-19 09:12 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-11-01 15:15 . 2009-02-20 10:20 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2008-11-01 15:15 . 2008-12-20 22:30 63488 c:\windows\system32\dllcache\icardie.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 63488 c:\windows\system32\dllcache\icardie.dll
+ 2008-11-06 11:09 . 2009-04-30 18:34 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-04-22 10:04 . 2009-04-22 10:04 10134 c:\windows\Installer\{7A046E1F-BEB7-49C8-83E2-78E1F1C65C60}\ARPPRODUCTICON.exe
+ 2009-04-17 19:33 . 2008-12-20 22:31 44544 c:\windows\ie7updates\KB963027-IE7\pngfilt.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 52224 c:\windows\ie7updates\KB963027-IE7\msfeedsbs.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 27648 c:\windows\ie7updates\KB963027-IE7\jsproxy.dll
+ 2009-04-17 19:33 . 2008-12-19 09:10 13824 c:\windows\ie7updates\KB963027-IE7\ieudinit.exe
+ 2009-04-17 19:33 . 2008-12-20 22:30 44544 c:\windows\ie7updates\KB963027-IE7\iernonce.dll
+ 2009-04-17 19:33 . 2008-04-14 02:13 81920 c:\windows\ie7updates\KB963027-IE7\ieencode.dll
+ 2009-04-17 19:33 . 2008-12-19 09:12 70656 c:\windows\ie7updates\KB963027-IE7\ie4uinit.exe
+ 2009-04-17 19:33 . 2008-12-20 22:30 63488 c:\windows\ie7updates\KB963027-IE7\icardie.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-05-05 05:25 . 2008-05-05 05:25 3072 c:\windows\system32\xpsp4res.dll
+ 2008-11-01 16:11 . 2008-01-18 15:13 2247 c:\windows\ServicePackFiles\i386\tscdsbl.bat
+ 2008-11-01 16:11 . 2008-01-18 15:13 2247 c:\windows\Installer\tsclientmsitrans\tscdsbl.bat
+ 2009-05-06 08:55 . 2009-05-06 08:55 3262 c:\windows\Installer\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}\nfs_icon.exe
+ 2004-08-19 13:39 . 2008-12-16 12:30 354304 c:\windows\system32\winhttp.dll
- 2004-08-19 13:39 . 2008-04-14 02:13 354304 c:\windows\system32\winhttp.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 233472 c:\windows\system32\webcheck.dll
- 2007-01-03 10:56 . 2008-12-20 22:31 233472 c:\windows\system32\webcheck.dll
+ 2008-11-01 14:09 . 2009-02-06 10:10 227840 c:\windows\system32\wbem\wmiprvse.exe
+ 2008-11-01 14:09 . 2009-02-09 10:51 453120 c:\windows\system32\wbem\wmiprvsd.dll
+ 2008-11-01 14:09 . 2009-02-09 10:51 473600 c:\windows\system32\wbem\fastprox.dll
- 2007-01-03 10:56 . 2008-12-20 22:31 105984 c:\windows\system32\url.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 105984 c:\windows\system32\url.dll
+ 2004-08-19 13:39 . 2009-02-09 11:22 111104 c:\windows\system32\services.exe
+ 2004-08-19 13:39 . 2008-12-05 06:55 144896 c:\windows\system32\schannel.dll
+ 2007-01-03 10:51 . 2009-02-09 10:51 401408 c:\windows\system32\rpcss.dll
+ 2001-08-31 11:00 . 2009-05-10 22:51 441184 c:\windows\system32\perfh009.dat
- 2007-01-03 10:56 . 2008-12-20 22:31 102912 c:\windows\system32\occache.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 102912 c:\windows\system32\occache.dll
+ 2004-08-19 13:38 . 2009-02-09 10:51 736256 c:\windows\system32\ntdll.dll
- 2007-01-03 10:56 . 2008-12-20 22:31 671232 c:\windows\system32\mstime.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 671232 c:\windows\system32\mstime.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 193024 c:\windows\system32\msrating.dll
- 2007-01-03 10:56 . 2008-12-20 22:31 193024 c:\windows\system32\msrating.dll
- 2007-01-03 10:56 . 2008-12-20 22:31 477696 c:\windows\system32\mshtmled.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 477696 c:\windows\system32\mshtmled.dll
- 2007-01-03 10:56 . 2008-12-20 22:30 459264 c:\windows\system32\msfeeds.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 459264 c:\windows\system32\msfeeds.dll
- 2008-11-01 14:09 . 2008-04-14 02:13 161792 c:\windows\system32\msdtcuiu.dll
+ 2008-11-01 14:09 . 2008-06-12 14:21 161792 c:\windows\system32\msdtcuiu.dll
- 2008-11-01 14:09 . 2008-04-14 02:13 956928 c:\windows\system32\msdtctm.dll
+ 2008-11-01 14:09 . 2008-06-12 14:21 956928 c:\windows\system32\msdtctm.dll
+ 2008-11-01 14:09 . 2008-06-12 17:51 428032 c:\windows\system32\msdtcprx.dll
+ 2007-01-03 10:49 . 2009-02-09 10:51 734720 c:\windows\system32\lsasrv.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 268288 c:\windows\system32\iertutil.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 385024 c:\windows\system32\iedkcs32.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 383488 c:\windows\system32\ieapfltr.dll
- 2007-01-03 10:55 . 2008-12-20 22:30 383488 c:\windows\system32\ieapfltr.dll
- 2007-01-03 10:55 . 2008-12-19 05:23 161792 c:\windows\system32\ieakui.dll
+ 2007-01-03 10:55 . 2009-02-20 05:14 161792 c:\windows\system32\ieakui.dll
- 2007-01-03 10:55 . 2008-12-20 22:30 230400 c:\windows\system32\ieaksie.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 230400 c:\windows\system32\ieaksie.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 153088 c:\windows\system32\ieakeng.dll
- 2007-01-03 10:55 . 2008-12-20 22:30 153088 c:\windows\system32\ieakeng.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 133120 c:\windows\system32\extmgr.dll
- 2007-01-03 10:55 . 2008-12-20 22:30 133120 c:\windows\system32\extmgr.dll
- 2007-01-03 10:55 . 2008-12-20 22:30 214528 c:\windows\system32\dxtrans.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 214528 c:\windows\system32\dxtrans.dll
- 2007-01-03 10:55 . 2008-12-20 22:30 347136 c:\windows\system32\dxtmsft.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 347136 c:\windows\system32\dxtmsft.dll
+ 2008-11-01 15:15 . 2009-03-03 00:03 826368 c:\windows\system32\dllcache\wininet.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 826368 c:\windows\system32\dllcache\wininet.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 233472 c:\windows\system32\dllcache\webcheck.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 105984 c:\windows\system32\dllcache\url.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 105984 c:\windows\system32\dllcache\url.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 102912 c:\windows\system32\dllcache\occache.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 102912 c:\windows\system32\dllcache\occache.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 671232 c:\windows\system32\dllcache\mstime.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 671232 c:\windows\system32\dllcache\mstime.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 193024 c:\windows\system32\dllcache\msrating.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 193024 c:\windows\system32\dllcache\msrating.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 459264 c:\windows\system32\dllcache\msfeeds.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-06-12 17:51 . 2008-06-12 17:51 428032 c:\windows\system32\dllcache\msdtcprx.dll
+ 2008-11-01 15:15 . 2009-02-28 04:54 636072 c:\windows\system32\dllcache\iexplore.exe
+ 2008-11-01 15:15 . 2009-02-20 17:08 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 383488 c:\windows\system32\dllcache\ieapfltr.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 383488 c:\windows\system32\dllcache\ieapfltr.dll
- 2008-11-01 15:15 . 2008-12-19 05:23 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2008-11-01 15:15 . 2009-02-20 05:14 161792 c:\windows\system32\dllcache\ieakui.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 133120 c:\windows\system32\dllcache\extmgr.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 124928 c:\windows\system32\dllcache\advpack.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 124928 c:\windows\system32\dllcache\advpack.dll
- 2007-01-03 10:55 . 2008-12-20 22:30 124928 c:\windows\system32\advpack.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 124928 c:\windows\system32\advpack.dll
+ 2004-08-19 13:39 . 2009-02-09 10:51 683520 c:\windows\system32\advapi32.dll
- 2004-08-19 13:39 . 2008-04-14 02:13 683520 c:\windows\system32\advapi32.dll
- 2008-11-06 11:09 . 2009-02-11 14:37 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2009-04-17 19:33 . 2008-12-20 22:31 826368 c:\windows\ie7updates\KB963027-IE7\wininet.dll
+ 2009-04-17 19:33 . 2008-12-20 22:31 233472 c:\windows\ie7updates\KB963027-IE7\webcheck.dll
+ 2009-04-17 19:33 . 2008-12-20 22:31 105984 c:\windows\ie7updates\KB963027-IE7\url.dll
+ 2009-04-17 19:33 . 2008-07-09 07:42 402296 c:\windows\ie7updates\KB963027-IE7\spuninst\updspapi.dll
+ 2009-04-17 19:33 . 2008-07-08 13:06 233848 c:\windows\ie7updates\KB963027-IE7\spuninst\spuninst.exe
+ 2009-04-17 19:33 . 2008-12-20 22:31 102912 c:\windows\ie7updates\KB963027-IE7\occache.dll
+ 2009-04-17 19:33 . 2008-12-20 22:31 671232 c:\windows\ie7updates\KB963027-IE7\mstime.dll
+ 2009-04-17 19:33 . 2008-12-20 22:31 193024 c:\windows\ie7updates\KB963027-IE7\msrating.dll
+ 2009-04-17 19:33 . 2008-12-20 22:31 477696 c:\windows\ie7updates\KB963027-IE7\mshtmled.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 459264 c:\windows\ie7updates\KB963027-IE7\msfeeds.dll
+ 2009-04-17 19:33 . 2008-12-19 05:25 634024 c:\windows\ie7updates\KB963027-IE7\iexplore.exe
+ 2009-04-17 19:33 . 2008-12-20 22:30 267776 c:\windows\ie7updates\KB963027-IE7\iertutil.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 384512 c:\windows\ie7updates\KB963027-IE7\iedkcs32.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 383488 c:\windows\ie7updates\KB963027-IE7\ieapfltr.dll
+ 2009-04-17 19:33 . 2008-12-19 05:23 161792 c:\windows\ie7updates\KB963027-IE7\ieakui.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 230400 c:\windows\ie7updates\KB963027-IE7\ieaksie.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 153088 c:\windows\ie7updates\KB963027-IE7\ieakeng.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 133120 c:\windows\ie7updates\KB963027-IE7\extmgr.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 214528 c:\windows\ie7updates\KB963027-IE7\dxtrans.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 347136 c:\windows\ie7updates\KB963027-IE7\dxtmsft.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 124928 c:\windows\ie7updates\KB963027-IE7\advpack.dll
+ 2009-04-22 10:03 . 2009-04-22 10:03 884736 c:\windows\assembly\GAC_MSIL\Microsoft.Web.Services3\3.0.0.0__31bf3856ad364e35\Microsoft.Web.Services3.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-04-16 08:49 . 2008-04-15 17:47 1724416 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll
+ 2007-01-03 10:52 . 2009-02-09 14:04 1846784 c:\windows\system32\win32k.sys
+ 2007-01-03 10:56 . 2009-02-20 17:08 1160192 c:\windows\system32\urlmon.dll
- 2007-01-03 10:56 . 2008-12-20 22:31 1160192 c:\windows\system32\urlmon.dll
+ 2007-01-03 10:50 . 2008-12-20 22:13 1293312 c:\windows\system32\quartz.dll
- 2007-01-03 10:50 . 2008-05-07 05:10 1293312 c:\windows\system32\quartz.dll
- 2007-01-03 10:50 . 2008-08-14 13:22 2148864 c:\windows\system32\ntoskrnl.exe
+ 2007-01-03 10:50 . 2009-02-09 11:22 2148864 c:\windows\system32\ntoskrnl.exe
+ 2006-10-30 15:01 . 2009-02-09 11:23 2027520 c:\windows\system32\ntkrnlpa.exe
- 2006-10-30 15:01 . 2008-08-14 13:22 2027520 c:\windows\system32\ntkrnlpa.exe
+ 2007-01-03 10:56 . 2009-02-20 17:08 3595264 c:\windows\system32\mshtml.dll
- 2007-01-03 10:49 . 2008-04-14 02:13 1033728 c:\windows\system32\kernel32.dll
+ 2007-01-03 10:49 . 2009-03-21 14:06 1033728 c:\windows\system32\kernel32.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 6066176 c:\windows\system32\ieframe.dll
+ 2007-01-03 10:55 . 2008-07-09 14:25 2455488 c:\windows\system32\ieapfltr.dat
- 2007-01-03 10:55 . 2007-04-17 09:32 2455488 c:\windows\system32\ieapfltr.dat
+ 2008-11-01 15:03 . 2009-04-29 18:46 2292560 c:\windows\system32\FNTCACHE.DAT
+ 2008-11-01 15:11 . 2009-02-09 14:04 1846784 c:\windows\system32\dllcache\win32k.sys
+ 2008-11-01 15:15 . 2009-02-20 17:08 1160192 c:\windows\system32\dllcache\urlmon.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 1160192 c:\windows\system32\dllcache\urlmon.dll
+ 2008-11-01 15:13 . 2008-12-20 22:13 1293312 c:\windows\system32\dllcache\quartz.dll
- 2008-11-01 15:13 . 2008-05-07 05:10 1293312 c:\windows\system32\dllcache\quartz.dll
+ 2008-11-01 15:11 . 2009-02-09 11:23 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-11-01 15:11 . 2009-02-09 11:23 2027520 c:\windows\system32\dllcache\ntkrpamp.exe
- 2008-11-01 15:11 . 2008-08-14 13:22 2027520 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-11-01 15:11 . 2009-02-10 17:02 2069760 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-11-01 15:11 . 2008-08-14 13:22 2069760 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-11-01 15:11 . 2009-02-09 11:22 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2008-11-01 15:11 . 2008-08-14 13:22 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-27 13:27 . 2009-02-20 17:08 3595264 c:\windows\system32\dllcache\mshtml.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 6066176 c:\windows\system32\dllcache\ieframe.dll
+ 2008-11-01 15:15 . 2008-07-09 14:25 2455488 c:\windows\system32\dllcache\ieapfltr.dat
- 2008-11-01 15:15 . 2007-04-17 09:32 2455488 c:\windows\system32\dllcache\ieapfltr.dat
- 2008-11-06 11:09 . 2009-02-11 14:37 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-04-17 19:33 . 2008-12-20 22:31 1160192 c:\windows\ie7updates\KB963027-IE7\urlmon.dll
+ 2009-04-17 19:33 . 2009-01-16 20:15 3594752 c:\windows\ie7updates\KB963027-IE7\mshtml.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 6066688 c:\windows\ie7updates\KB963027-IE7\ieframe.dll
+ 2009-04-17 19:33 . 2007-04-17 09:32 2455488 c:\windows\ie7updates\KB963027-IE7\ieapfltr.dat
+ 2008-11-01 15:11 . 2009-02-09 11:23 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2008-11-01 15:11 . 2008-08-14 13:22 2027520 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-11-01 15:11 . 2009-02-09 11:23 2027520 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-11-01 15:11 . 2008-08-14 13:22 2069760 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-11-01 15:11 . 2009-02-10 17:02 2069760 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-11-01 15:11 . 2008-08-14 13:22 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-11-01 15:11 . 2009-02-09 11:22 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-05-06 08:36 . 2009-05-06 08:36 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-01-03 10:54 . 2008-11-11 16:34 10838016 c:\windows\system32\wmp.dll
+ 2007-01-03 10:52 . 2009-04-06 05:57 24921544 c:\windows\system32\MRT.exe
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AzMixerSel"="c:\programmi\Realtek\InstallShield\AzMixerSel.exe" [2006-08-16 53248]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-21 7581696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-21 86016]
"avgnt"="c:\programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"LManager"="d:\progra~1\LAUNCH~1\LManager.exe" [2006-07-20 593920]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-04-14 344064]
"Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-01-20 3080192]
"COMODO Internet Security"="d:\programmi\Comodo\COMODO Internet Security\cfp.exe" [2009-04-15 1851128]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-08-16 16248320]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-07-21 1519616]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-02-20 124928]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^hp psc 1000 series.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Watch.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Watch.lnk
backup=c:\windows\pss\Watch.lnkCommon Startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Giochi\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"d:\\Programmi\\uusee\\UUSeePlayer.exe"=
"d:\\Programmi\\VoipBuster\\VoipBuster.exe"=
"c:\\Programmi\\File comuni\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Programmi\\Autodesk\\Backburner\\monitor.exe"=
"d:\\Programmi\\Autodesk\\Backburner\\manager.exe"=
"d:\\Programmi\\Autodesk\\Backburner\\server.exe"=
"d:\\Programmi\\Autodesk\\3ds Max 2009\\3dsmax.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5353:TCP"= 5353:TCP:Adobe CSI CS4
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [15/04/2009 12.14.46 110992]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [15/04/2009 12.14.46 24336]
S2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;d:\programmi\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [10/03/2008 0.04.52 65536]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\programmi\NOS\bin\getPlus_HelperSvc.exe [01/11/2008 21.45.15 33752]
S3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [01/11/2008 21.40.08 847392]
--- Altri Servizi/Drivers In Memoria ---
*NewlyCreated* - MDMXSDK
*NewlyCreated* - PARPORT
.
Contenuto della cartella 'Scheduled Tasks'
2009-04-21 c:\windows\Tasks\FRU Task 2003-04-10 00:56ewlett-Packard2003-04-10 00:56p psc 1100 series272A572217594EBCF1CEE215E352B92AD073FDE4234388305.job
- d:\programmi\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-09 16:56]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Settings,ProxyOverride = *.local
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Dami\Dati applicazioni\Mozilla\Firefox\Profiles\vmul9m0z.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - prefs.js: network.proxy.type - 2
FF - component: d:\programmi\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\documents and settings\Dami\Dati applicazioni\Mozilla\Firefox\Profiles\vmul9m0z.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: d:\programmi\Adobe\Acrobat\Reader\browser\nppdf32.dll
FF - plugin: d:\programmi\Firefox\plugins\np-mswmp.dll
FF - plugin: d:\programmi\iTunes\Mozilla Plugins\npitunes.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-11 00:57
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
Ora fine scansione: 2009-05-10 0.59.39
ComboFix-quarantined-files.txt 2009-05-10 22:59
ComboFix2.txt 2009-04-15 09:51
Pre-Run: 25.778.737.152 byte disponibili
Post-Run: 25.870.274.560 byte disponibili
433 --- E O F --- 2009-04-30 18:35
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2046.1777 [GMT 2:00]
Eseguito da: c:\documents and settings\Dami\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated)
FW: COMODO Firewall *enabled*
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\IMPLODE.DLL
.
((((((((((((((((((((((((( Files Creati Da 2009-04-10 al 2009-05-10 )))))))))))))))))))))))))))))))))))
.
2009-04-22 10:04 . 2009-04-22 10:04 -------- d-----w c:\programmi\Turbo Squid Tentacles
2009-04-22 10:03 . 2009-04-22 10:03 -------- d-----w c:\programmi\Microsoft WSE
2009-04-21 09:26 . 1997-06-06 12:52 11264 ----a-w c:\windows\system32\SPORDER.DLL
2009-04-18 10:03 . 2004-08-19 13:39 221184 ----a-w c:\windows\system32\wmpns.dll
2009-04-16 08:59 . 2008-12-16 12:30 354304 ------w c:\windows\system32\dllcache\winhttp.dll
2009-04-16 08:59 . 2009-02-03 19:57 56832 ------w c:\windows\system32\dllcache\secur32.dll
2009-04-16 08:59 . 2009-03-21 14:06 1033728 ------w c:\windows\system32\dllcache\kernel32.dll
2009-04-16 08:59 . 2009-02-20 17:08 78336 ------w c:\windows\system32\dllcache\ieencode.dll
2009-04-16 08:57 . 2008-12-05 06:55 144896 ------w c:\windows\system32\dllcache\schannel.dll
2009-04-16 08:57 . 2008-06-12 14:21 956928 ------w c:\windows\system32\dllcache\msdtctm.dll
2009-04-16 08:57 . 2008-06-12 14:21 66560 ------w c:\windows\system32\dllcache\mtxclu.dll
2009-04-16 08:57 . 2008-06-12 14:21 161792 ------w c:\windows\system32\dllcache\msdtcuiu.dll
2009-04-16 08:57 . 2008-06-12 14:21 91648 ------w c:\windows\system32\dllcache\mtxoci.dll
2009-04-16 08:57 . 2008-06-12 14:21 58880 ------w c:\windows\system32\dllcache\msdtclog.dll
2009-04-16 08:50 . 2009-02-06 10:10 227840 ------w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 08:50 . 2009-03-06 14:19 286208 ------w c:\windows\system32\dllcache\pdh.dll
2009-04-16 08:50 . 2009-02-09 11:22 111104 ------w c:\windows\system32\dllcache\services.exe
2009-04-16 08:50 . 2009-02-09 10:51 401408 ------w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 08:50 . 2009-02-09 10:51 473600 ------w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 08:50 . 2009-02-06 10:39 35328 ------w c:\windows\system32\dllcache\sc.exe
2009-04-16 08:50 . 2009-02-09 10:51 683520 ------w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 08:50 . 2009-02-09 10:51 734720 ------w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 08:50 . 2009-02-09 10:51 453120 ------w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 08:50 . 2009-02-09 10:51 736256 ------w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 08:31 . 2008-04-21 21:14 219136 ------w c:\windows\system32\dllcache\wordpad.exe
2009-04-15 10:14 . 2009-04-15 13:56 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\Comodo
2009-04-15 10:14 . 2009-04-15 10:14 24336 ----a-w c:\windows\system32\drivers\cmdhlp.sys
2009-04-15 10:14 . 2009-04-15 10:14 155384 ----a-w c:\windows\system32\guard32.dll
2009-04-15 10:14 . 2009-04-15 10:14 110992 ----a-w c:\windows\system32\drivers\cmdguard.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-10 22:51 . 2001-08-31 11:00 84416 ----a-w c:\windows\system32\perfc010.dat
2009-05-10 22:51 . 2001-08-31 11:00 489142 ----a-w c:\windows\system32\perfh010.dat
2009-04-30 13:31 . 2008-11-02 13:17 60 ----a-w c:\windows\wpd99.drv
2009-04-28 20:42 . 2008-11-01 14:58 60464 ----a-w c:\documents and settings\Dami\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-04-28 09:51 . 2008-11-01 14:48 -------- d--h--w c:\programmi\InstallShield Installation Information
2009-04-22 10:00 . 2008-11-19 14:23 -------- d-----w c:\programmi\Autodesk
2009-04-22 10:00 . 2008-11-07 10:38 -------- d-----w c:\programmi\File comuni\Autodesk Shared
2009-04-09 12:50 . 2009-02-14 12:14 -------- d-----w c:\programmi\Microsoft Silverlight
2009-04-07 22:23 . 2009-04-07 22:23 253952 ------w c:\windows\Setup1.exe
2009-04-07 22:23 . 2009-04-07 22:23 74752 ----a-w c:\windows\ST6UNST.EXE
2009-04-07 12:45 . 2009-04-07 12:45 -------- d-----w c:\programmi\File comuni\ESRI
2009-04-06 17:47 . 2008-11-01 19:01 -------- d-----w c:\programmi\File comuni\Adobe
2009-03-06 14:19 . 2004-08-19 13:39 286208 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:03 . 2007-01-03 10:56 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-20 17:08 . 2007-01-03 10:56 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-11 21:36 . 2009-02-11 21:33 19554 ----a-w c:\windows\hpoins01.dat
.
((((((((((((((((((((((((((((( SnapShot@2009-04-15_09.50.59 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-12-01 23:46 . 2006-12-01 23:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2006-12-01 22:46 . 2006-12-01 22:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2008-11-01 18:51 . 2008-07-09 07:42 26488 c:\windows\system32\spupdsvc.exe
- 2008-11-01 18:51 . 2007-08-10 07:20 26488 c:\windows\system32\spupdsvc.exe
+ 2008-11-01 18:51 . 2007-11-30 12:39 18808 c:\windows\system32\spmsg.dll
- 2008-11-01 18:51 . 2008-07-09 07:42 18808 c:\windows\system32\spmsg.dll
+ 2004-08-19 13:39 . 2009-02-03 19:57 56832 c:\windows\system32\secur32.dll
+ 2001-08-31 11:00 . 2009-02-06 10:39 35328 c:\windows\system32\sc.exe
- 2007-01-03 10:56 . 2008-12-20 22:31 44544 c:\windows\system32\pngfilt.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 44544 c:\windows\system32\pngfilt.dll
+ 2001-08-31 11:00 . 2009-05-10 22:51 71250 c:\windows\system32\perfc009.dat
+ 2008-11-01 14:09 . 2008-06-12 14:21 91648 c:\windows\system32\mtxoci.dll
- 2008-11-01 14:09 . 2008-04-14 02:13 91648 c:\windows\system32\mtxoci.dll
- 2007-01-03 10:50 . 2008-04-14 02:13 66560 c:\windows\system32\mtxclu.dll
+ 2007-01-03 10:50 . 2008-06-12 14:21 66560 c:\windows\system32\mtxclu.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 52224 c:\windows\system32\msfeedsbs.dll
- 2007-01-03 10:56 . 2008-12-20 22:30 52224 c:\windows\system32\msfeedsbs.dll
+ 2008-11-01 14:09 . 2008-06-12 14:21 58880 c:\windows\system32\msdtclog.dll
- 2008-11-01 14:09 . 2008-04-14 02:13 58880 c:\windows\system32\msdtclog.dll
+ 2008-11-01 14:10 . 2001-08-31 11:00 19429 c:\windows\system32\MsDtc\Trace\msdtcvtr.bat
+ 2007-01-03 10:56 . 2009-02-20 17:08 27648 c:\windows\system32\jsproxy.dll
- 2007-01-03 10:56 . 2008-12-20 22:30 27648 c:\windows\system32\jsproxy.dll
- 2007-01-03 10:56 . 2008-12-19 09:10 13824 c:\windows\system32\ieudinit.exe
+ 2007-01-03 10:56 . 2009-02-20 10:20 13824 c:\windows\system32\ieudinit.exe
+ 2004-08-19 13:39 . 2009-02-20 17:08 44544 c:\windows\system32\iernonce.dll
- 2004-08-19 13:39 . 2008-12-20 22:30 44544 c:\windows\system32\iernonce.dll
- 2007-01-03 10:55 . 2008-12-19 09:12 70656 c:\windows\system32\ie4uinit.exe
+ 2007-01-03 10:55 . 2009-02-20 10:20 70656 c:\windows\system32\ie4uinit.exe
- 2007-01-03 10:55 . 2008-12-20 22:30 63488 c:\windows\system32\icardie.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 63488 c:\windows\system32\icardie.dll
+ 2009-04-15 10:14 . 2009-04-15 10:14 80400 c:\windows\system32\drivers\inspect.sys
- 2008-11-01 15:15 . 2008-12-20 22:31 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2008-11-01 15:15 . 2008-12-19 09:10 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2008-11-01 15:15 . 2009-02-20 10:20 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2008-11-01 15:15 . 2009-02-20 17:08 44544 c:\windows\system32\dllcache\iernonce.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 44544 c:\windows\system32\dllcache\iernonce.dll
- 2008-11-01 15:15 . 2008-12-19 09:12 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-11-01 15:15 . 2009-02-20 10:20 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2008-11-01 15:15 . 2008-12-20 22:30 63488 c:\windows\system32\dllcache\icardie.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 63488 c:\windows\system32\dllcache\icardie.dll
+ 2008-11-06 11:09 . 2009-04-30 18:34 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-04-22 10:04 . 2009-04-22 10:04 10134 c:\windows\Installer\{7A046E1F-BEB7-49C8-83E2-78E1F1C65C60}\ARPPRODUCTICON.exe
+ 2009-04-17 19:33 . 2008-12-20 22:31 44544 c:\windows\ie7updates\KB963027-IE7\pngfilt.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 52224 c:\windows\ie7updates\KB963027-IE7\msfeedsbs.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 27648 c:\windows\ie7updates\KB963027-IE7\jsproxy.dll
+ 2009-04-17 19:33 . 2008-12-19 09:10 13824 c:\windows\ie7updates\KB963027-IE7\ieudinit.exe
+ 2009-04-17 19:33 . 2008-12-20 22:30 44544 c:\windows\ie7updates\KB963027-IE7\iernonce.dll
+ 2009-04-17 19:33 . 2008-04-14 02:13 81920 c:\windows\ie7updates\KB963027-IE7\ieencode.dll
+ 2009-04-17 19:33 . 2008-12-19 09:12 70656 c:\windows\ie7updates\KB963027-IE7\ie4uinit.exe
+ 2009-04-17 19:33 . 2008-12-20 22:30 63488 c:\windows\ie7updates\KB963027-IE7\icardie.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-05-05 05:25 . 2008-05-05 05:25 3072 c:\windows\system32\xpsp4res.dll
+ 2008-11-01 16:11 . 2008-01-18 15:13 2247 c:\windows\ServicePackFiles\i386\tscdsbl.bat
+ 2008-11-01 16:11 . 2008-01-18 15:13 2247 c:\windows\Installer\tsclientmsitrans\tscdsbl.bat
+ 2009-05-06 08:55 . 2009-05-06 08:55 3262 c:\windows\Installer\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}\nfs_icon.exe
+ 2004-08-19 13:39 . 2008-12-16 12:30 354304 c:\windows\system32\winhttp.dll
- 2004-08-19 13:39 . 2008-04-14 02:13 354304 c:\windows\system32\winhttp.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 233472 c:\windows\system32\webcheck.dll
- 2007-01-03 10:56 . 2008-12-20 22:31 233472 c:\windows\system32\webcheck.dll
+ 2008-11-01 14:09 . 2009-02-06 10:10 227840 c:\windows\system32\wbem\wmiprvse.exe
+ 2008-11-01 14:09 . 2009-02-09 10:51 453120 c:\windows\system32\wbem\wmiprvsd.dll
+ 2008-11-01 14:09 . 2009-02-09 10:51 473600 c:\windows\system32\wbem\fastprox.dll
- 2007-01-03 10:56 . 2008-12-20 22:31 105984 c:\windows\system32\url.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 105984 c:\windows\system32\url.dll
+ 2004-08-19 13:39 . 2009-02-09 11:22 111104 c:\windows\system32\services.exe
+ 2004-08-19 13:39 . 2008-12-05 06:55 144896 c:\windows\system32\schannel.dll
+ 2007-01-03 10:51 . 2009-02-09 10:51 401408 c:\windows\system32\rpcss.dll
+ 2001-08-31 11:00 . 2009-05-10 22:51 441184 c:\windows\system32\perfh009.dat
- 2007-01-03 10:56 . 2008-12-20 22:31 102912 c:\windows\system32\occache.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 102912 c:\windows\system32\occache.dll
+ 2004-08-19 13:38 . 2009-02-09 10:51 736256 c:\windows\system32\ntdll.dll
- 2007-01-03 10:56 . 2008-12-20 22:31 671232 c:\windows\system32\mstime.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 671232 c:\windows\system32\mstime.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 193024 c:\windows\system32\msrating.dll
- 2007-01-03 10:56 . 2008-12-20 22:31 193024 c:\windows\system32\msrating.dll
- 2007-01-03 10:56 . 2008-12-20 22:31 477696 c:\windows\system32\mshtmled.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 477696 c:\windows\system32\mshtmled.dll
- 2007-01-03 10:56 . 2008-12-20 22:30 459264 c:\windows\system32\msfeeds.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 459264 c:\windows\system32\msfeeds.dll
- 2008-11-01 14:09 . 2008-04-14 02:13 161792 c:\windows\system32\msdtcuiu.dll
+ 2008-11-01 14:09 . 2008-06-12 14:21 161792 c:\windows\system32\msdtcuiu.dll
- 2008-11-01 14:09 . 2008-04-14 02:13 956928 c:\windows\system32\msdtctm.dll
+ 2008-11-01 14:09 . 2008-06-12 14:21 956928 c:\windows\system32\msdtctm.dll
+ 2008-11-01 14:09 . 2008-06-12 17:51 428032 c:\windows\system32\msdtcprx.dll
+ 2007-01-03 10:49 . 2009-02-09 10:51 734720 c:\windows\system32\lsasrv.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 268288 c:\windows\system32\iertutil.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 385024 c:\windows\system32\iedkcs32.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 383488 c:\windows\system32\ieapfltr.dll
- 2007-01-03 10:55 . 2008-12-20 22:30 383488 c:\windows\system32\ieapfltr.dll
- 2007-01-03 10:55 . 2008-12-19 05:23 161792 c:\windows\system32\ieakui.dll
+ 2007-01-03 10:55 . 2009-02-20 05:14 161792 c:\windows\system32\ieakui.dll
- 2007-01-03 10:55 . 2008-12-20 22:30 230400 c:\windows\system32\ieaksie.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 230400 c:\windows\system32\ieaksie.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 153088 c:\windows\system32\ieakeng.dll
- 2007-01-03 10:55 . 2008-12-20 22:30 153088 c:\windows\system32\ieakeng.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 133120 c:\windows\system32\extmgr.dll
- 2007-01-03 10:55 . 2008-12-20 22:30 133120 c:\windows\system32\extmgr.dll
- 2007-01-03 10:55 . 2008-12-20 22:30 214528 c:\windows\system32\dxtrans.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 214528 c:\windows\system32\dxtrans.dll
- 2007-01-03 10:55 . 2008-12-20 22:30 347136 c:\windows\system32\dxtmsft.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 347136 c:\windows\system32\dxtmsft.dll
+ 2008-11-01 15:15 . 2009-03-03 00:03 826368 c:\windows\system32\dllcache\wininet.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 826368 c:\windows\system32\dllcache\wininet.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 233472 c:\windows\system32\dllcache\webcheck.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 105984 c:\windows\system32\dllcache\url.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 105984 c:\windows\system32\dllcache\url.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 102912 c:\windows\system32\dllcache\occache.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 102912 c:\windows\system32\dllcache\occache.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 671232 c:\windows\system32\dllcache\mstime.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 671232 c:\windows\system32\dllcache\mstime.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 193024 c:\windows\system32\dllcache\msrating.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 193024 c:\windows\system32\dllcache\msrating.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 459264 c:\windows\system32\dllcache\msfeeds.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-06-12 17:51 . 2008-06-12 17:51 428032 c:\windows\system32\dllcache\msdtcprx.dll
+ 2008-11-01 15:15 . 2009-02-28 04:54 636072 c:\windows\system32\dllcache\iexplore.exe
+ 2008-11-01 15:15 . 2009-02-20 17:08 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 383488 c:\windows\system32\dllcache\ieapfltr.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 383488 c:\windows\system32\dllcache\ieapfltr.dll
- 2008-11-01 15:15 . 2008-12-19 05:23 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2008-11-01 15:15 . 2009-02-20 05:14 161792 c:\windows\system32\dllcache\ieakui.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 133120 c:\windows\system32\dllcache\extmgr.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 124928 c:\windows\system32\dllcache\advpack.dll
- 2008-11-01 15:15 . 2008-12-20 22:30 124928 c:\windows\system32\dllcache\advpack.dll
- 2007-01-03 10:55 . 2008-12-20 22:30 124928 c:\windows\system32\advpack.dll
+ 2007-01-03 10:55 . 2009-02-20 17:08 124928 c:\windows\system32\advpack.dll
+ 2004-08-19 13:39 . 2009-02-09 10:51 683520 c:\windows\system32\advapi32.dll
- 2004-08-19 13:39 . 2008-04-14 02:13 683520 c:\windows\system32\advapi32.dll
- 2008-11-06 11:09 . 2009-02-11 14:37 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2009-04-17 19:33 . 2008-12-20 22:31 826368 c:\windows\ie7updates\KB963027-IE7\wininet.dll
+ 2009-04-17 19:33 . 2008-12-20 22:31 233472 c:\windows\ie7updates\KB963027-IE7\webcheck.dll
+ 2009-04-17 19:33 . 2008-12-20 22:31 105984 c:\windows\ie7updates\KB963027-IE7\url.dll
+ 2009-04-17 19:33 . 2008-07-09 07:42 402296 c:\windows\ie7updates\KB963027-IE7\spuninst\updspapi.dll
+ 2009-04-17 19:33 . 2008-07-08 13:06 233848 c:\windows\ie7updates\KB963027-IE7\spuninst\spuninst.exe
+ 2009-04-17 19:33 . 2008-12-20 22:31 102912 c:\windows\ie7updates\KB963027-IE7\occache.dll
+ 2009-04-17 19:33 . 2008-12-20 22:31 671232 c:\windows\ie7updates\KB963027-IE7\mstime.dll
+ 2009-04-17 19:33 . 2008-12-20 22:31 193024 c:\windows\ie7updates\KB963027-IE7\msrating.dll
+ 2009-04-17 19:33 . 2008-12-20 22:31 477696 c:\windows\ie7updates\KB963027-IE7\mshtmled.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 459264 c:\windows\ie7updates\KB963027-IE7\msfeeds.dll
+ 2009-04-17 19:33 . 2008-12-19 05:25 634024 c:\windows\ie7updates\KB963027-IE7\iexplore.exe
+ 2009-04-17 19:33 . 2008-12-20 22:30 267776 c:\windows\ie7updates\KB963027-IE7\iertutil.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 384512 c:\windows\ie7updates\KB963027-IE7\iedkcs32.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 383488 c:\windows\ie7updates\KB963027-IE7\ieapfltr.dll
+ 2009-04-17 19:33 . 2008-12-19 05:23 161792 c:\windows\ie7updates\KB963027-IE7\ieakui.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 230400 c:\windows\ie7updates\KB963027-IE7\ieaksie.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 153088 c:\windows\ie7updates\KB963027-IE7\ieakeng.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 133120 c:\windows\ie7updates\KB963027-IE7\extmgr.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 214528 c:\windows\ie7updates\KB963027-IE7\dxtrans.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 347136 c:\windows\ie7updates\KB963027-IE7\dxtmsft.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 124928 c:\windows\ie7updates\KB963027-IE7\advpack.dll
+ 2009-04-22 10:03 . 2009-04-22 10:03 884736 c:\windows\assembly\GAC_MSIL\Microsoft.Web.Services3\3.0.0.0__31bf3856ad364e35\Microsoft.Web.Services3.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-04-16 08:49 . 2008-04-15 17:47 1724416 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll
+ 2007-01-03 10:52 . 2009-02-09 14:04 1846784 c:\windows\system32\win32k.sys
+ 2007-01-03 10:56 . 2009-02-20 17:08 1160192 c:\windows\system32\urlmon.dll
- 2007-01-03 10:56 . 2008-12-20 22:31 1160192 c:\windows\system32\urlmon.dll
+ 2007-01-03 10:50 . 2008-12-20 22:13 1293312 c:\windows\system32\quartz.dll
- 2007-01-03 10:50 . 2008-05-07 05:10 1293312 c:\windows\system32\quartz.dll
- 2007-01-03 10:50 . 2008-08-14 13:22 2148864 c:\windows\system32\ntoskrnl.exe
+ 2007-01-03 10:50 . 2009-02-09 11:22 2148864 c:\windows\system32\ntoskrnl.exe
+ 2006-10-30 15:01 . 2009-02-09 11:23 2027520 c:\windows\system32\ntkrnlpa.exe
- 2006-10-30 15:01 . 2008-08-14 13:22 2027520 c:\windows\system32\ntkrnlpa.exe
+ 2007-01-03 10:56 . 2009-02-20 17:08 3595264 c:\windows\system32\mshtml.dll
- 2007-01-03 10:49 . 2008-04-14 02:13 1033728 c:\windows\system32\kernel32.dll
+ 2007-01-03 10:49 . 2009-03-21 14:06 1033728 c:\windows\system32\kernel32.dll
+ 2007-01-03 10:56 . 2009-02-20 17:08 6066176 c:\windows\system32\ieframe.dll
+ 2007-01-03 10:55 . 2008-07-09 14:25 2455488 c:\windows\system32\ieapfltr.dat
- 2007-01-03 10:55 . 2007-04-17 09:32 2455488 c:\windows\system32\ieapfltr.dat
+ 2008-11-01 15:03 . 2009-04-29 18:46 2292560 c:\windows\system32\FNTCACHE.DAT
+ 2008-11-01 15:11 . 2009-02-09 14:04 1846784 c:\windows\system32\dllcache\win32k.sys
+ 2008-11-01 15:15 . 2009-02-20 17:08 1160192 c:\windows\system32\dllcache\urlmon.dll
- 2008-11-01 15:15 . 2008-12-20 22:31 1160192 c:\windows\system32\dllcache\urlmon.dll
+ 2008-11-01 15:13 . 2008-12-20 22:13 1293312 c:\windows\system32\dllcache\quartz.dll
- 2008-11-01 15:13 . 2008-05-07 05:10 1293312 c:\windows\system32\dllcache\quartz.dll
+ 2008-11-01 15:11 . 2009-02-09 11:23 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-11-01 15:11 . 2009-02-09 11:23 2027520 c:\windows\system32\dllcache\ntkrpamp.exe
- 2008-11-01 15:11 . 2008-08-14 13:22 2027520 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-11-01 15:11 . 2009-02-10 17:02 2069760 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-11-01 15:11 . 2008-08-14 13:22 2069760 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-11-01 15:11 . 2009-02-09 11:22 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2008-11-01 15:11 . 2008-08-14 13:22 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-27 13:27 . 2009-02-20 17:08 3595264 c:\windows\system32\dllcache\mshtml.dll
+ 2008-11-01 15:15 . 2009-02-20 17:08 6066176 c:\windows\system32\dllcache\ieframe.dll
+ 2008-11-01 15:15 . 2008-07-09 14:25 2455488 c:\windows\system32\dllcache\ieapfltr.dat
- 2008-11-01 15:15 . 2007-04-17 09:32 2455488 c:\windows\system32\dllcache\ieapfltr.dat
- 2008-11-06 11:09 . 2009-02-11 14:37 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-11-06 11:09 . 2009-02-11 14:37 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-11-06 11:09 . 2009-04-30 18:34 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-04-17 19:33 . 2008-12-20 22:31 1160192 c:\windows\ie7updates\KB963027-IE7\urlmon.dll
+ 2009-04-17 19:33 . 2009-01-16 20:15 3594752 c:\windows\ie7updates\KB963027-IE7\mshtml.dll
+ 2009-04-17 19:33 . 2008-12-20 22:30 6066688 c:\windows\ie7updates\KB963027-IE7\ieframe.dll
+ 2009-04-17 19:33 . 2007-04-17 09:32 2455488 c:\windows\ie7updates\KB963027-IE7\ieapfltr.dat
+ 2008-11-01 15:11 . 2009-02-09 11:23 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2008-11-01 15:11 . 2008-08-14 13:22 2027520 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-11-01 15:11 . 2009-02-09 11:23 2027520 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-11-01 15:11 . 2008-08-14 13:22 2069760 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-11-01 15:11 . 2009-02-10 17:02 2069760 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-11-01 15:11 . 2008-08-14 13:22 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-11-01 15:11 . 2009-02-09 11:22 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-05-06 08:36 . 2009-05-06 08:36 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-05-06 08:36 . 2009-05-06 08:36 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-12-15 22:25 . 2008-12-15 22:25 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-01-03 10:54 . 2008-11-11 16:34 10838016 c:\windows\system32\wmp.dll
+ 2007-01-03 10:52 . 2009-04-06 05:57 24921544 c:\windows\system32\MRT.exe
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AzMixerSel"="c:\programmi\Realtek\InstallShield\AzMixerSel.exe" [2006-08-16 53248]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-21 7581696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-21 86016]
"avgnt"="c:\programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"LManager"="d:\progra~1\LAUNCH~1\LManager.exe" [2006-07-20 593920]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-04-14 344064]
"Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-01-20 3080192]
"COMODO Internet Security"="d:\programmi\Comodo\COMODO Internet Security\cfp.exe" [2009-04-15 1851128]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-08-16 16248320]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-07-21 1519616]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-02-20 124928]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^hp psc 1000 series.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Watch.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Watch.lnk
backup=c:\windows\pss\Watch.lnkCommon Startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Giochi\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"d:\\Programmi\\uusee\\UUSeePlayer.exe"=
"d:\\Programmi\\VoipBuster\\VoipBuster.exe"=
"c:\\Programmi\\File comuni\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Programmi\\Autodesk\\Backburner\\monitor.exe"=
"d:\\Programmi\\Autodesk\\Backburner\\manager.exe"=
"d:\\Programmi\\Autodesk\\Backburner\\server.exe"=
"d:\\Programmi\\Autodesk\\3ds Max 2009\\3dsmax.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5353:TCP"= 5353:TCP:Adobe CSI CS4
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [15/04/2009 12.14.46 110992]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [15/04/2009 12.14.46 24336]
S2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;d:\programmi\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [10/03/2008 0.04.52 65536]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\programmi\NOS\bin\getPlus_HelperSvc.exe [01/11/2008 21.45.15 33752]
S3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [01/11/2008 21.40.08 847392]
--- Altri Servizi/Drivers In Memoria ---
*NewlyCreated* - MDMXSDK
*NewlyCreated* - PARPORT
.
Contenuto della cartella 'Scheduled Tasks'
2009-04-21 c:\windows\Tasks\FRU Task 2003-04-10 00:56ewlett-Packard2003-04-10 00:56p psc 1100 series272A572217594EBCF1CEE215E352B92AD073FDE4234388305.job
- d:\programmi\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-09 16:56]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Settings,ProxyOverride = *.local
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Dami\Dati applicazioni\Mozilla\Firefox\Profiles\vmul9m0z.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - prefs.js: network.proxy.type - 2
FF - component: d:\programmi\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\documents and settings\Dami\Dati applicazioni\Mozilla\Firefox\Profiles\vmul9m0z.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: d:\programmi\Adobe\Acrobat\Reader\browser\nppdf32.dll
FF - plugin: d:\programmi\Firefox\plugins\np-mswmp.dll
FF - plugin: d:\programmi\iTunes\Mozilla Plugins\npitunes.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-11 00:57
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
Ora fine scansione: 2009-05-10 0.59.39
ComboFix-quarantined-files.txt 2009-05-10 22:59
ComboFix2.txt 2009-04-15 09:51
Pre-Run: 25.778.737.152 byte disponibili
Post-Run: 25.870.274.560 byte disponibili
433 --- E O F --- 2009-04-30 18:35
la situazione non è cambiata, ho fatto una pulizia con ccleaner, ma niente...sempre lento! Ad avviare 3d studio max ci mette un'eternità, come per altri programmi che ciucciano tanta ram.
questo è il log attuale con hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9.36.12, on 11/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\Programmi\Comodo\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\RTHDCPL.EXE
D:\Programmi\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
D:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
D:\Programmi\Comodo\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\Dami\IMPOST~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
D:\Programmi\Trend Micro\HijackThis\HijackThis.exe
D:\Programmi\Firefox\firefox.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://wpad.polimi.it/wpad.dat
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [LManager] D:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\Programmi\Comodo\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - D:\Programmi\Comodo\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Programmi\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programmi\File comuni\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - D:\Programmi\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7739 bytes
Scan saved at 9.36.12, on 11/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\Programmi\Comodo\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\RTHDCPL.EXE
D:\Programmi\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
D:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
D:\Programmi\Comodo\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\Dami\IMPOST~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
D:\Programmi\Trend Micro\HijackThis\HijackThis.exe
D:\Programmi\Firefox\firefox.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://wpad.polimi.it/wpad.dat
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [LManager] D:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\Programmi\Comodo\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - D:\Programmi\Comodo\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Programmi\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programmi\File comuni\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - D:\Programmi\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7739 bytes
e questo uno screen shot del taskmanager...http://www.mediafire.com/file/omyyzomzorj/Immagine.JPG
ci sono un sacco di processi che non vorrei che partissero all'avvio ma che non riesco ad eliminare (ho provato da ccleaner) e si avviano ugualmente ogni volta.
Ciao e grazie