Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Controllo Hijack. AIUTO!

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Controllo Hijack. AIUTO!

Messaggioda ARIETE72 » dom ott 04, 2009 10:40 pm

Ciao, credo di avere beccato un virus..Installando un programma di editing..
Vi posto il log di Hijack mi date un controllo per piacere?
Mi si aprono pagine di internet di pubblicità in automatico
Grazie a tutti
Matteo

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Users\HAPPYF~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Users\Happy Family\AppData\Local\docresgm.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Users\HAPPYF~1\AppData\Local\Temp\Rar$EX00.290\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... spire_5930
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... spire_5930
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKCU\..\Run: [docresgm] "c:\users\happy family\appdata\local\docresgm.exe" docresgm
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Selezione intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Partner Service - Google Inc. - c:\programdata\partner\partner.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

--
End of file - 9140 bytes
Mai contraddire una donna..Prima o poi lo farà da sola..
Avatar utente
ARIETE72
Senior Member
Senior Member
 
Messaggi: 449
Iscritto il: mar mar 07, 2006 4:24 pm
Località: milano

Re: Controllo Hijack. AIUTO!

Messaggioda crazy.cat » lun ott 05, 2009 7:13 am

Fai una scansione con combofix e posta il suo log.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: Controllo Hijack. AIUTO!

Messaggioda ARIETE72 » lun ott 05, 2009 5:54 pm

Ciao Crazy.
Ecco il log come richiesto.
Grazie tante ancora

ComboFix 09-10-04.01 - Happy Family 05/10/2009 18.44.05.3.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.3066.1765 [GMT 2:00]
Eseguito da: F:\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Happy Family\AppData\Local\docresgm.dat
c:\users\Happy Family\AppData\Local\docresgm.exe
c:\users\Happy Family\AppData\Local\docresgm_nav.dat
c:\users\Happy Family\AppData\Local\docresgm_navps.dat
c:\windows\Suyin.reg

.
((((((((((((((((((((((((( Files Creati Da 2009-09-05 al 2009-10-05 )))))))))))))))))))))))))))))))))))
.

2009-10-05 16:52 . 2009-10-05 16:52 -------- d-----w- c:\users\Happy Family\AppData\Local\temp
2009-10-05 16:52 . 2009-10-05 16:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-10-05 16:52 . 2009-10-05 16:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-04 19:12 . 2009-10-04 19:12 -------- d-----w- c:\users\Happy Family\AppData\Local\TVU Networks
2009-10-04 19:12 . 2009-10-04 19:12 -------- d-----w- c:\programdata\TVU Networks
2009-10-04 13:35 . 2009-10-04 13:41 -------- d-----w- c:\program files\Live-Player
2009-10-04 13:35 . 2009-10-05 16:20 98 ----a-w- c:\users\Happy Family\AppData\Local\docresgm.bat
2009-10-03 06:15 . 2009-10-03 06:15 -------- d-----w- C:\WisTools
2009-10-03 06:14 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-03 06:11 . 2007-12-16 15:57 75776 ----a-w- c:\windows\system32\drivers\WSVD.sys
2009-10-02 19:07 . 2009-10-02 19:17 -------- d-----w- c:\program files\Ufasoft
2009-10-02 16:50 . 2009-10-02 16:50 604416 ----a-w- c:\windows\system32\TUProgSt.exe
2009-10-02 16:50 . 2009-04-27 12:21 17152 ----a-w- c:\windows\system32\authuitu.dll
2009-10-02 16:50 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll
2009-10-02 16:50 . 2009-10-02 16:50 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-10-02 16:47 . 2009-10-02 16:47 -------- d-----w- c:\users\Happy Family\AppData\Roaming\TuneUp Software
2009-10-02 16:47 . 2009-10-02 16:49 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-10-02 16:47 . 2009-10-02 16:47 -------- d-----w- c:\programdata\TuneUp Software
2009-10-02 16:46 . 2009-10-02 16:46 -------- d-sh--w- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-09-30 13:24 . 2009-09-30 14:28 -------- d-----r- C:\keygen
2009-09-29 20:26 . 2009-09-29 20:27 -------- d-----w- c:\users\Happy Family\AppData\Roaming\U3
2009-09-28 22:26 . 2009-09-28 22:26 -------- d-----w- C:\unzipped
2009-09-28 13:52 . 2009-09-28 13:52 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2009-09-28 13:52 . 2009-09-28 13:52 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2009-09-14 12:58 . 2009-09-25 23:13 -------- d-----w- c:\users\Happy Family\AppData\Roaming\HpUpdate
2009-09-14 12:58 . 2009-09-14 12:58 -------- d-----w- c:\windows\Hewlett-Packard
2009-09-09 19:46 . 2009-08-14 16:27 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-09 19:46 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-09 19:46 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-09 19:46 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-09 19:46 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-09 19:46 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-09 19:46 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-09 19:46 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-09 19:46 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-09 19:46 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-09 19:46 . 2009-08-14 13:48 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-09-09 19:45 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-09 19:45 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-09 19:45 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-09 19:45 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-09-09 19:45 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-09 19:45 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-07 20:28 . 2009-09-07 20:28 -------- d-----w- c:\users\Happy Family\AppData\Local\CyberLink
2009-09-07 20:27 . 2009-09-07 20:28 -------- d-----w- c:\users\Happy Family\AppData\Local\SoftDMA
2009-09-07 20:27 . 2009-09-07 20:27 -------- d-----w- c:\users\Happy Family\AppData\Local\Acer Arcade Deluxe
2009-09-07 20:27 . 2009-09-07 20:27 -------- d-----w- c:\users\Happy Family\AppData\Roaming\CyberLink

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-05 12:10 . 2009-06-25 20:24 97323040 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-05 12:10 . 2009-06-25 20:24 1132232 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-04 19:12 . 2009-07-26 20:59 -------- d-----w- c:\program files\TVUPlayer
2009-10-04 13:36 . 2009-07-13 19:34 -------- d-----w- c:\users\Happy Family\AppData\Roaming\live-player
2009-10-04 13:35 . 2009-07-29 14:00 28504 ----a-w- c:\programdata\nvModes.dat
2009-10-02 17:04 . 2009-07-22 12:51 7592 ----a-w- c:\users\Happy Family\AppData\Local\d3d9caps.dat
2009-09-30 20:17 . 2009-07-13 19:45 -------- d-----w- c:\program files\SopCast
2009-09-30 13:26 . 2009-06-27 07:12 -------- d-----w- c:\users\Happy Family\AppData\Roaming\TeraCopy
2009-09-30 13:22 . 2008-05-08 06:57 662846 ----a-w- c:\windows\system32\perfh010.dat
2009-09-30 13:22 . 2008-05-08 06:57 120326 ----a-w- c:\windows\system32\perfc010.dat
2009-09-30 06:39 . 2009-06-25 21:58 -------- d-----w- c:\users\Happy Family\AppData\Roaming\vlc
2009-09-30 06:39 . 2009-08-25 17:10 -------- d-----w- c:\programdata\HP Product Assistant
2009-09-25 23:18 . 2009-06-26 21:13 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-09-16 13:54 . 2008-05-07 21:29 -------- d-----w- c:\programdata\CyberLink
2009-09-09 19:58 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-07 20:28 . 2009-06-27 10:22 -------- d-----w- c:\users\Happy Family\AppData\Roaming\dvdcss
2009-08-29 00:27 . 2009-09-03 07:05 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-03 07:05 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-27 12:53 . 2009-06-25 20:26 -------- d-----w- c:\programdata\is-OHA4F
2009-08-27 08:59 . 2009-08-26 15:56 -------- d-----w- c:\programdata\iolo
2009-08-27 08:12 . 2009-08-26 15:56 -------- d-----w- c:\users\Happy Family\AppData\Roaming\iolo
2009-08-26 15:57 . 2009-08-26 15:57 74703 ----a-w- c:\windows\system32\mfc45.dll
2009-08-18 18:01 . 2009-08-18 18:01 -------- d-----w- c:\program files\YouTube Downloader
2009-08-18 14:13 . 2009-07-26 21:58 97 ----a-w- c:\users\Happy Family\AppData\Local\cfvspeb.bat
2009-08-18 13:57 . 2009-06-25 17:57 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-16 17:55 . 2009-08-16 17:34 -------- d-----w- c:\programdata\Skype
2009-08-16 17:37 . 2009-08-16 17:37 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-08-16 17:37 . 2009-08-16 17:37 -------- d-----w- c:\users\Happy Family\AppData\Roaming\skypePM
2009-08-16 12:25 . 2009-06-27 07:19 -------- d-----w- c:\program files\Java
2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll
2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll
2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe
2009-07-25 03:23 . 2009-06-27 07:19 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-21 21:52 . 2009-07-29 14:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 14:00 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 14:00 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 14:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 13:54 . 2009-08-16 12:10 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-15 13:27 . 2009-06-25 17:18 75456 ----a-w- c:\users\Happy Family\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-15 12:40 . 2009-08-16 12:10 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-07-15 12:39 . 2009-08-16 12:10 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-15 12:39 . 2009-08-16 12:10 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-15 12:39 . 2009-08-16 12:10 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-15 06:24 . 2009-07-13 19:34 97 ----a-w- c:\users\Happy Family\AppData\Local\cciigmi.bat
2009-06-25 19:07 . 2009-06-25 19:07 123392 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2009-06-26 02:41 . 2009-06-26 02:40 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((( SnapShot_2009-08-18_14.34.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-09 19:45 . 2009-07-11 19:10 68096 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\wlanhlp.dll
+ 2009-09-09 19:45 . 2009-07-11 19:10 65024 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\wlanapi.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 15181 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\gatherWirelessInfo.vbs
+ 2009-07-22 15:07 . 2009-04-10 21:28 68096 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\wlanhlp.dll
+ 2009-09-09 19:45 . 2009-07-11 19:01 65024 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\wlanapi.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 15181 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\gatherWirelessInfo.vbs
+ 2009-09-09 19:45 . 2009-07-11 19:17 68096 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5\wlanhlp.dll
+ 2009-09-09 19:45 . 2009-07-11 19:17 64512 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5\wlanapi.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 15181 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5\gatherWirelessInfo.vbs
+ 2008-01-21 02:23 . 2008-01-21 02:23 68096 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\wlanhlp.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 64512 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\wlanapi.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 15181 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\gatherWirelessInfo.vbs
+ 2009-09-09 19:45 . 2009-07-11 19:24 67584 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.21082_none_9a92fd9a211c6fd7\wlanhlp.dll
+ 2009-09-09 19:45 . 2009-07-11 19:24 47104 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.21082_none_9a92fd9a211c6fd7\wlanapi.dll
+ 2009-09-09 19:45 . 2009-04-01 16:30 14827 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.21082_none_9a92fd9a211c6fd7\gatherWirelessInfo.vbs
+ 2009-09-09 19:45 . 2009-07-11 19:32 67584 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.16884_none_9a0b894107fccf79\wlanhlp.dll
+ 2009-09-09 19:45 . 2009-07-11 19:32 47104 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.16884_none_9a0b894107fccf79\wlanapi.dll
+ 2009-09-09 19:45 . 2009-04-01 16:30 14827 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.16884_none_9a0b894107fccf79\gatherWirelessInfo.vbs
+ 2009-09-09 19:46 . 2009-08-15 21:30 22016 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\netiougc.exe
+ 2009-09-09 19:46 . 2009-08-15 23:56 49152 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\netiomig.dll
+ 2009-09-09 19:46 . 2009-08-14 14:23 22016 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\netiougc.exe
+ 2009-09-09 19:46 . 2009-08-14 16:40 49152 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\netiomig.dll
+ 2009-09-09 19:46 . 2009-08-14 13:52 17920 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.22200_none_353709f565220c3d\ROUTE.EXE
+ 2009-09-09 19:46 . 2009-08-14 13:52 27136 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.22200_none_353709f565220c3d\NETSTAT.EXE
+ 2009-09-09 19:46 . 2009-08-14 13:52 11264 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.22200_none_353709f565220c3d\MRINFO.EXE
+ 2009-09-09 19:46 . 2009-08-14 13:52 10240 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.22200_none_353709f565220c3d\finger.exe
+ 2009-09-09 19:46 . 2009-08-14 13:52 19968 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.22200_none_353709f565220c3d\ARP.EXE
+ 2009-09-09 19:46 . 2009-08-14 13:49 17920 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18091_none_344d1c424c4c841c\ROUTE.EXE
+ 2009-09-09 19:46 . 2009-08-14 13:49 27136 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18091_none_344d1c424c4c841c\NETSTAT.EXE
+ 2009-09-09 19:46 . 2009-08-14 13:49 11264 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18091_none_344d1c424c4c841c\MRINFO.EXE
+ 2009-09-09 19:46 . 2009-08-14 13:49 10240 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18091_none_344d1c424c4c841c\finger.exe
+ 2009-09-09 19:46 . 2009-08-14 13:49 19968 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18091_none_344d1c424c4c841c\ARP.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:11 17920 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.22497_none_32f648e1683e66cc\ROUTE.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:11 27136 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.22497_none_32f648e1683e66cc\NETSTAT.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:11 11264 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.22497_none_32f648e1683e66cc\MRINFO.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:11 10240 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.22497_none_32f648e1683e66cc\finger.exe
+ 2009-09-09 19:46 . 2009-08-14 14:11 19968 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.22497_none_32f648e1683e66cc\ARP.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:16 17920 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.18311_none_32bd29ba4ee54f70\ROUTE.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:16 27136 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.18311_none_32bd29ba4ee54f70\NETSTAT.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:16 11264 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.18311_none_32bd29ba4ee54f70\MRINFO.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:16 10240 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.18311_none_32bd29ba4ee54f70\finger.exe
+ 2009-09-09 19:46 . 2009-08-14 14:16 19968 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.18311_none_32bd29ba4ee54f70\ARP.EXE
+ 2009-09-09 19:46 . 2009-08-15 21:31 17920 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.21108_none_317231f36ace26fb\ROUTE.EXE
+ 2009-09-09 19:46 . 2009-08-15 21:31 27136 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.21108_none_317231f36ace26fb\NETSTAT.EXE
+ 2009-09-09 19:46 . 2009-08-15 21:31 11264 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.21108_none_317231f36ace26fb\MRINFO.EXE
+ 2009-09-09 19:46 . 2009-08-15 21:31 10240 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.21108_none_317231f36ace26fb\finger.exe
+ 2009-09-09 19:46 . 2009-08-15 21:31 19968 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.21108_none_317231f36ace26fb\ARP.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:25 17920 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.16908_none_30e8bd0651b053ef\ROUTE.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:25 27136 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.16908_none_30e8bd0651b053ef\NETSTAT.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:25 11264 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.16908_none_30e8bd0651b053ef\MRINFO.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:25 10240 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.16908_none_30e8bd0651b053ef\finger.exe
+ 2009-09-09 19:46 . 2009-08-14 14:25 19968 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.16908_none_30e8bd0651b053ef\ARP.EXE
+ 2009-09-09 19:46 . 2009-08-14 17:01 98376 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22497_none_cd53c52043eb1c22\FWPKCLNT.SYS
+ 2009-09-09 19:46 . 2009-08-15 21:29 85504 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21108_none_cbcfae32467adc51\FWPKCLNT.SYS
+ 2009-09-09 19:46 . 2009-08-14 16:00 17920 c:\windows\winsxs\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6002.22200_none_5cb66ecc80d2b9bd\netevent.dll
+ 2009-09-09 19:46 . 2009-08-14 15:53 17920 c:\windows\winsxs\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6002.18091_none_5bcc811967fd319c\netevent.dll
+ 2009-09-09 19:46 . 2009-08-14 16:24 17920 c:\windows\winsxs\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6001.22497_none_5a75adb883ef144c\netevent.dll
+ 2009-09-09 19:46 . 2009-08-14 16:29 17920 c:\windows\winsxs\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6001.18311_none_5a3c8e916a95fcf0\netevent.dll
+ 2009-09-09 19:46 . 2009-08-15 23:56 15360 c:\windows\winsxs\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6000.21108_none_58f196ca867ed47b\netevent.dll
+ 2009-09-09 19:46 . 2009-08-14 16:40 15360 c:\windows\winsxs\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6000.16908_none_586821dd6d61016f\netevent.dll
+ 2009-09-09 19:45 . 2009-06-10 09:53 53248 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.22150_none_9e993405232e229b\rrinstaller.exe
+ 2009-09-09 19:45 . 2009-06-10 09:54 98816 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.22150_none_9e993405232e229b\mfps.dll
+ 2009-09-09 19:45 . 2009-06-10 09:53 24576 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.22150_none_9e993405232e229b\mfpmp.exe
+ 2009-07-22 15:08 . 2009-04-10 21:27 53248 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.18049_none_9e2369c00a004aef\rrinstaller.exe
+ 2009-07-22 15:07 . 2009-04-10 21:28 98816 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.18049_none_9e2369c00a004aef\mfps.dll
+ 2009-07-22 15:07 . 2009-04-10 21:27 24576 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.18049_none_9e2369c00a004aef\mfpmp.exe
+ 2009-09-09 19:45 . 2009-06-10 10:10 53248 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22447_none_9cc4940f25f962e7\rrinstaller.exe
+ 2009-09-09 19:45 . 2009-06-10 11:56 98816 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22447_none_9cc4940f25f962e7\mfps.dll
+ 2009-09-09 19:45 . 2009-06-10 10:10 24576 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22447_none_9cc4940f25f962e7\mfpmp.exe
+ 2008-01-21 02:25 . 2008-01-21 02:25 53248 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18270_none_9c1383940cfa6868\rrinstaller.exe
+ 2008-01-21 02:25 . 2008-01-21 02:25 98816 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18270_none_9c1383940cfa6868\mfps.dll
+ 2008-01-21 02:25 . 2008-01-21 02:25 24576 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18270_none_9c1383940cfa6868\mfpmp.exe
+ 2009-09-09 19:45 . 2009-06-10 10:01 52736 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.21065_none_9ac68b3928e50d45\rrinstaller.exe
+ 2009-09-09 19:45 . 2009-06-10 12:00 98816 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.21065_none_9ac68b3928e50d45\mfps.dll
+ 2009-09-09 19:45 . 2009-06-10 10:01 24576 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.21065_none_9ac68b3928e50d45\mfpmp.exe
+ 2009-09-09 19:45 . 2009-06-10 10:14 52736 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16868_none_9a40172a0fc4863e\rrinstaller.exe
+ 2009-09-09 19:45 . 2009-06-10 12:07 98816 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16868_none_9a40172a0fc4863e\mfps.dll
+ 2009-09-09 19:45 . 2009-06-10 10:15 24576 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16868_none_9a40172a0fc4863e\mfpmp.exe
+ 2009-09-09 19:46 . 2009-08-14 13:51 30720 c:\windows\winsxs\x86_microsoft-windows-l..istry-support-tcpip_31bf3856ad364e35_6.0.6002.22200_none_888d4c521bb0e416\tcpipreg.sys
+ 2009-09-09 19:46 . 2009-08-14 13:48 30720 c:\windows\winsxs\x86_microsoft-windows-l..istry-support-tcpip_31bf3856ad364e35_6.0.6002.18091_none_87a35e9f02db5bf5\tcpipreg.sys
+ 2009-08-27 01:02 . 2009-06-22 10:13 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.22155_none_17865cb11ffa07ae\tzupd.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18054_none_16fbbf9c06dd4e8d\tzupd.exe
+ 2009-08-27 01:02 . 2009-06-22 10:26 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22454_none_159eea7f22d49933\tzupd.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18275_none_1500ac4009c64d7b\tzupd.exe
+ 2009-08-27 01:02 . 2009-06-22 10:21 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.21070_none_139ee11525c210e3\tzupd.exe
+ 2009-08-27 01:02 . 2009-06-22 10:30 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16873_none_13186d060ca189dc\tzupd.exe
+ 2009-09-03 07:05 . 2009-08-29 00:19 28672 c:\windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6002.22213_none_846a2103770ca798\Apphlpdm.dll
+ 2009-09-03 07:05 . 2009-08-29 00:14 28672 c:\windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6002.18101_none_83e953905de8b92f\Apphlpdm.dll
+ 2009-09-03 07:05 . 2009-08-28 12:24 28672 c:\windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6001.22509_none_829480c379d8ce8d\Apphlpdm.dll
+ 2009-09-03 07:05 . 2009-08-28 12:39 28672 c:\windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6001.18320_none_81ec3fa060d3856f\Apphlpdm.dll
+ 2009-09-03 07:05 . 2009-08-29 03:32 28672 c:\windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6000.21117_none_80a147d97cbc5cfa\Apphlpdm.dll
+ 2009-09-03 07:05 . 2009-08-29 03:40 28672 c:\windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6000.16917_none_8017d2ec639e89ee\Apphlpdm.dll
+ 2008-01-21 01:58 . 2009-10-05 16:21 60276 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-10-05 16:21 91106 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-06-25 17:44 . 2009-06-25 17:44 84661 c:\windows\System32\Macromed\Flash\uninstall_plugin.exe
+ 2009-06-25 17:44 . 2009-08-27 06:33 84661 c:\windows\System32\Macromed\Flash\uninstall_plugin.exe
+ 2009-08-27 07:53 . 2008-09-03 07:41 12800 c:\windows\System32\drivers\elrawdsk.sys
- 2009-06-25 17:06 . 2009-08-18 14:32 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-06-25 17:06 . 2009-10-05 08:33 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-06-25 17:06 . 2009-08-18 14:32 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-06-25 17:06 . 2009-10-05 08:33 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-06-25 17:06 . 2009-10-05 08:33 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-06-25 17:06 . 2009-08-18 14:32 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-12-08 13:50 . 2008-12-08 13:50 54576 c:\windows\Installer\$PatchCache$\Managed\C3CBA818C536156418380D9E46B0D71D\5.2.0\hpwuschd2.exe
+ 2008-11-12 14:44 . 2008-11-12 14:44 27904 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\uxtuneupx86.dll
+ 2008-11-20 14:30 . 2008-11-20 14:30 11008 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\tux64thk.exe
+ 2008-11-20 14:30 . 2008-11-20 14:30 15104 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\TUMessages.exe
+ 2008-11-20 14:30 . 2008-11-20 14:30 57600 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\TUInstallHelper.exe
+ 2008-11-12 14:44 . 2008-11-12 14:44 27392 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SDShelEx86.dll
+ 2008-11-20 14:28 . 2008-11-20 14:28 85760 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegWiz.exe
+ 2008-11-20 14:28 . 2008-11-20 14:28 16640 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegistryDefragHelper.exe
+ 2008-11-20 14:28 . 2008-11-20 14:28 38144 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\PMLauncher.exe
+ 2008-11-20 14:28 . 2008-11-20 14:28 42752 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\OneClickStarter.exe
+ 2008-11-12 14:44 . 2008-11-12 14:44 25856 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\DseShExtx86.dll
+ 2008-11-12 14:44 . 2008-11-12 14:44 17152 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\authuitu_x86.dll
+ 2009-09-09 19:46 . 2009-08-14 13:52 9728 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.22200_none_353709f565220c3d\TCPSVCS.EXE
+ 2009-09-09 19:46 . 2009-08-14 13:52 8704 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.22200_none_353709f565220c3d\HOSTNAME.EXE
+ 2009-09-09 19:46 . 2009-08-14 13:49 9728 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18091_none_344d1c424c4c841c\TCPSVCS.EXE
+ 2009-09-09 19:46 . 2009-08-14 13:49 8704 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18091_none_344d1c424c4c841c\HOSTNAME.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:11 9728 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.22497_none_32f648e1683e66cc\TCPSVCS.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:11 8704 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.22497_none_32f648e1683e66cc\HOSTNAME.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:16 9728 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.18311_none_32bd29ba4ee54f70\TCPSVCS.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:16 8704 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.18311_none_32bd29ba4ee54f70\HOSTNAME.EXE
+ 2009-09-09 19:46 . 2009-08-15 21:31 9728 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.21108_none_317231f36ace26fb\TCPSVCS.EXE
+ 2009-09-09 19:46 . 2009-08-15 21:31 8704 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.21108_none_317231f36ace26fb\HOSTNAME.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:25 9728 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.16908_none_30e8bd0651b053ef\TCPSVCS.EXE
+ 2009-09-09 19:46 . 2009-08-14 14:25 8704 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.16908_none_30e8bd0651b053ef\HOSTNAME.EXE
+ 2009-09-09 19:45 . 2009-06-10 09:53 2048 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.22150_none_9e993405232e229b\mferror.dll
+ 2009-07-22 15:07 . 2009-04-10 19:55 2048 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.18049_none_9e2369c00a004aef\mferror.dll
+ 2009-09-09 19:45 . 2009-06-10 10:10 2048 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22447_none_9cc4940f25f962e7\mferror.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 2048 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18270_none_9c1383940cfa6868\mferror.dll
+ 2009-09-09 19:45 . 2009-06-10 08:43 2048 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.21065_none_9ac68b3928e50d45\mferror.dll
+ 2009-09-09 19:45 . 2009-06-10 08:50 2048 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16868_none_9a40172a0fc4863e\mferror.dll
+ 2009-08-27 01:02 . 2009-06-22 10:13 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.22155_none_17865cb11ffa07ae\tzres.dll
+ 2009-08-27 01:02 . 2009-06-22 10:09 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18054_none_16fbbf9c06dd4e8d\tzres.dll
+ 2009-08-27 01:02 . 2009-06-22 10:26 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22454_none_159eea7f22d49933\tzres.dll
+ 2009-08-27 01:02 . 2009-06-22 10:22 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18275_none_1500ac4009c64d7b\tzres.dll
+ 2009-08-27 01:02 . 2009-06-22 08:44 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.21070_none_139ee11525c210e3\tzres.dll
+ 2009-08-27 01:02 . 2009-06-22 08:44 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16873_none_13186d060ca189dc\tzres.dll
+ 2009-09-03 07:05 . 2009-08-29 00:24 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6002.22213_none_0e8a7f670895bd4d\AcRes.dll
+ 2006-11-02 07:11 . 2006-11-02 07:11 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6002.18101_none_0e09b1f3ef71cee4\AcRes.dll
+ 2009-09-03 07:05 . 2009-08-28 10:09 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6001.22509_none_0cb4df270b61e442\AcRes.dll
+ 2009-06-26 02:43 . 2009-06-26 02:43 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6001.18320_none_0c0c9e03f25c9b24\AcRes.dll
+ 2009-09-03 07:05 . 2009-08-28 23:11 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.21117_none_0ac1a63d0e4572af\AcRes.dll
+ 2009-09-03 07:05 . 2009-08-28 23:15 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16917_none_0a38314ff5279fa3\AcRes.dll
+ 2009-06-25 18:52 . 2009-10-04 15:32 6240 c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2009-06-25 17:18 . 2009-10-05 16:21 8338 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3792130533-4105100560-3462664888-1000_UserData.bin
+ 2009-08-27 01:02 . 2009-06-22 10:09 2048 c:\windows\System32\tzres.dll
- 2006-11-02 06:58 . 2006-11-02 06:58 2048 c:\windows\System32\tzres.dll
- 2009-08-18 14:31 . 2009-08-18 14:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-10-05 16:18 . 2009-10-05 16:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-10-05 16:18 . 2009-10-05 16:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-08-18 14:31 . 2009-08-18 14:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-09-09 19:45 . 2009-07-11 19:10 513536 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\wlansvc.dll
+ 2009-09-09 19:45 . 2009-07-11 19:10 302592 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\wlansec.dll
+ 2009-09-09 19:45 . 2009-07-11 19:10 293376 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\wlanmsm.dll
+ 2009-09-09 19:45 . 2009-07-11 19:01 513536 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\wlansvc.dll
+ 2009-09-09 19:45 . 2009-07-11 19:01 302592 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\wlansec.dll
+ 2009-09-09 19:45 . 2009-07-11 19:01 293376 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\wlanmsm.dll
+ 2009-09-09 19:45 . 2009-07-11 19:17 513536 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5\wlansvc.dll
+ 2009-09-09 19:45 . 2009-07-11 19:17 302592 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5\wlansec.dll
+ 2009-09-09 19:45 . 2009-07-11 19:17 293376 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5\wlanmsm.dll
+ 2009-09-09 19:45 . 2009-07-11 19:32 513024 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\wlansvc.dll
+ 2009-09-09 19:45 . 2009-07-11 19:32 302592 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\wlansec.dll
+ 2009-09-09 19:45 . 2009-07-11 19:32 293376 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\wlanmsm.dll
+ 2009-09-09 19:45 . 2009-07-11 19:24 502784 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.21082_none_9a92fd9a211c6fd7\wlansvc.dll
+ 2009-09-09 19:45 . 2009-07-11 19:24 299520 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.21082_none_9a92fd9a211c6fd7\wlansec.dll
+ 2009-09-09 19:45 . 2009-07-11 19:24 289280 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.21082_none_9a92fd9a211c6fd7\wlanmsm.dll
+ 2009-09-09 19:45 . 2009-07-11 19:32 502272 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.16884_none_9a0b894107fccf79\wlansvc.dll
+ 2009-09-09 19:45 . 2009-07-11 19:32 297984 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.16884_none_9a0b894107fccf79\wlansec.dll
+ 2009-09-09 19:45 . 2009-07-11 19:32 290816 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.16884_none_9a0b894107fccf79\wlanmsm.dll
+ 2009-09-09 19:46 . 2009-08-15 23:58 167424 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpipcfg.dll
+ 2009-09-09 19:46 . 2009-08-15 21:30 816640 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
+ 2009-09-09 19:46 . 2009-08-14 16:42 167424 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpipcfg.dll
+ 2009-09-09 19:46 . 2009-08-14 14:24 813568 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
+ 2009-09-09 19:46 . 2009-08-14 13:51 106496 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.22200_none_353709f565220c3d\netiohlp.dll
+ 2009-09-09 19:46 . 2009-08-14 13:48 105984 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18091_none_344d1c424c4c841c\netiohlp.dll
+ 2009-09-09 19:46 . 2009-08-14 16:24 105472 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.22497_none_32f648e1683e66cc\netiohlp.dll
+ 2009-09-09 19:46 . 2009-08-14 16:29 104960 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.18311_none_32bd29ba4ee54f70\netiohlp.dll
+ 2009-09-09 19:46 . 2009-08-15 23:56 103936 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.21108_none_317231f36ace26fb\netiohlp.dll
+ 2009-09-09 19:46 . 2009-08-14 16:40 103936 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.16908_none_30e8bd0651b053ef\netiohlp.dll
+ 2009-09-09 19:46 . 2009-08-14 16:33 905784 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
+ 2009-09-09 19:46 . 2009-08-14 16:27 904776 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
+ 2009-09-09 19:46 . 2009-08-14 17:01 900168 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
+ 2009-09-09 19:46 . 2009-08-14 17:07 897608 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
+ 2009-09-09 19:46 . 2009-06-06 12:55 726528 c:\windows\winsxs\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.6001.22886_none_66022984264aac18\jscript.dll
+ 2009-09-09 19:46 . 2009-06-06 05:01 726528 c:\windows\winsxs\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.6001.18795_none_656cbc830d360ee8\jscript.dll
+ 2009-09-09 19:46 . 2009-08-14 16:23 438272 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22497_none_cd53c52043eb1c22\IKEEXT.DLL
+ 2009-09-09 19:46 . 2009-08-14 16:22 595456 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22497_none_cd53c52043eb1c22\FWPUCLNT.DLL
+ 2009-09-09 19:46 . 2009-08-14 16:21 328704 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22497_none_cd53c52043eb1c22\BFE.DLL
+ 2009-09-09 19:46 . 2009-08-15 23:54 416768 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21108_none_cbcfae32467adc51\IKEEXT.DLL
+ 2009-09-09 19:46 . 2009-08-15 23:54 543232 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21108_none_cbcfae32467adc51\FWPUCLNT.DLL
+ 2009-09-09 19:46 . 2009-08-15 23:53 317440 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21108_none_cbcfae32467adc51\BFE.DLL
+ 2009-09-09 19:46 . 2009-08-14 17:01 220232 c:\windows\winsxs\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22497_none_56cac20cceadcb78\netio.sys
+ 2009-09-09 19:46 . 2009-08-16 00:32 214104 c:\windows\winsxs\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6000.21108_none_5546ab1ed13d8ba7\netio.sys
+ 2009-09-09 19:46 . 2009-08-14 17:16 213592 c:\windows\winsxs\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6000.16908_none_54bd3631b81fb89b\netio.sys
+ 2009-09-09 19:45 . 2009-07-11 17:07 127488 c:\windows\winsxs\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6002.22170_none_883d49e88f57f26d\L2SecHC.dll
+ 2009-09-09 19:45 . 2009-07-11 17:03 127488 c:\windows\winsxs\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6002.18064_none_87c27e31762e9c0e\L2SecHC.dll
+ 2009-09-09 19:45 . 2009-07-11 19:14 127488 c:\windows\winsxs\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6001.22468_none_8669aa3c92224c10\L2SecHC.dll
+ 2009-09-09 19:45 . 2009-07-11 19:29 127488 c:\windows\winsxs\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6001.18288_none_85ca6bb37914e701\L2SecHC.dll
+ 2009-09-09 19:45 . 2009-07-11 19:18 124928 c:\windows\winsxs\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6000.21082_none_8467a03e95119112\L2SecHC.dll
+ 2009-09-09 19:45 . 2009-07-11 19:26 123904 c:\windows\winsxs\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6000.16884_none_83e02be57bf1f0b4\L2SecHC.dll
+ 2009-08-26 06:43 . 2009-08-06 13:45 100352 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.22909_none_846b4b875fcce288\iecompat.dll
+ 2009-08-26 06:43 . 2009-08-06 03:44 100352 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.18819_none_83d6ded046b75eaf\iecompat.dll
+ 2009-09-09 19:45 . 2009-07-21 12:27 171008 c:\windows\winsxs\x86_microsoft-windows-ehome-ehkeyctl_31bf3856ad364e35_6.0.6002.22181_none_d867f28696ca3d06\ehkeyctl.dll
+ 2009-09-09 19:45 . 2009-07-21 12:26 171008 c:\windows\winsxs\x86_microsoft-windows-ehome-ehkeyctl_31bf3856ad364e35_6.0.6002.18072_none_d7ea25f17da39aa2\ehkeyctl.dll
+ 2009-09-09 19:45 . 2009-07-22 00:24 171008 c:\windows\winsxs\x86_microsoft-windows-ehome-ehkeyctl_31bf3856ad364e35_6.0.6001.22476_none_d69151fc99974aa4\ehkeyctl.dll
+ 2009-09-09 19:45 . 2009-07-21 14:45 171008 c:\windows\winsxs\x86_microsoft-windows-ehome-ehkeyctl_31bf3856ad364e35_6.0.6001.18295_none_d5f11329808acc3e\ehkeyctl.dll
+ 2009-09-09 19:45 . 2009-07-21 14:39 171008 c:\windows\winsxs\x86_microsoft-windows-ehome-ehkeyctl_31bf3856ad364e35_6.0.6000.21090_none_d48f47fe9c868fa6\ehkeyctl.dll
+ 2009-09-09 19:45 . 2009-07-21 14:56 171008 c:\windows\winsxs\x86_microsoft-windows-ehome-ehkeyctl_31bf3856ad364e35_6.0.6000.16891_none_d406d35b8367d5f1\ehkeyctl.dll
+ 2009-09-03 07:05 . 2009-08-29 02:46 173056 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6002.22213_none_0e8e808f089222a9\AcXtrnal.dll
+ 2009-09-03 07:05 . 2009-08-29 02:46 542720 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6002.22213_none_0e8e808f089222a9\AcLayers.dll
+ 2009-09-03 07:05 . 2009-08-29 02:30 173056 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6002.18101_none_0e0db31bef6e3440\AcXtrnal.dll
+ 2009-09-03 07:05 . 2009-08-29 02:30 542720 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6002.18101_none_0e0db31bef6e3440\AcLayers.dll
+ 2009-09-03 07:05 . 2009-08-28 12:24 173056 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.22509_none_0cb8e04f0b5e499e\AcXtrnal.dll
+ 2009-09-03 07:05 . 2009-08-28 12:24 541696 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.22509_none_0cb8e04f0b5e499e\AcLayers.dll
+ 2009-09-03 07:05 . 2009-08-28 12:39 173056 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.18320_none_0c109f2bf2590080\AcXtrnal.dll
+ 2009-09-03 07:05 . 2009-08-28 12:38 541696 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.18320_none_0c109f2bf2590080\AcLayers.dll
+ 2009-09-03 07:05 . 2009-08-29 03:31 173056 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.21117_none_0ac5a7650e41d80b\AcXtrnal.dll
+ 2009-09-03 07:05 . 2009-08-29 03:31 537600 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.21117_none_0ac5a7650e41d80b\AcLayers.dll
+ 2009-09-03 07:05 . 2009-08-29 03:40 173056 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.16917_none_0a3c3277f52404ff\AcXtrnal.dll
+ 2009-09-03 07:05 . 2009-08-29 03:40 537600 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.16917_none_0a3c3277f52404ff\AcLayers.dll
+ 2009-09-03 07:05 . 2009-08-29 02:46 458752 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6002.22213_none_0e8d804508930952\AcSpecfc.dll
+ 2009-09-03 07:05 . 2009-08-29 02:30 458752 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6002.18101_none_0e0cb2d1ef6f1ae9\AcSpecfc.dll
+ 2009-09-03 07:05 . 2009-08-28 12:24 459776 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6001.22509_none_0cb7e0050b5f3047\AcSpecfc.dll
+ 2009-09-03 07:05 . 2009-08-28 12:38 459776 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6001.18320_none_0c0f9ee1f259e729\AcSpecfc.dll
+ 2009-09-03 07:05 . 2009-08-29 03:31 450560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6000.21117_none_0ac4a71b0e42beb4\AcSpecfc.dll
+ 2009-09-03 07:05 . 2009-08-29 03:40 449024 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6000.16917_none_0a3b322df524eba8\AcSpecfc.dll
+ 2009-07-06 15:36 . 2009-09-26 19:56 195940 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-06-27 10:04 . 2009-10-05 08:37 295322 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2006-11-02 10:33 . 2009-08-18 14:16 587178 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-09-30 13:22 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-08-18 14:16 101250 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-09-30 13:22 101250 c:\windows\System32\perfc009.dat
+ 2009-07-18 03:21 . 2009-07-18 03:21 257440 c:\windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2009-06-25 20:28 . 2009-03-08 11:33 726528 c:\windows\System32\jscript.dll
+ 2009-09-09 19:46 . 2009-06-06 05:01 726528 c:\windows\System32\jscript.dll
- 2009-06-25 20:47 . 2009-07-28 18:30 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-06-25 20:47 . 2009-09-30 20:09 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
Mai contraddire una donna..Prima o poi lo farà da sola..
Avatar utente
ARIETE72
Senior Member
Senior Member
 
Messaggi: 449
Iscritto il: mar mar 07, 2006 4:24 pm
Località: milano


Re: Controllo Hijack. AIUTO!

Messaggioda ARIETE72 » lun ott 05, 2009 5:55 pm

Crazy, questo è il pezzettino di log che mancava...non c stava tutto insieme nel precedente post..
grazie dell'aiuto

+ 2009-09-14 12:59 . 2009-09-14 12:59 815104 c:\windows\Installer\86955.msi
+ 2009-10-02 16:47 . 2009-10-02 16:47 768512 c:\windows\Installer\859f4.msi
+ 2009-09-13 21:04 . 2009-09-13 21:04 119296 c:\windows\Installer\82f97.msi
+ 2009-09-14 12:59 . 2009-09-14 12:59 102400 c:\windows\Installer\{818ABC3C-635C-4651-8183-D0E9640B7DD1}\NewShortcut1_47F36D92E58E456DB73C3382737E4C42.exe
+ 2008-11-20 14:30 . 2008-11-20 14:30 915712 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\WinStyler.exe
+ 2008-11-20 14:30 . 2008-11-20 14:30 218880 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\UpdateWizard.exe
+ 2008-11-20 14:30 . 2008-11-20 14:30 280320 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\UninstallManager.exe
+ 2008-11-20 14:30 . 2008-11-20 14:30 238336 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\Undelete.exe
+ 2008-11-12 14:44 . 2008-11-12 14:44 887552 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\TUDefragService.dll
+ 2008-11-20 14:30 . 2008-11-20 14:30 341760 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SystemInformation.exe
+ 2008-11-20 14:30 . 2008-11-20 14:30 129280 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SystemControl.exe
+ 2008-11-20 14:30 . 2008-11-20 14:30 352000 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\StartUpManager.exe
+ 2008-11-20 14:30 . 2008-11-20 14:30 921344 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SilentUpdater.exe
+ 2008-11-20 14:29 . 2008-11-20 14:29 173824 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\Shredder.exe
+ 2008-11-20 14:29 . 2008-11-20 14:29 227072 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\ShortcutCleaner.exe
+ 2008-11-20 14:29 . 2008-11-20 14:29 197376 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RescueCenter.exe
+ 2008-11-20 14:29 . 2008-11-20 14:29 166144 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RepairWizard.exe
+ 2008-11-20 14:28 . 2008-11-20 14:28 327936 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegistryEditor.exe
+ 2008-11-20 14:28 . 2008-11-20 14:28 160000 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegistryDefrag.exe
+ 2008-11-20 14:28 . 2008-11-20 14:28 504576 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegistryCleaner.exe
+ 2008-11-20 14:28 . 2008-11-20 14:28 272952 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\ProductInfo.dat
+ 2008-11-20 14:28 . 2008-11-20 14:28 397568 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\ProcessManager.exe
+ 2008-11-20 14:28 . 2008-11-20 14:28 593152 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\OneClick.exe
+ 2008-11-20 14:28 . 2008-11-20 14:28 221952 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\DriveDefrag.exe
+ 2008-11-20 14:28 . 2008-11-20 14:28 463104 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\DiskExplorer.exe
+ 2008-11-20 14:28 . 2008-11-20 14:28 163584 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\DiskDoctor.exe
+ 2009-09-09 19:45 . 2009-07-21 12:26 171008 c:\windows\ehome\ehkeyctl.dll
- 2008-01-21 02:25 . 2008-01-21 02:25 171008 c:\windows\ehome\ehkeyctl.dll
+ 2009-09-03 07:05 . 2009-08-29 02:30 173056 c:\windows\AppPatch\AcXtrnal.dll
- 2008-01-21 02:24 . 2008-01-21 02:24 173056 c:\windows\AppPatch\AcXtrnal.dll
+ 2009-09-03 07:05 . 2009-08-29 02:30 458752 c:\windows\AppPatch\AcSpecfc.dll
+ 2009-09-03 07:05 . 2009-08-29 02:30 542720 c:\windows\AppPatch\AcLayers.dll
- 2009-07-22 15:07 . 2009-04-10 21:28 542720 c:\windows\AppPatch\AcLayers.dll
+ 2009-09-09 19:45 . 2009-08-10 07:23 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.22215_none_f4f261f581c1d755\OESpamFilter.dat
+ 2009-09-09 19:45 . 2009-08-10 07:23 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.18103_none_f4719482689de8ec\OESpamFilter.dat
+ 2009-09-09 19:45 . 2009-08-10 07:22 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22511_none_f307eee5849f1cd5\OESpamFilter.dat
+ 2009-09-09 19:45 . 2009-08-10 07:23 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18322_none_f27480926b88b52c\OESpamFilter.dat
+ 2009-09-09 19:45 . 2009-08-10 07:22 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.21119_none_f12988cb87718cb7\OESpamFilter.dat
+ 2009-09-09 19:45 . 2009-08-10 07:23 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16919_none_f0a013de6e53b9ab\OESpamFilter.dat
+ 2009-09-09 19:45 . 2009-06-10 11:45 2386944 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6002.22150_none_096c8896ec43f957\WMVCORE.DLL
+ 2009-09-09 19:45 . 2009-06-10 11:41 2386944 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6002.18049_none_08f6be51d31621ab\WMVCORE.DLL
+ 2009-09-09 19:45 . 2009-06-10 11:59 2386944 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6001.22447_none_0797e8a0ef0f39a3\WMVCORE.DLL
+ 2009-09-09 19:45 . 2009-06-10 12:11 2386944 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6001.18270_none_06e6d825d6103f24\WMVCORE.DLL
+ 2009-09-09 19:45 . 2009-06-10 12:06 2436096 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6000.21065_none_0599dfcaf1fae401\WMVCORE.DLL
+ 2009-09-09 19:45 . 2009-06-10 12:16 2433536 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6000.16868_none_05136bbbd8da5cfa\WMVCORE.DLL
+ 2009-09-09 19:45 . 2009-06-10 11:45 2868224 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.22150_none_9e993405232e229b\mf.dll
+ 2009-09-09 19:45 . 2009-06-10 11:41 2868224 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.18049_none_9e2369c00a004aef\mf.dll
+ 2009-09-09 19:45 . 2009-06-10 11:59 2868224 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22447_none_9cc4940f25f962e7\mf.dll
+ 2009-09-09 19:45 . 2009-06-10 12:11 2868224 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18270_none_9c1383940cfa6868\mf.dll
+ 2009-09-09 19:45 . 2009-06-10 12:00 2855424 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.21065_none_9ac68b3928e50d45\mf.dll
+ 2009-09-09 19:45 . 2009-06-10 12:07 2855424 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16868_none_9a40172a0fc4863e\mf.dll
+ 2009-09-03 07:05 . 2009-08-29 00:34 4240384 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.22213_none_4468964bd78652fb\GameUXLegacyGDFs.dll
+ 2009-09-03 07:05 . 2009-08-29 02:47 1696256 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.22213_none_4468964bd78652fb\gameux.dll
+ 2009-09-03 07:05 . 2009-08-29 00:27 4240384 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.18101_none_43e7c8d8be626492\GameUXLegacyGDFs.dll
+ 2009-07-22 15:07 . 2009-04-10 21:28 1696768 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.18101_none_43e7c8d8be626492\gameux.dll
+ 2009-09-03 07:05 . 2009-08-28 10:19 4240384 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22509_none_4292f60bda5279f0\GameUXLegacyGDFs.dll
+ 2009-09-03 07:05 . 2009-08-28 12:25 1695744 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22509_none_4292f60bda5279f0\gameux.dll
+ 2009-09-03 07:05 . 2009-08-28 10:15 4240384 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18320_none_41eab4e8c14d30d2\GameUXLegacyGDFs.dll
+ 2009-06-26 02:43 . 2009-06-26 02:43 1695744 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18320_none_41eab4e8c14d30d2\gameux.dll
+ 2009-09-03 07:05 . 2009-08-28 23:26 4247552 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.21117_none_409fbd21dd36085d\GameUXLegacyGDFs.dll
+ 2009-09-03 07:05 . 2009-08-29 03:33 1686528 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.21117_none_409fbd21dd36085d\gameux.dll
+ 2009-09-03 07:05 . 2009-08-28 23:31 4247552 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16917_none_40164834c4183551\GameUXLegacyGDFs.dll
+ 2009-09-03 07:05 . 2009-08-29 03:41 1686528 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16917_none_40164834c4183551\gameux.dll
+ 2009-09-03 07:05 . 2009-08-29 02:46 2159616 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6002.22213_none_0e8c7ffb0893effb\AcGenral.dll
+ 2009-09-03 07:05 . 2009-08-29 02:30 2159616 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6002.18101_none_0e0bb287ef700192\AcGenral.dll
+ 2009-09-03 07:05 . 2009-08-28 12:24 2157056 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6001.22509_none_0cb6dfbb0b6016f0\AcGenral.dll
+ 2009-09-03 07:05 . 2009-08-28 12:38 2153984 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6001.18320_none_0c0e9e97f25acdd2\AcGenral.dll
+ 2009-09-03 07:05 . 2009-08-29 03:31 2144768 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6000.21117_none_0ac3a6d10e43a55d\AcGenral.dll
+ 2009-09-03 07:05 . 2009-08-29 03:40 2143744 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6000.16917_none_0a3a31e3f525d251\AcGenral.dll
- 2009-07-22 15:07 . 2009-04-10 21:28 2386944 c:\windows\System32\WMVCORE.DLL
+ 2009-09-09 19:45 . 2009-06-10 11:41 2386944 c:\windows\System32\WMVCORE.DLL
+ 2006-11-02 10:22 . 2009-09-10 14:10 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat
- 2006-11-02 10:22 . 2009-08-18 13:18 6553600 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-18 03:21 . 2009-07-18 03:21 3883424 c:\windows\System32\Macromed\Flash\NPSWF32.dll
+ 2009-04-29 16:40 . 2009-04-29 16:40 8641536 c:\windows\Installer\85b16.msp
+ 2008-11-20 14:30 . 2008-11-20 14:30 1182464 c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SpeedOptimizer.exe
+ 2009-09-14 12:58 . 2009-09-14 12:58 1726976 c:\windows\Hewlett-Packard\Setup Files\HP Software Update\{59D24A3B-8908-4D44-939A-EAF85F66580C}\HP Update.msi
+ 2009-09-03 07:05 . 2009-08-29 02:30 2159616 c:\windows\AppPatch\AcGenral.dll
+ 2006-11-02 10:24 . 2009-08-28 21:38 24689600 c:\windows\System32\mrt.exe
+ 2009-06-25 19:07 . 2009-09-09 20:00 147284583 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 21:38 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-22 1037608]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-19 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-19 92704]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2009-06-25 3667968]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 809480]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-30 397312]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-04-25 6111232]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-21 1826816]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-05 08:09 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2009-06-25 17:53 3110912 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
"WarReg_PopUp"=c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(b):d6,5d,fb,86,e2,0a,ca,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{EDD33C57-C9CF-452D-AF8F-BF917549F62B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{DF21046C-0A25-4FAF-A1BF-517BEF5405D8}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{DC808DF1-C040-4E29-A5B1-73952534C8BA}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{0D51BA99-356E-4B7A-9E65-987ED78BA285}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{E7396943-4CE5-42E3-A7EA-71FF51C54DCF}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{8D0247B6-B148-4E39-870B-8FF98EEBC8C8}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{A38B6703-8CFB-464A-BA28-0C7599718CD6}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{F0599F67-0601-4D3D-A86A-E4681DE023BA}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{8CE8F528-1E9F-4430-AD9B-10259617BCBD}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{0ACCB565-A618-48A6-8B31-A3F25F2A0B2A}"= c:\program files\Acer\Acer VCM\VC.exe:Acer VCM
"{3035819F-412F-4151-A50B-15575108C9AD}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{9AFD42F4-BB88-4A78-ABD0-0007FB0B1972}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie
"{2B1F9693-6F70-48AC-BAD1-629DA4289A40}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program
"{D645AA5E-4285-4DDB-ADD6-EE5B6DE96ABE}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia
"TCP Query User{CD474E74-ABC5-4B94-802B-9ADDBF38F36D}c:\\program files\\emule adunanza\\emule_adnza.exe"= UDP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"UDP Query User{0E5E1D55-E396-4517-95C8-CBB0D39FFC56}c:\\program files\\emule adunanza\\emule_adnza.exe"= TCP:c:\program files\emule adunanza\emule_adnza.exe:eMule
"{5FCABD74-A0A9-4365-97C5-3CB255695903}"= UDP:c:\program files\eMule AdunanzA\LinkCreator.exe:LinkCreator
"{751C7890-959A-4BCD-8BE3-66F99F4ACAFF}"= TCP:c:\program files\eMule AdunanzA\LinkCreator.exe:LinkCreator
"{2D604E5E-4AE4-4FCD-9646-7705B5E2FBBC}"= UDP:c:\program files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"{8F4C24F0-0E12-4F00-86C3-F1087F6138AB}"= TCP:c:\program files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"{3E8F9250-B26D-4D3C-9AE0-199443405350}"= UDP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{B6555C4B-20A6-4656-B63E-F69068B386B2}"= TCP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{4AEFA42F-1BCA-4C63-B02C-BE57D262D70A}"= UDP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{17D913B0-D8D2-4920-867E-E04801FBF08F}"= TCP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{8E926176-1E91-4AFD-8247-7CB958459B28}"= UDP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{4408BBBB-ED23-4C61-B183-45943F656673}"= TCP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{890E0B18-0CFF-4AD1-AF2B-7F9FC7F66687}"= UDP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{5115C74B-C79C-4E0D-92FB-5B54D28FA4A1}"= TCP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{1DF7D62D-FB8F-48C3-8A1A-C3AD67B3ABAD}"= UDP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{1CA1354C-7FA1-4955-B11A-4FEFE90F8210}"= TCP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{5C944F2D-DCCD-4FE6-9F3C-D1D0D3360F3F}"= UDP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{FE1F5331-0792-4ED9-A30B-E2FF380A6505}"= TCP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"TCP Query User{E4E02B91-7D19-43D3-9480-42E80DC3D4BE}f:\\internettv.exe"= UDP:F:\internettv.exe:Readon TV Movie Radio Player
"UDP Query User{496B4180-6447-44AF-9144-3E8CB9F438CA}f:\\internettv.exe"= TCP:F:\internettv.exe:Readon TV Movie Radio Player
"TCP Query User{E7EBFC4F-0A1F-4DBA-B67F-FE8F6C88DDF8}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"UDP Query User{9628F199-A709-43B4-A095-AC57D9925AF0}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"TCP Query User{997C0E8B-42A8-4F62-A28C-5F255BED05A3}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{F53C8B34-BA0C-43C3-8618-4C280C200628}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{4A4DDBF8-0A52-4215-80D7-4348B4A893A9}c:\\program files\\tvants\\tvants.exe"= UDP:c:\program files\tvants\tvants.exe:TVAnts
"UDP Query User{C32B2A82-0C06-4C85-9266-8AFD0395C958}c:\\program files\\tvants\\tvants.exe"= TCP:c:\program files\tvants\tvants.exe:TVAnts
"{E7EDEEA1-E681-4CD2-A50A-903E6ABFA11F}"= UDP:c:\program files\iolo\System Mechanic Professional\Personal Firewall\ioloFW.exe:iolo Firewall®
"{D7EFCBF6-3409-4D98-B20E-3976F4258F3F}"= TCP:c:\program files\iolo\System Mechanic Professional\Personal Firewall\ioloFW.exe:iolo Firewall®
"TCP Query User{055F9810-A12A-4A1F-AF1A-CB61AE081917}c:\\users\\happy family\\appdata\\roaming\\macromedia\\flash player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"= UDP:c:\users\happy family\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe:octoshape.exe
"UDP Query User{443ADC31-930D-43D1-9140-5C6D249BB20C}c:\\users\\happy family\\appdata\\roaming\\macromedia\\flash player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"= TCP:c:\users\happy family\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe:octoshape.exe
"TCP Query User{8A282DDE-3761-4B8B-9143-6DE77F675E7B}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{B59DBF39-AF06-40E4-9481-14760432E6A5}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{78F7BB0B-8886-4CAB-A766-740B65EE8368}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{C57D64CA-3A1E-4430-B652-34740AD59132}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{4ABEEF37-C0D0-4DA9-9403-CD40BCA14A6F}c:\\program files\\live-player\\live-player.exe"= UDP:c:\program files\live-player\live-player.exe:Live-Player
"UDP Query User{C71D8D3F-B271-4018-AB1B-4FC894E99DF4}c:\\program files\\live-player\\live-player.exe"= TCP:c:\program files\live-player\live-player.exe:Live-Player

R0 AlfaFF;AlfaFF File System mini-filter;c:\windows\System32\drivers\AlfaFF.sys [25/06/2009 19.53.10 43184]
R1 ElRawDisk;ElRawDisk;c:\windows\System32\drivers\elrawdsk.sys [27/08/2009 9.53.23 12800]
R1 is-OHA4Fdrv;is-OHA4Fdrv;c:\windows\System32\drivers\10565681.sys [25/06/2009 22.24.52 148496]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23/06/2009 11.01.40 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23/06/2009 11.01.40 74480]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [25/06/2009 20.13.07 61424]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [03/03/2008 13.11.14 16384]
R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [25/06/2009 20.14.54 81504]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [07/05/2008 23.28.16 24576]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [06/04/2008 22.42.24 50424]
R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [25/06/2009 20.14.59 122368]
R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [25/06/2009 19.51.15 233472]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [02/10/2009 18.50.12 604416]
R3 NETw5v32;Driver scheda Intel(R) Wireless WiFi Link per Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [26/06/2009 4.39.50 3658752]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [26/06/2009 4.39.04 44064]
S2 IGBASVC;iGroupTec Service;c:\program files\Acer\Acer Bio Protection\BASVC.exe [25/06/2009 19.53.17 3517440]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [04/04/2008 3.03.14 131072]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [21/01/2008 4.23.20 179712]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [25/06/2009 21.06.39 24064]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23/06/2009 11.01.42 7408]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [03/10/2009 8.11.19 75776]
S4 Partner Service;Partner Service;c:\programdata\Partner\partner.exe [25/06/2009 21.07.39 110576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'

2009-10-05 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:37]

2009-10-05 c:\windows\Tasks\User_Feed_Synchronization-{0DBE58FD-B487-4991-9EBA-16B4398246B8}.job
- c:\windows\system32\msfeedssync.exe [2009-07-29 20:13]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... spire_5930
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... spire_5930
uInternet Settings,ProxyOverride = local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Happy Family\AppData\Roaming\Mozilla\Firefox\Profiles\60xn85yq.default\
FF - prefs.js: browser.startup.homepage - http://www.sportmediaset.it
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\users\Happy Family\AppData\Roaming\Mozilla\Firefox\Profiles\60xn85yq.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: f:\picasa3\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKCU-Run-docresgm - c:\users\happy family\appdata\local\docresgm.exe
AddRemove-HijackThis - c:\users\HAPPYF~1\AppData\Local\Temp\Rar$EX00.290\HijackThis.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-05 18:52
Windows 6.0.6002 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Ora fine scansione: 2009-10-05 18.54.44
ComboFix-quarantined-files.txt 2009-10-05 16:54
ComboFix2.txt 2009-08-18 14:38
ComboFix3.txt 2009-08-18 14:15

Pre-Run: 100.472.090.624 byte disponibili
Post-Run: 100.457.091.072 byte disponibili

631 --- E O F --- 2009-10-03 06:14
Mai contraddire una donna..Prima o poi lo farà da sola..
Avatar utente
ARIETE72
Senior Member
Senior Member
 
Messaggi: 449
Iscritto il: mar mar 07, 2006 4:24 pm
Località: milano

Re: Controllo Hijack. AIUTO!

Messaggioda crazy.cat » lun ott 05, 2009 6:09 pm

Alla faccia del log....

Comunque il virus pubblicitario è stato rimosso.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: Controllo Hijack. AIUTO!

Messaggioda ARIETE72 » lun ott 05, 2009 6:57 pm

ma sai anche dirmi quale era la stringa del virus?
grazie tante ancora Crazy
Io giro su molti siti informatici con i vari forum, ma solo MegaLab merita una iscrizione e di postare i problemi ( e leggere le recensioni ).
Fedele a vita!
Ciao e alla prossima
Matteo
Mai contraddire una donna..Prima o poi lo farà da sola..
Avatar utente
ARIETE72
Senior Member
Senior Member
 
Messaggi: 449
Iscritto il: mar mar 07, 2006 4:24 pm
Località: milano

Re: Controllo Hijack. AIUTO!

Messaggioda Amantide » lun ott 05, 2009 8:56 pm

ARIETE72 ha scritto:ma sai anche dirmi quale era la stringa del virus?

Queste qui:
Codice: Seleziona tutto
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Happy Family\AppData\Local\docresgm.dat
c:\users\Happy Family\AppData\Local\docresgm.exe
c:\users\Happy Family\AppData\Local\docresgm_nav.dat
c:\users\Happy Family\AppData\Local\docresgm_navps.dat
c:\windows\Suyin.reg


e questa:
Codice: Seleziona tutto
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKCU-Run-docresgm - c:\users\happy family\appdata\local\docresgm.exe


Precisamente si trattava di una cosa simile http://www.MegaLab.it/2876/diffidiamo-d ... er-skinner

[ciao]
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: Controllo Hijack. AIUTO!

Messaggioda ARIETE72 » mar ott 06, 2009 5:02 pm

ciao Crazy
Avevo gia' letto il servizio Vostro dei messanger skinner, infatti te lo chiedevo in quanto sono piu' che sicuro di avere preso il virus mentre davo esecuzione al programma di live player che si trova in questo sito. http://www.live-player.com/.La tua era la conferma che cercavo.Ma molti siti lo pubblicizzano per vedere per esempio partite in streraming..
Pensavo fosse un falso positivo di avira e ho clikkato "ignora" come un "ignorante"....................
Grazie ancora della tua competenza / gentilezza!
Matteo
Mai contraddire una donna..Prima o poi lo farà da sola..
Avatar utente
ARIETE72
Senior Member
Senior Member
 
Messaggi: 449
Iscritto il: mar mar 07, 2006 4:24 pm
Località: milano

Re: Controllo Hijack. AIUTO!

Messaggioda crazy.cat » mar ott 06, 2009 5:36 pm

ARIETE72 ha scritto:ciao Crazy

Diamo anche ad Amantide quello che è di Amantide visto che ti aveva risposto lei.

Avevo gia' letto il servizio Vostro dei messanger skinner,

Ma non avevi letto quello su live player...
http://www.MegaLab.it/4037/live-player- ... n-sorpresa
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: Controllo Hijack. AIUTO!

Messaggioda ARIETE72 » mer ott 07, 2009 2:10 pm

SCUSA Amantide!!!!!
ero di fretta e convinto di parlare ancora con Crazy.
Perdonami
Crazie Crazy!!
Mai contraddire una donna..Prima o poi lo farà da sola..
Avatar utente
ARIETE72
Senior Member
Senior Member
 
Messaggi: 449
Iscritto il: mar mar 07, 2006 4:24 pm
Località: milano


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 3 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising