Olimpo Informatico

[Leonida]

salve, credo di avere un virus o qualcosa del genere, perke mi si aprono le pagine di internet explorer da sole. cosa devo fare?
ho fatto la scansione completa con spybot ma niente da fare e il mio antivirus kaspesky nn mi rileva niente.
per favore aiutatemi, sto esaurendo.

[Sante62]

Ciao Leonida e benvenuto/a
Guarda questa discussione
per postare un log di Hijackthis.

[Leonida]

ciao scusami se sono stato superficiale........ho fatto una scansione con HijLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 11.25.54, on 10/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alice ti aiuta\McciTrayApp.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GeKo PreSeNTs: Windows Vista Ultimate Crack] "G:\vista\Crack + Guida & Utility\Crack Windows Vista\Windows Vista Ultimate Crack.exe" --click
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [AliceRV_McciTrayApp] C:\Program Files\Alice ti aiuta\McciTrayApp.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
O4 - HKCU\..\Run: [burn army] "C:\ProgramData\Liesintraintra.aouen5v"
O4 - HKCU\..\Run: [warn default inter for] "C:\ProgramData\Meal Sect 32.m5x5aea"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Anti-virus web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{28DBB6BB-DC31-471F-BF9B-BFA84D3D7F9E}: NameServer = 85.37.17.39 85.38.28.71
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1.0\r3hook.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

--
End of file - 9358 bytes
ackthis,questo e l?esito:

[Riverside]

[Sante62]

disattiva il ripristino di sistema e avvia il PC in modalità provvisoria;

la procedura dovrebbe essere simile rispetto a Win XP;

Avvia Hijackthis, seleziona a sinistra queste righe, clicca poi su fix Checked:

[Leonida]

questo è il link di ASPSPY:

ttp://www.fileup.itadib.com/download.php?id=21pTIIqmlgU6fnyxoHhe

[Leonida]

questo è il log di SUPERANTISPYWIRE:

http://www.fileup.itadib.com/download.php?id=oYNgitvIUnpdU5xumBHQ

[Leonida]

Per SANTE62.......

mi spieghi dove si trovano queste righe che hai scritto tu?
Perchè io aprendo HijackThis, trovo le varie opeazioni da fare,quindi, se tu mi spieghi passo passo, come ci si arriva io lo faccio.

GRAZIE in anticipo.

[Sante62]

Guarda qualche post più su;

ci sono le istruzioni su come avviare Hijackthis;

poi dal log che ti compare devi selezionare a sinistra le righe indicate in rosso e cliccare fix Checked..

[Leonida]

ciao;scusami,ma le righe rosse che mi hai mandato tu nn so dove metterle,nn so di preciso in quale opzione li devo mettere su hjiackthis.......grazie

[Sante62]

[Leonida]

ciao......ancora scusa per nn aver capito la tua procedura...........cmq ho fatto tutto le operazioni chemi avevi citato...........
questo e la scComboFix 08-03-10.1 - Francesco 2008-03-12 14.11.45.3 - NTFSx86
Microsoft® Windows Vista? Ultimate 6.0.6000.0.1252.1.1040.18.377 [GMT 1:00]
Eseguito da: C:\Users\Francesco\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Creati Da 2008-02-12 al 2008-03-12 )))))))))))))))))))))))))))))))))))
.

2008-03-11 12:25 . 2008-03-11 12:25 179,072,583 --a------ C:\Windows\MEMORY.DMP
2008-03-10 22:49 . 2007-04-09 13:23 28,040 --a------ C:\Windows\System32\mdimon.dll
2008-03-10 22:49 . 2008-03-10 22:49 376 --a------ C:\Windows\ODBC.INI
2008-03-10 22:47 . 2008-03-10 22:47 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2008-03-10 22:46 . 2008-03-10 22:46 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-03-10 22:45 . 2008-03-10 22:45 <DIR> dr-h----- C:\MSOCache
2008-03-10 14:42 . 2008-03-10 14:42 <DIR> d-------- C:\Users\All Users\Yahoo! Companion
2008-03-10 14:42 . 2008-03-10 14:42 <DIR> d-------- C:\ProgramData\Yahoo! Companion
2008-03-10 14:40 . 2008-03-10 14:40 <DIR> d-------- C:\Program Files\HThis
2008-03-10 13:59 . 2008-03-10 13:59 <DIR> d-------- C:\Users\Francesco\AppData\Roaming\SUPERAntiSpyware.com
2008-03-10 13:59 . 2008-03-10 13:59 <DIR> d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-03-10 13:59 . 2008-03-10 13:59 <DIR> d-------- C:\ProgramData\SUPERAntiSpyware.com
2008-03-10 13:59 . 2008-03-10 13:59 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-03-10 13:58 . 2008-03-10 13:58 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-10 13:26 . 2008-03-10 13:26 <DIR> d-------- C:\Program Files\Yahoo!
2008-03-10 13:26 . 2008-03-10 13:26 <DIR> d-------- C:\Program Files\CCleaner
2008-03-10 11:25 . 2008-03-10 11:25 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-10 11:23 . 2008-03-10 11:24 <DIR> d-------- C:\Hijackthis
2008-03-09 12:31 . 2008-03-09 12:31 691,545 --a------ C:\Windows\unins000.exe
2008-03-09 12:31 . 2008-03-09 12:31 2,548 --a------ C:\Windows\unins000.dat
2008-03-09 12:28 . 2008-03-09 12:36 <DIR> d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-03-09 12:28 . 2008-03-09 12:36 <DIR> d-------- C:\ProgramData\Spybot - Search & Destroy
2008-03-09 12:28 . 2008-03-09 12:33 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-08 12:32 . 2008-03-08 12:32 <DIR> d-------- C:\Users\All Users\Time Dead Warn Default
2008-03-08 12:32 . 2008-03-08 12:32 <DIR> d-------- C:\Users\All Users\License Inside Fork
2008-03-08 12:32 . 2008-03-08 12:32 <DIR> d-------- C:\ProgramData\Time Dead Warn Default
2008-03-08 12:32 . 2008-03-08 12:32 <DIR> d-------- C:\ProgramData\License Inside Fork
2008-03-07 11:32 . 2008-03-07 11:32 <DIR> d-------- C:\Users\Francesco\AppData\Roaming\TVU networks
2008-03-07 11:32 . 2008-03-07 11:32 <DIR> d-------- C:\Users\All Users\TVU networks
2008-03-07 11:32 . 2008-03-07 11:32 <DIR> d-------- C:\ProgramData\TVU networks
2008-03-06 15:04 . 2008-03-06 15:04 0 --a------ C:\Windows\nsreg.dat
2008-03-06 15:03 . 2008-03-06 15:03 <DIR> d-------- C:\Program Files\Common Files\xing shared
2008-03-06 15:02 . 2008-03-06 15:02 <DIR> d-------- C:\Program Files\Real
2008-03-06 15:02 . 2008-03-06 15:03 <DIR> d-------- C:\Program Files\Common Files\Real
2008-03-06 15:02 . 2008-03-06 15:02 3,425 --a------ C:\Windows\mozver.dat
2008-03-06 11:24 . 2008-03-06 11:24 <DIR> d-------- C:\Users\Francesco\AppData\Roaming\Uniblue
2008-03-06 11:14 . 2008-03-06 12:02 <DIR> d-------- C:\Program Files\Audacity
2008-03-05 14:59 . 2008-03-05 14:59 <DIR> d-------- C:\Users\Francesco\AppData\Roaming\mIRC
2008-02-24 13:03 . 2008-03-08 12:21 <DIR> d-------- C:\Users\Francesco\AppData\Roaming\LimeWire
2008-02-24 13:02 . 2008-03-06 11:12 <DIR> d-------- C:\Program Files\Java
2008-02-24 13:01 . 2008-02-24 13:03 <DIR> d-------- C:\Program Files\LimeWire
2008-02-24 13:01 . 2008-02-24 13:01 <DIR> d-------- C:\Program Files\Common Files\Java
2008-02-21 14:27 . 2007-02-16 03:46 311,296 --a------ C:\Windows\System32\mswmdm.dll
2008-02-21 14:27 . 2007-02-16 03:48 36,864 --a------ C:\Windows\System32\wmdmps.dll
2008-02-21 14:27 . 2007-02-16 03:48 31,744 --a------ C:\Windows\System32\wmdmlog.dll
2008-02-19 12:55 . 2008-02-19 12:55 <DIR> d-------- C:\Program Files\BitTorrent
2008-02-19 12:52 . 2008-02-19 12:52 <DIR> d-------- C:\Users\Francesco\AppData\Roaming\DNA
2008-02-19 12:52 . 2008-02-25 15:05 <DIR> d-------- C:\Users\Francesco\AppData\Roaming\BitTorrent
2008-02-19 12:52 . 2008-02-19 12:52 <DIR> d-------- C:\Program Files\DNA
2008-02-18 12:42 . 2008-03-12 12:58 <DIR> d-------- C:\Users\All Users\Google Updater
2008-02-18 12:42 . 2008-02-18 12:42 <DIR> d-------- C:\Users\All Users\Google
2008-02-18 12:42 . 2008-03-12 12:58 <DIR> d-------- C:\ProgramData\Google Updater
2008-02-17 21:17 . 2008-02-17 21:17 <DIR> d-------- C:\Users\All Users\NVIDIA
2008-02-17 21:17 . 2008-02-17 21:17 <DIR> d-------- C:\ProgramData\NVIDIA
2008-02-17 12:34 . 2008-03-06 15:03 <DIR> d-------- C:\Program Files\Google
2008-02-17 12:26 . 2008-02-17 12:26 <DIR> d-------- C:\Users\Francesco\AppData\Roaming\Camfrog
2008-02-17 12:26 . 2008-02-17 12:26 <DIR> d-------- C:\Program Files\Camfrog
2008-02-17 00:26 . 2008-02-17 00:26 <DIR> d-------- C:\Program Files\BitLocker
2008-02-17 00:26 . 2007-03-15 02:52 1,152,000 --a------ C:\Windows\System32\themecpl.dll
2008-02-17 00:26 . 2007-07-20 00:55 233,888 --a------ C:\Windows\System32\DreamScene.dll
2008-02-17 00:23 . 2007-02-22 03:26 1,171,848 --a------ C:\Windows\System32\SecureKeyBackupCPL.dll
2008-02-17 00:23 . 2006-12-21 01:58 711 --a------ C:\Windows\System32\CPSOKBTasks.xml
2008-02-16 19:57 . 2008-03-12 14:04 69 --a------ C:\Windows\NeroDigital.ini
2008-02-16 12:30 . 2006-12-20 07:03 229,888 --a------ C:\Windows\System32\msshsq.dll
2008-02-14 13:41 . 2008-02-14 13:41 694,784 --a------ C:\Windows\System32\localspl.dll
2008-02-14 13:40 . 2008-02-14 13:40 205,824 --a------ C:\Windows\System32\msoeacct.dll
2008-02-14 13:40 . 2008-02-14 13:40 87,040 --a------ C:\Windows\System32\msoert2.dll
2008-02-14 13:40 . 2008-02-14 13:40 39,424 --a------ C:\Windows\System32\ACCTRES.dll
2008-02-14 13:38 . 2008-02-14 13:38 194,560 --a------ C:\Windows\System32\WebClnt.dll
2008-02-14 13:38 . 2008-02-14 13:38 110,080 --a------ C:\Windows\System32\drivers\mrxdav.sys
2008-02-14 13:37 . 2008-02-14 13:37 376,320 --a------ C:\Windows\System32\winsrv.dll
2008-02-14 13:37 . 2008-02-14 13:37 49,664 --a------ C:\Windows\System32\csrsrv.dll
2008-02-14 13:34 . 2008-02-14 13:34 374,456 --a------ C:\Windows\System32\mcupdate_GenuineIntel.dll
2008-02-14 13:33 . 2008-02-14 13:33 414,208 --a------ C:\Windows\System32\msscp.dll
2008-02-14 13:32 . 2008-02-14 13:32 8,147,968 --a------ C:\Windows\System32\wmploc.DLL
2008-02-14 13:32 . 2008-02-14 13:32 356,864 --a------ C:\Windows\System32\MediaMetadataHandler.dll
2008-02-14 13:32 . 2008-02-14 13:32 7,680 --a------ C:\Windows\System32\spwmp.dll
2008-02-14 13:32 . 2008-02-14 13:32 4,096 --a------ C:\Windows\System32\msdxm.ocx
2008-02-14 13:32 . 2008-02-14 13:32 4,096 --a------ C:\Windows\System32\dxmasf.dll
2008-02-14 13:31 . 2008-02-14 13:31 396,800 --a------ C:\Windows\System32\MPSSVC.dll
2008-02-14 13:31 . 2008-02-14 13:31 392,192 --a------ C:\Windows\System32\FirewallAPI.dll
2008-02-14 13:31 . 2008-02-14 13:31 178,688 --a------ C:\Windows\System32\iphlpsvc.dll
2008-02-14 13:31 . 2008-02-14 13:31 86,016 --a------ C:\Windows\System32\icfupgd.dll
2008-02-14 13:31 . 2008-02-14 13:31 63,488 --a------ C:\Windows\System32\drivers\mpsdrv.sys
2008-02-14 13:31 . 2008-02-14 13:31 61,952 --a------ C:\Windows\System32\cmifw.dll
2008-02-14 13:31 . 2008-02-14 13:31 23,040 --a------ C:\Windows\System32\drivers\tunnel.sys
2008-02-14 13:31 . 2008-02-14 13:31 16,896 --a------ C:\Windows\System32\wfapigp.dll
2008-02-14 13:31 . 2008-02-14 13:31 15,360 --a------ C:\Windows\System32\drivers\TUNMP.SYS
2008-02-14 13:30 . 2008-02-14 13:30 3,504,696 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-02-14 13:30 . 2008-02-14 13:30 3,470,392 --a------ C:\Windows\System32\ntoskrnl.exe
2008-02-14 13:30 . 2008-02-14 13:30 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
2008-02-14 13:30 . 2008-02-14 13:30 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys
2008-02-14 13:30 . 2008-02-14 13:30 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-02-14 13:30 . 2008-02-14 13:30 109,624 --a------ C:\Windows\System32\drivers\ataport.sys
2008-02-14 13:30 . 2008-02-14 13:30 104,448 --a------ C:\Windows\System32\DWWIN.EXE
2008-02-14 13:30 . 2008-02-14 13:30 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
2008-02-14 13:30 . 2008-02-14 13:30 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
2008-02-14 13:30 . 2008-02-14 13:30 17,464 --a------ C:\Windows\System32\drivers\intelide.sys
2008-02-14 13:29 . 2008-02-14 13:29 1,191,936 --a------ C:\Windows\System32\msxml3.dll
2008-02-14 13:29 . 2008-02-14 13:29 337,408 --a------ C:\Windows\System32\intl.cpl

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-14 12:53 174 --sha-w C:\Program Files\desktop.ini
2008-02-14 12:47 --------- d-----w C:\Program Files\Windows Sidebar
2008-02-14 12:47 --------- d-----w C:\Program Files\Windows Mail
2008-02-14 12:47 --------- d-----w C:\Program Files\Windows Defender
2008-02-14 12:47 --------- d-----w C:\Program Files\Windows Calendar
2008-02-14 12:39 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2008-02-14 12:39 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2008-02-14 12:39 542,720 ----a-w C:\Windows\System32\sysmain.dll
2008-02-14 12:39 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2008-02-14 12:39 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2008-02-14 12:39 297,984 ----a-w C:\Windows\System32\wlansec.dll
2008-02-14 12:39 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2008-02-14 12:39 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
2008-02-14 12:39 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2008-02-14 12:39 2,923,520 ----a-w C:\Windows\explorer.exe
2008-02-14 12:39 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2008-02-14 12:26 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2008-02-14 12:26 57,856 ----a-w C:\Windows\System32\SLUINotify.dll
2008-02-14 12:26 566,784 ----a-w C:\Windows\System32\SLCommDlg.dll
2008-02-14 12:26 39,936 ----a-w C:\Windows\System32\slcinst.dll
2008-02-14 12:26 351,232 ----a-w C:\Windows\System32\SLUI.exe
2008-02-14 12:26 33,280 ----a-w C:\Windows\System32\slwmi.dll
2008-02-14 12:26 268,288 ----a-w C:\Windows\System32\mcbuilder.exe
2008-02-14 12:26 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2008-02-14 12:26 223,232 ----a-w C:\Windows\System32\SLC.dll
2008-02-14 12:26 2,605,568 ----a-w C:\Windows\System32\SLsvc.exe
2008-02-14 12:26 186,368 ----a-w C:\Windows\System32\SLLUA.exe
2008-02-14 12:23 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-14 12:23 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-14 12:23 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-14 12:23 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-14 12:17 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-14 12:17 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-14 12:17 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-14 12:17 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-12 20:38 319,456 ----a-w C:\Windows\DIFxAPI.dll
2008-02-12 19:55 --------- d-sh--w C:\ProgramData\Preferiti
2008-02-12 19:55 --------- d-sh--w C:\ProgramData\Modelli
2008-02-12 19:55 --------- d-sh--w C:\ProgramData\Menu Avvio
2008-02-12 19:55 --------- d-sh--w C:\ProgramData\Documenti
2008-02-12 19:55 --------- d-sh--w C:\ProgramData\Dati applicazioni
2008-02-12 19:55 --------- d-sh--w C:\Program Files\File comuni
2008-02-01 10:17 586,752 ----a-w C:\Windows\WLXPGSS.SCR
.

((((((((((((((((((((((((((((( snapshot_2008-03-11_12.15.56,93 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-11 11:41:08 91,488 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2008-03-11 11:41:08 103,776 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
- 2008-03-10 21:47:27 64,088 ----a-w C:\Windows\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2008-03-11 11:39:57 66,936 ----a-w C:\Windows\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
- 2008-03-10 21:47:26 223,800 ----a-w C:\Windows\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2008-03-11 11:39:43 226,656 ----a-w C:\Windows\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
- 2008-03-11 10:46:46 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-03-12 13:09:31 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2003-07-15 02:13:58 166,456 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\ACCWIZ.DLL
+ 2003-07-14 21:43:20 87,616 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\ADDRPARS.DLL
+ 2003-07-14 21:57:34 38,968 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL
+ 2003-07-14 21:53:06 94,768 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\AW.DLL
+ 2003-07-15 02:14:28 350,264 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\CDLMSO.DLL
+ 2003-07-15 02:18:12 47,160 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\DFUICOM.EXE
+ 2003-07-25 17:57:20 75,832 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\DLGSETP.DLL
+ 2003-07-14 21:56:54 14,904 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\DSITF.DLL
+ 2003-07-14 21:57:14 98,360 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\DSSM.EXE
+ 2003-07-31 14:19:52 131,648 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\ENVELOPE.DLL
+ 2003-08-13 01:34:38 10,073,144 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\EXCEL.EXE
+ 2003-07-14 21:41:44 13,368 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FINDER.EXE
+ 2003-08-03 09:56:16 1,146,184 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FM20.DLL
+ 2003-07-23 22:01:40 1,949,240 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FPCUTL.DLL
+ 2003-07-14 22:36:14 186,424 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FPDTC.DLL
+ 2003-07-14 21:40:12 179,768 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FPERSON.DLL
+ 2003-07-14 21:40:12 165,944 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FPLACE.DLL
+ 2003-07-25 18:00:16 1,157,696 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FPSRVUTL.DLL
+ 2003-07-25 18:14:50 799,288 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FPWEC.DLL
+ 2003-07-14 22:11:42 2,139,192 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\GRAPH.EXE
+ 2003-07-14 21:57:44 87,096 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\IEAWSDC.DLL
+ 2003-07-14 21:53:50 161,336 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\IETAG.DLL
+ 2003-07-23 21:32:32 121,400 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\IMPMAIL.DLL
+ 2003-08-01 14:07:36 4,815,424 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\INFOPATH.EXE
+ 2003-07-14 21:45:14 58,944 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\INLAUNCH.DLL
+ 2003-06-18 16:31:44 758,784 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MDIGRAPH.DLL
+ 2003-06-18 16:31:10 252,928 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MDIINK.DLL
+ 2003-06-18 16:31:48 17,920 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MDIMON.DLL
+ 2003-06-18 16:31:48 18,944 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MDIPPR.DLL
+ 2003-06-18 16:31:46 35,328 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MDIUI.DLL
+ 2003-06-18 16:31:34 443,904 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MDIVWCTL.DLL
+ 2003-07-14 21:46:08 176,696 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MIMEDIR.DLL
+ 2003-08-14 23:54:08 6,627,392 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSACCESS.EXE
+ 2003-07-15 02:13:58 130,112 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSAEXP30.DLL
+ 2003-07-14 21:58:04 230,968 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSCDM.DLL
+ 2003-07-14 21:51:50 116,288 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSCONV97.DLL
+ 2002-12-17 18:08:50 359,600 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSDMENG.DLL
+ 2002-12-17 18:08:54 1,383,592 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSDMINE.DLL
+ 2003-07-14 21:51:44 87,104 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL
+ 2003-07-15 02:14:00 139,328 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSJSPP40.DLL
+ 2003-07-14 21:52:52 17,464 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSMH.DLL
+ 2003-08-07 23:23:16 12,172,336 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSO.DLL
+ 2003-07-14 21:57:16 120,888 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOAUTH.DLL
+ 2003-07-15 02:14:18 106,552 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOCF.DLL
+ 2003-07-23 21:35:26 127,032 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOCFU.DLL
+ 2003-07-14 21:52:52 27,704 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL
+ 2003-07-14 21:44:06 25,144 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOEURO.DLL
+ 2003-07-14 21:52:56 55,360 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE
+ 2002-12-17 18:09:24 2,071,752 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOLAP80.DLL
+ 2003-07-11 01:15:48 1,292,872 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSONSEXT.DLL
+ 2003-07-15 02:18:52 376,888 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSORUN.DLL
+ 2003-07-14 21:52:54 28,224 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL
+ 2003-07-14 21:52:52 35,896 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL
+ 2003-07-14 21:53:20 39,488 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOSVFBR.DLL
+ 2003-07-14 21:46:16 42,040 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL
+ 2003-07-14 21:45:12 55,360 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE
+ 2003-07-14 21:45:12 39,488 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL
+ 2003-06-18 16:31:24 1,033,216 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSPCORE.DLL
+ 2003-06-18 16:31:50 16,384 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSPGIMME.DLL
+ 2003-07-28 11:24:40 5,677,112 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSPUB.EXE
+ 2003-06-19 15:05:50 364,648 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSPVIEW.EXE
+ 2003-07-14 21:52:58 41,528 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSSH.DLL
+ 2003-07-14 22:02:14 627,256 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSTORDB.EXE
+ 2003-07-14 21:56:24 124,984 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSTORE.EXE
+ 2003-07-23 21:40:00 482,872 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSTORES.DLL
+ 2003-07-14 22:00:54 145,984 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSWEBCAP.DLL
+ 2003-07-14 21:57:10 56,888 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\NAME.DLL
+ 2003-07-14 21:56:52 13,888 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL
+ 2008-03-10 21:47:26 223,800 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OFFICE.DLL
+ 2003-07-15 02:14:26 283,696 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OIS.EXE
+ 2003-07-15 02:14:26 828,472 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OISAPP.DLL
+ 2003-07-15 02:14:26 27,192 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OISCTRL.DLL
+ 2003-07-15 02:14:26 242,240 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OISGRAPH.DLL
+ 2003-07-14 22:05:24 1,054,264 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OMFC.DLL
+ 2003-07-14 21:41:56 24,640 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLACCT.DLL
+ 2003-07-14 21:44:34 102,968 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLCTL.DLL
+ 2003-07-07 12:36:00 2,058,343 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLFLTR.DAT
+ 2003-07-08 10:48:00 115,288 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLFLTR.DLL
+ 2003-08-09 22:06:42 7,522,360 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLLIB.DLL
+ 2003-07-14 21:44:32 88,128 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLMIME.DLL
+ 2003-07-14 21:45:18 196,152 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLOOK.EXE
+ 2003-07-14 21:43:48 139,320 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLPH.DLL
+ 2003-07-14 21:43:18 64,056 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLRPC.DLL
+ 2003-07-14 21:43:16 49,208 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLWAB.DLL
+ 2003-08-04 12:19:34 7,330,360 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OWC10.DLL
+ 2003-08-01 14:09:04 8,086,072 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OWC11.DLL
+ 2003-07-30 11:40:40 6,133,312 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\POWERPNT.EXE
+ 2003-07-15 02:18:54 430,136 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PP4X322.DLL
+ 2003-07-15 02:18:44 93,752 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PP7X32.DLL
+ 2003-07-31 14:21:08 1,782,840 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PPTVIEW.EXE
+ 2003-07-14 21:40:26 130,104 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PRTF9.DLL
+ 2003-07-14 21:51:12 604,728 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PTXT9.DLL
+ 2003-07-14 21:50:26 551,480 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PUBCONV.DLL
+ 2003-07-14 21:40:16 51,256 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PUBTRAP.DLL
+ 2003-07-14 21:42:26 37,432 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\RECALL.DLL
+ 2003-05-08 20:54:00 77,824 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL
+ 2003-07-14 21:57:08 40,512 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL
+ 2003-07-14 21:43:30 74,288 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\RM.DLL
+ 2003-07-21 10:46:38 390,712 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\RTFHTML.DLL
+ 2003-07-14 21:44:16 66,616 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\SENDTO.DLL
+ 2003-07-14 21:57:08 58,944 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL
+ 2003-07-14 21:53:14 11,848 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\SMARTTAGINSTALL.EXE
+ 2003-08-06 12:26:18 445,488 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\SOA.DLL
+ 2003-08-03 09:52:32 2,808,376 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\STSLIST.DLL
+ 2003-07-14 22:00:22 99,904 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TRANSMGR.DLL
+ 2003-07-03 14:19:36 2,502,656 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\VBE6.DLL
+ 2008-03-10 21:47:27 64,088 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\VBIDEPIA.DLL
+ 2003-08-06 12:24:20 12,037,688 ----a-r C:\Windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\WINWORD.EXE
- 2008-03-10 21:48:45 593,920 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-03-11 11:42:34 593,920 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-03-10 21:48:45 12,288 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-03-11 11:42:34 12,288 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-03-10 21:48:45 86,016 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-03-11 11:42:34 86,016 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-03-10 21:48:44 135,168 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-03-11 11:42:34 135,168 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-03-10 21:48:45 11,264 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-03-11 11:42:34 11,264 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-03-10 21:48:45 27,136 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-03-11 11:42:34 27,136 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-03-10 21:48:45 4,096 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-03-11 11:42:34 4,096 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-03-10 21:48:45 794,624 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-03-11 11:42:34 794,624 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-03-10 21:48:44 249,856 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-03-11 11:42:34 249,856 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-03-10 21:48:44 61,440 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-03-11 11:42:34 61,440 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-03-10 21:48:45 23,040 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-03-11 11:42:34 23,040 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-03-10 21:48:44 286,720 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-03-11 11:42:34 286,720 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-03-10 21:48:44 409,600 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-03-11 11:42:34 409,600 ----a-r C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-03-11 11:02:04 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat
+ 2008-03-12 13:13:44 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat
- 2008-03-11 10:48:50 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-03-12 13:11:11 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2008-03-11 11:12:54 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat
+ 2008-03-12 13:14:09 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat
- 2008-03-11 10:48:55 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-03-12 13:11:05 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-03-12 13:11:05 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-03-11 11:02:39 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-03-12 13:14:38 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-03-11 11:02:39 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-03-12 13:14:38 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-03-11 11:02:39 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-03-12 13:14:38 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-03-11 11:14:55 16,056,352 --sha-w C:\Windows\System32\drivers\fidbox.dat
+ 2008-03-12 13:10:36 16,228,384 --sha-w C:\Windows\System32\drivers\fidbox.dat
- 2003-08-03 09:56:16 1,146,184 ----a-w C:\Windows\System32\FM20.DLL
+ 2007-06-06 09:53:34 1,195,888 ----a-w C:\Windows\System32\FM20.DLL
- 2003-07-14 21:57:04 32,584 ----a-w C:\Windows\System32\FM20ENU.DLL
+ 2007-03-22 18:17:04 35,440 ----a-w C:\Windows\System32\FM20ENU.DLL
- 2008-03-11 10:47:46 317,944 ----a-w C:\Windows\System32\FNTCACHE.DAT
+ 2008-03-11 20:35:40 317,992 ----a-w C:\Windows\System32\FNTCACHE.DAT
- 2008-03-11 10:54:12 103,726 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-03-12 13:07:40 103,314 ----a-w C:\Windows\System32\perfc009.dat
- 2008-03-11 10:54:12 114,622 ----a-w C:\Windows\System32\perfc010.dat
+ 2008-03-12 13:07:40 114,244 ----a-w C:\Windows\System32\perfc010.dat
- 2008-03-11 10:54:12 609,944 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-03-12 13:07:40 609,532 ----a-w C:\Windows\System32\perfh009.dat
- 2008-03-11 10:54:12 682,184 ----a-w C:\Windows\System32\perfh010.dat
+ 2008-03-12 13:07:40 681,436 ----a-w C:\Windows\System32\perfh010.dat
- 2003-06-18 16:31:44 758,784 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\mdigraph.dll
+ 2007-04-09 12:24:04 758,664 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\mdigraph.dll
- 2003-06-18 16:31:46 35,328 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\mdiui.dll
+ 2007-04-09 12:23:58 46,472 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\mdiui.dll
- 2003-06-18 16:31:44 758,784 ----a-w C:\Windows\System32\spool\drivers\w32x86\mdigraph.dll
+ 2007-04-09 12:24:04 758,664 ----a-w C:\Windows\System32\spool\drivers\w32x86\mdigraph.dll
- 2003-06-18 16:31:46 35,328 ----a-w C:\Windows\System32\spool\drivers\w32x86\mdiui.dll
+ 2007-04-09 12:23:58 46,472 ----a-w C:\Windows\System32\spool\drivers\w32x86\mdiui.dll
- 2003-06-18 16:31:48 18,944 ----a-w C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll
+ 2007-04-09 12:23:54 28,552 ----a-w C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll
- 2008-03-11 10:48:59 6,608 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-263181467-2291978797-3713521793-1000_UserData.bin
+ 2008-03-12 13:11:33 6,720 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-263181467-2291978797-3713521793-1000_UserData.bin
- 2008-03-11 10:48:59 54,996 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-03-12 13:11:33 55,348 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-03-10 21:14:44 29,644 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-03-12 13:11:30 29,724 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-02-14 13:23 1232896]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 15:35 202024]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"Camfrog"="C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" [2003-09-29 07:22 36352]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-18 12:42 68856]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"burn army"="C:\ProgramData\Liesintraintra.aouen5v" [2008-03-08 12:32 28688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-02-14 13:36 1006264]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2007-01-29 23:02 200768]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]
"GeKo PreSeNTs: Windows Vista Ultimate Crack"="G:\vista\Crack + Guida & Utility\Crack Windows Vista\Windows Vista Ultimate Crack.exe" [ ]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 15:38 4390912 C:\Windows\RtHDVCpl.exe]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-04-19 18:11 151552]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 16:16 65536]
"AliceRV_McciTrayApp"="C:\Program Files\Alice ti aiuta\McciTrayApp.exe" [2007-01-23 16:43 1001472]
"CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-04-03 17:00 644696]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 17:50 1603152]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-28 01:59 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-28 01:59 8473120]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-28 01:59 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-03-06 15:02 185896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-02-18 12:42:26 125624]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2008-02-22 12:10:42 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~2\KASPER~1\KASPER~1.0\r3hook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{88338174-9FB5-4E1A-83CC-372FB368FFF9}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
"{B3DEC3A7-D6EA-467F-A680-6B36D8514603}"= UDP:C:\Program Files\DNA\btdna.exe:DNA
"{0C9AA10E-DD1C-4410-965C-D1FFF52C4ED8}"= TCP:C:\Program Files\DNA\btdna.exe:DNA
"{3DDDF40D-E1A4-4FA2-B9DE-229883862C0C}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{5AAF1FE2-1A6C-4E8E-9D33-0E86231DC317}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{CAF7786C-829C-4420-9C00-28FD91520C82}C:\program files\tvuplayer\tvuplayer.exe"= UDP:C:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component|Desc=TVUPlayer Component
"UDP Query User{0F66C552-8A05-4C91-8474-373322C0EEDD}C:\program files\tvuplayer\tvuplayer.exe"= TCP:C:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component|Desc=TVUPlayer Component

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2007-01-25 19:33]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2006-12-27 16:53]
R3 PAC207;Trust WB-1400T Webcam;C:\Windows\system32\DRIVERS\PFC027.SYS [2007-05-14 10:26]
S2 TimerStop;TimerStop;C:\Windows\system32\timerstop.sys [2007-01-15 19:24]

.
Contenuto della cartella 'Scheduled Tasks'
"2008-02-13 21:25:45 C:\Windows\Tasks\Verifica aggiornamenti per Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-12 14:15:06
Windows 6.0.6000 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2008-03-12 14.16.24
ComboFix-quarantined-files.txt 2008-03-12 13:16:20
ComboFix2.txt 2008-03-11 11:16:35
ComboFix3.txt 2008-03-10 20:54:12
.
2008-03-11 11:42:35 --- E O F ---
ansione di comboFix:

[Sante62]

Bene, adesso fai la scansione con GMER
Ricorda che i log di GMER sono due: Autostart e Rootkit. Postali su www.freefilehosting.net come indicato quì

[Leonida]

Per Sante62:questo e il link di rootkit
Rootkit scan.txt

[Leonida]

Per Sante62 questo e il link di Autostart:
Autostart scan1.txt

[Sante62]

Ok, i log di GMER non presentano nulla di strano...

adesso fai questa scansioni online:

Kaspersky online scanner
Quando sta scaricando i file necessari, disattiva momentaneamente l'antivirus. Non appena inizia la scansione del PC disconnettiti da internet.
Alla fine carica il risultato su www.freefilehosting.net, riportando quì il link che ti viene assegnato come indicato quì

Alla fine posta anche un log di Hijackthis...

[Leonida]

rapporto Kaspersky: Rapporto Kasperski1.html

[Sante62]

Il log di Kasasper è di zero byte;

quindi dovresti ripostarlo....

[Leonida]

Rapporto.html

[Sante62]

E' sempre di zero byte;

controlla cprima che ci siano i file, altrimenti rifai la scansione...