Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Bagle Windows Vista

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Bagle Windows Vista

Messaggioda mcap » mer apr 15, 2009 9:14 am

Ciao, ho il sospetto di essere stato infettato da un trojan che ho scoperto si chiama Bagle. I principali sintomi rilevati sono: wi-fi non accessibile e antivirus non accessibile.
Ho letto le guide per rimuovere il virus e ho il sospetto che sia più semplice e sicuro formattare.
Ho un unico dubbio che se qualcuno mi riesce a risolvere mi tranquillizzerebbe: io ho 2 dischi (C con il OS e D con tutti i dati) e l'unico sistema che ho per formattare è il disco di ripristino della DELL (ho un DELL inspiron 1720). Mi chiedevo se questo risolve il problema (non andrei a toccare il disco D che, per sicurezza, pensavo anche di rimuovere fisicamente prima della formattazione, in quanto ci sono dati importanti).
Consigli?

Grazie

matteo
Avatar utente
mcap
Neo Iscritto
Neo Iscritto
 
Messaggi: 6
Iscritto il: mer apr 15, 2009 9:03 am

Re: Bagle Windows Vista

Messaggioda ste_95 » mer apr 15, 2009 9:26 am

Hai già provato FindyKill e non ha funzionato?

Scarica ComboFix , salvandolo sul desktop con un nome di fantasia, ed esegui la scansione seguendo queste istruzioni (giù in fondo). Al termine della scansione verrà creato il file di report C:\combofix.txt, copia qui il suo contenuto inserendolo tra i tag LOG, in questo modo:
Codice: Seleziona tutto
[LOG]qui va inserito il log[/LOG]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: Bagle Windows Vista

Messaggioda mcap » mer apr 15, 2009 9:32 am

stasera lo faccio e posto.
grazie
matteo
Avatar utente
mcap
Neo Iscritto
Neo Iscritto
 
Messaggi: 6
Iscritto il: mer apr 15, 2009 9:03 am


Re: Bagle Windows Vista

Messaggioda mcap » mer apr 15, 2009 7:07 pm

ti allego il log di combofix. però è successa una cosa strana: ho letto dappertutto che il bagle non ti fa avviare in modalità provvisioria, in realtà io ci riesco. inoltre, nonostante non riesco a lanciare il mio antivirus (nod32), combofix mi diceva che era in esecuzione ..

ComboFix 09-04-15.08 - matteo 15/04/2009 19.51.56.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.39.1040.18.3069.2227 [GMT 2:00]
Eseguito da: C:\Windows\system32\config\systemprofile\Desktop\azz.exe
AV: Sistema Antivirus NOD32 2.70 *On-access scanning enabled* (Updated)
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat
C:\Users\matteo\AppData\Roaming\drivers\downld
C:\Users\matteo\AppData\Roaming\drivers\downld\102508.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\102804.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\116470.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\118810.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\119200.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\127764.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\131633.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\132507.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\146500.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15226649.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15240252.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15241297.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15241734.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15275680.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15276335.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15276975.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15292996.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15299766.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15299813.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15299876.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15302808.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15321965.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15322340.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15322683.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15349983.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15351013.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15351481.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15358875.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15358891.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15361371.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15390887.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15391713.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15392119.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15394287.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15477935.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15478575.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15479261.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15498512.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15498527.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15502458.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15505859.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15506062.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15523487.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15574094.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15574344.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15574422.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15574812.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\15574827.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\159011.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\159713.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\159760.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\162521.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\1980557.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\1981306.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\1991929.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\1993271.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\1993630.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\201974.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\202738.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2027404.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2029869.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\203004.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2030384.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2051428.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2061756.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2062099.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2062161.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2065047.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2081068.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2082894.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2084110.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2123485.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2124078.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2124312.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2127510.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2128274.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2130942.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2131753.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2132736.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2146542.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2147634.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2148664.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2149054.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2149678.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2152267.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2154405.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2238161.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2242186.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2246929.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2273246.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2274166.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2279455.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2287208.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\228759.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2287614.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\229929.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\230429.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\233502.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\234750.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2351231.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2354148.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2356176.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2359905.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2361371.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\2361730.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\237542.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\238806.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\238821.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\251333.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\253220.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\255342.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\29975061.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\29975077.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\29987026.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\29988196.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\29988586.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30022829.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30023734.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30024264.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30041299.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30050784.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30050846.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30050893.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30055402.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30074137.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30074637.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30074949.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30106710.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30107381.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30107662.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30110330.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30110376.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30113247.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30113262.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30116741.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30121889.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30127583.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30128395.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30128800.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30133231.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30217050.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30217612.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30218189.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30237049.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30243851.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30244288.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30244506.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30263445.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30271370.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30271619.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30271697.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30271994.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\30272009.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\343701.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\345027.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\346072.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\376368.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\377101.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\377116.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\448050.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\449922.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\450312.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\482323.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\489297.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\492885.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\500888.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\502838.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\502962.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\503493.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\504912.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\546814.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\547126.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\556533.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\557750.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\558109.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\592351.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\595315.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\595923.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\613411.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\617670.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\617919.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\617966.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\620150.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\644252.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\644954.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\645766.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\672645.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\673378.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\673659.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\677122.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\677699.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\679961.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\680913.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\690039.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\691240.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\691646.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\779739.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\780176.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\780582.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\796806.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\796993.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\797009.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\800690.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\801860.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\802157.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\821844.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\822172.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\825042.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\825463.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\826212.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\826228.exe
C:\Users\matteo\AppData\Roaming\drivers\downld\99996.exe
C:\Users\matteo\AppData\Roaming\drivers\srosa2.sys
C:\Users\matteo\AppData\Roaming\m
C:\Users\matteo\AppData\Roaming\m\data.oct
C:\Users\matteo\AppData\Roaming\m\list.oct
C:\Users\matteo\AppData\Roaming\m\shared
C:\Users\matteo\AppData\Roaming\m\shared\02.Nod32.License.Keys.37.zip
C:\Users\matteo\AppData\Roaming\m\shared\1Z0-007 - Introduction to Oracle9i
C:\Users\matteo\AppData\Roaming\m\shared\3D Alien Aquarium Screen Saver 1.07 (Key).zip
C:\Users\matteo\AppData\Roaming\m\shared\3D Gravity 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\3D WATERFALL SCREENSAVER 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\A Christmas Thankyou Theme 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\ABCpdf 6.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\AbNote 1.7a (Cracked).zip
C:\Users\matteo\AppData\Roaming\m\shared\Access DASHBOARD 2.0.1.zip
C:\Users\matteo\AppData\Roaming\m\shared\Addriana Sklenarikova 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Alcyone Backup 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\AllNetic Working Time Tracker 2.4.2.zip
C:\Users\matteo\AppData\Roaming\m\shared\AltoMP3 Gold 5.12.zip
C:\Users\matteo\AppData\Roaming\m\shared\Alvas.ShapeForms 2.0 (With Crack).zip
C:\Users\matteo\AppData\Roaming\m\shared\AmazonSearchAqua(US) 1.0.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Anti Spam Umbrella 1.3 [With Crack].zip
C:\Users\matteo\AppData\Roaming\m\shared\Art Pixel 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Asram eTunes 1.0.8.zip
C:\Users\matteo\AppData\Roaming\m\shared\Atory Dupe Checker 5.5.zip
C:\Users\matteo\AppData\Roaming\m\shared\AutoMz Ultimate Tweaker 4.3.zip
C:\Users\matteo\AppData\Roaming\m\shared\AviSplit Classic 1.43.zip
C:\Users\matteo\AppData\Roaming\m\shared\AvniTech WhizNote 3.5.zip
C:\Users\matteo\AppData\Roaming\m\shared\AVS Ringtone Maker 1.6.1.122.zip
C:\Users\matteo\AppData\Roaming\m\shared\Battlesport demo.zip
C:\Users\matteo\AppData\Roaming\m\shared\Bemba 1.0.3.zip
C:\Users\matteo\AppData\Roaming\m\shared\BlogBridge 5.0.1.zip
C:\Users\matteo\AppData\Roaming\m\shared\Brush Set 3 'WavyLines' 1.0.0 Cracked.zip
C:\Users\matteo\AppData\Roaming\m\shared\Business Slave 1.0.1.zip
C:\Users\matteo\AppData\Roaming\m\shared\Chatlog 1.0 (With Crack).zip
C:\Users\matteo\AppData\Roaming\m\shared\Classic Style Menus and Toolbars for Microsoft Word 2007 4.0.32.zip
C:\Users\matteo\AppData\Roaming\m\shared\CobolScript 3.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Corporate Manager Software 3.4.zip
C:\Users\matteo\AppData\Roaming\m\shared\Darkling Dragon Screensaver 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Databene Commons 0.4.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\DataSurfer 4.15.zip
C:\Users\matteo\AppData\Roaming\m\shared\DEKSI Network Audit 3.1.zip
C:\Users\matteo\AppData\Roaming\m\shared\Deskman Personal Edition 5.51.zip
C:\Users\matteo\AppData\Roaming\m\shared\Dicm Store with SCP-SCU Store 1.01.zip
C:\Users\matteo\AppData\Roaming\m\shared\Disk Drive Security 1.4.zip
C:\Users\matteo\AppData\Roaming\m\shared\eMapZone 4.3.0.21.zip
C:\Users\matteo\AppData\Roaming\m\shared\EMS Quick Export .NET 1.4.zip
C:\Users\matteo\AppData\Roaming\m\shared\ExcelToHTML 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Externalize strings 0.0.5.2.zip
C:\Users\matteo\AppData\Roaming\m\shared\F-Prot.AntiVirus.For.Windows.v3.14a.Retail-ROR.ShareReactor.zip
C:\Users\matteo\AppData\Roaming\m\shared\FastMaint CMMS--Preventive Maintenance Management 4.4.zip
C:\Users\matteo\AppData\Roaming\m\shared\FireMail for .NET 1.0.1.zip
C:\Users\matteo\AppData\Roaming\m\shared\Flight Simulator 2004 A Century of Flight X-45 A UCAV model.zip
C:\Users\matteo\AppData\Roaming\m\shared\Free Hide Folder 2.0 Build 20080408.zip
C:\Users\matteo\AppData\Roaming\m\shared\Free XP Style Icons 0.1 [Key].zip
C:\Users\matteo\AppData\Roaming\m\shared\GALsync 2.5.zip
C:\Users\matteo\AppData\Roaming\m\shared\Groones KwikPik 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Half-Life Cthulhu Mod.zip
C:\Users\matteo\AppData\Roaming\m\shared\Haunted House
C:\Users\matteo\AppData\Roaming\m\shared\Hearts 3D 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\ICO file format 1.8f3.zip
C:\Users\matteo\AppData\Roaming\m\shared\Image Effects 1.1.zip
C:\Users\matteo\AppData\Roaming\m\shared\Image To PDF OCR Converter (PDF E-Book Maker) 3.2 [Patch].zip
C:\Users\matteo\AppData\Roaming\m\shared\Inago Rage 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\iNeeda Password & Tracker Pro 3.3 Key.zip
C:\Users\matteo\AppData\Roaming\m\shared\InkGestures 1.2.zip
C:\Users\matteo\AppData\Roaming\m\shared\Internet Bargain Center 1.zip
C:\Users\matteo\AppData\Roaming\m\shared\iPodCopy 7.40.zip
C:\Users\matteo\AppData\Roaming\m\shared\Joy DVD To MP4 Converter 3.2.zip
C:\Users\matteo\AppData\Roaming\m\shared\Kaspersky.5.0.227.Licencias.14.9.2006.zip
C:\Users\matteo\AppData\Roaming\m\shared\Kaspersky.Anti-Virus.Personal.v5.0.142.[Español-Spanish].by.Zeyckler.zip
C:\Users\matteo\AppData\Roaming\m\shared\Kav-Kaspersky.Antivirus.Key-File.(10-26-2007).updated-fixed.10-2006.zip
C:\Users\matteo\AppData\Roaming\m\shared\KingConvert For iPod Touch 4.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\log4javascript 1.4.zip
C:\Users\matteo\AppData\Roaming\m\shared\LunarCal 7.11.zip
C:\Users\matteo\AppData\Roaming\m\shared\Mail Hunter 2.19.zip
C:\Users\matteo\AppData\Roaming\m\shared\Market Mover Calendar 1.zip
C:\Users\matteo\AppData\Roaming\m\shared\MinuteMan 7.4a.zip
C:\Users\matteo\AppData\Roaming\m\shared\NEWT Freeware 1.0.106.zip
C:\Users\matteo\AppData\Roaming\m\shared\NOD32.v2.51.30.NT.2K.2K3.XP.Retail.zip
C:\Users\matteo\AppData\Roaming\m\shared\Offline Explorer 5.2.2877 Service Release 1.zip
C:\Users\matteo\AppData\Roaming\m\shared\OpenBook 2.1.zip
C:\Users\matteo\AppData\Roaming\m\shared\Panda.Antivirus.+.Firewall.2007.[multilang.-.serial].updated-fixed.12-2006.zip
C:\Users\matteo\AppData\Roaming\m\shared\PDF Stamp COM SDK Unlimited License 2.3 (Crack).zip
C:\Users\matteo\AppData\Roaming\m\shared\Periscope 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Picword 1.8 (KeyGen).zip
C:\Users\matteo\AppData\Roaming\m\shared\PLT Export for Rhino 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Prevx1.ok.zip
C:\Users\matteo\AppData\Roaming\m\shared\Psi 0.10.zip
C:\Users\matteo\AppData\Roaming\m\shared\RARPlayer 1.0.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Recycle Bin Zapper 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Resource Builder 2.5.zip
C:\Users\matteo\AppData\Roaming\m\shared\River Past 3GP Booster Pack 2.5 Crack.zip
C:\Users\matteo\AppData\Roaming\m\shared\rmtSHUTDOWN 1.9.zip
C:\Users\matteo\AppData\Roaming\m\shared\RSS Reporter 3.0.0.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\SaferSpace 1.0.3.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Screen Savers To Go 1.0.7.zip
C:\Users\matteo\AppData\Roaming\m\shared\SeddyShop 1.1 (Serial).zip
C:\Users\matteo\AppData\Roaming\m\shared\Shout Scan 1.2.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Simply XPMC Induztry 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\SingleInstance 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\SlashGISRS 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Sleep 1.0.6.zip
C:\Users\matteo\AppData\Roaming\m\shared\SmartRoster 2.5.zip
C:\Users\matteo\AppData\Roaming\m\shared\Solar Winds Screensaver 2.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\SpaceTrack 1.8.1.1.zip
C:\Users\matteo\AppData\Roaming\m\shared\SQL Developer 1.0 Crack.zip
C:\Users\matteo\AppData\Roaming\m\shared\SQLite Data Wizard 6.7 With Crack.zip
C:\Users\matteo\AppData\Roaming\m\shared\StatWin Total 7.6.3.zip
C:\Users\matteo\AppData\Roaming\m\shared\StoneC 3.1.zip
C:\Users\matteo\AppData\Roaming\m\shared\Strawberry 1.0 (Key+Serial).zip
C:\Users\matteo\AppData\Roaming\m\shared\The Backyard Wrestling Resource's Guide to Backyard Wrestling 1.zip
C:\Users\matteo\AppData\Roaming\m\shared\Transking 2.zip
C:\Users\matteo\AppData\Roaming\m\shared\TV Manager 1.5.zip
C:\Users\matteo\AppData\Roaming\m\shared\University of Tampa Mail Checker 1.0.1.zip
C:\Users\matteo\AppData\Roaming\m\shared\Unreal Tournament 2003 - Obsidian Guard skin.zip
C:\Users\matteo\AppData\Roaming\m\shared\Urban Golf Screensaver 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\VCatch Basic 6.3.1.2 (Key).zip
C:\Users\matteo\AppData\Roaming\m\shared\VideoEdit Converter 2.0 (Patch).zip
C:\Users\matteo\AppData\Roaming\m\shared\Virtual Stopwatch Pro 3.15.zip
C:\Users\matteo\AppData\Roaming\m\shared\Visual jpg2pdf 2.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\VizzioCalc Lite 2.01.zip
C:\Users\matteo\AppData\Roaming\m\shared\Webassist 1.3.zip
C:\Users\matteo\AppData\Roaming\m\shared\WebPlacementVerifier 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\Win Risk Free 2.76 [Key].zip
C:\Users\matteo\AppData\Roaming\m\shared\Windows.XP.SP2.Instalacion.Desatendida.+.Office2003.+.NOD32.(Español).zip
C:\Users\matteo\AppData\Roaming\m\shared\WinProxyCommander 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\WordPefect Corrupt Dcument Troubleshooter 1.0.zip
C:\Users\matteo\AppData\Roaming\m\shared\X2Net LabelMaker 3.0 [Key+Serial].zip
C:\Users\matteo\AppData\Roaming\m\shared\XPlayer 3.21.zip
C:\Users\matteo\AppData\Roaming\m\shared\Zend Studio 5.5.zip
C:\Users\matteo\AppData\Roaming\m\srvlist.oct

----- BITS: Possibili siti infetti -----

hxxp://sunmicro.ht.rd.llnw.net
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA


((((((((((((((((((((((((( Files Creati Da 2009-03-15 al 2009-04-15 )))))))))))))))))))))))))))))))))))
.

2009-04-14 19:55:52 . 2009-04-14 19:58:12 0 d-----w C:\Program Files\EsetOnlineScanner
2009-04-14 19:43:22 . 2009-04-14 19:43:23 0 ---ha-w C:\ntuser.dat.LOG2
2009-04-14 19:43:22 . 2009-04-14 19:43:23 0 ---ha-w C:\ntuser.dat.LOG1
2009-04-14 19:43:22 . 2009-04-14 19:43:22 0 ----a-w C:\ntuser.dat
2009-04-14 19:09:22 . 2009-04-14 19:26:27 0 d-----w C:\Program Files\Broadcom
2009-04-14 19:05:31 . 2009-04-14 19:05:31 0 d-----w C:\Windows\Downloaded Installations
2009-04-14 19:01:50 . 2006-11-21 02:25:44 45568 ----a-w C:\Windows\system32\drivers\bcm4sbxp.sys
2009-04-13 21:19:42 . 2009-03-19 14:32:48 23400 ----a-w C:\Windows\system32\drivers\GEARAspiWDM.sys
2009-04-13 21:19:42 . 2008-04-17 10:12:54 107368 ----a-w C:\Windows\system32\GEARAspi.dll
2009-04-13 21:19:14 . 2009-04-13 21:19:14 0 d-----w C:\Program Files\iPod
2009-04-13 21:19:13 . 2009-04-13 21:19:40 0 d-----w C:\Users\All Users\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-13 21:19:13 . 2009-04-13 21:19:40 0 d-----w C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-13 21:19:13 . 2009-04-13 21:19:40 0 d-----w C:\Program Files\iTunes
2009-04-13 20:47:24 . 2009-04-15 17:56:17 0 d--h--w C:\Users\matteo\AppData\Roaming\drivers
2009-04-05 09:18:22 . 2009-04-05 09:18:22 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-04-04 18:16:53 . 2009-04-04 18:16:55 0 d-----w C:\Program Files\ASAP Utilities
2009-04-04 18:16:53 . 2009-04-04 18:16:53 0 d-----w C:\Users\matteo\AppData\Roaming\ASAP Utilities
2009-03-31 21:03:44 . 2009-03-31 21:04:54 0 d-----w C:\Forexyard
2009-03-30 18:11:19 . 2009-03-30 18:11:19 0 d-----w C:\Users\matteo\AppData\Roaming\Creative
2009-03-29 21:21:46 . 2009-03-29 21:21:50 0 d-----w C:\Program Files\M4a to MP3 Converter
2009-03-29 15:02:57 . 2009-03-29 15:02:57 0 d-----w C:\Users\All Users\KONAMI
2009-03-29 15:02:57 . 2009-03-29 15:02:57 0 d-----w C:\ProgramData\KONAMI
2009-03-29 14:52:03 . 2006-12-08 10:02:00 251672 ----a-w C:\Windows\system32\xactengine2_5.dll
2009-03-29 14:51:59 . 2006-11-29 11:06:18 3426072 ----a-w C:\Windows\system32\d3dx9_32.dll
2009-03-29 14:51:58 . 2006-11-15 09:38:22 15128 ----a-w C:\Windows\system32\x3daudio1_1.dll
2009-03-29 14:51:58 . 2006-09-28 14:05:56 237848 ----a-w C:\Windows\system32\xactengine2_4.dll
2009-03-29 14:51:57 . 2006-09-28 14:04:02 68888 ----a-w C:\Windows\system32\xinput1_3.dll
2009-03-29 14:51:55 . 2006-09-28 14:05:20 2414360 ----a-w C:\Windows\system32\d3dx9_31.dll
2009-03-29 14:51:54 . 2006-07-28 07:30:32 236824 ----a-w C:\Windows\system32\xactengine2_3.dll
2009-03-29 14:51:54 . 2006-07-28 07:30:14 62744 ----a-w C:\Windows\system32\xinput1_2.dll
2009-03-29 14:50:42 . 2005-05-26 13:34:52 2297552 ----a-w C:\Windows\system32\d3dx9_26.dll
2009-03-29 14:50:06 . 2009-03-29 14:50:06 0 d-----w C:\Program Files\KONAMI
2009-03-29 14:35:17 . 2009-03-30 11:52:21 0 d-----w C:\Program Files\Alcohol Soft
2009-03-29 14:31:45 . 2009-03-29 14:31:47 717296 ----a-w C:\Windows\system32\drivers\sptd.sys
2009-03-27 22:39:12 . 2009-03-28 17:33:36 0 d-----w C:\Users\matteo\AppData\Local\Yahoo
2009-03-27 22:38:22 . 2009-03-27 22:38:22 0 d-----w C:\Users\matteo\AppData\Roaming\Yahoo!
2009-03-27 22:37:37 . 2009-03-28 17:33:36 0 d-----w C:\Users\All Users\Yahoo!
2009-03-27 22:37:37 . 2009-03-28 17:33:36 0 d-----w C:\ProgramData\Yahoo!
2009-03-27 22:37:33 . 2009-03-28 17:33:36 0 d-----w C:\Program Files\Yahoo!
2009-03-25 20:56:08 . 2009-03-26 22:09:17 0 d-----w C:\Users\matteo\AppData\Roaming\FileZilla
2009-03-25 20:56:03 . 2009-03-25 20:56:07 0 d-----w C:\Program Files\FileZilla FTP Client
2009-03-23 20:52:58 . 2008-04-12 03:32:11 784896 ----a-w C:\Windows\system32\rpcrt4.dll
2009-03-22 19:59:35 . 2009-03-22 19:59:35 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-03-22 19:24:51 . 2009-03-22 19:24:51 0 d-----w C:\PerfLogs
2009-03-22 19:01:09 . 2009-03-22 19:01:31 303668479 ----a-w C:\Windows\MEMORY.DMP
2009-03-22 18:59:03 . 2009-03-22 18:59:04 0 d-----w C:\db22f962d1f821c38b01dfd5
2009-03-22 12:43:59 . 2008-01-19 07:33:33 382976 ----a-w C:\Windows\system32\vds.exe
2009-03-22 12:42:59 . 2008-01-19 07:36:56 64512 ----a-w C:\Windows\system32\wlanapi.dll
2009-03-22 12:41:59 . 2008-01-19 07:36:43 89088 ----a-w C:\Windows\system32\txflog.dll
2009-03-22 12:40:59 . 2008-01-05 11:22:37 144909 ----a-w C:\Windows\system32\fsmgmt.msc
2009-03-22 12:40:52 . 2008-01-05 11:39:44 150 ----a-w C:\Windows\system32\RacUREx.xml
2009-03-22 12:40:47 . 2008-01-05 11:31:45 3 ----a-w C:\Windows\system32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
2009-03-22 12:40:47 . 2008-01-05 11:31:14 145455 ----a-w C:\Windows\system32\perfmon.msc
2009-03-22 12:40:46 . 2008-01-19 07:33:34 599552 ----a-w C:\Windows\system32\vsp1cln.exe
2009-03-22 12:40:24 . 2006-11-02 09:46:14 151552 ----a-w C:\Windows\system32\WpdMtp.dll
2009-03-22 12:39:51 . 2008-01-19 07:36:48 357888 ----a-w C:\Windows\system32\wbemcomn.dll
2009-03-22 12:39:20 . 2008-01-19 07:36:35 129536 ----a-w C:\Windows\system32\sqmapi.dll
2009-03-22 12:39:19 . 2008-01-19 07:36:31 704512 ----a-w C:\Windows\system32\SmiEngine.dll
2009-03-22 12:39:19 . 2008-01-19 07:36:31 139264 ----a-w C:\Windows\system32\SmiInstaller.dll
2009-03-22 12:38:36 . 2008-01-19 07:36:50 218624 ----a-w C:\Windows\system32\wdscore.dll
2009-03-22 12:38:36 . 2008-01-19 07:33:19 130560 ----a-w C:\Windows\system32\PkgMgr.exe
2009-03-22 12:36:56 . 2008-01-19 07:34:06 246784 ----a-w C:\Windows\system32\drvstore.dll
2009-03-22 12:36:54 . 2008-01-19 07:35:12 35328 ----a-w C:\Windows\system32\mspatcha.dll
2009-03-22 12:36:54 . 2008-01-19 07:34:55 305152 ----a-w C:\Windows\system32\msdelta.dll
2009-03-22 12:36:54 . 2008-01-19 07:34:06 258560 ----a-w C:\Windows\system32\dpx.dll
2009-03-21 17:38:43 . 2009-03-25 21:29:45 0 d-----w C:\Program Files\Java
2009-03-21 16:34:36 . 2009-03-30 13:47:24 0 d-----w C:\Users\matteo\AppData\Roaming\BSplayer
2009-03-21 16:34:36 . 2009-03-21 16:34:36 0 d-----w C:\Users\matteo\AppData\Roaming\BSplayer Pro
2009-03-21 16:34:30 . 2009-03-21 16:34:30 0 d-----w C:\Program Files\Webteh
2009-03-19 21:53:06 . 2009-03-19 21:53:06 97800 ----a-w C:\Windows\system32\infocardapi.dll
2009-03-19 21:53:06 . 2009-03-19 21:53:06 622080 ----a-w C:\Windows\system32\icardagt.exe
2009-03-19 21:53:06 . 2009-03-19 21:53:06 37384 ----a-w C:\Windows\system32\infocardcpl.cpl
2009-03-19 21:53:06 . 2009-03-19 21:53:06 11264 ----a-w C:\Windows\system32\icardres.dll
2009-03-19 21:53:03 . 2009-03-19 21:53:03 105016 ----a-w C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-03-19 21:53:02 . 2009-03-19 21:53:02 781344 ----a-w C:\Windows\system32\PresentationNative_v0300.dll
2009-03-19 21:53:02 . 2009-03-19 21:53:02 43544 ----a-w C:\Windows\system32\PresentationHostProxy.dll
2009-03-19 21:53:02 . 2009-03-19 21:53:02 326160 ----a-w C:\Windows\system32\PresentationHost.exe
2009-03-19 21:47:02 . 2009-03-19 21:49:38 22020096 ----a-w C:\Windows\ocsetup_install_NetFx3.etl
2009-03-19 21:47:02 . 2009-03-19 21:49:37 65536 ----a-w C:\Windows\ocsetup_cbs_install_NetFx3.dpx
2009-03-19 21:47:02 . 2009-03-19 21:49:37 196608 ----a-w C:\Windows\ocsetup_cbs_install_NetFx3.perf
2009-03-19 21:45:11 . 2009-03-19 21:45:11 96760 ----a-w C:\Windows\system32\dfshim.dll
2009-03-19 21:45:11 . 2009-03-19 21:45:11 41984 ----a-w C:\Windows\system32\netfxperf.dll
2009-03-19 21:45:09 . 2009-03-19 21:45:09 83968 ----a-w C:\Windows\system32\mscories.dll
2009-03-19 21:45:09 . 2009-03-19 21:45:09 282112 ----a-w C:\Windows\system32\mscoree.dll
2009-03-19 21:45:09 . 2009-03-19 21:45:09 158720 ----a-w C:\Windows\system32\mscorier.dll
2009-03-19 21:00:49 . 2009-03-19 21:00:49 1820 ----a-w C:\Windows\system32\rasctrnm.h
2009-03-19 21:00:13 . 2009-03-19 21:00:13 428544 ----a-w C:\Windows\system32\EncDec.dll
2009-03-19 21:00:13 . 2009-03-19 21:00:13 177664 ----a-w C:\Windows\system32\mpg2splt.ax
2009-03-19 21:00:12 . 2009-03-19 21:00:12 80896 ----a-w C:\Windows\system32\MSNP.ax
2009-03-19 21:00:12 . 2009-03-19 21:00:12 69632 ----a-w C:\Windows\system32\Mpeg2Data.ax
2009-03-19 21:00:12 . 2009-03-19 21:00:12 57856 ----a-w C:\Windows\system32\MSDvbNP.ax
2009-03-19 21:00:12 . 2009-03-19 21:00:12 293376 ----a-w C:\Windows\system32\psisdecd.dll
2009-03-19 21:00:12 . 2009-03-19 21:00:12 217088 ----a-w C:\Windows\system32\psisrndr.ax
2009-03-19 20:59:37 . 2008-01-19 07:34:25 15872 ----a-w C:\Windows\system32\hcrstco.dll
2009-03-19 20:59:37 . 2006-11-02 09:46:05 8704 ----a-w C:\Windows\system32\hccoin.dll
2009-03-19 19:43:06 . 2009-03-09 04:19:08 410984 ----a-w C:\Windows\system32\deploytk.dll
2009-03-18 21:19:37 . 2009-03-18 21:19:37 0 d-----w C:\Program Files\Common Files\Adobe AIR
2009-03-18 20:54:24 . 2009-03-18 20:54:24 269312 ----a-w C:\Windows\system32\es.dll
2009-03-18 20:53:54 . 2009-03-18 21:15:05 0 d-----w C:\Users\All Users\NOS
2009-03-18 20:53:54 . 2009-03-18 21:15:05 0 d-----w C:\ProgramData\NOS
2009-03-18 20:53:54 . 2009-03-18 21:15:05 0 d-----w C:\Program Files\NOS
2009-03-17 22:39:44 . 2009-04-07 17:32:55 0 d-----w C:\Users\matteo\AppData\Local\Adobe
2009-03-17 22:38:27 . 2009-03-17 22:38:27 0 d-----w C:\Users\All Users\FLEXnet
2009-03-17 22:38:27 . 2009-03-17 22:38:27 0 d-----w C:\ProgramData\FLEXnet
2009-03-17 22:36:28 . 2009-03-21 16:50:06 0 d-----w C:\Users\All Users\Adobe
2009-03-17 22:29:43 . 2009-03-17 22:29:43 0 d-----w C:\Program Files\Common Files\Macrovision Shared
2009-03-17 22:27:39 . 2009-04-13 19:41:58 0 d-----w C:\Program Files\Common Files\Adobe
2009-03-17 22:17:05 . 2009-03-17 22:16:50 512096 ----a-w C:\Windows\system32\drivers\amon.sys
2009-03-17 22:17:05 . 2009-03-17 22:16:50 298104 ----a-w C:\Windows\system32\imon.dll
2009-03-17 22:17:04 . 2009-03-17 22:16:49 15424 ----a-w C:\Windows\system32\drivers\nod32drv.sys
2009-03-17 22:06:54 . 2009-03-17 22:06:54 61440 ----a-w C:\Windows\system32\winipsec.dll
2009-03-17 22:06:54 . 2009-03-17 22:06:54 361984 ----a-w C:\Windows\system32\IPSECSVC.DLL
2009-03-17 22:06:54 . 2009-03-17 22:06:54 28672 ----a-w C:\Windows\system32\FwRemoteSvr.dll
2009-03-17 22:06:54 . 2009-03-17 22:06:54 272896 ----a-w C:\Windows\system32\polstore.dll
2009-03-17 22:06:25 . 2009-03-17 22:06:25 94720 ----a-w C:\Windows\system32\PortableDeviceClassExtension.dll
2009-03-17 22:06:25 . 2009-03-17 22:06:25 241152 ----a-w C:\Windows\system32\PortableDeviceApi.dll
2009-03-17 22:06:24 . 2009-03-17 22:06:24 160768 ----a-w C:\Windows\system32\PortableDeviceTypes.dll
2009-03-17 22:03:37 . 2009-03-17 22:03:37 827392 ----a-w C:\Windows\system32\wininet.dll
2009-03-17 22:03:34 . 2009-03-17 22:03:34 1383424 ----a-w C:\Windows\system32\mshtml.tlb
2009-03-17 22:01:13 . 2009-03-17 22:01:13 296960 ----a-w C:\Windows\system32\gdi32.dll
2009-03-17 22:00:32 . 2009-03-17 22:00:32 212480 ----a-w C:\Windows\system32\drivers\mrxsmb10.sys
2009-03-17 21:59:54 . 2009-03-17 21:59:54 28672 ----a-w C:\Windows\system32\Apphlpdm.dll
2009-03-17 21:59:51 . 2009-03-17 21:59:52 4240384 ----a-w C:\Windows\system32\GameUXLegacyGDFs.dll
2009-03-17 21:59:51 . 2009-03-17 21:59:51 1695744 ----a-w C:\Windows\system32\gameux.dll
2009-03-17 21:59:32 . 2009-03-17 21:59:32 303616 ----a-w C:\Windows\system32\wmpeffects.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-15 17:59:05 . 2009-04-15 17:59:05 2048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
2009-04-15 17:59:05 . 2009-04-15 17:59:05 2048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
2009-04-15 17:58:17 . 2006-11-06 01:52:05 648340 ----a-w C:\Windows\System32\perfh010.dat
2009-04-15 17:58:17 . 2006-11-06 01:52:05 115248 ----a-w C:\Windows\System32\perfc010.dat
2009-04-15 17:40:23 . 2006-11-02 13:02:04 32768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2009-04-15 17:40:23 . 2006-11-02 13:02:04 16384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2009-04-15 17:40:23 . 2006-11-02 13:02:04 16384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2009-04-14 19:09:29 . 2006-11-02 10:25:05 86016 ----a-w C:\Windows\Inf\infstrng.dat
2009-04-14 19:09:29 . 2006-11-02 10:25:05 51200 ----a-w C:\Windows\Inf\infpub.dat
2009-04-14 19:01:51 . 2006-11-02 10:25:05 86016 ----a-w C:\Windows\Inf\infstor.dat
2009-03-29 20:46:25 . 2009-03-29 20:46:25 0 d-----w C:\Program Files\SigmaTel
2009-03-22 19:34:13 . 2006-11-02 12:50:50 174 --sha-w C:\Program Files\desktop.ini
2009-03-22 19:27:10 . 2006-11-02 12:37:34 0 d-----w C:\Program Files\Windows Calendar
2009-03-22 19:27:09 . 2006-11-02 12:37:34 0 d-----w C:\Program Files\Windows Sidebar
2009-03-22 19:27:08 . 2006-11-02 11:18:33 0 d-----w C:\Program Files\Windows Mail
2009-03-22 19:27:04 . 2006-11-02 12:37:34 0 d-----w C:\Program Files\Windows Photo Gallery
2009-03-22 19:27:00 . 2006-11-02 12:37:34 0 d-----w C:\Program Files\Windows Defender
2009-03-22 19:24:49 . 2006-11-02 10:25:05 665600 ----a-w C:\Windows\Inf\drvindex.dat
2009-03-22 19:15:48 . 2006-11-02 10:32:57 82432 ----a-w C:\Windows\System32\axaltocm.dll
2009-03-22 19:15:48 . 2006-11-02 10:32:57 101888 ----a-w C:\Windows\System32\ifxcardm.dll
2009-03-17 21:59:54 . 2009-03-17 21:59:54 2560 ----a-w C:\Windows\AppPatch\AcRes.dll
2009-03-17 21:59:53 . 2009-03-17 21:59:53 2154496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2009-03-17 21:59:52 . 2009-03-17 21:59:52 541696 ----a-w C:\Windows\AppPatch\AcLayers.dll
2009-03-17 21:59:52 . 2009-03-17 21:59:52 52736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2009-03-17 21:59:52 . 2009-03-17 21:59:52 460288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2009-03-17 21:59:52 . 2009-03-17 21:59:52 173056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2009-03-17 21:31:34 . 2006-11-02 12:37:34 0 d-----w C:\Program Files\MSBuild
2009-03-16 21:47:13 . 2009-03-16 21:47:13 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2009-03-16 21:47:02 . 2009-03-16 21:46:56 0 d-----w C:\Program Files\DellTPad
2009-03-16 21:34:31 . 2009-03-16 21:19:43 680 ----a-w C:\Users\matteo\AppData\Local\d3d9caps.dat
2009-03-16 21:22:59 . 2009-03-16 21:22:59 0 d-----w C:\Program Files\Common Files\InstallShield
2009-03-16 21:18:04 . 2009-03-16 21:18:04 0 d-sh--w C:\ProgramData\Preferiti
2009-03-16 21:18:04 . 2009-03-16 21:18:04 0 d-sh--w C:\ProgramData\Modelli
2009-03-16 21:18:04 . 2009-03-16 21:18:04 0 d-sh--w C:\ProgramData\Menu Avvio
2009-03-16 21:18:04 . 2009-03-16 21:18:04 0 d-sh--w C:\ProgramData\Documenti
2009-03-16 21:18:04 . 2009-03-16 21:18:04 0 d-sh--w C:\ProgramData\Dati applicazioni
2009-03-16 21:18:04 . 2009-03-16 21:18:04 0 d-sh--w C:\Program Files\File comuni
2009-03-05 22:59:00 . 2009-03-05 22:59:00 36864 ----a-w C:\Windows\system32\drivers\usbaapl.sys
2009-03-05 22:59:00 . 2009-03-05 22:59:00 1900544 ----a-w C:\Windows\System32\usbaaplrc.dll
2009-02-06 17:52:40 . 2009-02-06 17:52:40 49504 ----a-w C:\Windows\System32\sirenacm.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2008-09-07 07:20:00 143360 ----a-w C:\Program Files\Dropbox\DropboxExt.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2008-09-07 07:20:00 143360 ----a-w C:\Program Files\Dropbox\DropboxExt.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2008-09-07 07:20:00 143360 ----a-w C:\Program Files\Dropbox\DropboxExt.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 07:33:09 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-06-09 06:23:00 13543968]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-06-09 06:23:00 92704]
"NVHotkey"="C:\Windows\system32\nvHotkey.dll" [2008-06-09 06:23:00 96800]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 12:37:58 174872]
"Apoint"="C:\Program Files\DellTPad\Apoint.exe" [2007-07-02 12:29:22 159744]
"OEM02Mon.exe"="C:\Windows\OEM02Mon.exe" [2007-05-10 00:01:00 36864]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2009-01-05 15:18:48 413696]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 06:00:48 33648]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2009-04-15 17:57:10 949376]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 16:10:28 35696]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-03-09 04:19:17 148888]
"SigmatelSysTrayApp"="C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-13 12:44:48 405504]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2009-04-02 14:11:02 342312]

C:\Users\matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Program Files\Dropbox\Dropbox.exe [2008-9-26 24096981]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2009-3-16 50688]
Launchy.lnk - C:\Program Files\Launchy\Launchy.exe [2009-3-17 286720]
QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2009-3-17 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3698020981-2046184475-2221320731-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{DA959193-5E53-4C66-BC99-F6F33A587D4C}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{0AE746FC-168A-4141-A2CE-D8D1BE3B2B7A}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{D7A679A0-1AF8-42D2-8C27-3D93F8427221}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{94026F29-E610-434A-B6C4-075DBFA0AE7F}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{EDE84428-817B-4375-A8F8-2D86DCC86A57}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{41EABA09-10F1-4DA7-AFF1-FC42B380C6CB}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{400F364E-69D9-41A3-BE6A-27EE29EA9EB1}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{4FF8BEA4-340B-4987-9092-F717728D34E6}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{312A2DEB-276A-4F95-929A-562B646E2249}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{006063EF-BAE4-445E-B730-F50093AD1696}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{31B74924-2F2C-45AF-8A53-03FFEFB7FB14}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{5818135C-FDC5-4DB4-B871-B97A3087441B}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{9A3246C1-929C-4943-A0C9-BCEB606BE191}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"TCP Query User{D313815A-65B4-4D5C-BE49-D40168AE7BFD}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{3CD9A4CB-E4EF-468F-BA5F-7B541D14BF02}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox

S1 nod32drv;nod32drv;C:\Windows\system32\drivers\nod32drv.sys [2009-03-17 22:16:49 15424]
S2 AESTFilters;Andrea ST Filters Service;C:\Windows\system32\aestsrv.exe [2007-09-20 12:31:10 73728]
S3 OEM02Dev;Creative Camera OEM002 Driver;C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-10-11 00:03:00 235648]
S3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-03-05 17:45:04 7424]


--- Altri Servizi/Drivers In Memoria ---

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKCU-Run-AdobeUpdater - C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe


.
------- Scansione supplementare -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Invia immagine alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Invia pagina alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
FF - ProfilePath - C:\Users\matteo\AppData\Roaming\Mozilla\Firefox\Profiles\kwtvs6ho.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.
Avatar utente
mcap
Neo Iscritto
Neo Iscritto
 
Messaggi: 6
Iscritto il: mer apr 15, 2009 9:03 am

Re: Bagle Windows Vista

Messaggioda ste_95 » mer apr 15, 2009 7:43 pm

Prova a riscaricare e reinstallare Nod. [;)]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: Bagle Windows Vista

Messaggioda mcap » mer apr 15, 2009 7:56 pm

ma dal log non si vede nulla? non riesco a capire se ho il bagle o no? e, se no, perché non mi va il wi fi?
Avatar utente
mcap
Neo Iscritto
Neo Iscritto
 
Messaggi: 6
Iscritto il: mer apr 15, 2009 9:03 am

Re: Bagle Windows Vista

Messaggioda mcap » mer apr 15, 2009 8:27 pm

fatto. disinstallato e reinstallato. lo apro ma non mi fa fare l'update del database virus ..
Avatar utente
mcap
Neo Iscritto
Neo Iscritto
 
Messaggi: 6
Iscritto il: mer apr 15, 2009 9:03 am

Re: Bagle Windows Vista

Messaggioda mcap » mer apr 15, 2009 8:31 pm

tra l'altro ad ogni riavvio quando apro firefox mi dice che non è il browser predefinito ..
Avatar utente
mcap
Neo Iscritto
Neo Iscritto
 
Messaggi: 6
Iscritto il: mer apr 15, 2009 9:03 am


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 2 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising