Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
Altro virus?
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
GX Style
Eroe
Eroe


Registrato: 11/07/07 11:44
Messaggi: 47
MessaggioInviato: 05 Mar 2008 18:14    Oggetto: Altro virus? Rispondi citando
Da oggi, senza che io abbia cambiato alcuna impostazione, ho nella traybar l'icona di avast! mail scanner che mi segnala l'invio o il ricevimento di mail da improbabili mail, mai sentite e di nome strampalato.

A cosa è dovuto? C'è il rischio di hacking oppure è solo "SPAM"? Possibile che invii via mail informazioni riservate? Shocked


Cercando su google ho notato che in molti consigliano l'uso di rustbfix...Fatta la scansione ma non trova nulla...

Log di Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17.18.13, on 05/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\Documents and Settings\User\Desktop\flexlm\SolidWorks SolidNetWork License Manager\lmgrd.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\User\Desktop\flexlm\SolidWorks SolidNetWork License Manager\SW_D.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Multimedia Card Reader\shwicon2k.exe
C:\Programmi\QuickTime\QTTask.exe
D:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
D:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Programmi\PC-TV\WinManager\WinManager.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Programmi\Windows Media Player\wmplayer.exe
D:\Programmi\eMule\emule.exe
C:\Programmi\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\User\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 212.216.112.112
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BearShare] "D:\Programmi\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [TomTomHOME.exe] "d:\Programmi\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKLM\..\Run: [Sunkist2k] C:\Programmi\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Gestione servizi.lnk = C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: WinManager.lnk = C:\Programmi\PC-TV\WinManager\WinManager.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1197804961984
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F673A63-BDBF-4B7B-9693-1ECA9A470115}: NameServer = 85.37.17.8 85.38.28.73
O20 - Winlogon Notify: msvideo32 - C:\WINDOWS\SYSTEM32\msvideo32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SolidWorks SolidNetWork License Manager - Macrovision Corporation - C:\Documents and Settings\User\Desktop\flexlm\SolidWorks SolidNetWork License Manager\lmgrd.exe

--
End of file - 8171 bytes



Illuminatemi dei dell'Olimpo.... Rolling Eyes
Top
Profilo Invia messaggio privato MSN
Sante62
Dio maturo
Dio maturo


Registrato: 27/06/07 17:55
Messaggi: 3477
Residenza: Floridia
MessaggioInviato: 05 Mar 2008 18:33    Oggetto: Rispondi citando
Ciao GX Style Ciao
Avvia Hijackthis, seleziona a sinistra queste righe e premi poi fix Checked:
Citazione:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 212.216.112.112
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Lancia una scansione con Combofix seguendo questa discussione postando il risultato come indicato;
fai anche la scansione con GMER
Ricorda che i log di GMER sono due: Autostart e Rootkit. Postali su www.freefilehosting.net come indicato quì
Top
Profilo Invia messaggio privato
GX Style
Eroe
Eroe


Registrato: 11/07/07 11:44
Messaggi: 47
MessaggioInviato: 06 Mar 2008 14:27    Oggetto: Rispondi citando
Il log di COMBOFIX:

ComboFix 08-03-06.4 - User 2008-03-07 15.44.36.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.870 [GMT 1:00]
Eseguito da: C:\Documents and Settings\User\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Creati Da 2008-02-07 al 2008-03-07 )))))))))))))))))))))))))))))))))))
.

2008-03-05 17:12 . 2008-03-05 17:12 <DIR> d-------- C:\Rustbfix
2008-03-05 14:08 . 2008-03-07 15:47 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-05 14:08 . 2008-03-05 14:08 1,409 --a------ C:\WINDOWS\QTFont.for
2008-03-04 21:26 . 2008-03-04 21:26 64 --a------ C:\WINDOWS\PEPS Macro Editor Default Workspace.wsp
2008-03-04 21:26 . 2008-03-04 21:26 47 --a------ C:\WINDOWS\PEPS Macro Editor.INI
2008-03-04 20:12 . 2003-04-16 01:10 110,592 --a------ C:\WINDOWS\system32\tsccvid.dll
2008-03-04 20:10 . 2008-03-04 20:10 71 --a------ C:\WINDOWS\VectorMachine.INI
2008-03-02 20:00 . 2008-03-02 20:00 <DIR> d-------- C:\Programmi\Autodesk
2008-03-02 09:21 . 2008-03-02 09:21 1,024 --a------ C:\.rnd
2008-02-25 19:59 . 2008-02-25 19:59 <DIR> d-------- C:\Programmi\iPod

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-04 20:51 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\DassaultSystemes
2008-03-04 20:22 --------- d-----w C:\Documents and Settings\User\Dati applicazioni\Autodesk
2008-03-02 19:05 --------- d-----w C:\Programmi\File comuni\Autodesk Shared
2008-03-02 19:01 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Autodesk
2008-02-25 18:58 --------- d-----w C:\Programmi\QuickTime
2008-02-24 20:02 --------- d-----w C:\Documents and Settings\User\Dati applicazioni\SolidWorks
2008-02-07 13:23 --------- d-----w C:\Programmi\Multimedia Card Reader
2008-02-04 18:13 --------- d-----w C:\Programmi\Microsoft SQL Server
2008-01-28 12:57 --------- d-----w C:\Programmi\File comuni\Adobe
2008-01-22 13:05 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Installations
2008-01-20 19:48 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab
2008-01-18 20:20 253,952 ------w C:\WINDOWS\Setup1.exe
2008-01-14 14:17 --------- d-----w C:\Documents and Settings\User\Dati applicazioni\DivX
2008-01-14 14:01 --------- d-----w C:\Documents and Settings\User\Dati applicazioni\Media Player Classic
2007-04-05 19:20 87,608 ----a-w C:\Documents and Settings\User\Dati applicazioni\ezpinst.exe
2007-04-05 19:20 47,360 ----a-w C:\Documents and Settings\User\Dati applicazioni\pcouffin.sys
.

------- Sigcheck -------

fd46b348fca32a1987b9a32b6ba81d2e C:\WINDOWS\system32\winlogon.exe
----a-w 504,832 2007-04-04 09:39:06 C:\WINDOWS\system32\winlogon.exe
.
((((((((((((((((((((((((((((( snapshot@2008-01-19_12.16.31.84 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-04 18:15:11 24,576 ----a-w C:\WINDOWS\assembly\GAC\InventorRegUtils\1.0.0.0__d84147f8b4276564\InventorRegUtils.dll
- 2007-12-24 07:53:25 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-03-02 18:59:31 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2007-12-24 07:53:25 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-03-02 18:59:32 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2007-12-24 07:53:25 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-03-02 18:59:32 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2007-12-24 07:53:26 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-02 18:59:32 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-24 07:53:26 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-03-02 18:59:34 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2007-12-24 07:53:27 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-03-02 18:59:34 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2007-12-24 07:53:27 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-03-02 18:59:34 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2007-12-24 07:53:28 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-03-02 18:59:35 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2007-12-24 07:53:24 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-03-02 18:59:30 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2007-07-28 19:40:30 315,392 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_it_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2008-03-02 18:58:42 315,392 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_it_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2008-03-02 19:04:10 1,103,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Autodesk.AutoCAD.Interop.Common\17.1.51.0__eed84259d7cbf30b\Autodesk.AutoCAD.Interop.Common.dll
+ 2008-03-02 19:04:11 153,336 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Autodesk.AutoCAD.Interop\17.1.51.0__eed84259d7cbf30b\Autodesk.AutoCAD.Interop.dll
- 2007-07-28 19:40:37 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2008-03-02 18:58:51 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
- 2007-07-28 19:40:37 139,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2008-03-02 18:58:51 139,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
- 2007-07-28 19:40:37 10,240 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2008-03-02 18:58:51 10,240 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
- 2007-07-28 19:40:31 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
+ 2008-03-02 18:58:44 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
- 2007-07-28 19:40:42 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2008-03-02 18:58:56 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
- 2007-07-28 19:40:41 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2008-03-02 18:58:56 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
- 2007-07-28 19:40:41 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2008-03-02 18:58:56 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
- 2007-07-28 19:40:37 303,104 ----a-w C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.Resources.dll
+ 2008-03-02 18:58:52 303,104 ----a-w C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.Resources.dll
- 2007-07-28 19:40:40 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_it_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2008-03-02 18:58:55 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_it_b03f5f7f11d50a3a\sysglobl.resources.dll
- 2007-07-28 19:40:38 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
+ 2008-03-02 18:58:52 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
- 2007-07-28 19:40:40 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\SYSTEM.CONFIGURATION.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2008-03-02 18:58:55 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\SYSTEM.CONFIGURATION.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Configuration.resources.dll
- 2007-07-28 19:40:38 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_it_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2008-03-02 18:58:52 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_it_b77a5c561934e089\System.Data.OracleClient.resources.dll
- 2007-07-28 19:40:35 327,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_it_b77a5c561934e089\System.Data.Resources.dll
+ 2008-03-02 18:58:49 327,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_it_b77a5c561934e089\System.Data.Resources.dll
- 2007-07-28 19:40:38 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_it_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2008-03-02 18:58:53 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_it_b77a5c561934e089\system.data.sqlxml.resources.dll
- 2007-07-28 19:40:31 380,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2008-03-02 18:58:43 380,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Deployment.resources.dll
- 2007-07-28 19:40:35 540,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Design.Resources.dll
+ 2008-03-02 18:58:49 540,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Design.Resources.dll
- 2007-07-28 19:40:33 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2008-03-02 18:58:46 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
- 2007-07-28 19:40:33 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
+ 2008-03-02 18:58:45 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
- 2007-07-28 19:40:39 6,144 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
+ 2008-03-02 18:58:53 6,144 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
- 2007-07-28 19:40:36 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Drawing.Resources.dll
+ 2008-03-02 18:58:49 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Drawing.Resources.dll
- 2007-07-28 19:40:32 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
+ 2008-03-02 18:58:44 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
- 2007-07-28 19:40:39 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\system.management.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Management.Resources.dll
+ 2008-03-02 18:58:53 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\system.management.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Management.Resources.dll
- 2007-07-28 19:40:36 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Messaging.Resources.dll
+ 2008-03-02 18:58:50 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Messaging.Resources.dll
- 2007-07-28 19:40:36 204,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_it_b77a5c561934e089\system.Resources.dll
+ 2008-03-02 18:58:50 204,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_it_b77a5c561934e089\system.Resources.dll
- 2007-07-28 19:40:39 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_it_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
+ 2008-03-02 18:58:54 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_it_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
- 2007-07-28 19:40:40 11,776 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2008-03-02 18:58:54 11,776 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
- 2007-07-28 19:40:32 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Security.Resources.dll
+ 2008-03-02 18:58:45 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Security.Resources.dll
- 2007-07-28 19:40:33 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
+ 2008-03-02 18:58:46 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
- 2007-07-28 19:40:40 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_it_b77a5c561934e089\System.Transactions.resources.dll
+ 2008-03-02 18:58:54 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_it_b77a5c561934e089\System.Transactions.resources.dll
- 2007-07-28 19:40:41 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2008-03-02 18:58:55 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
- 2007-07-28 19:40:34 598,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2008-03-02 18:58:47 598,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Resources.dll
- 2007-07-28 19:40:34 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
+ 2008-03-02 18:58:47 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
- 2007-07-28 19:40:34 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_it_b77a5c561934e089\System.Windows.Forms.Resources.dll
+ 2008-03-02 18:58:48 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_it_b77a5c561934e089\System.Windows.Forms.Resources.dll
- 2007-07-28 19:40:35 163,840 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_it_b77a5c561934e089\System.xml.Resources.dll
+ 2008-03-02 18:58:48 163,840 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_it_b77a5c561934e089\System.xml.Resources.dll
+ 2008-03-02 19:06:09 1,179,648 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AcLayer\4a073957ae209244868c24b32716af98\AcLayer.ni.dll
+ 2004-04-05 08:41:16 113,752 ----a-w C:\WINDOWS\Downloaded Program Files\iDropCHS.dll
+ 2004-04-06 10:02:08 114,776 ----a-w C:\WINDOWS\Downloaded Program Files\iDropCHT.dll
+ 2004-04-27 23:11:42 115,288 ----a-w C:\WINDOWS\Downloaded Program Files\iDropCSY.dll
+ 2004-02-26 08:32:40 113,752 ----a-w C:\WINDOWS\Downloaded Program Files\iDropDEU.dll
+ 2007-02-12 06:24:56 114,792 ----a-w C:\WINDOWS\Downloaded Program Files\IDropENU.dll
+ 2004-03-25 05:27:46 113,752 ----a-w C:\WINDOWS\Downloaded Program Files\iDropESP.dll
+ 2004-03-22 05:30:12 113,752 ----a-w C:\WINDOWS\Downloaded Program Files\iDropFRA.dll
+ 2004-05-06 15:35:16 113,752 ----a-w C:\WINDOWS\Downloaded Program Files\iDropHUN.dll
+ 2007-03-07 09:15:16 114,768 ----a-w C:\WINDOWS\Downloaded Program Files\IDropITA.dll
+ 2004-02-26 01:47:54 113,752 ----a-w C:\WINDOWS\Downloaded Program Files\iDropJPN.dll
+ 2004-03-17 13:19:52 125,016 ----a-w C:\WINDOWS\Downloaded Program Files\iDropKOR.dll
+ 2004-05-04 12:55:18 113,752 ----a-w C:\WINDOWS\Downloaded Program Files\iDropPLK.dll
+ 2004-05-27 05:00:54 117,336 ----a-w C:\WINDOWS\Downloaded Program Files\iDropPTB.dll
+ 2004-05-27 09:20:38 115,288 ----a-w C:\WINDOWS\Downloaded Program Files\iDropRUS.dll
- 2007-07-11 10:33:38 585,791 ----a-w C:\WINDOWS\gmer.dll
+ 2008-03-06 12:22:20 819,200 ----a-w C:\WINDOWS\gmer.dll
- 2007-06-29 07:38:18 581,632 ----a-w C:\WINDOWS\gmer.exe
+ 2008-01-18 19:31:10 757,760 ----a-w C:\WINDOWS\gmer.exe
+ 2008-03-02 18:59:09 34,304 ----a-r C:\WINDOWS\Installer\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}\misc.exe
+ 2008-03-02 19:05:43 73,728 ----a-r C:\WINDOWS\Installer\{5783F2D7-6001-0410-0002-0060B0CE6BBA}\Acad162_icon.exe
+ 2007-03-07 09:14:48 26,192 ----a-w C:\WINDOWS\Installer\{5783F2D7-6001-0410-0002-0060B0CE6BBA}\CustomRes.dll
+ 2007-02-12 07:06:08 267,880 ----a-w C:\WINDOWS\Installer\{5783F2D7-6001-0410-0002-0060B0CE6BBA}\InstBasicUI.dll
+ 2007-03-07 09:15:18 304,720 ----a-w C:\WINDOWS\Installer\{5783F2D7-6001-0410-0002-0060B0CE6BBA}\InstRes.dll
- 2007-04-15 16:31:57 342,528 ----a-r C:\WINDOWS\Installer\{7F4DD591-1000-0409-0001-7107D70F3DB4}\Ais10Icon3.exe
+ 2008-02-04 18:23:37 342,528 ----a-r C:\WINDOWS\Installer\{7F4DD591-1000-0409-0001-7107D70F3DB4}\Ais10Icon3.exe
+ 2008-02-04 18:23:37 34,304 ----a-r C:\WINDOWS\Installer\{7F4DD591-1000-0409-0001-7107D70F3DB4}\misc.exe.D0DF3458_A845_11D3_8D0A_0050046416B9.exe
+ 2008-02-25 19:00:11 102,400 ----a-r C:\WINDOWS\Installer\{80FD852F-5AAC-4129-B931-06AAFFA43138}\iTunesIco.exe
+ 2008-03-02 19:00:16 21,630 ----a-r C:\WINDOWS\Installer\{9A346205-EA92-4406-B1AB-50379DA3F057}\ARPPRODUCTICON.exe
+ 2008-03-02 19:00:16 21,630 ----a-r C:\WINDOWS\Installer\{9A346205-EA92-4406-B1AB-50379DA3F057}\NewShortcut1_9A346205EA924406B1AB50379DA3F057_1.exe
+ 2008-03-02 19:00:16 21,630 ----a-r C:\WINDOWS\Installer\{9A346205-EA92-4406-B1AB-50379DA3F057}\NewShortcut3_9A346205EA924406B1AB50379DA3F057.exe
+ 2008-01-29 13:07:50 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1040-7B44-A81000000003}\SC_Reader.exe
+ 2008-03-02 19:00:30 65,536 ----a-r C:\WINDOWS\Installer\{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}\ARPPRODUCTICON.exe
- 1998-10-29 14:45:06 306,688 ----a-w C:\WINDOWS\IsUninst.exe
+ 1998-10-29 15:45:06 306,688 ----a-w C:\WINDOWS\IsUninst.exe
- 2006-01-07 06:53:28 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\alinkui.dll
+ 2006-01-07 07:53:28 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\alinkui.dll
- 2006-01-07 06:53:30 161,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\cscompui.dll
+ 2006-01-07 07:53:30 161,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\cscompui.dll
- 2006-01-07 06:53:30 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\CvtResUI.dll
+ 2006-01-07 07:53:30 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\CvtResUI.dll
- 2006-01-07 06:53:36 212,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\vbc7ui.dll
+ 2006-01-07 07:53:36 212,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\vbc7ui.dll
- 2006-01-07 06:53:24 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\Vsavb7rtUI.dll
+ 2006-01-07 07:53:24 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\Vsavb7rtUI.dll
- 2006-01-07 06:53:38 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\it\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2006-01-07 07:53:38 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\it\Microsoft.VisualBasic.Compatibility.Data.resources.dll
- 2006-01-07 06:53:38 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\it\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2006-01-07 07:53:38 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\it\Microsoft.VisualBasic.Compatibility.resources.dll
- 2006-01-07 06:53:26 8,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_compiler.resources.dll
+ 2006-01-07 07:53:26 8,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_compiler.resources.dll
- 2006-01-07 06:53:26 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_rc.dll
+ 2006-01-07 07:53:26 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_rc.dll
- 2006-01-07 06:53:26 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_regbrowsers.resources.dll
+ 2006-01-07 07:53:26 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_regbrowsers.resources.dll
- 2006-01-07 06:53:26 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_regsql.resources.dll
+ 2006-01-07 07:53:26 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_regsql.resources.dll
- 2006-01-07 06:53:26 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnetmmcext.resources.dll
+ 2006-01-07 07:53:26 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnetmmcext.resources.dll
- 2006-01-07 06:53:34 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\caspol.resources.dll
+ 2006-01-07 07:53:34 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\caspol.resources.dll
- 2006-01-07 06:53:34 4,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\InstallUtil.resources.dll
+ 2006-01-07 07:53:34 4,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\InstallUtil.resources.dll
- 2006-01-07 06:53:32 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\JSC.Resources.dll
+ 2006-01-07 07:53:32 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\JSC.Resources.dll
- 2006-01-07 06:53:34 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Engine.resources.dll
+ 2006-01-07 07:53:34 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Engine.resources.dll
- 2006-01-07 06:53:34 139,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Tasks.resources.dll
+ 2006-01-07 07:53:34 139,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Tasks.resources.dll
- 2006-01-07 06:53:34 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Utilities.Resources.dll
+ 2006-01-07 07:53:34 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Utilities.Resources.dll
- 2006-01-07 06:53:32 45,056 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.JScript.Resources.dll
+ 2006-01-07 07:53:32 45,056 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.JScript.Resources.dll
- 2006-01-07 06:53:36 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.VisualBasic.resources.dll
+ 2006-01-07 07:53:36 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.VisualBasic.resources.dll
- 2006-01-07 06:53:34 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\MSBuild.resources.dll
+ 2006-01-07 07:53:34 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\MSBuild.resources.dll
- 2006-01-07 06:53:34 303,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\mscorlib.Resources.dll
+ 2006-01-07 07:53:34 303,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\mscorlib.Resources.dll
- 2006-01-07 06:53:34 389,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\mscorrc.dll
+ 2006-01-07 07:53:34 389,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\mscorrc.dll
- 2006-01-07 06:53:34 11,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Regasm.resources.dll
+ 2006-01-07 07:53:34 11,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Regasm.resources.dll
- 2006-01-07 06:53:34 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\ShFusRes.dll
+ 2006-01-07 07:53:34 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\ShFusRes.dll
- 2006-01-07 06:53:34 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\sysglobl.resources.dll
+ 2006-01-07 07:53:34 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\sysglobl.resources.dll
- 2006-01-07 06:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Configuration.Install.Resources.dll
+ 2006-01-07 07:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Configuration.Install.Resources.dll
- 2006-01-07 06:53:34 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Configuration.resources.dll
+ 2006-01-07 07:53:34 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Configuration.resources.dll
- 2006-01-07 06:53:34 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Data.OracleClient.resources.dll
+ 2006-01-07 07:53:34 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Data.OracleClient.resources.dll
- 2006-01-07 06:53:34 327,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Data.Resources.dll
+ 2006-01-07 07:53:34 327,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Data.Resources.dll
- 2006-01-07 06:53:34 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\system.data.sqlxml.resources.dll
+ 2006-01-07 07:53:34 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\system.data.sqlxml.resources.dll
- 2006-01-07 06:53:28 380,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Deployment.resources.dll
+ 2006-01-07 07:53:28 380,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Deployment.resources.dll
- 2006-01-07 06:53:34 540,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Design.Resources.dll
+ 2006-01-07 07:53:34 540,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Design.Resources.dll
- 2006-01-07 06:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.DirectoryServices.Protocols.resources.dll
+ 2006-01-07 07:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.DirectoryServices.Protocols.resources.dll
- 2006-01-07 06:53:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.DirectoryServices.Resources.dll
+ 2006-01-07 07:53:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.DirectoryServices.Resources.dll
- 2006-01-07 06:53:34 6,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Drawing.Design.Resources.dll
+ 2006-01-07 07:53:34 6,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Drawing.Design.Resources.dll
- 2006-01-07 06:53:34 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Drawing.Resources.dll
+ 2006-01-07 07:53:34 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Drawing.Resources.dll
- 2006-01-07 06:53:34 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.EnterpriseServices.Resources.dll
+ 2006-01-07 07:53:34 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.EnterpriseServices.Resources.dll
- 2006-01-07 06:53:34 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Management.Resources.dll
+ 2006-01-07 07:53:34 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Management.Resources.dll
- 2006-01-07 06:53:34 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Messaging.Resources.dll
+ 2006-01-07 07:53:34 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Messaging.Resources.dll
- 2006-01-07 06:53:34 204,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\system.Resources.dll
+ 2006-01-07 07:53:34 204,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\system.Resources.dll
- 2006-01-07 06:53:34 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Runtime.Remoting.Resources.dll
+ 2006-01-07 07:53:34 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Runtime.Remoting.Resources.dll
- 2006-01-07 06:53:34 11,776 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2006-01-07 07:53:34 11,776 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Runtime.Serialization.Formatters.Soap.Resources.dll
- 2006-01-07 06:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Security.Resources.dll
+ 2006-01-07 07:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Security.Resources.dll
- 2006-01-07 06:53:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.ServiceProcess.Resources.dll
+ 2006-01-07 07:53:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.ServiceProcess.Resources.dll
- 2006-01-07 06:53:34 16,384 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Transactions.resources.dll
+ 2006-01-07 07:53:34 16,384 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Transactions.resources.dll
- 2006-01-07 06:53:34 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Mobile.resources.dll
+ 2006-01-07 07:53:34 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Mobile.resources.dll
- 2006-01-07 06:53:34 598,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Resources.dll
+ 2006-01-07 07:53:34 598,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Resources.dll
- 2006-01-07 06:53:34 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Services.Resources.dll
+ 2006-01-07 07:53:34 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Services.Resources.dll
- 2006-01-07 06:53:34 425,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Windows.Forms.Resources.dll
+ 2006-01-07 07:53:34 425,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Windows.Forms.Resources.dll
- 2006-01-07 06:53:34 163,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.xml.Resources.dll
+ 2006-01-07 07:53:34 163,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.xml.Resources.dll
- 2005-12-09 08:46:34 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\install.exe
+ 2005-12-09 09:46:34 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\install.exe
- 2005-12-09 08:46:34 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\install.res.1040.dll
+ 2005-12-09 09:46:34 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\install.res.1040.dll
- 2005-12-09 10:26:10 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\unicows.dll
+ 2005-12-09 11:26:10 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\unicows.dll
- 2006-01-07 06:53:34 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0410\mscorsecr.dll
+ 2006-01-07 07:53:34 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0410\mscorsecr.dll
- 2000-08-31 07:00:00 51,200 ----a-w C:\WINDOWS\NirCmd.exe
+ 2000-08-31 07:00:00 28,160 ----a-w C:\WINDOWS\NirCmd.exe
+ 2003-04-18 15:46:22 1,233,920 ----a-w C:\WINDOWS\SXS\msxml4.dll
+ 2003-04-18 15:29:26 82,432 ----a-w C:\WINDOWS\SXS\msxml4r.dll
+ 2004-08-19 12:00:00 73,664 ----a-w C:\WINDOWS\system\MCIAVI.DRV
+ 2004-08-19 12:00:00 25,296 ----a-w C:\WINDOWS\system\MCISEQ.DRV
+ 2004-08-19 12:00:00 28,160 ----a-w C:\WINDOWS\system\MCIWAVE.DRV
+ 2004-08-19 12:00:00 3,360 ----a-w C:\WINDOWS\system\SYSTEM.DRV
+ 2004-08-19 12:00:00 4,080 ----a-w C:\WINDOWS\system\TIMER.DRV
+ 2004-08-19 12:00:00 13,600 ----a-w C:\WINDOWS\system\WFWNET.DRV
+ 2004-08-19 12:00:00 146,944 ----a-w C:\WINDOWS\system\WINSPOOL.DRV
+ 2004-11-18 01:23:26 49,152 ----a-w C:\WINDOWS\system32\72a9fcfe.dll
+ 2004-11-18 01:23:26 7,168 ----a-w C:\WINDOWS\system32\8882086b.dll
- 2006-03-05 08:55:54 177,768 ----a-w C:\WINDOWS\system32\AcSignExt.dll
+ 2007-02-12 06:12:26 30,312 ----a-w C:\WINDOWS\system32\AcSignExt.dll
- 2006-03-25 16:44:44 16,464 ----a-w C:\WINDOWS\system32\AcSignExtRes.dll
+ 2007-03-07 09:13:08 15,952 ----a-w C:\WINDOWS\system32\AcSignExtRes.dll
- 2006-03-05 08:55:56 185,448 ----a-w C:\WINDOWS\system32\AcSignIcon.dll
+ 2007-02-12 06:12:30 44,648 ----a-w C:\WINDOWS\system32\AcSignIcon.dll
- 2006-03-05 08:55:56 303,208 ----a-w C:\WINDOWS\system32\AcSignOpt.exe
+ 2007-02-12 06:12:31 54,376 ----a-w C:\WINDOWS\system32\AcSignOpt.exe
+ 2004-08-19 12:00:00 10,544 ----a-w C:\WINDOWS\system32\comm.drv
- 2002-10-20 13:02:22 24,576 ------w C:\WINDOWS\system32\dbmsgnet.dll
+ 2002-10-20 14:02:22 24,576 ------w C:\WINDOWS\system32\dbmsgnet.dll
- 2002-12-17 15:23:52 33,340 ------w C:\WINDOWS\system32\dbmsqlgc.dll
+ 2002-12-17 16:23:52 33,340 ------w C:\WINDOWS\system32\dbmsqlgc.dll
+ 2004-08-19 12:00:00 73,664 -c--a-w C:\WINDOWS\system32\dllcache\mciavi.drv
+ 2004-08-19 12:00:00 25,296 -c--a-w C:\WINDOWS\system32\dllcache\mciseq.drv
+ 2004-08-19 12:00:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\mciwave.drv
+ 2004-08-19 12:00:00 3,360 -c--a-w C:\WINDOWS\system32\dllcache\system.drv
+ 2004-08-19 12:00:00 4,080 -c--a-w C:\WINDOWS\system32\dllcache\timer.drv
+ 2004-08-19 13:39:50 23,552 -c--a-w C:\WINDOWS\system32\dllcache\wdmaud.drv
+ 2004-08-19 12:00:00 13,600 -c--a-w C:\WINDOWS\system32\dllcache\wfwnet.drv
+ 2004-08-19 12:00:00 146,944 -c--a-w C:\WINDOWS\system32\dllcache\winspool.drv
- 2007-07-11 10:33:38 70,001 ----a-w C:\WINDOWS\system32\drivers\gmer.sys
+ 2008-03-06 12:22:20 85,713 ----a-w C:\WINDOWS\system32\drivers\gmer.sys
+ 2004-11-27 10:53:44 11,136 ----a-w C:\WINDOWS\system32\drivers\softlok.sys
+ 2004-11-27 10:53:44 79,260 ----a-w C:\WINDOWS\system32\drivers\windrvr.sys
+ 2000-08-31 07:00:00 73,728 ----a-w C:\WINDOWS\system32\fdsv.exe
- 2006-10-13 23:13:40 26,384 ----a-w C:\WINDOWS\system32\FM20ENU.DLL
+ 1999-10-18 03:01:16 26,384 ----a-w C:\WINDOWS\system32\FM20ENU.DLL
- 2008-01-19 11:03:15 356,952 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-03-04 20:51:23 362,528 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2000-08-31 07:00:00 80,412 ----a-w C:\WINDOWS\system32\grep.exe
+ 2005-05-24 11:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 14:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 14:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2004-08-19 12:00:00 222,731 ----a-w C:\WINDOWS\system32\lanman.drv
- 2007-05-02 10:32:04 182,512 ----a-w C:\WINDOWS\system32\Macromed\Director\SwDir.dll
+ 2008-01-07 10:26:46 181,672 ----a-w C:\WINDOWS\system32\Macromed\Director\SwDir.dll
+ 2006-06-22 12:44:38 128,648 ----a-w C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe
+ 2006-06-22 10:44:14 20,480 ----a-w C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
- 2007-04-30 15:11:28 585,728 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
+ 2008-01-03 17:19:34 581,632 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
- 2007-04-30 14:08:40 1,490,944 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\dirapi.dll
+ 2008-01-03 17:01:46 1,490,944 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\dirapi.dll
- 2007-04-30 14:30:38 24,576 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2008-01-03 17:20:14 24,576 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll
- 2007-02-05 05:49:34 1,089,536 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gi.dll
+ 2008-01-03 17:39:06 1,113,600 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gi.dll
- 2006-09-18 19:33:22 45,056 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gtapi.dll
+ 2008-01-03 16:46:46 52,288 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gtapi.dll
- 2007-04-30 14:05:32 606,208 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\iml32.dll
+ 2008-01-03 16:59:14 606,208 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\iml32.dll
- 2007-04-30 15:11:22 339,968 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll
+ 2008-01-03 17:18:56 339,968 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll
- 2007-04-30 15:11:24 483,328 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll
+ 2008-01-03 17:19:06 475,136 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll
- 2007-04-30 15:11:30 180,224 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll
+ 2008-01-03 17:11:48 180,224 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll
+ 2008-01-07 10:26:28 390,568 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwHelper_1030024.exe
- 2007-04-30 14:33:00 77,824 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe
+ 2008-01-03 17:22:06 77,824 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe
- 2007-04-30 14:29:00 86,016 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwMenu.dll
+ 2008-01-03 17:18:50 86,016 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwMenu.dll
- 2007-04-30 14:33:00 98,304 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2008-01-03 17:22:08 98,304 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2008-01-03 16:46:44 50,808 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SYMCCHECKER.DLL
- 1999-06-25 08:55:30 149,504 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE
+ 1999-06-25 09:55:30 149,504 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE
+ 2004-08-19 12:00:00 73,664 ----a-w C:\WINDOWS\system32\mciavi.drv
+ 1998-08-17 09:21:54 11,776 ----a-w C:\WINDOWS\system32\mciqtz.drv
+ 2004-08-19 12:00:00 25,296 ----a-w C:\WINDOWS\system32\mciseq.drv
+ 2004-08-19 12:00:00 28,160 ----a-w C:\WINDOWS\system32\mciwave.drv
+ 2004-08-19 12:00:00 20,992 ----a-w C:\WINDOWS\system32\msacm32.drv
+ 2000-05-11 12:06:22 77,824 ----a-w C:\WINDOWS\system32\msbind.dll
+ 2004-08-19 12:00:00 192,512 ----a-w C:\WINDOWS\system32\msh261.drv
+ 2004-08-19 14:39:50 299,008 ----a-w C:\WINDOWS\system32\msh263.drv
+ 2004-11-18 01:23:26 8,704 ----a-w C:\WINDOWS\system32\msvideo32.dll
+ 2005-09-08 00:03:50 1,330,888 ----a-w C:\WINDOWS\system32\msxml6.dll
+ 2005-09-08 00:03:50 86,728 ----a-w C:\WINDOWS\system32\msxml6r.dll
- 2006-01-07 06:53:34 6,656 ----a-w C:\WINDOWS\system32\mui\0410\mscorees.dll
+ 2006-01-07 07:53:34 6,656 ----a-w C:\WINDOWS\system32\mui\0410\mscorees.dll
- 2007-10-29 11:37:54 93,352 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-02-04 18:23:35 101,396 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-10-29 11:37:54 112,554 ----a-w C:\WINDOWS\system32\perfc010.dat
+ 2008-02-04 18:23:35 122,432 ----a-w C:\WINDOWS\system32\perfc010.dat
- 2007-10-29 11:37:54 472,384 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-02-04 18:23:35 490,502 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2007-10-29 11:37:54 531,038 ----a-w C:\WINDOWS\system32\perfh010.dat
+ 2008-02-04 18:23:35 552,210 ----a-w C:\WINDOWS\system32\perfh010.dat
+ 2004-11-27 10:53:50 317,952 ----a-w C:\WINDOWS\system32\ROBOEX32.DLL
+ 2000-08-31 07:00:00 98,816 ----a-w C:\WINDOWS\system32\sed.exe
- 2000-08-31 07:00:00 156,160 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2000-08-31 07:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2004-08-19 12:00:00 3,360 ----a-w C:\WINDOWS\system32\system.drv
+ 2004-08-19 12:00:00 4,080 ----a-w C:\WINDOWS\system32\timer.drv
+ 2004-11-27 10:53:50 89,360 ----a-w C:\WINDOWS\system32\VB5DB.DLL
+ 2004-08-19 13:39:50 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
+ 2004-11-27 10:53:50 69,632 ----a-w C:\WINDOWS\system32\wdrvr.dll
+ 2004-08-19 12:00:00 13,600 ----a-w C:\WINDOWS\system32\wfwnet.drv
+ 2004-08-19 12:00:00 146,944 ----a-w C:\WINDOWS\system32\winspool.drv
+ 2000-08-31 07:00:00 68,096 ----a-w C:\WINDOWS\system32\zip.exe
+ 2008-03-07 14:47:43 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_1a4.dat
+ 2008-03-07 14:47:39 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5b8.dat
+ 2005-09-23 09:35:10 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w 79,224 2007-12-04 13:00:23 C:\Programmi\Alwil Software\Avast4\bak\ashDisp.exe
----a-w 79,224 2007-12-04 13:00:23 C:\Programmi\Alwil Software\Avast4\ashDisp.exe

----a-w 5,728,112 2007-10-19 17:02:35 C:\Programmi\Windows Live\Messenger\bak\MsnMsgr.Exe
----a-w 5,724,184 2008-01-02 20:02:05 C:\Programmi\Windows Live\Messenger\msnmsgr.exe

----a-w 15,360 2004-08-19 12:00:00 C:\WINDOWS\system32\bak\ctfmon.exe
----a-w 15,360 2004-08-19 12:00:00 C:\WINDOWS\system32\ctfmon.exe

----a-w 267,048 2007-12-11 11:10:26 D:\Programmi\iTunes\bak\iTunesHelper.exe
----a-w 267,048 2008-02-19 12:10:32 D:\Programmi\iTunes\iTunesHelper.exe

.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 13:00 15360]
"PC Suite Tray"="D:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 10:12 695808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"BearShare"="D:\Programmi\BearShare\BearShare.exe" [ ]
"TomTomHOME.exe"="d:\Programmi\TomTom HOME 2\HOMERunner.exe" [2007-10-31 10:19 378784]
"Sunkist2k"="C:\Programmi\Multimedia Card Reader\shwicon2k.exe" [2004-12-10 11:49 139264]
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"QuickTime Task"="C:\Programmi\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]
"iTunesHelper"="D:\Programmi\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 13:00 15360]
"Nokia.PCSync"="D:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Gestione servizi.lnk - C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 17:23:32 74308]
WinManager.lnk - C:\Programmi\PC-TV\WinManager\WinManager.exe [2007-11-18 13:28:55 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\msvideo32]
msvideo32.dll 2004-11-18 02:23 8704 C:\WINDOWS\system32\msvideo32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 relog_ap

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio veloce di Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Reader.lnk
backup=C:\WINDOWS\pss\Avvio veloce di Adobe Reader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 14:40 155648 C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-01-31 23:13 385024 C:\Programmi\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-r------- 2006-06-28 07:54 16248320 C:\WINDOWS\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-r------- 2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"D:\\Programmi\\eMule\\emule.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"D:\\Programmi\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"D:\\Programmi\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3638:TCP"= 3638:TCP:messenger
"1578:TCP"= 1578:TCP:messenger

R1 LUMDriver;LUMDriver;C:\WINDOWS\system32\drivers\LUMDriver.sys [2006-10-13 21:53]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;C:\Programmi\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 17:56]
R2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;C:\Documents and Settings\User\Desktop\flexlm\SolidWorks SolidNetWork License Manager\lmgrd.exe [2003-03-26 08:00]
R2 WinDriver;WinDriver;C:\WINDOWS\system32\drivers\WINDRVR.SYS [2004-11-27 11:53]
R3 axvbusx;axvbusx;C:\WINDOWS\system32\DRIVERS\axvbusx.sys [2003-01-31 20:43]
R3 axvscsi;axvscsi;C:\WINDOWS\system32\DRIVERS\axvscsi.sys [2003-01-31 20:43]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;C:\Programmi\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 17:23]
S3 UDTT7049;DTV-DVB UDTT7049 - USB 2.0 DVB-T Receiver;C:\WINDOWS\system32\Drivers\UDTT7049.sys [2006-06-29 08:58]
S3 UDTT7049HID;UDTT7049HID - HID Driver;C:\WINDOWS\system32\drivers\UDTT7049HID.sys [2006-06-29 03:04]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{285466f7-7e3b-11dc-b819-00138ff990b8}]
\Shell\AutoRun\command - G:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{879b04ba-9db3-11dc-b844-00138ff990b8}]
\Shell\AutoRun\command - G:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cf82794b-a0da-11dc-b849-00138ff990b8}]
\Shell\AutoRun\command - G:\InstallTomTomHOME.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {3CBBEE47-C8F4-316A-92FF-ED7E3DFAE41E} /qb
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-07 15:47:57
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Documents and Settings\User\Desktop\flexlm\SolidWorks SolidNetWork License Manager\SW_D.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclMSBTSrv.exe
.
**************************************************************************
.
Ora fine scansione: 2008-03-07 15:51:43 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-07 14:51:40
Top
Profilo Invia messaggio privato MSN
GX Style
Eroe
Eroe


Registrato: 11/07/07 11:44
Messaggi: 47
MessaggioInviato: 07 Mar 2008 17:23    Oggetto: Rispondi citando
LOG AGGIORNATO DI HIJACKTHIS:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16.12.08, on 07/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\Documents and Settings\User\Desktop\flexlm\SolidWorks SolidNetWork License Manager\lmgrd.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\User\Desktop\flexlm\SolidWorks SolidNetWork License Manager\SW_D.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Multimedia Card Reader\shwicon2k.exe
C:\Programmi\QuickTime\QTTask.exe
D:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
D:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Programmi\PC-TV\WinManager\WinManager.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Programmi\Windows Media Player\wmplayer.exe
C:\Programmi\Mozilla Firefox\firefox.exe
D:\Programmi\eMule\emule.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\User\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 212.216.112.112
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BearShare] "D:\Programmi\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [TomTomHOME.exe] "d:\Programmi\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKLM\..\Run: [Sunkist2k] C:\Programmi\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Gestione servizi.lnk = C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: WinManager.lnk = C:\Programmi\PC-TV\WinManager\WinManager.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1197804961984
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F673A63-BDBF-4B7B-9693-1ECA9A470115}: NameServer = 85.37.17.8 85.38.28.73
O20 - Winlogon Notify: msvideo32 - C:\WINDOWS\SYSTEM32\msvideo32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SolidWorks SolidNetWork License Manager - Macrovision Corporation - C:\Documents and Settings\User\Desktop\flexlm\SolidWorks SolidNetWork License Manager\lmgrd.exe

--
End of file - 8045 bytes
[/b]
Top
Profilo Invia messaggio privato MSN
GX Style
Eroe
Eroe


Registrato: 11/07/07 11:44
Messaggi: 47
MessaggioInviato: 07 Mar 2008 17:49    Oggetto: Rispondi citando
LOG DI GMER:

AUTOSTART: http://www.freefilehosting.net/download/3d7j7


ROOTKIT: http://www.freefilehosting.net/download/3d7j9
Top
Profilo Invia messaggio privato MSN
Sante62
Dio maturo
Dio maturo


Registrato: 27/06/07 17:55
Messaggi: 3477
Residenza: Floridia
MessaggioInviato: 07 Mar 2008 19:02    Oggetto: Rispondi citando
Avvia Hijackthis col PC alla modalità provvisoria;

Avvialo e fixa queste righe:
O4 - HKLM\..\Run: [BearShare] "D:\Programmi\BearShare\BearShare.exe" /pause
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 212.216.112.112

Sempre in modalità provvisoria portati in questa directory:

D:\Programmi\BearShare\BearShare.exe ed elimina i file indicati in rosso;

Riavvia il PC alla modalità normale e rifai il log di HJT;

Esegui adesso una scansione con Systemscan e posta il log generato come
indicato quì
Top
Profilo Invia messaggio privato
GX Style
Eroe
Eroe


Registrato: 11/07/07 11:44
Messaggi: 47
MessaggioInviato: 07 Mar 2008 19:39    Oggetto: Rispondi citando
LOG HIJACKTHIS

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18.41.24, on 07/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\Documents and Settings\User\Desktop\flexlm\SolidWorks SolidNetWork License Manager\lmgrd.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\User\Desktop\flexlm\SolidWorks SolidNetWork License Manager\SW_D.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Multimedia Card Reader\shwicon2k.exe
C:\Programmi\QuickTime\QTTask.exe
D:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
D:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Programmi\PC-TV\WinManager\WinManager.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
D:\Programmi\eMule\emule.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\User\Desktop\HiJackThis.exe
C:\Programmi\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "d:\Programmi\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKLM\..\Run: [Sunkist2k] C:\Programmi\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Gestione servizi.lnk = C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: WinManager.lnk = C:\Programmi\PC-TV\WinManager\WinManager.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1197804961984
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F673A63-BDBF-4B7B-9693-1ECA9A470115}: NameServer = 85.37.17.8 85.38.28.73
O20 - Winlogon Notify: msvideo32 - C:\WINDOWS\SYSTEM32\msvideo32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SolidWorks SolidNetWork License Manager - Macrovision Corporation - C:\Documents and Settings\User\Desktop\flexlm\SolidWorks SolidNetWork License Manager\lmgrd.exe

--
End of file - 7801 bytes
Top
Profilo Invia messaggio privato MSN
GX Style
Eroe
Eroe


Registrato: 11/07/07 11:44
Messaggi: 47
MessaggioInviato: 07 Mar 2008 20:06    Oggetto: Rispondi citando
LOG SUSPECTFILE: http://www.freefilehosting.net/download/3d7lj
Top
Profilo Invia messaggio privato MSN
Sante62
Dio maturo
Dio maturo


Registrato: 27/06/07 17:55
Messaggi: 3477
Residenza: Floridia
MessaggioInviato: 07 Mar 2008 20:31    Oggetto: Rispondi
Bene, fixa con HJT questa riga se non la conosci:
Citazione:
O20 - Winlogon Notify: msvideo32 - C:\WINDOWS\SYSTEM32\msvideo32.dll


Collegati a Kaspersky online scanner
Quando sta scaricando i file necessari, disattiva momentaneamente l'antivirus. Non appena inizia la scansione del PC disconnettiti da internet.
Alla fine carica il risultato su www.freefilehosting.net, riportando quì il link che ti viene assegnato come indicato quì

Mettiti anche un firewall scegliendone uno mediante questa discussione
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 2 ore
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi