RikyToro ha scritto:
treniel segui passo passo questa procedura e postaci alla fine tutti i log richiesti:
informatica-ed-internet-virus/procedura-per-ripulire-un-pc-infetto-t21749.html Eccovi come da richiesta i log dopo la scansione...ho fatto tutta la procedura richiesta...
spero possiate aiutarmi
Codice:
Malwarebytes' Anti-Malware 1.42
Versione del database: 3328
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18828
09.12.2009 14:50:01
mbam-log-2009-12-09 (14-50-01).txt
Tipo di scansione: Scansione completa (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)
Elementi scansionati: 326280
Tempo trascorso: 54 minute(s), 52 second(s)
Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0
Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)
Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)
Chiavi di registro infette:
(Nessun elemento malevolo rilevato)
Valori di registro infetti:
(Nessun elemento malevolo rilevato)
Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)
Cartelle infette:
(Nessun elemento malevolo rilevato)
File infetti:
(Nessun elemento malevolo rilevato)
Codice:
ComboFix 09-11-16.03 - treniel 09.12.2009 14:53..2 - FAT32x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.41.1040.18.2046.885 [GMT 1:00]
Eseguito da: c:\users\treniel\Downloads\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
- MODALITÀ CON FUNZIONALITÀ RIDOTTE -
.
((((((((((((((((((((((((( Files Creati Da 2009-11-09 al 2009-12-09 )))))))))))))))))))))))))))))))))))
.
2009-12-09 13:55 . 2009-12-09 13:55 -------- d-----w- c:\users\treniel\AppData\Local\temp
2009-12-09 13:55 . 2009-12-09 13:55 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-09 13:55 . 2009-12-09 13:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-07 11:25 . 2009-12-07 11:25 0 ----a-w- c:\windows\nsreg.dat
2009-11-29 14:14 . 2009-11-29 17:20 -------- d-----w- c:\program files\NVIDIA Corporation
2009-11-29 14:10 . 2009-11-21 02:34 795104 ----a-w- c:\windows\system32\dpinst.exe
2009-11-29 14:10 . 2009-11-21 02:34 76392 ----a-w- c:\windows\system32\OpenCL.dll
2009-11-29 14:10 . 2009-11-21 02:34 11515752 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2009-11-29 14:10 . 2009-11-21 02:34 4001384 ----a-w- c:\windows\system32\nvcuda.dll
2009-11-29 14:10 . 2009-11-21 02:34 2243176 ----a-w- c:\windows\system32\nvcuvid.dll
2009-11-29 14:10 . 2009-11-21 02:34 1989224 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-11-29 14:10 . 2009-11-21 02:34 14064232 ----a-w- c:\windows\system32\nvoglv32.dll
2009-11-29 14:10 . 2009-11-21 02:34 182888 ----a-w- c:\windows\system32\nvcod178.dll
2009-11-29 14:10 . 2009-11-21 02:34 182888 ----a-w- c:\windows\system32\nvcod.dll
2009-11-29 14:10 . 2009-11-21 02:34 1249896 ----a-w- c:\windows\system32\nvapi.dll
2009-11-29 14:10 . 2009-11-21 02:34 11381352 ----a-w- c:\windows\system32\nvcompiler.dll
2009-11-25 14:08 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 13:53 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 13:53 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-24 19:24 . 2009-11-24 19:24 -------- d-----w- c:\programdata\Messenger Plus!
2009-11-24 15:15 . 2009-11-24 15:15 -------- d-----w- c:\program files\Lavalys
2009-11-22 16:26 . 2009-11-22 16:27 4096 d-----w- c:\program files\Windows Live
2009-11-20 19:33 . 2009-11-20 19:33 812648 ----a-w- c:\windows\system32\nvsvc.dll
2009-11-20 19:33 . 2009-11-20 19:33 66664 ----a-w- c:\windows\system32\nvshext.dll
2009-11-20 19:33 . 2009-11-20 19:33 1323624 ----a-w- c:\windows\system32\nvsvcr.dll
2009-11-20 19:33 . 2009-11-20 19:33 12685928 ----a-w- c:\windows\system32\nvcpl.dll
2009-11-20 19:33 . 2009-11-20 19:33 122984 ----a-w- c:\windows\system32\nvvsvc.exe
2009-11-20 19:33 . 2009-11-20 19:33 110184 ----a-w- c:\windows\system32\nvmctray.dll
2009-11-20 14:09 . 2001-10-28 15:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2009-11-20 14:09 . 1998-08-05 06:45 122128 ----a-w- c:\windows\system32\VB6IT.DLL
2009-11-20 14:09 . 1998-08-05 06:45 150528 ----a-w- c:\windows\system32\MSCMCIT.DLL
2009-11-20 14:09 . 1998-08-05 06:45 63488 ----a-w- c:\windows\system32\MSCC2IT.DLL
2009-11-20 14:09 . 2009-11-20 14:10 4096 d-----w- c:\program files\PDFCreator
2009-11-20 14:09 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2009-11-19 23:51 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-11-19 23:51 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-11-19 23:51 . 2008-03-05 14:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2009-11-19 23:51 . 2008-02-05 22:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2009-11-19 23:51 . 2008-03-05 14:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2009-11-19 23:51 . 2007-04-04 17:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2009-11-18 23:43 . 2009-11-22 16:55 4096 d-----w- c:\program files\SystemRequirementsLab
2009-11-18 23:43 . 2009-11-20 19:55 -------- d-----w- c:\users\treniel\SystemRequirementsLab
2009-11-17 12:09 . 2009-11-17 12:09 -------- d-----w- c:\users\treniel\AppData\Roaming\Template
2009-11-11 23:33 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-11-11 23:33 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-10 12:43 . 2006-02-07 15:23 408064 ----a-w- c:\windows\system32\drivers\CPWGU.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-09 12:26 . 2009-03-05 04:55 670772 ----a-w- c:\windows\system32\perfh010.dat
2009-12-09 12:26 . 2009-03-05 04:55 123414 ----a-w- c:\windows\system32\perfc010.dat
2009-12-09 12:22 . 2009-03-24 16:55 117760 ----a-w- c:\users\treniel\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-12-09 12:22 . 2009-11-29 17:24 35085 ----a-w- c:\programdata\nvModes.dat
2009-12-09 12:17 . 2009-03-04 20:51 4096 d-----w- c:\programdata\Sonic
2009-12-09 12:17 . 2009-03-24 19:57 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-09 12:16 . 2009-05-19 14:24 12 ----a-w- c:\windows\bthservsdp.dat
2009-12-09 12:15 . 2009-05-03 21:48 4844296 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-12-08 23:26 . 2009-07-18 15:09 49152 d-----w- c:\program files\LogMeIn
2009-12-07 14:51 . 2009-09-17 19:20 4096 d-----w- c:\users\treniel\AppData\Roaming\vlc
2009-12-03 15:14 . 2009-03-24 19:57 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 15:13 . 2009-03-24 19:57 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-02 00:25 . 2009-03-04 21:02 4096 d-----w- c:\program files\Google
2009-12-02 00:21 . 2009-03-04 20:54 8192 d-----w- c:\program files\Common Files\Adobe
2009-11-29 17:24 . 2009-03-05 17:43 -------- d-----w- c:\programdata\NVIDIA
2009-11-29 14:28 . 2009-03-11 12:43 1356 ----a-w- c:\users\treniel\AppData\Local\d3d9caps.dat
2009-11-27 00:07 . 2009-03-29 15:21 -------- d-----w- c:\programdata\FLEXnet
2009-11-24 14:25 . 2009-03-10 17:58 4096 d-----w- c:\program files\Messenger Plus! Live
2009-11-21 02:34 . 2009-11-29 14:10 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2009-11-21 02:34 . 2009-03-04 20:37 592488 ----a-w- c:\windows\system32\nvudisp.exe
2009-11-21 02:34 . 2009-03-04 20:37 9333352 ----a-w- c:\windows\system32\nvd3dum.dll
2009-11-20 14:07 . 2009-11-17 13:30 77677794 ----a-w- c:\windows\system32\~.tmp
2009-11-20 13:57 . 2009-03-10 16:09 20480 d-----w- c:\users\treniel\AppData\Roaming\uTorrent
2009-11-19 20:42 . 2009-03-04 20:37 592488 ----a-w- c:\windows\system32\nvuninst.exe
2009-11-12 13:14 . 2009-03-07 14:07 4096 d-----w- c:\program files\SUPERAntiSpyware
2009-11-12 13:04 . 2009-03-07 14:06 4096 d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-12 00:08 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-11-11 23:46 . 2009-03-14 13:07 12288 d-----w- c:\programdata\Microsoft Help
2009-11-10 12:44 . 2009-03-04 20:39 4096 d--h--w- c:\program files\InstallShield Installation Information
2009-11-10 12:42 . 2009-03-11 10:59 -------- d-----w- c:\program files\Philips
2009-11-10 11:27 . 2009-05-29 18:46 4096 d-----w- c:\program files\Java
2009-11-09 16:03 . 2009-07-22 11:01 -------- d-----w- c:\program files\KONAMI
2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- c:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll
2009-11-02 19:42 . 2009-10-02 23:33 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-02 17:05 . 2009-11-02 17:05 167064 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-02 17:05 . 2009-11-02 17:05 71832 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-02 13:48 . 2009-11-02 13:48 -------- d-----w- c:\users\treniel\AppData\Roaming\CyberInstaller Studio 2008
2009-10-28 15:21 . 2009-10-28 15:21 -------- d-----w- c:\program files\Windows Portable Devices
2009-10-28 15:21 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-10-28 15:21 . 2009-10-28 15:21 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-10-28 15:20 . 2009-10-28 15:20 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-10-27 20:36 . 2009-10-27 20:36 -------- d-----w- c:\programdata\WindowsSearch
2009-10-26 18:37 . 2009-10-26 18:37 -------- d-----w- c:\program files\CCleaner
2009-10-21 09:50 . 2009-03-04 22:09 -------- d-----w- c:\users\treniel\AppData\Roaming\Hewlett-Packard
2009-10-21 09:50 . 2009-03-04 20:26 4096 d-----w- c:\program files\Hewlett-Packard
2009-10-19 11:45 . 2009-08-30 11:40 4096 d-----w- c:\users\treniel\AppData\Roaming\HpUpdate
2009-10-14 10:22 . 2009-03-04 20:56 24576 d-----w- c:\program files\Microsoft Works
2009-10-12 16:26 . 2009-10-12 16:26 -------- d--h--r- c:\users\treniel\AppData\Roaming\SecuROM
2009-10-12 16:04 . 2009-10-12 16:03 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-10-12 15:22 . 2009-03-04 21:12 -------- d-----w- c:\programdata\Hewlett-Packard
2009-10-11 22:42 . 2009-10-11 16:27 4096 d-----w- c:\users\treniel\AppData\Roaming\dvdcss
2009-10-11 03:17 . 2009-03-16 16:31 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-08 21:08 . 2009-10-28 15:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-10-28 15:15 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-10-28 15:15 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-01 23:29 . 2009-07-18 15:10 83288 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2009-10-01 23:29 . 2009-07-18 15:10 28984 ----a-w- c:\windows\system32\LMIport.dll
2009-10-01 23:29 . 2009-07-18 15:10 87352 ----a-w- c:\windows\system32\LMIinit.dll
2009-10-01 01:02 . 2009-10-28 15:16 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-10-28 15:16 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-10-28 15:16 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-10-28 15:16 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-10-28 15:16 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-10-28 15:16 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-10-28 15:16 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-10-28 15:16 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-10-28 15:16 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-10-28 15:16 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-10-28 15:16 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-10-28 15:16 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-10-01 01:01 . 2009-10-28 15:16 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 01:01 . 2009-10-28 15:16 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-01 01:01 . 2009-10-28 15:16 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01 . 2009-10-28 15:16 33280 ----a-w- c:\windows\system32\WpdConns.dll
2009-09-27 15:12 . 2009-09-27 15:12 170600 ----a-w- c:\windows\system32\nvcod167.dll
2009-09-25 02:10 . 2009-10-28 15:17 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-10-28 15:17 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-10-28 15:17 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-10-28 15:17 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-10-28 15:17 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-10-28 15:17 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-10-28 15:17 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-10-28 15:17 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-10-28 15:17 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:33 . 2009-10-28 15:17 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-09-25 01:33 . 2009-10-28 15:17 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-09-25 01:32 . 2009-10-28 15:17 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-10-28 15:17 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-10-28 15:17 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-10-28 15:17 161280 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-10-28 15:17 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-10-28 15:17 1030144 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-10-28 15:17 828928 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-10-28 15:17 190464 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:30 . 2009-10-28 15:17 481792 ----a-w- c:\windows\system32\dxgi.dll
2009-09-25 01:27 . 2009-10-28 15:17 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-09-25 01:27 . 2009-10-28 15:17 37888 ----a-w- c:\windows\system32\cdd.dll
2009-09-25 01:27 . 2009-10-28 15:17 793088 ----a-w- c:\windows\system32\FntCache.dll
2009-09-25 01:27 . 2009-10-28 15:17 1064448 ----a-w- c:\windows\system32\DWrite.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-11-15_21.39.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-25 14:08 . 2009-10-29 09:26 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.22254_none_17855e4d1ffaeb7e\tzupd.exe
+ 2009-03-05 01:17 . 2009-03-05 01:17 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18132_none_170f60c606cee124\tzupd.exe
+ 2009-11-25 14:08 . 2009-10-29 09:44 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22552_none_159cebd122d663ac\tzupd.exe
+ 2009-03-05 01:17 . 2009-03-05 01:17 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18351_none_15124cd609b9ad64\tzupd.exe
+ 2009-11-25 14:08 . 2009-10-29 09:36 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.21150_none_13b482d325b1d628\tzupd.exe
+ 2009-11-25 14:08 . 2009-10-29 09:51 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16947_none_133cdfd80c85988c\tzupd.exe
+ 2009-03-04 20:26 . 2009-12-09 11:53 59022 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-12-09 12:23 94882 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-03-04 22:08 . 2009-12-09 12:23 13890 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1219927171-4085270636-3201153525-1000_UserData.bin
+ 2009-07-26 15:44 . 2009-07-26 15:44 48448 c:\windows\System32\sirenacm.dll
- 2009-07-26 14:44 . 2009-07-26 14:44 48448 c:\windows\System32\sirenacm.dll
+ 2009-11-29 14:10 . 2009-11-21 02:34 76392 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\OpenCL.dll
- 2009-03-04 22:05 . 2009-11-15 21:16 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-03-04 22:05 . 2009-12-09 12:21 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-03-04 22:05 . 2009-11-15 21:16 65536 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-04 22:05 . 2009-12-09 12:21 65536 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-04 22:05 . 2009-12-09 12:21 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-03-04 22:05 . 2009-11-15 21:16 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-05-26 22:09 . 2009-12-09 12:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-05-26 22:09 . 2009-11-02 19:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-05-26 22:09 . 2009-11-02 19:00 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-05-26 22:09 . 2009-12-09 12:21 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-05-26 22:09 . 2009-12-09 12:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-05-26 22:09 . 2009-11-02 19:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-22 16:27 . 2009-11-22 16:27 22016 c:\windows\Installer\6f413.msi
+ 2009-11-22 16:26 . 2009-11-22 16:26 27136 c:\windows\Installer\6f406.msi
+ 2009-11-22 16:26 . 2009-11-22 16:26 58880 c:\windows\Installer\6f3fa.msi
+ 2009-11-25 14:08 . 2009-11-25 14:08 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
- 2009-10-06 14:58 . 2009-10-06 14:58 58945 c:\windows\Installer\{E31A24A7-CF73-42B7-8FA1-26644296C9E3}\wlmail.exe
+ 2009-11-22 16:27 . 2009-11-22 16:27 58945 c:\windows\Installer\{E31A24A7-CF73-42B7-8FA1-26644296C9E3}\wlmail.exe
+ 2009-11-22 16:27 . 2009-11-22 16:27 80395 c:\windows\Installer\{E0ABA486-A39B-4B96-BD80-757396151079}\MsblIco.Exe
- 2009-10-06 14:57 . 2009-10-06 14:57 80395 c:\windows\Installer\{E0ABA486-A39B-4B96-BD80-757396151079}\MsblIco.Exe
+ 2009-12-02 00:26 . 2009-12-02 00:26 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2009-12-02 00:26 . 2009-12-02 00:26 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-12-02 00:26 . 2009-12-02 00:26 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-12-02 00:26 . 2009-12-02 00:26 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-12-02 00:26 . 2009-12-02 00:26 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-12-02 00:26 . 2009-12-02 00:26 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-12-02 00:26 . 2009-12-02 00:26 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\ARPPRODUCTICON.exe
- 2009-03-05 00:29 . 2009-03-05 00:29 62304 c:\windows\Installer\{49C77D21-F91F-4296-B7DF-19C5FF51AF4D}\IconWlc.exe
+ 2009-11-22 16:26 . 2009-11-22 16:26 62304 c:\windows\Installer\{49C77D21-F91F-4296-B7DF-19C5FF51AF4D}\IconWlc.exe
+ 2008-10-15 00:04 . 2008-10-15 00:04 39792 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7448A3100000030\8.1.3\reader_sl.exe
+ 2008-10-14 20:33 . 2008-10-14 20:33 95600 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7448A3100000030\8.1.3\nppdf32.dll
+ 2006-10-22 22:29 . 2006-10-22 22:29 14456 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7448A3100000030\8.1.3\AcroRd32Info.exe
- 2006-11-02 10:25 . 2009-11-12 12:31 51200 c:\windows\inf\infpub.dat
+ 2006-11-02 10:25 . 2009-12-02 11:52 51200 c:\windows\inf\infpub.dat
+ 2009-11-25 13:53 . 2009-08-11 16:58 2048 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6002.22196_none_8a82c317ad5def05\msxml6r.dll
+ 2009-03-05 00:29 . 2009-03-05 00:29 2048 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6002.18087_none_8a04f68294374ca1\msxml6r.dll
+ 2009-11-25 13:53 . 2009-08-11 17:04 2048 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.22492_none_88985007b03b3485\msxml6r.dll
+ 2009-03-05 00:29 . 2009-03-05 00:29 2048 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.18306_none_887403b096d0fe9e\msxml6r.dll
+ 2009-11-25 13:53 . 2009-08-10 12:51 2048 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.21103_none_87143919b2caf4b4\msxml6r.dll
+ 2009-11-25 13:53 . 2009-08-10 13:05 2048 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16903_none_868ac42c99ad21a8\msxml6r.dll
+ 2009-11-25 13:53 . 2009-08-11 16:58 2048 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6002.22196_none_8a83076fad5da222\msxml3r.dll
+ 2009-03-05 01:21 . 2009-03-05 01:21 2048 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6002.18087_none_8a053ada9436ffbe\msxml3r.dll
+ 2009-11-25 13:53 . 2009-08-11 17:04 2048 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.22492_none_8898945fb03ae7a2\msxml3r.dll
+ 2009-03-05 01:21 . 2009-03-05 01:21 2048 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.18306_none_8874480896d0b1bb\msxml3r.dll
+ 2009-11-25 13:53 . 2009-08-10 12:51 2048 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.21103_none_87147d71b2caa7d1\msxml3r.dll
+ 2009-11-25 13:53 . 2009-08-10 13:05 2048 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16903_none_868b088499acd4c5\msxml3r.dll
+ 2009-11-25 14:08 . 2009-10-29 09:26 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.22254_none_17855e4d1ffaeb7e\tzres.dll
+ 2009-11-25 14:08 . 2009-10-29 09:17 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18132_none_170f60c606cee124\tzres.dll
+ 2009-11-25 14:08 . 2009-10-29 09:44 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22552_none_159cebd122d663ac\tzres.dll
+ 2009-11-25 14:08 . 2009-10-29 09:41 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18351_none_15124cd609b9ad64\tzres.dll
+ 2009-11-25 14:08 . 2009-10-29 07:55 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.21150_none_13b482d325b1d628\tzres.dll
+ 2009-11-25 14:08 . 2009-10-29 07:59 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16947_none_133cdfd80c85988c\tzres.dll
+ 2009-03-04 23:20 . 2009-12-08 23:42 4534 c:\windows\System32\WDI\ERCQueuedResolutions.dat
- 2009-11-15 21:16 . 2009-11-15 21:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-12-09 12:17 . 2009-12-09 12:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-12-09 12:17 . 2009-12-09 12:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-11-15 21:16 . 2009-11-15 21:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-11-17 14:20 . 2009-11-17 14:20 655872 c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30304.0_none_d9c474bda3593bfa\msvcr90.dll
+ 2009-11-17 14:20 . 2009-11-17 14:20 572928 c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30304.0_none_d9c474bda3593bfa\msvcp90.dll
+ 2009-11-17 14:20 . 2009-11-17 14:20 225280 c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30304.0_none_d9c474bda3593bfa\msvcm90.dll
+ 2009-03-10 10:23 . 2009-12-08 23:26 490180 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
- 2009-09-24 22:21 . 2005-06-25 11:16 480256 c:\windows\System32\spool\drivers\w32x86\3\PSCRIPT5.DLL
+ 2009-09-24 22:21 . 2005-06-25 12:16 480256 c:\windows\System32\spool\drivers\w32x86\3\PSCRIPT5.DLL
+ 2009-09-24 22:21 . 2005-06-25 12:16 138240 c:\windows\System32\spool\drivers\w32x86\3\PS5UI.DLL
- 2009-09-24 22:21 . 2005-06-25 11:16 138240 c:\windows\System32\spool\drivers\w32x86\3\PS5UI.DLL
- 2006-11-02 10:33 . 2009-11-15 21:20 595144 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-12-09 12:26 595144 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-11-15 21:20 104346 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-12-09 12:26 104346 c:\windows\System32\perfc009.dat
+ 2009-11-29 14:10 . 2009-11-21 02:34 592488 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\nvudisp.exe
+ 2009-11-29 14:10 . 2009-11-21 02:34 289384 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\nvdecodemft.dll
+ 2009-11-29 14:10 . 2009-11-21 02:34 182888 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\nvcod.dll
+ 2009-11-29 14:10 . 2009-11-21 02:34 795104 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\dpinst.exe
+ 2009-09-27 15:12 . 2009-09-27 15:12 490088 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_73d6d35c\nvudisp.exe
+ 2009-09-27 15:12 . 2009-09-27 15:12 273000 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_73d6d35c\nvdecodemft.dll
+ 2009-09-27 15:12 . 2009-09-27 15:12 170600 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_73d6d35c\nvcod.dll
+ 2009-09-27 15:12 . 2009-09-27 15:12 795104 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_73d6d35c\dpinst.exe
+ 2009-04-29 20:09 . 2009-11-27 14:32 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-04-29 20:09 . 2009-11-14 10:40 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-11-22 16:27 . 2009-11-22 16:27 763904 c:\windows\Installer\6f419.msi
+ 2009-11-22 16:27 . 2009-11-22 16:27 430080 c:\windows\Installer\6f40d.msi
+ 2009-11-22 16:26 . 2009-11-22 16:26 152576 c:\windows\Installer\6f400.msi
+ 2009-11-22 16:26 . 2009-11-22 16:26 107008 c:\windows\Installer\6f3f4.msi
+ 2009-11-19 23:51 . 2009-11-19 23:51 847872 c:\windows\Installer\25961a0.msi
+ 2009-11-19 23:51 . 2009-11-19 23:51 752128 c:\windows\Installer\2596157.msi
+ 2009-11-25 14:08 . 2009-11-25 14:08 429568 c:\windows\Installer\1659e8.msi
- 2009-03-08 20:41 . 2009-10-07 10:33 295606 c:\windows\Installer\{AC76BA86-7AD7-1040-7B44-A81300000003}\SC_Reader.exe
+ 2009-03-08 20:41 . 2009-12-02 00:22 295606 c:\windows\Installer\{AC76BA86-7AD7-1040-7B44-A81300000003}\SC_Reader.exe
+ 2007-04-15 20:56 . 2007-04-15 20:56 389120 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7448A3100000030\8.1.3\AdobeXMP.dll
+ 2007-05-11 02:06 . 2007-05-11 02:06 341616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7448A3100000030\8.1.3\AcroRd32.exe
+ 2008-10-14 20:29 . 2008-10-14 20:29 632168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7448A3100000030\8.1.3\AcroPDF.dll
- 2006-11-02 10:25 . 2009-11-12 12:31 143360 c:\windows\inf\infstrng.dat
+ 2006-11-02 10:25 . 2009-12-02 11:52 143360 c:\windows\inf\infstrng.dat
- 2006-11-02 10:25 . 2009-11-12 12:31 143360 c:\windows\inf\infstor.dat
+ 2006-11-02 10:25 . 2009-11-29 17:18 143360 c:\windows\inf\infstor.dat
+ 2009-11-25 14:08 . 2009-11-25 14:08 1348432 c:\windows\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_b7e610287b2b4ea5\msxml4.dll
+ 2009-11-25 13:53 . 2009-08-11 16:58 1401856 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6002.22196_none_8a82c317ad5def05\msxml6.dll
+ 2009-11-25 13:53 . 2009-08-11 16:44 1401856 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6002.18087_none_8a04f68294374ca1\msxml6.dll
+ 2009-11-25 13:53 . 2009-08-11 15:26 1401344 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.22492_none_88985007b03b3485\msxml6.dll
+ 2009-11-25 13:53 . 2009-08-10 11:01 1399296 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.18306_none_887403b096d0fe9e\msxml6.dll
+ 2009-11-25 13:53 . 2009-08-10 12:51 1409536 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.21103_none_87143919b2caf4b4\msxml6.dll
+ 2009-11-25 13:53 . 2009-08-10 13:05 1406464 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16903_none_868ac42c99ad21a8\msxml6.dll
+ 2009-11-25 13:53 . 2009-08-11 16:58 1248768 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6002.22196_none_8a83076fad5da222\msxml3.dll
+ 2009-11-25 13:53 . 2009-08-11 16:44 1248768 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6002.18087_none_8a053ada9436ffbe\msxml3.dll
+ 2009-11-25 13:53 . 2009-08-11 15:25 1257472 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.22492_none_8898945fb03ae7a2\msxml3.dll
+ 2009-11-25 13:53 . 2009-08-10 11:00 1257472 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.18306_none_8874480896d0b1bb\msxml3.dll
+ 2009-11-25 13:53 . 2009-08-10 12:51 1260032 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.21103_none_87147d71b2caa7d1\msxml3.dll
+ 2009-11-25 13:53 . 2009-08-10 13:05 1260032 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16903_none_868b088499acd4c5\msxml3.dll
- 2006-11-02 10:22 . 2009-11-12 12:34 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2006-11-02 10:22 . 2009-11-25 14:10 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-07-20 23:05 . 2009-07-20 23:05 1348432 c:\windows\System32\msxml4.dll
+ 2009-11-29 14:10 . 2009-11-21 02:34 4241000 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\nvwgf2um.dll
+ 2009-11-29 14:10 . 2009-11-21 02:34 4147816 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\nvencodemft.dll
+ 2009-11-29 14:10 . 2009-11-21 02:34 9333352 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\nvd3dum.dll
+ 2009-11-29 14:10 . 2009-11-21 02:34 2243176 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\nvcuvid.dll
+ 2009-11-29 14:10 . 2009-11-21 02:34 1989224 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\nvcuvenc.dll
+ 2009-11-29 14:10 . 2009-11-21 02:34 4001384 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\nvcuda.dll
+ 2009-11-29 14:10 . 2009-11-21 02:34 1249896 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\nvapi.dll
+ 2009-09-27 15:12 . 2009-09-27 15:12 3310184 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_73d6d35c\nvwgf2um.dll
+ 2009-09-27 15:12 . 2009-09-27 15:12 9509832 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_73d6d35c\nvlddmkm.sys
+ 2009-09-27 15:12 . 2009-09-27 15:12 1944168 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_73d6d35c\nvencodemft.dll
+ 2009-09-27 15:12 . 2009-09-27 15:12 7614056 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_73d6d35c\nvd3dum.dll
+ 2009-09-27 15:12 . 2009-09-27 15:12 2169448 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_73d6d35c\nvcuvid.dll
+ 2009-09-27 15:12 . 2009-09-27 15:12 1714792 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_73d6d35c\nvcuvenc.dll
+ 2009-09-27 15:12 . 2009-09-27 15:12 1997416 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_73d6d35c\nvcuda.dll
+ 2009-09-27 15:12 . 2009-09-27 15:12 1074280 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_73d6d35c\nvapi.dll
+ 2009-12-02 00:26 . 2009-12-02 00:26 1258496 c:\windows\Installer\23ac656.msi
+ 2008-10-14 19:55 . 2008-10-14 19:55 1945600 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7448A3100000030\8.1.3\rt3d.dll
+ 2008-10-14 23:35 . 2008-10-14 23:35 4906496 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B7448A3100000030\8.1.3\AGM.dll
+ 2009-11-29 14:10 . 2009-11-21 02:34 14064232 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\nvoglv32.dll
+ 2009-11-29 14:10 . 2009-11-21 02:34 11515752 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\nvlddmkm.sys
+ 2009-11-29 14:10 . 2009-11-21 02:34 38866168 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\NvCplSetupInt.exe
+ 2009-11-29 14:10 . 2009-11-21 02:34 11381352 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_cf846505\nvcompiler.dll
+ 2009-09-27 15:12 . 2009-09-27 15:12 11197032 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_73d6d35c\nvoglv32.dll
+ 2009-09-27 15:12 . 2009-09-27 15:12 39326456 c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_73d6d35c\NvCplSetupInt.exe
+ 2009-12-02 00:21 . 2009-12-02 00:21 33281024 c:\windows\Installer\23ac090.msp
+ 2009-04-29 20:12 . 2009-11-25 14:09 156584581 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-02-17 1830128]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"BigDogPath"="c:\windows\VM_STI.EXE" [2004-06-09 40960]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Nokia FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2009-02-26 2376992]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-10-03 39792]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-15 4874240]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):1f,f7,0c,ca,6a,fb,c9,01
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.02.2009 11:43 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [17.02.2009 11:43 55024]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [24.07.2008 17:46 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\System32\drivers\LMIRfsDriver.sys [18.07.2009 16:10 47640]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [27.02.2009 17:07 185640]
R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30.03.2009 15:28 1533808]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17.02.2009 11:43 7408]
S2 gupdate;Servizio di Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [24.10.2009 12:12 133104]
S2 Roxio Upnp Server 11;Roxio Upnp Server 11;c:\program files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe [13.08.2008 23:25 367088]
S2 RoxLiveShare11;LiveShare P2P Server 11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe [13.08.2008 23:24 309744]
S2 RoxWatch11;Roxio Hard Drive Watcher 11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe [13.08.2008 23:24 170480]
S3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\System32\drivers\athrusb.sys [29.07.2008 03:45 904192]
S3 CPWGU(Philips);Philips SNU5600 Wireless USB Adapter 11b/g(Philips);c:\windows\System32\drivers\CPWGU.sys [10.11.2009 13:43 408064]
S3 FontCache;Servizio cache tipi di carattere Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [05.03.2009 21:06 21504]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;c:\program files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe [13.08.2008 23:25 313840]
S3 RoxMediaDB11;RoxMediaDB11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [04.03.2009 03:58 1122304]
--- Altri Servizi/Drivers In Memoria ---
*Deregistered* - mbr
*Deregistered* - PROCEXP113
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenuto della cartella 'Scheduled Tasks'
2009-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-24 11:12]
2009-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-24 11:12]
.
.
------- Scansione supplementare -------
.
uStart Page = https://secure.logmein.com/home.asp?lang=it
mStart Page = hxxp://it.yahoo.com
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://it.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://it.search.yahoo.com
FF - ProfilePath - c:\users\treniel\AppData\Roaming\Mozilla\Firefox\Profiles\65sedxdw.default\
FF - prefs.js: browser.startup.homepage - hxxp://it.yahoo.com/
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPC6Helper.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-09 14:55
Windows 6.0.6002 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x85E1C1F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\atapi -> 0x85e1b1f8
Warning: possible MBR rootkit infection !
user & kernel MBR OK
Use "Recovery Console" command "fixmbr" to clear infection !
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_USERS\S-1-5-21-1219927171-4085270636-3201153525-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
.
Ora fine scansione: 2009-12-09 14:58
ComboFix-quarantined-files.txt 2009-12-09 13:58
ComboFix2.txt 2009-11-15 21:43
Pre-Run: 40'975'073'280 byte disponibili
Post-Run: 40'934'395'904 byte disponibili
- - End Of File - - 100BFF4BF3017FA1D75A6D6738F59B86
Codice:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:39:35, on 09.12.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\VM_STI.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\hp\kbd\kbd.exe
C:\Windows\Explorer.exe
C:\Windows\system32\conime.exe
C:\Program Files\SUPERAntiSpyware\1885199a-41bf-4a00-8e1a-e928c9ae7f9a.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://secure.logmein.com/home.asp?lang=it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://it.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://it.search.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - Unknown owner - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
--
End of file - 8903 bytes
Forum
Login
Iscriviti
FAQ
Cerca
