ComboFix 10-06-06.04 - Gianni 07/06/2010 14.19.40.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.1791.850 [GMT 2:00]
Eseguito da: c:\documents and settings\Gianni\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Gianni\Dati applicazioni\screensaver_Beach.scr
c:\windows\Bdonya.exe
c:\windows\Bdonyb.exe
c:\windows\system32\sshnas21.dll
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
-------\Service_SSHNAS
((((((((((((((((((((((((( Files Creati Da 2010-05-07 al 2010-06-07 )))))))))))))))))))))))))))))))))))
.
2010-06-07 12:15 . 2010-06-07 12:13 397824 ----a-w- c:\windows\system32\CF12224.exe
2010-06-07 12:07 . 2010-06-07 12:08 -------- d-----w- C:\32788R22FWJFW.0.tmp
2010-06-05 13:54 . 2009-07-23 09:57 100480 ----a-r- c:\windows\system32\drivers\ewusbfake.sys
2010-06-05 11:49 . 2010-06-05 11:49 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\FLEXnet
2010-06-05 11:42 . 2010-06-05 11:42 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\Vodafone
2010-06-05 11:42 . 2009-07-23 09:57 112640 ----a-r- c:\windows\system32\drivers\ewusbnet.sys
2010-06-05 11:42 . 2009-07-23 09:57 102528 ----a-r- c:\windows\system32\drivers\ewusbmdm.sys
2010-06-05 11:40 . 2010-06-05 11:40 -------- d-----w- c:\documents and settings\LocalService\Dati applicazioni\Vodafone
2010-06-05 11:40 . 2010-06-05 11:40 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Vodafone
2010-06-05 11:39 . 2010-06-05 11:39 -------- d-----w- c:\programmi\Vodafone
2010-06-05 11:39 . 2010-06-05 11:39 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FLEXnet
2010-06-05 11:38 . 2010-06-05 11:38 -------- d-----w- c:\documents and settings\Gianni\Impostazioni locali\Dati applicazioni\{4D4E02EE-0904-4442-8E6A-B77395E9B072}
2010-06-01 09:34 . 2010-06-07 11:41 -------- d-----w- c:\documents and settings\Gianni\Impostazioni locali\Dati applicazioni\Axialis
2010-05-31 06:28 . 2010-05-31 06:28 -------- d-----w- c:\programmi\Power Up
2010-05-14 12:42 . 2010-06-02 17:02 -------- d-----w- c:\documents and settings\Gianni\Impostazioni locali\Dati applicazioni\Softonic-IT
2010-05-14 12:42 . 2010-05-14 13:08 -------- d-----w- c:\programmi\Softonic-IT
2010-05-13 12:07 . 2010-05-13 12:06 411368 ----a-w- c:\windows\system32\deployJava1.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-07 12:30 . 2010-02-04 22:20 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\Skype
2010-06-07 12:26 . 2010-01-09 15:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2010-06-07 12:06 . 2010-01-10 11:45 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\uTorrent
2010-06-07 07:14 . 2010-02-04 22:33 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\skypePM
2010-06-05 07:55 . 2010-01-17 14:28 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\Canon
2010-05-24 18:35 . 2010-05-24 18:35 503808 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1a4323cf-n\msvcp71.dll
2010-05-24 18:35 . 2010-05-24 18:35 499712 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1a4323cf-n\jmc.dll
2010-05-24 18:35 . 2010-05-24 18:35 348160 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1a4323cf-n\msvcr71.dll
2010-05-24 18:35 . 2010-05-24 18:35 61440 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-613c9156-n\decora-sse.dll
2010-05-24 18:35 . 2010-05-24 18:35 12800 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-613c9156-n\decora-d3d.dll
2010-05-20 05:44 . 2010-01-10 11:46 -------- d-----w- c:\programmi\uTorrent
2010-05-13 14:22 . 2010-01-09 22:37 -------- d-----w- c:\programmi\Google
2010-05-05 06:35 . 2010-01-09 15:57 113933 ----a-w- c:\windows\system32\drivers\klin.dat
2010-05-05 06:35 . 2010-01-09 15:57 97549 ----a-w- c:\windows\system32\drivers\klick.dat
2010-04-28 06:43 . 2010-02-15 20:28 -------- d-----w- c:\programmi\IrfanView
2010-04-23 06:31 . 2001-08-31 10:00 71114 ----a-w- c:\windows\system32\perfc010.dat
2010-04-23 06:31 . 2001-08-31 10:00 440832 ----a-w- c:\windows\system32\perfh010.dat
2010-04-20 06:28 . 2010-01-13 12:00 -------- d-----w- c:\programmi\Microsoft Silverlight
2010-04-18 20:32 . 2010-04-18 20:25 -------- d-----w- c:\programmi\File comuni\AVSMedia
2010-04-18 20:32 . 2010-04-18 20:21 -------- d-----w- c:\programmi\AVS4YOU
2010-04-18 20:29 . 2010-04-18 20:29 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AVS4YOU
2010-04-18 20:29 . 2010-04-18 20:29 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\AVS4YOU
2010-04-18 20:29 . 2010-01-09 11:57 74312 ----a-w- c:\documents and settings\Gianni\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-04-15 07:46 . 2010-04-06 12:33 1 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-04-11 14:02 . 2010-04-11 09:49 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-04-11 09:49 . 2010-04-11 09:49 -------- d-----w- c:\documents and settings\Gianni\Dati applicazioni\Malwarebytes
2010-04-11 09:49 . 2010-04-11 09:49 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-04-11 09:49 . 2010-04-11 09:49 -------- d-----w- c:\programmi\Conduit
2010-04-06 12:30 . 2010-04-06 12:30 7424000 ----a-r- c:\documents and settings\Gianni\Dati applicazioni\Microsoft\Installer\{D61B4347-26FD-40F5-92B7-5D020E574DFE}\soffice.exe
2010-03-18 18:48 . 2010-04-11 09:49 52224 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Mozilla\Firefox\Profiles\m9bblmdd.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}\components\FFExternalAlert.dll
2010-03-18 18:48 . 2010-04-11 09:49 101376 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Mozilla\Firefox\Profiles\m9bblmdd.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}\components\RadioWMPCore.dll
2010-03-11 21:49 . 2010-03-11 21:49 503808 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-63814ec7-n\msvcp71.dll
2010-03-11 21:49 . 2010-03-11 21:49 499712 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-63814ec7-n\jmc.dll
2010-03-11 21:49 . 2010-03-11 21:49 348160 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-63814ec7-n\msvcr71.dll
2010-03-11 21:49 . 2010-03-11 21:49 61440 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7024a289-n\decora-sse.dll
2010-03-11 21:49 . 2010-03-11 21:49 12800 ----a-w- c:\documents and settings\Gianni\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7024a289-n\decora-d3d.dll
.
------- Sigcheck -------
[-] 2007-12-12 . 5DEF00B476192F4AE0E9515F08100443 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-04-14_11.37.51 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-12-01 23:46 . 2006-12-01 23:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2006-12-01 22:46 . 2006-12-01 22:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2009-07-11 18:54 . 2009-07-11 18:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
- 2006-12-01 23:08 . 2006-12-01 23:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
- 2006-12-01 23:08 . 2006-12-01 23:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
- 2006-12-01 23:08 . 2006-12-01 23:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
- 2006-12-01 23:08 . 2006-12-01 23:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
- 2006-12-01 23:08 . 2006-12-01 23:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
- 2006-12-01 23:08 . 2006-12-01 23:08 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
- 2006-12-01 23:08 . 2006-12-01 23:08 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
- 2006-12-01 23:08 . 2006-12-01 23:08 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
- 2006-12-01 23:08 . 2006-12-01 23:08 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2006-12-01 22:26 . 2006-12-01 22:26 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
- 2006-12-01 23:26 . 2006-12-01 23:26 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
- 2006-12-01 23:25 . 2006-12-01 23:25 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-01 22:25 . 2006-12-01 22:25 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2009-07-11 23:07 . 2009-07-11 23:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-11 23:19 . 2009-07-11 23:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
- 2006-12-01 21:56 . 2006-12-01 21:56 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2006-12-01 20:56 . 2006-12-01 20:56 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2009-07-11 17:41 . 2009-07-11 17:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2010-06-07 12:26 . 2010-06-07 12:26 16384 c:\windows\Temp\Perflib_Perfdata_31c.dat
+ 2006-08-24 18:26 . 2006-08-24 18:26 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2004-08-11 00:45 . 2006-08-24 20:30 63488 c:\windows\system32\wpdmtpus.dll
+ 2004-08-11 00:45 . 2006-08-24 20:30 35840 c:\windows\system32\wpdconns.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 37376 c:\windows\system32\wmdmps.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 33792 c:\windows\system32\wmdmlog.dll
+ 2001-08-31 10:00 . 2010-04-23 06:31 59890 c:\windows\system32\perfc009.dat
+ 2010-04-18 20:21 . 2007-12-29 08:42 24576 c:\windows\system32\msxml3a.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 27648 c:\windows\system32\mspmsnsv.dll
+ 2010-04-21 06:45 . 2010-04-21 06:45 84507 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
- 2010-01-10 00:04 . 2010-01-10 00:04 84507 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2004-08-19 12:39 . 2006-08-24 20:30 11264 c:\windows\system32\LAPRXY.dll
+ 2010-06-05 11:40 . 2007-08-09 01:13 24448 c:\windows\system32\DRVSTORE\ewdcsc_0A57F7BCA072C72EE1CF24A391526222762A5A1B\ewdcsc.sys
+ 2004-08-11 00:45 . 2006-08-24 18:26 38656 c:\windows\system32\drivers\wpdusb.sys
+ 2004-08-19 12:39 . 2006-08-24 20:30 37376 c:\windows\system32\dllcache\wmdmps.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 33792 c:\windows\system32\dllcache\wmdmlog.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 27648 c:\windows\system32\dllcache\mspmsnsv.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 11264 c:\windows\system32\dllcache\LAPRXY.dll
+ 2010-05-13 14:30 . 2010-05-13 14:30 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-05-13 14:30 . 2010-05-13 14:30 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-05-13 14:30 . 2010-05-13 14:30 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-05-13 14:30 . 2010-05-13 14:30 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-05-13 14:30 . 2010-05-13 14:30 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-05-13 14:30 . 2010-05-13 14:30 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-05-13 14:30 . 2010-05-13 14:30 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\ARPPRODUCTICON.exe
+ 2010-06-05 11:40 . 2010-06-05 11:40 73728 c:\windows\Installer\{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}\VodafoneConnectionMa_B9D0823E49B04B5B9B0C5415624F0666.exe
+ 2010-06-05 11:40 . 2010-06-05 11:40 73728 c:\windows\Installer\{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}\SMS_B9D0823E49B04B5B9B0C5415624F0666.exe
+ 2010-06-05 11:40 . 2010-06-05 11:40 73728 c:\windows\Installer\{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}\NewShortcut9_B9D0823E49B04B5B9B0C5415624F0666.exe
+ 2010-06-05 11:40 . 2010-06-05 11:40 73728 c:\windows\Installer\{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}\NewShortcut8_B9D0823E49B04B5B9B0C5415624F0666.exe
+ 2010-06-05 11:40 . 2010-06-05 11:40 73728 c:\windows\Installer\{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}\ARPPRODUCTICON.exe
+ 2009-12-21 19:09 . 2009-12-21 19:09 16832 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\ViewerPS.dll
+ 2009-12-22 00:57 . 2009-12-22 00:57 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\reader_sl.exe
+ 2009-12-21 19:02 . 2009-12-21 19:02 79280 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\PDFPrevHndlr.dll
+ 2009-12-21 22:21 . 2009-12-21 22:21 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\eula.exe
+ 2009-12-21 22:37 . 2009-12-21 22:37 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\acrotextextractor.exe
+ 2009-12-21 17:39 . 2009-12-21 17:39 15288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\AcroRd32Info.exe
+ 2009-12-21 17:27 . 2009-12-21 17:27 75200 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\acroiehelpershim.dll
+ 2009-12-21 17:27 . 2009-12-21 17:27 61888 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\AcroIEHelper.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 18944 c:\windows\$NtUninstallWMFDist11$\wpdusb.sys
+ 2010-04-18 20:24 . 2004-08-11 00:45 66560 c:\windows\$NtUninstallWMFDist11$\wpdmtpus.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 61952 c:\windows\$NtUninstallWMFDist11$\wpdconns.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 38912 c:\windows\$NtUninstallWMFDist11$\wpd_ci.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 34304 c:\windows\$NtUninstallWMFDist11$\wmdmps.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 30208 c:\windows\$NtUninstallWMFDist11$\wmdmlog.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 38912 c:\windows\$NtUninstallWMFDist11$\wdfmgr.exe
+ 2010-04-18 20:24 . 2004-08-11 00:45 15872 c:\windows\$NtUninstallWMFDist11$\wdfapi.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 47104 c:\windows\$NtUninstallWMFDist11$\uwdf.exe
+ 2010-04-18 20:24 . 2006-08-24 20:42 13312 c:\windows\$NtUninstallWMFDist11$\spuninst\wpdinstallutil.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 25088 c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 96768 c:\windows\$NtUninstallWMFDist11$\logagent.exe
+ 2004-08-19 12:39 . 2006-08-24 20:30 4096 c:\windows\system32\wmvdmoe2.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 4096 c:\windows\system32\wmvdmod.dll
+ 2004-08-11 00:45 . 2006-08-24 20:30 4096 c:\windows\system32\WMVADVE.DLL
+ 2004-08-11 00:45 . 2006-08-24 20:30 4096 c:\windows\system32\WMVADVD.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 4096 c:\windows\system32\wmsdmoe2.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 4096 c:\windows\system32\wmsdmod.dll
+ 2004-08-11 00:45 . 2006-08-24 20:42 8704 c:\windows\system32\wdfmgr.exe
+ 2004-08-11 00:45 . 2006-08-24 20:30 4096 c:\windows\system32\wdfapi.dll
+ 2004-08-11 00:45 . 2006-08-24 20:42 8704 c:\windows\system32\uwdf.exe
+ 2004-08-19 12:39 . 2006-08-24 20:30 4096 c:\windows\system32\MPG4DMOD.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 4096 c:\windows\system32\MP4SDMOD.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 4096 c:\windows\system32\MP43DMOD.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 4096 c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 4096 c:\windows\system32\dllcache\wmvdmod.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 4096 c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 4096 c:\windows\system32\dllcache\wmsdmod.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 4096 c:\windows\system32\dllcache\MPG4DMOD.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 4096 c:\windows\system32\dllcache\MP4SDMOD.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 4096 c:\windows\system32\dllcache\MP43DMOD.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 6656 c:\windows\$NtUninstallWMFDist11$\laprxy.dll
+ 2009-07-11 23:12 . 2009-07-11 23:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-11 23:09 . 2009-07-11 23:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-11 23:08 . 2009-07-11 23:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2004-08-11 00:45 . 2006-08-24 20:30 349184 c:\windows\system32\wpdsp.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 133120 c:\windows\system32\WPDShServiceObj.dll
+ 2004-08-11 00:45 . 2006-08-24 20:30 154624 c:\windows\system32\wpdmtp.dll
+ 2004-08-11 00:45 . 2006-08-24 20:30 629760 c:\windows\system32\wpd_ci.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 656896 c:\windows\system32\WMVXENCD.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 790016 c:\windows\system32\WMVSENCD.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 603648 c:\windows\system32\WMSPDMOD.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 937984 c:\windows\system32\WMNetMgr.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 157184 c:\windows\system32\wmidx.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 532992 c:\windows\system32\wmdrmsdk.dll
+ 2004-08-11 00:45 . 2006-08-24 20:30 347648 c:\windows\system32\wmdrmnet.dll
+ 2004-08-11 00:45 . 2006-08-24 20:30 428032 c:\windows\system32\wmdrmdev.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 222208 c:\windows\system32\wmasf.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 757248 c:\windows\system32\WMADMOD.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 210432 c:\windows\system32\qasf.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 198144 c:\windows\system32\PortableDeviceWMDRM.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 166912 c:\windows\system32\PortableDeviceTypes.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 101888 c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 284160 c:\windows\system32\PortableDeviceApi.dll
+ 2001-08-31 10:00 . 2010-04-23 06:31 395650 c:\windows\system32\perfh009.dat
+ 2004-08-19 12:39 . 2006-08-24 20:30 320512 c:\windows\system32\mswmdm.dll
+ 2010-04-18 20:21 . 2007-12-29 08:42 344064 c:\windows\system32\msvcr70.dll
+ 2010-04-18 20:21 . 2007-12-29 08:42 487424 c:\windows\system32\msvcp70.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 414208 c:\windows\system32\msscp.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 175104 c:\windows\system32\mspmsp.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 179712 c:\windows\system32\msnetobj.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 259072 c:\windows\system32\MPG4DECD.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 316928 c:\windows\system32\MP4SDECD.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 258560 c:\windows\system32\MP43DECD.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 211968 c:\windows\system32\MFPLAT.dll
+ 2010-04-18 20:21 . 2007-12-29 08:42 974848 c:\windows\system32\mfc70.dll
+ 2010-01-27 00:58 . 2010-01-27 00:58 256280 c:\windows\system32\Macromed\Flash\FlashUtil10e.exe
+ 2004-08-19 12:39 . 2006-08-24 18:31 100864 c:\windows\system32\logagent.exe
- 2010-03-11 21:49 . 2009-12-17 16:14 153376 c:\windows\system32\javaws.exe
+ 2010-05-13 12:07 . 2010-05-13 12:06 153376 c:\windows\system32\javaws.exe
- 2010-03-11 21:49 . 2009-12-17 16:14 145184 c:\windows\system32\javaw.exe
+ 2010-05-13 12:07 . 2010-05-13 12:06 145184 c:\windows\system32\javaw.exe
- 2010-03-11 21:49 . 2009-12-17 16:14 145184 c:\windows\system32\java.exe
+ 2010-05-13 12:07 . 2010-05-13 12:06 145184 c:\windows\system32\java.exe
+ 2010-01-09 12:27 . 2010-04-19 07:38 289296 c:\windows\system32\FNTCACHE.DAT
+ 2010-06-05 11:41 . 2009-05-26 14:53 621056 c:\windows\system32\DRVSTORE\mod7700_8C17870443A1EF4AA2DF3F4C259AD7DC9CE429DF\mod7700.sys
+ 2010-06-05 11:41 . 2009-07-23 09:57 102528 c:\windows\system32\DRVSTORE\ewser2k_3FAC5CBD542AC3EDF972B299A5E819F3CE8D3BD1\ewusbmdm.sys
+ 2010-06-05 11:41 . 2009-07-23 09:57 112640 c:\windows\system32\DRVSTORE\ewnet_558FDC0EB2C58729DD420923F8F1F4810F7A7CD6\ewusbnet.sys
+ 2010-06-05 11:41 . 2009-07-23 09:57 102528 c:\windows\system32\DRVSTORE\ewmdm2k_6488C26CAF5CBACE01C1544101CDF367D3D7CA91\ewusbmdm.sys
+ 2010-06-05 11:41 . 2009-07-23 09:57 100480 c:\windows\system32\DRVSTORE\ewfake_8A996195DC8F6F723286A9E26B930219FBEE1A0E\ewusbfake.sys
+ 2004-08-19 12:39 . 2006-08-24 20:30 990208 c:\windows\system32\drmv2clt.dll
+ 2006-08-24 18:27 . 2006-08-24 18:27 249344 c:\windows\system32\drmupgds.exe
+ 2006-08-24 20:30 . 2006-08-24 20:30 667648 c:\windows\system32\drivers\umdf\wpdmtpdr.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 603648 c:\windows\system32\dllcache\WMSPDMOD.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 937984 c:\windows\system32\dllcache\WMNetMgr.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 157184 c:\windows\system32\dllcache\wmidx.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 222208 c:\windows\system32\dllcache\WMASF.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 757248 c:\windows\system32\dllcache\WMADMOD.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 210432 c:\windows\system32\dllcache\qasf.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 320512 c:\windows\system32\dllcache\mswmdm.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 414208 c:\windows\system32\dllcache\msscp.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 175104 c:\windows\system32\dllcache\mspmsp.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 179712 c:\windows\system32\dllcache\msnetobj.dll
+ 2004-08-19 12:39 . 2006-08-24 18:31 100864 c:\windows\system32\dllcache\logagent.exe
+ 2004-08-19 12:39 . 2006-08-24 20:30 990208 c:\windows\system32\dllcache\drmv2clt.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 228352 c:\windows\system32\dllcache\cewmdm.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 537600 c:\windows\system32\dllcache\blackbox.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 228352 c:\windows\system32\cewmdm.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 537600 c:\windows\system32\blackbox.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 276480 c:\windows\system32\audiodev.dll
+ 2010-04-19 07:47 . 2010-04-19 07:47 602624 c:\windows\Installer\8bed9.msi
+ 2010-04-18 20:27 . 2010-04-18 20:27 331264 c:\windows\Installer\222702f.msi
+ 2010-04-18 20:23 . 2010-04-18 20:23 424960 c:\windows\Installer\2227029.msi
+ 2010-05-13 12:06 . 2010-05-13 12:06 576000 c:\windows\Installer\103414f.msi
- 2010-02-04 22:30 . 2010-02-04 22:30 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2010-04-29 23:03 . 2010-04-29 23:03 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2009-12-21 17:35 . 2009-12-21 17:35 378264 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\pdfshell.dll
+ 2009-12-21 19:05 . 2009-12-21 19:05 116168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\PDFPrevHndlrShim.exe
+ 2009-12-21 17:34 . 2009-12-21 17:34 103864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\nppdf32.dll
+ 2009-11-09 18:18 . 2009-11-09 18:18 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\JP2KLib.dll
+ 2009-12-21 19:02 . 2009-12-21 19:02 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\AdobeCollabSync.exe
+ 2009-12-21 17:43 . 2009-12-21 17:43 120240 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\AcroRdIF.dll
+ 2009-12-22 00:57 . 2009-12-22 00:57 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\AcroRd32.exe
+ 2009-12-21 17:15 . 2009-12-21 17:15 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\AcroPDF.dll
+ 2009-12-21 18:32 . 2009-12-21 18:32 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\acrobroker.exe
+ 2009-12-21 18:15 . 2009-12-21 18:15 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\a3dutility.exe
+ 2010-05-17 10:48 . 2007-01-09 06:17 110592 c:\windows\Downloaded Program Files\PURit-it.dll
+ 2006-11-20 09:04 . 2006-11-20 09:04 117088 c:\windows\Downloaded Program Files\PURen-us.dll
+ 2009-08-19 09:55 . 2009-08-19 09:55 829288 c:\windows\Downloaded Program Files\MsnPUpld.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 327680 c:\windows\$NtUninstallWMFDist11$\wpdsp.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 114176 c:\windows\$NtUninstallWMFDist11$\wpdmtp.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 999424 c:\windows\$NtUninstallWMFDist11$\wmvdmoe2.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 871160 c:\windows\$NtUninstallWMFDist11$\wmvdmod.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 936960 c:\windows\$NtUninstallWMFDist11$\wmspdmoe.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 531192 c:\windows\$NtUninstallWMFDist11$\wmspdmod.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 819200 c:\windows\$NtUninstallWMFDist11$\wmsetsdk.exe
+ 2010-04-18 20:24 . 2004-08-11 00:45 773368 c:\windows\$NtUninstallWMFDist11$\wmsdmod.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 150016 c:\windows\$NtUninstallWMFDist11$\wmidx.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 290816 c:\windows\$NtUninstallWMFDist11$\wmdrmnet.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 344064 c:\windows\$NtUninstallWMFDist11$\wmdrmdev.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 229376 c:\windows\$NtUninstallWMFDist11$\wmasf.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 712704 c:\windows\$NtUninstallWMFDist11$\wmadmoe.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 380144 c:\windows\$NtUninstallWMFDist11$\wmadmod.dll
+ 2010-04-18 20:24 . 2006-08-11 18:14 371424 c:\windows\$NtUninstallWMFDist11$\spuninst\updspapi.dll
+ 2010-04-18 20:24 . 2006-08-11 18:14 213216 c:\windows\$NtUninstallWMFDist11$\spuninst\spuninst.exe
+ 2010-04-18 20:24 . 2004-08-11 00:45 221184 c:\windows\$NtUninstallWMFDist11$\qasf.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 311296 c:\windows\$NtUninstallWMFDist11$\mswmdm.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 360176 c:\windows\$NtUninstallWMFDist11$\msscp.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 169472 c:\windows\$NtUninstallWMFDist11$\mspmsp.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 141312 c:\windows\$NtUninstallWMFDist11$\msnetobj.dll
+ 2010-04-18 20:24 . 2004-08-19 12:39 240640 c:\windows\$NtUninstallWMFDist11$\mpg4dmod.dll
+ 2010-04-18 20:24 . 2004-08-19 12:39 384512 c:\windows\$NtUninstallWMFDist11$\mp4sdmod.dll
+ 2010-04-18 20:24 . 2004-08-19 12:39 310272 c:\windows\$NtUninstallWMFDist11$\mp43dmod.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 527360 c:\windows\$NtUninstallWMFDist11$\drmv2clt.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 161792 c:\windows\$NtUninstallWMFDist11$\cewmdm.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 233472 c:\windows\$NtUninstallWMFDist11$\blackbox.dll
+ 2006-12-01 22:25 . 2006-12-01 22:25 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
- 2006-12-01 23:25 . 2006-12-01 23:25 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-01 22:25 . 2006-12-01 22:25 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
- 2006-12-01 23:25 . 2006-12-01 23:25 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2009-07-11 18:46 . 2009-07-11 18:46 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-11 18:46 . 2009-07-11 18:46 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 2589184 c:\windows\system32\WpdShext.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 1392128 c:\windows\system32\WMVSDECD.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 1532416 c:\windows\system32\WMVENCOD.dll
+ 2006-08-24 20:30 . 2006-08-24 20:30 1539584 c:\windows\system32\WMVDECOD.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 2450944 c:\windows\system32\wmvcore.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 1327616 c:\windows\system32\WMSPDMOE.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 1118208 c:\windows\system32\WMADMOE.dll
+ 2010-04-18 20:21 . 2008-07-17 15:25 1700352 c:\windows\system32\GdiPlus.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 2450944 c:\windows\system32\dllcache\wmvcore.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 1327616 c:\windows\system32\dllcache\WMSPDMOE.dll
+ 2004-08-19 12:39 . 2006-08-24 20:30 1118208 c:\windows\system32\dllcache\WMADMOE.dll
+ 2010-05-13 14:30 . 2010-05-13 14:30 1235968 c:\windows\Installer\181face.msi
+ 2010-06-05 11:40 . 2010-06-05 11:40 2558464 c:\windows\Installer\13c55c4.msi
+ 2009-12-21 17:29 . 2009-12-21 17:29 2409880 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\rt3d.dll
+ 2009-12-21 22:31 . 2009-12-21 22:31 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\AGM.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 2362104 c:\windows\$NtUninstallWMFDist11$\wmvcore.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 1509376 c:\windows\$NtUninstallWMFDist11$\wmvadve.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 1181944 c:\windows\$NtUninstallWMFDist11$\wmvadvd.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 1116160 c:\windows\$NtUninstallWMFDist11$\wmsdmoe2.dll
+ 2010-04-18 20:24 . 2004-08-11 00:45 1027072 c:\windows\$NtUninstallWMFDist11$\wmnetmgr.dll
+ 2010-04-19 07:50 . 2010-04-19 07:50 15710720 c:\windows\Installer\8bee1.msp
+ 2010-04-04 06:54 . 2010-04-04 06:54 11850240 c:\windows\Installer\453158.msp
+ 2009-12-21 22:21 . 2009-12-21 22:21 20436408 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7449A0300000010\9.3.0\AcroRd32.dll
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 15:50 1197448 ----a-w- c:\programmi\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e3393495-8103-46a0-8181-270273eddd60}]
2010-05-14 13:09 2515552 ----a-w- c:\programmi\Softonic-IT\tbSof1.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-10-19 15:15 1345336 ----a-w- c:\programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{e3393495-8103-46a0-8181-270273eddd60}"= "c:\programmi\Softonic-IT\tbSof1.dll" [2010-05-14 2515552]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CLASSES_ROOT\clsid\{e3393495-8103-46a0-8181-270273eddd60}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]
"{E3393495-8103-46A0-8181-270273EDDD60}"= "c:\programmi\Softonic-IT\tbSof1.dll" [2010-05-14 2515552]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CLASSES_ROOT\clsid\{e3393495-8103-46a0-8181-270273eddd60}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-09 39408]
"Magentic"="c:\progra~1\Magentic\bin\Magentic.exe" [2009-04-23 488808]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"msnmsgr"="~c:\programmi\Windows Live\Messenger\msnmsgr.exe" [BU]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-21 13680640]
"nwiz"="nwiz.exe" [2009-01-21 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-21 86016]
"HDAudDeck"="c:\programmi\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-02-27 33599488]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" [2009-10-20 340456]
"BigDog303"="c:\windows\VM303_STI.EXE" [2005-10-25 61440]
"GrooveMonitor"="c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"SweetIM"="c:\programmi\SweetIM\Messenger\SweetIM.exe" [2009-10-20 111928]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-02-18 248040]
"MobileConnect"="c:\programmi\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-09-18 2412032]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]
c:\documents and settings\Gianni\Menu Avvio\Programmi\Esecuzione automatica\
OpenOffice.org 3.2.lnk - c:\programmi\OpenOffice.org 3\program\quickstart.exe [2009-12-15 384000]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\File comuni\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Programmi\\Magentic\\bin\\MgImp.exe"=
"c:\\Programmi\\Magentic\\bin\\Magentic.exe"=
"c:\\Programmi\\Magentic\\bin\\MgApp.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programmi\\SecondLife\\SLVoice.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [14/10/2009 22.18.34 36880]
R2 VMCService;Vodafone Mobile Connect Service;c:\programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [18/09/2009 17.48.28 9216]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14/09/2009 15.42.46 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02/10/2009 20.39.44 19472]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [09/01/2010 17.50.07 1057024]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [05/02/2010 17.29.56 135664]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys
c:\windows\system32\Drivers\SSPORT.sys
![[?]](http://www.megalab.it/forum/images/smilies/confused.gif "Confuso")
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [05/06/2010 13.42.21 112640]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [05/06/2010 15.54.24 100480]
.
Contenuto della cartella 'Scheduled Tasks'
2010-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-05 15:29]
2010-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-05 15:29]
2010-06-07 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\programmi\Ask.com\UpdateTask.exe [2010-02-04 15:50]
2010-06-07 c:\windows\Tasks\User_Feed_Synchronization-{7187529E-9340-4677-B55D-43FFBB070A9E}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page =
hxxp://www.google.it/FF - ProfilePath - c:\documents and settings\Gianni\Dati applicazioni\Mozilla\Firefox\Profiles\m9bblmdd.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.it/FF - component: c:\programmi\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\programmi\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\programmi\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\programmi\Windows Live\Photo Gallery\NPWLPG.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
Toolbar-Locked - (no file)
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-06-07 14:27
Windows 5.1.2600 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\programmi\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????
BigDog303 = c:\windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)????????????????0?????????@??????????????
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr = ~"c:\programmi\Windows Live\Messenger\msnmsgr.exe" /background?
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'explorer.exe'(1868)
c:\programmi\File comuni\Ahead\Lib\NeroSearchBar.dll
c:\programmi\File comuni\Ahead\Lib\NeroSearchTrayHook.dll
c:\programmi\File comuni\Ahead\Lib\MFC71U.DLL
c:\programmi\File comuni\Ahead\Lib\BCGCBPRO800u.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wscntfy.exe
c:\progra~1\Magentic\bin\MgApp.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programmi\OpenOffice.org 3\program\soffice.exe
c:\programmi\OpenOffice.org 3\program\soffice.bin
c:\programmi\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Ora fine scansione: 2010-06-07 14:32:07 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-06-07 12:32
ComboFix2.txt 2010-04-14 11:41
Pre-Run: 21.715.005.440 byte disponibili
Post-Run: 21.875.105.792 byte disponibili
- - End Of File - - 84CEA38AAD780B164B7B8368759672B5
Esegui 
![[...]](http://www.megalab.it/forum/images/smilies/mellow.gif "Senza Parole")
, vi loggo il risultato che mi da HiJackThis:![[;)]](http://www.megalab.it/forum/images/smilies/wink.gif "Occhiolino")
markinson
![[:)]](http://www.megalab.it/forum/images/smilies/smile.gif "Smile")
